SELF-1231: feat- add restore account

[seshanthS]

Summary by CodeRabbit

• New Features

  • Added a "Restore account" screen and settings entry to start account recovery.
  • Recovery flow supports a "restore all documents" mode to attempt restoring every document, track successes, and continue despite per-document errors.
  • Centralized failure handler to surface, log, and handle restore failures gracefully.

• Navigation

  • Registered a titled "Restore Account" route and wired new recovery screens and route params into the flow.

• Tests

  • Navigation tests updated to include the new Restore Account screen.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Adds a bulk "restore all documents" account-restore flow: new exported restoreSecretForAllDocuments(selfClient, secret) iterates documents, validates registration/CSCA per document, re-stores MRZ passport data when needed, marks documents registered, and returns updated document IDs; navigation and recovery screens accept a restoreAllDocuments flag to trigger this flow.

Changes

Cohort / File(s)	Summary
Passport provider app/src/providers/passportDataProvider.tsx	Adds restoreSecretForAllDocuments(selfClient, secret): Promise<string[]>; imports isUserRegisteredWithAlternativeCSCA; loads catalog and Aadhaar keys, iterates documents, checks registration/CSCA (callback-style protocol store), calls reStorePassportDataWithRightCSCA for MRZ passports, updates isRegistered, logs per-document errors, returns succeeded IDs.
Self client provider app/src/providers/selfClientProvider.tsx	PROVING_ACCOUNT_RECOVERY_REQUIRED navigation now passes restoreAllDocuments: false to AccountRecoveryChoice.
Recovery choice & phrase screens app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx, app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx	Accept restoreAllDocuments route param (typed StaticScreenProps); when true, call restoreSecretForAllDocuments() after registration; add handleRestoreFailed for unified failure handling; import isMRZDocument and restoreSecretForAllDocuments.
New restore entry point app/src/screens/account/recovery/AccountRestoreScreen.tsx	New screen added; loads document catalog, checks for unregistered non-mock documents, navigates to AccountRecoveryChoice with restoreAllDocuments: true if any, otherwise to CountryPicker; logs BackupEvents.ACCOUNT_RECOVERY_STARTED.
Existing recovery screen app/src/screens/account/recovery/AccountRecoveryScreen.tsx	Now navigates to AccountRecoveryChoice with restoreAllDocuments: true via useHapticNavigation.
Settings integration app/src/screens/account/settings/SettingsScreen.tsx	Adds "Restore account" menu option that routes to new AccountRestore screen.
Navigation table app/src/navigation/account.ts	Registers new AccountRestore screen in accountScreens with title "Restore Account" and header styling.
Tests app/tests/src/navigation.test.tsx	Updated expectations to include AccountRestore in navigationScreens.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant SettingsScreen
    participant AccountRestoreScreen
    participant AccountRecoveryChoiceScreen
    participant SelfClient
    participant PassportProvider

    User->>SettingsScreen: Tap "Restore account"
    SettingsScreen->>AccountRestoreScreen: Navigate
    AccountRestoreScreen->>SelfClient: loadDocumentCatalog()
    SelfClient-->>AccountRestoreScreen: documents
    alt Unregistered docs exist
        AccountRestoreScreen->>AccountRecoveryChoiceScreen: Navigate (restoreAllDocuments: true)
    else No unregistered docs
        AccountRestoreScreen->>SelfClient: Navigate to CountryPicker
    end

    User->>AccountRecoveryChoiceScreen: Submit secret
    AccountRecoveryChoiceScreen->>SelfClient: restoreDocumentSecret()
    SelfClient-->>AccountRecoveryChoiceScreen: registration confirmed

    alt restoreAllDocuments == true
        AccountRecoveryChoiceScreen->>PassportProvider: restoreSecretForAllDocuments(secret)
        PassportProvider->>SelfClient: loadDocumentCatalog()/loadDocumentData()
        loop per document
            PassportProvider->>PassportProvider: check isRegistered, isMRZ, CSCA (callback-style)
            alt eligible
                PassportProvider->>PassportProvider: reStorePassportDataWithRightCSCA()
                PassportProvider->>SelfClient: updateDocumentRegistration(docId, registered)
            else not-eligible or error
                PassportProvider-->>PassportProvider: log error and continue
            end
        end
        PassportProvider-->>AccountRecoveryChoiceScreen: succeeded IDs
    end

    AccountRecoveryChoiceScreen->>User: Show success/failure outcome

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Areas needing focused review:
  • app/src/providers/passportDataProvider.tsx: verify correct async handling of the callback-style protocol store used by isUserRegisteredWithAlternativeCSCA to avoid race conditions and ensure Aadhaar keys are loaded before checks.
  • Atomicity between calling reStorePassportDataWithRightCSCA and updating isRegistered: ensure failures don't leave documents marked registered.
  • Secrets handling & telemetry: ensure no secrets are logged and analytics omit sensitive data.

