fix: make WCv2 session restore sequential

[jiexi]

Description

Changes WCv2 session/connection restores to be sequential. Previously they were concurrent. The concurrency was problematic because it would cause a large spike in relay traffic for users with numerous WCv2 connections.

Changelog

CHANGELOG entry: null

Related issues

Fixes: https://consensyssoftware.atlassian.net/browse/WAPI-1357

Manual testing steps

1. Change SESSION_RESTORE_STAGGER_MS to be something larger like 10000
2. Make an ios expo build
3. Using safari native browser, connect to https://react-app.walletconnect.com/ AND https://wagmi-app.vercel.app/ using WalletConnect
4. Swipe away MetaMask
5. On the dapp you connected to last, trigger a personal sign
6. Ignore the deeplink
7. Reopen MetaMask manually from the homescreen
8. Login
9. It should take at least your SESSION_RESTORE_STAGGER_MS delay before you see the approval appear

Why this way instead of using the js debugger? Unfortunately restarting the app causes the debugger to disconnect, and so it isn't a reliable way to probe startup based flows.

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Medium Risk
Changes WCv2 startup session restoration from concurrent async updates to a serialized loop with an added delay, which can impact connection readiness timing and expose ordering/regression issues in session/account syncing.

Overview
WCv2 startup now restores existing WalletConnect sessions sequentially via a new restoreSessions() flow, adding a small stagger (SESSION_RESTORE_STAGGER_MS) between updateSession calls to avoid relay-traffic spikes.

Initialization (WC2Manager.init) now triggers this restore pass after constructing the manager, and tests were extended to assert serial execution, the per-session delay, and that sessions with internal/invalid URLs are skipped.

^{Written by Cursor Bugbot for commit 2c7c339. This will update automatically on new commits. Configure here.}

[adonesky1]

LGTM!

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: SmokeNetworkAbstractions, SmokeMultiChainAPI
• Selected Performance tags: None (no tests recommended)
• Risk Level: medium
• AI Confidence: 72%

click to see 🤖 AI reasoning details

E2E Test Selection:
The changes are in WalletConnectV2.ts (app/core/WalletConnect/), which is a critical path file. The PR refactors session restoration from a fire-and-forget forEach loop to a proper serial for...of loop with a 200ms stagger delay between sessions. This is a targeted bug fix that:

1. Ensures WalletConnect sessions are restored serially (not concurrently) at startup
2. Adds a 200ms delay between each session restoration to smooth relay traffic
3. Extracts logic into a dedicated restoreSessions() private method

The change affects dApp connectivity via WalletConnect at startup. No dedicated E2E tests exist for WalletConnect session restoration flows in the test suite. The most relevant E2E tags are:

• SmokeNetworkAbstractions: Tests chain permission system for dApps, granting/revoking chain access, and dApp chain switch requests — all of which depend on WalletConnect session state
• SmokeMultiChainAPI: Tests CAIP-25 multi-chain session API for dApp permission management, which relies on WalletConnect session restoration working correctly

SmokeNetworkExpansion was considered but the changes don't specifically affect Solana/non-EVM flows. SmokeConfirmations was considered but the session restoration fix doesn't directly affect transaction confirmation flows.

No performance tests are needed — the 200ms stagger delay is intentional and small, and the change doesn't affect UI rendering, data loading, or critical user flow performance metrics.

Performance Test Selection:
The changes introduce a deliberate 200ms stagger delay between session restorations, but this only affects startup session restoration for WalletConnect dApp connections — not any of the measured performance flows (account list, onboarding, login, swaps, launch, asset loading, predict, perps). The change is a correctness fix, not a performance-sensitive path.

View GitHub Actions results

[github-actions]

✅ E2E Fixture Validation — Schema is up to date
17 value mismatches detected (expected — fixture represents an existing user).
View details

[codecov-commenter]

Codecov Report

❌ Patch coverage is 75.86207% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 82.60%. Comparing base (d4cdad3) to head (2c7c339).
⚠️ Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
app/core/WalletConnect/WalletConnectV2.ts	75.86%	4 Missing and 3 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #27950      +/-   ##
==========================================
- Coverage   82.60%   82.60%   -0.01%     
==========================================
  Files        4839     4839              
  Lines      124404   124418      +14     
  Branches    27725    27726       +1     
==========================================
+ Hits       102762   102772      +10     
- Misses      14578    14581       +3     
- Partials     7064     7065       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
81.8% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud