feat(sdk): add trezor support via RPC and SDK wrappers

[takenagain]

Changes:

• Add new task-based task::get_new_address RPCs
• Add Trezor init RPC task::init_trezor::init
• Add Trezor login button to the SDK example with new AuthBloc. Preview link (below): https://komodo-defi-sdk--pr77-feat-trezor-support-wp8z6xhx.web.app/
• Add stream-based signInStream and registerStream functions to KomodoDefiAuth with a new Authentication state/status class.
  • Alternative (breaking): modify the existing functions to return Stream
• Add input methods for passphrase and pin to KomodoDefiAuth
  • Alternative 1: Ask the user for passphrase before starting Trezor sign-in and pass it through the existing wallet password field.
  • Alternative 2: SDK consumers use device-specific managers (e.g. sdk.trezor.sendPassphrase).

NOTE: ScanPolicy.scan always used for Trezor in 455d5db to ensure that funded addresses appear on first activation. This is a workaround for the issue of having to manually add addresses to "scan" for existing, funded wallets. This increases the activation time.

Known issues:

• Address generation fails for segwit coins. Unrecognised derivation path warning on Trezor Safe 3 followed by address mismatch error after proceeding.
• Error message is not clear when Trezor device is in use by another application (empty auth error thrown)

Summary by CodeRabbit

• New Features

  • Introduced comprehensive Trezor hardware wallet support: device initialization, PIN/passphrase input, cancellation, and task-based RPC methods.
  • Added Trezor manager and detailed initialization state tracking with streaming updates.
  • Integrated authentication state management using Flutter Bloc, including Trezor-specific authentication flows.
  • Added new authentication screens, events, states, and mixins supporting both software and hardware wallets.
  • Added HD wallet RPC methods and task management for address generation and account balance.

• Improvements

  • Refactored HD wallet strategies to distinguish between Trezor and context private key policies.
  • Simplified mnemonic validation and seed dialog flows.
  • Enhanced debug logging for JavaScript responses.
  • Dynamically set scan policy based on private key policy in UTXO protocol.

• Bug Fixes

  • Improved error handling in authentication and hardware wallet interactions.

• Chores

  • Updated dependencies and build configurations for code generation and serialization.
  • Added internal and public exports for new Trezor modules and RPC namespaces.
  • Registered Trezor manager singleton in SDK bootstrap.
  • Cleaned up deprecated HD wallet RPC methods and replaced with new implementations.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

This update introduces comprehensive support for Trezor hardware wallet integration within the Komodo DeFi SDK and example application. It adds new managers, state management, RPC interfaces, and UI flows for Trezor device initialization and authentication. The authentication system is refactored to use the Bloc pattern, and pubkey strategy selection is updated to consider user-specific key policies.

Changes

File(s) / Path(s)	Change Summary
.../app_build/build_config.json	Updated bundled coins repo commit hash.
.../kdf_operations_wasm.dart	Improved debug logging for JS responses in Dart-JS interop.
.../models/models.dart	Added export for task_response_details.dart.
.../models/task_response_details.dart	Added generic ResponseDetails class for task status responses.
.../rpc_methods/hd_wallet/account_balance.dart	Removed ResponseDetails class from this file.
.../rpc_methods/hd_wallet/get_new_address_task.dart	Added classes for new address task RPC requests/responses and status handling.
.../rpc_methods/hd_wallet/hd_wallet_methods.dart	Added HdWalletMethods class with async RPC wrappers for HD wallet operations.
.../rpc_methods/rpc_methods.dart	Exported new HD wallet and Trezor RPC method modules.
.../rpc_methods/trezor/trezor_rpc_namespace.dart	Added Trezor RPC namespace, request/response/data classes, and user action handling.
.../rpc_methods_library.dart	Removed HdWalletMethods class/getter; added trezor getter for Trezor RPC methods.
.../strategies/pubkey/hd_multi_address_strategy.dart	Refactored HDWalletStrategy into HDWalletMixin and added ContextPrivKeyHDWalletStrategy and TrezorHDWalletStrategy with task-based address generation.
.../strategies/pubkey/single_address_strategy.dart	Updated comment to reference new HD wallet strategy classes.
.../pubspec.yaml (rpc_methods)	Added codegen and serialization dependencies (freezed_annotation, json_annotation, etc.).
.../build.yaml (defi_sdk)	Added build config to exclude example directory from build.
.../example/lib/blocs/auth/auth_bloc.dart	Added AuthBloc for authentication state/event management using Bloc pattern.
.../example/lib/blocs/auth/auth_event.dart	Added authentication event classes for Bloc.
.../example/lib/blocs/auth/auth_state.dart	Added authentication state classes/enums for Bloc, including Trezor-specific states.
.../example/lib/blocs/auth/trezor_auth_event.dart	Added Trezor hardware wallet authentication event classes.
.../example/lib/blocs/auth/trezor_auth_mixin.dart	Added mixin for Trezor authentication logic and event handling in Bloc.
.../example/lib/blocs/blocs.dart	Exported auth_bloc.dart from barrel file.
.../example/lib/main.dart	Refactored to use BlocProvider/BlocListener for authentication state, removing manual user state handling.
.../example/lib/screens/auth_screen.dart	Refactored to use Bloc for authentication, removing direct user state/registration logic.
.../example/lib/widgets/auth/seed_dialog.dart	Simplified dialog, removed SDK dependencies and parameters, basic mnemonic validation.
.../example/lib/widgets/instance_manager/instance_view.dart	Refactored to use Bloc for authentication, added Trezor support, updated UI flows and event handling.
.../example/pubspec.yaml	Added equatable dependency.
.../index_generator.yaml	Added index generation config for internal Trezor library.
.../lib/komodo_defi_sdk.dart	Exported trezor_initialization_state.dart for public API.
.../lib/src/_internal_exports.dart	Exported internal Trezor index module.
.../lib/src/bootstrap.dart	Registered TrezorManager as async singleton in DI container.
.../lib/src/komodo_defi_sdk.dart	Added trezor getter and disposal logic for TrezorManager.
.../lib/src/pubkeys/pubkey_manager.dart	Changed pubkey strategy resolution to use KdfUser object instead of isHd boolean.
.../lib/src/trezor/_trezor_index.dart	Added internal/private Trezor index library exporting initialization state and manager.
.../lib/src/trezor/trezor_initialization_state.dart	Added Trezor initialization state/enums and factory constructors for interpreting device status.
.../lib/src/trezor/trezor_manager.dart	Added TrezorManager class for device initialization, user input, status streaming, and cleanup.
.../lib/src/public_key/pubkey_strategy.dart	Updated pubkey strategy factory to use KdfUser and select strategy based on private key policy (Trezor/context).

