Refactor proving machine so it's easier to grok

[transphorm]

Summary

• Extract proving helpers into dedicated internal modules for payload generation, WebSocket handling, Socket.IO listening, URL resolution, and document processing
• Slim down provingMachine to focus on state machine wiring while preserving existing analytics and side effects
• Keep public store API intact while clarifying dependency injection boundaries for new helpers

Related

• fixes for agent comments on pre-existing logic

Testing

• yarn nice
• yarn lint
• yarn types
• yarn test

---

Codex Task

Summary by CodeRabbit

• New Features

  • End-to-end proving: payload creation, encryption, submission, real-time status via WebSocket/Socket.IO, automated document parsing/validation, and TEE connection for proving flows.

• Refactor

  • Modular, dependency-injected proving workflow with clearer separation, improved error handling, telemetry and logging.

• Tests

  • Expanded unit/integration tests for state machine, helpers, TEE connection and message handlers.

• Chores

  • Standardized circuit type naming across the SDK.

[coderabbitai]

📝 Walkthrough

Walkthrough

Modularizes the proving pipeline: extracts document processing, payload generation/encryption, WebSocket/Socket.IO listeners, TEE connection handling, typed state machine, dependency factories, constants, and tests; renames a public circuit type export.

Changes

Cohort / File(s)	Summary
Document Processing & Validation packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts	New dependency‑injected document processor exporting DocumentProcessorDeps, parseIDDocument, startFetchingData, and validatingDocument. Performs parsing, DSC/tree fetching, validation branching (disclose/register/dsc/alternative CSCA), telemetry, and state‑machine signalling (PARSE_, FETCH_, VALIDATION_*).
Payload Generation & Encryption packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts	New payload builder with AES‑256‑GCM encryption, EncryptedPayload, PayloadDeps, _generateCircuitInputs, _generatePayload, and _buildSubmitRequest. Handles circuit-specific inputs, solidity packing, proof context, and JSON‑RPC submission packaging.
WebSocket & Socket.IO Communication packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts, packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts, packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts	Adds WebSocket handlers (message/open/error/close), Socket.IO status listener, and URL resolver. Implements attestation/HELLO flow, shared‑key derivation, status parsing, connection lifecycle, telemetry, and actor signaling.
TEE Connection Management packages/mobile-sdk-alpha/src/proving/internal/teeConnectionHandler.ts	initTeeConnection establishes WS to TEE, wires event handlers into state, subscribes to actor for readiness/failure, and resolves boolean success.
State Machine, Constants & Types packages/mobile-sdk-alpha/src/proving/internal/stateMachine.ts, .../constants.ts, .../types.ts	New XState proving machine and centralized PROVING_EVENTS/PROVING_STATES/TIMING. Exports ProvingMachineCircuitType, ProvingState, ProvingStateType, and WsHandlers.
Dependency Factories & Helpers packages/mobile-sdk-alpha/src/proving/internal/dependencyFactory.ts, .../helpers.ts	Factories to create bound deps for document/payload/socket/websocket; createProofContext, checkActorInitialized, and platform detection helpers.
Actor Subscriptions packages/mobile-sdk-alpha/src/proving/internal/actorSubscriptions.ts	setupActorSubscriptions attaches actor listener, emits telemetry/analytics, updates public state, and triggers side effects/handlers per transition.
Core Machine Refactor / Public API packages/mobile-sdk-alpha/src/proving/provingMachine.ts, packages/mobile-sdk-alpha/src/index.ts	Monolith split: provingMachine delegates to injected deps; new public method/handler typings added. Export renamed provingMachineCircuitType → ProvingMachineCircuitType in package index.
App Type & UI Updates app/src/proving/loadingScreenStateText.ts, app/src/screens/dev/DevLoadingScreen.tsx	Updated local usages to new ProvingMachineCircuitType export.
Tests packages/mobile-sdk-alpha/tests/proving/internal/*, packages/mobile-sdk-alpha/tests/proving/*	New/updated tests for helpers, state machine, tee connection, document processor, websocket handlers, and updated mocks for socket listener wiring. Also adds a KYC unsupported validation test.

Sequence Diagram(s)

mermaid
sequenceDiagram
participant App as SelfClient (App)
participant Actor as Proving Actor (XState)
participant Doc as DocumentProcessor
participant Protocol as Protocol Store
participant TEE as TEE WebSocket
participant WSHandlers as WebSocket Handlers
participant Payload as PayloadGenerator
participant Relayer as Relayer / Socket.IO

App->>Actor: PARSE_ID_DOCUMENT
Actor->>Doc: parseIDDocument(selfClient, deps)
Doc->>Protocol: fetch SKI/PEM / trees
Doc-->>Actor: PARSE_SUCCESS / PARSE_ERROR
Actor->>Doc: FETCH_DATA
Doc->>Protocol: fetch DSC / commitment trees
Doc-->>Actor: FETCH_SUCCESS / FETCH_ERROR
Actor->>Doc: VALIDATE_DOCUMENT
Doc-->>Actor: VALIDATION_SUCCESS / VALIDATION_ERROR / ALREADY_REGISTERED
Actor->>TEE: initTeeConnection(selfClient, deps)
Actor->>WSHandlers: setup WS handlers (message/open/error/close)
TEE->>WSHandlers: open -> _handleWsOpen
Actor->>Payload: _generatePayload(selfClient, deps)
Payload->>Relayer: submit encrypted JSON‑RPC payload
Relayer->>Actor: status events (via Socket.IO)
Relayer->>App: PROVE_SUCCESS / PROVE_ERROR

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• Adds missing check for typescript types to app ci #1198 — Rename/adjust exported proving circuit type in packages/mobile-sdk-alpha/src/index.ts (direct export/name change).
• chore: update staging; release id picker v.2.6.8 #1194 — Changes to parsing/validation handlers (parseIDDocument and related proving state handlers).
• Add proving machine refactor guardrail tests #1584 — Adds tests that target the new proving internal modules (documentProcessor, payloadGenerator, websocket handlers).

Suggested reviewers

• seshanthS
• aaronmgdr
• remicolin

Poem

🧩 Monolith split, modules sing,
WebSockets hum and payloads ring,
Actors steer the proving tide,
Encrypted proofs take secure stride,
Tests cheer on the modular spring.

