fix(trezor): improve trezor error handling

[takenagain]

Summary

• Sign out of hidden Trezor wallet if initialisation fails.
• Yield error states from Stream functions rather than throwing exceptions.
• Add task-based ETH RPCs for future Trezor activation.
• Filter assets based on PrivateKeyPolicy feat(asset-manager): asset filter strategy based on current wallet #107
• Updated the logging version in komodo_defi_framework to match the version used in build_transformer and local_auth: v1.3.0. No dependency changes.

Summary by CodeRabbit

• New Features

  • Added support for task-based activation of Ethereum and tokens, with detailed progress tracking and hardware wallet (Trezor) compatibility.
  • Introduced new activation strategies for Ethereum and tokens, improving activation flows and private key policy handling.

• Improvements

  • Enhanced error handling and progress reporting during activation processes.
  • Unified and externalized private key policy support across multiple blockchain activation strategies.
  • Updated dependencies for improved logging support.

• Bug Fixes

  • Fixed inconsistencies in token activation handling and serialization of private key policies.

• Documentation

  • Added and updated documentation for activation strategies and configuration parameters.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

This update introduces new Ethereum activation strategies, refactors Trezor authentication logic, and standardizes private key policy handling across activation strategies. It adds new classes and methods for ETH task-based activation, updates protocol strategy exports, removes legacy batch activation logic, and adjusts dependencies and documentation in multiple packages.

Changes

Files/Group	Change Summary
.../komodo_defi_framework/pubspec.yaml .../komodo_wallet_build_transformer/pubspec.yaml	Updated logging dependency version to ^1.3.0.
.../komodo_defi_local_auth/pubspec.yaml	Added logging dependency.
.../komodo_defi_local_auth/lib/src/trezor/trezor_auth_service.dart	Refactored Trezor authentication logic: centralized duplicated code, improved error handling, added helper methods, and updated method signatures.
.../komodo_defi_rpc_methods/lib/src/common_structures/activation/activation_params/tendermint_activation_params.dart	Made privKeyPolicy and other parameters nullable, unified handling, updated serialization, and adjusted constructors/factories.
.../komodo_defi_rpc_methods/lib/src/rpc_methods/eth/eth_rpc_extensions.dart	Added enableEthInit and taskEthStatus methods to Erc20MethodsNamespace.
.../komodo_defi_rpc_methods/lib/src/rpc_methods/eth/task_enable_eth_init.dart	Introduced new TaskEnableEthInit request class for ETH activation tasks.
.../komodo_defi_rpc_methods/lib/src/rpc_methods/rpc_methods.dart	Exported eth/task_enable_eth_init.dart.
.../komodo_defi_sdk/lib/src/activation/_activation.dart .../komodo_defi_sdk/lib/src/activation/_activation_index.dart	Replaced export of eth_with_tokens_batch_strategy.dart with exports for eth_task_activation_strategy.dart and eth_with_tokens_activation_strategy.dart.
.../komodo_defi_sdk/lib/src/activation/base_strategies/activation_strategy_factory.dart	Passed privKeyPolicy to more activation strategies, added documentation, and included new strategies.
.../komodo_defi_sdk/lib/src/activation/protocol_strategies/erc20_activation_strategy.dart	Updated constructor to accept privKeyPolicy, changed batch support, added canHandle, and refactored activation logic.
.../komodo_defi_sdk/lib/src/activation/protocol_strategies/eth_task_activation_strategy.dart	Added new EthTaskActivationStrategy class for task-based ETH activation (Trezor).
.../komodo_defi_sdk/lib/src/activation/protocol_strategies/eth_with_tokens_activation_strategy.dart	Added new EthWithTokensActivationStrategy class for ETH+tokens activation (non-Trezor).
.../komodo_defi_sdk/lib/src/activation/protocol_strategies/eth_with_tokens_batch_strategy.dart	Removed legacy EthWithTokensBatchStrategy class.
.../komodo_defi_sdk/lib/src/activation/protocol_strategies/tendermint_activation_strategy.dart	Constructor now accepts and stores privKeyPolicy, passes it to activation RPCs.
.../komodo_defi_sdk/lib/src/activation/protocol_strategies/zhtlc_activation_strategy.dart	Constructor now accepts privKeyPolicy, uses it in activation parameters.
.../komodo_defi_sdk/lib/src/activation/protocol_strategies/qtum_activation_strategy.dart .../komodo_defi_sdk/lib/src/activation/protocol_strategies/utxo_activation_strategy.dart	Added documentation comments for privKeyPolicy fields.

Sequence Diagram(s)

sequenceDiagram
    participant UI
    participant SDK
    participant RPC
    participant HW (Trezor)

    UI->>SDK: activate(Asset, [children])
    alt ETH platform asset with Trezor
        SDK->>RPC: erc20.enableEthInit (with params)
        SDK->>HW: Interact with Trezor device
        loop Polling task status
            SDK->>RPC: erc20.taskEthStatus(taskId)
            RPC-->>SDK: Task status/progress
        end
        SDK-->>UI: ActivationProgress (success/failure)
    else ETH platform asset (non-Trezor)
        SDK->>RPC: enableEthWithTokens (with params)
        SDK-->>UI: ActivationProgress (success)
    else ERC20 token
        SDK->>RPC: enableErc20 (with params)
        SDK-->>UI: ActivationProgress (success)
    end

Loading

Possibly related PRs

• KomodoPlatform/komodo-defi-sdk-flutter#97: Refactors Trezor authentication logic in TrezorAuthService; directly related to the same class and logic.
• KomodoPlatform/komodo-defi-sdk-flutter#77: Introduces Trezor support and task-based device initialization; directly related to Trezor authentication and RPC integration.
• KomodoPlatform/komodo-defi-sdk-flutter#81: Moves Trezor authentication logic into SDK, introduces streaming methods; modifies the same authentication flow.

Suggested labels

enhancement

Suggested reviewers

• CharlVS

Poem

🐇✨
New keys and tasks, a rabbit’s delight,
ETH and tokens now activate right.
Trezor’s flow is clean and neat,
Batch is gone, new strategies complete.
With policies set and errors caught,
This code hop brings what we sought!
— The CodeRabbit

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[takenagain]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (5)

packages/komodo_defi_framework/pubspec.yaml (1)

31-31: Good dependency bump, but consider tightening with a <2.0.0 upper bound.

logging is a stable core package yet still at major 1. Adding an upper bound (<2.0.0) protects against an eventual breaking 2.0 release that could land unexpectedly and break your CI.

-  logging: ^1.3.0
+  logging: '>=1.3.0 <2.0.0'

packages/komodo_wallet_build_transformer/pubspec.yaml (1)

16-16: Keep dependency ranges consistent with the other packages.

If you adopt the <2.0.0 upper-bound advice in komodo_defi_framework, mirror it here to keep constraint solving deterministic across all packages.

packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/utxo_activation_strategy.dart (1)

8-10: Doc comment added – 👍 but constructor param lacks matching comment.

Nice clarification on privKeyPolicy. For full IDE tooltip symmetry, consider documenting the constructor parameter as well:

-const UtxoActivationStrategy(super.client, this.privKeyPolicy);
+/// Creates a UTXO activation strategy with the given [client] and
+/// [privKeyPolicy] that dictates how private keys are handled, e.g. for
+/// external wallets such as Trezor.
+const UtxoActivationStrategy(super.client, this.privKeyPolicy);

packages/komodo_defi_rpc_methods/lib/src/rpc_methods/eth/eth_rpc_extensions.dart (1)

53-71: LGTM: Well-implemented task-based ETH RPC methods.

The new methods follow established patterns and correctly implement the task-based ETH activation flow. The implementation properly handles RPC password passing and uses appropriate request types.