Sequence Diagram(s)

Trezor Device Initialization Flow

sequenceDiagram
    participant UI
    participant AuthBloc
    participant TrezorManager
    participant ApiClient

    UI->>AuthBloc: Dispatch AuthTrezorInitAndAuth event
    AuthBloc->>TrezorManager: initializeDevice()
    TrezorManager->>ApiClient: Start Trezor init task (RPC)
    ApiClient-->>TrezorManager: New taskId
    loop Polling
        TrezorManager->>ApiClient: Get Trezor status (taskId)
        ApiClient-->>TrezorManager: Status response (in progress, user action, completed, error)
        TrezorManager-->>AuthBloc: Stream TrezorInitializationState
        AuthBloc-->>UI: Emit AuthState (e.g., pinRequired, passphraseRequired, ready)
        alt User action required
            UI->>AuthBloc: Dispatch AuthTrezorProvidePin/Passphrase event
            AuthBloc->>TrezorManager: providePin/providePassphrase(taskId, input)
            TrezorManager->>ApiClient: Send PIN/Passphrase (RPC)
        end
        alt Cancel requested
            UI->>AuthBloc: Dispatch AuthTrezorCancel event
            AuthBloc->>TrezorManager: cancelInitialization(taskId)
            TrezorManager->>ApiClient: Cancel task (RPC)
            TrezorManager-->>AuthBloc: Stream cancelled state
        end
    end

Loading

Pubkey Strategy Selection

sequenceDiagram
    participant PubkeyManager
    participant Asset
    participant KdfUser

    PubkeyManager->>KdfUser: Get current user
    PubkeyManager->>Asset: asset.pubkeyStrategy(kdfUser)
    Asset->>PubkeyStrategyFactory: createStrategy(protocol, kdfUser)
    alt kdfUser.walletId.authOptions.privKeyPolicy == trezor
        PubkeyStrategyFactory-->>Asset: TrezorHDWalletStrategy(kdfUser)
    else kdfUser.walletId.authOptions.privKeyPolicy == contextPrivKey
        PubkeyStrategyFactory-->>Asset: ContextPrivKeyHDWalletStrategy(kdfUser)
    end

Loading

Suggested reviewers

• CharlVS

Poem

In the warren of code, a new path appears,
Trezor hops in, dispelling old fears.
Bloc bunnies manage auth, swift and neat,
While strategies choose keys for every feat.
Hardware and software, side by side,
In this DeFi meadow, let your wallet hop with pride!
🐇🔑💡

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Visit the preview URL for this PR (updated for commit db797af):

https://komodo-defi-sdk--pr77-feat-trezor-support-wp8z6xhx.web.app

_{(expires Fri, 20 Jun 2025 00:28:13 GMT)}

_{🔥 via Firebase Hosting GitHub Action 🌎}

_{Sign: 7f9f5ac39928f333b6e8fcefb7138575e24ed347}

[takenagain]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 23

🔭 Outside diff range comments (2)

packages/komodo_defi_sdk/lib/komodo_defi_sdk.dart (1)

6-6: ⚠️ Potential issue

Fix invalid library directive
The statement library; is syntactically incorrect. Either remove the directive or specify a valid name (e.g., library komodo_defi_sdk;).

packages/komodo_defi_rpc_methods/lib/src/rpc_methods_library.dart (1)

26-26: 💡 Verification agent

🧩 Analysis chain

Potential breaking change: HdWalletMethods getter removed.

The removal of the hdWallet getter from KomodoDefiRpcMethods could break existing code that depends on this API.

Please verify that:

1. A replacement for the removed hdWallet getter exists and is properly exported
2. All existing code using rpcMethods.hdWallet has been updated

---

🏁 Script executed:

#!/bin/bash
# Description: Check for usage of the removed hdWallet getter and verify replacement exists
# Expected: Find usages that need updating and confirm new implementation exists

echo "Searching for usage of hdWallet getter..."
rg -A 2 "\.hdWallet\." --type dart

echo -e "\nSearching for new HdWalletMethods class definition..."
rg "class HdWalletMethods" --type dart

echo -e "\nSearching for HdWalletMethods exports..."
rg "export.*HdWalletMethods" --type dart

Length of output: 3332

---

Restore or re-export HdWalletMethods to prevent breaking changes

The hdWallet getter was removed from KomodoDefiRpcMethods, but existing code still calls client.rpc.hdWallet…, and although HdWalletMethods is defined, it isn’t exported. This will break downstream code.

• In packages/komodo_defi_rpc_methods/lib/src/rpc_methods_library.dart (around line 26), the hdWallet getter was removed.
• Usage remains in:

• packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/hd_multi_address_strategy.dart
• packages/komodo_defi_rpc_methods/lib/src/strategies/balance/hd_wallet_balance_strategy.dart
  • class HdWalletMethods exists in lib/src/rpc_methods/hd_wallet/hd_wallet_methods.dart but is never exported.

