chore(release): Re-land v0.9.3 release

[CharlVS]

Blocked on currently pending issues/PRs. Deadline of Tuesday, 4 November.

Komodo Wallet v0.9.3 Release Notes

This release delivers significant performance improvements, enhanced analytics capabilities, and a comprehensive overhaul of authentication and wallet management. Key highlights include real-time portfolio streaming, a dual analytics pipeline with persistent queueing, one-click sign-in, Z-HTLC support, and extensive optimisations that reduce RPC usage while improving responsiveness across all platforms.

🚀 New Features

• Realtime Portfolio Streaming ([@CharlVS], perf: eliminate RPC polling via event streaming, persistent caching, and deduplication (#3238) #3253) - Live balance updates throughout the app via CoinsBloc streaming, eliminating the need for manual refreshes
• One-Click "Remember Me" Sign-In ([@CharlVS], feat(auth): implement one-click remember me sign-in functionality #3041) - Securely cache wallet metadata for instant access with improved post-login routing
• Dual Analytics Pipeline ([@CharlVS], feat(analytics): multi-provider (Firebase+Matomo), queueing with persistence, standardized events #2932) - Firebase and Matomo integration with persistent event queueing, CI toggles, and comprehensive event tracking
• Z-HTLC Support ([@takenagain], feat: ZHTLC support #3158) - Full support for privacy-preserving Hash Time Locked Contracts with configurable activation toggles and optional sync parameters
• Enhanced Feedback System ([@CharlVS], feat(feedback): comprehensive feedback system overhaul with screenshot protection #3017) - Comprehensive feedback portal overhaul with provider plugins, opt-out contact handling, screenshot scrubbing, and analytics integration
• Geo-blocking Bouncer ([@CharlVS], feat(geo): bouncer for privacy coin blocking #3150) - Privacy coin restrictions with regulated build overrides for compliance
• Transaction Broadcast Details ([@smk762], show transaction details after broadcast #3308) - View transaction details immediately after broadcasting withdrawals
• Market Maker Mobile Improvements ([@takenagain], sync main #3220) - Status indicators and start/stop controls now available in mobile view
• Swap Data Export ([@ca333], sync main #3220) - Copy and export swap data for reference and debugging
• Tendermint Faucet Support ([@takenagain], feat(faucet): migrate hasFaucet check to the SDK extension #3206) - Request test coins for Tendermint-based assets with activation guardrails
• Optional Verbose Logging ([@ca333], Optional logging #3332) - Configurable logging levels for development and troubleshooting
• SDK Log Integration ([@CharlVS], fix: route sdk logs through app logger #3159) - SDK logs now route through the app logger for unified log management

SDK Updates (komodo-defi-sdk-flutter)

This release integrates komodo-defi-sdk v1.0.0-pre.1 with 82 commits bringing substantial improvements:

• Flutter Web WASM Support (SDK#176) - WASM support with OPFS integration and unified storage. The SDK is now Flutter wasm-ready, but will still require some changes for Komodo Komodo wallet which will bring performance improvements.
• Enhanced RPC Coverage (SDK#179, #188, #191) - Trading, orderbook, and Lightning RPC support
• Streaming Infrastructure (SDK#178, #232, #269) - Pubkey and balance watch streams with comprehensive caching
• Multi-Provider Market Data (SDK#145, #224) - CoinPaprika fallback and refined Binance quotes
• Custom Token Storage (SDK#225, #190) - Runtime coin updates integration
• Platform Support (SDK#237, #247) - macOS universal binary and packaging updates

See the full SDK changelog for complete details.

🎨 UI/UX Improvements

• Fiat Value Display ([@takenagain], fix(coin-details): display fiat balance for addresses #3049) - Coin detail pages now show fiat balance for individual addresses
• Withdraw Form Enhancements ([@takenagain], fix(withdraw): add USD fiat values alongside amounts #3274) - Vertical responsive layout, fiat value previews for amount and fee, and alignment improvements
• Loading State Placeholders ([@takenagain], fix(asset-list): hide and use placeholders until fiat prices are available #3134) - Hide asset lists and show placeholders until fiat prices are available for better UX
• Transaction History Ordering ([@CharlVS], #9900372) - Unconfirmed transactions now appear first in the list
• Token Parent Labelling ([@dragonhound], Tag parent coins as native #2988) - Parent coins now tagged as "native" for clearer asset hierarchy
• Trezor Visibility Toggles ([@smk762], Trezor visibility  #3214) - Password and PIN visibility controls for Trezor authentication
• Market Maker Value Display ([@smk762], fix(makerbot): correct Orders tab Send/Receive preview amounts; never exceed balance #3215) - Fixed bot maker order values display
• Activation Filter Compatibility ([@smk762], show only compatible activation filter options #3249) - Only show compatible activation filter options to prevent errors
• Buy Coin List Sorting ([@smk762], fix(dex): surface best_orders failures; CTA to Maker; localized empty states #3328) - Market maker buy coin list now sorted with price filters and "add assets" footer
• Keyboard Dismissal ([@takenagain], fix: mobile seed banner, text alignment, and input dismissal #3225) - Dismiss keyboard on scroll for fiat and swap inputs
• Mobile Seed Backup Banner ([@takenagain], fix: mobile seed banner, text alignment, and input dismissal #3225) - Seed backup banner now visible in mobile view
• Post-Login Navigation ([@smk762], Login logout to home #3262) - Consistent routing to wallet page after login or logout with delayed navigation for Trezor PIN/passphrase entry
• Custom Seed Toggle ([@smk762], hide custom seed toggle unless bip39 validation fails #3260) - Hide custom seed toggle unless BIP39 validation fails
• NFT Withdraw QR Scanning ([@smk762], add qr code scan button to nft withdraw input #3243) - QR code scan button added to NFT withdrawal address input
• Consistent Pill Styling ([@dragonhound], Apply consistent "dex address" pill style #2974) - Applied uniform "swap address" pill style throughout the app
• Thoughtful Scrollbar Disposal ([@dragonhound], dispose of scrollbars thoughtfully #3008) - Improved scrollbar lifecycle management

⚡ Performance Enhancements

• RPC Spam Reduction ([@CharlVS], perf: eliminate RPC polling via event streaming, persistent caching, and deduplication (#3238) #3253) - Comprehensive SDK-side caching and streaming support drastically reduces redundant RPC calls
• Fiat On-Ramp Debouncing ([@takenagain], perf(fiat-onramp): re-implement fiat amount debounce to reduce API calls on user input changes #3125) - Reduced API calls on user input changes for smoother fiat amount entry
• Balance Watch Streams (SDK, Base max amount on trade moving not inside selected order capacity #178) - Realtime balance updates from SDK eliminate polling
• Pubkey Caching ([@CharlVS], sync main #3251) - Prefer cached pubkeys before RPC across the app with post-swap fetch delays
• Best Orders Optimization ([@smk762], fix(dex): surface best_orders failures; CTA to Maker; localized empty states #3328) - Avoid best_orders calls unless on DEX/bridge; fail gracefully and retry
• Activation Patience ([@smk762], Align coin activation state in fiat ramp page with portfolio view #3272) - Await initial activations and avoid duplicated activation tasks with proper parent/child coin sync

