feat(hw): qr wallet consumer wiring. #29087
Merged
Merged
Conversation
Add normalizeReplacementGasFeeParams gas utility, getDeviceIdForAddress helper, QR connection tips, widen setTargetWalletType type, and refactor LedgerTransactionModal to use normalizeReplacementGasFeeParams.
Add QRSigningContext for QR hardware wallet signing state, useQRSigningState hook for managing QR scan request lifecycle, and export from index files.
Add shared utility that runs hardware wallet operations behind the standard readiness + awaiting-confirmation flow. Includes foundation helpers (getDeviceIdForAddress, normalizeReplacementGasFeeParams) as prerequisites.
…lit-4-connection-ui
…split-4-connection-ui
- useDeviceConnectionFlow: skip device discovery for QR wallets, walletType-aware ready handling - HardwareWalletProvider: integrate QRSigningContext, bug fixes for reject ref cleanup and double close - AwaitingConfirmationContent: full QR signing UI with QR code display, scanner, error handling, and scan result verification
Replace wallet-type-specific modal navigation (LedgerTransactionModal, QRSigningTransactionModal) in RootRPCMethodsUI, Transactions, and useUnifiedTxActions with the shared executeHardwareWalletOperation flow. This unifies Ledger and QR hardware wallet signing behind a single code path.
Contributor
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
This was referenced Apr 21, 2026
pull Bot
pushed a commit
to Reality2byte/metamask-mobile
that referenced
this pull request
Apr 21, 2026
…29083) <!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** Adds: - `QRSigningContext` for QR hardware wallet signing state - `useQRSigningState` hook for managing QR scan request lifecycle - Index files. Note: This is currently dead code until <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Related to: https://consensyssoftware.atlassian.net/browse/MUL-1741 ## **Manual testing steps** This can only be tested via MetaMask#29087 ## **Screenshots/Recordings** Not applicable ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. #### Performance checks (if applicable) - [ ] I've tested on Android - Ideally on a mid-range device; emulator is acceptable - [ ] I've tested with a power user scenario - Use these [power-user SRPs](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/edit-v2/401401446401?draftShareId=9d77e1e1-4bdc-4be1-9ebb-ccd916988d93) to import wallets with many accounts and tokens - [ ] I've instrumented key operations with Sentry traces for production performance metrics - See [`trace()`](/app/util/trace.ts) for usage and [`addToken`](/app/components/Views/AddAsset/components/AddCustomToken/AddCustomToken.tsx#L274) for an example For performance guidelines and tooling, see the [Performance Guide](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/400085549067/Performance+Guide+for+Engineers). ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Low risk: adds new QR-signing context/hook and tests without modifying existing signing/connection flows; primary risk is incorrect cancellation/completion behavior once wired into navigation. > > **Overview** > Adds a new `QRSigningContext` (and `useQRSigning`) to standardize access to pending QR keyring scan requests and related lifecycle actions. > > Introduces `useQRSigningState`, which derives the current pending scan request from Redux, tracks per-request completion state, and provides `cancelQRScanRequestIfPresent()` to reject an active SIGN request via the QR keyring scanner. Exports the new context/hook via the HardwareWallet `contexts`/`hooks` index files and adds unit tests for both the context guard and hook behavior. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit fbe188d. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
…ress The provider now auto-derives the wallet type from the pending operation address, so callers only need to supply the address — not the wallet type. This removes the need for executeHardwareWalletOperation to compute and forward the wallet type explicitly.
…split-4-connection-ui
…ationAddress LedgerSelectAccount uses setTargetWalletType for the Add Hardware Wallet flow, so it must remain in the context interface unchanged.
…split-4-connection-ui
Add pendingOperationAddress state to the provider. The effective wallet type is now derived from targetWalletType OR the pending operation address OR the selected account, keeping setTargetWalletType unchanged for Add Hardware Wallet flows.
…-split-5-consumers
…gOperationAddress The provider now auto-derives wallet type from the pending operation address, so consumers pass setPendingOperationAddress instead of setTargetWalletType.
