🐛 app: custom transport fixes

[dieguezguille]

---

Summary by CodeRabbit

• Bug Fixes
  • Multi-chain account actions now honor the requested chain ID, preventing misrouted operations.
  • WebAuthn and fallback transaction flows use the requested chain ID for consistent behavior.
  • Send/transaction fallbacks reliably switch chains on failure and restore original chain afterward.
  • Disabled automatic transport retries to avoid duplicate requests and improve predictability.
  • Fallback transactions now include proper encoded calldata to ensure correct execution.

[changeset-bot]

🦋 Changeset detected

Latest commit: 381d1b1

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Forwards an optional chainId through account client requests, uses that chainId in generated IDs and sendCalls, disables retries for the bundler transport, and adds chain-switching around a fallback sendTransaction; also adds two changeset files for patch releases of @exactly/mobile.

Changes

Cohort / File(s)	Summary
Changesets .changeset/cool-icons-grow.md, .changeset/fuzzy-adults-tease.md	Added two changeset entries declaring patch releases for @exactly/mobile with release notes about forwarding chainId and disabling retries in a custom transport.
Account client logic src/utils/accountClient.ts	Accept optional chainId in wallet_sendCalls, compute requestedChainId, use it in WebAuthn and fallback IDs, pass chainId: requestedChainId to sendCalls, on sendCalls failure switch chain to requestedChainId and submit fallback sendTransaction (uses encodeFunctionData), then switch back; wrap bundler transport with noRetry(custom(...)); add imports encodeFunctionData, switchChain, and noRetry helper.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant AccountClient
    participant WalletProvider
    participant Blockchain

    Client->>AccountClient: wallet_sendCalls({calls, from, chainId?})
    AccountClient->>AccountClient: determine requestedChainId = chainId || chain.id
    alt sendCalls succeeds
        AccountClient->>WalletProvider: sendCalls(..., chainId: requestedChainId)
        WalletProvider->>Blockchain: submit calls on requestedChainId
        Blockchain-->>WalletProvider: result
        WalletProvider-->>AccountClient: result
        AccountClient-->>Client: response (id includes requestedChainId)
    else sendCalls fails
        AccountClient->>AccountClient: switchChain(requestedChainId)
        AccountClient->>WalletProvider: sendTransaction({to, data, chainId: requestedChainId})
        WalletProvider->>Blockchain: submit tx on requestedChainId
        Blockchain-->>WalletProvider: result / error
        WalletProvider-->>AccountClient: result / error
        AccountClient->>AccountClient: switchChain(originalChainId) (finally)
        AccountClient-->>Client: response / error
    end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• ✅ e2e misc improvements #702 — Updates wallet_sendCalls/sendCalls behavior and transaction ID/chain handling; directly related.

Suggested reviewers

• cruzdanilo
• franm91

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title references custom transport fixes, which aligns with the main change in accountClient.ts (bundler transport configuration change from custom(...) to noRetry(custom(...))). However, it omits mention of the other critical changes like chain ID forwarding and retry disabling.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch transport

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sentry]

Codecov Report

❌ Patch coverage is 54.87179% with 88 lines in your changes missing coverage. Please review.
✅ Project coverage is 71.91%. Comparing base (dfbd4de) to head (381d1b1).
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
src/components/pay/Repay.tsx	55.00%	27 Missing ⚠️
src/utils/accountClient.ts	8.00%	23 Missing ⚠️
src/utils/reportError.ts	59.09%	18 Missing ⚠️
src/components/send-funds/Amount.tsx	73.07%	7 Missing ⚠️
...rc/components/home/card-upgrade/UpgradeAccount.tsx	0.00%	4 Missing ⚠️
src/utils/useAuth.ts	0.00%	3 Missing ⚠️
src/components/loans/Review.tsx	33.33%	2 Missing ⚠️
src/components/roll-debt/RollDebt.tsx	88.23%	2 Missing ⚠️
src/utils/server.ts	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #922      +/-   ##
==========================================
- Coverage   73.49%   71.91%   -1.59%     
==========================================
  Files         229      229              
  Lines        8874     8441     -433     
  Branches     2927     2710     -217     
==========================================
- Hits         6522     6070     -452     
- Misses       2117     2140      +23     
+ Partials      235      231       -4     

Flag	Coverage Δ
e2e	71.91% <54.87%> (-1.58%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

♻️ Duplicate comments (4)

src/utils/accountClient.ts (4)

160-163: ⚠️ Potential issue | 🟡 Minor

Remove the prettier-ignore suppression.

This repo does not allow formatting suppressions in source files; let Prettier wrap this call normally. As per coding guidelines "Follow ESLint, Prettier, and Solhint rules strictly; do not argue with the linter" and "Use only static analysis annotations (@ts-expect-error, eslint-disable, solhint-disable, slither-disable, cspell:ignore) and TODO/HACK/FIXME markers; do not use JSDoc, explanatory prose, region markers, or inline labels".

---

174-179: ⚠️ Potential issue | 🟠 Major

Don't encode requestedChainId here unless this branch actually honors it.

The WebAuthn path still sends through the default-chain client, and wallet_getCallsStatus later polls that same client. If requestedChainId !== chain.id, the operation still executes on the default network while the returned id claims otherwise. Either reject mismatches here or create a chain-specific client before sendUserOperation().

💡 minimal guard

             const requestedChainId = chainId ? hexToNumber(chainId) : chain.id;
             if (queryClient.getQueryData<AuthMethod>(["method"]) === "webauthn") {
+              if (requestedChainId !== chain.id) throw new Error("unsupported chain");
               const { hash } = await client.sendUserOperation({

---

206-215: ⚠️ Potential issue | 🔴 Critical

Don't switch the shared ownerConfig inside this fallback.

src/utils/wagmi/owner.ts exports a singleton config, so concurrent requests can race each other here. Even without concurrency, the finally block clobbers any pre-existing non-default selection because it always hard-resets to chain.id. Use an isolated per-request client, or serialize this section and restore the real prior chain.

---

239-241: ⚠️ Potential issue | 🟠 Major

eth_sendTransaction is still pinned to the default chain.

This branch ignores any chainId on the incoming transaction and always calls sendCalls() with chain.id, so cross-chain eth_sendTransaction requests still go to the default network. Use the request's chain when present, or reject mismatches before falling back to client.request().

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: d93dca5f-a56d-4bf8-a8a6-a55f0ba2227d

📥 Commits

Reviewing files that changed from the base of the PR and between ae0aad2 and 89535f1.

📒 Files selected for processing (3)

• .changeset/cool-icons-grow.md
• .changeset/fuzzy-adults-tease.md
• src/utils/accountClient.ts

[coderabbitai]

♻️ Duplicate comments (3)

src/utils/accountClient.ts (3)

172-177: ⚠️ Potential issue | 🟠 Major

Reject non-default chains on the WebAuthn path.

client.sendUserOperation() is still tied to the default chain, but the returned id is stamped with requestedChainId. A non-default request can execute on one network and then be polled/reported as another.

💡 compact guard

             const requestedChainId = chainId ? hexToNumber(chainId) : chain.id;
             if (queryClient.getQueryData<AuthMethod>(["method"]) === "webauthn") {
+              if (requestedChainId !== chain.id) throw new Error("unsupported chain");
               const { hash } = await client.sendUserOperation({

---

204-214: ⚠️ Potential issue | 🔴 Critical

Don't switch a shared wagmi config inside this fallback.

This still mutates ownerConfig globally. Overlapping requests can race on the active chain, and even a single request restores to chain.id instead of the caller’s actual previous chain. Use an isolated client, or capture/restore the exact previous chain under a lock.

---

237-239: ⚠️ Potential issue | 🟠 Major

Don't hard-code the default chain in eth_sendTransaction.

This branch still ignores params[0].chainId, so a cross-chain request is silently forced onto chain.id. If this flow is intentionally single-chain, reject mismatches instead of rewriting them.

💡 compact fix

-                const { to, data = "0x", value = 0n } = params[0] as TransactionRequest;
+                const { to, chainId, data = "0x", value = 0n } = params[0] as TransactionRequest;
                 const { id } = await sendCalls(ownerConfig, {
-                  chainId: chain.id,
+                  chainId: chainId ?? chain.id,

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: ca0632f0-363c-4faf-a10d-f3e234755abf

📥 Commits

Reviewing files that changed from the base of the PR and between 700e0e4 and ca87c0e.

📒 Files selected for processing (3)

• .changeset/cool-icons-grow.md
• .changeset/fuzzy-adults-tease.md
• src/utils/accountClient.ts

[devin-ai-integration]

Devin Review found 0 new potential issues.

View 22 additional findings in Devin Review.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: de5184708c

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Keep passkey warnings reachable in auth query handling

dropError now returns true for every authKnown error, but the global query handler checks dropError before warnError (src/utils/queryClient.ts), so passkeyWarning cases (e.g. biometrics-required/pending-passkey conditions) are dropped and never reach warning telemetry. This regresses observability for non-cancel auth failures: they are still classified as warnings (warnError) but the new predicate short-circuits them first.

Useful? React with 👍 / 👎.

[devin-ai-integration]

Devin Review found 0 new potential issues.

View 22 additional findings in Devin Review.

[devin-ai-integration]

Devin Review found 0 new potential issues.

View 23 additional findings in Devin Review.

[devin-ai-integration]

Devin Review found 0 new potential issues.

View 23 additional findings in Devin Review.

[devin-ai-integration]

Devin Review found 0 new potential issues.

View 24 additional findings in Devin Review.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 381d1b1abe

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Return a pollable id for fallback transactions

When wallet_sendCalls falls back to sendTransaction, this path returns a synthetic TX_MAGIC_ID-encoded id that is not produced by wallet_sendCalls; wallet_getCallsStatus in this client only decodes UO_MAGIC_ID and forwards everything else to getCallsStatus(ownerConfig), so the new waitForCallsStatus(...) calls added across repay/swap/send/rollover can fail or time out whenever this fallback is taken. Fresh evidence: src/utils/e2e.ts includes a dedicated TX_MAGIC_ID decode branch for status polling, but accountClient does not.

Useful? React with 👍 / 👎.

[devin-ai-integration]

Devin Review found 0 new potential issues.

View 25 additional findings in Devin Review.