release: 7.73.0 by metamaskbot · Pull Request #28355 · MetaMask/metamask-mobile

metamaskbot · 2026-04-02T19:10:27Z

🚀 v7.73.0 Testing & Release Quality Process

Hi Team,
As part of our new MetaMask Release Quality Process, here’s a quick overview of the key processes, testing strategies, and milestones to ensure a smooth and high-quality deployment.

📋 Key Processes

Testing Strategy

Developer Teams:
Conduct regression and exploratory testing for your functional areas, including automated and manual tests for critical workflows.
QA Team:
Focus on exploratory testing across the wallet, prioritize high-impact areas, and triage any Sentry errors found during testing.
Customer Success Team:
Validate new functionalities and provide feedback to support release monitoring.

GitHub Signoff

Each team must sign off on the Release Candidate (RC) via GitHub by the end of the validation timeline (Tuesday EOD PT).
Ensure all tests outlined in the Testing Plan are executed, and any identified issues are addressed.

Issue Resolution

Resolve all Release Blockers (Sev0 and Sev1) by Tuesday EOD PT.
For unresolved blockers, PRs may be reverted, or feature flags disabled to maintain release quality and timelines.

Cherry-Picking Criteria

Only critical fixes meeting outlined criteria will be cherry-picked.
Developers must ensure these fixes are thoroughly reviewed, tested, and merged by Tuesday EOD PT.

🗓️ Timeline and Milestones

Today (Friday): Begin Release Candidate validation.
Tuesday EOD PT: Finalize RC with all fixes and cherry-picks.
Wednesday: Buffer day for final checks.
Thursday: Submit release to app stores and begin rollout to 1% of users.
Monday: Scale deployment to 10%.
Tuesday: Full rollout to 100%.

✅ Signoff Checklist

Each team is responsible for signing off via GitHub. Use the checkbox below to track signoff completion:

Team sign-off checklist

This process is a major step forward in ensuring release stability and quality. Let’s stay aligned and make this release a success! 🚀

Feel free to reach out if you have questions or need clarification.

Many thanks in advance

Reference

Testing plan sheet - https://docs.google.com/spreadsheets/d/1tsoodlAlyvEUpkkcNcbZ4PM9HuC9cEM80RZeoVv5OCQ/edit?gid=404070372#gid=404070372

## **Description** Enforces the previously defined `LIMIT_SESSIONS` limit for WCv2 connections. When this limit (20 connections) is exceeded, the oldest connection is dropped. ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/WAPI-1356 ## **Manual testing steps** 1. Modify this constant to be 2 2. Use the ios expo build 3. Using native browser or QR code, connect to https://react-app.walletconnect.com/ 4. Using native browser or QR code, connect to https://wagmi-app.vercel.app/ 5. In the wallet, go to settings, experimental, wallet connect, and check that you have these two sessions 6. Using native browser or QR code, connect to https://rainbowkit.com/ (using WC) 7. In the wallet, go to settings, experimental, wallet connect, and check that you only have 2 sessions with the first one you connected no longer in the list of active sessions ## **Screenshots/Recordings**  ### **Before**  ### **After** https://github.com/user-attachments/assets/703ab57f-5dee-4889-957e-9b7e98b02d80 ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I've included tests if applicable - [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Adds automatic disconnection of an existing WalletConnect v2 session when new approvals push the active session count over a configured limit, which could unexpectedly drop a user’s oldest connection. Logic is small and covered by unit tests, but it affects live connection management. > > **Overview** > **Enforces a WalletConnect v2 session cap.** After approving a new session, `WC2Manager` now calls `enforceSessionLimit()` to ensure active sessions stay under `AppConstants.WALLET_CONNECT.LIMIT_SESSIONS` by disconnecting the *oldest* session (based on smallest `expiry`). > > **Adds test coverage** for the new behavior, including cases where the limit is exceeded (oldest session is disconnected) and where the session count is at/under the limit (no disconnections). > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit bf6c451. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

## **Description** This PR downgrades `@tanstack/react-query` to `^4.43.0` to allow us to bring in shared tooling between extension and mobile for queries. This is a temporary measure until the extension gets to React 18, which is the minimum version for `@tanstack/react-query@5`. Most of the breaking changes that impact our existing code is type related due to `TError` being `unknown` in v4. Additionally a couple of properties we use have been renamed between the two versions. The semantics of `isLoading` has also changed for `enabled: false` queries, but that can be recovered by using `isFetching && isLoading` This PR adjusts all of these. ## **Changelog**  CHANGELOG entry: null ## **Related issues** https://consensyssoftware.atlassian.net/browse/WPC-445  --- > [!NOTE] > **Medium Risk** > Moderate risk because it downgrades a core data-fetching library and adjusts loading/polling semantics across multiple hooks, which could change UI states or caching behavior if any edge cases were missed. > > **Overview** > Downgrades `@tanstack/react-query` from v5 to v4 (including lockfile updates) and updates the app’s `QueryClient` defaults to use v4’s `cacheTime` option. > > Aligns hooks and tests with v4 API/behavior changes: replaces `gcTime` usage, updates `keepPreviousData` configuration, switches some status checks from `isPending` to `isLoading`, adds/propagates `isFetching`, and standardizes derived `isLoading` as `isLoading && isFetching` for disabled/manual queries (Card hooks, Ramp hooks, Predict query options, and related tests). > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit cb3d691. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

… signing (#28001) ## **Description** ~2% of Claim/Withdraw transactions are failing with Safe GS026 or GS013 errors. Root cause: `EthQuery` caches query results for up to 15 minutes, which can serve a stale nonce when signing Safe transactions. This fix calls `invalidateQueryCache` before `prepareClaim` and `signWithdraw` so the Safe TX is always signed with a fresh nonce. ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/PRED-769 ## **Manual testing steps** ```gherkin Feature: Predict Claim/Withdraw nonce freshness Scenario: User claims positions without GS026/GS013 errors Given the user has claimable positions on Predict And the EthQuery cache contains a stale nonce When the user initiates a Claim transaction Then the query cache is invalidated before signing the Safe TX And the transaction succeeds without GS026 or GS013 errors Scenario: User withdraws funds without GS026/GS013 errors Given the user has a balance available for withdrawal on Predict And the EthQuery cache contains a stale nonce When the user initiates a Withdraw transaction Then the query cache is invalidated before signing the Safe TX And the transaction succeeds without GS026 or GS013 errors ``` ## **Screenshots/Recordings**  ### **Before**  ### **After**  ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Touches Predict claim/withdraw signing flow; while the change is small, it alters pre-sign network behavior and could impact transaction submission timing or error handling. > > **Overview** > Prevents stale Safe nonces during Predict **Claim** and **Withdraw** by invalidating the underlying `EthQuery` cache immediately before `prepareClaim` and `signWithdraw` run. > > This adds an `invalidateQueryCache` call (via `blockTracker.checkForLatestBlock()`) to force fresh chain state before signing, reducing intermittent Safe `GS026/GS013` failures. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 2144104. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

…27944) ## Description `removeSession()` revokes permissions via `permissionsController.revokeAllPermissions()` after cleanup, but `removeAll()` did not — leaving stale permission entries in the `PermissionController` for every removed session. This adds the missing `revokeAllPermissions(session.pairingTopic)` call in `removeAll()`. ### Note on permission key inconsistency This PR uses `session.pairingTopic` as the revocation key because that's the key permissions are created under (`origin: channelId` where `channelId = pairingTopic` — see `_handleSessionProposal`). However, `removeSession()` uses `session.topic` instead (line 377), which is a different value. That call is likely a no-op (silently caught by the surrounding try/catch). This is a pre-existing bug in `removeSession` — it should probably also use `session.pairingTopic`. Left as-is to keep this PR scoped. ## Related issues Follow-up to #27932 ## Manual testing steps 1. Connect multiple dapps via WalletConnect 2. Go to Settings > Experimental > WalletConnect Sessions 3. Verify sessions are listed 4. Trigger `removeAll()` (e.g., via wallet reset flow) 5. Verify permission entries for those sessions are no longer in `PermissionController.state.subjects` ## Pre-merge author checklist - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors.  --- > [!NOTE] > **Low Risk** > Low risk: small, well-scoped change that only adds missing permission cleanup during `WC2Manager.removeAll()`, with a unit test covering the new behavior. > > **Overview** > Fixes `WC2Manager.removeAll()` to also revoke WalletConnect v2 permissions for each active session (via `PermissionController.revokeAllPermissions(session.pairingTopic)`) before disconnecting, preventing stale permission entries after bulk session removal. > > Adds a focused unit test asserting permission revocation is triggered during `removeAll()`, and logs (without failing) if revocation throws. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit e8b281e. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).  --------- Co-authored-by: Jiexi Luan <jiexiluan@gmail.com>