Consider adding documentation comments for the new methods to match the existing code style:

+ /// Initiates an ETH enablement task for Trezor/hardware wallet support
  Future<NewTaskResponse> enableEthInit({
    required String ticker,
    required EthWithTokensActivationParams params,
  }) {
    // ... existing implementation
  }

+ /// Queries the status of an ETH enablement task
  Future<TaskStatusResponse> taskEthStatus(int taskId, [String? rpcPass]) {
    // ... existing implementation  
  }

packages/komodo_defi_rpc_methods/lib/src/rpc_methods/eth/task_enable_eth_init.dart (1)

11-14: Remove unnecessary ignore comment.

The // ignore: overridden_fields comment appears to be unnecessary as params is not overriding any field from the base class BaseRequest.

-  @override
-  // ignore: overridden_fields
   final EthWithTokensActivationParams params;

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5f7da9e and 08beaea.

📒 Files selected for processing (19)

• packages/komodo_defi_framework/pubspec.yaml (1 hunks)
• packages/komodo_defi_local_auth/lib/src/trezor/trezor_auth_service.dart (9 hunks)
• packages/komodo_defi_local_auth/pubspec.yaml (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/common_structures/activation/activation_params/tendermint_activation_params.dart (4 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/eth/eth_rpc_extensions.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/eth/task_enable_eth_init.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/rpc_methods.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/activation/_activation.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/activation/_activation_index.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/activation/base_strategies/activation_strategy_factory.dart (2 hunks)
• packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/erc20_activation_strategy.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/eth_task_activation_strategy.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/eth_with_tokens_activation_strategy.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/eth_with_tokens_batch_strategy.dart (0 hunks)
• packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/qtum_activation_strategy.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/tendermint_activation_strategy.dart (3 hunks)
• packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/utxo_activation_strategy.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/zhtlc_activation_strategy.dart (3 hunks)
• packages/komodo_wallet_build_transformer/pubspec.yaml (1 hunks)

💤 Files with no reviewable changes (1)

• packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/eth_with_tokens_batch_strategy.dart

🧰 Additional context used

🧠 Learnings (2)

packages/komodo_defi_rpc_methods/lib/src/rpc_methods/rpc_methods.dart (1)

Learnt from: takenagain
PR: KomodoPlatform/komodo-defi-sdk-flutter#70
File: packages/komodo_defi_rpc_methods/lib/src/rpc_methods/swaps/legacy/cancel_order.dart:8-9
Timestamp: 2025-06-02T12:44:56.953Z
Learning: Legacy RPC methods in the Komodo DeFi SDK (located in `/legacy/` subdirectories) intentionally use `mmrpc: null` in their constructors, unlike modern RPC methods that use `mmrpc: "2.0"`. This is by design and should not be changed to maintain backward compatibility.

packages/komodo_defi_rpc_methods/lib/src/common_structures/activation/activation_params/tendermint_activation_params.dart (1)

Learnt from: takenagain
PR: KomodoPlatform/komodo-defi-sdk-flutter#70
File: packages/komodo_defi_rpc_methods/lib/src/rpc_methods/swaps/legacy/cancel_order.dart:8-9
Timestamp: 2025-06-02T12:44:56.953Z
Learning: Legacy RPC methods in the Komodo DeFi SDK (located in `/legacy/` subdirectories) intentionally use `mmrpc: null` in their constructors, unlike modern RPC methods that use `mmrpc: "2.0"`. This is by design and should not be changed to maintain backward compatibility.

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: build_and_preview_playground_preview
• GitHub Check: build_and_preview_sdk_example_preview

🔇 Additional comments (30)

packages/komodo_defi_local_auth/pubspec.yaml (1)

30-30: Confirm workspace-wide alignment on logging ^1.3.0.

logging: ^1.3.0 is now declared here. Please double-check that every other package in the mono-repo (including the root Flutter app, if any) also pins logging to a compatible ^1.3.0 range. A stray ^1.2.x elsewhere will cause a version-solve failure.

