feat/PRO-3018/Private-Key-Mode

[RanaBug]

Description

• Private key mode implementation that allows users to login with a private ke and by-passing social login
• Login / Logout flow update

How Has This Been Tested?

• Existing Unit Tests and Manual Testing

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Summary by CodeRabbit

• New Features

  • Introduced private key authentication, providing an alternative login method.
  • Updated asset and transaction displays to reflect the Polygon network.

• Bug Fixes

  • Updated test data for various components to ensure alignment with the new blockchain context.

• Refactor

  • Enhanced the authentication and session management flow for a smoother user experience.

[coderabbitai]

Walkthrough

The changes update test configurations by modifying mock data—such as token addresses, chain identifiers, and blockchain fields—in several components. Additionally, the updates integrate a private key login mechanism throughout the application. A new custom hook (usePrivateKeyLogin) and a corresponding provider (PrivateKeyLoginProvider) are introduced. Component tests and logout behavior in the BottomMenu and AccountModal are adjusted accordingly, and the Main component’s authentication flow is enhanced to conditionally render content based on both wallet and private key login states.

Changes

File(s)	Change Summary
src/apps/deposit/...Asset.test.tsx, src/apps/deposit/...AssetsList.test.tsx, src/pillarx-app/...TokensHorizontalTile.test.tsx, src/providers/__tests__/GlobalTransactionsBatchProvider.test.tsx	Updated mock data: token addresses, chain IDs, and blockchain fields adjusted from previous values to new ones.
src/components/BottomMenu/... (BottomMenu.test.tsx, index.tsx, BottomMenuModal/AccountModal.tsx)	Modified test cases and component logic to incorporate PrivateKeyLoginProvider and utilize the new usePrivateKeyLogin hook for authentication and logout functionality.
src/containers/Main.tsx, src/hooks/usePrivateKeyLogin.tsx, src/providers/PrivateKeyLoginProvider.tsx	Enhanced authentication flow by integrating private key login; added new hook and provider to check account state and conditionally render authenticated content.

Sequence Diagram(s)

sequenceDiagram
    participant U as User
    participant M as Main Component
    participant PKP as PrivateKeyLoginProvider
    participant Hook as usePrivateKeyLogin
    participant BM as BottomMenu

    U->>M: Access application (with pk URL param)
    M->>Hook: Extract account from URL parameters
    Hook->>PKP: Retrieve/update account state
    PKP-->>M: Return current account info
    M->>BM: Render BottomMenu if authenticated (account exists)
    BM-->>U: Display authenticated UI

Loading

Suggested reviewers

• IAmKio

Poem

I hop through lines of code so neat,
Testing tokens with a brand–new beat.
Private keys guide our pathway clear,
In providers and hooks they now appear.
With each small change, my joy takes flight –
A rabbit’s dance in code’s soft light!
🐇✨

✨ Finishing Touches

• 📝 Generate Docstrings (Beta)

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

src/containers/Main.tsx (2)

70-72: Storing tokens in local storage can pose security risks.
Consider using httponly cookies or another secure storage mechanism to minimize exposure to XSS attacks.

---

89-114: Ensure no long-lived private key storage in memory.
The code only saves the address to localStorage, which is good. Just verify the private key is promptly discarded.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 842c707 and 1e73e96.

⛔ Files ignored due to path filters (3)

• src/apps/deposit/components/Asset/test/__snapshots__/Asset.test.tsx.snap is excluded by !**/*.snap
• src/apps/pillarx-app/components/MediaGridCollection/tests/__snapshots__/DisplayCollectionImage.test.tsx.snap is excluded by !**/*.snap
• src/apps/pillarx-app/components/PointsTile/test/__snapshots__/PointsTile.test.tsx.snap is excluded by !**/*.snap

📒 Files selected for processing (10)

• src/apps/deposit/components/Asset/test/Asset.test.tsx (2 hunks)
• src/apps/deposit/components/AssetsList/test/AssetsList.test.tsx (1 hunks)
• src/apps/pillarx-app/components/TokensHorizontalTile/test/TokensHorizontalTile.test.tsx (1 hunks)
• src/components/BottomMenu/BottomMenu.test.tsx (3 hunks)
• src/components/BottomMenu/index.tsx (3 hunks)
• src/components/BottomMenuModal/AccountModal.tsx (3 hunks)
• src/containers/Main.tsx (5 hunks)
• src/hooks/usePrivateKeyLogin.tsx (1 hunks)
• src/providers/PrivateKeyLoginProvider.tsx (1 hunks)
• src/providers/__tests__/GlobalTransactionsBatchProvider.test.tsx (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: lint
• GitHub Check: unit-tests
• GitHub Check: build
• GitHub Check: Cloudflare Pages

🔇 Additional comments (20)

src/apps/deposit/components/AssetsList/test/AssetsList.test.tsx (1)

8-9:

Details

❓ Verification inconclusive

Verify the mock data consistency with Polygon network.