🐛 Bug Fixes

• Transaction History Cross-Asset Bleed ([@CharlVS], [fix] withdraw  #3289) - Isolated TransactionHistoryBloc per-coin to prevent history mixing
• Balance Update State Preservation ([@CharlVS], perf: eliminate RPC polling via event streaming, persistent caching, and deduplication (#3238) #3253) - Realtime balance updates now preserve coin activation state to avoid turning off the Send button
• Transaction Sorting ([@CharlVS], perf: eliminate RPC polling via event streaming, persistent caching, and deduplication (#3238) #3253) - Fixed transaction history list sorting logic
• Dropdown Null Safety ([@cursor Agent], fix(ui): close dropdown on window resize #3050) - Fixed null safety issues in UiDropdown widget, preventing app freeze on logout
• Legacy Wallet Migration ([@CharlVS], fix(auth,migration): sanitize legacy wallet name and preserve legacy flag during migration #3207) - Preserve legacy flag, sanitise wallet names, ensure uniqueness, and avoid duplicate imports during migration
• Wallet Coin Restoration ([@takenagain], fix(auth): restore wallet coins for legacy wallet migrations and seed file imports  #3126) - Restore wallet coins for legacy wallet migrations and seed file imports
• Password Length Validation ([@CharlVS], fix: increase password length to 128 chars #3141, fix(security): Consistent 128‑char password handling and hardened auth validation #3149) - Consistent 128-character password handling across all flows with hardened validation
• Custom Token Import ([@takenagain], fix(custom-token-import): check platform in deduplication and update fields #3129) - Check platform in deduplication and correctly update fields; refresh asset list on import
• Precision Loss in Wallet ([@CharlVS], fix(dex): resolve precision loss in wallet #3123) - Resolved DEX precision regression with comprehensive tests
• Withdraw Form Fixes ([@takenagain], fix(withdraw): add USD fiat values alongside amounts #3274) - Fixed fiat alignment, max value detection, and use signed hex from preview for broadcast
• ZHTLC Activation Toggle ([@smk762], revert toggle on zhtlc activation config cancel #3283) - Revert toggle on ZHTLC activation config cancel
• Coin Variant Sum ([@smk762], Fix coin group header balance in swap form dropdowns #3317) - Fixed coin variant sum display in dropdowns
• Decimals Precision ([@ca333], fix decimals handling #3297) - Added unit tests and fixed decimal handling with proper fiat amount input refactoring
• Trading Bot Improvements ([@takenagain], fix(trading-bot): remove price url parameter to default to KDF url list #3223, fix(dex): surface best_orders failures; CTA to Maker; localized empty states #3328) - Remove price URL parameter to default to KDF URL list; add guard against swap button spamming; use max_maker_vol for spendable balance
• Market Maker Dropdown ([@takenagain], fix(market-maker-bot): sell coin dropdown reverts to previous coin, with occasional flickering #3187) - Fixed sell coin dropdown reverting to previous coin with occasional flickering
• ARRR Reactivation ([@takenagain], fix(zcoin): ARRR not reappearing in coins list after deactivation and reactivation #3184) - Fixed ARRR not reappearing in coins list after deactivation and reactivation
• Pubkey Clearing ([@CharlVS], fix: trading address refresh bug and root cause #3144) - Clear pubkeys on wallet change or logout to prevent cross-wallet contamination
• Unban Pubkeys Null Check ([@smk762], fix(settings): prevent null-assert on Android by using disabled trailing button for unban_pubkeys #3276) - Avoid null check error on unban_pubkey button press
• Timer Leaks ([@ca333], Fix timer leak #3305) - Fixed timer leaks preventing proper cleanup
• SSE Lifecycle ([@ca333], fix sse #3313, rm sse package #3318) - Tie SSE to the auth state lifecycle and remove the SSE package for better stability
• iOS/macOS KDF Reinitialization ([@ca333], ios kdf health #3286) - Proper KDF health check and reinitialisation on iOS/macOS
• Withdrawal Form ([@ca333], fix withdraw #3288) - Fixed withdrawal regression
• KDF Disposal Crash ([@DeckerSU], fix: crash when KomodoDefiSdk is disposed during periodic fetch #3117) - Fixed crash when KomodoDefiSdk is disposed during periodic fetch
• Fiat On-Ramp CSP ([@takenagain], fix: mobile seed banner, text alignment, and input dismissal #3225) - Disable overly restrictive CSP with limited platform support; add Komodo and sandbox domains to allowlist
• NFT IPFS Loading ([@takenagain], fix(nft): add IPFS gateway resolution, retry, and fallback to improve NFT image loading #3020) - Add IPFS gateway resolution, retry, and fallback to improve NFT image loading
• macOS File Picker ([@CharlVS], fix(macos): show file picker by adding user-selected read-only entitlement #3111) - Show file picker by adding user-selected read-only entitlement
• Settings Version Isolation ([@smk762], sync main #3324) - Isolate version settings in shared_preferences.json for backwards compatibility
• Unconfirmed Transaction Detection ([@takenagain], fix(dex): surface best_orders failures; CTA to Maker; localized empty states #3328) - Only consider empty timestamps and confirmations as unconfirmed