A quick grep -R "logging:" or dart pub outdated in the root will surface mismatches.

packages/komodo_defi_rpc_methods/lib/src/rpc_methods/rpc_methods.dart (1)

20-20: Export target verified and included

• The file packages/komodo_defi_rpc_methods/lib/src/rpc_methods/eth/task_enable_eth_init.dart exists.
• It’s referenced in eth_rpc_extensions.dart and used via enableEthInit() in the SDK.
• Dart’s default pub behavior includes all files under lib/, so no additional pubspec changes are needed.

packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/qtum_activation_strategy.dart (1)

8-9: LGTM: Good documentation improvement.

The added documentation clearly explains the purpose of the privKeyPolicy field and its relevance for external wallet support.

packages/komodo_defi_sdk/lib/src/activation/_activation.dart (1)

14-15: Batch strategy removal verified

No references to EthWithTokensBatchStrategy or eth_with_tokens_batch_strategy remain in the codebase. The export changes in _activation.dart can be approved.

• packages/komodo_defi_sdk/lib/src/activation/_activation.dart (lines 14–15) [exports updated]
• Ran rg -i "eth_with_tokens_batch_strategy|EthWithTokensBatchStrategy" --type dart → no matches found

packages/komodo_defi_sdk/lib/src/activation/_activation_index.dart (1)

14-15: LGTM: Consistent export changes.

The export changes match those in _activation.dart, maintaining consistency across the generated index files.

packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/zhtlc_activation_strategy.dart (3)

9-11: LGTM: Consistent privKeyPolicy integration.

The constructor and field addition follow the established pattern for private key policy support across activation strategies.

---

45-52: LGTM: Proper parameter integration.

The privKeyPolicy is correctly integrated into the activation parameters using genericCopyWith, maintaining consistency with the existing parameter handling pattern.

---

71-71: LGTM: Improved code formatting.

The formatting improvement makes the TaskEnableZhtlcInit call more readable.

packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/tendermint_activation_strategy.dart (1)

6-8: LGTM! Proper integration of privKeyPolicy parameter.

The changes correctly implement the private key policy support:

• Constructor properly accepts and stores the parameter
• Policy is correctly passed to both platform activation (line 77) and token activation (line 92)
• Consistent with the pattern across other activation strategies

Also applies to: 69-78, 92-92

packages/komodo_defi_rpc_methods/lib/src/rpc_methods/eth/task_enable_eth_init.dart (1)

1-32: Well-structured RPC request implementation.

The TaskEnableEthInit class is properly implemented:

• Extends BaseRequest with correct response types
• Proper JSON serialization in toJson method
• Correct error handling in parseResponse
• Follows established RPC request patterns

packages/komodo_defi_sdk/lib/src/activation/base_strategies/activation_strategy_factory.dart (1)

7-32: Excellent factory refactoring with comprehensive documentation.

The changes properly integrate privKeyPolicy across all activation strategies:

• Clear documentation explaining the purpose and parameters
• Consistent parameter passing to all strategies
• Proper integration of new ETH-related strategies
• Maintains clean factory pattern

packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/eth_with_tokens_activation_strategy.dart (1)

1-139: Well-designed activation strategy with comprehensive protocol support.

The EthWithTokensActivationStrategy implementation is excellent:

• Properly excludes Trezor policy (handled by EthTaskActivationStrategy)
• Supports extensive list of EVM-compatible protocols
• Clear progress reporting with detailed step information
• Robust error handling with stack traces
• Proper batch activation support for platform assets with tokens

packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/erc20_activation_strategy.dart (2)

35-41: Good separation of concerns between token and platform activation.

