Release: v2.4.0

[kvhnuke]

Summary by CodeRabbit

• New Features

  • Introduced enhanced backup management allowing users to view and restore backups.
  • Added new UI elements for wallet restoration and improved identicon displays.
  • Integrated dynamic routing for backup selection within the onboarding flow.

• Enhancements & Refactor

  • Improved error handling and feedback during asset loading and send transactions.
  • Refined swap integration with updated endpoints for more reliable token swaps.
  • Upgraded navigation and active state indicators for smoother interactions.

• Chores & Style

  • Updated numerous dependencies to bolster security, performance, and stability.
  • Adjusted styling for headings and buttons to ensure a consistent visual experience.

[coderabbitai]

Walkthrough

The changes comprise widespread dependency version updates in multiple package.json files, new file additions implementing backup management, cryptographic utilities, and random name generation, along with significant refactorings across TypeScript and Vue files. Modifications include tweaks to APIs, enhanced error handling, improved routing and event handling in UI components, and the removal of obsolete code. New properties and methods (e.g., in BackupState and EnkryptAccount) have been introduced, while configuration files and build settings were also updated to align with current project requirements.

Changes

File(s)	Change Summary
package.json, packages/*/package.json (e.g., extension, extension-bridge, hw-wallets, keyring, name-resolution, request, signers/*, storage, swap, types, utils)	Updated dependency and devDependency versions across multiple packages (e.g., commitlint, swc, consistently updated Node, ESLint, Prettier, TypeScript, etc.); added configuration adjustments (aliases, include patterns, legacy settings).
New Files (e.g., packages/extension/configs/vite/empty.js, packages/extension/src/libs/backup-state/configs.ts, .../backup-state/index.ts, .../backup-state/types.ts, packages/utils/src/nacl-encrypt-decrypt.ts, packages/utils/src/random-names.ts, packages/extension/src/ui/action/views/settings/views/settings-backups/backup-identicon.vue, packages/extension/src/ui/onboard/restore-wallet/backup-detected.vue)	Introduced new modules for backup state management, cryptographic operations (NaCl-based encrypt/decrypt), and random name generation, as well as new Vue components for backup UI elements.
Various .ts and .vue files (e.g., transform-manifest.ts, send-address-item.vue, send-contacts-list.vue, assetinfo-mew.ts, solanachain.ts, erc20-token.ts, send-transaction/index.vue, switch/index.vue, icon components, main.ts, browser.ts, and others)	Refactored code by adding semicolons, standardizing string casing, consolidating utility imports, adjusting API request endpoints and parameters, removing unused imports/methods, and introducing enhanced error handling and conditional logic.
Vue Component & Routing Files (e.g., network-menu/index.vue, add-account-form.vue, network-activity-total.vue, network-assets/index.vue, settings-inner-header.vue, settings-switch.vue, settings/index.vue, settings-general/index.vue, onboard/App.vue, restore-wallet/routes.ts, type-password.vue)	Updated event handlers, computed properties, and dynamic SVG rendering; improved routing via useRouter/useRoute; integrated new backup actions and UI states; and applied styling and accessibility enhancements.

Sequence Diagram(s)

sequenceDiagram
    participant U as User
    participant A as App.vue
    participant B as BackupState
    participant S as Backup Service

    U->>A: Launch app/trigger backup
    A->>B: Call backup(firstTime=true)
    B->>B: Get main wallet & prepare backup data
    B->>S: Send HTTP backup request
    S-->>B: Return backup response
    B-->>A: Return backup status

Loading

sequenceDiagram
    participant U as User
    participant OW as onboardInitializeWallets
    participant KS as Keyring
    participant B as BackupState

    U->>OW: Provide mnemonic & password
    OW->>KS: Unlock keyring and fetch main account
    KS-->>OW: Return main account data
    OW->>B: Instantiate BackupState and list backups
    B-->>OW: Return { backupsFound: true/false }
    OW-->>U: Complete onboarding with backup status

Loading

Possibly related PRs

• Fix/paste window #619 – Updates dependency versions in package.json similar to changes in commitlint, concurrently, and other packages.
• Release: v2.4.0 #614 – Contains similar updates for @commitlint/cli and @commitlint/config-conventional, aligning with the current PR’s dependency bumps.
• devop: vite 6 and package updates #612 – Involves dependency version increments across package.json files targeting commitlint, husky, and concurrently updates.

Suggested reviewers

• olgakup

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

💼 Build Files
chrome: enkrypt-chrome-b14e85c5.zip
firefox: enkrypt-firefox-b14e85c5.zip

💉 Virus total analysis
chrome: b14e85c5
firefox: b14e85c5

[coderabbitai]

Actionable comments posted: 6

🔭 Outside diff range comments (1)

packages/extension/src/libs/keyring/public-keyring.ts (1)

50-61: ⚠️ Potential issue

Potential overwritten key bug.
You assign allKeys['5E56EZk6jmpq1q3Har3Ms99D9TLN9ra2inFh7Q1Hj6GpUx6D'] twice (lines 50 & 61), resulting in the first object being overwritten by the second. Consider renaming or removing one of these assignments to avoid unexpected behavior.

- allKeys['5E56EZk6jmpq1q3Har3Ms99D9TLN9ra2inFh7Q1Hj6GpUx6D'] = { ... }
+ allKeys['SOME_UNIQUE_KEY'] = { ... }

🧹 Nitpick comments (27)

packages/extension/src/ui/action/views/swap/libs/send-transactions.ts (2)

236-243: Remove Unnecessary Label in Legacy Transaction Block

Static analysis has flagged the update_block_hash: label as unnecessary in this loop. Removing the label and using a plain break; will simplify the control flow. Consider applying the following diff:

-              update_block_hash: while (true) {
+              while (true) {
  ...
-                  break update_block_hash;
+                  break;

🧰 Tools

🪛 Biome (1.9.4)

[error] 243-243: Unnecessary label.

Safe fix: Remove the unnecessary label.
You can achieve the same result without the label.

(lint/complexity/noUselessLabel)

---

347-354: Remove Unnecessary Label in Versioned Transaction Block

Similarly, the update_block_hash: label in the versioned transaction block is redundant. Removing this label and replacing break update_block_hash; with break; can improve the code clarity. Consider the diff below:

-              update_block_hash: while (true) {
+              while (true) {
  ...
-                      break update_block_hash;
+                      break;

🧰 Tools

🪛 Biome (1.9.4)

[error] 354-354: Unnecessary label.

Safe fix: Remove the unnecessary label.
You can achieve the same result without the label.

(lint/complexity/noUselessLabel)

packages/extension/src/ui/action/views/accounts/components/add-account-form.vue (1)

57-57: Improve backup error handling and user feedback.

The backup functionality is correctly implemented, but has two areas for improvement:

1. The boolean parameter (false) passed to the backup method lacks context about its purpose
2. The error handling only logs to console without informing the user when backups fail

Consider improving error handling and user feedback:

-    backupState.backup(false).catch(() => {
-      console.error('Failed to backup');
-    });
+    backupState.backup(false).catch((error) => {
+      console.error('Failed to backup account data:', error);
+      // Consider adding user notification about backup failure
+    });

Also applies to: 124-127

packages/extension/src/ui/action/views/network-assets/components/network-assets-error.vue (2)

6-7: Fix class name typo in the button element.

There's an extra 's' in the class name: network-assetss__error-button should be network-assets__error-button.

-      class="network-assetss__error-button"
+      class="network-assets__error-button"

---

40-42: Remove or update the anchor styles.

The CSS includes styles for an a tag, but the template uses a base-button component instead. Either remove these styles or update them to match the actual elements in the template.

-    a {
-      width: 150px;
-    }

packages/extension/src/ui/onboard/create-wallet/wallet-ready.vue (1)

47-52: Enhanced security by clearing sensitive data.

The onMounted hook clears passwords and mnemonics from both the onboard and restore stores once the wallet is ready, improving security by preventing sensitive data from persisting in memory longer than necessary.

Consider implementing this cleanup in a try/finally block to ensure data is always cleared even if errors occur:

onMounted(() => {
-  onboardStore.setPassword('');
-  onboardStore.setMnemonic('');
-  restoreStore.setMnemonic('');
-  restoreStore.setPassword('');
+  try {
+    // Any initialization logic could go here
+  } finally {
+    // Ensure sensitive data is always cleared
+    onboardStore.setPassword('');
+    onboardStore.setMnemonic('');
+    restoreStore.setMnemonic('');
+    restoreStore.setPassword('');
+  }
});

packages/extension/src/providers/ethereum/libs/assets-handlers/assetinfo-mew.ts (1)

210-210: Type annotation could be more specific

While adding the explicit type annotation for json improves clarity, using any is generally discouraged in TypeScript as it bypasses type checking. Consider defining a more specific interface type that represents the expected response structure.

- .then((json: any) => {
+ .then((json: { error?: string; result: Array<{ contract: string; balance: string }> }) => {

packages/extension/src/ui/action/views/settings/views/settings-backups/backup-identicon.vue (2)

12-15: Potential null reference and DOM manipulation concern

The code uses a non-null assertion (!) and directly manipulates innerHTML, which has security implications.