…it price (#27907) ## **Description** Limit price presets (Mid, Bid, Ask, -1%, -2%) hardcoded `formatWithSignificantDigits(value, 4)` — 4 significant digits. For XRP-range prices (~$2.34), this truncated values to 3 decimal places ($2.342) instead of the expected 4 ($2.3418). Fixed by using `DECIMAL_PRECISION_CONFIG.MaxSignificantFigures` (= 5), matching the HyperLiquid API limit and the `PRICE_RANGES_UNIVERSAL` display config. Also added testIDs to all preset buttons for automated testing. ## **Changelog** CHANGELOG entry: Fixed limit price preset buttons (Mid, Bid, Ask, percentage) truncating one decimal place for low-price assets like XRP ## **Related issues** Fixes: [TAT-2399](https://consensyssoftware.atlassian.net/browse/TAT-2399) ## **Manual testing steps** ```gherkin Feature: Limit price preset decimal precision Scenario: Mid preset shows correct decimals for XRP Given I am on the XRP Long Limit order screen When I open the limit price bottom sheet And I press the Mid preset button Then the limit price shows 4 decimal places (e.g., $2.3418) Scenario: All presets show correct decimals Given I am on the XRP Long Limit order screen When I press each preset (Mid, Bid, -1%, -2%) Then each preset value has 4 decimal places Scenario: Ask preset works for short orders Given I am on the XRP Short Limit order screen When I press the Ask preset button Then the limit price shows 4 decimal places ``` ## **Screenshots/Recordings** ### **Before** Bug confirmed via CDP eval: `formatWithSignificantDigits(2.3418, 4)` → `2.342` (3 decimals instead of 4) ### **After** https://github.com/user-attachments/assets/72b3617e-afdf-49c1-bbbb-2b96e176668d ## **Validation Recipe** <details> <summary>Automated validation recipe (validate-recipe.sh)</summary> ```json { "pr": "27907", "title": "Limit price presets use correct decimal precision (5 sig figs)", "jira": "TAT-2399", "acceptance_criteria": [ "Tapping any limit price preset populates the value with market-correct decimal precision", "Validated on XRP (reported case) and SOL (different price range)", "All five presets covered: Mid, Bid, Ask, -1%, -2%", "No regression to manual limit price entry" ], "validate": { "static": ["yarn lint:tsc"], "runtime": { "pre_conditions": ["wallet.unlocked", "perps.feature_enabled"], "steps": [ {"id": "nav_xrp", "description": "Navigate to XRP market details", "action": "flow_ref", "ref": "market-discovery", "params": {"symbol": "XRP"}}, {"id": "press_long", "action": "press", "test_id": "perps-market-details-long-button"}, {"id": "wait_form", "action": "wait_for", "test_id": "perps-order-header-order-type-button"}, {"id": "press_order_type", "action": "press", "test_id": "perps-order-header-order-type-button"}, {"id": "wait_type_sheet", "action": "wait_for", "test_id": "perps-order-type-limit"}, {"id": "press_limit", "action": "press", "test_id": "perps-order-type-limit"}, {"id": "wait_limit_form", "action": "wait_for", "test_id": "perps-order-view-limit-price-row"}, {"id": "press_price_row", "action": "press", "test_id": "perps-order-view-limit-price-row"}, {"id": "wait_price_sheet", "action": "wait_for", "test_id": "keypad-delete-button"}, {"id": "press_mid_xrp", "action": "press", "test_id": "perps-limit-price-preset-mid"}, {"id": "wait_mid", "action": "wait", "ms": 500}, {"id": "check_mid_xrp", "description": "Assert Mid preset >= 4 decimals for XRP", "action": "eval_sync", "expression": "...", "assert": {"operator": "gt", "field": "decimals", "value": 3}}, {"id": "press_bid_xrp", "action": "press", "test_id": "perps-limit-price-preset-bid"}, {"id": "check_bid_xrp", "description": "Assert Bid >= 4 decimals", "action": "eval_sync", "assert": {"operator": "gt", "field": "decimals", "value": 3}}, {"id": "press_pct_minus1_xrp", "action": "press", "test_id": "perps-limit-price-preset--1"}, {"id": "check_pct_minus1_xrp", "description": "Assert -1% >= 4 decimals", "action": "eval_sync", "assert": {"operator": "gt", "field": "decimals", "value": 3}}, {"id": "press_pct_minus2_xrp", "action": "press", "test_id": "perps-limit-price-preset--2"}, {"id": "check_pct_minus2_xrp", "description": "Assert -2% >= 4 decimals", "action": "eval_sync", "assert": {"operator": "gt", "field": "decimals", "value": 3}}, {"id": "nav_sol", "action": "flow_ref", "ref": "market-discovery", "params": {"symbol": "SOL"}}, {"id": "check_mid_sol", "description": "SOL no-regression check", "action": "eval_sync", "assert": {"operator": "eq", "field": "isValid", "value": true}}, {"id": "nav_short_xrp", "action": "flow_ref", "ref": "market-discovery", "params": {"symbol": "XRP"}}, {"id": "check_ask_xrp", "description": "Assert Ask >= 4 decimals", "action": "eval_sync", "assert": {"operator": "gt", "field": "decimals", "value": 3}} ] } } } ``` Full recipe: `.task/fix/tat-2399-0325-1840/artifacts/recipe.json` </details> ## **Pre-merge author checklist** - [x] I've followed MetaMask Contributor Docs and Coding Standards - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [ ] I've documented my code using JSDoc format if applicable - [x] I've applied the right labels on the PR ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Touches perps limit order price entry; while the change is small, it affects how preset prices are computed and could impact order placement values if incorrect. > > **Overview** > Fixes limit-price preset buttons (Mid/Bid/Ask and +/- % presets) to format using `DECIMAL_PRECISION_CONFIG.MaxSignificantFigures` instead of hardcoded 4 significant digits, preventing truncation for low-priced assets (e.g., XRP). > > Adds `testID`s for each preset button (including dynamic % presets) and extends `PerpsLimitPriceBottomSheet` tests to assert the correct decimal precision for XRP-range prices. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit ecb689b. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

## **Description** This PR adds the candlestick icon to the component-library ## **Changelog**  CHANGELOG entry: null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/DSYS-656 ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings**  ### **Before**  ### **After** https://github.com/user-attachments/assets/510bd10b-0729-4d20-ab0e-44fdec07ed8f  ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Low Risk** > Low risk: adds a new SVG asset and wires it into the generated icon enum/mapping, with no changes to runtime logic beyond selecting an additional icon name. > > **Overview** > Adds a new `Candlestick` icon to the component library by introducing `assets/candlestick.svg`, extending `IconName` with `Candlestick`, and wiring the new asset into `assetByIconName`. > > Also includes minor import/mapping reordering in the generated icon asset/type files (e.g., `Search`, `MetamaskFoxOutline`) with no functional behavior change. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 0cd4fb7. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

## **Description**  ## **Changelog**  CHANGELOG entry: null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/MUL-1546 ## **Manual testing steps** no manual testing steps ## **Screenshots/Recordings**  ### **Before**  ### **After**  ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [x] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [x] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Touches the hardware wallet connection flow and bottom-sheet callbacks to emit new analytics, so incorrect state resets or callback wiring could affect connection UX/cleanup. No auth or funds-handling logic changes, and coverage is added with extensive unit tests. > > **Overview** > Adds a new hardware-wallet analytics module that classifies **flow context** (Connection/Send/Swaps/Transaction/Message) and normalizes **error types/details**, then emits three new MetaMetrics events for recovery: `HARDWARE_WALLET_RECOVERY_MODAL_VIEWED`, `..._CTA_CLICKED`, and `..._SUCCESS_MODAL_VIEWED`. > > Wires this into the hardware wallet UI/flow by deriving the analytics flow from the first pending approval at the start of each `ensureDeviceReady` run, tracking CTA taps from error screens via a new `onCTAClicked` prop on `HardwareWalletBottomSheet`, and resetting analytics state when the sheet is closed. Includes comprehensive unit tests for helper mappings, Redux-derived flow detection, and event firing/counting behavior. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 9bec1b0. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

This PR syncs the stable branch to main for version 7.73.0. *Synchronization Process:* - Fetches the latest changes from the remote repository - Resets the branch to match the stable branch - Attempts to merge changes from main into the branch - Handles merge conflicts if they occur *File Preservation:* Preserves specific files from the stable branch: - CHANGELOG.md - bitrise.yml - android/app/build.gradle - ios/MetaMask.xcodeproj/project.pbxproj - package.json Indicates the next version candidate of main to 7.73.0

…#27844)  ## **Description** Users with open Perpetuals or Predict positions could not see aggregate unrealized P&L on the wallet homepage next to those sections, and the Perps tab “Your positions” subtitle duplicated similar layout logic. This PR: - **Wallet homepage — Perps:** Shows a sub-row under “Perpetuals” with aggregate unrealized P&L (and ROE %) when the user has **filled** open positions; hides it for privacy mode, while loading account data, or when there are no positions (including **orders-only** — no row). Colors follow profit (green) / loss (red) / flat (default text). - **Wallet homepage — Predict:** Shows the same style of row under “Predictions” using the existing unrealized P&L API (`useUnrealizedPnL`); pull-to-refresh also invalidates that query. Respects privacy mode. - **Perps home (tab):** Keeps the positions subtitle visible whenever there are open positions (including flat P&L), uses design-system text colors, and reuses the shared **`HomepageSectionUnrealizedPnlRow`** for the value + “Unrealized P&L” line so layout matches the homepage spec (4px under title, 8px between value and label). - **Shared UI:** New `HomepageSectionUnrealizedPnlRow` under homepage components (used by homepage sections + `PerpsHomeSection`). - **Predict:** `formatPredictUnrealizedPnLStringParts` in `format.ts` centralizes i18n interpolation for unrealized P&L strings; `PredictPositionsHeader` and `PredictionsSection` both use it. ## **Changelog**  CHANGELOG entry: Added unrealized P&L summary on the wallet homepage for Perpetuals and Predictions, and aligned the Perps home “Your positions” subtitle with the same layout. ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/TMCU-584 ## **Manual testing steps** ```gherkin Feature: Unrealized P&L on homepage Perps and Predict Scenario: Perps section shows aggregate unrealized P&L with open positions Given the user has at least one open Perpetuals position and privacy mode is off When the user views the wallet homepage Then the Perpetuals section shows a line with signed dollar P&L, percentage, and an unrealized P&L label below the section title And positive P&L is green and negative P&L is red Scenario: Perps section hides P&L without open positions Given the user has no open Perpetuals positions (only limit orders or none) When the user views the wallet homepage Then no unrealized P&L sub-row appears under Perpetuals and spacing below the title is unchanged Scenario: Predict section shows unrealized P&L with open positions Given the user has open Predict positions and privacy mode is off When the user views the wallet homepage Then the Predictions section shows the unrealized P&L sub-row consistent with design Scenario: Privacy mode hides homepage P&L values Given privacy mode is enabled When the user views the wallet homepage with Perps and/or Predict positions Then unrealized P&L sub-rows for those sections are not shown Scenario: Perps tab positions subtitle matches homepage styling Given the user has open Perps positions When the user opens the Perps home screen Then “Your positions” shows the unrealized P&L value and label with the same visual treatment as the homepage row ``` ## **Screenshots/Recordings**  ### **Before**  ### **After**  ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Medium risk: adds new homepage UI rows driven by live Perps account state and Predict react-query data (including query invalidation on refresh), which could affect loading/visibility states and performance but does not touch auth or funds movement. > > **Overview** > Adds a shared `HomepageSectionUnrealizedPnlRow` component and uses it to display **aggregate unrealized P&L** under the Wallet homepage **Perpetuals** and **Predictions** section titles when the user has open positions (and not in privacy mode), including loading placeholders and tone-based coloring. > > Refactors Perps tab `PerpsHomeSection`/`PerpsHomeView` to reuse the same value+label row, switch to design-system `TextColor` tokens, and keep the positions subtitle visible whenever positions exist (including flat P&L). Predict’s positions header and homepage section now share a centralized `formatPredictUnrealizedPnLStringParts` formatter, and Predictions pull-to-refresh also invalidates the unrealized P&L query; tests were updated/added accordingly. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 50ae867. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

## **Description** Replace the default `QueryClient` with a custom `QueryClient` from `createUIQueryClient`. This establishes the query client required for using the `BaseDataService` pattern from the core repo, which handles cache syncing. Existing UI-only queries should work as they did previously. ## **Changelog**  CHANGELOG entry: null ## **Related issues** https://consensyssoftware.atlassian.net/browse/WPC-445  --- > [!NOTE] > **Medium Risk** > Moderate risk because it changes how the global React Query `QueryClient` is constructed and introduces messenger-backed call/subscribe plumbing that could affect caching and network behavior across the app. > > **Overview** > Switches `ReactQueryService` to build its `queryClient` via `@metamask/react-data-query`’s `createUIQueryClient`, passing an Engine messenger adapter to support data services and cache syncing while keeping the existing default query options. > > Adds a `DATA_SERVICES` registry (currently empty) for wiring in available data services, updates unit tests to validate the new client defaults and cache clearing behavior, and adds the new `@metamask/react-data-query` dependency (plus lockfile updates). > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 088a264. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

…#28011)  ## **Description** > Updates Predict Market Details tab testIDs to be **stable and semantic** by switching from index-based IDs to typed tab-key IDs (`'positions' | 'outcomes' | 'about'`), and updates `PredictMarketDetailsTabBar` plus its unit tests to use the new `getPredictMarketDetailsSelector.tabBarTab(tabKey)` API. > > Adds explicit testIDs to the confirmations `NetworkFilter` tabs by introducing `network-filter.testIds.ts` and passing a required `testID` prop into `NetworkFilterTab` for the “All networks” option and each per-chain tab. > ## **Changelog**  CHANGELOG entry: ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings**  ### **Before**  ### **After**  ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I've included tests if applicable - [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Low Risk** > Low risk: changes are limited to test ID generation and wiring for UI elements, with no business logic or data flow modifications. > > **Overview** > Updates Predict Market Details tab testIDs to be **stable and semantic** by switching from index-based IDs to typed tab-key IDs (`'positions' | 'outcomes' | 'about'`), and updates `PredictMarketDetailsTabBar` plus its unit tests to use the new `getPredictMarketDetailsSelector.tabBarTab(tabKey)` API. > > Adds explicit testIDs to the confirmations `NetworkFilter` tabs by introducing `network-filter.testIds.ts` and passing a required `testID` prop into `NetworkFilterTab` for the “All networks” option and each per-chain tab. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit bea4356. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

…27862)  ## **Description** Fix time calculation for metrics `mm_pay_time_to_complete_s`. Replace the use of submittedTime in current transaction to latest submitted time of child transactions. ## **Changelog**  CHANGELOG entry: ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/CONF-1086 ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings** NA ## **Pre-merge author checklist** - [X] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [X] I've completed the PR template to the best of my ability - [X] I've included tests if applicable - [X] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [X] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Changes MetaMask Pay analytics attribution logic (parent/child relationships and completion time calculation), which can affect reporting correctness across multi-transaction flows. Risk is moderate due to reliance on `requiredTransactionIds` (removing `batchId`/nonce ordering) and updated tests covering new behavior. > > **Overview** > Fixes `mm_pay_time_to_complete_s` to avoid under-reporting by computing completion time from the **latest `submittedTime` among a parent MM Pay transaction’s `requiredTransactionIds`**, instead of using the current transaction’s `submittedTime`. > > Simplifies transaction linkage and step calculation by **dropping `batchId`/nonce-based grouping** and relying solely on `requiredTransactionIds` to find parents and order steps; updates unit tests accordingly (including asserting the metric is *not* emitted for finalized child transactions). > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 22bbd5c. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

## **Description** https://consensyssoftware.atlassian.net/browse/RWDS-1109 ## **Changelog** CHANGELOG entry: prevent ondo campaign opt in based on cut off date ## **Screenshots/Recordings** <img width="929" height="1957" alt="image" src="https://github.com/user-attachments/assets/6310d2fe-12d4-43f5-92a9-257ed1d4c2c2" />  --- > [!NOTE] > **Medium Risk** > Changes opt-in eligibility and leaderboard rendering based on a new `depositCutoffDate`, which can affect user ability to join campaigns and what data is fetched/rendered. Risk is moderate due to time-based logic and UI state/loading interactions, but scoped to Rewards campaign details. > > **Overview** > Adds `depositCutoffDate` support for `ONDO_HOLDING` campaigns and introduces `isOptinAllowed` to centralize the time-based opt-in gating. > > Updates `OndoCampaignDetailsView` and `CampaignJoinCTA` to **hide the join CTA once entries close**, show a new dismissible `CampaignEntriesClosedBanner`, and treat *active-but-closed* campaigns similar to completed campaigns for leaderboard fetching/rendering (with a skeleton while participant status loads). > > Extends types and i18n strings for the new cutoff field and banner text, and adds/updates unit tests to cover cutoff, banner visibility, and loading behaviors. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 94596b3. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).  --------- Co-authored-by: Rik Van Gulck <vangulckrik@gmail.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

nock already has great types built in, we should not be overriding the limiting the type inference from nock with our own definitions file.  ## **Description**  ## **Changelog**  CHANGELOG entry: refactor: remove nock definition file ## **Related issues** Fixes: from a DX perspective, the definitions override is incredibly limiting which prevents us from fully utilising the nock API ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings**  ### **Before**  ### **After**  ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I've included tests if applicable - [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Low Risk** > Low risk because this only removes a test-only TypeScript declaration override and relies on `nock`’s published types; primary risk is minor compile-time type changes in component-view test mocks. > > **Overview** > Removes the local `tests/component-view/api-mocking/nock.d.ts` module declaration that was overriding `nock` typings, so component-view API mock helpers now use `nock`’s upstream TypeScript definitions and benefit from full type inference. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 9bd94b4. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

…rt (#28026) ## **Description** Adds `TransactionType.perpsWithdraw` support across the activity list, transaction details, analytics, metrics, and notifications — mirroring the existing patterns for `predictWithdraw` and `perpsDeposit`. This is the first of two PRs for Perps Withdraw. It makes the app correctly display, label, and handle `perpsWithdraw` transactions without any changes to the confirmation flow. All additions are to existing arrays/switch statements and are dormant until the transaction type is actually used. ## **Changelog** CHANGELOG entry: Add Perps Withdraw transaction display and activity support ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/CONF-1112 ## **Manual testing steps** ```gherkin Feature: Perps Withdraw transaction display Scenario: user views a completed perpsWithdraw transaction in Activity Given the user has a completed perpsWithdraw transaction When user opens the Activity tab Then the transaction displays as "Perps withdraw" with the correct fiat value Scenario: user views perpsWithdraw transaction details Given the user has a completed perpsWithdraw transaction When user taps the transaction in the Activity list Then the transaction details page shows "Withdrawal" as the title And the fee row shows "Provider fee" instead of "Bridge fee" ``` ## **Screenshots/Recordings**  ### **Before** N/A ### **After**  ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Mostly additive wiring for a new `TransactionType.perpsWithdraw`, but it touches shared transaction decoding, metrics/analytics classification, and notification-suppression lists which could affect reporting or user-visible notifications if misclassified. > > **Overview** > Adds end-to-end display support for `TransactionType.perpsWithdraw` in Activity and the new Transaction Details screen, including correct titles, network badge chain selection, totals/fee labeling (using *Provider fee* for withdrawals), and post-quote `metamaskPay.targetFiat` amount display. > > Extends transaction action-key mapping/decoding, analytics monetization classification, MetaMetrics transaction-type values, MetaMask Pay metrics handling, and the notification skip list to recognize `perpsWithdraw`, with corresponding unit tests and new i18n strings (e.g., `tx_review_perps_withdraw`, `transaction_details.title.perps_withdraw`). > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 7750ce7. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

## **Description** User change biometric ( add / remove fingerprint) Metamask wallet not able to detect and handle it properly [TO-454]  ## **Changelog**  CHANGELOG entry: Alert User on biometric changed ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: Detect Biometric Changed Scenario: user create MM wallet with biometric enabled Given User create MM wallet with biometric enabled When user remove 1 of N fingerprint / change faceId from system ( fingerprint/face) Then MM should Alert user that biometric changed and previous biometric become invalid ``` ## **Screenshots/Recordings**  ### **Before**  https://github.com/user-attachments/assets/94987fd0-2aa6-4572-8e0b-b4ffe4b5ae9b ### **After**  https://github.com/user-attachments/assets/aabb6c25-ff42-41ba-aaba-f8f26960c464 ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Touches unlock and credential-reset flows: mis-detection could incorrectly reset local auth settings or interrupt login, though changes are scoped and covered by new unit tests. > > **Overview** > Adds handling for the Android "biometrics changed" failure case during `Authentication.unlockWallet`: when the thrown `Error.message` contains `USER_NOT_AUTHENTICATED`, the app shows a non-cancelable alert and then locks the app with `reset: true` to clear stored credentials. > > Refactors auth cleanup by centralizing removal of legacy auth storage flags and remember-me state into `clearAuthStorageFlags`, reusing it from both `storePassword` and `resetPassword`, and ensuring `resetPassword` also disables OS auth in Redux. > > Updates constants and strings to include `UNLOCK_WALLET_ERROR_MESSAGES.USER_NOT_AUTHENTICATED` plus new `login.biometric_changed*` i18n keys, and extends tests to cover the new reset behavior and alert/lock paths. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 288036e. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).  [TO-454]: https://consensyssoftware.atlassian.net/browse/TO-454?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

## **Description** * This PR improves analytics and marketing-consent for seedless / social (OAuth) onboarding  ## **Changelog**  CHANGELOG entry: Improved analytics consistency during social login onboarding. ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: Social new user completes password and reaches success Given seedless / social onboarding is enabled And the user signs in with Google or Apple as a new user When the user sets a password on Choose Password and submits Then the app navigates to onboarding success And marketing preference is sent to the auth API according to the checkbox And analytics receives preference for marketing consent. ``` ## **Screenshots/Recordings**  ### **Before**  ### **After**  ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Adds new analytics tracking and user-trait updates in the OAuth onboarding success path, including an awaited call that could impact timing or failure behavior before navigation. > > **Overview** > Adds explicit MetaMetrics instrumentation for *seedless/social (OAuth) onboarding* on the `ChoosePassword` success path: emits `ANALYTICS_PREFERENCE_SELECTED` with marketing-consent + `account_type` (derived from the OAuth `provider`) and updates the user profile via `addTraitsToUser` with device/user settings metadata and configured chain IDs. > > Updates `ChoosePassword` tests to mock the expanded analytics API (`identify`, `addTraitsToUser`, event builder output), pass `provider` in OAuth route params, and assert the new tracking/trait calls occur when completing OAuth wallet creation. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 24d270a. Configure [here](https://cursor.com/dashboard?tab=bugbot).

)  ## **Description** Update transaction controller to fix possible sentry issue https://consensyssoftware.atlassian.net/browse/CONF-1086. ## **Changelog**  CHANGELOG entry: ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/CONF-1086 ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings** NA ## **Pre-merge author checklist** - [X] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [X] I've completed the PR template to the best of my ability - [X] I've included tests if applicable - [X] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [X] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Dependency-only change, but it updates the core transaction controller package, which can affect transaction lifecycle/telemetry behavior and should be validated via regression testing. > > **Overview** > Updates the `@metamask/transaction-controller` dependency from `^63.1.0` to `^63.3.0`. > > Refreshes `yarn.lock` to resolve the new controller version and its updated transitive dependency set/checksums. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 34d36f6. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

…le loading (#28033) ## **Description** Shows a success toast ("You're in!") after a user successfully opts into a campaign via `CampaignOptInSheet`. Also hides the Join Campaign CTA entirely while participant status is loading (previously it rendered a disabled/loading button), and removes the skeleton loader from `OndoCampaignDetailsView` during that loading phase. Jira: [RWDS-1101](https://consensyssoftware.atlassian.net/browse/RWDS-1101) ## **Changelog** CHANGELOG entry: Added a success confirmation toast when users opt in to a rewards campaign. ## **Related issues** Fixes: [RWDS-1101](https://consensyssoftware.atlassian.net/browse/RWDS-1101) ## **Screenshots/Recordings** <img width="750" height="408" alt="image" src="https://github.com/user-attachments/assets/0fddb8ea-3ec2-4a39-a278-c6b371e9fb95" />  --- > [!NOTE] > **Low Risk** > Low risk UI/UX behavior changes around opt-in feedback and CTA visibility, with minor logging/empty-state tweaks; main risk is unintended hiding of the join CTA during slow participant-status fetches. > > **Overview** > Adds a success confirmation toast ("You're in!") after a campaign opt-in completes successfully in `CampaignOptInSheet`, only closing the sheet when the API reports `optedIn: true`. > > Updates the campaign details/join flow to **hide** the "Join Campaign" CTA while participant status is loading (and removes the loading/skeleton CTA handling), with tests updated to reflect the new visibility rules. > > Treats an Ondo portfolio with **zero positions** as an empty state (showing the empty banner instead of the container) and adds error logging when portfolio fetch fails; includes the new `rewards.campaign.opt_in_success_toast` i18n string. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit ee88724. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).  --------- Co-authored-by: sophieqgu <sophieqgu@gmail.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

## **Description**  This PR makes the custom slippage modal cursor-aware. It adds a dedicated slippage cursor hook that reuses the shared raw cursor editing utilities, wires controlled `selection` / `onSelectionChange` through `InputStepper`, preserves the existing slippage-specific max and decimal validation rules, resets cursor state when the stepper buttons change the value, and sanitizes trailing decimals such as `2.` before saving the selected slippage. ## **Changelog**  CHANGELOG entry: Fixed custom slippage input so keypad edits respect cursor placement and trailing decimals are sanitized before saving. ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: custom slippage cursor-aware editing Scenario: user inserts a digit at a chosen cursor position Given the user opens Bridge and opens the custom slippage modal And the custom slippage value is "12.5" When the user places the caret between "1" and "2" And the user taps "5" on the keypad Then the displayed custom slippage value updates to "152.5" Scenario: user resets the cursor by using the stepper buttons Given the user opens Bridge and opens the custom slippage modal And the user places the caret in the middle of the custom slippage value When the user taps the "+" stepper button And the user taps "5" on the keypad Then the next keypad edit follows the new stepper-updated value instead of the old caret position Scenario: user confirms a value with a trailing decimal Given the user opens Bridge and opens the custom slippage modal And the custom slippage value is "2." When the user taps "Confirm" Then the saved slippage value is "2" ``` ## **Screenshots/Recordings**  ### **Before** N/A ### **After** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.   --- > [!NOTE] > **Medium Risk** > Touches user input/editing logic in the Bridge slippage flow (cursor mapping + keypad handling), which can introduce subtle edge-case regressions, but scope is localized and covered by new tests. > > **Overview** > Makes the Bridge `CustomSlippageModal` cursor-aware by introducing `useCustomSlippageCursor`, which tracks and maps selection between formatted and raw values and applies keypad edits at the current caret position (while preserving max/decimal validation and over-max flagging). > > Extends `InputStepper` to accept controlled `selection`/`onSelectionChange`, wires these through the slippage modal, resets cursor state when +/- stepper buttons adjust the value, and sanitizes trailing decimals (e.g., `2.` -> `2`) before dispatching `setSlippage`. Tests are updated/added to cover cursor insertion/backspace behavior, trailing-decimal sanitization, and the new selection plumbing. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit b963576. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

## **Description**  This adds a verified trust signal to the swap/bridge asset picker when the backend returns `isVerified` on popular and search token results. The change threads the new field through the bridge token models, preserves it during token-to-balance merging, renders the verified badge inline in picker rows, and adds focused coverage for popular tokens, search results, and row rendering. ## **Changelog**  CHANGELOG entry: Added verified badges to swap asset picker tokens ## **Related issues** Fixes: Refs: SWAPS-4219 ## **Manual testing steps** ```gherkin Feature: Swap asset picker verified trust signals Background: Given I am logged into MetaMask Mobile And I can open the swap or bridge asset picker Scenario: user sees a verified badge for a popular token Given the popular token response includes a token with isVerified set to true When user opens the source or destination asset picker Then the verified token should display a verified badge in its list row And tokens without isVerified should not display the badge Scenario: user sees a verified badge for a searched token Given the search token response includes a token with isVerified set to true When user searches for that token in the asset picker Then the search result should display a verified badge in its list row And the token should remain selectable as usual ``` ## **Screenshots/Recordings**  ### **Before** N/A ### **After** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.   --- > [!NOTE] > **Low Risk** > Low risk UI/model threading of a new optional `isVerified` flag; main risk is minor layout/test regressions in the token picker row rendering. > > **Overview** > Adds support for an optional `isVerified` trust signal on Bridge API token results and threads it into the in-app `BridgeToken` model. > > Updates the token picker row (`TokenSelectorItem`) to render a small verified icon next to the token symbol when `token.isVerified` is true, and extends unit tests/fixtures to assert the flag is preserved through popular/search fetching and balance-merging, and is passed through `BridgeTokenSelector` into row rendering. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 02a4efd. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

## **Description**  This fixes [#27843](#27843), where opening Swap from a trending token details page could land the user back on Bridge with the view still scrolled down and the prefilled form off-screen. The fix adds a minimal `scrollToTopOnNav` route param for that navigation path and has `BridgeView` consume it once on focus so token-details Swap entry points return with the swap form visible at the top. ## **Changelog**  CHANGELOG entry: Fixed a bug that kept the swap screen scrolled down after opening Swap from a trending token details page. ## **Related issues** Fixes: #27843 ## **Manual testing steps** ```gherkin Feature: Swap navigation from trending token details Scenario: user opens swap from the token details action row Given the user is on the Home tab And the user opens Swap And the user scrolls to the Trending tokens list And the user opens a trending token details page When the user taps "Swap" Then the Bridge view opens with the prefilled swap form visible at the top of the screen Scenario: user opens swap from the token details sticky footer Given the user is on a trending token details page with the sticky footer visible When the user taps the sticky footer swap action Then the Bridge view opens with the prefilled swap form visible at the top of the screen ``` ## **Screenshots/Recordings**  ### **Before** N/A ### **After** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.   --- > [!NOTE] > **Low Risk** > Low risk: adds a one-time navigation flag that triggers a `ScrollView.scrollTo` on focus and clears itself; scope is limited to swaps/bridge navigation and related tests. > > **Overview** > Fixes a navigation UX bug where returning to `BridgeView` from Token Details (notably trending tokens) could leave the unified swap form scrolled off-screen. > > This introduces a `scrollToTopOnNav` route param in `useSwapBridgeNavigation`, has `BridgeView` consume it via `useFocusEffect` to scroll the main `ScrollView` to `y=0` and then `setParams` to clear the flag, and updates Token Details swap entry points (including sticky footer and buy/sell handlers) to request this behavior. Tests were updated/added to cover the new param propagation and one-time clearing. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 86c6e2d. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

## **Description** Removes the `@metamask/error-reporting-service` package. This service registered a `ErrorReportingService:captureException` messenger action, but no controller ever called it. Error reporting is now handled directly via the built-in `messenger.captureException` method in `@metamask/messenger`. ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: N/A ## **Manual testing steps** ```gherkin Feature: App startup Scenario: user opens the app after removing error-reporting-service Given the app is built from this branch When user launches the app Then the app starts without errors ``` ## **Screenshots/Recordings** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Low Risk** > Low risk: removes an unused controller/messenger layer and its dependency, with no functional logic changes beyond no longer instantiating `ErrorReportingService`. Main risk is any hidden reliance on the removed messenger namespace/action at runtime. > > **Overview** > Removes the unused `@metamask/error-reporting-service` integration by deleting its controller init and messenger wiring, and by dropping `ErrorReportingService` from Engine controller initialization and associated type unions. > > Updates dependencies by removing `@metamask/error-reporting-service` from `package.json` and `yarn.lock`, and deletes the related unit tests. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit f95f656. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