Possibly related PRs

• SELF-1000: address passport data not found issue #1329 — Changes around CSCA handling and reStorePassportDataWithRightCSCA; likely overlaps with passport-provider CSCA logic.
• fix: navigate home #813 — Modifies document registration state (isRegistered) and SelfClient APIs referenced by this flow.
• SELF-1262:Hotfix/hide unregistered document #1423 — Alters account recovery screens and navigation flow; may overlap with recovery-screen changes here.

Suggested labels

codex

Suggested reviewers

• transphorm
• remicolin

Poem

🔐 One secret, many doors reopen,
A loop through passports, careful and woven.
MRZs aligned, CSCA set right,
Errors logged softly through the night.
Vaults restored — a quiet morning token.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat- add restore account' accurately describes the main feature addition across multiple recovery and restoration screens, matching the PR's core objective.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/restore-account

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fb4cd92 and 415659e.

📒 Files selected for processing (7)

• app/src/providers/passportDataProvider.tsx (2 hunks)
• app/src/providers/selfClientProvider.tsx (1 hunks)
• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (6 hunks)
• app/src/screens/account/recovery/AccountRecoveryScreen.tsx (1 hunks)
• app/src/screens/account/recovery/AccountRestoreScreen.tsx (1 hunks)
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (5 hunks)
• app/src/screens/account/settings/SettingsScreen.tsx (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/providers/passportDataProvider.tsx
• app/src/screens/account/recovery/AccountRestoreScreen.tsx
• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx
• app/src/screens/account/recovery/AccountRecoveryScreen.tsx
• app/src/providers/selfClientProvider.tsx
• app/src/screens/account/settings/SettingsScreen.tsx

🧠 Learnings (6)

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/providers/passportDataProvider.tsx
• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx
• app/src/providers/selfClientProvider.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/account/recovery/AccountRestoreScreen.tsx
• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/account/recovery/AccountRestoreScreen.tsx
• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx
• app/src/providers/selfClientProvider.tsx

📚 Learning: 2025-08-26T14:41:41.821Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/aesop/PassportOnboardingScreen.tsx:0-0
Timestamp: 2025-08-26T14:41:41.821Z
Learning: When verifying provider hierarchies in React Native apps, always check the main App.tsx file at the app root, not just navigation/index.tsx and layout files, as providers are often configured at the top-level App component.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-08-23T02:02:02.556Z

Learnt from: transphorm
Repo: selfxyz/self PR: 942
File: app/vite.config.ts:170-0
Timestamp: 2025-08-23T02:02:02.556Z
Learning: In the selfxyz/self React Native app, devTools from '@/navigation/devTools' are intentionally shipped to production builds for testing purposes, not excluded as is typical in most applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-10-23T12:08:55.529Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1236
File: packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx:356-378
Timestamp: 2025-10-23T12:08:55.529Z
Learning: In packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx, the NFC native events emitted via NativeEventEmitter are generic status strings (e.g., "PACE succeeded", "BAC failed", "Reading DG1 succeeded") and do not contain sensitive MRZ data or passport numbers, so they do not require sanitization before logging.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

🧬 Code graph analysis (5)

app/src/providers/passportDataProvider.tsx (6)

packages/mobile-sdk-alpha/src/index.ts (2)

• SelfClient (22-22)
• reStorePassportDataWithRightCSCA (105-105)

common/src/utils/passports/validate.ts (1)

• isUserRegisteredWithAlternativeCSCA (311-391)

common/index.ts (1)

• isMRZDocument (125-125)

common/src/utils/types.ts (1)

• isMRZDocument (171-177)

common/src/utils/index.ts (1)

• isMRZDocument (73-73)

packages/mobile-sdk-alpha/src/documents/utils.ts (1)

• reStorePassportDataWithRightCSCA (180-209)

app/src/screens/account/recovery/AccountRestoreScreen.tsx (3)

packages/mobile-sdk-alpha/src/constants/colors.ts (3)

• white (59-59)
• blue600 (10-10)
• black (8-8)

packages/mobile-sdk-alpha/src/constants/analytics.ts (1)

• BackupEvents (61-78)

packages/mobile-sdk-demo/tests/mocks/react-native.ts (1)

• StyleSheet (27-29)

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (1)

app/src/providers/passportDataProvider.tsx (1)

• restoreSecretForAllDocuments (897-938)

app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (1)

app/src/providers/passportDataProvider.tsx (1)

• restoreSecretForAllDocuments (897-938)

app/src/providers/selfClientProvider.tsx (1)

app/src/navigation/index.tsx (1)

• navigationRef (186-186)

🔇 Additional comments (4)

app/src/providers/selfClientProvider.tsx (1)