🔒 Security & Compliance

• 128-Character Password Support ([@CharlVS], fix: increase password length to 128 chars #3141, fix(security): Consistent 128‑char password handling and hardened auth validation #3149) - Increased password length limit to 128 characters with consistent validation across all auth flows
• Pubkey Hygiene ([@CharlVS], fix: trading address refresh bug and root cause #3144, sync main #3251) - Purge cached pubkeys on wallet change, prefer cached pubkeys before RPC, and add post-swap delays
• Geo-blocking Bouncer ([@CharlVS], feat(geo): bouncer for privacy coin blocking #3150) - Privacy coin restrictions with FD monitoring and regulated build overrides
• Legacy Wallet Sanitisation ([@CharlVS], fix(auth,migration): sanitize legacy wallet name and preserve legacy flag during migration #3207) - Sanitise names, preserve flags, and prevent duplicate imports during legacy wallet migration

💻 Platform-Specific Changes

All Platforms

• Flutter 3.35.1 Upgrade ([@CharlVS], chore: upgrade Flutter to 3.35.1; roll SDK deps; improve roll script #3108) - Updated Flutter SDK with dependency roll and improved roll script
• SDK Submodule Integration ([@takenagain], build(sdk): add sdk as git submodule and update deps to path overrides #3110) - SDK adopted as a git submodule with path overrides and deterministic roll script

macOS

• Production Scheme & Signing ([@DeckerSU], chore(build): Add macOS production scheme and Developer ID Application signing support for standalone distribution #3185) - Added macOS production scheme and Developer ID Application signing support for standalone distribution
• Universal Binary Support (SDK, feat(tz): timezone for timestamp is now using current timezone of the… #237) - macOS universal binary (Intel + Apple Silicon) support
• Development Team Update ([@DeckerSU], Update Xcode Development Team ID to Official Release Team #3177, [@DeckerSU] SDK feat(mm2/a_qt): bump version #239) - Changed development team to production identifier (WDS9WYN969→8HPBYKKKQP)
• KDF Binary Placement (SDK, Fix wallet ticker icon being giant sometimes #247) - Streamlined KDF binary placement and updated signing flow

Linux

• GLib Compatibility ([@DeckerSU], linux: guard G_APPLICATION_DEFAULT_FLAGS behind GLib ≥ 2.74, fallba… #3105) - Guard G_APPLICATION_DEFAULT_FLAGS behind GLib ≥ 2.74 with fallback for older versions
• Single-Instance Enforcement ([@CharlVS], fix(windows, linux, macos): enforce single-instance; focus existing window; prevent zombie processes #3063) - Enforce single-instance; focus existing window; prevent zombie processes
• Build Script Validation ([@DeckerSU], add GitHub Actions workflow to validate Linux build script #3106) - Added GitHub Actions workflow to validate Linux build script

Windows

• Single-Instance Enforcement ([@CharlVS], fix(windows, linux, macos): enforce single-instance; focus existing window; prevent zombie processes #3063) - Prevent multiple instances and zombie processes

iOS

• FD Monitoring ([@ca333], FD monitoring #3259) - File descriptor monitoring for release mode
• Health Check Integration ([@ca333], sync main #3257) - Added KDF health check with reinitialization support
• Xcode Configuration ([@DeckerSU], sync main #3324) - Added FdMonitor.swift to Xcode project configuration and updated DEVELOPMENT_TEAM identifier
• Build Artifact Cleanup ([@DeckerSU], Remove .dgph build artifacts from iOS project #3058) - Removed .dgph build artifacts from iOS project
• Ruby Installation Guide ([@takenagain], docs(setup): add ruby installation step for ios and macos builds #3128) - Added Ruby installation step for iOS builds

Web

• WASM Support (SDK, feat(trade): add a more precise trade amount function #176) - Flutter Web WASM support with OPFS integration and unified storage implementation
• CDN Disable ([@DeckerSU], fix(build): add --no-web-resources-cdn to the web build in build.sh #3055) - Add --no-web-resources-cdn to web build in build.sh

Docker & DevOps

• DevContainer Modernization ([@CharlVS], build(devcontainer): switch to .docker images and Linux-only devcontainer #3114) - Switched to .docker images and Linux-only devcontainer
• Environment Variable Passing ([@DeckerSU], fix(build): correct env vars passing to Docker and Dart via --dart-define #3037) - Correct env vars passing to Docker and Dart via --dart-define
• Matomo Validation ([@DeckerSU], feat(build): add Matomo tracking params validation in build script #3165) - Added Matomo tracking params validation in build script
• CI Improvements ([@CharlVS], ci: fix missing secrets and remove duplicate steps in CI workflows #3167, fix ci #3336) - Fix missing secrets, remove duplicate steps; fix CI issues
• Artifact Naming ([@dragonhound], append short commit hash to upload-artifact filenames #3181) - Append short commit hash to upload-artifact filenames
• Submodule Updates ([@DeckerSU], ci(docker): clean submodules before update to fix build errors #3139) - Clean submodules before update to fix build errors

🔧 Technical Improvements

SDK Integration (komodo-defi-sdk v1.0.0-pre.1)

• RPC Coverage Expansion (SDK#179, #188, #191) - Implemented missing RPCs, including trading-related endpoints and Lightning support
• Message Signing (SDK#198, #231) - HD wallet support for message signing with derivation path; added AddressPath type and refactored to use Asset/PubkeyInfo
• Multi-Provider Market Data (SDK#145, #215) - Support for multiple market data providers with CoinPaprika fallback option
• Custom Token Integration (SDK#225, #190) - Custom token support in coin config manager; integrate komodo_coin_updates into komodo_coins
• Balance & Pubkey Streaming (SDK#178, #232, #262, #269) - Add pubkey watch function similar to balance watch; comprehensive caching and streaming support
• ETH-BASE Support (SDK#254) - Add support for ETH-BASE and derived assets
• Asset Tagging Fixes (SDK#244) - Correct UTXO coins incorrectly tagged as Smart Chain
• ZHTLC Fixes (SDK#227, #264) - ZHTLC activation fixes with optional sync params and sign-out cleanup
• Binance Quote Fixes (SDK#224) - Use per-coin supported quote currency list instead of global cache
• Market Metrics Logging (SDK#223) - Reduce market metrics log verbosity and duplication
• Etherscan URLs (SDK#217) - Fix Etherscan URL formatting
• Sparkline Configuration (SDK#248) - Add configurable sparkline baseline
• Dragon Charts Migration (SDK#164) - Migrate dragon_charts_flutter to monorepo packages
• Trezor Polling (SDK#126) - Poll Trezor connection status and sign out when disconnected
• KDF Version Updates (SDK#218, #237, #249, #241, #247) - Roll KDF to latest releases with checksum updates
• Runtime Fetch Libraries (SDK#280) - Use runtime fetch libraries with updated checksums

Analytics & Monitoring

• Persistent Event Queue ([@CharlVS], feat(analytics): multi-provider (Firebase+Matomo), queueing with persistence, standardized events #2932) - Analytics events persist across sessions with a standardised event structure
• CI Analytics Toggles ([@CharlVS], feat(analytics): multi-provider (Firebase+Matomo), queueing with persistence, standardized events #2932, feat(build): add Matomo tracking params validation in build script #3165) - Disable analytics in CI builds with Matomo validation
• NFT Analytics Integration ([@dragonhound], use AnalyticsRepo to enqueue NFT analytics events #3202) - Use AnalyticsRepo to enqueue NFT analytics events
• Updated Events ([@CharlVS], chore(analytics): update completed events and remove scroll attempt tracking #3194) - Update completed events and remove scroll attempt tracking
• Settings Logging ([@takenagain], sync main #3324) - Add logging and avoid silent skipping in settings

