fix(metamask-pay): cp-7.80.0 use latest on-chain nonce for EIP-7702 authorization list

[matthewwalsh0]

Description

When building the EIP-7702 authorization list for a Pay delegation transaction, the nonce was previously read from NonceLock.nextNonce — the value computed by the nonce tracker, which accounts for locally-pending transactions the Relay has no visibility into. This could produce a nonce ahead of the true on-chain state, causing the Relay to reject the authorization as invalid.

The fix reads NonceLock.nonceDetails.params.nextNetworkNonce instead — the raw eth_getTransactionCount result that the nonce tracker already fetches internally. This gives the committed on-chain nonce the Relay needs to verify the authorization signature, without introducing a separate provider call or adding a new Engine dependency.

Changelog

CHANGELOG entry: null

Related issues

Related to: #30798

Manual testing steps

Feature: EIP-7702 Pay delegation transaction

  Scenario: user submits a Pay transaction requiring EIP-7702 upgrade
    Given the account has not yet been delegated (not upgraded to EIP-7702)
    And the account has locally-pending transactions in the queue

    When user initiates a Pay transaction and confirms
    Then the authorization list is signed with the correct on-chain nonce
    And the transaction submits successfully via Relay

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Performance checks (if applicable)

• I've tested on Android
  • Ideally on a mid-range device; emulator is acceptable
• I've tested with a power user scenario
  • Use these power-user SRPs to import wallets with many accounts and tokens
• I've instrumented key operations with Sentry traces for production performance metrics
  • See trace() for usage and addToken for an example

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Medium Risk
Changes nonce selection for EIP-7702 authorization signing in Pay flows; wrong nonce would break Relay submission but scope is limited to delegation authorization building.

Overview
EIP-7702 Pay delegation now signs the authorization list with the committed on-chain nonce (nonceLock.nonceDetails.params.nextNetworkNonce) instead of the nonce tracker’s nextNonce, which can include locally pending txs the Relay cannot see.

Tests were updated to mock networkClientId on transaction meta and to return the new nonce lock shape so KeyringController:signEip7702Authorization still receives the expected nonce.

^{Reviewed by Cursor Bugbot for commit 7d0387b. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: SmokeConfirmations
• Selected Performance tags: None (no tests recommended)
• Risk Level: medium
• AI Confidence: 90%

click to see 🤖 AI reasoning details

E2E Test Selection:
The changes are a targeted bug fix in app/util/transactions/delegation.ts, correcting the nonce property path from nonceLock.nextNonce to nonceLock.nonceDetails.params.nextNetworkNonce when building EIP-7702 authorization lists. This is used in the EIP-7702 batch transaction / account abstraction flow via the TransactionPayController. The corresponding test file is updated to match the new mock structure. SmokeConfirmations is the appropriate tag as it explicitly covers "advanced EIP-7702 account abstraction features like batch transactions and gas fee token payments." No other flows are affected by this narrow fix.

Performance Test Selection:
This is a single-line bug fix correcting a nonce property path in the EIP-7702 delegation utility. It has no impact on rendering performance, data loading, UI components, or app startup. No performance tests are warranted.

View GitHub Actions results

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud