Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
📝 WalkthroughWalkthroughThis PR performs a version bump of the hdwallet monorepo from 1.62.40 to 1.62.41, updating all package.json files across the workspace and aligning all inter-package dependencies to the new version. Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
packages/hdwallet-native/src/native.ts (1)
493-505: ResettonMasterKeyon wipe/loadDevice to avoid stale key reuse.If
loadDeviceis called withouttonMasterKey(or afterwipe), the previous TON key can remain and reinitialize TON with the wrong wallet. Wipe should also revoke TON key material.🔒 Proposed fix
async wipe(): Promise<void> { const oldSecp256k1MasterKey = this.#secp256k1MasterKey; const oldEd25519MasterKey = this.#ed25519MasterKey; + const oldTonMasterKey = this.#tonMasterKey; this.#initialized = false; this.#secp256k1MasterKey = undefined; this.#ed25519MasterKey = undefined; + this.#tonMasterKey = undefined; super.solanaWipe(); super.suiWipe(); super.nearWipe(); super.tonWipe(); @@ (await oldSecp256k1MasterKey)?.revoke?.(); (await oldEd25519MasterKey)?.revoke?.(); + (await oldTonMasterKey)?.revoke?.(); } @@ - if (tonMasterKeyResult) { - this.#tonMasterKey = Promise.resolve(tonMasterKeyResult); - } + this.#tonMasterKey = tonMasterKeyResult ? Promise.resolve(tonMasterKeyResult) : undefined;Also applies to: 596-617
🤖 Fix all issues with AI agents
In `@packages/hdwallet-core/src/ton.ts`:
- Around line 9-26: The TonSignTx/TonRawMessage types don't match native
behavior: update the docs/types so message is explicitly the UTF-8 JSON string
matching TonTransactionParams (not a BOC Uint8Array) and specify the expected
encoding for payload and stateInit (e.g., base64-encoded BOC strings or another
agreed encoding) or change their types accordingly; revise comments on
TonSignTx.message, TonRawMessage.payload and TonRawMessage.stateInit to state
the exact encoding/shape and reference TonTransactionParams and the
TonRawMessage interface names so callers and the native implementation agree.
In `@packages/hdwallet-native/src/adapter.ts`:
- Around line 10-22: The comment block describing MASTER KEY TYPES incorrectly
states TON uses PBKDF2 with "TON default seed" and 100,000 iterations; update
the comment near the tonMasterKey description in the adapter.ts comment header
to accurately state that the native engine's TON seed flow uses standard BIP‑39
derivation (matching Trust Wallet compatibility) rather than PBKDF2, and remove
or clarify the PBKDF2 text so integrators are not misled.
🧹 Nitpick comments (2)
packages/hdwallet-gridplus/src/gridplus.ts (1)
240-258: Logic is correct; minor redundancy in the condition.The check on line 247 (
addressNList[0] === 0x80000000 + 44) is redundant sincedescribeETHPathalready validates this on line 27—ifisKnownis true, the purpose must be 44'. The check is harmless but could be simplified.♻️ Optional simplification
- if (addressNList[0] === 0x80000000 + 44) { - addressNList[4] += 1; - return { - ...msg, - addressNList, - hardenedPath: core.hardenedPath(addressNList), - relPath: core.relativePath(addressNList), - }; - } - - return undefined; + addressNList[4] += 1; + return { + ...msg, + addressNList, + hardenedPath: core.hardenedPath(addressNList), + relPath: core.relativePath(addressNList), + };packages/hdwallet-native/src/crypto/isolation/engines/default/bip39.ts (1)
45-61: Clarify intentional PBKDF2 parameters for TON derivation.
A short inline note will prevent future “spec mismatch” refactors.♻️ Suggested doc tweak
async toTonSeed(password?: string): Promise<TonSeed> { const mnemonic = this.#mnemonic; + // NOTE: Intentionally uses standard BIP-39 PBKDF2 params for TON + // compatibility with Trust Wallet-derived addresses. const salt = new TextEncoder().encode(`mnemonic${password ?? ""}`.normalize("NFKD"));Based on learnings, this behavior is intentional for cross-wallet compatibility.
Regenerated yarn.lock from public npm registry after TON blockchain support was added in 1.62.40. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Oupsy, forgot to
yarnbefore publishing, bumping again!Summary by CodeRabbit
✏️ Tip: You can customize this high-level summary in your review settings.