Consider using Vue's reactive props and v-html directive or a safer approach that doesn't require direct DOM manipulation:

-const element: Ref<HTMLElement | null> = useTemplateRef('jdenticonHolder');
-onMounted(() => {
-  element.value!.innerHTML = jdenticon.toSvg(props.hash, 200);
-});
+const svgContent = ref('');
+onMounted(() => {
+  svgContent.value = jdenticon.toSvg(props.hash, 200);
+});

And in template:

-<div ref="jdenticonHolder" class="jdenticon-container"></div>
+<div class="jdenticon-container" v-html="svgContent"></div>

---

19-33: Mismatched SVG dimensions

The SVG is generated with a size of 200px but displayed at 40px, which could lead to unnecessary rendering overhead and potential display issues.

Align the generated SVG size with the displayed size for optimal performance:

-  element.value!.innerHTML = jdenticon.toSvg(props.hash, 200);
+  element.value!.innerHTML = jdenticon.toSvg(props.hash, 40);

Or adjust the CSS to accommodate the larger SVG:

-  svg {
-    width: 40px;
-    height: 40px;
-    position: absolute;
-    top: -4px;
-    left: -4px;
-  }
+  svg {
+    width: 200px;
+    height: 200px;
+    position: absolute;
+    top: -84px;
+    left: -84px;
+  }

packages/extension/src/types/provider.ts (1)

134-134: Consider removing unnecessary constructor

The static analysis tool correctly flagged this constructor as unnecessary since it doesn't add any functionality beyond what the default constructor would provide.

-  constructor(node: string, options?: unknown) {}

Since this is an abstract class, if derived classes need to call super with specific parameters, you can keep it, but otherwise it can be safely removed.

🧰 Tools

🪛 Biome (1.9.4)

[error] 134-134: This constructor is unnecessary.

Unsafe fix: Remove the unnecessary constructor.

(lint/complexity/noUselessConstructor)

packages/extension/src/ui/action/App.vue (1)

353-356: Simplified network order update logic.

Removed conditional check for activeCategory.value === NetworksCategory.Pinned, making the logic more straightforward. Now it directly assigns newOrder to networks.value when the search input is empty.

packages/extension/src/ui/onboard/restore-wallet/backup-detected.vue (1)

114-128: Enhance error handling for failed backup restoration.
The catch block logs a generic message but discards the root cause of the failure. Exposing an error reason or user-friendly message would improve debuggability and user experience.

.catch((err) => {
  backupBtnText.value = 'Failed to restore backup';
  processing.value = false;
  selectedBackup.value = undefined;
+ console.error('Failed to restore backup:', err);
})

packages/extension/src/providers/ethereum/libs/assets-handlers/solanachain.ts (2)

20-31: Avoid using as any for parsed data.
Casting with as any can hide type-related mistakes. Consider typing the parsed account data or adding checks to guard against unexpected structure.

---

38-45: Unifying & returning the native balance.
The final insertion of the native SOL balance via unshift works fine and ensures ordering. Just be aware of potential performance impacts if the balances array grows in future usage.

packages/extension/src/ui/action/components/switch/index.vue (1)

3-3: Improved reactivity with v-model and computed property.

Good refactoring to use Vue's v-model directive with a computed property instead of the previous approach with direct binding and click handlers. This creates a cleaner two-way binding implementation that's more idiomatic Vue 3.

Also applies to: 9-10, 18-23

packages/extension/src/ui/action/views/settings/views/settings-backups/index.vue (4)

127-127: Initialize selectedBackup ref with a default value.

The selectedBackup ref is declared with a type that allows null, but doesn't have a default null value. This could lead to issues if selectedBackup.value is accessed before it's assigned.

-const selectedBackup = ref<ListBackupType | null>();
+const selectedBackup = ref<ListBackupType | null>(null);

---

136-147: Consider updating UI state after successful operations.

The method sets isBackupsEnabled.value immediately before performing async operations. If these operations fail, the UI might show an incorrect state.

const toggleBackups = async (checked: boolean) => {
-  isBackupsEnabled.value = checked;
  loading.value = true;
  if (checked) {
    await backupState.enableBackups();
    await backupState.backup(false);
    backups.value = await backupState.listBackups();
+    isBackupsEnabled.value = true;
  } else {
    await backupState.disableBackups();
+    isBackupsEnabled.value = false;
  }
  loading.value = false;
};

---

190-192: Consider using responsive height for backup list.

The backup list container has a fixed height of 225px, which might not be optimal for all screen sizes. Consider using a more responsive approach such as max-height with a percentage or viewport units.

&-container {
-  height: 225px; // adding a small cutoff to let user know there's more
+  max-height: 40vh; // more responsive to different screen sizes
  overflow-y: auto;
  padding-right: 10px;
}

---

215-215: Use color variables consistently.

The component uses hardcoded color values in some places (#202124, #5f6368) while using variables elsewhere (@primary). For maintainability, consider using theme variables consistently throughout.

-color: #202124;
+color: @primaryLabel;

-color: #5f6368;
+color: @tertiaryLabel;

Also applies to: 225-225

packages/extension/src/libs/utils/initialize-wallet.ts (1)

9-9: Verify BackupState import path

Consider using absolute import paths for consistency with the rest of the codebase.

-import BackupState from '../backup-state';
+import BackupState from '@/libs/backup-state';

packages/extension/vite.config.ts (1)

104-104: Added empty external array in rollup options

The empty external: [] array has been added but contains no values. This might be a placeholder for future use or an incomplete implementation.

Consider removing this if not needed immediately, or add a comment explaining its purpose.

packages/utils/src/nacl-encrypt-decrypt.ts (1)

26-59: Handle naclBox.open returning null.

When naclBox.open fails, it returns null. Although this appears to be caught by the generic "Decryption failed." error, consider explicitly checking for a null return before passing it to encodeUTF8 to clarify error handling and improve maintainability.

     const decryptedMessage = naclBox.open(
       ciphertext,
       nonce,
       ephemPublicKey,
       recieverEncryptionPrivateKey,
     );
+    if (!decryptedMessage) {
+      throw new Error("Decryption failed: Unable to open box");
+    }
     let output;
     try {
       output = encodeUTF8(decryptedMessage);

packages/extension/src/libs/backup-state/index.ts (5)

36-51: Use stronger error signals in #getSignature.

Currently, if res.error is found, the function logs to console and returns null. Consider throwing an error to fail fast when signature retrieval fails, or return a typed result that indicates an error. This approach helps calling code handle failures more gracefully.

---

77-107: listBackups method: Ensure robust fallback handling.

This method returns an empty array if no signature is found. Consider surfacing more explicit errors or user-friendly messages so that calling code knows why listing backups is failing. Logging the error is good, but consider error-driven flows as well.

---

157-245: restoreBackup method: Comprehensive approach to account re-creation.

The logic for unlocking, fetching the backup, decrypting, and rebuilding accounts is quite thorough. Consider wrapping each crucial step (e.g., fetch, decrypt, restore) with more robust error handling, ensuring partial progress doesn't leave the wallet in an inconsistent state.

🧰 Tools

🪛 Biome (1.9.4)

[error] 225-225: Unnecessary continue statement

Unsafe fix: Delete the unnecessary continue statement

(lint/correctness/noUnnecessaryContinue)

---

225-225: Unnecessary continue statement.

According to the static analysis hint, the continue; here doesn't serve a purpose because control flow in the if–else if–else block already covers all paths. Removing it simplifies the code and avoids confusion.

-          continue;

🧰 Tools

🪛 Biome (1.9.4)

[error] 225-225: Unnecessary continue statement

Unsafe fix: Delete the unnecessary continue statement

(lint/correctness/noUnnecessaryContinue)

---

247-318: backup method: Add network error handling.

If fetch fails or the server returns a non-JSON response, the code may throw. Consider wrapping the fetch call in a try/catch or checking response.ok before parsing JSON. This will provide clearer feedback for partial failures.

    try {
      const rawResponse = await fetch(
        ...
      );
+     if (!rawResponse.ok) {
+       console.error("Network request failed with status:", rawResponse.status);
+       return false;
+     }
      const content = ...

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1594101 and b1de967.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (77)