🚥 Pre-merge checks | ✅ 1 | ❌ 3

❌ Failed checks (2 warnings, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Merge Conflict Detection	⚠️ Warning	❌ Merge conflicts detected (605 files): ⚔️ .github/workflows/circuits-build.yml (content) ⚔️ .github/workflows/mobile-ci.yml (content) ⚔️ .github/workflows/mobile-deploy.yml (content) ⚔️ .github/workflows/mobile-e2e.yml (content) ⚔️ .github/workflows/mobile-sdk-demo-e2e.yml (content) ⚔️ .github/workflows/npm-publish.yml (content) ⚔️ .github/workflows/workspace-ci.yml (content) ⚔️ .gitignore (content) ⚔️ app/.eslintrc.cjs (content) ⚔️ app/App.tsx (content) ⚔️ app/Gemfile (content) ⚔️ app/Gemfile.lock (content) ⚔️ app/android/app/build.gradle (content) ⚔️ app/android/app/src/main/AndroidManifest.xml (content) ⚔️ app/android/app/src/main/java/com/proofofpassportapp/ui/CameraMLKitFragment.kt (content) ⚔️ app/babel.config.cjs (content) ⚔️ app/babel.config.test.cjs (content) ⚔️ app/declarations.d.ts (content) ⚔️ app/docs/examples/tree-shaking/granular-circuits-example.ts (content) ⚔️ app/docs/examples/tree-shaking/level2-optimal-example.ts (content) ⚔️ app/docs/examples/tree-shaking/level3-migration-guide.ts (content) ⚔️ app/docs/examples/tree-shaking/level3-optimal-example.ts (content) ⚔️ app/docs/examples/tree-shaking/optimal-pattern-example.ts (content) ⚔️ app/env.ts (content) ⚔️ app/index.js (content) ⚔️ app/ios/OpenPassport/Info.plist (content) ⚔️ app/ios/OpenPassport/OpenPassport.entitlements (content) ⚔️ app/ios/OpenPassport/OpenPassportDebug.entitlements (content) ⚔️ app/ios/Podfile (content) ⚔️ app/ios/Podfile.lock (content) ⚔️ app/ios/PrivacyInfo.xcprivacy (content) ⚔️ app/ios/Self.xcodeproj/project.pbxproj (content) ⚔️ app/ios/Self.xcodeproj/xcshareddata/xcschemes/OpenPassport.xcscheme (content) ⚔️ app/jest.config.cjs (content) ⚔️ app/jest.setup.js (content) ⚔️ app/metro.config.cjs (content) ⚔️ app/package.json (content) ⚔️ app/react-native.config.cjs (content) ⚔️ app/scripts/alias-imports.cjs (content) ⚔️ app/scripts/analyze-tree-shaking.cjs (content) ⚔️ app/scripts/bundle-analyze-ci.cjs (content) ⚔️ app/scripts/check-test-requires.cjs (content) ⚔️ app/scripts/cleanup-private-modules.cjs (content) ⚔️ app/scripts/find-type-import-issues.mjs (content) ⚔️ app/scripts/mobile-deploy-confirm.cjs (content) ⚔️ app/scripts/run-ios-simulator.cjs (content) ⚔️ app/scripts/setup-private-modules.cjs (content) ⚔️ app/scripts/tag.cjs (content) ⚔️ app/scripts/test-tree-shaking.cjs (content) ⚔️ app/scripts/tests/aliasImports.test.cjs (content) ⚔️ app/scripts/tests/bundleAnalyzeCi.test.cjs (content) ⚔️ app/scripts/tests/cleanupIosBuild.test.cjs (content) ⚔️ app/scripts/tests/mobileDeployConfirm.test.cjs (content) ⚔️ app/scripts/tests/mobileDeployConfirmModule.test.cjs (content) ⚔️ app/scripts/tests/treeShaking.test.cjs (content) ⚔️ app/scripts/version-manager.cjs (content) ⚔️ app/scripts/version-manager.test.cjs (content) ⚔️ app/scripts/version.cjs (content) ⚔️ app/src/assets/animations/loader.ts (content) ⚔️ app/src/components/AlertModal.tsx (content) ⚔️ app/src/components/BackupDocumentationLink.tsx (content) ⚔️ app/src/components/Disclosures.tsx (content) ⚔️ app/src/components/ErrorBoundary.tsx (content) ⚔️ app/src/components/FeedbackModal.tsx (content) ⚔️ app/src/components/LoadingUI.tsx (content) ⚔️ app/src/components/Mnemonic.tsx (content) ⚔️ app/src/components/PointHistoryList.tsx (content) ⚔️ app/src/components/SystemBars.tsx (content) ⚔️ app/src/components/Tips.tsx (content) ⚔️ app/src/components/WebViewFooter.tsx (content) ⚔️ app/src/components/documents/IDSelectorItem.tsx (content) ⚔️ app/src/components/documents/IDSelectorSheet.tsx (content) ⚔️ app/src/components/documents/index.ts (content) ⚔️ app/src/components/homescreen/IdCard.tsx (content) ⚔️ app/src/components/homescreen/SvgXmlWrapper.native.tsx (content) ⚔️ app/src/components/homescreen/SvgXmlWrapper.tsx (content) ⚔️ app/src/components/homescreen/SvgXmlWrapper.web.tsx (content) ⚔️ app/src/components/native/PassportCamera.tsx (content) ⚔️ app/src/components/native/PassportCamera.web.tsx (content) ⚔️ app/src/components/native/QRCodeScanner.tsx (content) ⚔️ app/src/components/native/QRCodeScanner.web.tsx (content) ⚔️ app/src/components/native/RCTFragment.tsx (content) ⚔️ app/src/components/navbar/AadhaarNavBar.tsx (content) ⚔️ app/src/components/navbar/BaseNavBar.tsx (content) ⚔️ app/src/components/navbar/DefaultNavBar.tsx (content) ⚔️ app/src/components/navbar/DocumentFlowNavBar.tsx (content) ⚔️ app/src/components/navbar/HeadlessNavForEuclid.tsx (content) ⚔️ app/src/components/navbar/HomeNavBar.tsx (content) ⚔️ app/src/components/navbar/IdDetailsNavBar.tsx (content) ⚔️ app/src/components/navbar/Points.tsx (content) ⚔️ app/src/components/navbar/PointsNavBar.tsx (content) ⚔️ app/src/components/navbar/WebViewNavBar.tsx (content) ⚔️ app/src/components/navbar/index.ts (content) ⚔️ app/src/components/proof-request/BottomActionBar.tsx (content) ⚔️ app/src/components/proof-request/BottomVerifyBar.tsx (content) ⚔️ app/src/components/proof-request/ConnectedWalletBadge.tsx (content) ⚔️ app/src/components/proof-request/DisclosureItem.tsx (content) ⚔️ app/src/components/proof-request/ProofMetadataBar.tsx (content) ⚔️ app/src/components/proof-request/ProofRequestCard.tsx (content) ⚔️ app/src/components/proof-request/ProofRequestHeader.tsx (content) ⚔️ app/src/components/proof-request/WalletAddressModal.tsx (content) ⚔️ app/src/components/proof-request/designTokens.ts (content) ⚔️ app/src/components/proof-request/icons.tsx (content) ⚔️ app/src/components/proof-request/index.ts (content) ⚔️ app/src/components/referral/CopyReferralButton.tsx (content) ⚔️ app/src/components/referral/ReferralHeader.tsx (content) ⚔️ app/src/components/referral/ReferralInfo.tsx (content) ⚔️ app/src/components/referral/ShareButton.tsx (content) ⚔️ app/src/components/starfall/StarfallLogoHeader.tsx (content) ⚔️ app/src/components/starfall/StarfallPIN.tsx (content) ⚔️ app/src/config/index.ts (content) ⚔️ app/src/config/remoteConfig.shared.ts (content) ⚔️ app/src/config/remoteConfig.ts (content) ⚔️ app/src/config/remoteConfig.web.ts (content) ⚔️ app/src/config/segment.ts (content) ⚔️ app/src/config/sentry.ts (content) ⚔️ app/src/config/sentry.web.ts (content) ⚔️ app/src/consts/index.ts (content) ⚔️ app/src/consts/links.ts (content) ⚔️ app/src/consts/recoveryPrompts.ts (content) ⚔️ app/src/devtools/index.ts (content) ⚔️ app/src/devtools/mocks/index.ts (content) ⚔️ app/src/devtools/mocks/nfcScanner.ts (content) ⚔️ app/src/devtools/mocks/react-native-community-blur.ts (content) ⚔️ app/src/devtools/mocks/react-native-gesture-handler.ts (content) ⚔️ app/src/devtools/mocks/react-native-passport-reader.ts (content) ⚔️ app/src/devtools/mocks/react-native-safe-area-context.js (content) ⚔️ app/src/devtools/mocks/react-native-svg.ts (content) ⚔️ app/src/devtools/testing/index.ts (content) ⚔️ app/src/devtools/testing/utils.ts (content) ⚔️ app/src/hooks/useAppUpdates.ts (content) ⚔️ app/src/hooks/useAppUpdates.web.ts (content) ⚔️ app/src/hooks/useConnectionModal.ts (content) ⚔️ app/src/hooks/useEarnPointsFlow.ts (content) ⚔️ app/src/hooks/useFeedbackAutoHide.ts (content) ⚔️ app/src/hooks/useFeedbackModal.ts (content) ⚔️ app/src/hooks/useHapticNavigation.ts (content) ⚔️ app/src/hooks/useMnemonic.ts (content) ⚔️ app/src/hooks/useMockDataForm.ts (content) ⚔️ app/src/hooks/useModal.ts (content) ⚔️ app/src/hooks/useNetInfo.ts (content) ⚔️ app/src/hooks/useNetInfo.web.ts (content) ⚔️ app/src/hooks/usePoints.ts (content) ⚔️ app/src/hooks/usePointsGuardrail.ts (content) ⚔️ app/src/hooks/useProofDisclosureStalenessCheck.ts (content) ⚔️ app/src/hooks/useRecoveryPrompts.ts (content) ⚔️ app/src/hooks/useReferralConfirmation.ts (content) ⚔️ app/src/hooks/useReferralMessage.ts (content) ⚔️ app/src/hooks/useReferralRegistration.ts (content) ⚔️ app/src/hooks/useRegisterReferral.ts (content) ⚔️ app/src/hooks/useSelfAppData.ts (content) ⚔️ app/src/hooks/useTestReferralFlow.ts (content) ⚔️ app/src/integrations/haptics/index.ts (content) ⚔️ app/src/integrations/haptics/shared.ts (content) ⚔️ app/src/integrations/haptics/trigger.ts (content) ⚔️ app/src/integrations/haptics/trigger.web.ts (content) ⚔️ app/src/integrations/keychain/index.ts (content) ⚔️ app/src/integrations/nfc/nfcScanner.ts (content) ⚔️ app/src/integrations/nfc/passportReader.ts (content) ⚔️ app/src/integrations/sharing.ts (content) ⚔️ app/src/integrations/sumsub/index.ts (content) ⚔️ app/src/integrations/sumsub/sumsubService.ts (content) ⚔️ app/src/integrations/sumsub/types.ts (content) ⚔️ app/src/integrations/turnkey.ts (content) ⚔️ app/src/layouts/AppLayout.tsx (content) ⚔️ app/src/layouts/ExpandableBottomLayout.tsx (content) ⚔️ app/src/layouts/SimpleScrolledTitleLayout.tsx (content) ⚔️ app/src/navigation/account.ts (content) ⚔️ app/src/navigation/account.web.ts (content) ⚔️ app/src/navigation/app.tsx (content) ⚔️ app/src/navigation/deeplinks.ts (content) ⚔️ app/src/navigation/devTools.tsx (content) ⚔️ app/src/navigation/documents.ts (content) ⚔️ app/src/navigation/home.ts (content) ⚔️ app/src/navigation/index.tsx (content) ⚔️ app/src/navigation/onboarding.ts (content) ⚔️ app/src/navigation/shared.ts (content) ⚔️ app/src/navigation/starfall.ts (content) ⚔️ app/src/navigation/types.ts (content) ⚔️ app/src/navigation/verification.ts (content) ⚔️ app/src/providers/authProvider.tsx (content) ⚔️ app/src/providers/authProvider.web.tsx (content) ⚔️ app/src/providers/databaseProvider.tsx (content) ⚔️ app/src/providers/feedbackProvider.tsx (content) ⚔️ app/src/providers/loggerProvider.tsx (content) ⚔️ app/src/providers/notificationTrackingProvider.tsx (content) ⚔️ app/src/providers/notificationTrackingProvider.web.tsx (content) ⚔️ app/src/providers/passportDataProvider.tsx (content) ⚔️ app/src/providers/remoteConfigProvider.tsx (content) ⚔️ app/src/providers/selfClientProvider.tsx (content) ⚔️ app/src/proving/index.ts (content) ⚔️ app/src/proving/loadingScreenStateText.ts (content) ⚔️ app/src/proving/validateDocument.ts (content) ⚔️ app/src/screens/account/recovery/AccountRecoveryChoiceScreen.tsx (content) ⚔️ app/src/screens/account/recovery/AccountRecoveryScreen.tsx (content) ⚔️ app/src/screens/account/recovery/DocumentDataNotFoundScreen.tsx (content) ⚔️ app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (content) ⚔️ app/src/screens/account/settings/CloudBackupScreen.tsx (content) ⚔️ app/src/screens/account/settings/ProofSettingsScreen.tsx (content) ⚔️ app/src/screens/account/settings/SettingsScreen.tsx (content) ⚔️ app/src/screens/account/settings/ShowRecoveryPhraseScreen.tsx (content) ⚔️ app/src/screens/app/DeferredLinkingInfoScreen.tsx (content) ⚔️ app/src/screens/app/GratificationScreen.tsx (content) ⚔️ app/src/screens/app/LoadingScreen.tsx (content) ⚔️ app/src/screens/app/ModalScreen.tsx (content) ⚔️ app/src/screens/app/ReferralScreen.tsx (content) ⚔️ app/src/screens/app/SplashScreen.tsx (content) ⚔️ app/src/screens/dev/CreateMockScreen.tsx (content) ⚔️ app/src/screens/dev/CreateMockScreenDeepLink.tsx (content) ⚔️ app/src/screens/dev/DevFeatureFlagsScreen.tsx (content) ⚔️ app/src/screens/dev/DevHapticFeedbackScreen.tsx (content) ⚔️ app/src/screens/dev/DevLoadingScreen.tsx (content) ⚔️ app/src/screens/dev/DevPrivateKeyScreen.tsx (content) ⚔️ app/src/screens/dev/DevSettingsScreen.tsx (content) ⚔️ app/src/screens/documents/aadhaar/AadhaarUploadErrorScreen.tsx (content) ⚔️ app/src/screens/documents/aadhaar/AadhaarUploadScreen.tsx (content) ⚔️ app/src/screens/documents/aadhaar/AadhaarUploadedSuccessScreen.tsx (content) ⚔️ app/src/screens/documents/management/DocumentDataInfoScreen.tsx (content) ⚔️ app/src/screens/documents/management/IdDetailsScreen.tsx (content) ⚔️ app/src/screens/documents/management/ManageDocumentsScreen.tsx (content) ⚔️ app/src/screens/documents/scanning/DocumentCameraScreen.tsx (content) ⚔️ app/src/screens/documents/scanning/DocumentCameraTroubleScreen.tsx (content) ⚔️ app/src/screens/documents/scanning/DocumentNFCMethodSelectionScreen.tsx (content) ⚔️ app/src/screens/documents/scanning/DocumentNFCScanScreen.tsx (content) ⚔️ app/src/screens/documents/scanning/DocumentNFCScanScreen.web.tsx (content) ⚔️ app/src/screens/documents/scanning/DocumentNFCTroubleScreen.tsx (content) ⚔️ app/src/screens/documents/selection/ConfirmBelongingScreen.tsx (content) ⚔️ app/src/screens/documents/selection/CountryPickerScreen.tsx (content) ⚔️ app/src/screens/documents/selection/DocumentOnboardingScreen.tsx (content) ⚔️ app/src/screens/documents/selection/IDPickerScreen.tsx (content) ⚔️ app/src/screens/home/HomeScreen.tsx (content) ⚔️ app/src/screens/home/PointsInfoScreen.tsx (content) ⚔️ app/src/screens/home/ProofHistoryDetailScreen.tsx (content) ⚔️ app/src/screens/home/ProofHistoryList.tsx (content) ⚔️ app/src/screens/home/ProofHistoryScreen.tsx (content) ⚔️ app/src/screens/onboarding/AccountVerifiedSuccessScreen.tsx (content) ⚔️ app/src/screens/onboarding/DisclaimerScreen.tsx (content) ⚔️ app/src/screens/onboarding/SaveRecoveryPhraseScreen.tsx (content) ⚔️ app/src/screens/shared/ComingSoonScreen.tsx (content) ⚔️ app/src/screens/shared/WebViewScreen.tsx (content) ⚔️ app/src/screens/starfall/StarfallPushCodeScreen.tsx (content) ⚔️ app/src/screens/verification/DocumentSelectorForProvingScreen.tsx (content) ⚔️ app/src/screens/verification/ProofRequestStatusScreen.tsx (content) ⚔️ app/src/screens/verification/ProveScreen.tsx (content) ⚔️ app/src/screens/verification/ProvingScreenRouter.tsx (content) ⚔️ app/src/screens/verification/QRCodeTroubleScreen.tsx (content) ⚔️ app/src/screens/verification/QRCodeViewFinderScreen.tsx (content) ⚔️ app/src/services/analytics.ts (content) ⚔️ app/src/services/cloud-backup/google.ts (content) ⚔️ app/src/services/cloud-backup/helpers.ts (content) ⚔️ app/src/services/cloud-backup/index.ts (content) ⚔️ app/src/services/cloud-backup/ios.ts (content) ⚔️ app/src/services/logging/index.ts (content) ⚔️ app/src/services/logging/logger/consoleInterceptor.ts (content) ⚔️ app/src/services/logging/logger/lokiTransport.ts (content) ⚔️ app/src/services/logging/logger/nativeLoggerBridge.ts (content) ⚔️ app/src/services/notifications/notificationService.shared.ts (content) ⚔️ app/src/services/notifications/notificationService.ts (content) ⚔️ app/src/services/notifications/notificationService.web.ts (content) ⚔️ app/src/services/points/api.ts (content) ⚔️ app/src/services/points/constants.ts (content) ⚔️ app/src/services/points/eventPolling.ts (content) ⚔️ app/src/services/points/getEvents.ts (content) ⚔️ app/src/services/points/index.ts (content) ⚔️ app/src/services/points/jobStatus.ts (content) ⚔️ app/src/services/points/recordEvents.ts (content) ⚔️ app/src/services/points/registerEvents.ts (content) ⚔️ app/src/services/points/types.ts (content) ⚔️ app/src/services/points/utils.ts (content) ⚔️ app/src/services/starfall/pushCodeService.ts (content) ⚔️ app/src/services/support.ts (content) ⚔️ app/src/stores/database.ts (content) ⚔️ app/src/stores/database.web.ts (content) ⚔️ app/src/stores/pointEventStore.ts (content) ⚔️ app/src/stores/proofHistoryStore.ts (content) ⚔️ app/src/stores/proofTypes.ts (content) ⚔️ app/src/stores/settingStore.ts (content) ⚔️ app/src/stores/userStore.ts (content) ⚔️ app/src/types/countryIso3To2.d.ts (content) ⚔️ app/src/types/global.d.ts (content) ⚔️ app/src/types/mnemonic.ts (content) ⚔️ app/src/types/png.d.ts (content) ⚔️ app/src/types/react-native-keychain.d.ts (content) ⚔️ app/src/types/reactNativePassportReader.d.ts (content) ⚔️ app/src/types/sumsub.d.ts (content) ⚔️ app/src/types/svg.d.ts (content) ⚔️ app/src/types/vite-env.d.ts (content) ⚔️ app/src/utils/crypto/cryptoLoader.ts (content) ⚔️ app/src/utils/crypto/ethers.ts (content) ⚔️ app/src/utils/crypto/mnemonic.ts (content) ⚔️ app/src/utils/devUtils.ts (content) ⚔️ app/src/utils/disclosureUtils.ts (content) ⚔️ app/src/utils/documentAttributes.ts (content) ⚔️ app/src/utils/documentUtils.ts (content) ⚔️ app/src/utils/formatUserId.ts (content) ⚔️ app/src/utils/index.ts (content) ⚔️ app/src/utils/jsonUtils.ts (content) ⚔️ app/src/utils/keychainErrors.ts (content) ⚔️ app/src/utils/modalCallbackRegistry.ts (content) ⚔️ app/src/utils/retry.ts (content) ⚔️ app/src/utils/styleUtils.ts (content) ⚔️ app/src/utils/webview.ts (content) ⚔️ app/tamagui.config.ts (content) ⚔️ app/tests/__mocks__/mobile-sdk-components.js (content) ⚔️ app/tests/__setup__/@env.js (content) ⚔️ app/tests/__setup__/databaseMocks.ts (content) ⚔️ app/tests/__setup__/imageMock.js (content) ⚔️ app/tests/__setup__/mocks/navigation.js (content) ⚔️ app/tests/__setup__/mocks/ui.js (content) ⚔️ app/tests/__setup__/notificationServiceMock.js (content) ⚔️ app/tests/__setup__/svgMock.js (content) ⚔️ app/tests/src/components/ErrorBoundary.test.tsx (content) ⚔️ app/tests/src/components/PassportCamera.test.tsx (content) ⚔️ app/tests/src/components/documents/IDSelectorSheet.test.tsx (content) ⚔️ app/tests/src/config/remoteConfig.test.ts (content) ⚔️ app/tests/src/consts/links.test.ts (content) ⚔️ app/tests/src/hooks/useAppUpdates.test.tsx (content) ⚔️ app/tests/src/hooks/useConnectionModal.test.ts (content) ⚔️ app/tests/src/hooks/useEarnPointsFlow.test.ts (content) ⚔️ app/tests/src/hooks/useHapticNavigation.test.ts (content) ⚔️ app/tests/src/hooks/useMnemonic.test.ts (content) ⚔️ app/tests/src/hooks/useModal.test.ts (content) ⚔️ app/tests/src/hooks/useProofDisclosureStalenessCheck.test.ts (content) ⚔️ app/tests/src/hooks/useRecoveryPrompts.test.ts (content) ⚔️ app/tests/src/hooks/useReferralConfirmation.test.ts (content) ⚔️ app/tests/src/hooks/useReferralMessage.test.ts (content) ⚔️ app/tests/src/hooks/useReferralRegistration.test.ts (content) ⚔️ app/tests/src/hooks/useRegisterReferral.test.ts (content) ⚔️ app/tests/src/integrations/nfc/nfcScanner.test.ts (content) ⚔️ app/tests/src/integrations/nfc/passportReader.test.ts (content) ⚔️ app/tests/src/navigation.test.tsx (content) ⚔️ app/tests/src/navigation/deeplinks.test.ts (content) ⚔️ app/tests/src/providers/loggerProvider.test.tsx (content) ⚔️ app/tests/src/providers/passportDataProvider.test.tsx (content) ⚔️ app/tests/src/providers/remoteConfigProvider.test.tsx (content) ⚔️ app/tests/src/providers/selfClientProvider.test.tsx (content) ⚔️ app/tests/src/proving/loadingScreenStateText.test.ts (content) ⚔️ app/tests/src/proving/provingUtils.test.ts (content) ⚔️ app/tests/src/proving/validateDocument.test.ts (content) ⚔️ app/tests/src/screens/GratificationScreen.test.tsx (content) ⚔️ app/tests/src/screens/WebViewScreen.test.tsx (content) ⚔️ app/tests/src/screens/verification/DocumentSelectorForProvingScreen.test.tsx (content) ⚔️ app/tests/src/screens/verification/ProvingScreenRouter.test.tsx (content) ⚔️ app/tests/src/services/analytics.test.ts (content) ⚔️ app/tests/src/services/cloud-backup.test.ts (content) ⚔️ app/tests/src/services/logging.test.ts (content) ⚔️ app/tests/src/services/notifications/notificationService.test.ts (content) ⚔️ app/tests/src/stores/database.test.ts (content) ⚔️ app/tests/src/stores/proofHistoryStore.test.ts (content) ⚔️ app/tests/src/utils/crypto/ethers.test.ts (content) ⚔️ app/tests/src/utils/formatUserId.test.ts (content) ⚔️ app/tests/src/utils/jsonUtils.test.ts (content) ⚔️ app/tests/src/utils/keychainErrors.test.ts (content) ⚔️ app/tests/src/utils/modalCallbackRegistry.test.ts (content) ⚔️ app/tests/src/utils/points/api.test.ts (content) ⚔️ app/tests/src/utils/points/recordEvents.test.ts (content) ⚔️ app/tests/src/utils/points/registerEvents.test.ts (content) ⚔️ app/tests/src/utils/webview.test.ts (content) ⚔️ app/version.json (content) ⚔️ app/vite.config.ts (content) ⚔️ app/web/main.tsx (content) ⚔️ babel.config.js (content) ⚔️ circuits/circuits/register/register_aadhaar.circom (content) ⚔️ circuits/circuits/utils/crypto/bigInt/bigIntComparators.circom (content) ⚔️ circuits/scripts/build/build_cpp.sh (content) ⚔️ circuits/tests/utils/kyc/ofac/ofac.test.ts (content) ⚔️ common/index.ts (content) ⚔️ common/src/polyfills/crypto.ts (content) ⚔️ common/src/types/globals.d.ts (content) ⚔️ common/src/utils/aadhaar/mockData.ts (content) ⚔️ common/src/utils/circuits/circuitsName.ts (content) ⚔️ common/src/utils/circuits/registerInputs.ts (content) ⚔️ common/src/utils/index.ts (content) ⚔️ common/src/utils/kyc/api.ts (content) ⚔️ common/src/utils/kyc/generateInputs.ts (content) ⚔️ common/src/utils/ofac.test.ts (content) ⚔️ common/src/utils/ofac.ts (content) ⚔️ common/src/utils/passports/passport.ts (content) ⚔️ common/src/utils/passports/validate.ts (content) ⚔️ common/src/utils/proving.ts (content) ⚔️ common/src/utils/types.ts (content) ⚔️ common/tests/cryptoHash.test.ts (content) ⚔️ common/tests/cryptoHmac.test.ts (content) ⚔️ common/tests/proving.test.ts (content) ⚔️ contracts/contracts/IdentityVerificationHubImplV2.sol (content) ⚔️ contracts/contracts/libraries/CustomVerifier.sol (content) ⚔️ contracts/contracts/registry/IdentityRegistryKycImplV1.sol (content) ⚔️ contracts/contracts/tests/MockGCPJWTVerifier.sol (content) ⚔️ contracts/deployments/registry.json (content) ⚔️ contracts/hardhat.config.ts (content) ⚔️ contracts/ignition/deployments/chain-11142220/deployed_addresses.json (content) ⚔️ contracts/ignition/deployments/chain-42220/deployed_addresses.json (content) ⚔️ contracts/ignition/modules/hub/updateRegistries.ts (content) ⚔️ contracts/ignition/modules/hub/updateVerifiers.ts (content) ⚔️ contracts/ignition/modules/registry/updateRegistries.ts (content) ⚔️ contracts/ignition/modules/verifiers/deployAllVerifiers.ts (content) ⚔️ contracts/package.json (content) ⚔️ contracts/tasks/upgrade/upgrade.ts (content) ⚔️ contracts/test/v2/registerKyc.test.ts (content) ⚔️ package.json (content) ⚔️ packages/mobile-sdk-alpha/.eslintrc.cjs (content) ⚔️ packages/mobile-sdk-alpha/package.json (content) ⚔️ packages/mobile-sdk-alpha/react-native.config.cjs (content) ⚔️ packages/mobile-sdk-alpha/scripts/copy-assets.mjs (content) ⚔️ packages/mobile-sdk-alpha/scripts/postBuild.mjs (content) ⚔️ packages/mobile-sdk-alpha/scripts/report-exports.mjs (content) ⚔️ packages/mobile-sdk-alpha/scripts/setup-native-source.cjs (content) ⚔️ packages/mobile-sdk-alpha/scripts/shimConfigs.js (content) ⚔️ packages/mobile-sdk-alpha/scripts/validate-exports.mjs (content) ⚔️ packages/mobile-sdk-alpha/scripts/verify-conditions.mjs (content) ⚔️ packages/mobile-sdk-alpha/src/adapters/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/adapters/react-native/nfc-scanner.ts (content) ⚔️ packages/mobile-sdk-alpha/src/adapters/web/shims.ts (content) ⚔️ packages/mobile-sdk-alpha/src/bridge/nativeEvents.native.ts (content) ⚔️ packages/mobile-sdk-alpha/src/bridge/nativeEvents.ts (content) ⚔️ packages/mobile-sdk-alpha/src/browser.ts (content) ⚔️ packages/mobile-sdk-alpha/src/client.ts (content) ⚔️ packages/mobile-sdk-alpha/src/components/ButtonsContainer.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/DelayedLottieView.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/DelayedLottieView.web.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/MRZScannerView.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/TextsContainer.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/buttons/AbstractButton.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/buttons/PrimaryButton.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/buttons/PrimaryButtonLongHold.shared.ts (content) ⚔️ packages/mobile-sdk-alpha/src/components/buttons/PrimaryButtonLongHold.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/buttons/PrimaryButtonLongHold.web.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/buttons/SecondaryButton.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/buttons/pressedStyle.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/flag/RoundFlag.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/components/layout/Button.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/layout/Text.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/layout/View.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/layout/XStack.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/layout/YStack.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/screens/NFCScannerScreen.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/screens/PassportCameraScreen.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/screens/QRCodeScreen.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/typography/Additional.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/typography/BodyText.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/typography/Caption.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/typography/Caution.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/typography/Description.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/typography/DescriptionTitle.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/typography/SubHeader.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/typography/Title.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/components/typography/styles.ts (content) ⚔️ packages/mobile-sdk-alpha/src/config/defaults.ts (content) ⚔️ packages/mobile-sdk-alpha/src/config/features.ts (content) ⚔️ packages/mobile-sdk-alpha/src/config/merge.ts (content) ⚔️ packages/mobile-sdk-alpha/src/constants/analytics.ts (content) ⚔️ packages/mobile-sdk-alpha/src/constants/colors.ts (content) ⚔️ packages/mobile-sdk-alpha/src/constants/fonts.ts (content) ⚔️ packages/mobile-sdk-alpha/src/constants/images.ts (content) ⚔️ packages/mobile-sdk-alpha/src/constants/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/constants/layout.ts (content) ⚔️ packages/mobile-sdk-alpha/src/context.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/documents/useCountries.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/documents/utils.ts (content) ⚔️ packages/mobile-sdk-alpha/src/documents/validation.ts (content) ⚔️ packages/mobile-sdk-alpha/src/errors/InitError.ts (content) ⚔️ packages/mobile-sdk-alpha/src/errors/LivenessError.ts (content) ⚔️ packages/mobile-sdk-alpha/src/errors/MrzParseError.ts (content) ⚔️ packages/mobile-sdk-alpha/src/errors/NfcParseError.ts (content) ⚔️ packages/mobile-sdk-alpha/src/errors/SdkError.ts (content) ⚔️ packages/mobile-sdk-alpha/src/errors/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/flows/disclosing/await-verification.ts (content) ⚔️ packages/mobile-sdk-alpha/src/flows/disclosing/confirm-selection.ts (content) ⚔️ packages/mobile-sdk-alpha/src/flows/disclosing/scan-qr-code.ts (content) ⚔️ packages/mobile-sdk-alpha/src/flows/onboarding/confirm-identification.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/flows/onboarding/country-picker-screen.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/flows/onboarding/document-camera-screen.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/flows/onboarding/id-selection-screen.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/flows/onboarding/import-aadhaar.ts (content) ⚔️ packages/mobile-sdk-alpha/src/flows/onboarding/read-mrz.ts (content) ⚔️ packages/mobile-sdk-alpha/src/haptic/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/haptic/shared.ts (content) ⚔️ packages/mobile-sdk-alpha/src/haptic/trigger.ts (content) ⚔️ packages/mobile-sdk-alpha/src/haptic/trigger.web.ts (content) ⚔️ packages/mobile-sdk-alpha/src/hooks/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/hooks/useSafeBottomPadding.ts (content) ⚔️ packages/mobile-sdk-alpha/src/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/layouts/ExpandableBottomLayout.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/mock/generator.ts (content) ⚔️ packages/mobile-sdk-alpha/src/mrz/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/nfc/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/processing/mrz.ts (content) ⚔️ packages/mobile-sdk-alpha/src/processing/nfc.ts (content) ⚔️ packages/mobile-sdk-alpha/src/proving/internal/logging.ts (content) ⚔️ packages/mobile-sdk-alpha/src/proving/internal/statusHandlers.ts (content) ⚔️ packages/mobile-sdk-alpha/src/proving/provingMachine.ts (content) ⚔️ packages/mobile-sdk-alpha/src/stores/index.ts (content) ⚔️ packages/mobile-sdk-alpha/src/stores/mrzStore.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/stores/protocolStore.ts (content) ⚔️ packages/mobile-sdk-alpha/src/stores/selfAppStore.tsx (content) ⚔️ packages/mobile-sdk-alpha/src/types/base.ts (content) ⚔️ packages/mobile-sdk-alpha/src/types/events.ts (content) ⚔️ packages/mobile-sdk-alpha/src/types/png.d.ts (content) ⚔️ packages/mobile-sdk-alpha/src/types/public.ts (content) ⚔️ packages/mobile-sdk-alpha/src/types/svg.d.ts (content) ⚔️ packages/mobile-sdk-alpha/src/types/ui.ts (content) ⚔️ packages/mobile-sdk-alpha/src/utils/styleUtils.ts (content) ⚔️ packages/mobile-sdk-alpha/src/utils/utils.ts (content) ⚔️ packages/mobile-sdk-alpha/src/validation/document.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/adapters/reactNative/nfcScanner.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/bridge/nativeEvents.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/client.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/clientMrz.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/components/buttons/AbstractButton.test.tsx (content) ⚔️ packages/mobile-sdk-alpha/tests/config.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/documents/utils.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/documents/validation.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/errors.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/flows/onboarding/read-mrz.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/mock/generator.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/processing/mrz.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/processing/nfc.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/provider.test.tsx (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/actorMock.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/internal/payloadGenerator.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/internal/statusHandlers.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/internal/statusListener.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/internal/websocketUrlResolver.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/provingMachine.disclose.stateless.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/provingMachine.documentProcessor.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/provingMachine.generatePayload.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/provingMachine.integration.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/provingMachine.startFetchingData.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/proving/provingMachine.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/setup.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/stores/protocolStore.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/utils/sanitizeErrorMessage.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/utils/testHelpers.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/validation/document.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tests/webShim.test.ts (content) ⚔️ packages/mobile-sdk-alpha/tsup.config.ts (content) ⚔️ packages/mobile-sdk-alpha/vitest.config.ts (content) ⚔️ packages/mobile-sdk-demo/.eslintrc.cjs (content) ⚔️ packages/mobile-sdk-demo/App.tsx (content) ⚔️ packages/mobile-sdk-demo/babel.config.cjs (content) ⚔️ packages/mobile-sdk-demo/index.js (content) ⚔️ packages/mobile-sdk-demo/ios/Podfile (content) ⚔️ packages/mobile-sdk-demo/ios/Podfile.lock (content) ⚔️ packages/mobile-sdk-demo/metro.config.cjs (content) ⚔️ packages/mobile-sdk-demo/package.json (content) ⚔️ packages/mobile-sdk-demo/scripts/bundle-analyze-ci.cjs (content) ⚔️ packages/mobile-sdk-demo/src/components/AlgorithmCountryFields.tsx (content) ⚔️ packages/mobile-sdk-demo/src/components/DocumentScanResultCard.tsx (content) ⚔️ packages/mobile-sdk-demo/src/components/LogsPanel.tsx (content) ⚔️ packages/mobile-sdk-demo/src/components/MenuButton.tsx (content) ⚔️ packages/mobile-sdk-demo/src/components/PickerField.tsx (content) ⚔️ packages/mobile-sdk-demo/src/components/PlaceholderScreen.tsx (content) ⚔️ packages/mobile-sdk-demo/src/components/SafeAreaScrollView.tsx (content) ⚔️ packages/mobile-sdk-demo/src/components/ScreenLayout.tsx (content) ⚔️ packages/mobile-sdk-demo/src/components/SimplePicker.tsx (content) ⚔️ packages/mobile-sdk-demo/src/components/StandardHeader.tsx (content) ⚔️ packages/mobile-sdk-demo/src/hooks/useDocuments.ts (content) ⚔️ packages/mobile-sdk-demo/src/hooks/useRegistration.ts (content) ⚔️ packages/mobile-sdk-demo/src/lib/catalog.ts (content) ⚔️ packages/mobile-sdk-demo/src/navigation/NavigationProvider.tsx (content) ⚔️ packages/mobile-sdk-demo/src/polyfills/cryptoPolyfill.js (content) ⚔️ packages/mobile-sdk-demo/src/providers/SelfClientProvider.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/DocumentCamera.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/DocumentNFCScan.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/DocumentScanSuccess.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/DocumentsList.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/GenerateMock.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/HomeScreen.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/ProofHistory.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/QRCodeViewFinder.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/RegisterDocument.tsx (content) ⚔️ packages/mobile-sdk-demo/src/screens/index.ts (content) ⚔️ packages/mobile-sdk-demo/src/utils/camera.ts (content) ⚔️ packages/mobile-sdk-demo/src/utils/document.ts (content) ⚔️ packages/mobile-sdk-demo/src/utils/documentStore.ts (content) ⚔️ packages/mobile-sdk-demo/src/utils/ethers.ts (content) ⚔️ packages/mobile-sdk-demo/src/utils/secureStorage.ts (content) ⚔️ packages/mobile-sdk-demo/tests/__mocks__/@selfxyz/mobile-sdk-alpha/index.ts (content) ⚔️ packages/mobile-sdk-demo/tests/cryptoPolyfills.test.ts (content) ⚔️ packages/mobile-sdk-demo/tests/documentStore.test.ts (content) ⚔️ packages/mobile-sdk-demo/tests/lib/catalog.test.ts (content) ⚔️ packages/mobile-sdk-demo/tests/screens/documentCamera.test.ts (content) ⚔️ packages/mobile-sdk-demo/tests/secureStorage.test.ts (content) ⚔️ packages/mobile-sdk-demo/tests/setup.ts (content) ⚔️ packages/mobile-sdk-demo/tests/utils/document.test.ts (content) ⚔️ packages/mobile-sdk-demo/types/reactNativePickerPicker.d.ts (content) ⚔️ packages/mobile-sdk-demo/vitest.config.ts (content) ⚔️ patches/@sumsub+react-native-mobilesdk-module+1.40.2.patch (content) ⚔️ scripts/check-duplicate-headers.cjs (content) ⚔️ scripts/check-license-headers.mjs (content) ⚔️ scripts/lint-headers.cjs (content) ⚔️ scripts/migrate-license-headers.mjs (content) ⚔️ scripts/tests/checkLicenseHeaders.test.mjs (content) ⚔️ sdk/core/package.json (content) ⚔️ sdk/core/src/SelfBackendVerifier.ts (content) ⚔️ sdk/core/src/utils/constants.ts (content) ⚔️ sdk/core/src/utils/id.ts (content) ⚔️ sdk/core/src/utils/proof.ts (content) ⚔️ sdk/qrcode-angular/package.json (content) ⚔️ sdk/qrcode/package.json (content) ⚔️ yarn.lock (content) These conflicts must be resolved before merging into dev.	Resolve conflicts locally and push changes to this branch.
Description check	❓ Inconclusive	The PR description covers Summary, Related issues, and Testing sections. However, the template requires 'Description,' 'Tested,' and 'How to QA' sections; the current description omits the detailed 'Description' and 'How to QA' sections specified in the template.	Expand the description to include a detailed explanation of the changes and specific QA steps. Add a 'How to QA' section explaining how to verify the refactoring preserves functionality.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Refactor proving machine so it's easier to grok' accurately summarizes the main change: refactoring the proving machine for improved maintainability and code clarity.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch codex/refactor-provingmachine.ts-for-maintainability

