Feat/eid reclaim

[coodos]

Description of change

Issue Number

Type of change

• Breaking (any change that would cause existing functionality to not work as expected)
• New (a change which implements a new feature)
• Update (a change which updates existing functionality)
• Fix (a change which fixes an issue)
• Docs (changes to the documentation)
• Chore (refactoring, build scripts or anything else that isn't user-facing)

How the change has been tested

Change checklist

• I have ensured that the CI Checks pass locally
• I have removed any unnecessary logic
• My code is well documented
• I have signed my commits
• My code follows the pattern of the application
• I have self reviewed my code

Summary by CodeRabbit

• New Features

  • Added hardware-backed key management with automatic software fallback.
  • Verification now checks hardware support and updates the UI accordingly.
  • Support claiming an existing eVault when a duplicate is detected.
  • Added “Retry profile creation” action and automatic status monitoring on the main screen.

• Improvements

  • More resilient network calls with timeouts and exponential backoff.
  • Smoother onboarding and verification flows with clearer status messaging.

• UI

  • Updated Settings version display to v0.2.2.0.

• Bug Fixes

  • Reduced duplicate processing and prevented repeated profile creation attempts.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Adds a pluggable key management layer (hardware/software) with a factory, refactors onboarding/verify flows to use it, enhances eVault profile creation with retries, and extends provisioning to handle duplicates via linkedEName/w3id with migration and event updates. Adds logging/guards in Cerberus flows and bumps Settings version text.

Changes

Cohort / File(s)	Summary
Crypto Abstraction Core `infrastructure/eid-wallet/src/lib/crypto/types.ts`, `.../HardwareKeyManager.ts`, `.../SoftwareKeyManager.ts`, `.../KeyManagerFactory.ts`, `.../index.ts`	Introduces KeyManager interface, error codes, hardware/software implementations, factory with availability probing and context handling, and central index exports.
Auth Flows: Onboarding & Verify `infrastructure/eid-wallet/src/routes/(auth)/onboarding/+page.svelte`, `.../(auth)/verify/+page.svelte`	Replaces direct hardware calls with KeyManager-based flow; adds capability checks, key generation/public key retrieval, and duplicate-claim path integration in verify.
App Main & Settings UI `infrastructure/eid-wallet/src/routes/(app)/main/+page.svelte`, `.../(app)/settings/+page.svelte`	Main: switches to context-driven state, adds status watcher and retry hook. Settings: updates version text to v0.2.2.0.
eVault Global Controller `infrastructure/eid-wallet/src/lib/global/controllers/evault.ts`	Adds retry/backoff to endpoint resolution and profile creation; exposes `retryProfileCreation`; refines state transitions and avoids duplicate work.
Provisioner: Verification & Persistence `infrastructure/evault-provisioner/src/config/database.ts`, `.../controllers/VerificationController.ts`, `.../entities/Verification.ts`, `.../migrations/1758389959600-migration.ts`, `.../index.ts`, `.../services/VerificationService.ts`	Changes default DB URL; adds `linkedEName` column and migration; includes `w3id` in emitted events; persists `linkedEName` during provisioning; adds service update method.
Cerberus Platform Logging/Guards `platforms/cerberus/src/controllers/WebhookController.ts`, `.../services/CerberusTriggerService.ts`	Wraps charter processing with try/catch and adds extensive debug logging without altering core behavior.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor UI as UI (Onboarding/Verify)
  participant KMF as KeyManagerFactory
  participant HW as HardwareKeyManager
  participant SW as SoftwareKeyManager

  UI->>KMF: getKeyManager(config/context)
  alt pre-verification
    KMF-->>UI: SW instance
  else try hardware
    KMF->>HW: probe exists(testKey)
    alt hardware available
      KMF-->>UI: HW instance
    else fallback
      KMF-->>UI: SW instance
    end
  end

  UI->>KMF: generate/getPublicKey/sign/verify via manager
  KMF-->>UI: result or KeyManagerError(code)

Loading

sequenceDiagram
  autonumber
  actor VerifyUI as Verify UI
  participant Prov as Provisioner API
  participant VC as VerificationController
  participant VS as VerificationService
  participant EE as EventEmitter

  VerifyUI->>Prov: Start verification (SSE/WebSocket)
  Prov->>VC: Create session
  VC-->>EE: emit { status: pending }
  VC->>VS: evaluate documents
  alt duplicate detected
    VC-->>EE: emit { status: duplicate, w3id }
  else approved
    VC-->>EE: emit { status: approved }
    Prov->>VS: update(verificationId,{ linkedEName: w3id })
    Prov-->>VerifyUI: provision eVault with w3id
  end

  Note over VerifyUI: If duplicate, claim existing eVault using w3id

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• feat: setup hw crypto #295 — Refactors prior direct hardware crypto calls to a KeyManager abstraction in the same flows.
• Feat/evault provisioning via phone #188 — Earlier provisioning/verification work extended here with linkedEName/w3id and migration.
• Fix/group chat fix #300 — Also modifies the Settings page; overlaps on version display area.

Suggested reviewers

• sosweetham

Poem

I forged two keys, one steel, one air,
hopped through verifications with careful care.
Found an old warren—w3id’s trace—
claimed the burrow, saved the race.
Logs like carrots line my trail,
v0.2.2.0—onward we sail! 🥕🐇

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/eid-reclaim

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f33bba3 and 21e3d3b.

⛔ Files ignored due to path filters (3)

• infrastructure/eid-wallet/src-tauri/gen/android/app/universal/release/app-universal-release.aab is excluded by !**/gen/**
• infrastructure/eid-wallet/src-tauri/gen/apple/eid-wallet.xcodeproj/project.pbxproj is excluded by !**/gen/**
• infrastructure/eid-wallet/src-tauri/gen/apple/eid-wallet_iOS/Info.plist is excluded by !**/gen/**

📒 Files selected for processing (17)

• infrastructure/eid-wallet/src/lib/crypto/HardwareKeyManager.ts (1 hunks)
• infrastructure/eid-wallet/src/lib/crypto/KeyManagerFactory.ts (1 hunks)
• infrastructure/eid-wallet/src/lib/crypto/SoftwareKeyManager.ts (1 hunks)
• infrastructure/eid-wallet/src/lib/crypto/index.ts (1 hunks)
• infrastructure/eid-wallet/src/lib/crypto/types.ts (1 hunks)
• infrastructure/eid-wallet/src/lib/global/controllers/evault.ts (3 hunks)
• infrastructure/eid-wallet/src/routes/(app)/main/+page.svelte (1 hunks)
• infrastructure/eid-wallet/src/routes/(app)/settings/+page.svelte (1 hunks)
• infrastructure/eid-wallet/src/routes/(auth)/onboarding/+page.svelte (1 hunks)
• infrastructure/eid-wallet/src/routes/(auth)/verify/+page.svelte (4 hunks)
• infrastructure/evault-provisioner/src/config/database.ts (1 hunks)
• infrastructure/evault-provisioner/src/controllers/VerificationController.ts (4 hunks)
• infrastructure/evault-provisioner/src/entities/Verification.ts (1 hunks)
• infrastructure/evault-provisioner/src/index.ts (1 hunks)
• infrastructure/evault-provisioner/src/migrations/1758389959600-migration.ts (1 hunks)
• platforms/cerberus/src/controllers/WebhookController.ts (2 hunks)
• platforms/cerberus/src/services/CerberusTriggerService.ts (4 hunks)

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}