• package.json (1 hunks)
• packages/extension-bridge/package.json (1 hunks)
• packages/extension/configs/vite/empty.js (1 hunks)
• packages/extension/configs/vite/transform-manifest.ts (3 hunks)
• packages/extension/package.json (4 hunks)
• packages/extension/src/libs/backup-state/configs.ts (1 hunks)
• packages/extension/src/libs/backup-state/index.ts (1 hunks)
• packages/extension/src/libs/backup-state/types.ts (1 hunks)
• packages/extension/src/libs/keyring/public-keyring.ts (8 hunks)
• packages/extension/src/libs/networks-state/index.ts (0 hunks)
• packages/extension/src/libs/utils/initialize-wallet.ts (2 hunks)
• packages/extension/src/providers/common/ui/send-transaction/send-address-item.vue (1 hunks)
• packages/extension/src/providers/common/ui/send-transaction/send-contacts-list.vue (4 hunks)
• packages/extension/src/providers/ethereum/libs/assets-handlers/assetinfo-mew.ts (2 hunks)
• packages/extension/src/providers/ethereum/libs/assets-handlers/solanachain.ts (1 hunks)
• packages/extension/src/providers/ethereum/types/erc20-token.ts (1 hunks)
• packages/extension/src/providers/ethereum/ui/send-transaction/index.vue (1 hunks)
• packages/extension/src/providers/ethereum/ui/styles/common-popup.less (1 hunks)
• packages/extension/src/providers/solana/ui/libs/decode-tx.ts (2 hunks)
• packages/extension/src/providers/solana/ui/send-transaction/index.vue (4 hunks)
• packages/extension/src/providers/solana/ui/sol-verify-transaction.vue (1 hunks)
• packages/extension/src/types/provider.ts (2 hunks)
• packages/extension/src/ui/action/App.vue (5 hunks)
• packages/extension/src/ui/action/components/network-menu/index.vue (4 hunks)
• packages/extension/src/ui/action/components/switch/index.vue (1 hunks)
• packages/extension/src/ui/action/icons/tabs/activity.vue (1 hunks)
• packages/extension/src/ui/action/icons/tabs/assets.vue (1 hunks)
• packages/extension/src/ui/action/icons/tabs/dapps.vue (1 hunks)
• packages/extension/src/ui/action/icons/tabs/nfts.vue (1 hunks)
• packages/extension/src/ui/action/main.ts (1 hunks)
• packages/extension/src/ui/action/utils/browser.ts (1 hunks)
• packages/extension/src/ui/action/views/accounts/components/add-account-form.vue (2 hunks)
• packages/extension/src/ui/action/views/import-account/views/import-account-password.vue (2 hunks)
• packages/extension/src/ui/action/views/import-account/views/import-account-private-key.vue (2 hunks)
• packages/extension/src/ui/action/views/network-activity/components/network-activity-action.vue (4 hunks)
• packages/extension/src/ui/action/views/network-activity/components/network-activity-total.vue (3 hunks)
• packages/extension/src/ui/action/views/network-activity/components/network-activity-transaction.vue (1 hunks)
• packages/extension/src/ui/action/views/network-assets/components/network-assets-error.vue (1 hunks)
• packages/extension/src/ui/action/views/network-assets/components/network-assets-item.vue (2 hunks)
• packages/extension/src/ui/action/views/network-assets/index.vue (6 hunks)
• packages/extension/src/ui/action/views/settings/components/settings-inner-header.vue (2 hunks)
• packages/extension/src/ui/action/views/settings/components/settings-switch.vue (4 hunks)
• packages/extension/src/ui/action/views/settings/index.vue (5 hunks)
• packages/extension/src/ui/action/views/settings/views/settings-backups/backup-identicon.vue (1 hunks)
• packages/extension/src/ui/action/views/settings/views/settings-backups/index.vue (1 hunks)
• packages/extension/src/ui/action/views/settings/views/settings-general/index.vue (3 hunks)
• packages/extension/src/ui/action/views/swap/libs/send-transactions.ts (15 hunks)
• packages/extension/src/ui/onboard/App.vue (6 hunks)
• packages/extension/src/ui/onboard/create-wallet/routes.ts (1 hunks)
• packages/extension/src/ui/onboard/create-wallet/store.ts (1 hunks)
• packages/extension/src/ui/onboard/create-wallet/wallet-ready.vue (1 hunks)
• packages/extension/src/ui/onboard/restore-wallet/backup-detected.vue (1 hunks)
• packages/extension/src/ui/onboard/restore-wallet/routes.ts (2 hunks)
• packages/extension/src/ui/onboard/restore-wallet/type-password.vue (2 hunks)
• packages/extension/tsconfig.node.json (1 hunks)
• packages/extension/vite.config.ts (4 hunks)
• packages/hw-wallets/package.json (2 hunks)
• packages/keyring/package.json (1 hunks)
• packages/name-resolution/package.json (2 hunks)
• packages/request/package.json (1 hunks)
• packages/signers/bitcoin/package.json (1 hunks)
• packages/signers/ethereum/package.json (1 hunks)
• packages/signers/ethereum/src/index.ts (1 hunks)
• packages/signers/ethereum/src/utils.ts (0 hunks)
• packages/signers/kadena/package.json (1 hunks)
• packages/signers/polkadot/package.json (1 hunks)
• packages/storage/package.json (1 hunks)
• packages/swap/package.json (1 hunks)
• packages/swap/src/providers/jupiter/index.ts (3 hunks)
• packages/swap/src/providers/zerox/index.ts (4 hunks)
• packages/swap/src/providers/zerox/types.ts (1 hunks)
• packages/types/package.json (1 hunks)
• packages/types/src/index.ts (1 hunks)
• packages/utils/package.json (1 hunks)
• packages/utils/src/index.ts (2 hunks)
• packages/utils/src/nacl-encrypt-decrypt.ts (1 hunks)
• packages/utils/src/random-names.ts (1 hunks)

💤 Files with no reviewable changes (2)

• packages/signers/ethereum/src/utils.ts
• packages/extension/src/libs/networks-state/index.ts

✅ Files skipped from review due to trivial changes (11)

• packages/extension/configs/vite/transform-manifest.ts
• packages/extension/src/ui/action/main.ts
• packages/extension/src/ui/onboard/create-wallet/routes.ts
• packages/extension/src/libs/backup-state/configs.ts
• packages/extension/src/providers/common/ui/send-transaction/send-address-item.vue
• packages/extension/configs/vite/empty.js
• packages/signers/ethereum/package.json
• packages/signers/ethereum/src/index.ts
• packages/extension/src/ui/action/views/network-assets/components/network-assets-item.vue
• packages/name-resolution/package.json
• package.json

🧰 Additional context used

🪛 Biome (1.9.4)

packages/extension/src/types/provider.ts

[error] 134-134: This constructor is unnecessary.

Unsafe fix: Remove the unnecessary constructor.

(lint/complexity/noUselessConstructor)

packages/extension/src/libs/backup-state/index.ts

[error] 225-225: Unnecessary continue statement

Unsafe fix: Delete the unnecessary continue statement

(lint/correctness/noUnnecessaryContinue)

packages/extension/src/ui/action/views/swap/libs/send-transactions.ts

[error] 243-243: Unnecessary label.

Safe fix: Remove the unnecessary label.
You can achieve the same result without the label.

(lint/complexity/noUselessLabel)

---

[error] 354-354: Unnecessary label.

Safe fix: Remove the unnecessary label.
You can achieve the same result without the label.

(lint/complexity/noUselessLabel)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: buildAll

🔇 Additional comments (141)

packages/extension/src/ui/action/views/swap/libs/send-transactions.ts (5)

76-78: Update Function Signature Type Formatting

The return type of executeSwap has been refined to use semicolons ({ hash: string; sentAt: number }[]) instead of commas. This change improves consistency with our coding style guidelines. Please verify that all dependent modules and documentation reflect this updated format.

---

176-176: Confirm Return Object Structure

The return statement now produces an object that correctly matches the updated type definition. Ensure that any downstream usage is updated accordingly.

---

181-181: Consistent Typing for Solana Transactions

The declaration for solTxs has been updated to use semicolon-separated properties in its type ({ hash: string; sentAt: number }[]). This enhances code consistency and readability.

---

507-507: Consistent Typing for EVM Transaction Promises

The variable txPromises now uses a consistent type definition ({ hash: 0x${string}; sentAt: number }[]) with semicolons separating the properties. This update maintains uniformity across the codebase.

---

569-569: Updated Push Operation with New Type Format

The push operation to txPromises now aligns with the updated type definition. Verify that this change does not affect any assumptions in the surrounding logic.

packages/extension/src/ui/action/utils/browser.ts (1)

53-53: Ensure browser always fetches fresh version data.

Adding { cache: "no-store" } ensures that the browser always retrieves the latest version information without using potentially outdated cached data. This is important for version checking to make sure users receive accurate update notifications, especially for security updates.

packages/types/src/index.ts (1)

74-74: Good addition of optional isTestWallet property.

This optional property allows the system to identify and potentially filter test wallets from production wallets. The property is properly typed as boolean and marked as optional with the ? suffix, maintaining backward compatibility.

packages/extension/src/ui/onboard/create-wallet/store.ts (1)

4-4:

❓ Verification inconclusive

Verify store identifier change doesn't break existing references.

The store identifier has been renamed from 'restoreWallet' to 'newWallet'. While this name better reflects the store's purpose, ensure all components referencing this store have been updated accordingly to prevent runtime errors.

---

🏁 Script executed:

#!/bin/bash
# Description: Find all references to the old store identifier 'restoreWallet' that might need updating

echo "Searching for references to the old store identifier 'restoreWallet'..."
rg -l "restoreWallet" --type ts --type vue

Length of output: 229

---

Action Required: Verify no remaining references to 'restoreWallet' across TS and Vue files

It appears that the store identifier was correctly renamed to 'newWallet', but the initial search ran into an issue with Vue file type recognition. Please manually verify there are no lingering references to 'restoreWallet' by running the following updated search:

#!/bin/bash
# New command to search for 'restoreWallet' in both TypeScript and Vue files using iglob:
echo "Searching for references to 'restoreWallet' in *.ts and *.vue files..."
rg -l "restoreWallet" --iglob '*.ts' --iglob '*.vue'

If this search confirms no results, then the identifier change should be safe. Otherwise, update the references accordingly.

packages/extension/src/ui/onboard/restore-wallet/routes.ts (1)

8-8: Nice addition of the BackupDetected component and route.

The integration of the backup detection functionality follows the existing pattern of route configuration in the file. The component is properly imported and the route is added with consistent naming and path structure.

Also applies to: 41-45

packages/types/package.json (1)

26-41:

❓ Verification inconclusive

Verify compatibility with upgraded dependency versions.

The dependency versions have been significantly updated:

• @types/node at ^22.13.1
• eslint at ^9.20.0
• typescript at ^5.7.3

Consider also updating the Node.js engine requirement (currently >=14.15.0) to ensure compatibility with these newer dependencies.

---

🌐 Web query:

What are the latest stable versions of @types/node, eslint, and typescript as of February 2025?