…#26537)  ## **Description** **Summary** Replaces the fragile amount-based withdrawal/deposit completion matching with a deterministic FIFO (First In, First Out) queue approach to resolve stuck pending withdrawal indicators. **Problem:** Pending withdrawals could get permanently stuck in the UI because the old matching logic compared amounts and assets between pending requests and completed ledger entries. This was unreliable when multiple withdrawals of the same amount/asset existed, leading to mismatches or missed completions. **Solution:** The new approach treats pending transactions as a FIFO queue. The oldest pending transaction is matched with the first completed transaction in the user's history that occurred after its submission time. This eliminates ambiguity and ensures each pending request is resolved exactly once. **Changes** Refactored useWithdrawalRequests hook (useWithdrawalRequests.ts): Rewrote from scratch to use FIFO matching instead of amount-based matching. Replaced `getUserNonFundingLedgerUpdates` with `getUserHistory` API. Now delegates completion to the controller via `completeWithdrawalFromHistory `instead of calling `updateWithdrawalStatus` directly. Removed `startTime` option (no longer needed -- search window is derived from oldest pending timestamp). How FIFO Matching Works 1. Pending deposits/withdrawals are maintained as sorted queues (oldest first) in PerpsController state. 2. The hook polls getUserHistory to fetch completed transactions from the API. 3. The oldest pending withdrawal is matched with the first completed withdrawal in history where: ``` completed.timestamp > pending.timestamp AND completed.timestamp > lastCompletedTimestamp. ``` On match, the controller removes the request from the queue and bumps lastCompletedTimestamp to prevent the same history entry from being matched again. Deposits and withdrawals are tracked independently -- a completed deposit never clears a pending withdrawal and vice versa. ## **Changelog**  CHANGELOG entry: fix stuck pending withdraw ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/TAT-2501 ## **Manual testing steps** ```gherkin Feature: FIFO Pending Transaction Queue Matching Scenario: user initializes a pending perps withdraw Given a user has multiple pending withdrawals of the same amount and asset in the queue When the oldest pending withdrawal is completed, the previous gets cleared Then this continues until all pending withdraws are complete, and no pending withdraw gets stuck in the queue ``` ## **Screenshots/Recordings** Start Withdraw https://github.com/user-attachments/assets/f09dafa5-fdc1-4d5e-91a2-d7160a2bbcfd Mid to End Withdraw https://github.com/user-attachments/assets/944b45dc-a4e1-4957-8027-ab44b495e4e2 ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Changes the withdrawal completion flow, controller state, and persistence/migrations; mistakes could leave pending indicators stuck or prematurely cleared, especially around polling/history timestamp guards. > > **Overview** > Refactors perps pending-withdrawal handling to a **FIFO queue model**: the UI now displays only pending/bridging requests and polls `getUserHistory` to complete the *oldest* pending item, instead of amount/asset-based matching. > > Adds FIFO completion guards to `PerpsController` (`lastCompletedWithdrawalTimestamp` persisted + per-session `lastCompletedWithdrawalTxHashes`) and a new controller method `completeWithdrawalFromHistory` that removes the matched request, updates guards, clears progress when appropriate, and emits completion analytics. > > Updates withdrawal execution/error handling to **remove** requests from the queue on direct txHash completion or failure (and record txHash for de-dupe), introduces migration `128` to clear existing persisted deposit/withdrawal queues/progress flags, and refreshes/rewrites tests and mocks accordingly. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit aaa4e4f. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).  --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Nick Gambino <gambinish@users.noreply.github.com> Co-authored-by: abretonc7s <107169956+abretonc7s@users.noreply.github.com>

…t by token support (#27958)  ## **Description** Fixed a bug where selecting a provider for some token (e.g. MUSD on Linea) would instantly show "No payment methods are available" because the provider's cached `supportedCryptoCurrencies` map was stale and didn't include the token. **Root cause:** The providers data (`supportedCryptoCurrencies`) was persisted across sessions and only refreshed on region change or fresh install. For tokens added to the backend after the user's last provider cache update, the map wouldn't include the token, causing the payment methods query to be disabled and the "Token Not Available" modal to show — even though the API supports it. **Evidence from reporter's state logs (v7.71.0 build 4173):** - MUSD Linea (`eip155:59144/erc20:0xaca92e438df0b2401ff60da7e4337b687a2435da`) was `NOT IN MAP` for all 11 providers - Fresh `/providers` endpoint already includes MUSD Linea for Transak and Mercuryo - Providers data was served from stale Redux persist cache **Fix:** 1. `queries/providers.ts` + `useRampsProviders`: added a react-query wrapper for `getProviders` with `staleTime: 15min` and `refetchOnMount: true`. Providers (including `supportedCryptoCurrencies`) are refreshed when data is stale (>15min) and a component using `useRampsProviders` mounts (e.g. after password unlock or entering the buy flow). On app restart, react-query cache is empty so the first mount always fetches fresh data. The query calls `getProviders(regionCode, { forceRefresh: true })` to bypass the controller's internal cache. 2. `ProviderSelectionModal`: skip quotes fetch when `selectedPaymentMethod` is null (prevents API error "Payment methods are required"), and set `showQuotes=false` so no "No providers available" error is shown 3. `ProviderSelection`: when quotes are not available, fall back to separating providers by `supportedCryptoCurrencies` — supported tokens on top, others under "Other options" **Companion fix in core:** George's `feat: removes provider and token persistence in ramps controller` ([#8307](MetaMask/core#8307)) sets `persist: false` for providers and tokens so stale data won't survive across app restarts. The react-query refresh complements this by also catching stale data within long-running sessions. ## **Changelog** CHANGELOG entry: Fixed payment methods and provider availability for newly added tokens by refreshing providers via react-query (15min TTL) on mount and separating the provider list by token support ## **Related issues** Fixes: [TRAM-3383](https://consensyssoftware.atlassian.net/browse/TRAM-3383) ## **Manual testing steps** ```gherkin Feature: Payment methods load for tokens missing from supportedCryptoCurrencies Scenario: providers are refreshed when stale on mount Given the app has provider data older than 15 minutes When the user enters the buy flow or unlocks the app (component mounts) Then providers data should be refetched from the API via react-query And supportedCryptoCurrencies should be up to date Scenario: providers are always fresh after app restart Given the user restarts the app (react-query cache is empty) When the user enters the password and the app loads Then providers data should be fetched fresh from the API And supportedCryptoCurrencies should include newly added tokens Scenario: user opens change provider when no payment method is selected Given user is on the Buy screen with a provider that does not support the selected token And no payment method is selected (selectedPaymentMethod is null) When user taps "Change provider" Then the provider list should show supported providers at the top And unsupported providers should appear under "Other options" separator And no "No providers available" error should be shown ``` ## **Screenshots/Recordings** ### **Before** https://github.com/user-attachments/assets/0b4ea4fc-9a59-4fe6-a706-da95ec60c3af ### **After** Payment methods query fires and returns results from the API. https://github.com/user-attachments/assets/c3081ec5-63d8-460a-996e-3e8dabc90b7c https://github.com/user-attachments/assets/0ebb7fdc-1d5f-40ce-82c8-4fa7f47ef90f ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [x] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [x] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Medium risk due to new react-query-driven provider refetching and conditional quote fetching logic that can change network request patterns and provider ordering in the buy flow. > > **Overview** > Prevents stale `supportedCryptoCurrencies` from breaking buy flows by adding a react-query `providers` query (15min `staleTime`, `refetchOnMount`, `forceRefresh`) and wiring it into `useRampsProviders` (triggered when `regionCode` is available). > > Tightens “token unavailable” and provider selection behavior: `BuildQuote` now treats missing entries in `supportedCryptoCurrencies` as unsupported, `ProviderSelectionModal` skips quote fetching and disables quote UI when `selectedPaymentMethod` is `null`, and `ProviderSelection` groups providers into supported vs unsupported (with an “Other options” separator) when quotes aren’t shown/available. > > Adds/updates unit tests for the new query options, provider grouping, quote-fetch gating, and the token-unavailable edge case. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 707342f. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).  --------- Co-authored-by: Pedro Pablo Aste Kompen <wachunei@gmail.com>

## **Description** Removes static hex color values from tests and replaces them with theme-aware color lookups. Why: hardcoded hex values are brittle. - In production UI, hex literals can drift from the active theme, become incorrect as the color system evolves, and regress when token/theme mappings change. - In tests, hex literals in mocks/assertions can fail just because a token’s underlying value changed (noise during token upgrades; see PR #27825). Goal: no static hex colors anywhere inside app/components/ or app/component-library/ (including their tests and Storybook stories). Enforcement: - ESLint: @metamask/design-tokens/color-no-hex is turned on as error only for app/components/** and app/component-library/**. - Cursor rule: .cursor/rules/unit-testing-guidelines.mdc explicitly calls out “Never hardcode design token hex values” (backed by the eslint rule). Notable changes in this PR: - Tests: update theme mocks to reference mockTheme/design tokens instead of literals. - UI: replace a couple of production hex literals with token-backed values (e.g. SecurityTrustScreen, MarketInsights gradient). Related: #26639 Related: #27825 ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: static hex prevention in tests Scenario: tests pass after design token upgrade Given the design tokens package is upgraded When the test suite runs Then tests that check colors should not fail due to hex value changes ``` ## **Screenshots/Recordings** ### **Before**  ### **After** <img width="813" height="226" alt="Screenshot 2026-03-25 at 10 05 41 PM" src="https://github.com/user-attachments/assets/e3bdd558-b3f0-4b37-93a7-ae946382d75d" /> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Low Risk** > Low risk: mostly lint configuration and test mock updates, with minor UI color token substitutions that could slightly change appearance if token mappings differ. > > **Overview** > Removes hardcoded hex colors in multiple tests by switching mocks/props to mockTheme/design-token values, reducing flakiness when design tokens change; adds a targeted eslint disable for a #12345 token-id false positive. > > Updates UI constants/components to use design tokens instead of hex literals (e.g., Market Insights gradient border colors and Security Trust distribution bar/dot). Also tightens linting by enabling @metamask/design-tokens/color-no-hex as an error across all app/components and app/component-library while turning the rule off globally (removing the prior test-only override). > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 1d8241e. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).  --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com>

