Conversation
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
github-actions
bot
added
size-S
risk-medium
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
adonesky1
force-pushed
the
fix/WAPI-1380-useOriginSource-v2-detection
branch
from
db1a3c9 to
0bf5c12
Compare
github-actions
bot
added
size-M
risk-medium
…ions store The useOriginSource hook had a dead-code check for the MMSDKCONNECTV2:: prefix, which is stripped by RPCMethodMiddleware before it ever reaches the permission system. V2 connections use a bare UUID as their origin, so the hook was falling through to return 'in-app browser' instead of 'sdk_connect_v2'. Look up the origin UUID in the v2Connections Redux store (already populated by HostApplicationAdapter.syncConnectionList) to correctly identify V2/MWP connections. This fixes the source property on all CONNECT_REQUEST_* analytics events for V2 connections. Also refactors the hook for clarity: removes the dead MMSDKCONNECTV2:: prefix check, adds JSDoc explaining the origin format per connection type and the priority order, and annotates non-obvious checks (e.g. WalletConnect's global-state heuristic). Fixes: https://consensyssoftware.atlassian.net/browse/WAPI-1380
adonesky1
force-pushed
the
fix/WAPI-1380-useOriginSource-v2-detection
branch
from
0bf5c12 to
97d225f
Compare
github-actions
bot
added
risk-medium
…Connect tests
v2Connections may be undefined on app upgrade (persisted sdk state
predates the field, no migration). Use optional chaining in the
lookup. Also add v2Connections: {} to all 7 partial sdk mock states
in AccountConnect.test.tsx so the test store matches the real
reducer shape.
github-actions
bot
added
risk-medium
| // wc2Metadata is a single Redux slot holding the *most recent* WC proposal | ||
| // metadata (set on session_proposal, cleared after approval/rejection). | ||
| // It is not keyed by origin — we rely on the WC proposal flow being | ||
| // serialized (via proposalLock in WalletConnectV2) so that during the | ||
| // approval window, a non-empty id implies *this* origin is from WC. |
There was a problem hiding this comment.
Created a ticket to improve this here: https://consensyssoftware.atlassian.net/browse/WAPI-1383
github-actions
bot
added
risk-medium
🔍 Smart E2E Test Selection
click to see 🤖 AI reasoning detailsE2E Test Selection: Key change: SDK v2 detection now uses The hook is consumed by:
The changes are analytics-only (source type classification), not affecting core connection logic. However, since the hook is embedded in the dApp connection and permission approval flows, tests covering those flows should be run:
Per tag dependency rules: SmokeMultiChainAPI requires SmokeNetworkAbstractions and SmokeNetworkExpansion (already selected). The changes are unit-test and test-fixture updates alongside the logic fix — no new UI components, no rendering changes, no data loading changes. Performance Test Selection: |
|
✅ E2E Fixture Validation — Schema is up to date |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #28290 +/- ##
==========================================
+ Coverage 82.66% 82.86% +0.19%
==========================================
Files 4866 4873 +7
Lines 126134 126408 +274
Branches 28268 28336 +68
==========================================
+ Hits 104273 104751 +478
+ Misses 14660 14454 -206
- Partials 7201 7203 +2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
weitingsun
added
release-7.74.0
5 participants
Summary
useOriginSourcemisclassified all SDKConnectV2 (MWP) connections asin-app browser, causing thesourceproperty onCONNECT_REQUEST_STARTED,CONNECT_REQUEST_COMPLETED, andCONNECT_REQUEST_CANCELLEDanalytics events to be incorrect for V2 connections.MMSDKCONNECTV2::prefix was dead code — the prefix is stripped byRPCMethodMiddlewarebefore it reaches the permission system. V2 connections arrive with a bare UUID as their origin.v2ConnectionsRedux store (already populated byHostApplicationAdapter.syncConnectionList) to correctly identify V2/MWP connections and returnSourceType.SDK_CONNECT_V2.Root cause
The
RPCBridgeAdapterconstructsmiddlewareHostname = MMSDKCONNECTV2::<connId>, but:RPCMethodMiddleware.tsimmediately strips the prefix (hostname.replace(SDK_CONNECT_V2_ORIGIN, ''))wallet_createSession),BackgroundBridge.channelIdOrOriginreturns the barechannelId(UUID) whenisMMSDK=truePermissionControllerapproval request therefore carries a bare UUID asmetadata.originuseOriginSourcecouldn't match this UUID to V2 — it only checked the V1SDKConnectstoreCHANGELOG entry:
nullTest plan
CONNECT_REQUEST_STARTEDevent hassource: 'sdk_connect_v2'instead ofsource: 'in-app browser'source: 'sdk')source: 'walletconnect')source: 'in-app browser')Related
Note
Medium Risk
Changes the source-classification logic used for connection-request analytics by introducing a new SDK v2 detection path and reordering precedence, which could shift event attribution if the v2Connections store is incomplete or stale.
Overview
Fixes
useOriginSourceto correctly detect SDK Connect v2 (MWP) permission origins by treating a bare UUID as v2 when it exists in the Reduxsdk.v2Connectionsmap (instead of relying on a removed/stripped v2 prefix).Refactors the hook to use an explicit priority order (v2 → v1 → WalletConnect → in-app browser) and adds unit coverage for v2 detection (including the case where the same UUID exists in both v1 and v2, with v2 winning). Tests that build mock Redux
sdkstate were updated to include an emptyv2Connectionsfield.Written by Cursor Bugbot for commit 5a7473e. This will update automatically on new commits. Configure here.