fix: avoid logging full FiatOrder on deposit order failure

[AxelGes]

Description

When a deposit order fails to process, the catch block in processDepositOrder was logging the full FiatOrder object to Sentry via Logger.error. This object can contain sensitive payment details (e.g. paymentDetails).

This fix replaces order with order.id in the log context so only the order identifier is sent to Sentry, not the full order payload.

Changelog

CHANGELOG entry: null

Related issues

Fixes: https://consensyssoftware.atlassian.net/jira/software/c/projects/TRAM/boards/1568?assignee=712020%3Aff625c85-a003-41f4-9b73-e2af164f8214&selectedIssue=TRAM-3260

https://github.com/MetaMask/pm-security/issues/583

Manual testing steps

```gherkin
Feature: Deposit order error logging

Scenario: user triggers a deposit order processing failure
Given the user has an in-progress deposit order
When the SDK call to fetch the order fails
Then the error is logged to Sentry with only the order ID
And no sensitive paymentDetails are included in the log
```

Screenshots/Recordings

Before

Logger.error sends the full FiatOrder object (including paymentDetails) to Sentry.

After

Logger.error sends only { message, orderId } to Sentry.

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Low Risk
Low risk: changes only adjust Logger.error context fields and update a unit test, with no impact to order processing or UI behavior.

Overview
Redacts potentially sensitive FiatOrder data from Sentry logs by replacing full order objects with minimal metadata (e.g., orderId, provider, orderType, state, network) in multiple ramp order processing and order-details error paths.

Updates the processOrder unit test to assert the new structured logging payload for unsupported providers.

^{Written by Cursor Bugbot for commit f138be7. This will update automatically on new commits. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[amitabh94]

Can we add other non sensitive details to the order object in the error so that it becomes easy to debug like provider details and may be order link ?

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: SmokeRamps
• Selected Performance tags: None (no tests recommended)
• Risk Level: low
• AI Confidence: 90%

click to see 🤖 AI reasoning details

E2E Test Selection:
The changes are purely logging improvements in the Ramp (buy/sell crypto) functionality. All modifications replace full order objects with specific fields (orderId, provider, orderType, state, network, status) in Logger.error calls across 6 files:

1. OrderDetails.tsx (Aggregator) - Changed order to orderId: order.id
2. aggregator.ts - Changed order to specific fields
3. DepositOrderDetails.tsx - Changed order to orderId: order.id
4. Deposit orderProcessor - Changed order to specific fields
5. Ramp OrderDetails.tsx - Added specific fields to error logging
6. Ramp orderProcessor - Changed order to specific fields
7. Unit test updated to match new logging format

These are non-functional changes that:

• Only affect error logging paths, not happy paths
• Don't modify any business logic or UI
• Have corresponding unit test updates
• Reduce logged data for privacy/security (avoiding logging full order objects)

While the risk is low, selecting SmokeRamps provides confidence that the ramp flows (buy/sell crypto) still work correctly after these changes. The changes don't warrant additional tags like SmokeWalletPlatform since they don't affect wallet home or actions entry points - they only affect internal error logging.

Performance Test Selection:
These changes are purely logging improvements in error handling paths. They don't affect UI rendering, data loading, state management, or any user-facing flows. The changes only modify what gets logged when errors occur, which has no impact on app performance. No performance tests are needed.

View GitHub Actions results

[github-actions]

⚠️ E2E Fixture Validation — Structural changes detected

Category	Count
New keys	60
Missing keys	0
Type mismatches	1
Value mismatches	10 (informational)

The committed fixture schema is out of date. To update, comment:

@metamaskbot update-mobile-fixture

View full details | Download diff report