💡 Result:

As of February 2025, the latest stable versions are:

• @types/node: 22.13.5 (published February 21, 2025) [9]
• ESLint: 9.21.0 (published February 21, 2025) [7][10]
• TypeScript: 5.8 (stable release on February 25, 2025) [2][5][8]

These versions reflect the most recent updates available in their respective ecosystems during this timeframe.

Citations:

• 1: https://eslint.org/blog/2025/01/eslint-v9.18.0-released/
• 2: https://www.infoworld.com/article/3813778/typescript-checks-returns-for-conditional-and-indexed-access-types.html
• 3: https://github.com/typescript-eslint/typescript-eslint/releases
• 4: https://eslint.org/blog/2024/09/eslint-v8-eol-version-support/
• 5: https://devblogs.microsoft.com/typescript/announcing-typescript-5-8-rc/
• 6: https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md
• 7: https://www.npmjs.com/package/eslint
• 8: https://devblogs.microsoft.com/typescript/
• 9: https://www.npmjs.com/package/@types/node
• 10: https://github.com/eslint/eslint/releases

---

Dependency Version Update & Node.js Engine Check

We've verified that as of February 2025 the latest stable versions are:

• @types/node: 22.13.5 (vs. current "^22.13.1")
• ESLint: 9.21.0 (vs. current "^9.20.0")
• TypeScript: 5.8 (vs. current "^5.7.3")

Please ensure that our updated dependency versions are fully compatible with the codebase. Additionally, consider reviewing and, if needed, updating the Node.js engine requirement (currently >=14.15.0) to accommodate any runtime expectations these newer versions might have.

packages/extension/tsconfig.node.json (3)

13-16: Good addition of more include patterns.

Including additional TypeScript and Vue files will ensure more comprehensive type checking across the project.

---

25-28: Nice addition of path aliases.

The path aliases (@/* and @action/*) will help simplify imports throughout the project and match the import patterns used in components.

---

29-29: Verify if "dom" lib is needed in a Node.js configuration.

Including "dom" in the lib array of a Node.js configuration file is unusual since DOM APIs aren't typically available in Node environments. Is this intentional, perhaps for testing purposes or for code that might run in both environments?

packages/extension-bridge/package.json (2)

47-64: LGTM! Developer dependencies have been updated consistently.

These updates to the developer dependencies represent minor and patch version bumps, which typically include bug fixes and backward-compatible improvements.

---

42-42:

❓ Verification inconclusive

Verify compatibility with the serialize-error major version update.

The update from serialize-error version 11.0.3 to 12.0.0 represents a major version bump which could potentially include breaking changes.

---

🏁 Script executed:

#!/bin/bash
# Check for breaking changes in serialize-error v12

# Check the package's changelog or release notes
curl -s https://registry.npmjs.org/serialize-error | jq '.versions["12.0.0"].dist.tarball' | xargs curl -s | tar -xzO package/readme.md | grep -A 20 "## 12"

# Check usage patterns in the codebase
rg -A 5 -B 5 "serialize-error" --type ts

Length of output: 1479

---

Action Required: Confirm Serialize-Error v12 Compatibility

The serialize-error dependency was bumped from version 11.0.3 to 12.0.0, which may introduce breaking changes. Our investigation shows that the package is imported in both git/packages/extension-bridge/src/internal.ts and git/packages/extension-bridge/src/window/internal.ts. Although the changelog lookup was initiated (via the shell script), the actual impact of any changes in version 12 remains unclear.

Please verify the following:

• Review the release notes for serialize-error v12 to identify any breaking changes that might affect our serialization behavior.
• Confirm that the usage of serializeError in the extension bridge files remains fully compatible with the updated API.
• Ensure comprehensive testing of error serialization to prevent regression issues.

packages/extension/src/ui/action/views/network-activity/components/network-activity-transaction.vue (1)

13-13:

✅ Verification successful

Improved address formatting for identicon generation.

The change wraps the address with network.displayAddress() before passing it to network.identicon(), ensuring consistent address formatting before generating the identicon image.

---

🏁 Script executed:

#!/bin/bash
# Verify the implementation of network.displayAddress method to ensure it correctly formats addresses

# Check for the displayAddress method in network-related files
rg "displayAddress\s*\(" --type ts -A 5 -B 5

Length of output: 27276

---

Identicon generation now uses consistently formatted addresses.

The change correctly wraps the address with network.displayAddress(), ensuring that the identicon is generated using the standardized address format. This usage aligns with similar patterns across the codebase, as verified by the widespread implementation and tests for network.displayAddress().

packages/extension/src/ui/action/views/settings/components/settings-inner-header.vue (2)

11-11: Added header for new backup settings section.

The new header element provides user context when navigating to the backup settings section.

---

47-50: LGTM! Added new prop to support backup settings view.

The isBackups prop follows the same pattern as other view state props in this component.

packages/extension/src/ui/onboard/create-wallet/wallet-ready.vue (1)

40-46: LGTM! Added store imports to manage wallet state.

The imports for useRestoreStore and useOnboardStore are necessary to handle the sensitive data cleanup.

packages/extension/src/providers/solana/ui/libs/decode-tx.ts (2)

5-5: Added support for the SPL Token 2022 Program

This adds the necessary import for the TOKEN_2022_PROGRAM_ID, which will be used to enhance token account detection.

---

81-83:

✅ Verification successful

Enhanced token account detection for SPL Token 2022 compatibility

Good update that improves the transaction decoder to handle both classic SPL Token and the newer SPL Token 2022 program accounts. The looser data length validation (>= instead of ===) also ensures compatibility with potential extensions in account data structures.

---

🏁 Script executed:

#!/bin/bash
# Check if the TOKEN_2022_PROGRAM_ID is correctly defined in the Solana library
rg "TOKEN_2022_PROGRAM_ID" -A 2 -B 2

Length of output: 4009

---

Token Account Detection Enhancement Verified

The update handles both the classic SPL Token and the new Token 2022 accounts correctly. The use of a looser data.length >= ACCOUNT_SIZE check is appropriate for accommodating potential account data extensions. The verification confirms that TOKEN_2022_PROGRAM_ID is defined and used consistently across the codebase, so no further action is needed.

packages/signers/kadena/package.json (2)

31-31: Updated @polkadot/util-crypto dependency

Upgrades the util-crypto library from 13.2.3 to 13.3.1, which likely includes bug fixes and minor improvements.

---

33-48:

✅ Verification successful

Updated development dependencies

These updates to development dependencies align with the broader version updates throughout the project as part of the v2.4.0 release.

---

🌐 Web query:

What are the main changes in vitest 3.0.5 compared to 2.1.4?

💡 Result:

Vitest 3.0.5 introduces significant changes compared to 2.1.4, focusing on security enhancements, improved testing capabilities, and configuration updates:

1. Security Improvements

• Added critical security patches for CVE-2025-24964 (Remote Code Execution vulnerability when accessing malicious sites with Vitest API server active) [4][6]
• Backported browser mode file restriction fixes from v2 (CVE-2025-24963) [4]

2. Core Functionality Changes

• Redesigned Reporter API:
  • Stable output with reduced flicker
  • New lifecycle hooks for better test progress tracking [2][9]
• Browser Testing:
  • Introduced multi-browser configurations via browser.instances array
  • Deprecated browser.name/providerOptions in favor of Playwright/WebdriverIO instances [8][9]

3. Configuration Updates

• Workspace definition simplified:

  // vitest.config.ts
  test: {
    workspace: ['packages/*'] // No separate config files
  }

• Native Vite 6 support with updated module resolution rules [4][8]

4. Mocking & Testing Behavior

• spy.mockReset() now restores original implementations instead of noop [8]
• Stricter error comparisons (checks name, message, cause, prototypes) [8]
• New mock.settledResults property for async mocks [8]

5. Performance & DX Enhancements

• Up to 40% faster test execution through optimized caching [1][6]
• Smarter watch mode with precise dependency tracking [1][6]

Key Breaking Changes from 2.x:

• Test options as third argument now triggers warnings (will error in v4)
• Custom type deprecated in favor of RunnerCustomCase/RunnerTestCase [8]

For projects upgrading from 2.x, review the Migration Guide for detailed upgrade steps and deprecated API replacements[8].

Citations:

• 1: https://dev.to/nhannguyendevjs/exploring-vitest-30-the-future-of-testing-in-javascript-2b9h
• 2: https://alternativeto.net/news/2025/1/vitest-3-0-released-major-overhaul-with-enhanced-testing-and-reporting-features/
• 3: https://www.speakeasy.com/post/vitest-vs-jest
• 4: https://github.com/vitest-dev/vitest/releases
• 5: https://socket.dev/npm/package/vitest/diff/2.1.0
• 6: https://vitest.dev/guide/features
• 7: Proper configuration when using Vite 5 + Vitest 1.x solidjs/solid-testing-library#52
• 8: https://vitest.dev/guide/migration
• 9: https://vitest.dev/config/
• 10: https://vitest.dev/blog/vitest-3

---

Updated Dev Dependencies Verified
The changes in packages/signers/kadena/package.json correctly update our development dependencies as part of the v2.4.0 release. Notably, the upgrade to vitest 3.0.5 brings several key improvements over 2.1.4—such as critical security patches (e.g., CVE-2025-24964), a redesigned reporter API with improved stability, enhanced browser testing configurations, and performance enhancements through optimized caching. These updates are consistent with our broader version alignment, and no further modifications are required.

packages/storage/package.json (1)

30-45: Updated development dependencies

These version bumps to development tools like TypeScript, ESLint, and Vitest ensure the project stays current with the latest features and bug fixes. The consistent versions across multiple packages in the project is good practice.

packages/signers/bitcoin/package.json (1)

35-50: Updated development dependencies to maintain consistency

These updates align with the dependency versions used in other packages, ensuring consistent tooling across the project. This is part of the broader v2.4.0 release that updates dependencies throughout the codebase.

packages/utils/src/random-names.ts (4)

1-5: Well-documented source attribution

The code properly attributes the original source with copyright information and license details, which is good practice for derivative work.

---

586-592: Clean utility function implementation

The sumAscii function is simple, well-defined, and has a clear purpose for calculating a seed value.

---

594-601: Deterministic random name generator implementation looks good

The implementation creates consistent, deterministic random names based on the provided seed string, which is useful for reproducibility. The algorithm is simple yet effective for naming purposes.

---

603-604: Clean export of the public API

Exposing only the necessary function as a named export follows good module design principles.

packages/extension/src/ui/action/views/network-activity/components/network-activity-action.vue (4)

4-15: Improved semantic HTML by using buttons for actions

Replacing anchor elements with button elements for the "Deposit" and "Buy/Sell" actions improves semantic correctness since these are triggering actions rather than navigating to new locations.

---

71-77: Good button styling implementation

The styling properly inherits color, font, and cursor properties while removing default button styling, creating a consistent look with the rest of the interface.

---

97-99: Improved layout flexibility

Setting the flex to 1 and max-width to 100% ensures the action items can expand properly within their container.

---

111-114: Enhanced accessibility with proper focus styles

Adding explicit focus styles improves keyboard accessibility, making the interface more usable for all users.

packages/extension/src/providers/ethereum/ui/send-transaction/index.vue (1)

45-50: Improved user experience with automatic contact selector closing

Enhancing the clipboard paste functionality to automatically close the contact selector after pasting provides better user feedback and streamlines the interaction flow.

packages/extension/src/providers/ethereum/libs/assets-handlers/assetinfo-mew.ts (1)

72-76: Added Blockscout endpoint support for Rootstock network

Adding bsEndpoint: true for the Rootstock network enables it to use the Blockscout endpoint for balance fetching, consistent with how other networks like SyscoinNEVM and Rollux are configured.

packages/swap/src/providers/zerox/types.ts (2)

4-10: New interface for transaction details

The addition of ZeroXResponseTransactionType interface provides a clear and structured way to represent transaction details. This is a good example of modular design.

---

17-17:

❓ Verification inconclusive

API response structure updated

The modification to the ZeroXResponseType interface replaces individual token address properties with a consolidated transaction object. This creates a more cohesive data structure but represents a breaking change.

Make sure that all code depending on this interface has been updated to use the new structure instead of the removed properties (buyTokenAddress and sellTokenAddress).

---

🏁 Script executed:

#!/bin/bash
# Search for uses of the removed properties
rg "buyTokenAddress|sellTokenAddress" --type ts

Length of output: 49

---

Action: Verify Changes for ZeroX API Token Address Handling

The updated ZeroXResponseType interface now consolidates the token address properties into a single transaction object and removes the separate buyTokenAddress and sellTokenAddress fields. An initial automated search using rg "buyTokenAddress|sellTokenAddress" --type ts did not yield any results, which suggests that references to the removed properties may no longer exist. However, given the low-quality output from the automated tool, please perform a manual review to ensure that all dependent code is updated accordingly.

• Confirm that the file packages/swap/src/providers/zerox/types.ts (line 17) properly reflects the removal of buyTokenAddress and sellTokenAddress in favor of the consolidated transaction object.
• Manually verify that no part of the codebase (including tests and integration code) is still attempting to access the removed properties.
• Note that this change is a breaking one, so ensure that downstream consumers of the ZeroXResponseType interface are updated.

packages/extension/src/ui/action/views/settings/views/settings-backups/backup-identicon.vue (1)

6-7:

❓ Verification inconclusive

Import statement uses non-standard Vue composables

The import is using useTemplateRef which appears to be a custom composable rather than Vue's standard ref function.

Ensure the useTemplateRef composable is properly exported and maintained.

---

🏁 Script executed:

#!/bin/bash
# Search for the useTemplateRef implementation
rg "export.*useTemplateRef" --type ts

Length of output: 39

---

Action Required: Verify the Custom Composable Export

The current import of useTemplateRef from 'vue' suggests that it might be a custom composable. However, our search for any export of useTemplateRef in TypeScript files did not return any results. Please manually verify that:

• The useTemplateRef composable is indeed implemented and properly exported (possibly in a non-TS file or under a different alias).
• Its usage is intentional and maintained, or if you should revert to using Vue’s standard composables.

Since our automated search was inconclusive, please double-check the implementation and export location of useTemplateRef in your codebase.

packages/extension/src/ui/action/views/settings/views/settings-general/index.vue (2)

52-58: New backup settings feature addition

The addition of the settings backup button and descriptive text enhances user experience by providing a clear way to save account data.

---

88-90: Proper event definition using TypeScript

The event definition uses TypeScript's type system to clearly define the emitted events, which improves type safety and developer experience.

packages/extension/src/ui/action/icons/tabs/assets.vue (3)

2-36: Improved icon state management with conditional rendering

The implementation of conditional SVG rendering based on the isActive prop is a good approach that enhances UI interactivity.

The code cleanly separates the active and inactive states while maintaining the visual consistency of the icons.

---

39-46: Well-defined props with TypeScript

The prop definition uses TypeScript to specify the type and provides a default value, which improves robustness.

---

48-51: Updated CSS selector

The CSS selector has been updated from targeting SVG directly to targeting the parent div, which is appropriate given the new component structure.

packages/extension/src/providers/ethereum/ui/styles/common-popup.less (1)

7-9: Improved heading word-break handling to prevent awkward text wrapping

This change prevents words in h2 elements from breaking at arbitrary points by setting word-break: normal !important. This override corrects the existing word-break: break-all defined at line 64, resulting in more readable headings in the popup component.

packages/extension/src/ui/action/views/settings/components/settings-switch.vue (4)

2-5: Improved component flexibility with conditional styling

The component now conditionally applies a border class based on the new hasBorder prop, making the component more reusable across different UI contexts.

---

29-34: LGTM: New prop enhances component customizability

The hasBorder prop with a default value of true maintains backward compatibility with existing usages while adding flexibility for new implementations.

---

44-44: CSS restructuring to support conditional border styling

This change removes the bottom margin from the base style and moves it to the conditional border style.

---

62-66: LGTM: Border styling moved to conditional class

The border, padding, and margin properties are now properly encapsulated in the conditional class.

packages/extension/src/types/provider.ts (1)

56-56: Added backup state namespace for storage

Adding backupState to the InternalStorageNamespace enum supports the new backup functionality being introduced in this release.

packages/extension/src/ui/onboard/restore-wallet/type-password.vue (3)

30-30: Added unref for proper reactive value handling

The import of unref from Vue is a good addition that enables proper handling of reactive values when passing them to functions.

---

45-61: Enhanced wallet initialization with backup detection and improved error handling

This change improves the wallet restoration flow by:

1. Using unref to safely pass reactive values
2. Adding logic to detect existing backups and route accordingly
3. Implementing proper error handling with logging

This is an important enhancement that supports the new backup functionality.

---

65-65: Improved reactive value handling in computed property

Using unref in the computed property ensures proper comparison when checking if passwords match.

packages/extension/src/providers/ethereum/types/erc20-token.ts (3)

24-25: Good improvement for case-insensitive address handling.

Converting Ethereum addresses to lowercase before passing them to API methods ensures consistent handling of addresses regardless of their original case format.

---

27-30: Consistent address case handling improves compatibility.

Converting the contract address to lowercase when creating a new contract instance ensures compatibility with different EVM implementations that might handle address case differently.

---

32-32: Address case normalization improves reliability.

Converting the address to lowercase before calling balanceOf ensures consistency with the previous changes and prevents potential issues with contract interactions.

packages/utils/src/index.ts (2)

14-21: Appropriate addition of cryptographic utilities.

The inclusion of the NACL encryption/decryption utilities and random name generation function appears to be related to the new backup functionality mentioned in the PR summary. These are solid additions that will be useful for secure data handling.

---

53-58: Proper exports of the new utility functions.

Correctly exporting all the new functions and constants to make them available throughout the application.

packages/extension/src/ui/action/views/import-account/views/import-account-password.vue (2)

40-40: Appropriate library update for Ethereum wallet handling.

Updated import to use the modern @ethereumjs/wallet package instead of the deprecated ethereumjs-wallet. This is a good practice to keep dependencies current.

---

116-116: Simplified address retrieval method.

Using the getAddressString() method directly is more concise and less error-prone than converting from buffer to hex string manually.

packages/swap/package.json (3)

27-29: Solana dependencies update.

Updated Solana packages to newer versions, which should provide better compatibility and potentially fix security issues.

---

34-36: API and utility library updates.

Updating rango-sdk-basic and uuid to newer versions ensures the application has access to the latest features and security fixes from these dependencies.

---

42-57: Development dependencies update.

Comprehensive update of development tooling to their latest versions improves the development experience and ensures compatibility with other tools in the ecosystem.

packages/extension/src/ui/action/views/import-account/views/import-account-private-key.vue (2)

96-96: Updated method to get wallet address.