⚔️ Resolve merge conflicts (beta)

• Auto-commit resolved conflicts to branch codex/refactor-provingmachine.ts-for-maintainability
• Create stacked PR with resolved conflicts
• Post resolved changes as copyable diffs in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f73b27ff07

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[transphorm]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[coderabbitai]

Actionable comments posted: 8

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/mobile-sdk-alpha/src/proving/provingMachine.ts (1)

421-423: Add explicit platform check at enableKeychainErrorModal call site for clarity.

The keychain error modal platform gating exists in showKeychainErrorModal() (line 352: if (Platform.OS !== 'android') return;), but the enableKeychainErrorModal() call on line 423 is unconditional. Per the coding guidelines ("Implement platform-specific handling with Platform.OS checks before platform-specific code"), add an explicit platform guard here to make the intent clear:

if (Platform.OS === 'android') {
  selfClient.navigation?.enableKeychainErrorModal?.();
}

This improves readability and consistency with the guideline pattern of platform checks preceding platform-specific operations.

🤖 Fix all issues with AI agents

In @packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts:
- Around line 232-237: In the 'disclose' branch where isUserRegistered(...) is
called, avoid the unsafe cast `secret as string`; validate that `secret` is a
non-empty string (or handle null/undefined/Buffer types) before passing it to
isUserRegistered, and if invalid throw or return an explicit error; locate the
call to isUserRegistered(passportData, secret as string, (documentCategory) =>
getCommitmentTree(selfClient, documentCategory)) in documentProcessor.ts and
replace the cast with a checked variable (e.g., ensure typeof secret ===
'string' && secret.length > 0) or convert safely and handle the failure path.

In @packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts:
- Around line 81-88: In the 'register' branch where generateTEEInputsRegister is
called, you are force-casting secret to string; instead add a null/undefined
guard for the secret variable before calling generateTEEInputsRegister (e.g., if
(!secret) throw or return a handled error), then pass the validated string to
generateTEEInputsRegister; update the case 'register' block around the secret
usage (and keep circuitTypeWithDocumentExtension assignment) to ensure no "null"
string is forwarded.
- Around line 101-106: In the 'disclose' case branch, add a null/undefined check
for the secret variable before passing it to generateTEEInputsDiscloseStateless;
currently only selfApp is validated, so if secret is missing this will throw or
produce invalid inputs — validate secret (e.g., if (!secret) throw new
Error('Secret is required for disclose');) and then call
generateTEEInputsDiscloseStateless(secret as string, ...) to ensure a clear,
early error and prevent downstream failures.
- Line 216: The code uses a non-null assertion on uuid when calling
_buildSubmitRequest(uuid!, encryptedPayload), which can throw or produce invalid
params if uuid is null; update the caller in payloadGenerator.ts to validate
uuid before calling _buildSubmitRequest (e.g., check if uuid is null/undefined
and either throw a clear error or generate/return an appropriate response), or
adjust _buildSubmitRequest to accept a nullable uuid and handle it safely;
reference the uuid variable and the _buildSubmitRequest(...) call to locate
where to add the null check and error handling.

In @packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts:
- Around line 114-118: The code in socketIOListener.ts logs the entire incoming
data object on PROVE_FAILURE (console.error(data)), which risks exposing
sensitive proof information; remove that full-object log and instead log only
non-sensitive identifiers or statuses (e.g., result.actorEvent.type, a short
failure code or reason if safe) using the existing logger or console.error, or
redact fields before logging; locate the PROVE_FAILURE branch that checks
result.actorEvent.type === 'PROVE_FAILURE' and replace the console.error(data)
with a minimal, non-sensitive error message referencing result.actorEvent (not
the full data payload).
- Line 95: The code unsafely asserts getState().circuitType as a string when
calling handleStatusCode; replace the assertion with a null-safe guard: read
const circuitType = getState().circuitType and if it is null/undefined either
return/handle the error early or provide a safe default before calling
handleStatusCode(circuitType, ...), or update handleStatusCode to accept string
| null and handle null inside; ensure you reference the getState().circuitType
and handleStatusCode symbols so the change is applied where the result is
computed.

In @packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts:
- Line 22: The ternary return currently maps any non-'passport' category to
'DSC_ID', which silently treats 'aadhaar' as DSC_ID; update the resolver
(websocketUrlResolver function) to explicitly handle 'aadhaar' by throwing the
same error as payloadGenerator does, and also validate other unsupported
categories: if documentCategory === 'passport' return 'DSC', if documentCategory
=== 'id' return 'DSC_ID', if documentCategory === 'aadhaar' throw an explicit
error, otherwise throw a generic unsupported documentCategory error so behavior
is consistent with payloadGenerator.

🧹 Nitpick comments (4)

packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts (1)

40-44: Consider adding connection timeout for resilience.

The Socket.IO connection lacks a timeout configuration. On poor network conditions, this could hang indefinitely, degrading user experience.

Suggested enhancement

   const socket: Socket = socketIo(url, {
     path: '/',
     transports: ['websocket'],
+    timeout: 30000, // 30 second connection timeout
+    reconnection: false, // Explicit - let state machine handle retry
   });

packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts (1)

196-202: Unusual pattern: Synthetic MessageEvent for error propagation.

Creating a synthetic MessageEvent with error JSON to reuse _handleWebSocketMessage is clever but may confuse future maintainers. Consider extracting the error handling into a separate helper for clarity.

packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts (1)

273-279: Fire-and-forget async operation may silently fail.

The IIFE at lines 273-279 runs markCurrentDocumentAsRegistered without awaiting. While the error is logged, a failure here won't propagate or affect the flow. Consider if this side-effect is critical enough to warrant proper error handling.

Alternative: Log structured event on failure

       (async () => {
         try {
           await markCurrentDocumentAsRegistered(selfClient);
         } catch (error) {
           console.error('Error marking document as registered:', error);
+          selfClient.trackEvent(ProofEvents.MARK_REGISTERED_FAILED, {
+            error: error instanceof Error ? error.message : String(error),
+          });
         }
       })();

packages/mobile-sdk-alpha/src/proving/provingMachine.ts (1)

344-352: Redundant getState assignment in createWebSocketDeps.

The socketDeps object (created via createSocketDeps) already includes getState: get. Spreading it and then immediately re-assigning getState: get is unnecessary.

♻️ Suggested cleanup

 const createWebSocketDeps = (selfClient: SelfClient): WebSocketHandlerDeps => {
   const socketDeps = createSocketDeps(selfClient);
   return {
     ...socketDeps,
-    getState: get,
     startSocketIOStatusListener: (receivedUuid: string, endpointType: EndpointType, client: SelfClient) =>
       startSocketIOStatusListener(receivedUuid, endpointType, client, socketDeps),
   };
 };

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9f5171f and f73b27f.

📒 Files selected for processing (8)

• app/src/providers/selfClientProvider.tsx
• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts
• packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

🧰 Additional context used

📓 Path-based instructions (16)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts
• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• app/src/providers/selfClientProvider.tsx
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts
• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• app/src/providers/selfClientProvider.tsx
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts
• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• app/src/providers/selfClientProvider.tsx
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

packages/mobile-sdk-alpha/**/*.{ts,tsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

packages/mobile-sdk-alpha/**/*.{ts,tsx}: Check types across the codebase by running yarn types
Run yarn types or yarn typecheck to check TypeScript types across the codebase
Run yarn build to build the package for distribution
Before committing changes, ensure TypeScript types are valid by running yarn types
Before committing changes, ensure the build succeeds by running yarn build
Before creating a PR, ensure yarn types passes (TypeScript validation)
Before creating a PR, ensure yarn build succeeds (package builds correctly)
Ensure no breaking changes to public API or document them properly
Verify cross-platform compatibility for both React Native and Web environments
This package uses TypeScript with strict type checking
Use ESLint with TypeScript-specific rules
Use platform detection Platform.OS === 'web' when adding platform-specific code
Maintain type definitions that are complete and accurate

Files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts
• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

packages/mobile-sdk-alpha/**/*.{js,ts,tsx,jsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

Run yarn lint to check for linting issues or yarn lint:fix to automatically fix them

Files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts
• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}: Review alpha mobile SDK code for:

• API consistency with core SDK
• Platform-neutral abstractions
• Performance considerations
• Clear experimental notes or TODOs

Files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts
• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

**/*.test.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.test.{ts,tsx,js,jsx}: Use renderHook for testing custom React hooks instead of rendering components.
Mock console.error in tests to avoid test output clutter while testing error scenarios.
Test error boundaries and recovery mechanisms in React components.
Mock SQLite operations with executeSql method in database tests using utilities from tests/__setup__/databaseMocks.ts.