184-190: Consistent routing for account recovery trigger

Wiring PROVING_ACCOUNT_RECOVERY_REQUIRED to AccountRecoveryChoice with restoreAllDocuments: false looks correct and keeps this entry point aligned with the new param-driven flow.

app/src/screens/account/recovery/AccountRecoveryScreen.tsx (1)

25-35: Restore-all flag propagation from entry screen looks good

Passing restoreAllDocuments: true when entering AccountRecoveryChoice from this screen cleanly selects the bulk-restore path; no correctness or safety issues here.

app/src/screens/account/settings/SettingsScreen.tsx (1)

72-86: New “Restore account” settings entry is correctly wired

Adding ['Restore account', 'AccountRestore'] into routes integrates cleanly with the existing onMenuPress switch and navigation flow; assuming the AccountRestore route is registered in your navigator/param list, this looks solid.

app/src/screens/account/recovery/AccountRestoreScreen.tsx (1)

22-52: Restore-all entry logic is sound

The hasUnregisteredDocuments helper and onRestoreAccountPress decision (route to AccountRecoveryChoice with restoreAllDocuments: true vs CountryPicker) are straightforward and correctly scoped to non-mock, unregistered documents. No medium+ risks spotted here.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 415659e and 26502cd.

📒 Files selected for processing (4)

• app/src/navigation/account.ts (2 hunks)
• app/src/providers/passportDataProvider.tsx (2 hunks)
• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (5 hunks)
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (5 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/providers/passportDataProvider.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx
• app/src/navigation/account.ts

🧠 Learnings (6)

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/providers/passportDataProvider.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-10-23T12:08:55.529Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1236
File: packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx:356-378
Timestamp: 2025-10-23T12:08:55.529Z
Learning: In packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx, the NFC native events emitted via NativeEventEmitter are generic status strings (e.g., "PACE succeeded", "BAC failed", "Reading DG1 succeeded") and do not contain sensitive MRZ data or passport numbers, so they do not require sanitization before logging.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-08-26T14:41:41.821Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/aesop/PassportOnboardingScreen.tsx:0-0
Timestamp: 2025-08-26T14:41:41.821Z
Learning: When verifying provider hierarchies in React Native apps, always check the main App.tsx file at the app root, not just navigation/index.tsx and layout files, as providers are often configured at the top-level App component.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-08-23T02:02:02.556Z

Learnt from: transphorm
Repo: selfxyz/self PR: 942
File: app/vite.config.ts:170-0
Timestamp: 2025-08-23T02:02:02.556Z
Learning: In the selfxyz/self React Native app, devTools from '@/navigation/devTools' are intentionally shipped to production builds for testing purposes, not excluded as is typical in most applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

🧬 Code graph analysis (2)

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (4)

packages/mobile-sdk-alpha/src/constants/analytics.ts (1)

• BackupEvents (61-78)

app/src/providers/passportDataProvider.tsx (2)

• restoreSecretForAllDocuments (897-948)
• reStorePassportDataWithRightCSCA (702-744)

common/src/utils/passports/validate.ts (1)

• isUserRegisteredWithAlternativeCSCA (311-391)

packages/mobile-sdk-alpha/src/documents/utils.ts (2)

• reStorePassportDataWithRightCSCA (180-209)
• markCurrentDocumentAsRegistered (170-178)

app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (2)

app/src/providers/passportDataProvider.tsx (2)

• restoreSecretForAllDocuments (897-948)
• reStorePassportDataWithRightCSCA (702-744)

common/src/utils/passports/validate.ts (1)

• isUserRegisteredWithAlternativeCSCA (311-391)

🔇 Additional comments (3)

app/src/navigation/account.ts (1)

15-21: AccountRestore route wiring is consistent with existing navigation config

The new AccountRestore screen is imported and registered with options matching the other account settings screens (header colors, title). No navigation or type-safety issues stand out.

Also applies to: 83-94

app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (1)

10-50: Recover-with-phrase flow now enforces commitment checks and handles bulk restore safely

• Route params are handled defensively via route.params?.restoreAllDocuments ?? false, avoiding crashes on missing params.
• The single-document path always requires isRegistered === true before restoring CSCA data and marking the document registered.
• The all-documents path delegates verification to restoreSecretForAllDocuments and treats “0 successful docs” as a hard failure via handleRestoreFailed.

This keeps the “secret ↔ commitment tree” check mandatory while adding the bulk-restore capability without weakening registration guarantees.

Also applies to: 66-77, 99-184

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (1)

7-8: Account recovery choice flow cleanly integrates bulk restore without weakening checks

• Route params are handled defensively (route.params?.restoreAllDocuments ?? false), avoiding the earlier risk of destructuring undefined.
• Manual recovery navigation correctly forwards restoreAllDocuments to RecoverWithPhrase.
• In cloud restore:
  • The single-doc path always enforces isRegistered before toggling cloud backup, updating CSCA, or marking the document registered.
  • The bulk path relies on restoreSecretForAllDocuments to enforce per-document verification and treats “no document restored” as a failure via handleRestoreFailed.

Overall, the new branching keeps the registration checks mandatory while adding the “restore all documents” capability in a controlled way.

Also applies to: 47-55, 74-80, 86-101, 128-205

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Avoid hard‑coding 'prod' when fetching Aadhaar protocol data in bulk restore

In restoreSecretForAllDocuments, Aadhaar keys are loaded with a hard‑coded production environment:

if (!useProtocolStore.getState().aadhaar.public_keys) {
  await useProtocolStore.getState().aadhaar.fetch_all('prod');
}

This couples bulk restore to prod only and will likely break or silently mis‑verify documents in staging/dev (or any non‑prod environment), since the commitment tree and public keys won’t match the environment the app/selfClient is actually using.

Consider deriving the environment from existing configuration (e.g., a field on selfClient, a global env setting, or whatever your other protocol-store fetches already use) and passing that through instead of a literal:

const env = /* derive from selfClient or config */;
if (!useProtocolStore.getState().aadhaar.public_keys) {
  await useProtocolStore.getState().aadhaar.fetch_all(env);
}

This keeps restore behavior aligned with the currently active network and avoids hard‑to‑debug environment mismatches.

Also applies to: 892-947

🤖 Prompt for AI Agents

In app/src/providers/passportDataProvider.tsx around lines 57-58 (and similarly
at 892-947), the code hard-codes the Aadhaar protocol fetch environment to
'prod' which can cause restore/verification mismatches in non-production
environments; change the call to derive the environment from the current
runtime/config (for example use a field on selfClient, a protocol-store helper,
or a global env/config value the app already uses) and pass that derived env
into useProtocolStore.getState().aadhaar.fetch_all(env) instead of 'prod';
ensure the derived value is validated (fallback to a sensible default) and
update all other instances (892-947) to use the same derived environment
variable so bulk restore aligns with the active network.

[seshanthS]

The screen where we hardcoded will be accessible only in the ‘prod’ environment.

[coderabbitai]

@seshanthS, thanks for clarifying! If the restore feature is prod-only by design, then hard-coding 'prod' is reasonable.

To make that constraint more explicit for future maintainers, you could consider adding a comment above the fetch call:

// Restore feature is prod-only; always use prod environment
if (!useProtocolStore.getState().aadhaar.public_keys) {
  await useProtocolStore.getState().aadhaar.fetch_all('prod');
}

Or if you want to be extra defensive, add a runtime check that throws early if someone tries to use this in non-prod. But if the UI already enforces the prod-only access, the current approach is fine.

---

🧠 Learnings used

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement certificate validation for passport data verification.

---

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:51.177Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Test `isPassportDataValid()` with realistic, synthetic passport data and never use real user PII

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py} : Validate passport numbers by removing whitespace/punctuation and performing country-specific format validation

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py} : Implement three-tier OFAC verification system: Passport Number Check (direct passport validation), Name + DOB Check (full name with exact date of birth), and Name + Year Check (name with year of birth, defaulting to Jan-01)

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Do not log sensitive data in production, including identity verification and passport information.

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to **/*.{ts,tsx,js} : Never log PII, credentials, or private keys in production code; use DEBUG_SECRETS_TOKEN flag for debug-level secrets

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8aad749 and 6d8a6f0.

📒 Files selected for processing (3)

• app/src/navigation/account.ts (2 hunks)
• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (5 hunks)
• app/src/screens/account/settings/SettingsScreen.tsx (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• app/src/screens/account/settings/SettingsScreen.tsx
• app/src/navigation/account.ts

🧰 Additional context used

📓 Path-based instructions (13)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/src/**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Use module mapping @/ → src/ and @tests/ → tests/src/ in app Jest configuration

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

**/*.{ts,tsx,js}: Never log PII, credentials, or private keys in production code; use DEBUG_SECRETS_TOKEN flag for debug-level secrets
Use consistent redaction patterns for sensitive fields in logs and test data

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/src/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Update app to consume mobile-sdk-alpha modules after migration and validate all existing app tests pass

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/**/*.{ts,tsx,js,jsx,json,yml,yaml}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn nice passes (fixes linting and formatting) before creating a PR

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/**/*.{ts,tsx,js,jsx,swift,kt,java}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx,swift,kt,java}: Flag security-sensitive operations and note performance implications in code comments
Ensure no sensitive data (PII, credentials, tokens) is present in logs

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

🧠 Learnings (19)

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/processing/**/*.{ts,tsx} : Migrate MRZ processing helpers from app/src/utils/ to packages/mobile-sdk-alpha/src/processing/ with comprehensive tests for MRZ parsing and cross-platform compatibility