## Version Bump After Release This PR bumps the main branch version from 7.72.0 to 7.73.0 after cutting the release branch. ### Why this is needed: - **Nightly builds**: Each nightly build needs to be one minor version ahead of the current release candidate - **Version conflicts**: Prevents conflicts between nightlies and release candidates - **Platform alignment**: Maintains version alignment between MetaMask mobile and extension - **Update systems**: Ensures nightlies are accepted by app stores and browser update systems ### What changed: - Version bumped from `7.72.0` to `7.73.0` - Platform: `mobile` - Files updated by `set-semvar-version.sh` script ### Next steps: This PR should be **manually reviewed and merged by the release manager** to maintain proper version flow. ### Related: - Release version: 7.72.0 - Release branch: release/7.72.0 - Platform: mobile - Test mode: false --- *This PR was automatically created by the `create-platform-release-pr.sh` script.* Co-authored-by: metamaskbot <metamaskbot@users.noreply.github.com>

…cs to useAnalytics (#27985) --- ## **Description**  Replaces the deprecated `useMetrics` hook with the new `useAnalytics` hook in `useGoToPortfolioBridge.ts`. This is part of the broader C3 analytics migration (#26686) that standardises all analytics calls across the mobile app to use the new `useAnalytics` abstraction instead of `useMetrics`. The hook interface is identical (`trackEvent`, `createEventBuilder`), so no behaviour changes. ## **Changelog** CHANGELOG entry: null ## **Related issues** Refs: #26814 ## **Manual testing steps** N/A ## **Screenshots/Recordings** ### **Before** N/A ### **After** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.   --- > [!NOTE] > **Low Risk** > Low risk: swaps analytics hook wiring and adds legacy `action`/`name` properties to the emitted event, without changing navigation or URL-building logic. > > **Overview** > Updates `useGoToPortfolioBridge` to use the new `useAnalytics` hook instead of deprecated `useMetrics` for `BRIDGE_LINK_CLICKED` tracking. > > Also explicitly adds legacy `action` and `name` properties to the tracked event payload to preserve existing analytics fields during the migration. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 4b45bf0. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

… useAnalytics (#27983) --- ## **Description**  Replaces the deprecated `useMetrics` hook with the new `useAnalytics` hook in `TabBar.tsx`. This is part of the broader C3 analytics migration (#26686) that standardises all analytics calls across the mobile app to use the new `useAnalytics` abstraction instead of `useMetrics`. The hook interface is identical (`trackEvent`, `createEventBuilder`), so no behaviour changes. ## **Changelog** CHANGELOG entry: null ## **Related issues** Refs: #26814 ## **Manual testing steps** N/A ## **Screenshots/Recordings** ### **Before** N/A ### **After** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.   --- > [!NOTE] > **Low Risk** > Low risk refactor that swaps a deprecated analytics hook for its replacement while keeping the same `trackEvent`/`createEventBuilder` interface; main risk is accidental import/path or hook wiring issues affecting event emission. > > **Overview** > Updates `TabBar.tsx` to use the new `useAnalytics` hook instead of the deprecated `useMetrics`, leaving the existing `trackEvent`/`createEventBuilder` usage intact (e.g., for the wallet actions button click event). > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit c31f62f. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).

… using transparentModal presentation cp-7.73.0 (#28631) - fix: resolve white background in modals by using transparentModal presentation cp-7.73.0 (#28614) --- ## **Description**  Modal screens were displaying a white background before the modal content rendered, creating a jarring visual flash for users. The fix moves the presentation option to the parent `AppFlow` navigator's `screenOptions` as `presentation: 'transparentModal'`, which correctly renders modal screens with a transparent background. The redundant per-screen `presentation: 'modal'` and `detachPreviousScreen: false` options are removed since they are now superseded by the parent navigator config. ## **Changelog**  CHANGELOG entry: Fixed white background appearing behind modal screens ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: Modal presentation Scenario: user opens a modal from the wallet Given the user is on the main wallet screen When user taps any action that opens a modal (e.g. Send, Receive, Buy) Then the modal opens without a white background flash And the modal content is displayed over the previous screen with a transparent backdrop ``` ## **Screenshots/Recordings**  ### **Before** N/A ### **After** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  Made with [Cursor](https://cursor.com)  --- > [!NOTE] > **Medium Risk** > Navigation presentation behavior is changed at the root `AppFlow` level, which can affect the appearance and stacking/gestures of multiple modal-like screens across the app. > > **Overview** > Fixes a white background flash when opening modal screens by setting `presentation: 'transparentModal'` on the parent `AppFlow` stack navigator. > > Removes redundant per-screen `presentation: 'modal'` (and related custom transparent card/overlay config) from several modal routes (e.g., `RootModalFlow`, max tabs modal, Ledger/QR signing modals, `OptionsSheet`, and confirmation modals), relying on the parent navigator’s presentation defaults instead. > > Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 1e4ee31. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).  [e14d0e7](e14d0e7) Co-authored-by: tommasini <46944231+tommasini@users.noreply.github.com>

… navigation (#28647) - fix: replace bridge close button with back navigation (#28605)  ## **Description**  Updates the bridge view header so it uses a back chevron in the top left instead of a close icon in the top right. This keeps the existing exit behavior by continuing to pop the parent navigator, but aligns the bridge screen with a back-style navigation pattern instead of a dismiss-style action. ## **Changelog**  CHANGELOG entry: Updated the bridge screen to use a back chevron instead of a close icon ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: Bridge header navigation Scenario: user exits the bridge view with the header back chevron Given I am on the bridge view in MetaMask Mobile When user looks at the header Then I should see a back chevron on the top left And I should not see a close icon on the top right When user taps the back chevron Then the bridge view should close And I should return to the previous screen ``` ## **Screenshots/Recordings**  ### **Before** N/A ### **After** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.   --- > [!NOTE] > **Low Risk** > Small navigation behavior change limited to the Bridge header; low risk but could affect how users exit the Bridge flow if stack assumptions differ. > > **Overview** > **Bridge header navigation was adjusted.** `getBridgeNavbar` now wires the header action to `navigation.goBack()` instead of `navigation.getParent()?.pop()`. > > **Tests were updated accordingly.** The navbar unit test now asserts `goBack()` is called and that `getParent()` is not used when the Bridge header button is pressed. > > Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 38a66f3. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).  [d119b2d](d119b2d) Co-authored-by: Bryan Fullam <bryan.fullam@consensys.net>

