Skip to content

Comments

feat(seedless-onboarding): add dataType support for secret data items#7284

Open
huggingbot wants to merge 39 commits intomainfrom
feat/data-type
Open

feat(seedless-onboarding): add dataType support for secret data items#7284
huggingbot wants to merge 39 commits intomainfrom
feat/data-type

Conversation

@huggingbot
Copy link
Member

@huggingbot huggingbot commented Dec 2, 2025
edited by cursor bot
Loading

Explanation

The metadata service now supports a dataType column for categorizing secret data (PrimarySrp, ImportedSrp, ImportedPrivateKey). This enables clients to distinguish between different types of backed-up secrets

Changes include:

  • Add dataType parameter to insert operations
  • Add updateSecretDataItem and batchUpdateSecretDataItems for updating existing items
  • Update fetchAllSecretData to return storage metadata (itemId, dataType) alongside secret data
  • Refactor SecretMetadata to separate local metadata from storage-level metadata

References

https://consensyssoftware.atlassian.net/browse/SL-350

Checklist

  • I've updated the test suite for new or updated code as appropriate
  • I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
  • I've communicated my changes to consumers by updating changelogs for packages I've changed
  • I've introduced breaking changes in this PR and have prepared draft pull requests for clients and consumer packages to resolve them

Note

Medium Risk
Introduces breaking API changes and new migration logic that updates remote secret metadata and changes secret ordering/validation, so regressions could affect backup/restore correctness for existing users.

Overview
Secret backups now carry a storage-level dataType (PrimarySrp/ImportedSrp/ImportedPrivateKey) via @metamask/toprf-secure-backup@^1.0.0, and addNewSecretData is breaking: it accepts dataType: EncAccountDataType (rejecting PrimarySrp) and persists that classification when adding items.

fetchAllSecretData now consumes the SDK’s richer FetchedSecretDataItem shape, returns SecretMetadata enriched with itemId/dataType/createdAt/storageVersion, and changes ordering/validation to use PrimarySrp-first sorting with TIMEUUID timestamp extraction (fixing previous lexicographic TIMEUUID sorting).

Adds migration plumbing: controller state gains persisted migrationVersion plus runMigrations/setMigrationVersion, with a #migrateDataTypes routine that updates legacy items’ dataType (single vs batch updates) and marks migration completion; SecretMetadata is refactored accordingly (removing old batch/parse/sort helpers and version in favor of storageVersion).

Written by Cursor Bugbot for commit 7141349. This will update automatically on new commits. Configure here.

@huggingbot
feat(seedless-onboarding): add dataType support for secret data items
611556b 
- Add dataType parameter to createToprfKeyAndBackupSeedPhrase and addNewSecretData
- Add updateSecretDataItem and batchUpdateSecretDataItems methods
- Update fetchAllSecretData to return SecretDataItemWithMetadata[]
lwin-kyaw
lwin-kyaw requested changes Dec 2, 2025
View reviewed changes
@huggingbot
refactor: Removed default dataType parameter from createToprfKeyAndBa…
85275f5 
…ckupSeedPhrase method
@huggingbot
refactor: update documentation for secret data item methods
fc73107
@huggingbot
refactor: enhance primary secret data validation in SeedlessOnboardin…
3afa879 
…gController
@huggingbot
fix: Update sorting mechanism to prioritize PrimarySrp dataType over …
90d642b 
…legacy data
@huggingbot
feat(seedless-onboarding-controller): add createdAt field and sort by…
ac52a76 
… PrimarySrp first, then createdAt
@huggingbot
feat(seedless-onboarding-controller): add storage metadata to SecretM…
11c09f8 
…etadata

- Add itemId, dataType, createdAt properties to SecretMetadata class
- Remove SecretDataItemWithMetadata wrapper type
- Update fetchAllSecretData to return SecretMetadata[] directly
- Add tests for storage metadata properties
@huggingbot
fix(seedless-onboarding-controller): use timestamp extraction for TIM…
2885314 
…EUUID sorting

TIMEUUID strings are not lexicographically sortable. Replace localeCompare
with compareTimeuuid utility that extracts and compares actual timestamps.
lwin-kyaw
lwin-kyaw reviewed Dec 17, 2025
View reviewed changes
@huggingbot huggingbot marked this pull request as ready for review January 5, 2026 09:53
@huggingbot huggingbot requested review from a team as code owners January 5, 2026 09:53
cursor[bot]
cursor bot reviewed Jan 5, 2026
View reviewed changes
lwin-kyaw
lwin-kyaw reviewed Jan 6, 2026
View reviewed changes
lwin-kyaw
lwin-kyaw reviewed Jan 6, 2026
View reviewed changes
lwin-kyaw
lwin-kyaw reviewed Jan 6, 2026
View reviewed changes
lwin-kyaw
lwin-kyaw reviewed Jan 6, 2026
View reviewed changes
@socket-security
Copy link

socket-security bot commented Jan 15, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​metamask/​toprf-secure-backup@​0.11.0 ⏵ 1.0.09910088 +195 -1100

View full report

cursor[bot]
cursor bot reviewed Jan 15, 2026
View reviewed changes
@huggingbot
fix: preserve PrimarySrp designation during migrations
e0e6499 
fix: handle edge case in SecretMetadata.compare when both items are PrimarySrp

fix: add tests for data corruption scenarios and inconsistent storageVersion
lwin-kyaw
lwin-kyaw previously approved these changes Jan 21, 2026
View reviewed changes
Copy link
Contributor