The method to get the wallet address has been changed from wallet.getAddress().toString('hex') to wallet.getAddressString(), which is more direct and aligns with the new API.

---

39-39:

✅ Verification successful

Updated Ethereum wallet library dependency.

The import statement has been updated from the deprecated ethereumjs-wallet to the newer @ethereumjs/wallet package, with a change from default import to named import.

---

🏁 Script executed:

#!/bin/bash
# Check if the package is consistently used throughout the codebase

# Look for any remaining references to the old package
rg "ethereumjs-wallet" --type ts --type vue

Length of output: 71

---

Revised Ethereum Wallet Dependency Update Verification
The import statement in packages/extension/src/ui/action/views/import-account/views/import-account-private-key.vue has been correctly updated to use a named import from @ethereumjs/wallet. Note that the initial ripgrep command failed to recognize Vue file types. Please re-run the above script (or verify manually) to ensure there are no remaining references to the deprecated ethereumjs-wallet package in both TypeScript and Vue files.

---

🏁 Script executed:

#!/bin/bash
# Re-run the search for any lingering references to the old dependency
# First, add support for Vue files if not already registered, then search in .ts and .vue files.
rg --type-add "vue:*.vue" && rg "ethereumjs-wallet" --type ts --type vue

Length of output: 424

---

Ethereum Wallet Dependency Update Verification

The import in
packages/extension/src/ui/action/views/import-account/views/import-account-private-key.vue
has been correctly updated to use a named import from the @ethereumjs/wallet package instead of the deprecated default import from ethereumjs-wallet.

• Ensure there are no accidental references to the old package elsewhere in the codebase.
• Run the above command manually to verify that no occurrences of "ethereumjs-wallet" remain in TypeScript or Vue files.

---

🏁 Script executed:

#!/bin/bash
# Re-run the search for any lingering references to the old dependency with proper command syntax.
# This command defines the "vue" file type and then searches for the pattern "ethereumjs-wallet" in both TypeScript and Vue files.
rg --type-add "vue:*.vue" "ethereumjs-wallet" --type ts --type vue .

Length of output: 68

---

Ethereum Wallet Dependency Update Verified

The updated code in
packages/extension/src/ui/action/views/import-account/views/import-account-private-key.vue
now imports the Wallet as a named import from @ethereumjs/wallet—confirming that the deprecated ethereumjs-wallet package is no longer referenced in the codebase. Running the revised search command (with proper Vue file type support) produced no matches, indicating that no lingering references to the old package remain.

packages/hw-wallets/package.json (2)

55-66:

❓ Verification inconclusive

Updated hardware wallet dependencies versions.

The package includes updates to several Ledger, Trezor, and Polkadot dependencies. Note that @polkadot/types has been updated from 14.x to 15.x, which is a major version change that could introduce breaking changes to type definitions.

---

🏁 Script executed:

#!/bin/bash
# Check for potential breaking changes with Polkadot types

# Look for files that import and use polkadot types
rg -l "@polkadot/types" --type ts

Length of output: 1068

---

Updated Hardware Wallet Dependencies – Verify @polkadot/types Impact on Multiple Imports

The dependency versions have been updated as noted, and our verification confirms that @polkadot/types is imported in several modules (e.g., multiple files under packages/extension/src/providers/polkadot and in packages/hw-wallets). Given that the update moves from 14.x to 15.x, please ensure that any breaking changes in type definitions are properly addressed and covered by tests.

• Revisit all modules importing @polkadot/types (see files like packages/extension/src/providers/polkadot/ui/types/index.ts, etc.).
• Confirm that any necessary adjustments for type changes have been implemented.
• Verify through unit/integration tests that no regressions have been introduced.

---

25-40:

❓ Verification inconclusive

Updated devDependencies versions.

The package includes multiple version updates for development dependencies. Note that vitest has been updated from version 2.x to 3.x, which is a major version change that could introduce breaking changes.

---

🏁 Script executed:

#!/bin/bash
# Check if vitest configuration or tests need updates due to major version change

# Look for vitest config files
fd "vitest.config" --type file

# Check test files that might use vitest-specific APIs
rg -l "vitest" --type ts

Length of output: 2193

---

Vitest Major Version Update – Verify Compatibility

The development dependencies have been updated, including a major bump for Vitest from version 2.x to 3.x. Our search confirms that Vitest configurations (e.g., vitest.config.mts files) and numerous test files across multiple packages (such as in packages/hw-wallets, packages/keyring, etc.) rely on Vitest. Given the major version change, please verify that all Vitest configurations and tests are compatible with version 3.x, and update any configurations or test code if breaking changes are observed.

• Check and update Vitest config files: Ensure files like packages/hw-wallets/vitest.config.mts (and similar ones in other packages) are compatible.
• Review test files: Confirm that tests referencing Vitest APIs work as expected under the new version.

packages/extension/src/ui/action/components/network-menu/index.vue (6)

6-8: Enhanced router link with exact active class and active state indication.

Added exact-active-class and passed down is-active prop to the Assets component to improve visual feedback for the active navigation state.

---

15-17: Enhanced router link with exact active class and active state indication.

Added exact-active-class and passed down is-active prop to the Activity component to improve visual feedback for the active navigation state.

---

22-24: Enhanced router link with exact active class and active state indication.

Added exact-active-class and passed down is-active prop to the NFTs component to improve visual feedback for the active navigation state.

---

32-34: Enhanced router link with exact active class and active state indication.

Added exact-active-class and passed down is-active prop to the DApps component to improve visual feedback for the active navigation state.

---

48-48: Added route tracking for active state determination.

Imported useRoute hook and created a route constant to determine the active state of navigation links.

Also applies to: 61-61

---

95-95: Updated link styling for improved visual feedback.

Modified the opacity values for links and added hover styles to better indicate active state:

1. Default opacity changed from 0.6 to 1
2. Hover opacity set to 0.6 with !important
3. Added special hover handling for active links to maintain full opacity

This creates a more intuitive visual hierarchy for navigation.

Also applies to: 103-110

packages/extension/src/ui/action/App.vue (3)

636-651: Enhanced network display logic to always include current network.

Modified the displayNetworks computed property to ensure that the current network is always displayed in the appropriate category, even if not explicitly included in that category's list. This improves user experience by maintaining context about the current network.

---

195-195:

✅ Verification successful

Added BackupState for account backup management.

Imported and instantiated the BackupState class to manage user account backups.

Also applies to: 201-201

---

🏁 Script executed:

#!/bin/bash
# Check BackupState implementation and usage
rg -A 10 "class BackupState" --type ts

Length of output: 845

---

BackupState integration for account backup management verified

• The search confirmed that the BackupState class is implemented in packages/extension/src/libs/backup-state/index.ts with the expected methods and instantiation.
• The import in packages/extension/src/ui/action/App.vue (lines 195 and 201) correctly references the implemented class.

---

411-411:

❓ Verification inconclusive

Added automatic backup during initialization.

Added call to backupState.backup(true) with error handling in the init function. This ensures that user data is backed up when the application initializes.

Does this backup require user consent? Check if there's appropriate user notification or consent mechanism for backup operations.

---

🏁 Script executed:

#!/bin/bash
# Check if backup requires user consent
rg -A 10 -B 10 "user consent|confirm backup|backup confirmation" --type ts --type vue

Length of output: 115

---

Action Required: Confirm User Consent for Automatic Backup

The initialization now auto-triggers a backup via backupState.backup(true).catch(console.error);. However, after refining our repository search to look for terms like "user consent", "confirm backup", or "backup confirmation" in both .vue and .ts files, no matching indicators were found. This suggests that there is currently no explicit user notification or consent mechanism linked to this backup operation.

• File Reviewed: packages/extension/src/ui/action/App.vue (line 411)
• Finding: No evidence of a consent mechanism in the codebase.
• Recommendation: Please verify if the auto-backup behavior is intentional. If backup operations should have user consent or notifications, consider adding the appropriate UI prompts or documenting the design decision.

packages/extension/src/ui/action/icons/tabs/dapps.vue (3)

2-36: Good implementation of conditional rendering for active/inactive states

The introduction of conditional SVG rendering based on the isActive prop is a well-structured approach. This pattern allows for visual distinction between active and inactive tab states, enhancing user experience through clear visual feedback.

The implementation follows best practices by:

1. Using a wrapper div for consistent styling
2. Using v-if/v-else for conditionally rendering the appropriate SVG
3. Applying different opacity values (0.9 vs 0.6) to create visual hierarchy

---

39-46: Well-defined TypeScript prop with appropriate defaults

The script setup block properly defines the isActive prop with TypeScript typing and a sensible default value. This follows Vue 3 composition API best practices and ensures type safety.

---

48-51: Appropriate CSS selector update

Updating the CSS selector to target the wrapper div instead of the SVG directly is consistent with the structural changes in the template. This ensures proper styling application regardless of which SVG is rendered.

packages/extension/src/ui/action/icons/tabs/nfts.vue (3)

2-42: Good implementation of NFT icon state management

The conditional rendering approach using v-if/v-else for the active/inactive states is well-implemented. The active state uses a more detailed SVG with a clipping path, providing better visual distinction from the inactive state.

The visual differentiation between states (opacity 0.9 vs 0.6) is consistent with the pattern established in other tab icons, maintaining UI consistency throughout the application.

---

45-52: Well-structured props definition

The script setup implementation with TypeScript typing for the isActive prop follows Vue 3 best practices and ensures proper component API definition.