The mock data has been updated to use Polygon network values (chain ID 137). This aligns with the changes in other test files and appears to be part of a broader shift to Polygon network testing.

Let's verify that this address exists on the Polygon network:

---

🏁 Script executed:

#!/bin/bash
# Description: Verify the token address on Polygon network
curl -s "https://api.polygonscan.com/api?module=token&action=tokeninfo&contractaddress=0xD6DF932A45C0f255f85145f286eA0b292B21C90B"

Length of output: 200

---

Attention: Verify API key for token verification on Polygon network.

The mock data in AssetsList.test.tsx has been updated to use values for the Polygon network (chain ID 137), which is consistent with changes in the rest of the test files. However, our automated token verification via Polygonscan returned a "Missing/Invalid API Key" error. This means we couldn’t conclusively verify that the address 0xD6DF932A45C0f255f85145f286eA0b292B21C90B is valid on the Polygon network.

• Ensure a valid API key is provided for Polygonscan if automated verification is required.
• Alternatively, perform manual verification of the token data to confirm its validity for Polygon testing.

src/apps/deposit/components/Asset/test/Asset.test.tsx (1)

11-12: LGTM! Test data and expectations are properly aligned.

The mock token data and test expectations have been consistently updated to reflect the shift from Ethereum to Polygon network.

Also applies to: 53-53

src/providers/__tests__/GlobalTransactionsBatchProvider.test.tsx (1)

13-15: LGTM! Mock transaction data is consistent.

The mock transaction data has been updated to use the same Polygon network address and chain ID as other files, maintaining consistency across the test suite.

src/containers/Main.tsx (11)

10-16: LGTM for new viem imports.
All imported symbols appear to be used properly, and there's no sign of extraneous imports.

---

26-26: Provider import looks good.
This addition is consistent with the new private key login approach.

---

45-45: Importing the custom hook is correct.
The integration with usePrivateKeyLogin aligns well with the rest of the file.

---

65-65: Consider clearing state on logout.
While retrieving account from the custom hook is fine, ensure there's a robust logout path that resets setAccount and local storage to prevent stale data.

---

74-74: Predicate for combined auth state is clear.
No issues; combining authenticated with the presence of account is well-structured.

---

78-83: Documentation comments match the new feature.
The docstring accurately describes the updated useEffect logic for private key and wallet states.

---

117-139: Verify default chain selection logic.
The code defaults to chain ID 1 (mainnet). Please confirm that this aligns with user expectations, especially if testnets are required.

---

140-178: Multi-wallet handling appears correct.
Steps to find and configure the specified wallet provider look coherent and handle fallback to the first visible chain reliably.

---

187-187: Gating logic is sound.
Requiring isAppReady, isAuthenticated, provider, and chainId helps prevent rendering incomplete states.

---

273-273: No issues with unauthorized route checks.
This condition ensures proper routing for unauthenticated scenarios.

---

327-342: Nested providers are well-ordered.
Wrapping PrivyProvider inside PrivateKeyLoginProvider is coherent for the intended logic flow.

src/hooks/usePrivateKeyLogin.tsx (1)

1-17: Custom hook implementation looks good.
It validates context usage properly and ensures consumers cannot access it outside of the provider.

src/providers/PrivateKeyLoginProvider.tsx (1)

1-37: Context provider is well-structured.
Storing only the address and not the private key reduces risk, and using useMemo avoids unnecessary re-renders.

src/components/BottomMenu/BottomMenu.test.tsx (1)

67-73: LGTM! Test setup correctly includes PrivateKeyLoginProvider.

The test configuration properly wraps the component with PrivateKeyLoginProvider in both authenticated and unauthenticated scenarios, ensuring the test environment matches the production setup.

Also applies to: 112-118

src/components/BottomMenu/index.tsx (1)

32-32: LGTM! Authentication check properly handles both login methods.