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:08:23.106Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:23.106Z
Learning: Applies to app/{ios,android}/** : Document complex native module changes and explain platform-specific code paths

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/validation/**/*.{ts,tsx} : Migrate document validation logic from app/src/utils/ to packages/mobile-sdk-alpha/src/validation/ with unit tests for each validation rule and edge cases

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/index.ts : Re-export all new migrated modules via packages/mobile-sdk-alpha/src/index.ts and document them in packages/mobile-sdk-alpha/README.md

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.integration.{test.ts,test.tsx,spec.ts,spec.tsx} : Test end-to-end flows covering complete user journeys through the identity verification process

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:08:11.887Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:11.887Z
Learning: Address CodeRabbitAI feedback or document why not; resolve security warnings; verify performance benchmarks; confirm no sensitive data exposed in logs/comments.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:08:23.106Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:23.106Z
Learning: Address CodeRabbitAI feedback and resolve security warnings during code review

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use React Navigation with `createStaticNavigation` for type-safe navigation in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Tamagui for UI components in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Zustand for global state management in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-26T14:41:41.821Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/aesop/PassportOnboardingScreen.tsx:0-0
Timestamp: 2025-08-26T14:41:41.821Z
Learning: When verifying provider hierarchies in React Native apps, always check the main App.tsx file at the app root, not just navigation/index.tsx and layout files, as providers are often configured at the top-level App component.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement lazy loading for screens using `React.lazy()` in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement custom modal system with `useModal` hook and callback registry in React Native.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Integrate haptic feedback using `useHapticNavigation` hook in React Native navigation.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-23T02:02:02.556Z

Learnt from: transphorm
Repo: selfxyz/self PR: 942
File: app/vite.config.ts:170-0
Timestamp: 2025-08-23T02:02:02.556Z
Learning: In the selfxyz/self React Native app, devTools from '@/navigation/devTools' are intentionally shipped to production builds for testing purposes, not excluded as is typical in most applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:08:51.177Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:51.177Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Test `isPassportDataValid()` with realistic, synthetic passport data and never use real user PII

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

🪛 GitHub Actions: Mobile CI

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

[error] 95-95: TypeScript error: Cannot find name 'setRestoring'. Ensure 'setRestoring' is defined (e.g., from useState) or fix its usage.

🪛 GitHub Check: build-deps

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

[warning] 12-12:
'isMRZDocument' is defined but never used

🪛 GitHub Check: workspace-lint

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

[warning] 12-12:
'isMRZDocument' is defined but never used

⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: test-common
• GitHub Check: type-check
• GitHub Check: e2e-ios
• GitHub Check: android-build-test
• GitHub Check: analyze-android
• GitHub Check: analyze-ios

🔇 Additional comments (2)

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (2)

47-55: Safe route-param handling and propagation of restoreAllDocuments looks solid

Switching the component signature to receive route and deriving restoreAllDocuments via route.params?.restoreAllDocuments ?? false avoids the earlier unsafe destructuring and gracefully handles missing params. Passing the same flag through useHapticNavigation('RecoverWithPhrase', { params: { restoreAllDocuments } }) keeps the manual recovery flow correctly wired without introducing new edge cases.

Also applies to: 75-81

---

130-181: Bulk vs per-document restore branching keeps the commitment check mandatory

The new restoreAllDocuments branch uses restoreSecretForAllDocuments and fails when successDocuments.length === 0, while the per-document path now unconditionally treats !isRegistered as a hard failure before restoring/marking the document or toggling cloud backup. This closes the earlier hole where a failed commitment check could be treated as non-fatal when restoreAllDocuments was true, and maintains a clear, security-focused separation between bulk and single-document flows.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

find . -type f -name "AccountRecoveryChoiceScreen.tsx" | head -5

Repository: selfxyz/self

Length of output: 122

---

🏁 Script executed:

cat -n app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

Repository: selfxyz/self

Length of output: 14363

---

🏁 Script executed:

cd app && yarn types 2>&1 | grep -A 5 "AccountRecoveryChoiceScreen"

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

cd app && yarn types 2>&1 | head -100

Repository: selfxyz/self

Length of output: 525

---

🏁 Script executed:

cd app && npx tsc --noEmit 2>&1 | grep -A 3 "AccountRecoveryChoiceScreen"

Repository: selfxyz/self

Length of output: 38

---

Move handleRestoreFailed inside restoreAccountFlow to fix scope error on setRestoring

Line 95 references setRestoring(false), but setRestoring only exists as a parameter to restoreAccountFlow (line 104), not in the scope where handleRestoreFailed is defined (lines 87-98). This causes a TypeScript error and would crash at runtime.

Move handleRestoreFailed inside restoreAccountFlow so it can close over setRestoring, and remove it from the dependency array at line 205. This preserves all analytics and navigation behavior while fixing the scope error.