**/*.test.{ts,tsx,js,jsx}: Never use require('react-native') in test files; use ES6 import statements instead to avoid nested require() calls that cause out-of-memory errors in CI/CD pipelines
Never use require('react') in test files; use ES6 import React from 'react' instead to avoid nested require() calls that cause out-of-memory errors

Files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

{app,packages/mobile-sdk-alpha}/**/*.{test,spec}.{js,ts,jsx,tsx}

📄 CodeRabbit inference engine (AGENTS.md)

Never create nested require('react-native') calls in tests as this causes out-of-memory errors in CI/CD pipelines; use ES6 import statements instead and avoid dynamic require() calls in beforeEach/afterEach hooks

Files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

packages/mobile-sdk-alpha/**/*.test.{ts,tsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

packages/mobile-sdk-alpha/**/*.test.{ts,tsx}: Use real imports from @selfxyz/mobile-sdk-alpha in tests instead of mocking the entire package
Write integration tests that exercise real validation logic from the SDK
Test isPassportDataValid() with realistic, synthetic passport data (never use real user data)
Verify extractMRZInfo() using published sample MRZ strings (e.g., ICAO examples)
Ensure parseNFCResponse() works with representative, synthetic NFC data
Avoid mocking the entire package in Jest setup or replacing real functions with mock implementations
Never use real user PII (personally identifiable information) in tests - use only synthetic, anonymized, or approved test vectors
Use ES6 import statements instead of require() when possible
Avoid dynamic require() calls in beforeEach/afterEach hooks to prevent out-of-memory errors
Prefer top-level imports over nested requires in test files
Use Vitest for testing, not Jest, with setup configuration in tests/setup.ts
React Native is mocked in tests/setup.ts using vi.mock() - use imports in test files instead of require()
Test both React Native and Web environments when adding platform-specific code

Files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

**/*.{test,spec}.{ts,js,tsx,jsx}

⚙️ CodeRabbit configuration file

**/*.{test,spec}.{ts,js,tsx,jsx}: Review test files for:

• Test coverage completeness
• Test case quality and edge cases
• Mock usage appropriateness
• Test readability and maintainability

Files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• app/src/providers/selfClientProvider.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/src/providers/selfClientProvider.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/src/providers/selfClientProvider.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/src/providers/selfClientProvider.tsx

app/**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx}: Ensure web build succeeds with yarn web before creating a PR
Do not include sensitive data in logs - avoid logging PII, credentials, and tokens
Use react-native-dotenv for environment configuration via @env import
Confirm no sensitive data exposed before PR merge

Files:

• app/src/providers/selfClientProvider.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/providers/selfClientProvider.tsx

🧠 Learnings (35)

📓 Common learnings

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Address CodeRabbitAI feedback during PR review process

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Document complex native module changes in PRs

Learnt from: CR
Repo: selfxyz/self PR: 0
File: noir/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:34.041Z
Learning: Verify cryptographic properties and confirm no logical errors are introduced after PR reviews

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt} : Achieve proof generation in <60 seconds on mid-tier mobile devices

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Explain platform-specific code paths (iOS/Android/Web) in PR descriptions

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt} : Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : Ensure no breaking changes to public API or document them properly

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts
• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• app/src/providers/selfClientProvider.tsx
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

📚 Learning: 2025-08-25T14:25:57.586Z

Learnt from: aaronmgdr
Repo: selfxyz/self PR: 951
File: app/src/providers/authProvider.web.tsx:17-18
Timestamp: 2025-08-25T14:25:57.586Z
Learning: The selfxyz/mobile-sdk-alpha/constants/analytics import path is properly configured with SDK exports, Metro aliases, and TypeScript resolution. Import changes from @/consts/analytics to this path are part of valid analytics migration, not TypeScript resolution issues.

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts

📚 Learning: 2025-12-25T19:19:04.954Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Document complex native module changes in PRs

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-11-18T12:17:14.819Z

Learnt from: seshanthS
Repo: selfxyz/self PR: 1337
File: packages/mobile-sdk-alpha/src/processing/mrz.ts:189-194
Timestamp: 2025-11-18T12:17:14.819Z
Learning: In packages/mobile-sdk-alpha/src/processing/mrz.ts, the checkScannedInfo function and related TD1 extraction/validation logic are only reached on Android. iOS uses native Swift parsing (LiveMRZScannerView.swift) that bypasses this TypeScript layer.

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Verify `extractMRZInfo()` using published sample MRZ strings (e.g., ICAO examples)

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Test `isPassportDataValid()` with realistic, synthetic passport data (never use real user data)

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : Maintain type definitions that are complete and accurate

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Use real imports from `selfxyz/mobile-sdk-alpha` in tests instead of mocking the entire package

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/index.{ts,tsx} : Run `yarn validate:exports` to verify that exports are properly configured

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement certificate validation for passport data verification.

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Write integration tests that exercise real validation logic from the SDK

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Identity Verification Hub manages multi-step verification process for passports and EU ID cards, handles document attestation through zero-knowledge proofs, and implements verification paths (E-PASSPORT and EU_ID_CARD) in `contracts/contracts/IdentityVerificationHubImplV2.sol`.

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts

📚 Learning: 2025-12-13T18:00:46.963Z

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:46.963Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py} : Implement three-tier OFAC verification system: Passport Number Check (direct passport validation), Name + DOB Check (full name with exact date of birth), and Name + Year Check (name with year of birth, defaulting to Jan-01)

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts
• app/src/providers/selfClientProvider.tsx
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt} : Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : This package uses TypeScript with strict type checking

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : Verify cross-platform compatibility for both React Native and Web environments

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• app/src/providers/selfClientProvider.tsx
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt} : Achieve proof generation in <60 seconds on mid-tier mobile devices

Applied to files:

• packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts
• packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Avoid mocking the entire package in Jest setup or replacing real functions with mock implementations

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : React Native is mocked in `tests/setup.ts` using `vi.mock()` - use imports in test files instead of require()

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Prefer top-level imports over nested requires in test files

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Use ES6 `import` statements instead of `require()` when possible

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Use Vitest for testing, not Jest, with setup configuration in `tests/setup.ts`

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Avoid dynamic `require()` calls in `beforeEach`/`afterEach` hooks to prevent out-of-memory errors

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

📚 Learning: 2025-12-25T19:18:22.033Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/test-memory-optimization.mdc:0-0
Timestamp: 2025-12-25T19:18:22.033Z
Learning: Applies to **/tests/setup.ts : Use `vi.mock()` instead of `require()` calls in Vitest setup files; ensure React Native mocks are established once at setup time, not during test execution

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• app/src/providers/selfClientProvider.tsx
• packages/mobile-sdk-alpha/src/proving/provingMachine.ts

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts
• app/src/providers/selfClientProvider.tsx

📚 Learning: 2025-08-26T14:49:15.210Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.web.tsx:8-11
Timestamp: 2025-08-26T14:49:15.210Z
Learning: The main App.tsx file is located at app/App.tsx (at the app root), not at app/src/App.tsx, and contains the SelfClientProvider wrapping the entire application.

Applied to files:

• packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts

📚 Learning: 2025-08-26T14:42:45.297Z

Learnt from: aaronmgdr
Repo: selfxyz/self PR: 936
File: app/src/utils/proving/validateDocument.ts:53-54
Timestamp: 2025-08-26T14:42:45.297Z
Learning: In the Self app, native modules (including Keychain) are initialized early in the app startup sequence, before functions like checkAndUpdateRegistrationStates() are called, so additional native module readiness guards in document-related functions are not needed.

Applied to files:

• app/src/providers/selfClientProvider.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement platform-specific handling with `Platform.OS === 'ios' ? 'iOS' : 'Android'` checks before platform-specific code in React Native.

Applied to files:

• app/src/providers/selfClientProvider.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : Use platform detection `Platform.OS === 'web'` when adding platform-specific code

Applied to files:

• app/src/providers/selfClientProvider.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Keychain for secure storage of sensitive data in React Native.

Applied to files:

• app/src/providers/selfClientProvider.tsx

📚 Learning: 2025-12-25T19:19:04.954Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Explain platform-specific code paths (iOS/Android/Web) in PR descriptions

Applied to files:

• app/src/providers/selfClientProvider.tsx

🧬 Code graph analysis (4)

packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts (2)

packages/mobile-sdk-alpha/src/proving/provingMachine.ts (1)

• ProvingState (42-94)

common/src/utils/passports/validate.ts (4)

• checkDocumentSupported (75-126)
• isUserRegistered (272-309)
• isUserRegisteredWithAlternativeCSCA (311-391)
• isDocumentNullified (236-270)

packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts (2)

packages/mobile-sdk-alpha/src/proving/provingMachine.ts (1)

• ProvingState (42-94)

common/src/utils/attest.ts (2)

• validatePKIToken (140-201)
• checkPCR0Mapping (111-138)

packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts (2)

packages/mobile-sdk-alpha/src/proving/provingMachine.ts (1)

• ProvingState (42-94)

packages/mobile-sdk-alpha/src/proving/internal/statusHandlers.ts (2)

• parseStatusMessage (91-105)
• handleStatusCode (34-86)

app/src/providers/selfClientProvider.tsx (1)

packages/mobile-sdk-demo/tests/mocks/react-native.ts (1)

• Platform (14-25)

🔇 Additional comments (13)

app/src/providers/selfClientProvider.tsx (1)

349-352: LGTM! Clean platform gate for Android-only keychain modal.

The early return pattern is appropriate here. Consider adding a brief inline comment explaining why this is Android-only (e.g., iOS handles keychain auth differently) for future maintainers.

packages/mobile-sdk-alpha/tests/proving/internal/websocketHandlers.test.ts (1)

67-69: LGTM! Correct module mocking pattern for dependency-injected architecture.

The mock correctly targets only _startSocketIOStatusListener rather than the entire package, aligning with the coding guidelines.

packages/mobile-sdk-alpha/src/proving/internal/websocketUrlResolver.ts (1)

30-35: LGTM! Safe optional chaining for URL resolution.

The optional chaining on line 35 handles missing data gracefully by returning undefined. The calling code should handle this case appropriately.

packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts (2)

229-261: LGTM! Clean WebSocket open handler with proper UUID generation and tracking.

The hello message construction and event tracking are well-structured.

---

66-74: DEV flag is properly controlled by the build system; ensure production builds set it to false.

The code at line 70 correctly enforces PCR0 validation in production (if (!__DEV__ && !pcr0Mapping)). However, the direct use of __DEV__ at line 66 without a defensive check is inconsistent with the pattern used elsewhere in the codebase (see nativeEvents.native.ts). Consider using typeof __DEV__ !== 'undefined' && __DEV__ for consistency, or document that the build system guarantees __DEV__ = false in production bundles.

packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts (1)

63-66: LGTM! Encryption implementation using established utility.

The _encryptPayload properly delegates to encryptAES256GCM from the common utils.

packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts (2)

74-101: Review passport metadata tracking for sensitive data concerns.

The analytics tracking includes extensive passport metadata. While most fields appear to be technical metadata (hash functions, algorithms), country_code and DSC identifiers could be considered sensitive in aggregate. Verify this aligns with privacy requirements.

---

41-124: LGTM! Well-structured document parsing with comprehensive error handling and telemetry.

The parsing flow properly handles errors, tracks events, and updates state through the dependency-injected interface.

packages/mobile-sdk-alpha/src/proving/provingMachine.ts (5)

24-38: LGTM — Clean modular import structure.

The aliased imports for internal functions (_generatePayload as generatePayload, etc.) clearly distinguish internal implementations from the store's public API methods. Type-only imports are correctly separated.

---

386-411: LGTM — Handler delegation is clean and consistent.

The delegation pattern correctly wires the internal handlers with their dependencies. Creating deps per-call is acceptable given the low frequency of WebSocket lifecycle events during proof generation.

---

492-497: LGTM — Document processing delegation follows the established pattern.

---

708-708: LGTM — Payload generation delegation is consistent with the refactoring pattern.

---

329-367: Well-structured dependency injection architecture.

The factory functions (createSocketDeps, createWebSocketDeps, createPayloadDeps, createDocumentDeps) provide a clean DI pattern that:

• Makes the proving machine testable by allowing mock injection
• Keeps the store focused on state machine orchestration
• Maintains consistent access to get, set, and getActorRef

This aligns with the refactoring goal of making the proving machine easier to understand. Based on learnings, ensure no breaking changes to the public API are introduced.

[coderabbitai]

Actionable comments posted: 8

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

app/src/screens/dev/DevLoadingScreen.tsx (1)

241-254: Type mismatch: selector values don't match ProvingMachineCircuitType.

The selector offers ['dsc', 'register', 'aadhaar'] but ProvingMachineCircuitType is defined as 'register' | 'dsc' | 'disclose'. This will cause TypeScript errors and incorrect behavior.

Suggested fix

                 {useMemo(
                   () =>
-                    (['dsc', 'register', 'aadhaar'] as const).map((item, i) => {
+                    (['dsc', 'register', 'disclose'] as const satisfies readonly ProvingMachineCircuitType[]).map((item, i) => {
                       return (
                         <Select.Item index={i} key={item} value={item}>

🤖 Fix all issues with AI agents

In `@packages/mobile-sdk-alpha/src/index.ts`:
- Line 46: The public type export was renamed from provingMachineCircuitType to
ProvingMachineCircuitType, which breaks consumers; restore a
backwards-compatible (deprecated) alias by re-exporting the old name from the
new type (e.g., export type { ProvingMachineCircuitType as
provingMachineCircuitType } ) so both ProvingMachineCircuitType and
provingMachineCircuitType are available, and mark the alias as deprecated in a
comment or JSDoc to indicate it will be removed in a future release.

In `@packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts`:
- Line 162: The call to fetchAllTreesAndCircuits uses a non-null assertion on
env (env!) which can throw if env is null; update the surrounding code in
documentProcessor.ts to validate or provide a default for env before calling
fetchAllTreesAndCircuits: check the env variable (or throw a clear error) and
only call fetchAllTreesAndCircuits(selfClient, document, env,
passportData.dsc_parsed!.authorityKeyIdentifier) when env is defined, or
compute/pass a safe default value; also ensure any upstream callers of the
function containing this call handle missing env appropriately so passportData
and selfClient references remain valid.
- Around line 65-72: The code is using a non-null assertion on
parsedPassportData.passportMetadata in documentProcessor.ts (the
passportMetadata! usage) which can throw at runtime; update the logic in the
relevant function (where passportMetadata is read) to defensively check if
parsedPassportData.passportMetadata is present before accessing .dsc, e.g., if
passportMetadata is undefined log a clear error or handle the absence and set
dscObject = {} (or surface a typed error), otherwise extract dsc into dscObject;
ensure you remove the `!` and use a guard that covers both normal and error
paths so documentProcessor continues to behave safely.

In `@packages/mobile-sdk-alpha/src/proving/internal/teeConnectionHandler.ts`:
- Around line 95-139: The returned Promise can hang because actor.subscribe may
never emit 'ready_to_prove' or 'error'; add a connection timeout (e.g., start a
timer when creating the WebSocket) that after a fixed interval calls
handleConnectError with a descriptive message (like 'timeout'), resolves the
promise, and performs cleanup; ensure you clear the timer when
handleConnectSuccess or handleConnectError runs, and also remove the ws event
listeners, close the ws, and unsubscribe from actor in the timeout branch to
mirror the existing success/error cleanup; reference the Promise body, ws,
wsHandlers, handleConnectSuccess, handleConnectError, and the actor.subscribe
unsubscribe logic when implementing this.