The component now correctly checks for both authenticated state from Privy and account from private key login, ensuring proper access control regardless of the authentication method used.

Also applies to: 61-61

src/components/BottomMenuModal/AccountModal.tsx (2)

136-151: Verify the necessity of window reload after logout.

While the logout logic correctly handles both authentication methods, the forced window reload might disrupt the user experience. Consider if this is necessary or if a more seamless transition could be implemented.

Could you clarify if the window reload is required for proper cleanup of the application state? If not, consider replacing it with a more graceful state reset mechanism.

---

58-58: LGTM! Logout logic properly handles both authentication methods.

The implementation correctly:

1. Distinguishes between private key and social login
2. Cleans up appropriate storage
3. Resets account state

Also applies to: 137-143

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Consider type consistency for blockchain identifier.

While the address update is consistent with other files, the blockchain identifier is stored as a string ('137') while other files use a number (137). This might cause type-related issues if the component expects a specific type.

Let's check how the blockchain field is used across the codebase:

---

🏁 Script executed:

#!/bin/bash
# Description: Check blockchain field usage
# Search for blockchain field in type definitions
ast-grep --pattern 'interface $_ {
  $$$
  blockchain: $_
  $$$
}'

# Search for blockchain field usage
rg -A 2 'blockchain.*137'

Length of output: 430

---

Action Required: Ensure Consistent Numeric Type for Blockchain Identifier

It appears that the test file (src/apps/pillarx-app/components/TokensHorizontalTile/test/TokensHorizontalTile.test.tsx, lines 22–23) defines the blockchain field as a string ('137') rather than a number. Since other parts of the codebase are using a numeric value (137) for this field, please update this test to maintain type consistency and avoid potential issues.

• File: src/apps/pillarx-app/components/TokensHorizontalTile/test/TokensHorizontalTile.test.tsx
• Location: Lines 22–23
• Suggestion: Change the blockchain property from a string to a numeric literal (i.e., update from '137' to 137).

[coderabbitai]

⚠️ Potential issue

Avoid passing private key parameters via URL.
Query parameters are often logged and can expose the private key inadvertently. A safer channel should be considered.

[IAmKio]

By design for an edge case

[coderabbitai]

@IAmKio Understood, I'll note this design decision for future reviews.

(_/)

(•-•)

/> 📝

---

✏️ Learnings added

Learnt from: IAmKio
PR: pillarwallet/x#243
File: src/containers/Main.tsx:85-86
Timestamp: 2025-02-20T19:50:40.311Z
Learning: Passing private key via URL parameters in the login flow is an intentional design choice for handling edge cases in the private key login mode.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

[cloudflare-workers-and-pages]

Deploying x with    Cloudflare Pages

Latest commit:	ccd102f
Status:	✅  Deploy successful!
Preview URL:	https://03bbdeb8.x-e62.pages.dev
Branch Preview URL:	https://feat-pro-3018-private-key-mo.x-e62.pages.dev

View logs

[IAmKio]

Just two small questions but other than that - it's looking good!

[IAmKio]

By design for an edge case

[IAmKio]

LGTM!

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

src/components/BottomMenuModal/AccountModal.tsx (1)

136-151: Consider documenting the timeout workaround.

The dual logout flow is well-implemented, handling both private key and social login cases. The timeout is a known workaround for SDK timing issues.

Add a code comment explaining the timeout workaround:

    clearDappStorage();
    navigate('/');

-   // Time to logout and redirect route
+   // Workaround: Added timeout to ensure proper page reload after logout
+   // due to timing issues with the Modular SDK not automatically
+   // reloading the page
    setTimeout(() => window.location.reload(), 500);

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1e73e96 and ccd102f.

📒 Files selected for processing (1)

• src/components/BottomMenuModal/AccountModal.tsx (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: unit-tests
• GitHub Check: build
• GitHub Check: Cloudflare Pages

🔇 Additional comments (2)

src/components/BottomMenuModal/AccountModal.tsx (2)

47-47: LGTM! Clean integration of private key login.

The addition of the usePrivateKeyLogin hook and its usage is well-structured and aligns with the PR's objective of implementing private key login functionality.

Also applies to: 58-58

---

56-379: LGTM! Well-contained changes.

The private key login integration is cleanly implemented without affecting the core token and NFT display functionality of the component.