The canHandle method correctly:

• Restricts to token assets only (with parent ID)
• Excludes Trezor policy (handled by EthTaskActivationStrategy)
• Properly throws error if batch activation is attempted

This creates a clear separation where:

• Erc20ActivationStrategy: Handles individual token activation (non-Trezor)
• EthWithTokensActivationStrategy: Handles platform with batch token activation (non-Trezor)
• EthTaskActivationStrategy: Handles Trezor-specific activation

Also applies to: 48-50

---

31-32: No impact from disabling ERC20 batch activation
We searched the codebase for any references to supportsBatchActivation or ERC20 batch flows—including tests—and found none outside of this strategy implementation. Disabling batch activation for ERC20 is safe and won’t break existing functionality.

packages/komodo_defi_rpc_methods/lib/src/common_structures/activation/activation_params/tendermint_activation_params.dart (4)

11-13: LGTM! Good refactoring of parameter handling.

The changes to pass these parameters to the super constructor improve consistency and reduce code duplication.

---

16-19: Well-structured factory method enhancement.

The optional privKeyPolicy parameter with proper fallback logic enables flexible initialization while maintaining backward compatibility.

Also applies to: 38-38

---

83-86: Consistent private key policy serialization.

The serialization correctly converts the policy to PascalCase format with a sensible default value.

---

92-117: Consistent implementation across both activation parameter classes.

The changes to TendermintTokenActivationParams correctly mirror the pattern established in the parent class, ensuring uniform private key policy handling.

packages/komodo_defi_sdk/lib/src/activation/protocol_strategies/eth_task_activation_strategy.dart (5)

5-39: Well-designed strategy class for Trezor Ethereum activation.

The class structure is clean with appropriate protocol support and clear constraints for Trezor-only handling.

---

41-70: Comprehensive initialization with detailed progress tracking.

The activation method provides excellent user feedback with structured progress details and appropriate validation steps.

---

71-144: Robust task-based activation with appropriate polling.

The implementation correctly handles the asynchronous nature of Trezor activation with proper status checking and user feedback. The 500ms polling interval is reasonable for hardware wallet operations.

---

145-159: Excellent error handling with detailed diagnostics.

The error handling captures full context including stack traces, which will be valuable for debugging hardware wallet issues.

---

161-214: Comprehensive status mapping for user feedback.

The _parseEthStatus method provides detailed, user-friendly status messages with appropriate progress indicators. The default case ensures graceful handling of unexpected statuses.

packages/komodo_defi_local_auth/lib/src/trezor/trezor_auth_service.dart (7)

7-7: Good addition of logging capability.

Adding the logger will help with debugging Trezor authentication issues.

Also applies to: 23-23

---

39-61: Excellent refactoring to eliminate code duplication.

Both stream methods now share common logic through _authenticateTrezorStream, improving maintainability while preserving error handling with automatic sign-out.

---

119-139: Clean refactoring of synchronous authentication methods.

The signIn method now delegates to the common helper while maintaining proper error handling and sign-out on failure.

---

147-167: Consistent implementation for registration.

The register method mirrors the signIn implementation, ensuring consistent behavior across authentication methods.

---

215-243: Smart refactoring of authentication logic.

The method now internally determines whether to register or sign in based on existing user presence, reducing complexity and potential for misuse.

---

278-309: Well-structured stream-based authentication helper.

The method properly handles all authentication states and ensures cleanup on errors or cancellation.

---

320-369: Comprehensive passphrase-based authentication implementation.

The method correctly handles passphrase provision, ignores PIN prompts (as documented), and ensures proper cleanup on all error paths. The detailed documentation is particularly helpful.

[github-actions]

Visit the preview URL for this PR (updated for commit 6b10720):

https://komodo-defi-sdk--pr110-fix-trezor-auth-exce-gpe6431p.web.app

_{(expires Tue, 08 Jul 2025 21:35:31 GMT)}

_{🔥 via Firebase Hosting GitHub Action 🌎}

_{Sign: 7f9f5ac39928f333b6e8fcefb7138575e24ed347}

[CharlVS]