In `@packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts`:
- Around line 66-74: The code uses __DEV__ directly in the validation flow
(validatePKIToken, checkPCR0Mapping) which can be undefined in browser bundles;
update the conditional to first check typeof __DEV__ !== 'undefined' before
using it (e.g., replace occurrences of !__DEV__ with typeof __DEV__ !==
'undefined' && !__DEV__), so the PCR0 mapping guard (`if (!__DEV__ &&
!pcr0Mapping) { actor.send({ type: 'CONNECT_ERROR' }); return; }`) behaves
safely across platforms and avoids undefined behavior when __DEV__ is not
present.

In `@packages/mobile-sdk-alpha/src/proving/provingMachine.ts`:
- Around line 223-230: The analytics context hard-codes platform: 'ios' in
provingMachine (context object), causing Android sessions to be mislabeled;
replace that value with the getPlatform() helper from internal/helpers.ts (or
derive via Platform.OS) and ensure getPlatform is imported/available in this
module; update the context assignment (the object with sessionId, userId,
circuitType, currentState, stage) to use platform: getPlatform() so the platform
is computed dynamically.

In
`@packages/mobile-sdk-alpha/tests/proving/internal/teeConnectionHandler.test.ts`:
- Around line 297-299: The test calls wsEventListeners['open']() without the
required Event argument (wsEventListeners is typed as Record<string, (event:
Event) => void>), causing TS2554; update the test to invoke
wsEventListeners['open'] with a mock Event object (e.g., an empty object cast as
Event or a new Event('open')) so the call signature matches, then assert
mockDeps.handleWsOpen was called with mockSelfClient as before (referencing
wsEventListeners['open'], handleWsOpen, and mockSelfClient).
- Around line 49-52: The mockSelfClient used in tests lacks the getSelfAppState
method causing TypeError failures; update the mock object named mockSelfClient
(typed as SelfClient) in teeConnectionHandler.test.ts to include a
getSelfAppState stub (e.g., a vi.fn() that returns the expected shape or a
resolved promise matching production usage) so tests that call getSelfAppState
succeed; ensure the stubbed return value matches how TeeConnectionHandler or
related code consumes it.

🧹 Nitpick comments (7)

packages/mobile-sdk-alpha/src/proving/internal/helpers.ts (1)

42-45: getPlatform omits web platform support.

Per the SDK's cross-platform requirement, this function returns only 'ios' | 'android' but doesn't account for web environments where Platform.OS === 'web'. If the SDK is used in a web context, callers will incorrectly receive 'android'.

Consider expanding the return type and handling:

Suggested fix

-export const getPlatform = (): 'ios' | 'android' => (Platform.OS === 'ios' ? 'ios' : 'android');
+export const getPlatform = (): 'ios' | 'android' | 'web' => {
+  if (Platform.OS === 'ios') return 'ios';
+  if (Platform.OS === 'web') return 'web';
+  return 'android';
+};

Based on learnings, verify cross-platform compatibility for both React Native and Web environments.

packages/mobile-sdk-alpha/src/proving/internal/dependencyFactory.ts (2)

43-44: Minor inefficiency: redundant factory creation on each call.

The pattern createContextFactory(selfClient)(stage, overrides) creates a new curried function every time createProofContext is called. Since you're not caching the factory, you could simplify by calling createProofContext directly.

♻️ Suggested simplification

 export const createDocumentDeps = (
   selfClient: SelfClient,
   get: GetStateFn,
   set: SetStateFn,
   getActor: GetActorFn,
 ): DocumentProcessorDeps => ({
   getState: get,
   setState: set,
   getActor,
-  createProofContext: (stage: string, overrides: Partial<ProofContext> = {}) =>
-    createContextFactory(selfClient)(stage, overrides),
+  createProofContext: (stage: string, overrides: Partial<ProofContext> = {}) =>
+    createProofContext(selfClient, stage, overrides),
 });

Apply the same pattern to createPayloadDeps and createSocketDeps.

---

82-88: Minor: getState is redundantly reassigned.

socketDeps already contains getState: get from createSocketDeps, so re-assigning it at line 85 is unnecessary.

♻️ Cleaner spread

 export const createWebSocketDeps = (
   selfClient: SelfClient,
   get: GetStateFn,
   set: SetStateFn,
   getActor: GetActorFn,
 ): WebSocketHandlerDeps => {
   const socketDeps = createSocketDeps(selfClient, get, set, getActor);
   return {
     ...socketDeps,
-    getState: get,
     startSocketIOStatusListener: (receivedUuid: string, endpointType: EndpointType, client: SelfClient) =>
       startSocketIOStatusListener(receivedUuid, endpointType, client, socketDeps),
   };
 };

packages/mobile-sdk-alpha/src/proving/internal/actorSubscriptions.ts (2)

110-117: Fire-and-forget async pattern without structured error handling.

The IIFE catches the error but only logs it. Consider whether a retry mechanism or user notification would be appropriate since this marks the document registration state persistently.

The console.error at line 115 could potentially include sensitive document details depending on what markCurrentDocumentAsRegistered throws.

♻️ Consider sanitizing error output

         (async () => {
           try {
             await markCurrentDocumentAsRegistered(selfClient);
           } catch (error) {
             //This will be checked and updated when the app launches the next time
-            console.error('Error marking document as registered:', error);
+            console.error('Error marking document as registered');
+            // Avoid logging full error which may contain document details
           }
         })();

Based on coding guidelines: avoid logging PII or sensitive identity verification data.

---

152-158: Hardcoded error values lose diagnostic context.

Line 154 passes hardcoded 'error', 'error' strings, while the FAILURE case at line 148 properly propagates error_code and reason. This inconsistency loses potentially useful diagnostic information.

♻️ Propagate actual error info

     if (state.value === PROVING_STATES.ERROR) {
       if (currentState.circuitType === 'disclose') {
-        selfClient.getSelfAppState().handleProofResult(false, 'error', 'error');
+        const { error_code, reason } = currentState;
+        selfClient.getSelfAppState().handleProofResult(false, error_code ?? 'error', reason ?? 'unknown_error');
       }
       // Disable keychain error modal when proving flow ends
       selfClient.navigation?.disableKeychainErrorModal?.();
     }

packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts (1)

102-104: Remove debug console.log statements from production code.

These log statements expose internal flow details. Use selfClient.logProofEvent for structured logging instead, or remove them.

♻️ Remove or convert to structured logging

-    console.log('passport data parsed successfully, storing in keychain');
     await storePassportData(selfClient, parsedPassportData);
-    console.log('passport data stored in keychain');
+    selfClient.logProofEvent('info', 'Passport data stored in keychain', context);

packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts (1)

229-261: UUID generation and hello message handling looks secure.

The _handleWsOpen function:

• Generates a fresh UUID per connection using v4()
• Properly serializes public key for transmission
• Updates state before sending

One consideration: there's no timeout handling if the WebSocket never receives a response to the hello message. The connection could hang indefinitely.

Consider adding a connection timeout that triggers CONNECT_ERROR if no attestation is received within a reasonable window (e.g., 30 seconds).

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Keep a backwards-compatible alias for the renamed public type.

Dropping the previous provingMachineCircuitType export is a public API break for SDK consumers. Please keep a deprecated alias (or document the breaking change explicitly). Based on learnings, avoid undocumented public API breaks.

♻️ Suggested compatibility alias

 export type { ProvingMachineCircuitType } from './proving/provingMachine';
+/** `@deprecated` Use ProvingMachineCircuitType */
+export type { ProvingMachineCircuitType as provingMachineCircuitType } from './proving/provingMachine';

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	export type { ProvingMachineCircuitType } from './proving/provingMachine';
	export type { ProvingMachineCircuitType } from './proving/provingMachine';
	/** `@deprecated` Use ProvingMachineCircuitType */
	export type { ProvingMachineCircuitType as provingMachineCircuitType } from './proving/provingMachine';

🤖 Prompt for AI Agents

In `@packages/mobile-sdk-alpha/src/index.ts` at line 46, The public type export
was renamed from provingMachineCircuitType to ProvingMachineCircuitType, which
breaks consumers; restore a backwards-compatible (deprecated) alias by
re-exporting the old name from the new type (e.g., export type {
ProvingMachineCircuitType as provingMachineCircuitType } ) so both
ProvingMachineCircuitType and provingMachineCircuitType are available, and mark
the alias as deprecated in a comment or JSDoc to indicate it will be removed in
a future release.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Non-null assertion on passportMetadata could cause runtime error.

Line 65 uses passportMetadata! without verifying it exists. If initPassportDataParsing returns data without passportMetadata, this will throw an unclear error.

🔧 Add defensive check

-    const passportMetadata = parsedPassportData.passportMetadata!;
+    const passportMetadata = parsedPassportData.passportMetadata;
+    if (!passportMetadata) {
+      throw new Error('Parsed passport data missing metadata');
+    }
     let dscObject;

🤖 Prompt for AI Agents

In `@packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts` around
lines 65 - 72, The code is using a non-null assertion on
parsedPassportData.passportMetadata in documentProcessor.ts (the
passportMetadata! usage) which can throw at runtime; update the logic in the
relevant function (where passportMetadata is read) to defensively check if
parsedPassportData.passportMetadata is present before accessing .dsc, e.g., if
passportMetadata is undefined log a clear error or handle the absence and set
dscObject = {} (or surface a typed error), otherwise extract dsc into dscObject;
ensure you remove the `!` and use a guard that covers both normal and error
paths so documentProcessor continues to behave safely.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Non-null assertion on env parameter.

Line 162 uses env! which will throw if env is null. Add validation or provide a default.

🔧 Add validation

+        if (!env) {
+          throw new Error('Environment not set');
+        }
         await fetchAllTreesAndCircuits(selfClient, document, env!, passportData.dsc_parsed!.authorityKeyIdentifier);

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	await fetchAllTreesAndCircuits(selfClient, document, env!, passportData.dsc_parsed!.authorityKeyIdentifier);
	if (!env) {
	throw new Error('Environment not set');
	}
	await fetchAllTreesAndCircuits(selfClient, document, env!, passportData.dsc_parsed!.authorityKeyIdentifier);

🤖 Prompt for AI Agents

In `@packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts` at line
162, The call to fetchAllTreesAndCircuits uses a non-null assertion on env
(env!) which can throw if env is null; update the surrounding code in
documentProcessor.ts to validate or provide a default for env before calling
fetchAllTreesAndCircuits: check the env variable (or throw a clear error) and
only call fetchAllTreesAndCircuits(selfClient, document, env,
passportData.dsc_parsed!.authorityKeyIdentifier) when env is defined, or
compute/pass a safe default value; also ensure any upstream callers of the
function containing this call handle missing env appropriately so passportData
and selfClient references remain valid.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Promise lacks timeout—connection can hang indefinitely.

If the actor never transitions to ready_to_prove or error, this promise never resolves. On mobile, this could leave the user stuck on a loading screen with no feedback.

Consider adding a connection timeout:

Suggested fix

+const TEE_CONNECTION_TIMEOUT_MS = 30000;
+
 return new Promise(resolve => {
   const ws = new WebSocket(wsRpcUrl);
+  
+  const timeoutId = setTimeout(() => {
+    selfClient.logProofEvent('error', 'TEE connection timeout', baseContext, {
+      failure: 'PROOF_FAILED_CONNECTION',
+      duration_ms: Date.now() - startTime,
+    });
+    selfClient.trackEvent(ProofEvents.TEE_CONN_FAILED, { message: 'timeout' });
+    unsubscribe.unsubscribe();
+    resolve(false);
+  }, TEE_CONNECTION_TIMEOUT_MS);

   const handleConnectSuccess = () => {
+    clearTimeout(timeoutId);
     selfClient.logProofEvent('info', 'TEE connection succeeded', baseContext, {
       duration_ms: Date.now() - startTime,
     });
     selfClient.trackEvent(ProofEvents.TEE_CONN_SUCCESS);
     resolve(true);
   };
   const handleConnectError = (msg: string = 'connect_error') => {
+    clearTimeout(timeoutId);
     selfClient.logProofEvent('error', 'TEE connection failed', baseContext, {

🤖 Prompt for AI Agents

In `@packages/mobile-sdk-alpha/src/proving/internal/teeConnectionHandler.ts`
around lines 95 - 139, The returned Promise can hang because actor.subscribe may
never emit 'ready_to_prove' or 'error'; add a connection timeout (e.g., start a
timer when creating the WebSocket) that after a fixed interval calls
handleConnectError with a descriptive message (like 'timeout'), resolves the
promise, and performs cleanup; ensure you clear the timer when
handleConnectSuccess or handleConnectError runs, and also remove the ws event
listeners, close the ws, and unsubscribe from actor in the timeout branch to
mirror the existing success/error cleanup; reference the Promise body, ws,
wsHandlers, handleConnectSuccess, handleConnectError, and the actor.subscribe
unsubscribe logic when implementing this.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# Find build configuration files in the mobile SDK
find packages/mobile-sdk-alpha -maxdepth 2 -type f \( -name "package.json" -o -name "tsconfig.json" -o -name "*.config.*" -o -name ".env*" \) | head -20

Repository: selfxyz/self

Length of output: 268

---

🏁 Script executed:

# Check for __DEV__ usage throughout the mobile SDK
rg "__DEV__" packages/mobile-sdk-alpha --type ts --type tsx -B 2 -A 2

Repository: selfxyz/self

Length of output: 83

---

🏁 Script executed:

# Look at the websocket handlers file to understand context better
head -80 packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts

Repository: selfxyz/self

Length of output: 2824

---

🏁 Script executed:

# Search for __DEV__ definition or import in the mobile SDK (correct file type syntax)
rg "__DEV__" packages/mobile-sdk-alpha -t ts

Repository: selfxyz/self

Length of output: 845

---

🏁 Script executed:

# Read the tsup build config to understand how __DEV__ is handled
cat packages/mobile-sdk-alpha/tsup.config.ts

Repository: selfxyz/self

Length of output: 4344

---

🏁 Script executed:

# Check if __DEV__ is defined globally or in a polyfill file
rg "^(const|let|var|global|define).*__DEV__" packages/mobile-sdk-alpha -t ts

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

# Check package.json to understand SDK exports and platform specificity
cat packages/mobile-sdk-alpha/package.json

Repository: selfxyz/self

Length of output: 7222

---

🏁 Script executed:

# Look for any documentation about SDK platform requirements
cat packages/mobile-sdk-alpha/AGENTS.md

Repository: selfxyz/self

Length of output: 7417

---

Add defensive checks for __DEV__ in cross-platform code to prevent undefined behavior.