🧰 Tools

🪛 GitHub Actions: Mobile CI

[error] 95-95: TypeScript error: Cannot find name 'setRestoring'. Ensure 'setRestoring' is defined (e.g., from useState) or fix its usage.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (1)

175-179: Add defensive null check before using CSCA.

The type assertion csca as string at line 177 assumes csca is non-null when isRegistered is true. While this aligns with the expected API contract of isUserRegisteredWithAlternativeCSCA, there's no runtime guarantee.

Apply this diff to add a defensive check:

       if (!isRegistered) {
         console.warn(
           'Secret provided did not match a registered ID. Please try again.',
         );
         handleRestoreFailed('document_not_registered', !!csca);
+        setRestoring(false);
         return false;
       }
+      if (!csca) {
+        console.error('Registration verified but CSCA is missing');
+        handleRestoreFailed('missing_csca', false);
+        setRestoring(false);
+        return false;
+      }
       if (isCloudRestore && !cloudBackupEnabled) {
         toggleCloudBackupEnabled();
       }
       await reStorePassportDataWithRightCSCA(
         passportDataParsed,
-        csca as string,
+        csca,
       );
       await markCurrentDocumentAsRegistered(selfClient);

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6d8a6f0 and b8ceda4.

📒 Files selected for processing (1)

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (5 hunks)

🧰 Additional context used

📓 Path-based instructions (13)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/src/**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Use module mapping @/ → src/ and @tests/ → tests/src/ in app Jest configuration

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

**/*.{ts,tsx,js}: Never log PII, credentials, or private keys in production code; use DEBUG_SECRETS_TOKEN flag for debug-level secrets
Use consistent redaction patterns for sensitive fields in logs and test data

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/src/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Update app to consume mobile-sdk-alpha modules after migration and validate all existing app tests pass

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/**/*.{ts,tsx,js,jsx,json,yml,yaml}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn nice passes (fixes linting and formatting) before creating a PR

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/**/*.{ts,tsx,js,jsx,swift,kt,java}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx,swift,kt,java}: Flag security-sensitive operations and note performance implications in code comments
Ensure no sensitive data (PII, credentials, tokens) is present in logs

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

🧠 Learnings (18)

📚 Learning: 2025-11-25T14:08:23.106Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:23.106Z
Learning: Applies to app/{ios,android}/** : Document complex native module changes and explain platform-specific code paths

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/processing/**/*.{ts,tsx} : Migrate MRZ processing helpers from app/src/utils/ to packages/mobile-sdk-alpha/src/processing/ with comprehensive tests for MRZ parsing and cross-platform compatibility

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/validation/**/*.{ts,tsx} : Migrate document validation logic from app/src/utils/ to packages/mobile-sdk-alpha/src/validation/ with unit tests for each validation rule and edge cases

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:08:11.887Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:11.887Z
Learning: Address CodeRabbitAI feedback or document why not; resolve security warnings; verify performance benchmarks; confirm no sensitive data exposed in logs/comments.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/tee/**/*.{ts,tsx} : Migrate TEE session management from app/src/utils/ to packages/mobile-sdk-alpha/src/tee/ with tests for WebSocket handling, abort, timeout, and lifecycle events

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/protocol/**/*.{ts,tsx} : Migrate protocol synchronization from app/src/utils/ to packages/mobile-sdk-alpha/src/protocol/ with tests for tree fetching, TTL caching, rate limiting, and memory bounds

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use React Navigation with `createStaticNavigation` for type-safe navigation in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Tamagui for UI components in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Zustand for global state management in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement lazy loading for screens using `React.lazy()` in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Integrate haptic feedback using `useHapticNavigation` hook in React Native navigation.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement custom modal system with `useModal` hook and callback registry in React Native.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-26T14:41:41.821Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/aesop/PassportOnboardingScreen.tsx:0-0
Timestamp: 2025-08-26T14:41:41.821Z
Learning: When verifying provider hierarchies in React Native apps, always check the main App.tsx file at the app root, not just navigation/index.tsx and layout files, as providers are often configured at the top-level App component.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use custom hooks for complex state (`useModal`, `useHapticNavigation`) instead of inline logic.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:08:51.177Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:51.177Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Test `isPassportDataValid()` with realistic, synthetic passport data and never use real user PII

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

🧬 Code graph analysis (1)

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (3)

app/src/providers/passportDataProvider.tsx (2)

• restoreSecretForAllDocuments (897-948)
• reStorePassportDataWithRightCSCA (702-744)

common/src/utils/passports/validate.ts (1)

• isUserRegisteredWithAlternativeCSCA (311-391)

packages/mobile-sdk-alpha/src/stores/protocolStore.ts (1)

• useProtocolStore (160-528)

⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)

• GitHub Check: build-android
• GitHub Check: build-ios
• GitHub Check: test
• GitHub Check: type-check
• GitHub Check: e2e-ios
• GitHub Check: android-build-test
• GitHub Check: analyze-android
• GitHub Check: analyze-ios

[transphorm]

@seshanthS nice 🎉

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b8ceda4 and efb6f26.