---

54-57: Consistent styling approach

The CSS selector update mirrors the changes in other tab icons, maintaining consistency across the component library.

packages/extension/src/providers/common/ui/send-transaction/send-contacts-list.vue (1)

42-43: Refactored address checking for cleaner template

The template has been simplified by replacing duplicate inline address checking logic with calls to the isChecked method. This improves readability and maintainability.

Also applies to: 54-55, 72-73

packages/swap/src/providers/jupiter/index.ts (4)

23-23: New constant import looks good.
The addition of TOKEN_2022_PROGRAM_ID can help support specific SPL token program logic.

---

321-324: Validate error handling for token program retrieval.
The new logic fetches the token program ID (srcTokenProgramId) and checks if it matches the 2022 program. Ensure upstream calls to getTokenProgramOfMint handle failures or unexpected returns gracefully.

---

330-330: Conditional referrer ATA assignment.
Setting referrerATAPubkey to undefined when dealing with 2022 tokens appears consistent with the new program-specific logic. Double-check that skipping referrer accounts for 2022 mints won't cause unexpected fees or rejections by Jupiter.

---

351-351: Skip referral ATA creation for 2022 tokens.
This branch properly excludes the creation of a referral ATA for tokens under the 2022 program. The new checks seem coherent with earlier logic, preventing unnecessary instructions.

packages/extension/src/libs/keyring/public-keyring.ts (1)

26-26: Addition of the isTestWallet flag.
Marking these test accounts consistently helps distinguish them from production wallets. This is a clean and straightforward way to isolate testing logic.

Also applies to: 37-37, 48-48, 59-59, 70-70, 84-84, 95-95, 106-106

packages/extension/src/ui/action/views/settings/index.vue (6)

16-16: New event for backups flow.
Adding @open:backups="backupsAction" integrates the backups view trigger in the general settings component.

---

42-47: New <settings-backups> component in settings view.
The conditional rendering seamlessly extends settings to include backup management.

---

60-60: Importing the backups component.
Straightforward import; no issues noted.

---

68-68: Introduce isBackups reactive state.
Designating a dedicated state variable for backups clarifies the UI flow.

---

84-84: Resetting backups state.
Including isBackups.value = false in setAllToFalse ensures proper cleanup of the backups view when switching screens.

---

117-120: New backupsAction method.
This method correctly resets all states and opens the backups view. Good modular approach for toggling UI sections.

packages/extension/src/ui/action/icons/tabs/activity.vue (2)

2-36: Conditional SVG rendering.
Using v-if="isActive" to switch between two SVGs is effective for toggling icon states. The new paths and fill-opacity values appear to align with your active/inactive design.

---

38-45: New isActive prop.
Defining isActive with a default of false allows consistent icon state handling across different tabs. This is a neat addition for dynamic UI changes.

packages/extension/src/providers/ethereum/libs/assets-handlers/solanachain.ts (1)

12-19: Efficiently merging token accounts from both programs.
Combining results from TOKEN_PROGRAM_ID and TOKEN_2022_PROGRAM_ID via Promise.all is a good approach for parallel retrieval. This looks correct and aligns well with the extended token support.

packages/extension/src/ui/onboard/App.vue (4)

5-5: Good refactoring to use Composition API.

You've updated the back button click handler to use the router from the useRouter() Composition API hook instead of the global $router property. This is a better practice as it makes dependencies explicit.

---

34-34: Consistent use of Router Composition API.

Good update to use the Vue Router Composition API by importing useRouter and creating a local router reference.

Also applies to: 37-37

---

46-47: Added support for new backup-detected route.

The conditional logic has been properly updated to handle the new 'restore-wallet-backup-detected' route in both navigation and styling.

Also applies to: 55-56

---

74-74: Improved layout with better scrolling and sizing.

The addition of overflow-y: auto to the body allows for vertical scrolling when needed, and setting a minimum height ensures the container maintains proper dimensions regardless of content size.

Also applies to: 107-107

packages/extension/src/ui/action/components/switch/index.vue (1)

14-16: Enhanced props definition with explicit variable.

Storing the defineProps result in a constant makes the code more explicit and follows Vue 3 Composition API best practices.

packages/keyring/package.json (1)

32-32:

❓ Verification inconclusive

Version updates for dependencies.

The dependency versions have been updated to newer releases, which is good for keeping the project up-to-date with security patches and improvements.

Also applies to: 37-37, 40-40, 46-46, 49-52

---

🏁 Script executed:

#!/bin/bash
# Check for any potential compatibility issues or vulnerabilities in updated dependencies

# Check if there are known vulnerabilities for @polkadot/util 13.3.1
echo "Checking for vulnerabilities in @polkadot/[email protected]"
npm audit --json @polkadot/[email protected] | grep -i vulnerabilities || echo "No vulnerabilities found"

# Check ESLint and TypeScript compatibility
echo "Checking compatibility between ESLint 9.20.0 and TypeScript 5.7.3"
npm info [email protected] peerDependencies
npm info [email protected] peerDependencies

Length of output: 833

---

Dependency Updates Verified with a Minor Caveat

The dependency updates in packages/keyring/package.json (lines 32, 37, 40, 46, and 49–52) have been reviewed. The updated version of @polkadot/util (^13.3.1) appears appropriate for keeping the project secure and up-to-date, and the peer dependency checks for ESLint 9.20.0 and TypeScript 5.7.3 show no compatibility issues. Note that the npm audit command reported an error (ENOLOCK) due to the absence of a package-lock file; this limits the audit’s effectiveness. Please ensure that a package-lock (or shrinkwrap) file is maintained for complete vulnerability auditing.

packages/extension/src/ui/action/views/settings/views/settings-backups/index.vue (1)

1-106: Well-structured backup settings UI with clear user guidance.

The UI provides a clear explanation of the backup feature and presents a good interface for managing backups with appropriate loading states and empty states.

packages/utils/package.json (2)

27-27: Updated @polkadot/util-crypto dependency to latest minor version.

This update from ^13.2.3 to ^13.3.1 aligns with the same update in other packages, ensuring consistent dependency versions across the project.

---

33-49:

✅ Verification successful

Dev dependencies updated to latest versions for the v2.4.0 release.

All development dependencies have been appropriately updated to their latest versions, which is a good practice for a version release. The addition of tweetnacl-util is noteworthy as it's likely related to the new backup management functionality mentioned in the PR summary.

---

🏁 Script executed:

#!/bin/bash
# Check if the added tweetnacl-util package has any known vulnerabilities

npm audit [email protected] --json || echo "No vulnerabilities found"

Length of output: 698

---

Dependency Updates Approved for v2.4.0 Release

• All development dependencies in packages/utils/package.json have been updated to the latest versions.
• The addition of tweetnacl-util (v0.15.1) fits the new backup management functionality introduced in this release.
• A vulnerability check using npm audit (despite a lockfile warning) ultimately reported "No vulnerabilities found". For more thorough future audits, consider generating a lockfile with npm i --package-lock-only.

packages/signers/polkadot/package.json (2)

25-28: Updated Polkadot-related dependencies to their latest versions.

The updates to @commitlint/cli, @polkadot/util, and @polkadot/util-crypto ensure the project is using the latest stable versions of these dependencies, which is appropriate for a version release.

---

34-49: Dev dependencies consistently updated across packages.

The development dependencies have been updated consistently with the same versions as in the utils package, maintaining version consistency across the project.

packages/swap/src/providers/zerox/index.ts (4)

73-73: Updated 0x API endpoint to use v2.

The BASE_URL has been updated to point to the new v2 endpoint. This is a necessary change to adapt to the updated API.

---

157-157: Updated parameter name from takerAddress to taker.

This change aligns with the updated API requirements, where the parameter is now expected to be named taker instead of takerAddress.

---

168-169: Updated API URL structure to use the new allowance-holder endpoint.

The URL structure has been modified to use the new /swap/allowance-holder/quote endpoint with the chainId as a query parameter instead of a path parameter. This change is necessary to accommodate the updated API structure.

---

193-195:

✅ Verification successful

Updated response handling to access transaction properties from the transaction object.

The code now accesses to, value, and data properties from response.transaction instead of directly from response, adjusting to the new API response structure.

---

🏁 Script executed:

#!/bin/bash
# Check if ZeroXResponseType has been updated to match this new structure

grep -r "transaction" --include="*.ts" packages/swap/src/providers/zerox/types.ts

Length of output: 160

---

Approved: Transaction property handling verified against updated types

The update correctly accesses the to, value, and data properties from response.transaction as evidenced by the type definition in packages/swap/src/providers/zerox/types.ts where transaction: ZeroXResponseTransactionType; is defined. This change aligns with the new API response structure.

packages/extension/src/ui/action/views/network-activity/components/network-activity-total.vue (5)

2-5: Added error handling for prolonged loading states.

The conditional rendering now includes a check for the assumedError flag, which is used to determine whether to show the loading state or an error message after a timeout.

---

9-13: Added user-friendly error message for failed loading states.

This new template section provides clear feedback to users when balance loading fails, improving user experience by not leaving them waiting indefinitely.

---

27-27: Added necessary Vue composition API imports.

The imports of onBeforeMount, ref, and watchEffect are required for the new error handling functionality.

---

48-67: Implemented timer-based error detection for loading state.

This implementation:

1. Sets a timer when cryptoAmount is '~' (loading)
2. Marks as error if loading takes more than 30 seconds
3. Properly cleans up timers to prevent memory leaks

This is a good practice for handling loading states that might fail silently, improving user experience.