The PCR0 mapping validation at line 70 relies on __DEV__ being defined, but in web/browser environments where this SDK is consumed as a bundled package, __DEV__ may be undefined. This could either cause the validation to fail silently (if undefined → falsy) or behave unexpectedly.

Align with the defensive pattern used in nativeEvents.native.ts by checking typeof __DEV__ !== 'undefined' before using it. Alternatively, ensure the build configuration explicitly defines __DEV__ via tsup's esbuildOptions for non-React Native targets.

🤖 Prompt for AI Agents

In `@packages/mobile-sdk-alpha/src/proving/internal/websocketHandlers.ts` around
lines 66 - 74, The code uses __DEV__ directly in the validation flow
(validatePKIToken, checkPCR0Mapping) which can be undefined in browser bundles;
update the conditional to first check typeof __DEV__ !== 'undefined' before
using it (e.g., replace occurrences of !__DEV__ with typeof __DEV__ !==
'undefined' && !__DEV__), so the PCR0 mapping guard (`if (!__DEV__ &&
!pcr0Mapping) { actor.send({ type: 'CONNECT_ERROR' }); return; }`) behaves
safely across platforms and avoids undefined behavior when __DEV__ is not
present.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, locate and read the target file
fd provingMachine.ts packages/mobile-sdk-alpha

Repository: selfxyz/self

Length of output: 111

---

🏁 Script executed:

# Read the file to see the context around lines 223-230
head -n 250 packages/mobile-sdk-alpha/src/proving/provingMachine.ts | tail -n 50

Repository: selfxyz/self

Length of output: 2017

---

🏁 Script executed:

# Check for Platform imports in the file
rg -n "import.*Platform" packages/mobile-sdk-alpha/src/proving/provingMachine.ts

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

# Search for how the platform field is used in analytics/events
rg -n "PROVING_BEGIN_GENERATION|platform.*ios|platform.*android" packages/mobile-sdk-alpha -i --type ts --type tsx

Repository: selfxyz/self

Length of output: 83

---

🏁 Script executed:

# Check if there are other references to the analytics context in this file
rg -n "context:.*{" packages/mobile-sdk-alpha/src/proving/provingMachine.ts -A 10 | head -40

Repository: selfxyz/self

Length of output: 141

---

🏁 Script executed:

# Search for how PROVING_BEGIN_GENERATION event is handled
rg -n "PROVING_BEGIN_GENERATION" packages/mobile-sdk-alpha --type ts -A 5 -B 2

Repository: selfxyz/self

Length of output: 2206

---

🏁 Script executed:

# Check if Platform is imported or used elsewhere in mobile-sdk-alpha
rg -n "Platform\.OS" packages/mobile-sdk-alpha --type ts

Repository: selfxyz/self

Length of output: 3186

---

🏁 Script executed:

# Look at the imports section of provingMachine.ts
head -n 30 packages/mobile-sdk-alpha/src/proving/provingMachine.ts

Repository: selfxyz/self

Length of output: 1542

---

🏁 Script executed:

# Search for platform value expectations in event processing
rg -n "platform.*==|platform.*:.*ios|platform.*:.*android" packages/mobile-sdk-alpha -i --type ts

Repository: selfxyz/self

Length of output: 2587

---

🏁 Script executed:

# Check if this file targets mobile only or cross-platform
rg -n "Platform\.OS|web|isWeb" packages/mobile-sdk-alpha/src/proving/provingMachine.ts

Repository: selfxyz/self

Length of output: 97

---

🏁 Script executed:

# Find ProofContext type definition
rg -n "type ProofContext|interface ProofContext" packages/mobile-sdk-alpha --type ts -A 5

Repository: selfxyz/self

Length of output: 457

---

🏁 Script executed:

# Check how the platform field from events is actually used downstream
rg -n "ProofContext|\.platform" packages/mobile-sdk-alpha/src --type ts -B 2 -A 2 | head -50

Repository: selfxyz/self

Length of output: 4111

---

🏁 Script executed:

# Verify the getPlatform helper is exported and available for import
head -n 50 packages/mobile-sdk-alpha/src/proving/internal/helpers.ts

Repository: selfxyz/self

Length of output: 1381

---

Use getPlatform() helper instead of hard-coding platform: 'ios'.

Android sessions are mislabeled in analytics. The codebase provides a getPlatform() helper in internal/helpers.ts that returns the correct platform value. Use that instead, or derive it dynamically from Platform.OS.

🔧 Proposed fix

-import { PROVING_EVENTS, TIMING } from './internal/constants';
+import { PROVING_EVENTS, TIMING } from './internal/constants';
+import { getPlatform } from './internal/helpers';

          context: {
            sessionId: uuid,
            userId: selfClient.getSelfAppState().selfApp?.userId,
            circuitType: get().circuitType || null,
            currentState: get().currentState || 'unknown-state',
            stage: 'startProving',
-            platform: 'ios',
+            platform: getPlatform(),
           },

🤖 Prompt for AI Agents

In `@packages/mobile-sdk-alpha/src/proving/provingMachine.ts` around lines 223 -
230, The analytics context hard-codes platform: 'ios' in provingMachine (context
object), causing Android sessions to be mislabeled; replace that value with the
getPlatform() helper from internal/helpers.ts (or derive via Platform.OS) and
ensure getPlatform is imported/available in this module; update the context
assignment (the object with sessionId, userId, circuitType, currentState, stage)
to use platform: getPlatform() so the platform is computed dynamically.

[coderabbitai]

Actionable comments posted: 5

🤖 Fix all issues with AI agents

Verify each finding against the current code and only fix it if needed.


In `@packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts`:
- Around line 280-298: The block uses an unsafe cast of csca when calling
reStorePassportDataWithRightCSCA and fires markCurrentDocumentAsRegistered in a
detached IIFE; validate that csca (from isUserRegisteredWithAlternativeCSCA) is
a non-empty string before calling reStorePassportDataWithRightCSCA (handle
null/undefined by branching or early return) and remove the fire-and-forget
pattern: await markCurrentDocumentAsRegistered(selfClient) inside a try/catch,
log/report failures and only proceed to setState({ circuitType: 'register' }),
call selfClient.trackEvent/selfClient.logProofEvent, and actor.send({ type:
'ALREADY_REGISTERED' }) after successful marking (or implement a clear
retry/error path if marking fails) so state and stored data remain consistent.
- Around line 206-209: The call to checkDocumentSupported is passing
deployed_circuits with a non-null assertion (deployed_circuits!) which can hide
an undefined and produce an opaque runtime error; update the getDeployedCircuits
implementation (the arrow passed into checkDocumentSupported) to defensively
handle missing deployed_circuits from
selfClient.getProtocolState()[documentCategory] — either return a clear fallback
(e.g., empty array) or throw an explicit Error with context including the
documentCategory and protocol state when deployed_circuits is undefined — so
checkDocumentSupported receives a predictable value and failures surface with a
clear message; adjust any callers/typing of getDeployedCircuits if needed to
reflect the chosen behavior.

In `@packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts`:
- Around line 194-203: The call to getPayload is using an incomplete type cast
on circuitTypeWithDocumentExtension; update the call to pass a correctly typed
value by either removing the explicit cast on circuitTypeWithDocumentExtension
so TypeScript infers its full type, or extend the union in the cast to include
'disclose' to match the getPayload signature (RegisterProofType | DscProofType |
DiscloseProofType). Locate the getPayload invocation in payloadGenerator.ts and
change the cast/argument handling for circuitTypeWithDocumentExtension
accordingly so it aligns with the accepted proof types.
- Around line 172-180: Add an explicit null/undefined guard for the circuitType
value before casting it to ProvingMachineCircuitType: check that the local
variable circuitType is non-null and throw or return a clear error (e.g.,
"Missing circuitType" or "Invalid circuit type: null/undefined") instead of
using the blind cast in the call to _generateCircuitInputs; update the same
pattern in teeConnectionHandler where circuitType is cast on line 59. Reference
the circuitType variable and the _generateCircuitInputs call so you locate and
replace the `as ProvingMachineCircuitType` cast with a proper guard and
descriptive error.
- Around line 68-149: The function _generateCircuitInputs currently leaves
variables (inputs, circuitName, endpointType, endpoint,
circuitTypeWithDocumentExtension) untyped which propagates any; define a proper
return type (e.g., interface GenerateCircuitInputsResult { inputs: /*type*/,
circuitName: string, endpointType: /*type*/, endpoint: /*type*/,
circuitTypeWithDocumentExtension: string }) and annotate _generateCircuitInputs
with that return type, adjust the local let declarations or rely on destructured
assignment so each variable is typed, and then remove the downstream as casts in
_generatePayload that were compensating for the implicit any.

In `@packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts`:
- Around line 34-38: The setup currently captures const actor = getActor() and
uses that stale closure inside the connect_error handler (and other handlers in
the 57-68 range), causing wrong/disposed actor usage; update the connect_error
handler (and any handlers that reference the outer actor variable) to call
getActor() at event time instead of using the captured actor, then null-check
the returned actor and bail or log consistently (same pattern as disconnect and
status handlers) so the current actor is always used.
- Around line 41-44: The Socket created by socketIo(url, ...) uses default
infinite reconnection; update the options passed to socketIo (the socket
constant in socketIOListener.ts) to include bounded reconnection settings such
as reconnectionAttempts and a connection timeout (and optionally
reconnectionDelay/reconnectionDelayMax) appropriate for mobile so the client
stops retrying indefinitely and avoids battery drain — modify the options object
passed to socketIo(...) to add these keys with sensible mobile-oriented values.
- Line 117: The code uses an unsafe double-cast at selfClient.trackEvent(event
as unknown as keyof typeof ProofEvents) which masks type mismatches; update
handleStatusCode to return analytics typed as (keyof typeof ProofEvents)[] (or a
discriminated union) so callers get proper compile-time checks, or add a runtime
guard before calling trackEvent that checks the event value against
Object.keys(ProofEvents) and only calls selfClient.trackEvent when the value is
a valid keyof typeof ProofEvents; reference symbols: handleStatusCode,
selfClient.trackEvent, and ProofEvents to locate and fix the code paths emitting
and consuming the analytics events.

🧹 Nitpick comments (3)

🤖 Fix all nitpicks with AI agents

Verify each finding against the current code and only fix it if needed.


In `@packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts`:
- Around line 68-149: The function _generateCircuitInputs currently leaves
variables (inputs, circuitName, endpointType, endpoint,
circuitTypeWithDocumentExtension) untyped which propagates any; define a proper
return type (e.g., interface GenerateCircuitInputsResult { inputs: /*type*/,
circuitName: string, endpointType: /*type*/, endpoint: /*type*/,
circuitTypeWithDocumentExtension: string }) and annotate _generateCircuitInputs
with that return type, adjust the local let declarations or rely on destructured
assignment so each variable is typed, and then remove the downstream as casts in
_generatePayload that were compensating for the implicit any.

In `@packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts`:
- Around line 41-44: The Socket created by socketIo(url, ...) uses default
infinite reconnection; update the options passed to socketIo (the socket
constant in socketIOListener.ts) to include bounded reconnection settings such
as reconnectionAttempts and a connection timeout (and optionally
reconnectionDelay/reconnectionDelayMax) appropriate for mobile so the client
stops retrying indefinitely and avoids battery drain — modify the options object
passed to socketIo(...) to add these keys with sensible mobile-oriented values.
- Line 117: The code uses an unsafe double-cast at selfClient.trackEvent(event
as unknown as keyof typeof ProofEvents) which masks type mismatches; update
handleStatusCode to return analytics typed as (keyof typeof ProofEvents)[] (or a
discriminated union) so callers get proper compile-time checks, or add a runtime
guard before calling trackEvent that checks the event value against
Object.keys(ProofEvents) and only calls selfClient.trackEvent when the value is
a valid keyof typeof ProofEvents; reference symbols: handleStatusCode,
selfClient.trackEvent, and ProofEvents to locate and fix the code paths emitting
and consuming the analytics events.

packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts (2)

41-44: No reconnection limits configured — risky on mobile.

socket.io-client defaults to infinite reconnection attempts. On a mobile device with flaky connectivity, this can drain battery and keep the app busy indefinitely. Consider setting reconnectionAttempts and/or timeout to bounded values appropriate for mobile.

Suggested configuration

   const socket: Socket = socketIo(url, {
     path: '/',
     transports: ['websocket'],
+    reconnectionAttempts: 5,
+    reconnectionDelay: 2000,
+    timeout: 15000,
   });

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts` around
lines 41 - 44, The Socket created by socketIo(url, ...) uses default infinite
reconnection; update the options passed to socketIo (the socket constant in
socketIOListener.ts) to include bounded reconnection settings such as
reconnectionAttempts and a connection timeout (and optionally
reconnectionDelay/reconnectionDelayMax) appropriate for mobile so the client
stops retrying indefinitely and avoids battery drain — modify the options object
passed to socketIo(...) to add these keys with sensible mobile-oriented values.

---

117-117: Unsafe double type assertion masks potential type mismatches.

event as unknown as keyof typeof ProofEvents bypasses TypeScript's type system entirely. If handleStatusCode returns analytics with event names that don't match ProofEvents keys, this will silently pass at compile time and potentially fail at runtime. Consider typing the analytics array in handleStatusCode's return type with keyof typeof ProofEvents directly, or at minimum use a runtime guard.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts` at line
117, The code uses an unsafe double-cast at selfClient.trackEvent(event as
unknown as keyof typeof ProofEvents) which masks type mismatches; update
handleStatusCode to return analytics typed as (keyof typeof ProofEvents)[] (or a
discriminated union) so callers get proper compile-time checks, or add a runtime
guard before calling trackEvent that checks the event value against
Object.keys(ProofEvents) and only calls selfClient.trackEvent when the value is
a valid keyof typeof ProofEvents; reference symbols: handleStatusCode,
selfClient.trackEvent, and ProofEvents to locate and fix the code paths emitting
and consuming the analytics events.

packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts (1)

68-149: Untyped return values weaken downstream type safety.