📒 Files selected for processing (2)

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (5 hunks)
• app/tests/src/navigation.test.tsx (1 hunks)

🧰 Additional context used

📓 Path-based instructions (17)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

app/src/**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Use module mapping @/ → src/ and @tests/ → tests/src/ in app Jest configuration

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

**/*.{ts,tsx,js}: Never log PII, credentials, or private keys in production code; use DEBUG_SECRETS_TOKEN flag for debug-level secrets
Use consistent redaction patterns for sensitive fields in logs and test data

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

app/src/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Update app to consume mobile-sdk-alpha modules after migration and validate all existing app tests pass

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

app/**/*.{ts,tsx,js,jsx,json,yml,yaml}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn nice passes (fixes linting and formatting) before creating a PR

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

app/**/*.{ts,tsx,js,jsx,swift,kt,java}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx,swift,kt,java}: Flag security-sensitive operations and note performance implications in code comments
Ensure no sensitive data (PII, credentials, tokens) is present in logs

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

**/*.test.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.test.{ts,tsx,js,jsx}: Use renderHook for testing custom React hooks instead of rendering components.
Mock console.error in tests to avoid test output clutter while testing error scenarios.
Test error boundaries and recovery mechanisms in React components.
Mock SQLite operations with executeSql method in database tests using utilities from tests/__setup__/databaseMocks.ts.

Files:

• app/tests/src/navigation.test.tsx

app/**/*.{test.js,test.ts,test.tsx,spec.js,spec.ts,spec.tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Use Jest for testing in the app directory with React Native preset configured in jest.config.cjs

Files:

• app/tests/src/navigation.test.tsx

app/**/*.{test,spec}.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn test passes (unit tests) before creating a PR

Files:

• app/tests/src/navigation.test.tsx

**/*.{test,spec}.{ts,js,tsx,jsx}

⚙️ CodeRabbit configuration file

**/*.{test,spec}.{ts,js,tsx,jsx}: Review test files for:

• Test coverage completeness
• Test case quality and edge cases
• Mock usage appropriateness
• Test readability and maintainability

Files:

• app/tests/src/navigation.test.tsx

🧠 Learnings (27)

📚 Learning: 2025-11-25T14:08:23.106Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:23.106Z
Learning: Applies to app/{ios,android}/** : Document complex native module changes and explain platform-specific code paths

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/validation/**/*.{ts,tsx} : Migrate document validation logic from app/src/utils/ to packages/mobile-sdk-alpha/src/validation/ with unit tests for each validation rule and edge cases

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx
• app/tests/src/navigation.test.tsx

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:08:11.887Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:11.887Z
Learning: Address CodeRabbitAI feedback or document why not; resolve security warnings; verify performance benchmarks; confirm no sensitive data exposed in logs/comments.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:08:23.106Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:23.106Z
Learning: Address CodeRabbitAI feedback and resolve security warnings during code review

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/tee/**/*.{ts,tsx} : Migrate TEE session management from app/src/utils/ to packages/mobile-sdk-alpha/src/tee/ with tests for WebSocket handling, abort, timeout, and lifecycle events

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/protocol/**/*.{ts,tsx} : Migrate protocol synchronization from app/src/utils/ to packages/mobile-sdk-alpha/src/protocol/ with tests for tree fetching, TTL caching, rate limiting, and memory bounds

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use React Navigation with `createStaticNavigation` for type-safe navigation in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Tamagui for UI components in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Zustand for global state management in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement lazy loading for screens using `React.lazy()` in React Native applications.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Integrate haptic feedback using `useHapticNavigation` hook in React Native navigation.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement custom modal system with `useModal` hook and callback registry in React Native.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-26T14:41:41.821Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/aesop/PassportOnboardingScreen.tsx:0-0
Timestamp: 2025-08-26T14:41:41.821Z
Learning: When verifying provider hierarchies in React Native apps, always check the main App.tsx file at the app root, not just navigation/index.tsx and layout files, as providers are often configured at the top-level App component.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use custom hooks for complex state (`useModal`, `useHapticNavigation`) instead of inline logic.