Suggested fix—either re-add the getter or export the namespace so calls to client.rpc.hdWallet resolve:

--- a/packages/komodo_defi_rpc_methods/lib/src/rpc_methods_library.dart
+++ b/packages/komodo_defi_rpc_methods/lib/src/rpc_methods_library.dart
@@ -23,6 +23,7 @@
   TrezorMethodsNamespace get trezor => TrezorMethodsNamespace(_client);
 
+  HdWalletMethods get hdWallet => HdWalletMethods(_client);
 }

🧹 Nitpick comments (13)

packages/komodo_defi_sdk/build.yaml (1)

5-5: Add newline at end of file
YAML lint reports require a trailing newline (new-line-at-end-of-file).

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 5-5: no new line character at the end of file

(new-line-at-end-of-file)

packages/komodo_defi_sdk/lib/komodo_defi_sdk.dart (1)

25-25: Reorder new export for consistency
Place the trezor_initialization_state.dart export in alphabetical order or group it with related SDK initializations to maintain a logical export sequence.

packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_event.dart (1)

18-29: Consider consolidating similar event classes.

AuthTrezorRegister and AuthTrezorSignIn have identical structures. Consider using a single event class with an isRegister flag to reduce code duplication.

-/// Event to authenticate with Trezor device
-class AuthTrezorSignIn extends AuthEvent {
-  const AuthTrezorSignIn({
-    required this.walletName,
-    required this.derivationMethod,
-  });
-
-  final String walletName;
-  final DerivationMethod derivationMethod;
-
-  @override
-  List<Object?> get props => [walletName, derivationMethod];
-}
-
-/// Event to register a new Trezor wallet
-class AuthTrezorRegister extends AuthEvent {
-  const AuthTrezorRegister({
-    required this.walletName,
-    required this.derivationMethod,
-  });
-
-  final String walletName;
-  final DerivationMethod derivationMethod;
-
-  @override
-  List<Object?> get props => [walletName, derivationMethod];
-}
+/// Event to authenticate or register with Trezor device
+class AuthTrezorSignInOrRegister extends AuthEvent {
+  const AuthTrezorSignInOrRegister({
+    required this.walletName,
+    required this.derivationMethod,
+    required this.isRegister,
+  });
+
+  final String walletName;
+  final DerivationMethod derivationMethod;
+  final bool isRegister;
+
+  @override
+  List<Object?> get props => [walletName, derivationMethod, isRegister];
+}

packages/komodo_defi_types/lib/src/public_key/pubkey_strategy.dart (1)

25-50: Consider adding a default case for future-proofing.

The refactoring to use KdfUser improves the design. However, the switch statement should handle unexpected PrivateKeyPolicy values defensively.

       switch (privKeyPolicy) {
         case PrivateKeyPolicy.trezor:
           return TrezorHDWalletStrategy(kdfUser: kdfUser);
         case PrivateKeyPolicy.contextPrivKey:
           return ContextPrivKeyHDWalletStrategy(kdfUser: kdfUser);
+        default:
+          throw UnsupportedProtocolException(
+            'Unsupported private key policy: $privKeyPolicy',
+          );
       }

packages/komodo_defi_sdk/example/lib/widgets/auth/seed_dialog.dart (1)

56-69: Consider more robust mnemonic validation

While the simplified validation aligns with the bloc architecture refactoring, checking only word count might allow invalid seed phrases to pass through.

Consider adding basic word validation or documenting that comprehensive validation happens in the AuthBloc:

-    // Basic validation for plaintext mnemonic
+    // Basic validation for plaintext mnemonic
+    // Note: Comprehensive BIP39 validation is performed in AuthBloc
     final words = mnemonicController.text.trim().split(' ');
     if (words.length != 12 && words.length != 24) {

packages/komodo_defi_sdk/lib/src/trezor/trezor_manager.dart (1)

64-143: Add timeout mechanism to prevent indefinite polling

The polling loop could run indefinitely if the device never reaches a terminal state.

Consider adding a timeout:

   Stream<TrezorInitializationState> initializeDevice({
     String? devicePubkey,
     Duration pollingInterval = const Duration(seconds: 1),
+    Duration timeout = const Duration(minutes: 5),
   }) async* {
     int? taskId;
     StreamController<TrezorInitializationState>? controller;
+    final startTime = DateTime.now();

     try {
       // ... existing code ...

       Future<void> pollStatus() async {
         if (isComplete || taskId == null) return;
+        
+        // Check timeout
+        if (DateTime.now().difference(startTime) > timeout) {
+          throw TrezorException('Initialization timeout', 'Operation took longer than $timeout');
+        }

packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/hd_multi_address_strategy.dart (1)

16-20: Address the TODO comment for protocol support.

The protocolSupported method currently returns true for all protocols, which may not be accurate. The commented logic suggests UTXO and SLP protocols should be supported.

Would you like me to open an issue to track implementing proper protocol validation for HD wallets?

packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_mixin.dart (1)

56-183: Consider adding transaction safety for wallet operations.

The method performs multiple async operations (sign out, register/sign in) that could leave the system in an inconsistent state if interrupted. Consider implementing a rollback mechanism or state validation.

Would you like assistance implementing a more robust state management approach that ensures atomicity of the Trezor initialization process?

packages/komodo_defi_sdk/example/lib/blocs/auth/auth_state.dart (1)

44-64: Consider adding error case documentation

The factory constructor handles all the Trezor initialization states correctly, but the error and cancelled cases both return TrezorAuthStatus.none. Consider adding a comment explaining why these states map to none rather than having separate error/cancelled states in TrezorAuthStatus.

      case TrezorInitializationStatus.error:
      case TrezorInitializationStatus.cancelled:
+       // Error and cancelled states are handled at the AuthStatus level
+       // rather than maintaining separate Trezor-specific error states
        return TrezorAuthStatus.none;

packages/komodo_defi_sdk/lib/src/trezor/trezor_initialization_state.dart (1)

108-109: Improve case-insensitive string comparison

The current implementation creates a lowercase copy of the description string on each check. Consider creating it once for better performance.

    final descriptionLower = description.toLowerCase();

+   // Check for device connection status
    if (descriptionLower.contains('waiting') &&
        descriptionLower.contains('connect')) {

packages/komodo_defi_sdk/example/lib/widgets/instance_manager/instance_view.dart (2)

337-349: Consider using a more persistent notification for device confirmation

A SnackBar with 3-second duration might disappear too quickly while the user is interacting with their Trezor device. Consider using a persistent notification or dialog.

        } else if (state.isTrezorAwaitingConfirmation) {
-          // Show a non-blocking message
-          ScaffoldMessenger.of(context).showSnackBar(
-            SnackBar(
-              content: Text(
-                state.trezorMessage ?? 'Please confirm on your Trezor device',
-              ),
-              duration: const Duration(seconds: 3),
-            ),
-          );
+          // Show a persistent message until state changes
+          ScaffoldMessenger.of(context).showSnackBar(
+            SnackBar(
+              content: Row(
+                children: [
+                  const CircularProgressIndicator(strokeWidth: 2),
+                  const SizedBox(width: 12),
+                  Expanded(
+                    child: Text(
+                      state.trezorMessage ?? 'Please confirm on your Trezor device',
+                    ),
+                  ),
+                ],
+              ),
+              duration: const Duration(days: 1), // Effectively persistent
+            ),
+          );
        }

---

598-612: Improve Trezor button state management

The Trezor button shows a loading indicator but doesn't clearly indicate when it's processing. Consider improving the visual feedback.

              FilledButton.icon(
-                onPressed: _isTrezorInitializing ? null : _initializeTrezor,
+                onPressed: _isTrezorInitializing || isLoading ? null : _initializeTrezor,
                icon:
                    _isTrezorInitializing
                        ? const SizedBox(
                          width: 16,
                          height: 16,
                          child: CircularProgressIndicator(strokeWidth: 2),
                        )
                        : const Icon(Icons.security),
                label: Text(
                  _isTrezorInitializing ? 'Initializing...' : 'Use Trezor',
                ),
              ),

packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/hd_wallet_methods.dart (1)

1-3: Address the TODO comment to improve API consistency.

The TODO comment highlights an important design inconsistency where some RPC methods accept individual parameters while others should use request class objects. This inconsistency can lead to maintenance issues and confusion for developers using the API.

Would you like me to help create a plan to refactor these methods to use a consistent parameter pattern?

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f63bebb and c3b5cc6.

⛔ Files ignored due to path filters (1)

• packages/komodo_defi_sdk/example/pubspec.lock is excluded by !**/*.lock

📒 Files selected for processing (35)

• packages/komodo_defi_framework/app_build/build_config.json (1 hunks)
• packages/komodo_defi_framework/lib/src/operations/kdf_operations_wasm.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/models/models.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/models/task_response_details.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/account_balance.dart (0 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/get_new_address_task.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/hd_wallet_methods.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/rpc_methods.dart (2 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/trezor/trezor_rpc_namespace.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods_library.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/hd_multi_address_strategy.dart (4 hunks)
• packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/single_address_strategy.dart (1 hunks)
• packages/komodo_defi_rpc_methods/pubspec.yaml (1 hunks)
• packages/komodo_defi_sdk/build.yaml (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/auth_bloc.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/auth_event.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/auth_state.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_event.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_mixin.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/blocs.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/main.dart (2 hunks)
• packages/komodo_defi_sdk/example/lib/screens/auth_screen.dart (3 hunks)
• packages/komodo_defi_sdk/example/lib/widgets/auth/seed_dialog.dart (4 hunks)
• packages/komodo_defi_sdk/example/lib/widgets/instance_manager/instance_view.dart (6 hunks)
• packages/komodo_defi_sdk/example/pubspec.yaml (1 hunks)
• packages/komodo_defi_sdk/index_generator.yaml (1 hunks)
• packages/komodo_defi_sdk/lib/komodo_defi_sdk.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/_internal_exports.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/bootstrap.dart (2 hunks)
• packages/komodo_defi_sdk/lib/src/komodo_defi_sdk.dart (3 hunks)
• packages/komodo_defi_sdk/lib/src/pubkeys/pubkey_manager.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/trezor/_trezor_index.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/trezor/trezor_initialization_state.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/trezor/trezor_manager.dart (1 hunks)
• packages/komodo_defi_types/lib/src/public_key/pubkey_strategy.dart (2 hunks)

💤 Files with no reviewable changes (1)

• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/account_balance.dart

🧰 Additional context used

🪛 YAMLlint (1.37.1)

packages/komodo_defi_sdk/build.yaml

[error] 5-5: no new line character at the end of file

(new-line-at-end-of-file)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: setup

🔇 Additional comments (45)

packages/komodo_defi_sdk/example/pubspec.yaml (1)

11-11: Dependency added for Bloc state equality
Adding equatable: ^2.0.7 to dependencies aligns with the new Bloc-based auth events and states that extend Equatable.

packages/komodo_defi_sdk/build.yaml (1)

1-5: Exclude example directory from SDK build
The example/** exclusion ensures Flutter-specific example code isn’t included in the core SDK build.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 5-5: no new line character at the end of file

(new-line-at-end-of-file)

packages/komodo_defi_framework/app_build/build_config.json (1)

66-66: Confirm updated bundled coins commit hash
The bundled_coins_repo_commit was bumped to b85229291413f9f9e26ad5b6db2da7f7bfb56ac5. Please verify this hash exists in the coins repo and includes the intended updates.

packages/komodo_defi_sdk/example/lib/blocs/blocs.dart (1)

1-1: Export AuthBloc in barrel file
Exposing auth_bloc.dart allows the example app to import and instantiate the new AuthBloc.

packages/komodo_defi_rpc_methods/lib/src/models/models.dart (1)

13-13: LGTM: Good consolidation of response handling.

Adding the task_response_details.dart export centralizes the ResponseDetails class, eliminating duplication and providing consistent response handling across RPC methods.

packages/komodo_defi_rpc_methods/pubspec.yaml (2)

14-15: LGTM: Standard dependencies for code generation.

The addition of freezed_annotation and json_annotation provides the necessary annotations for the new data model classes mentioned in the AI summary.

---

22-25: LGTM: Appropriate dev dependencies for code generation.

Adding build_runner, freezed, and json_serializable as dev dependencies enables code generation for immutable data classes and JSON serialization, which aligns with the new RPC methods and response classes being introduced.

packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/single_address_strategy.dart (1)

31-33: LGTM: Updated comment reflects current architecture.

The comment accurately reflects the replacement of the generic HDWalletStrategy with the more specific ContextPrivKeyHDWalletStrategy and TrezorHDWalletStrategy, improving clarity for developers.

packages/komodo_defi_sdk/lib/src/_internal_exports.dart (1)

9-9: LGTM: Consistent integration of Trezor module.

The export follows the established pattern used by other modules and properly integrates the new Trezor functionality into the SDK's internal exports.

packages/komodo_defi_sdk/lib/src/bootstrap.dart (2)

14-14: LGTM: Proper import for new dependency.

The import for TrezorManager is correctly added to support the new singleton registration.

---

201-204:

Details

✅ Verification successful

LGTM: Proper dependency injection setup.

The TrezorManager registration follows the established pattern with appropriate dependency on ApiClient. Ensure that TrezorManager disposal is handled properly in the main SDK class when the SDK is disposed.

---

🏁 Script executed:

#!/bin/bash
# Description: Verify TrezorManager disposal is handled in the main SDK class
# Expected: Find dispose method that properly cleans up TrezorManager

# Search for TrezorManager disposal in SDK classes
rg -A 10 -B 5 "dispose.*trezor|trezor.*dispose" --type dart

# Also search for the main SDK class dispose method
ast-grep --pattern 'class $_ {
  $$$
  dispose() {
    $$$
  }
  $$$
}'

Length of output: 1435

---

LGTM: TrezorManager registration and disposal are correctly implemented.

• Verified in packages/komodo_defi_sdk/lib/src/komodo_defi_sdk.dart within the dispose() method:

    final trezorManager = _container<TrezorManager>();
    await trezorManager.dispose();

No further changes needed.

packages/komodo_defi_sdk/lib/src/trezor/_trezor_index.dart (1)

1-8: LGTM! Consistent with established patterns.

The internal index file follows the SDK's established patterns for modular organization and uses appropriate naming conventions for private/internal libraries.

packages/komodo_defi_sdk/lib/src/komodo_defi_sdk.dart (3)

11-11: LGTM! Import follows established patterns.

The TrezorManager import is consistent with other manager imports in the SDK.

---

243-248: LGTM! Trezor manager getter implementation is consistent.

The getter implementation follows the exact same pattern as other managers in the SDK, including proper initialization checks and documentation.

---

326-332: LGTM! Proper disposal handling with error resilience.

The disposal logic correctly handles the case where the TrezorManager might not be initialized, using a try-catch block to prevent disposal failures from affecting other cleanup operations.

packages/komodo_defi_rpc_methods/lib/src/rpc_methods/rpc_methods.dart (2)

36-36:

Details

✅ Verification successful

Verify the Trezor RPC namespace export exists and provides expected functionality.

The Trezor RPC namespace export is properly positioned and follows established naming conventions.

---

🏁 Script executed:

#!/bin/bash
# Verify that the Trezor RPC namespace file exists and contains expected functionality
echo "Checking Trezor RPC namespace export..."

fd "trezor_rpc_namespace.dart" packages/komodo_defi_rpc_methods/lib/src/rpc_methods/trezor/

echo "Checking for TrezorMethodsNamespace class..."
ast-grep --pattern 'class TrezorMethodsNamespace {
  $$$
}' packages/komodo_defi_rpc_methods/lib/src/rpc_methods/trezor/trezor_rpc_namespace.dart

Length of output: 513

---

🏁 Script executed:

#!/bin/bash
# Re-check for the TrezorMethodsNamespace class with a simple grep
echo "Searching for TrezorMethodsNamespace class definition..."
rg "class TrezorMethodsNamespace" -n packages/komodo_defi_rpc_methods/lib/src/rpc_methods/trezor/trezor_rpc_namespace.dart

Length of output: 311

---

Trezor RPC namespace export verified

The file packages/komodo_defi_rpc_methods/lib/src/rpc_methods/trezor/trezor_rpc_namespace.dart exists and defines the TrezorMethodsNamespace class extending BaseRpcMethodNamespace. The export in rpc_methods.dart is correct and follows naming conventions—no further changes needed.

---

22-23:

Details

✅ Verification successful

Verify the HD wallet method exports exist and provide expected functionality.

The new HD wallet exports follow proper naming conventions and are logically organized within the existing structure.

---

🏁 Script executed:

#!/bin/bash
# Verify that the exported HD wallet files exist and contain expected classes
echo "Checking HD wallet method exports..."

fd "get_new_address_task.dart" packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/
fd "hd_wallet_methods.dart" packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/

echo "Checking for expected class definitions..."
ast-grep --pattern 'class $_ {
  $$$
}' packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/get_new_address_task.dart packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/hd_wallet_methods.dart

Length of output: 756

---

🏁 Script executed:

#!/bin/bash
# Inspect class definitions in the new HD wallet RPC files

echo "Searching for class GetNewAddressTask in get_new_address_task.dart"
rg -n "class GetNewAddressTask" packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/get_new_address_task.dart || echo "No match found"

echo "Searching for class HdWalletMethods in hd_wallet_methods.dart"
rg -n "class HdWalletMethods" packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/hd_wallet_methods.dart || echo "No match found"

Length of output: 820

---

HD Wallet RPC exports verified

• Confirmed that get_new_address_task.dart and hd_wallet_methods.dart exist under packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/.
• Verified get_new_address_task.dart defines the expected request and response classes (e.g., GetNewAddressTaskInitRequest, GetNewAddressTaskStatusRequest, etc.).
• Verified hd_wallet_methods.dart defines the HdWalletMethods namespace class.