209ec3a to
560d797
Compare
pull Bot
pushed a commit
to Reality2byte/metamask-mobile
that referenced
this pull request
Apr 23, 2026
…ger (MetaMask#29084) <!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Related to: https://consensyssoftware.atlassian.net/browse/MUL-1741 ## **Manual testing steps** This can only be tested via MetaMask#29087 ## **Screenshots/Recordings** Not applicable ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. #### Performance checks (if applicable) - [ ] I've tested on Android - Ideally on a mid-range device; emulator is acceptable - [ ] I've tested with a power user scenario - Use these [power-user SRPs](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/edit-v2/401401446401?draftShareId=9d77e1e1-4bdc-4be1-9ebb-ccd916988d93) to import wallets with many accounts and tokens - [ ] I've instrumented key operations with Sentry traces for production performance metrics - See [`trace()`](/app/util/trace.ts) for usage and [`addToken`](/app/components/Views/AddAsset/components/AddCustomToken/AddCustomToken.tsx#L274) for an example For performance guidelines and tooling, see the [Performance Guide](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/400085549067/Performance+Guide+for+Engineers). ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Medium risk because it changes the gas fee parameters forwarded into cancel/speed-up transaction flows and adjusts hardware wallet context typing, which could affect transaction replacement behavior and hardware wallet connection UX. > > **Overview** > Improves hardware-wallet and replacement-transaction handling by **normalizing replacement gas fee params** before calling `speedUpTransaction`/`stopTransaction`, ensuring only complete controller-supported fee fields are forwarded (otherwise `undefined`). Tests were added to cover legacy vs EIP-1559 normalization and the incomplete-fee edge case in `LedgerTransactionModal`. > > Extends hardware wallet utilities by adding `getDeviceIdForAddress` (Ledger-only) and updating connection tips to include **QR-specific guidance** with new i18n strings. The hardware wallet context API is also loosened to allow `setTargetWalletType(null)`. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit da33c39. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
…on' into feat/mul-1507-split-4-connection-ui
…-ui' into feat/mul-1507-split-5-consumers
…-ui' into feat/mul-1507-split-5-consumers
ccharly
reviewed
Apr 24, 2026
Contributor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit b57d458. Configure here.
ccharly
reviewed
Apr 27, 2026
Contributor
🔍 Smart E2E Test Selection
click to see 🤖 AI reasoning detailsE2E Test Selection: The PR makes significant architectural changes to the HardwareWallet subsystem:
Tag Selection Rationale:
No performance tests are needed as these are architectural/refactoring changes to hardware wallet context management, not UI rendering or data loading performance-sensitive code. Performance Test Selection: |
|
Contributor
|
✅ E2E Fixture Validation — Schema is up to date |
PatrykLucka
approved these changes
Apr 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR is split 5 of the QR hardware wallet feature (MUL-1507). It migrates the transaction signing consumers —
RootRPCMethodsUI,Transactionsview, anduseUnifiedTxActions— from the old per-site Ledger modal navigation pattern to the sharedexecuteHardwareWalletOperationutility anduseHardwareWalletcontext hook introduced in splits 3–4. This ensures both Ledger and QR hardware wallets use a single, unified signing flow with consistent device readiness checks, awaiting-confirmation UI, error handling, and rejection callbacks.Changelog
CHANGELOG entry: QR wallet shares the signing flow with Ledger now.
Related issues
Related to: https://consensyssoftware.atlassian.net/browse/MUL-1741
Manual testing steps
Screenshots/Recordings
Before
After
Pre-merge author checklist
Performance checks (if applicable)
trace()for usage andaddTokenfor an exampleFor performance guidelines and tooling, see the Performance Guide.
Pre-merge reviewer checklist
Note
Medium Risk
Refactors hardware-wallet transaction signing, speed-up, and cancel paths to use a new shared execution utility and context, which can affect approval acceptance/rejection and modal lifecycle. Risk is mitigated by extensive updated test coverage but impacts core transaction flows for hardware wallets.
Overview
Unifies hardware-wallet transaction signing across the app.
RootRPCMethodsUI,Transactions, anduseUnifiedTxActionsnow route Ledger signing (including speed-up/cancel replacements) throughexecuteHardwareWalletOperation+useHardwareWalletfor consistent device-readiness checks, awaiting-confirmation UI, and rejection handling, while QR signing continues to navigate to the QR signing modal.Consolidates QR signing state into the hardware wallet context. Removes the standalone
QRSigningContext, adds aqrsub-state onHardwareWalletContext, and memoizes the provider’sqrvalue to keep context references stable.Tests updated/expanded to cover the new shared flow (accept/reject paths, cancel analytics, gas param normalization for replacements, modal close behavior) and provider/context memoization.
Reviewed by Cursor Bugbot for commit 5e70ff7. Bugbot is set up for automated code reviews on this repo. Configure here.