fix: resolve onboarding unlock flow and UI issues#156
Conversation
alez04
requested review from
ahmed-tarek-salem and
sallymoc
and removed request for
sallymoc
| setStatus(t('onboarding.errors.passphraseRequired')) | ||
| return | ||
| } | ||
| if (step === 2 && variant !== 'add-address' && passphrase.length < 12) { |
There was a problem hiding this comment.
replace 12 magic number with an app constant
| return | ||
| } | ||
| if (variant !== 'add-address' && passphrase.length < 12) { | ||
| setStatus(t('onboarding.errors.passphraseTooShort')) |
There was a problem hiding this comment.
replace 12 magic number with an app constant
| return | ||
| } | ||
| if (step === 2 && passphrase.length < 12) { | ||
| setStatus(t('onboarding.errors.passphraseTooShort')) |
There was a problem hiding this comment.
replace 12 magic number by an app constant
| return | ||
| } | ||
| if (passphrase.length < 12) { | ||
| setStatus(t('onboarding.errors.passphraseTooShort')) |
There was a problem hiding this comment.
replace 12 magic number by an app constant
| "selectFile": "Wähle eine Tresor-Datei aus.", | ||
| "passphraseRequired": "Passwort ist erforderlich.", | ||
| "invalidSourcePassphrase": "Ungültiges Quell-Tresor-Passwort.", | ||
| "importFailed": "Web-Wallet-Tresor konnte nicht importiert werden.", |
There was a problem hiding this comment.
@alez04 This key is not longer reference in the code. Please remove it here and from all 8 locale files (en, es, de, fr, ru, tr, vi, zh).
There was a problem hiding this comment.
@alez04 Please remove the .trim() calls at lines 215, 244, 247 in this file. The rest of the codebase (unlock.tsx, create-wallet.tsx, import-seed.tsx, passphrase-auth.tsx) passes the passphrase verbatim to openBrowserVault. Trimming here means the stored vault passphrase differs from what the user typed, and unlock won't match. Standard crypto-wallet practice is to not trim passwords.
…ault APIs - Add validatePassphraseStrength helper in src/lib/passphrase.ts with private MIN_PASSPHRASE_LENGTH constant; both required and min-length checks evaluate on the trimmed value. - Migrate all 6 onboarding call sites (create-wallet, import-seed, import-vault) to the helper. - Remove .trim() mutations before vault encrypt/decrypt APIs so the raw passphrase reaches openBrowserVault, validateVaultPassphrase, rotatePassphrase, getSeedForSigning, importAndUnlock, and the dApp signer in the background. .trim() is now used only for emptiness checks and ternary discriminators. - Drop the redundant MIN_PASSPHRASE_LENGTH export from constants.ts.
|
🎉 This PR is included in version 1.1.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
2 participants
Summary
Testing