feat(card): add CardOnboardingStore and CardTokenStore

[Brunonascdev]

Description

Adds two SecureKeychain-backed stores for the Card feature. These stores will be used by the CardController (merged in #27020) to manage auth tokens and onboarding session data.

Why: Card auth tokens already live in SecureKeychain via cardTokenVault.ts, but the API is tightly coupled to a single provider. Onboarding session data (onboardingId, contactVerificationId, consentSetId).

What changed:

• CardTokenStore.ts (~90 lines): SecureKeychain wrapper for auth tokens keyed by provider ID. For the legacy provider, reads from the same keychain scope as cardTokenVault.ts (com.metamask.CARD_BAANX_TOKENS) — zero migration, both old and new code can coexist. New providers get their own scoped keychain entry. Methods: get(providerId), set(providerId, tokenSet), remove(providerId). All errors caught and logged with structured Sentry context.

• CardOnboardingStore.ts (~100 lines): SecureKeychain wrapper for onboarding session data keyed by provider ID. Stores onboardingId, contactVerificationId, consentSetId, and selectedCountry. The set() method merges partial data with existing data (read-modify-write). Scope: com.metamask.CARD_ONBOARDING_{providerId}. Intentionally not populated in this PR — it will only be written to when the new controller code path is active (Phase 1d).

• CardTokenStore.test.ts (151 lines): 8 tests covering retrieval (null, valid, legacy scope, provider-specific scope, invalid data, keychain error), storage (success, failure, error), and removal.

• CardOnboardingStore.test.ts (162 lines): 8 tests covering retrieval (null, merged with defaults, correct scope, error), storage (merge with existing, create from empty, error), and removal.

Important design decision: Neither store is populated during a Redux migration. Onboarding data stays in Redux until the code path switch (Phase 1d), avoiding stale data issues where old code clears Redux via dispatch(resetOnboardingState()) but has no knowledge of the keychain store. Auth tokens already exist in keychain — CardTokenStore reads the same data, no write needed.

Changelog

CHANGELOG entry: null

Related issues

Fixes:

Manual testing steps

Feature: Keychain stores are inert

  Scenario: No user-facing changes
    Given the user is on any screen in the app
    When the app loads
    Then nothing visually changes
    And the Card feature continues to work as before
    And no data is written to CardTokenStore or CardOnboardingStore

  Scenario: Existing card auth tokens are unaffected
    Given the user is authenticated with the Card feature
    When the app updates to this version
    Then the user remains authenticated
    And cardTokenVault.ts continues to read/write tokens as before

Screenshots/Recordings

No UI changes — this is an infrastructure-only PR.

Before

Auth tokens managed by cardTokenVault.ts. Onboarding data in plaintext Redux.

After

CardTokenStore and CardOnboardingStore exist alongside existing code. Neither is actively used yet — they are wired in during Phase 1d (code path switch). Existing behavior is unchanged.

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Low Risk
Additive, self-contained storage wrappers with unit tests; no existing call sites are changed, so runtime impact is limited unless/until these stores are wired into the card flow.

Overview
Adds two new SecureKeychain-backed persistence helpers for the Card feature: CardTokenStore for provider-scoped auth token sets (including legacy Baanx key/scope compatibility) and CardOnboardingStore for provider-scoped onboarding session fields with read-modify-write merging.

Both stores include structured error logging and defensive parsing/validation, plus comprehensive Jest coverage for success paths, scoping, invalid data, and keychain failures.

^{Written by Cursor Bugbot for commit 4721714. This will update automatically on new commits. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

[github-actions]

⚠️ E2E Fixture Validation — Structural changes detected

Category	Count
New keys	68
Missing keys	11
Type mismatches	0
Value mismatches	7 (informational)

The committed fixture schema is out of date. To update, comment:

@metamaskbot update-mobile-fixture

View full details | Download diff report

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: SmokeCard
• Selected Performance tags: None (no tests recommended)
• Risk Level: low
• AI Confidence: 85%

click to see 🤖 AI reasoning details

E2E Test Selection:
This PR adds two new utility store modules (CardOnboardingStore and CardTokenStore) for the Card feature. These are SecureKeychain wrappers for storing Card onboarding session data and auth tokens respectively.

Key observations:

1. New, isolated modules: Both files are brand new additions, not modifications to existing code
2. Not yet integrated: The stores are only imported by their test files - they are not yet wired into CardController or any UI components
3. Additive changes only: No existing code paths are modified
4. Well-tested: Comprehensive unit tests are included (186 lines for CardOnboardingStore.test.ts, 193 lines for CardTokenStore.test.ts)
5. Uses existing infrastructure: Relies on SecureKeychain and Logger without modifying them

While these changes are in the critical path (app/core/Engine/controllers/), they represent isolated utility modules that don't affect any current user flows. The SmokeCard tag is selected as a precautionary measure since these modules are part of the Card feature infrastructure, even though the E2E tests won't directly exercise this new code until it's integrated into the CardController.

Performance Test Selection:
No performance tests needed. These changes add new utility store modules that are not yet integrated into any user-facing flows. They don't affect UI rendering, state management, data loading, or any critical user paths. The stores are simple keychain wrappers with no performance-sensitive operations.

View GitHub Actions results

[sonarqubecloud]

Quality Gate failed

Failed conditions
32.2% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud