feat(test-tools): device compatibility system with expected overrides

[wabicai]

Summary

• Extend DevicePlugin interface with ignoreMethodParams and expectedOverrides to support param-level filtering and device-specific expected results
• Integrate compatibility checks into Blind Signature Security Test (generateRequestParams, processRequest, processResponse)
• Add device-specific expected result display in ResultView

Device Plugin Updates

Classic

• ignoreMethod: alephium, scdo, ton, neo, benfen, btcSignPsbt, aptosSignInMessage, aptosSignTransaction (USB error), tronSignMessage, deviceRebootToBoardloader
• ignoreMethodParams: EIP-7702 (authorizationList) not supported
• expectedOverrides: stellar/nem wrong coin type succeeds (warning only), sol correct coin type 501 returns Invalid params

Classic 1S / Classic Pure

• ignoreMethod: dnxGetAddress, dnxSignTransaction (performance limitation)
• expectedOverrides: stellar/nem wrong coin type succeeds (safety checks off), sol correct coin type 501 returns Invalid params

Known Issues (TODO)

Device	Method	Issue
Classic	aptosSignTransaction	USB transfer error, likely firmware bug
Classic / 1S / Pure	solSignTransaction	Returns Invalid params with correct coin type 501

Test plan

• Run Blind Signature Security Test on Classic - verify skipped methods and expected overrides
• Run Blind Signature Security Test on Classic 1S - verify dnx skip and expected overrides
• Run Blind Signature Security Test on Classic Pure - verify same behavior as Classic 1S
• Run Blind Signature Security Test on Touch/Pro/Mini - verify no regressions

🤖 Generated with Claude Code

[revan-zhang]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

To fix the issue, ensure that all occurrences of the ' character are removed from coinTypePart, not just the first. This is done by using a regular expression with the global (g) flag instead of a string literal in replace.

Concretely, in packages/connect-examples/expo-example/src/testTools/securityCheckTest/blindSignature/index.tsx, update line 271:

• Change coinTypePart.replace("'", ''); to use a regex: coinTypePart.replace(/'/g, '');.

This preserves existing functionality for standard paths like m/44'/60'/0', while correctly handling any unexpected extra ' characters and eliminating the static analysis warning. No new imports or helper methods are needed.

In general, to fix this class of problem you must ensure that all occurrences of the target substring or character are handled, not just the first. In JavaScript/TypeScript, this is commonly done by using String.prototype.replace with a global regular expression (e.g. /'/g) or by using replaceAll when available, or by choosing a more precise parsing approach if semantics are more complex than simple removal.

For this specific code, coinTypePart.replace("'", '') is clearly intended to strip apostrophes from the coin type segment of a derivation path. The minimal, behavior-preserving fix is to change it so that it removes all apostrophes, not just the first. The safest cross-environment approach that does not require any new imports is to use a global regular expression: coinTypePart.replace(/'/g, ''). This keeps the function and file behavior identical for inputs with zero or one apostrophe, while correctly normalizing any inputs with multiple apostrophes.

Only a single line in packages/connect-examples/expo-example/src/testTools/securityCheckTest/blindSignature/index.tsx needs to be changed (line 57 in the provided snippet). No new methods, imports, or type definitions are required.