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:08:51.177Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:51.177Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Test `isPassportDataValid()` with realistic, synthetic passport data and never use real user PII

Applied to files:

• app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.{test.ts,test.tsx,spec.ts,spec.tsx} : Create comprehensive test fixtures and mock data for each migrated module without exposing sensitive information

Applied to files:

• app/tests/src/navigation.test.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.integration.{test.ts,test.tsx,spec.ts,spec.tsx} : Test end-to-end flows covering complete user journeys through the identity verification process

Applied to files:

• app/tests/src/navigation.test.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.{ts,tsx,test.ts,test.tsx} : Create tests BEFORE migrating logic to verify functionality works correctly in the mobile-sdk-alpha package

Applied to files:

• app/tests/src/navigation.test.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to app/src/**/*.{ts,tsx} : Update app to consume mobile-sdk-alpha modules after migration and validate all existing app tests pass

Applied to files:

• app/tests/src/navigation.test.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.{test.ts,test.tsx,spec.ts,spec.tsx} : Mock native dependencies appropriately in tests when testing platform-specific code

Applied to files:

• app/tests/src/navigation.test.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/**/*.{ts,tsx} : Test platform-specific code paths for React Native (iOS and Android) and web implementations

Applied to files:

• app/tests/src/navigation.test.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.test.{ts,tsx,js,jsx} : Test error boundaries and recovery mechanisms in React components.

Applied to files:

• app/tests/src/navigation.test.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/proving/**/*.{ts,tsx} : Migrate proof input generation from app/src/utils/proving/ to packages/mobile-sdk-alpha/src/proving/ with tests for register, disclose, and TEE input generation

Applied to files:

• app/tests/src/navigation.test.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.{test.ts,test.tsx,spec.ts,spec.tsx} : Suppress console noise in mobile-sdk-alpha tests using setup in tests/setup.ts

Applied to files:

• app/tests/src/navigation.test.tsx

⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: build-android
• GitHub Check: build-ios
• GitHub Check: test
• GitHub Check: test-common
• GitHub Check: type-check
• GitHub Check: android-build-test
• GitHub Check: e2e-ios
• GitHub Check: analyze-android
• GitHub Check: analyze-ios

🔇 Additional comments (2)

app/tests/src/navigation.test.tsx (1)

35-86: Navigation test update for AccountRestore looks correct

Including 'AccountRestore' in the sorted listOfScreens expectation keeps this test aligned with the new route and maintains coverage of the navigation registry.

app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (1)

46-54: Route param handling and propagation of restoreAllDocuments is now robust

Using StaticScreenProps with route.params?.restoreAllDocuments ?? false avoids crashes when params are missing and keeps the restoreAllDocuments flag consistently forwarded into the RecoverWithPhrase navigation params. This closes the earlier unsafe-destructuring gap while preserving the intended behavior.

Also applies to: 75-79

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Cloud backup toggle is skipped for “restore all documents” cloud restores

In restoreAccountFlow, the isCloudRestore && !cloudBackupEnabled toggle only runs in the single-document branch:

if (restoreAllDocuments) {
  const successDocuments = await restoreSecretForAllDocuments(...);
  if (successDocuments.length === 0) {
    handleRestoreFailed(...);
    setRestoring(false);
    return false;
  }
} else {
  // ...
  if (isCloudRestore && !cloudBackupEnabled) {
    toggleCloudBackupEnabled();
  }
  await reStorePassportDataWithRightCSCA(...);
  await markCurrentDocumentAsRegistered(selfClient);
}

When restoreAllDocuments === true and the user comes via the cloud-restore path (isCloudRestore === true), a successful restore never enables cloudBackupEnabled. That’s a reliability issue: users who just recovered from cloud backup on the “restore all documents” path will silently remain without backup enabled.

You can restore the original “enable backup whenever a cloud restore succeeds” behavior (for both single-doc and all-doc flows) by moving the toggle to after the branch, just before logging success:

-          if (isCloudRestore && !cloudBackupEnabled) {
-            toggleCloudBackupEnabled();
-          }
-          await reStorePassportDataWithRightCSCA(
+          await reStorePassportDataWithRightCSCA(
             passportDataParsed,
             csca as string,
           );
           await markCurrentDocumentAsRegistered(selfClient);
         }
-
-        trackEvent(BackupEvents.CLOUD_RESTORE_SUCCESS);
+        if (isCloudRestore && !cloudBackupEnabled) {
+          toggleCloudBackupEnabled();
+        }
+
+        trackEvent(BackupEvents.CLOUD_RESTORE_SUCCESS);

This keeps the early-return failure paths unchanged while ensuring any successful cloud-based restore (single doc or all docs) leaves the account with cloud backup correctly enabled.

Also applies to: 183-187, 198-209

🤖 Prompt for AI Agents

In app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx around lines
128-176 (and also consider related sections at 183-187 and 198-209), the
cloud-backup toggle runs only in the single-document branch so successful cloud
restores that use the "restore all documents" path never enable cloud backup;
move the isCloudRestore && !cloudBackupEnabled check out of the else branch and
instead perform it once after the if/else completes successfully (i.e., after
the early-return failure checks for restoreAllDocuments and after the single-doc
registration check) so that for both the all-docs and single-doc successful
flows you call toggleCloudBackupEnabled() when needed while leaving all existing
early returns unchanged.