All exports follow established naming conventions and are correctly organized.

packages/komodo_defi_sdk/index_generator.yaml (1)

22-31: LGTM! Configuration follows established patterns perfectly.

The new Trezor library configuration entry is consistent with existing entries in structure, naming conventions, exclude patterns, and documentation format.

packages/komodo_defi_sdk/lib/src/pubkeys/pubkey_manager.dart (1)

33-39:

Details

✅ Verification successful

LGTM! Enhanced strategy selection with proper error handling.

The refactor to pass the entire KdfUser object instead of a boolean parameter provides more context for strategy selection, which is essential for supporting different hardware wallet types like Trezor. The null check with appropriate exception throwing is good defensive programming.

However, please verify that all callers of asset.pubkeyStrategy() have been updated to match the new signature:

---

🏁 Script executed:

#!/bin/bash
# Description: Verify that all asset.pubkeyStrategy calls use the new signature
# Expected: All calls should use the kdfUser parameter instead of isHdWallet

echo "Searching for pubkeyStrategy method calls..."
rg -A 3 "\.pubkeyStrategy\(" --type dart

echo -e "\nSearching for pubkeyStrategy method definitions..."
ast-grep --pattern 'pubkeyStrategy($$$)'

Length of output: 636

---

No further updates required: all asset.pubkeyStrategy calls use the new kdfUser parameter

• Search across all Dart files found only one call in packages/komodo_defi_sdk/lib/src/pubkeys/pubkey_manager.dart
• That call already uses asset.pubkeyStrategy(kdfUser: currentUser) as intended

packages/komodo_defi_rpc_methods/lib/src/rpc_methods_library.dart (1)

44-45: Good addition of Trezor hardware wallet namespace.

The addition of TrezorMethodsNamespace properly organizes Trezor-specific RPC methods under a dedicated namespace, following the established pattern for protocol-specific namespaces.

packages/komodo_defi_sdk/example/lib/main.dart (2)

6-6: Good addition of AuthBloc import for reactive state management.

---

198-224: Excellent refactor to bloc-based authentication state management.

This refactor eliminates manual state management in favor of a reactive bloc pattern, which provides several benefits:

• Centralized auth logic: All authentication operations are now handled through AuthBloc
• Reactive UI updates: The BlocListener automatically updates the UI when auth state changes
• Cleaner component interfaces: InstanceView no longer needs currentUser or onUserChanged parameters
• Better separation of concerns: State management is decoupled from UI components

The implementation correctly:

• Creates an AuthBloc instance for each SDK instance
• Uses BlocListener to react to auth state changes
• Maintains the existing _updateInstanceUser callback for compatibility

packages/komodo_defi_rpc_methods/lib/src/models/task_response_details.dart (2)

7-11: Solid design with proper validation.

The constructor assertion correctly ensures exactly one of the three fields is non-null, which maintains data integrity for the wrapper class.

---

19-23: Convenient error handling utility.

The throwIfError getter provides a clean way to propagate errors when they exist.

packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_event.dart (5)

3-15: Well-implemented Trezor sign-in event.

The event class properly encapsulates the required data for Trezor authentication with appropriate equality implementation.

---

31-43: LGTM!

The event properly handles initialization and authentication flow with appropriate default values.

---

45-54: PIN event implementation looks good.

The event correctly encapsulates PIN input for Trezor initialization.

---

56-68: Passphrase event properly structured.

The event correctly handles passphrase input for Trezor initialization.

---

70-78: Cancellation event correctly implemented.

The event properly handles task cancellation with minimal required data.

packages/komodo_defi_types/lib/src/public_key/pubkey_strategy.dart (1)

56-63: Extension method correctly updated.

The signature change properly propagates the KdfUser parameter to the factory method.

packages/komodo_defi_sdk/example/lib/screens/auth_screen.dart (2)

62-73: Navigation properly updated with repository provider.

The use of RepositoryProvider.value correctly provides the SDK instance to the asset page.

---

83-96: Bloc pattern correctly implemented.

The refactoring properly introduces BlocProvider and creates AuthBloc with the required instance state.

packages/komodo_defi_sdk/example/lib/blocs/auth/auth_event.dart (1)

1-88: Well-structured authentication event classes!

The event hierarchy is clean and follows Flutter Bloc best practices. All events properly implement Equatable for reliable state comparisons.

packages/komodo_defi_sdk/example/lib/widgets/auth/seed_dialog.dart (1)

156-163: Clean architectural improvement!

The change from callback-based to return value via Navigator.pop is a good improvement that simplifies the widget and aligns with the bloc pattern.

packages/komodo_defi_sdk/example/lib/blocs/auth/auth_bloc.dart (1)

17-247: Well-structured authentication bloc implementation!

The AuthBloc is properly designed with clear separation of concerns, comprehensive error handling, and good integration of Trezor support via the mixin pattern. The helper methods provide clean APIs for consumers.

packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/hd_multi_address_strategy.dart (2)

6-87: Clean refactoring to mixin pattern!

The extraction of shared HD wallet logic into HDWalletMixin is well-designed. The public method names (getAccountBalance, convertBalanceInfoToAssetPubkeys) follow Dart conventions properly.

---

89-157: Well-implemented strategy classes!

Both ContextPrivKeyHDWalletStrategy and TrezorHDWalletStrategy properly implement their respective address generation approaches:

• Context strategy uses direct RPC calls
• Trezor strategy uses task-based polling with proper error propagation

The polling mechanism in Trezor strategy is appropriate for hardware wallet interactions.

packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_mixin.dart (1)

16-41: Secure password management implementation!

Good use of FlutterSecureStorage for persisting Trezor wallet passwords and proper error handling for missing passwords. The secure password generation with 16 characters provides adequate security.

packages/komodo_defi_sdk/example/lib/blocs/auth/auth_state.dart (2)

1-1: LGTM!

Correct use of part of directive for the BLoC pattern.

---

3-22: LGTM!

The AuthStatus enum covers all necessary authentication states with clear documentation.

packages/komodo_defi_sdk/lib/src/trezor/trezor_initialization_state.dart (2)

1-2: LGTM!

Appropriate import for RPC methods dependency.

---

3-28: LGTM!

The TrezorInitializationStatus enum comprehensively covers all initialization states with clear documentation.

packages/komodo_defi_rpc_methods/lib/src/rpc_methods/trezor/trezor_rpc_namespace.dart (1)

4-6: LGTM!

Clean namespace class definition extending the base RPC namespace.

packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/hd_wallet_methods.dart (2)

51-83: LGTM: Consistent rpcPass handling.

The account balance methods properly handle the rpcPass parameter with fallback to this.rpcPass, providing a good user experience by using the instance-level password when none is explicitly provided.

---

85-122: LGTM: Consistent task-based methods implementation.

The task-based getNewAddress methods properly implement the init/status/cancel pattern with consistent parameter handling and appropriate fallbacks for the rpcPass parameter.

[coderabbitai]

🛠️ Refactor suggestion

Clarify PIN input instructions

The helper text mentions "PIN pad on your Trezor device" but the user is entering the PIN in the app. This could be confusing.

                    helperText: 'Use the PIN pad on your Trezor device',
+                   helperMaxLines: 2,

And update the text to:

-                    helperText: 'Use the PIN pad on your Trezor device',
+                    helperText: 'Enter PIN based on the positions shown on your Trezor device',

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	),
	keyboardType: TextInputType.number,
	helperText: 'Enter PIN based on the positions shown on your Trezor device',
	helperMaxLines: 2,
	),
	keyboardType: TextInputType.number,

🤖 Prompt for AI Agents

In
packages/komodo_defi_sdk/example/lib/widgets/instance_manager/instance_view.dart
around lines 149 to 150, the helper text for the PIN input incorrectly
references the "PIN pad on your Trezor device," which is misleading since the
user enters the PIN in the app. Update the helper text to clearly instruct the
user to enter their PIN directly in the app input field, removing any mention of
the Trezor device PIN pad to avoid confusion.

[takenagain]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[Copilot]

Pull Request Overview

This PR introduces hardware wallet support for Trezor by extending the RPC layer and updating the Flutter SDK example to integrate a new authentication flow.

• Added task-based get_new_address RPC methods and Trezor namespace in the RPC library.
• Created TrezorAuthMixin, related events and states, and hooked up AuthBloc with Trezor flows in the example.
• Refactored HD wallet strategies into a shared mixin and provided separate strategies for context-based and Trezor-based HD wallets.

Reviewed Changes

Copilot reviewed 38 out of 38 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
example/lib/main.dart	Integrated AuthBloc with Trezor login button into the example app.
example/lib/blocs/auth/trezor_auth_mixin.dart	Implemented Trezor initialization/authentication logic in a mixin.
example/lib/blocs/auth/trezor_auth_event.dart	Defined new events for Trezor PIN, passphrase, and cancellation.
example/lib/blocs/auth/auth_state.dart	Extended AuthState to include Trezor-specific statuses and fields.
example/lib/blocs/auth/auth_bloc.dart	Set up Trezor handlers and wired events into the main auth BLoC.
packages/komodo_defi_rpc_methods/lib/src/rpc_methods_library.dart	Exposed new trezor RPC namespace.
packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/get_new_address_task.dart	Added init/status/cancel request/response classes for task::get_new_address.
packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/hd_multi_address_strategy.dart	Refactored HD wallet logic into HDWalletMixin and added Trezor strategy.
packages/komodo_defi_framework/lib/src/operations/kdf_operations_wasm.dart	Enhanced debug logging around raw JS responses.

Comments suppressed due to low confidence (2)

packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_mixin.dart:9

• FlutterSecureStorage does not have a const constructor; change static const to static final to avoid a compilation error.

static const FlutterSecureStorage _secureStorage = FlutterSecureStorage();

packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/hd_multi_address_strategy.dart:7

• The original HDWalletStrategy class was removed and replaced by a mixin; this breaks any code referencing HDWalletStrategy. Consider reintroducing the strategy class or renaming the mixin to maintain backward compatibility.

mixin HDWalletMixin on PubkeyStrategy {

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (3)

packages/komodo_defi_sdk/lib/src/trezor/trezor_manager.dart (1)

200-202: Replace print with proper logging mechanism

Using print for error logging is not recommended for production code. This should be replaced with a proper logging mechanism.

packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_mixin.dart (1)

73-74: Add error logging as indicated by the comment

The comment states "Log the error but continue" but no logging is implemented in the catch block.

packages/komodo_defi_sdk/example/lib/widgets/instance_manager/instance_view.dart (1)

132-196: Comprehensive Trezor PIN dialog implementation

The PIN dialog properly handles dismissal with PopScope and integrates well with the BLoC pattern. However, there's still a confusing helper text issue from previous reviews.

The helper text on line 161 still references "PIN pad on your Trezor device" which was flagged in previous reviews as confusing since users enter the PIN in the app interface.

🧹 Nitpick comments (2)

packages/komodo_defi_types/lib/src/protocols/utxo/utxo_protocol.dart (1)

25-30: Update or remove the outdated TODO comment

The TODO comment is no longer accurate since this implementation now supports configuring activation parameters for Trezor via the privKeyPolicy parameter. Consider updating or removing this comment to reflect the current implementation.

-  // TODO: Consider the limitation this is likely to impose in the near
-  // future when we need to confirgure activation parameters e.g. for Trezor.
-  // A better solution may be to create a separate activation strategy rather
-  // than adding the activation parameters to the protocol.
-  // Hint: It may be useful to refactor `[ActivationStrategy.supportsAssetType]`
-  // to be async.

packages/komodo_defi_sdk/example/lib/blocs/auth/auth_bloc.dart (1)

53-54: Consider using a proper logging mechanism

While debugPrint is acceptable for development, consider injecting a logger instance for more flexible and production-ready error logging.

Also applies to: 282-283

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c3b5cc6 and 455d5db.

📒 Files selected for processing (17)

• packages/komodo_defi_framework/lib/src/operations/kdf_operations_wasm.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/get_new_address_task.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/hd_wallet_methods.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/trezor/trezor_rpc_namespace.dart (1 hunks)
• packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/hd_multi_address_strategy.dart (4 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/auth_bloc.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/auth_event.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/auth_state.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_event.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_mixin.dart (1 hunks)
• packages/komodo_defi_sdk/example/lib/widgets/instance_manager/instance_view.dart (6 hunks)
• packages/komodo_defi_sdk/lib/src/trezor/_trezor_index.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/trezor/trezor_exception.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/trezor/trezor_initialization_state.dart (1 hunks)
• packages/komodo_defi_sdk/lib/src/trezor/trezor_manager.dart (1 hunks)
• packages/komodo_defi_types/lib/src/protocols/utxo/utxo_protocol.dart (1 hunks)
• packages/komodo_defi_types/lib/src/public_key/pubkey_strategy.dart (2 hunks)

✅ Files skipped from review due to trivial changes (1)

• packages/komodo_defi_sdk/lib/src/trezor/trezor_exception.dart

🚧 Files skipped from review as they are similar to previous changes (10)

• packages/komodo_defi_framework/lib/src/operations/kdf_operations_wasm.dart
• packages/komodo_defi_sdk/lib/src/trezor/_trezor_index.dart
• packages/komodo_defi_types/lib/src/public_key/pubkey_strategy.dart
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/get_new_address_task.dart
• packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_event.dart
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/hd_wallet/hd_wallet_methods.dart
• packages/komodo_defi_sdk/example/lib/blocs/auth/auth_state.dart
• packages/komodo_defi_rpc_methods/lib/src/strategies/pubkey/hd_multi_address_strategy.dart
• packages/komodo_defi_sdk/lib/src/trezor/trezor_initialization_state.dart
• packages/komodo_defi_rpc_methods/lib/src/rpc_methods/trezor/trezor_rpc_namespace.dart

🔇 Additional comments (12)

packages/komodo_defi_types/lib/src/protocols/utxo/utxo_protocol.dart (1)

31-47: Implementation correctly handles Trezor scan policy

The changes appropriately set ScanPolicy.scan for Trezor wallets to ensure funded addresses appear upon first activation, while maintaining backward compatibility with the default ScanPolicy.scanIfNewWallet for other wallet types.

packages/komodo_defi_sdk/example/lib/blocs/auth/auth_event.dart (1)

1-99: Well-structured authentication events

The authentication event classes are properly implemented with correct Equatable usage and comprehensive coverage of authentication workflows.

packages/komodo_defi_sdk/lib/src/trezor/trezor_manager.dart (1)

7-207: Well-implemented Trezor device management

The TrezorManager class provides a comprehensive and well-documented API for Trezor device initialization with proper stream handling, error management, and resource cleanup.

packages/komodo_defi_sdk/example/lib/blocs/auth/auth_bloc.dart (1)

17-315: Well-implemented authentication bloc

The AuthBloc implementation provides comprehensive authentication state management with proper event handling, error management, and clean separation of Trezor-specific logic via the mixin pattern.

packages/komodo_defi_sdk/example/lib/blocs/auth/trezor_auth_mixin.dart (1)

3-350: Excellent implementation of Trezor authentication flow

The mixin provides a well-structured implementation of Trezor hardware wallet authentication with:

• Secure password management using FlutterSecureStorage
• Comprehensive state handling for all Trezor initialization phases
• Proper error handling and user feedback
• Clean separation of concerns

The approach of generating and securely storing passwords for Trezor wallets is a good security practice.

packages/komodo_defi_sdk/example/lib/widgets/instance_manager/instance_view.dart (7)

5-6: LGTM! Clean BLoC integration

The import additions properly support the transition to BLoC-based state management for authentication.

---

39-50: Well-structured state initialization

The local state management with proper controller initialization and BLoC event dispatching in initState follows Flutter best practices.

---

54-58: Proper resource cleanup

Controllers are correctly disposed to prevent memory leaks.

---

60-82: Robust mnemonic retrieval with proper error handling

The async implementation with null checks and mounted state verification is well-implemented.

---

198-275: Well-designed Trezor passphrase dialog

The passphrase dialog provides clear user options between standard and hidden wallet configurations with proper event handling.

---

334-412: Excellent BLoC integration with comprehensive state handling

The BlocConsumer implementation properly handles:

• Error states with user feedback
• Form field updates on user selection
• Trezor-specific state transitions
• Loading state management

This is a well-architected reactive UI pattern.

---

472-642: Thorough authentication form with Trezor integration

The form implementation includes:

• Proper loading state handling
• Known users display with chips
• Form validation
• Comprehensive Trezor status feedback
• Clean separation of concerns

The UI correctly disables interactions during loading states and provides clear feedback to users.

[CharlVS]

@takenagain If both this PR and #81 (pending review into this PR) are ready for review, then why not merge #81 in? If you don't have perms to merge the PR, then you can merge the branches with git.

[takenagain]

@takenagain If both this PR and #81 (pending review into this PR) are ready for review, then why not merge #81 in? If you don't have perms to merge the PR, then you can merge the branches with git.

I've merged #81 and dev in. I intended to isolate changes to the KomodoDefiSdk and KomodoDefiAuth interfaces to get your feedback on that first, but this PR has the broader context, so I don't mind handling further adjustments here.

[CharlVS]

intended to isolate changes to the KomodoDefiSdk and KomodoDefiAuth interfaces to get your feedback on that first

@takenagain
Ah, so there was wisdom to your madness. In the future, yeah let's keep it separate since it's easier to give feedback on multiple major changes if they're isolated.

[CharlVS]

TYSM. Looks solid