… comment to prevent stale build numbers (#28664) - fix: forward build outputs to Slack and PR comment to prevent stale build numbers (#28615)  ## **Description** The Slack RC notification and PR build comment were displaying different build numbers than the TestFlight Upload summary. This happened because both the Slack notification and PR comment re-derived build numbers by checking out the release branch tip and reading from project files, rather than using the actual build outputs. If any commit landed on the release branch between the version bump (early in the iOS build) and the Slack notification (after both builds complete), the branch tip would have moved and the wrong build number would be reported. This PR fixes the issue by forwarding the exact build metadata (`semantic_version`, `ios_version_code`, `android_version_code`) from `build.yml` through `runway-ota-build-core.yml` to all downstream consumers. The Slack notification and PR comment now receive the same build numbers that were compiled into the actual binaries uploaded to TestFlight and Google Play. Before: <img width="1523" height="504" alt="Screenshot 2026-04-09 at 1 06 49 PM" src="https://github.com/user-attachments/assets/563b7b07-d98e-4600-b70f-8eb039049d3b" /> After (Using Runway iOS RC to test so we are only looking at iOS build number): <img width="1501" height="327" alt="Screenshot 2026-04-09 at 2 42 01 PM" src="https://github.com/user-attachments/assets/4b12f5f3-445c-4226-85b7-aa1c16cbc331" /> ## **Changelog**  CHANGELOG entry:null ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: RC build number consistency Scenario: Slack notification shows correct build number after version bump race Given a release branch (e.g. release/7.73.0) exists And the Runway iOS RC workflow is triggered from the feature branch When the iOS build completes its version bump (build number N) And a second version bump is manually triggered on the same branch (build number N+1) And the Slack notification job runs Then the Slack message should display build number N (matching TestFlight) And the TestFlight Upload summary should also display build number N ``` ## **Screenshots/Recordings**  ### **Before**  ### **After**  ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [x] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [x] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Changes GitHub Actions wiring for RC builds/notifications; low code risk but could break release communication or metadata reporting if outputs/inputs are miswired. > > **Overview** > RC build workflows now **forward build metadata outputs** (`semantic_version`, `ios_version_code`, `android_version_code`) from `build.yml` through `runway-ota-build-core.yml` to downstream consumers. > > The PR comment step in `build-rc-auto.yml` and the Slack notification callers (`build-rc-auto.yml`, `runway-ios-rc-workflow.yml`, `runway-android-rc-workflow.yml`) use these outputs directly, and `slack-rc-notification.yml` accepts optional `semver`/build-number inputs with a conditional fallback to `get-build-metadata.sh` only when values aren’t provided. > > Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit ca37390. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).  [aedda91](aedda91) Co-authored-by: Wei Sun <wei.sun@consensys.net>

- chore(ci): enable RC rolling builds (#28680) ## Description Adds **rolling builds** for the **Auto RC builds** workflow (`.github/workflows/build-rc-auto.yml`) by setting a **concurrency group** on `github.workflow` + `github.ref` with **`cancel-in-progress: true`**. When a new run starts for a given `release/*` branch, any **queued or in-progress** run of the same workflow for that branch is **cancelled**, so only the latest push is built. This mirrors Bitrise-style rolling builds and avoids piling up redundant RC builds when the release branch gets several commits in a short time. ## Changelog CHANGELOG entry: null internal CI behavior only. ## Related issues Fix: https://consensyssoftware.atlassian.net/browse/MCWP-518 ## Manual testing steps N/A — CI-only change. Verify by pushing multiple commits quickly to a labeled release PR and confirming older Auto RC workflow runs are cancelled while the newest run proceeds. [0805e78](0805e78) Co-authored-by: João Loureiro <175489935+joaoloureirop@users.noreply.github.com>

…cp-7.73.0 (#28674) - fix: fallback media doesn't take up space cp-7.73.0 (#28618) ## **Description** NFT fallback media doesn't take up space in parent container ## **Changelog** CHANGELOG entry:null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/MCWP-506 ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings** `~` ### **Before** https://github.com/user-attachments/assets/29a57084-127c-46bf-822e-898438503b31 ### **After** https://github.com/user-attachments/assets/94faeb11-27f1-4142-a920-2d0db6435ebe ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [x] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [x] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Low Risk** > Low risk UI-only styling change that adjusts `BadgeWrapper` layout behavior for `RemoteImage`/NFT media; main risk is minor visual regressions in badge positioning/sizing across screens using this wrapper. > > **Overview** > Fixes NFT media layout by applying a new `RemoteImageBadgeWrapper` style (`alignSelf: 'auto'`) to the underlying `BadgeWrapper`, allowing the wrapped image/fallback to size within its parent instead of being constrained. > > Updates the `NftDetails` snapshot to reflect the new `alignSelf` value on the badge wrapper container. > > Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 8a8bf58. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).  [54df3a0](54df3a0) Co-authored-by: Vince Howard <vincenguyenhoward@gmail.com>

…ns cp-7.73.0 (#28692) - fix: navigation default settings transitions cp-7.73.0 (#28690)  ## **Description** Transitioning from default settings to each individual tab is not working correctly https://github.com/user-attachments/assets/21b9940a-68b9-4c40-a10b-aba54b7996d7 ![transition](https://github.com/user-attachments/assets/73683672-fd43-4724-92ee-95377f55ee29) ## **Changelog**  CHANGELOG entry: fix default settings navigation ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings**  ### **Before**  ### **After**  ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [x] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [x] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Low Risk** > Low risk UI/navigation configuration change; could subtly affect onboarding stack visuals (background/header) and transition behavior but does not touch business logic or data handling. > > **Overview** > Fixes the broken transition from `DefaultSettings` into the individual onboarding settings screens by moving background/header styling into `Stack.Navigator`-level `screenOptions` for `OnboardingSuccessFlow`, and removing per-screen overrides. > > Also standardizes `OnboardingNav` card background via navigator `screenOptions` (dropping redundant per-screen `cardStyle`) to keep transitions visually consistent. > > Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 25a8f51. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).  [0a2700f](0a2700f) Co-authored-by: Wei Sun <wei.sun@consensys.net>

…28700) - fix: perp and short transition cp-7.73.0 (#28689)  ## **Description** Fix perps and short transition  ## **Changelog**  CHANGELOG entry: ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings**  ### **Before**  ### **After** https://github.com/user-attachments/assets/c922da17-10ce-4ed4-b1c0-7690cbe8471b  ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I've included tests if applicable - [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Touches React Navigation screen options for the perps confirmation flow, which can affect modal presentation/transition behavior and header visibility across routes. > > **Overview** > Adjusts the perps `RedesignedConfirmations` screen options to explicitly return `StackNavigationOptions` and always use `presentation: 'transparentModal'`, while keeping the conditional perps header behavior. > > This is intended to fix the perps/short transition behavior by ensuring confirmations are presented with a consistent transparent modal configuration. > > Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit ccdf1f4. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).  [5517bff](5517bff) Co-authored-by: tommasini <46944231+tommasini@users.noreply.github.com>

sonarqubecloud · 2026-04-11T00:25:53Z

Quality Gate failed

Failed conditions
44.9% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube Cloud

…top inset recalculation (#28704) - fix: Fix UI issue related to SafeAreaView top inset recalculation cp-7.73.0 (#28622)  ## **Description**  We're experiencing an issue where the SafeAreaView top padding gets recalculated upon component mount, which results in bad UI. This PR reduces the blast radius of the changes by consolidating all SafeAreaView imports to `react-native-safe-area-context`. We then create a shim for the module, which handles applying top insets via style instead. Changes also includes: - Consolidate safe area context mocks in test setup file - Remove unused safe area mocks within test files - Update snapshots ## **Changelog**  CHANGELOG entry: ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings**  ### **Before**  ### **After**  ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I've included tests if applicable - [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.  --- > [!NOTE] > **Medium Risk** > Touches SafeAreaView usage across many screens, so incorrect inset/edge handling could cause widespread layout regressions on iOS/Android despite being mostly mechanical changes. > > **Overview** > Standardizes `SafeAreaView` usage by switching many components from `react-native` to `react-native-safe-area-context` (including adding explicit `edges` in a few places) to avoid incorrect top-inset recalculation on mount. > > Refactors navigation/header configuration for `DeFiProtocolPositionDetails` by moving `setOptions` logic out of the component and into `MainNavigator` options via `getDeFiProtocolPositionDetailsNavbarOptions` (now explicitly sets `headerShown: true`). > > Cleans up tests by removing per-file safe-area mocks in favor of the centralized jest mock in `testSetupView.js`, and updates snapshots/expectations accordingly. > > Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit f88a0cf. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).  [d76192c](d76192c) --------- Co-authored-by: Cal-L <cal.leung@consensys.net>

github-actions · 2026-04-11T05:30:06Z

🔍 Smart E2E Test Selection

⏭️ Smart E2E selection skipped - draft PR

All E2E tests pre-selected.

View GitHub Actions results

github-actions · 2026-04-11T06:00:17Z

✅ E2E Fixture Validation — Schema is up to date
17 value mismatches detected (expected — fixture represents an existing user).
View details

github-actions · 2026-04-11T06:41:52Z

🚀 RC Builds Ready for Testing

Platform	Link	Version
iOS	TestFlight	Go to TestFlight and download build `4453`
Android	Download from CI	RC 7.73.0 (4453) — download APK artifact from the linked run

More Info

Version: 7.73.0
iOS Build Number: 4453
Android Build Number: 4453
Build Pipeline: View Pipeline

jiexi and others added 30 commits March 26, 2026 19:49

Merge origin/main into stable-main-7.73.0

c33228e

metamaskbot and others added 3 commits April 10, 2026 08:33

[skip ci] Bump version number to 4430

72e3098

[skip ci] Bump version number to 4431

13ca2d6