All five variables on line 79 are declared without type annotations, making them implicitly any. This propagates any through the return value, which is why lines 196–199 in _generatePayload require explicit as casts. Typing the return properly here eliminates those downstream casts.

♻️ Suggested approach

Define an explicit return type for _generateCircuitInputs:

+type CircuitInputsResult = {
+  inputs: Record<string, unknown>;
+  circuitName: string;
+  endpointType: EndpointType;
+  endpoint: string;
+  circuitTypeWithDocumentExtension: string;
+};
+
 export const _generateCircuitInputs = async (
   selfClient: SelfClient,
   circuitType: ProvingMachineCircuitType,
   secret: string | undefined | null,
   passportData: IDDocument,
   env: 'prod' | 'stg',
   selfApp: SelfApp | null,
-) => {
+): Promise<CircuitInputsResult> => {

Then the let declarations on line 79 get inferred types and the as casts in _generatePayload become unnecessary.

Based on learnings: "Maintain type definitions that are complete and accurate."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts` around
lines 68 - 149, The function _generateCircuitInputs currently leaves variables
(inputs, circuitName, endpointType, endpoint, circuitTypeWithDocumentExtension)
untyped which propagates any; define a proper return type (e.g., interface
GenerateCircuitInputsResult { inputs: /*type*/, circuitName: string,
endpointType: /*type*/, endpoint: /*type*/, circuitTypeWithDocumentExtension:
string }) and annotate _generateCircuitInputs with that return type, adjust the
local let declarations or rely on destructured assignment so each variable is
typed, and then remove the downstream as casts in _generatePayload that were
compensating for the implicit any.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

deployed_circuits! non-null assertion may produce an opaque runtime error.

If deployed_circuits is undefined for a given document category, the assertion passes undefined into checkDocumentSupported, likely causing a confusing downstream error rather than a clear failure message.

Proposed fix

     const isSupported = await checkDocumentSupported(passportData, {
       getDeployedCircuits: (documentCategory: DocumentCategory) => {
+        const circuits = selfClient.getProtocolState()[documentCategory].deployed_circuits;
+        if (!circuits) {
+          throw new Error(`No deployed circuits found for ${documentCategory}`);
+        }
+        return circuits;
-        selfClient.getProtocolState()[documentCategory].deployed_circuits!,
       },
     });

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const isSupported = await checkDocumentSupported(passportData, {
	getDeployedCircuits: (documentCategory: DocumentCategory) =>
	selfClient.getProtocolState()[documentCategory].deployed_circuits!,
	});
	const isSupported = await checkDocumentSupported(passportData, {
	getDeployedCircuits: (documentCategory: DocumentCategory) => {
	const circuits = selfClient.getProtocolState()[documentCategory].deployed_circuits;
	if (!circuits) {
	throw new Error(`No deployed circuits found for ${documentCategory}`);
	}
	return circuits;
	},
	});

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts` around
lines 206 - 209, The call to checkDocumentSupported is passing deployed_circuits
with a non-null assertion (deployed_circuits!) which can hide an undefined and
produce an opaque runtime error; update the getDeployedCircuits implementation
(the arrow passed into checkDocumentSupported) to defensively handle missing
deployed_circuits from selfClient.getProtocolState()[documentCategory] — either
return a clear fallback (e.g., empty array) or throw an explicit Error with
context including the documentCategory and protocol state when deployed_circuits
is undefined — so checkDocumentSupported receives a predictable value and
failures surface with a clear message; adjust any callers/typing of
getDeployedCircuits if needed to reflect the chosen behavior.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Unsafe csca as string cast (line 281) and fire-and-forget async IIFE (lines 283–289).

Two concerns in this block:

1. csca as string — No validation that csca is a non-empty string. The isUserRegisteredWithAlternativeCSCA return type may allow null/undefined for csca, which would silently corrupt the stored passport data.

2. Fire-and-forget IIFE — markCurrentDocumentAsRegistered runs detached. If it fails, the state machine has already moved to ALREADY_REGISTERED, but the document isn't actually marked. This creates a silent inconsistency that could cause repeated re-registration attempts or stale state on next launch.

Proposed fix

     if (isRegistered) {
+      if (!csca || typeof csca !== 'string') {
+        throw new Error('Alternative CSCA value is missing or invalid');
+      }
-      await reStorePassportDataWithRightCSCA(selfClient, passportData, csca as string);
+      await reStorePassportDataWithRightCSCA(selfClient, passportData, csca);
 
-      (async () => {
-        try {
-          await markCurrentDocumentAsRegistered(selfClient);
-        } catch (error) {
-          console.error('Error marking document as registered:', error);
-        }
-      })();
+      try {
+        await markCurrentDocumentAsRegistered(selfClient);
+      } catch (error) {
+        console.error('Error marking document as registered:', error);
+        // Non-fatal: continue with state transition
+      }
       setState({ circuitType: 'register' });

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/mobile-sdk-alpha/src/proving/internal/documentProcessor.ts` around
lines 280 - 298, The block uses an unsafe cast of csca when calling
reStorePassportDataWithRightCSCA and fires markCurrentDocumentAsRegistered in a
detached IIFE; validate that csca (from isUserRegisteredWithAlternativeCSCA) is
a non-empty string before calling reStorePassportDataWithRightCSCA (handle
null/undefined by branching or early return) and remove the fire-and-forget
pattern: await markCurrentDocumentAsRegistered(selfClient) inside a try/catch,
log/report failures and only proceed to setState({ circuitType: 'register' }),
call selfClient.trackEvent/selfClient.logProofEvent, and actor.send({ type:
'ALREADY_REGISTERED' }) after successful marking (or implement a clear
retry/error path if marking fails) so state and stored data remain consistent.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, find the ProvingState type definition
rg -n "type ProvingState\s*=" --type=ts packages/mobile-sdk-alpha/

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

# Look for PayloadState type definition
rg -n "type PayloadState\s*=" --type=ts packages/mobile-sdk-alpha/

Repository: selfxyz/self

Length of output: 151

---

🏁 Script executed:

# Find the payloadGenerator.ts file and examine context around lines 172-180
cat -n packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts | head -200 | tail -80

Repository: selfxyz/self

Length of output: 2989

---

🏁 Script executed:

# Find _generateCircuitInputs function to see how it handles circuitType
ast-grep --pattern '_generateCircuitInputs($$$) {
  $$$
}'

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

# Also check for where circuitType comes from in the code
rg -n "circuitType\s*=" --type=ts -B2 -A2 packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts | head -100

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

# Get the full PayloadState type definition
sed -n '39,60p' packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

Repository: selfxyz/self

Length of output: 643

---

🏁 Script executed:

# Search for ProvingMachineCircuitType definition
rg -n "type ProvingMachineCircuitType\|ProvingMachineCircuitType\s*=" --type=ts packages/mobile-sdk-alpha/ | head -20

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

# Get the full _generateCircuitInputs function signature and initial lines
rg -n "const _generateCircuitInputs\|export const _generateCircuitInputs\|function _generateCircuitInputs" --type=ts -A 10 packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

# Check the ProvingState type in the types file
fd -t f "*.ts" packages/mobile-sdk-alpha/src/proving/ -name "*types*" -exec cat -n {} \;

Repository: selfxyz/self

Length of output: 286

---

🏁 Script executed:

# Search for ProvingState type definition
rg -n "type ProvingState\s*=" --type=ts packages/mobile-sdk-alpha/

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

# Search for ProvingMachineCircuitType definition
rg -n "ProvingMachineCircuitType" --type=ts packages/mobile-sdk-alpha/ | head -20

Repository: selfxyz/self

Length of output: 1227

---

🏁 Script executed:

# List all files in proving directory to find types
find packages/mobile-sdk-alpha/src/proving -name "*.ts" -type f

Repository: selfxyz/self

Length of output: 1011

---

🏁 Script executed:

# Get the full ProvingState type definition from types.ts
cat -n packages/mobile-sdk-alpha/src/proving/types.ts | head -40

Repository: selfxyz/self

Length of output: 1785

---

🏁 Script executed:

# Check if there are other places where circuitType is cast without guard
rg -n "circuitType as ProvingMachineCircuitType" --type=ts packages/mobile-sdk-alpha/

Repository: selfxyz/self

Length of output: 325

---

🏁 Script executed:

# Check line 59 in teeConnectionHandler.ts context
sed -n '50,70p' packages/mobile-sdk-alpha/src/proving/internal/teeConnectionHandler.ts

Repository: selfxyz/self

Length of output: 975

---

Add explicit null check before casting circuitType to ProvingMachineCircuitType.

The type definition confirms circuitType: ProvingMachineCircuitType | null in ProvingState (line 26 of types.ts). While other required fields (passportData, env, sharedKey) have explicit guards at lines 162–170, circuitType lacks one. The as ProvingMachineCircuitType cast on line 175 silently bypasses the type system and will produce a less helpful error message ("Invalid circuit type:null") if the value is nullish.

🛡️ Proposed fix

+    if (!circuitType) {
+      throw new Error('Circuit type is not set');
+    }
     const { inputs, circuitName, endpointType, endpoint, circuitTypeWithDocumentExtension } =
       await _generateCircuitInputs(
         selfClient,
-        circuitType as ProvingMachineCircuitType,
+        circuitType,

Also apply the same fix to teeConnectionHandler.ts line 59 where the identical pattern occurs.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts` around
lines 172 - 180, Add an explicit null/undefined guard for the circuitType value
before casting it to ProvingMachineCircuitType: check that the local variable
circuitType is non-null and throw or return a clear error (e.g., "Missing
circuitType" or "Invalid circuit type: null/undefined") instead of using the
blind cast in the call to _generateCircuitInputs; update the same pattern in
teeConnectionHandler where circuitType is cast on line 59. Reference the
circuitType variable and the _generateCircuitInputs call so you locate and
replace the `as ProvingMachineCircuitType` cast with a proper guard and
descriptive error.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

rg -n 'function getPayload|export.*getPayload|const getPayload' --type=ts -A10 -B2 packages/mobile-sdk-alpha/ | head -80

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

cat -n packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts | sed -n '130,210p'

Repository: selfxyz/self

Length of output: 2953

---

🏁 Script executed:

rg -n "circuitType.*=.*'disclose'" --type=ts packages/mobile-sdk-alpha/ -B3 -A3

Repository: selfxyz/self

Length of output: 6679

---

🏁 Script executed:

rg -n 'export.*function getPayload|export const getPayload' --type=ts -A15 packages/mobile-sdk-alpha/

Repository: selfxyz/self

Length of output: 38

---

🏁 Script executed:

rg -n 'export.*getPayload|const getPayload' --type=ts -B5 -A15 | grep -v node_modules | head -100

Repository: selfxyz/self

Length of output: 1307

---

🏁 Script executed:

fd 'payloadGenerator' --type=f packages/mobile-sdk-alpha/ | xargs rg -n 'getPayload' -B2 -A10

Repository: selfxyz/self

Length of output: 12267

---

Remove incomplete type cast on circuitTypeWithDocumentExtension.

The cast to 'register_id' | 'dsc_id' | 'register' | 'dsc' is incomplete. The getPayload function signature at common/src/utils/proving.ts:62-71 accepts RegisterProofType | DscProofType | DiscloseProofType, which includes 'disclose' as a valid value. Line 135 sets this variable to 'disclose' for disclosure flows, and the test at packages/mobile-sdk-alpha/tests/proving/internal/payloadGenerator.test.ts:241-250 confirms the function is called with this value. Either remove the cast entirely to rely on proper type inference, or update the union to include all accepted proof types.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/mobile-sdk-alpha/src/proving/internal/payloadGenerator.ts` around
lines 194 - 203, The call to getPayload is using an incomplete type cast on
circuitTypeWithDocumentExtension; update the call to pass a correctly typed
value by either removing the explicit cast on circuitTypeWithDocumentExtension
so TypeScript infers its full type, or extend the union in the cast to include
'disclose' to match the getPayload signature (RegisterProofType | DscProofType |
DiscloseProofType). Locate the getPayload invocation in payloadGenerator.ts and
change the cast/argument handling for circuitTypeWithDocumentExtension
accordingly so it aligns with the accepted proof types.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Stale actor reference used in connect_error — inconsistent with other handlers.

Line 34 captures actor at setup time, and it's used directly on line 66 inside the connect_error handler. Meanwhile, disconnect (line 71) and status (line 98, 127) correctly call getActor() to get the current actor. If the actor is swapped between setup and the error event firing, the stale closure sends to the wrong (or disposed) actor.

Suggested fix

   socket.on('connect_error', error => {
     console.error('SocketIO connection error:', error);
+    const currentActor = getActor();
     selfClient.trackEvent(ProofEvents.SOCKETIO_CONNECT_ERROR, {
       message: error instanceof Error ? error.message : String(error),
     });
     selfClient.logProofEvent('error', 'Socket.IO connection error', context, {
       failure: 'PROOF_FAILED_CONNECTION',
       error: error instanceof Error ? error.message : String(error),
     });
-    actor.send({ type: 'PROVE_ERROR' });
+    currentActor?.send({ type: 'PROVE_ERROR' });
     setState({ socketConnection: null });
   });

Also applies to: 57-68

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/mobile-sdk-alpha/src/proving/internal/socketIOListener.ts` around
lines 34 - 38, The setup currently captures const actor = getActor() and uses
that stale closure inside the connect_error handler (and other handlers in the
57-68 range), causing wrong/disposed actor usage; update the connect_error
handler (and any handlers that reference the outer actor variable) to call
getActor() at event time instead of using the captured actor, then null-check
the returned actor and bail or log consistently (same pattern as disconnect and
status handlers) so the current actor is always used.

[transphorm]

closing in favor of this updated pr

#1807