---

74-82: Added styling for the error state.

The CSS styles for the error state use the existing theme's error color, maintaining visual consistency while clearly indicating the error condition to users.

packages/extension/src/libs/utils/initialize-wallet.ts (3)

11-25: Good addition of filtering out test wallets!

The consistent approach to filter out test wallets across all network types is a good practice.

---

67-91: Enhanced wallet initialization with backup management

Good implementation of backup discovery during wallet initialization. The code properly:

1. Creates a BackupState instance
2. Handles errors gracefully with try-catch
3. Locks the keyring after operation
4. Returns appropriate backup status

This is a good security practice to ensure the keyring is locked even in case of errors.

---

65-65:

❓ Verification inconclusive

API change: Return type updated

The function now returns { backupsFound: boolean } instead of void. Make sure all calling code has been updated to handle this new return value.

---

🏁 Script executed:

#!/bin/bash
# Search for all usages of onboardInitializeWallets to ensure they handle the new return type
rg "onboardInitializeWallets\(" --type ts

Length of output: 43

---

Action: Verify Calling Code for onboardInitializeWallets Usage

The updated API now returns { backupsFound: boolean } instead of void. However, our search for usages of onboardInitializeWallets( didn’t return any results. This may indicate that either the function isn’t being called anywhere or that the search pattern missed some references. Please verify manually (or with an alternative search strategy) that all call sites have been updated to handle the new return type.

packages/extension/src/ui/action/views/network-assets/index.vue (5)

18-21: Good addition of error handling UI component

The network-assets-error component provides users with feedback when asset fetching fails and gives them a way to retry.

---

58-58: Improved type assertion

The parentheses around the type assertion (props.network as EvmNetwork) improve code clarity and prevent potential operator precedence issues.

---

72-72: Import of NetworkAssetsError component

This import correctly aligns with the newly added error-handling component in the template.

---

104-104: Good addition of error state tracking

The isFetchError reactive reference properly tracks the fetch error state to conditionally render the error component.

---

113-131: Improved error handling in updateAssets

The function now properly handles errors in the asset fetching process:

1. Resets error state at the beginning
2. Catches and logs errors
3. Checks if the network has changed before updating state
4. Updates UI state appropriately

This is a significant improvement to the user experience when network connectivity issues occur.

packages/extension/vite.config.ts (1)

73-73:

❓ Verification inconclusive

Added OS module polyfill

Including the 'os' module in node polyfills indicates new OS-related functionality. Ensure all OS-specific code has appropriate fallbacks for browser environments.

---

🏁 Script executed:

#!/bin/bash
# Look for usage of OS module in the codebase
rg "require\(['\"]os['\"]\)" --type ts
rg "from ['\"]os['\"]\)" --type ts

Length of output: 85

---

OS Module Polyfill Usage – Verify Fallbacks for Browser Environments

The OS module polyfill was added in the Vite config (line 73), but our automated search for explicit usage of the OS module (via both require('os') and ESM import patterns) produced no matches. This might mean that no OS-specific functionality is currently in use, or that its usage is indirect. Please double-check the following:

• Confirm if any part of the codebase later on relies on OS-specific functionality that requires a browser-friendly fallback.
• If your intent was to preemptively polyfill potential OS calls, ensure that any such code paths are guarded or provide adequate fallbacks when running in non-node environments.

Since the current inquiry did not yield direct evidence of OS module usage, manual review or targeted testing may be needed.

packages/extension/src/libs/backup-state/types.ts (4)

3-5: Good use of enum for storage keys

Using an enum for storage keys is a good practice for maintainability and type safety.

---

7-11: Clean interface definition for backup state

The IState interface clearly defines the structure for the backup state with appropriate types for each property.

---

13-34: Well-structured type definitions for backup functionality

The type definitions provide a clear structure for backup-related operations:

1. ListBackupType defines the list response structure
2. BackupType extends it with payload data
3. BackupResponseType encapsulates the API response format
4. BackupAccountType appropriately omits sensitive fields from account data
5. BackupData combines accounts with a UUID for backup identification

This approach ensures type safety and makes API interactions more predictable.

---

26-29: Security consideration: Sensitive data exclusion

Good use of Omit to exclude sensitive account data (address, publicKey, isHardware, HWOptions) from backup accounts.

packages/request/package.json (1)

30-30:

❓ Verification inconclusive

Check the impact of each dependency upgrade.

Thanks for keeping the dependencies up-to-date. However, ensure that each upgraded version doesn’t introduce breaking changes or security issues. Consider verifying the changelogs/release notes, and run compatibility checks or tests to confirm everything works as expected.

Also applies to: 34-34, 37-37, 43-43, 46-49

---

🏁 Script executed:

#!/bin/bash
# Description: Quickly scan for potential issues or breaking changes in your updated dependencies.

# 1. List newly-updated dependencies:
echo "Upgraded: uuid, @types/node, eslint, prettier, tsup, typescript, typescript-eslint, vitest"

# 2. Check installed versions
npm list uuid @types/node eslint prettier tsup typescript typescript-eslint vitest

# 3. (Optional) Prompt manual review of each package changelog online
echo "Review each package’s changelog or GitHub releases for potential breaking changes."

Length of output: 478

---

Dependency Upgrade Impact Verification

Thanks for updating the dependencies. The upgrade of "uuid": "^11.0.5" (along with others updated on lines 34, 37, 43, and 46–49) appears to be correctly applied. However, please ensure you manually review the changelogs and release notes for the following packages to confirm that none introduce breaking changes or security issues:

• uuid
• @types/node
• eslint
• prettier
• tsup
• typescript
• typescript-eslint
• vitest

Also, make sure to run your compatibility tests to verify that the upgrades integrate seamlessly with the existing functionality.

packages/utils/src/nacl-encrypt-decrypt.ts (4)

1-10: Imports and module constants look good.

Importing the correct utilities from tweetnacl and tweetnacl-util is a standard practice. The NACL_VERSION constant is clearly declared and helps maintain consistency for supported encryption versions.

---

13-24: Utility functions simplify serialization/deserialization.

Both naclDecodeHex, encryptedDataStringToJson, and JsonToEncryptedDataString are straightforward and enhance readability by separating concerns for encoding/decoding. Ensure you handle empty or invalid input strings to avoid runtime errors.

---

61-111: naclEncrypt is well-structured.

Good job enforcing that data must be a string. The ephemeral key generation and base64 encoding flow is consistent with NaCl usage. Ensure that upstream handles or logs the error when the public key is invalid to help debug more easily.

---

113-119: Exports are clean and straightforward.

All utility functions and constants are properly exported for external usage. This organization promotes clear, modular design.

packages/extension/src/libs/backup-state/index.ts (4)

53-67: getMainWallet logic is straightforward.

Filtering by walletType === mnemonic && pathIndex === 0 is a valid approach. However, ensure that if multiple mnemonic-based wallets exist, the user or system is aware only the first is used as the “main” wallet. This might need an additional check if multi-seed usage is expected.

---

320-336: setState / getState handle fallback initialization.

Automatically generating a new user ID and enabling backups by default is convenient. This ensures a minimal valid state is present, though you might want to clarify in documentation that backups start enabled by default for new users.

---

338-346: getLastUpdatedTime and getUserId are straightforward.

These simple getters boost code clarity. The usage of Date for last update is appropriate. No issues spotted here.

---

348-359: Methods to enable/disable backups help keep state consistent.

Toggling enabled is well-implemented. Just be mindful that external code which checks isBackupEnabled might need to keep track of changes (e.g., re-running backup flows if toggled on).

packages/extension/package.json (3)

3-3: Version Update Confirmed:
The "version" field has been updated to "2.4.0", which aligns with the release objectives for v2.4.0. Please ensure that supporting artifacts (changelog, release notes, tags, etc.) are updated accordingly.

---

26-89: Dependencies Updated – Confirm Compatibility:
A large number of dependencies in the "dependencies" section have been updated to their newer versions. Notable changes include:

• @amplitude/analytics-browser now at ^2.11.11
• @ethereumjs/wallet updated to ^2.0.4
• @kadena/client and @kadena/pactjs-cli bumped to ^1.16.0
• @metamask/eth-sig-util updated to ^8.2.0
• @metaplex-foundation/mpl-bubblegum at ^4.3.1 and @metaplex-foundation/umi moved to ^1.0.0 (note the major version change)
• Several updates in the Polkadot suite (@polkadot/api, @polkadot/extension-inject, etc.)
• Updates to various Solana packages, and minor bumps for libraries like bitcoinjs-lib, concurrently, echarts, jdenticon, pinia, uuid, vue, and vue-router.

Please verify that these updated versions are fully compatible with the rest of the codebase and do not introduce breaking changes—especially for packages with major version changes (e.g., @metaplex-foundation/umi).

---

92-140: DevDependencies Updates – Validate Toolchain Stability:
The "devDependencies" section has undergone significant updates:

• Plugins for Vite and Rollup (e.g., @crxjs/vite-plugin, @rollup/plugin-commonjs, @rollup/plugin-node-resolve, etc.) have been bumped to newer versions.
• Type definitions (such as @types/chrome, @types/less, @types/lodash, and @types/node) have been updated to more recent versions.
• Key tooling like eslint, prettier, typescript, and Vite itself have been updated to ensure compatibility with the latest language and framework features.

Make sure that these updates do not break existing build, lint, and test workflows. It is recommended to run a full CI build and test cycle to catch any potential issues arising from these updated tools.