Developer Experience

• PR Body Template ([@CharlVS], fix(auth,migration): sanitize legacy wallet name and preserve legacy flag during migration #3207) - Add PR_BODY.md helper file for CLI editing
• SDK Submodule Management ([@takenagain], build(sdk): add sdk as git submodule and update deps to path overrides #3110) - Deterministic SDK roll script with path overrides
• API Commit Hash Display ([@DeckerSU], fix logging of apiCommitHash to output actual value instead of closure #3115) - Fix logging of apiCommitHash to output actual value instead of closure
• Dependency Documentation ([@takenagain], docs(setup): add ruby installation step for ios and macos builds #3128) - Ruby installation guide for iOS/macOS builds
• Optional Verbose Logging ([@ca333], Optional logging #3332, SDK Fix transactions list width error #278) - Configurable logging levels for debugging

Code Quality

• Null Safety Improvements ([@cursor Agent], fix(ui): close dropdown on window resize #3050) - Fixed null safety issues in UiDropdown widget
• Type Safety ([@ca333], various enhancements #3279, cast num int #3280) - Bound checking, non-nullable type tweaks, explicit enum mapping, defensive array access guards, cast num to int
• Error Propagation ([@smk762], fix(dex): surface best_orders failures; CTA to Maker; localized empty states #3328) - Propagate best_orders failures, avoid masking as no liquidity
• Unused Code Cleanup ([@takenagain], fix: mobile seed banner, text alignment, and input dismissal #3225) - Remove unused widgets and update enum docs
• Code Formatting ([@CharlVS], sync main #3251) - Run dart format on pubkey cache call-sites and taker delay
• Logging Improvements ([@takenagain], fix(dex): surface best_orders failures; CTA to Maker; localized empty states #3328) - Add logging for errors not propagated to UI layer

📚 Documentation

• SDK Changelog Cross-Linking ([@CharlVS], docs(changelog): link SDK PRs with short labels and mark SDK items #3172) - Link SDK PRs with short labels and mark SDK items in wallet changelog
• Ruby Installation Guide ([@takenagain], docs(setup): add ruby installation step for ios and macos builds #3128) - Added Ruby installation step for iOS and macOS builds
• SDK Documentation (SDK#201) - Document project and packages for pub.dev release

⚠️ Known Issues

• Full automated test suite remains triaged; manual QA recommended per docs/MANUAL_TESTING_DEBUGGING.md
• Some analytics events may require additional validation on specific platforms
• Large portfolios (>100 assets) may experience slower initial loading times during first activation

🙏 Contributors

This release includes contributions from 11 developers:

• @CharlVS
• @takenagain
• @ca333
• @smk762
• @DeckerSU
• @gcharang
• @TazzyMeister
• @naezith
• Cursor Agent (automated refactoring)

Full Changelog: 0.9.2...0.9.3

---

For developers building with Komodo DeFi SDK: This release includes komodo-defi-sdk v1.0.0-pre.1 with breaking changes related to streaming APIs and caching behaviour. Review the SDK changelog for migration guidance.

---

Note

Updates v0.9.3 changelog, adjusts CI for desktop builds (macOS bundle ID, disable codesigning on PRs), hardens web WASM validation, ignores generated KDF binaries, bumps SDK submodule, and fixes macOS app data path in tests.

• Docs:
  • Overhaul CHANGELOG.md for v0.9.3 with expanded features, fixes, and platform notes.
• CI/CD:
  • /.github/workflows/desktop-builds.yml: change macOS bundle-id to com.komodo.wallet; disable macOS code signing on PR builds via env flags.
  • .github/actions/validate-build/action.yml: replace fragile WASM file check with glob-based discovery and targeted directory listings; echo found files.
• Repo:
  • .gitignore: ignore web/kdf/kdf/bin/ generated binaries; keep dist/ ignored.
  • sdk: update submodule to 61a4170.
• Tests:
  • test_integration/runners/app_data.dart: update macOS app data container path to com.komodo.wallet.

^{Written by Cursor Bugbot for commit cefa1e6. This will update automatically on new commits. Configure here.}

Summary by CodeRabbit

• New Features

  • Compact trade-amount label component; four new English messages (no-swap, no-cross-network, NFT disabled tooltip, empty private-keys).
  • iOS photo-library permission prompt for QR imports.

• Bug Fixes

  • Avoids balance spinners and extraneous network calls when unauthenticated; more resilient order fetching with retries and graceful no-orders handling.

• Performance Enhancements

  • Reduced duplicate swap-coin processing and refined max-volume/balance flows.

• UI/UX Improvements

  • Empty-state CTAs navigate to maker orders; clearer minimum-volume/error messages; spinner shown while loading maker volume; NFT menu forcibly disabled with tooltip.

• Chores

  • Settings storage back-compat and legacy writes; build validation and ignore-list updates; macOS bundle identifier updated.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f439819 and ef2925e.

📒 Files selected for processing (2)

• ios/Runner/Info.plist (1 hunks)
• lib/services/file_loader/mobile/file_loader_native_ios.dart (4 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*.dart

📄 CodeRabbit inference engine (AGENTS.md)

**/*.dart: Run flutter analyze and resolve issues before committing code
Format Dart code with dart format (on changed files) before committing

Files:

• lib/services/file_loader/mobile/file_loader_native_ios.dart

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: Build Mobile (Android)
• GitHub Check: build_and_preview
• GitHub Check: Build Desktop (macos)
• GitHub Check: unit_tests
• GitHub Check: Build Desktop (linux)
• GitHub Check: Build Desktop (windows)
• GitHub Check: validate_code_guidelines
• GitHub Check: Test web-app-linux-profile
• GitHub Check: Test web-app-macos

🔇 Additional comments (2)

ios/Runner/Info.plist (1)

34-35: Photo library permission copy looks correct.

Clear justification for importing QR codes—good addition for App Store privacy review.

lib/services/file_loader/mobile/file_loader_native_ios.dart (1)

50-61: SharePlus migration and metadata look solid.

Nice move to the new SharePlus.instance.share API with explicit filenames, MIME types, and anchor rect—this should give a smoother iOS share sheet experience.

Also applies to: 77-88

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Guard the share origin cast to avoid runtime crashes.

context.findRenderObject() can return a RenderView (or other non-RenderBox) when the keyed context points at the navigator/root overlay. Casting it straight to RenderBox? will throw before the null-check, crashing the share flow on iOS tablets. Bail out when the render object isn’t a RenderBox before computing the rect.

-    final box = context.findRenderObject() as RenderBox?;
-    if (box == null) return null;
+    final renderObject = context.findRenderObject();
+    if (renderObject is! RenderBox) return null;
+    final box = renderObject as RenderBox;

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	Rect? _getSharePositionOrigin() {
	final context = scaffoldKey.currentContext;
	if (context == null) return null;
	final box = context.findRenderObject() as RenderBox?;
	if (box == null) return null;
	return box.localToGlobal(Offset.zero) & box.size;
	}
	Rect? _getSharePositionOrigin() {
	final context = scaffoldKey.currentContext;
	if (context == null) return null;
	final renderObject = context.findRenderObject();
	if (renderObject is! RenderBox) return null;
	final box = renderObject as RenderBox;
	return box.localToGlobal(Offset.zero) & box.size;
	}

🤖 Prompt for AI Agents

In lib/services/file_loader/mobile/file_loader_native_ios.dart around lines 15
to 23, the code currently casts context.findRenderObject() directly to RenderBox
which can throw if the render object is a RenderView or any non-RenderBox;
update the function to first capture the renderObject, check whether it is a
RenderBox (e.g. if (renderObject is! RenderBox) return null), then safely
cast/use it to compute the rect and return the share origin; ensure you do not
perform a direct as RenderBox cast before this type check so the function bails
out safely when the render object is not a RenderBox.

[smk762]

Multi-OS testing completed (including iOS build 23). Testing on https://walletrc.web.app/wallet is also passing, though a couple of commits behind on cf8bdfa.

v0.9.3 contains many valuable improvements wrt performance and UX which are sorely needed.
The only remaining issues are known problems with a solution on the way (most notably ios sleep issues), or otherwise deferable to v0.9.4 (e.g. minor cosmetic issues or UX enhancements which need more review or implementation)

Big thanks to all involved with the strategic planning, code contribution & testing, along with the community members sending us valuable & actionable feedback towards improving and enhancing the Komodo Wallet.