@lwin-kyaw lwin-kyaw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!!! 🚀

@huggingbot
Copy link
Member Author

huggingbot commented Jan 23, 2026
edited
Loading

@metamaskbot publish-preview

@huggingbot
Copy link
Member Author

huggingbot commented Jan 26, 2026

@metamaskbot publish-preview

@github-actions
Copy link
Contributor

github-actions bot commented Jan 26, 2026

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions. 
{
  "@metamask-previews/account-tree-controller": "4.0.0-preview-6ae8a59c",
  "@metamask-previews/accounts-controller": "35.0.2-preview-6ae8a59c",
  "@metamask-previews/address-book-controller": "7.0.1-preview-6ae8a59c",
  "@metamask-previews/ai-controllers": "0.0.0-preview-6ae8a59c",
  "@metamask-previews/analytics-controller": "1.0.0-preview-6ae8a59c",
  "@metamask-previews/announcement-controller": "8.0.0-preview-6ae8a59c",
  "@metamask-previews/app-metadata-controller": "2.0.0-preview-6ae8a59c",
  "@metamask-previews/approval-controller": "8.0.0-preview-6ae8a59c",
  "@metamask-previews/assets-controller": "0.0.0-preview-6ae8a59c",
  "@metamask-previews/assets-controllers": "96.0.0-preview-6ae8a59c",
  "@metamask-previews/base-controller": "9.0.0-preview-6ae8a59c",
  "@metamask-previews/bridge-controller": "64.8.1-preview-6ae8a59c",
  "@metamask-previews/bridge-status-controller": "64.4.4-preview-6ae8a59c",
  "@metamask-previews/build-utils": "3.0.4-preview-6ae8a59c",
  "@metamask-previews/chain-agnostic-permission": "1.4.0-preview-6ae8a59c",
  "@metamask-previews/claims-controller": "0.4.1-preview-6ae8a59c",
  "@metamask-previews/composable-controller": "12.0.0-preview-6ae8a59c",
  "@metamask-previews/connectivity-controller": "0.1.0-preview-6ae8a59c",
  "@metamask-previews/controller-utils": "11.18.0-preview-6ae8a59c",
  "@metamask-previews/core-backend": "5.0.0-preview-6ae8a59c",
  "@metamask-previews/delegation-controller": "2.0.0-preview-6ae8a59c",
  "@metamask-previews/earn-controller": "11.1.0-preview-6ae8a59c",
  "@metamask-previews/eip-5792-middleware": "2.1.0-preview-6ae8a59c",
  "@metamask-previews/eip-7702-internal-rpc-middleware": "0.1.0-preview-6ae8a59c",
  "@metamask-previews/eip1193-permission-middleware": "1.0.3-preview-6ae8a59c",
  "@metamask-previews/ens-controller": "19.0.2-preview-6ae8a59c",
  "@metamask-previews/error-reporting-service": "3.0.1-preview-6ae8a59c",
  "@metamask-previews/eth-block-tracker": "15.0.1-preview-6ae8a59c",
  "@metamask-previews/eth-json-rpc-middleware": "23.0.0-preview-6ae8a59c",
  "@metamask-previews/eth-json-rpc-provider": "6.0.0-preview-6ae8a59c",
  "@metamask-previews/foundryup": "1.0.1-preview-6ae8a59c",
  "@metamask-previews/gas-fee-controller": "26.0.2-preview-6ae8a59c",
  "@metamask-previews/gator-permissions-controller": "1.1.0-preview-6ae8a59c",
  "@metamask-previews/json-rpc-engine": "10.2.1-preview-6ae8a59c",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.8-preview-6ae8a59c",
  "@metamask-previews/keyring-controller": "25.1.0-preview-6ae8a59c",
  "@metamask-previews/logging-controller": "7.0.1-preview-6ae8a59c",
  "@metamask-previews/message-manager": "14.1.0-preview-6ae8a59c",
  "@metamask-previews/messenger": "0.3.0-preview-6ae8a59c",
  "@metamask-previews/multichain-account-service": "5.1.0-preview-6ae8a59c",
  "@metamask-previews/multichain-api-middleware": "1.2.6-preview-6ae8a59c",
  "@metamask-previews/multichain-network-controller": "3.0.2-preview-6ae8a59c",
  "@metamask-previews/multichain-transactions-controller": "7.0.0-preview-6ae8a59c",
  "@metamask-previews/name-controller": "9.0.0-preview-6ae8a59c",
  "@metamask-previews/network-controller": "29.0.0-preview-6ae8a59c",
  "@metamask-previews/network-enablement-controller": "4.1.0-preview-6ae8a59c",
  "@metamask-previews/notification-services-controller": "21.0.0-preview-6ae8a59c",
  "@metamask-previews/permission-controller": "12.2.0-preview-6ae8a59c",
  "@metamask-previews/permission-log-controller": "5.0.0-preview-6ae8a59c",
  "@metamask-previews/perps-controller": "0.0.0-preview-6ae8a59c",
  "@metamask-previews/phishing-controller": "16.1.0-preview-6ae8a59c",
  "@metamask-previews/polling-controller": "16.0.2-preview-6ae8a59c",
  "@metamask-previews/preferences-controller": "22.0.0-preview-6ae8a59c",
  "@metamask-previews/profile-metrics-controller": "3.0.0-preview-6ae8a59c",
  "@metamask-previews/profile-sync-controller": "27.0.0-preview-6ae8a59c",
  "@metamask-previews/ramps-controller": "4.1.0-preview-6ae8a59c",
  "@metamask-previews/rate-limit-controller": "7.0.0-preview-6ae8a59c",
  "@metamask-previews/remote-feature-flag-controller": "4.0.0-preview-6ae8a59c",
  "@metamask-previews/sample-controllers": "4.0.2-preview-6ae8a59c",
  "@metamask-previews/seedless-onboarding-controller": "7.1.0-preview-6ae8a59c",
  "@metamask-previews/selected-network-controller": "26.0.2-preview-6ae8a59c",
  "@metamask-previews/shield-controller": "5.0.0-preview-6ae8a59c",
  "@metamask-previews/signature-controller": "39.0.1-preview-6ae8a59c",
  "@metamask-previews/storage-service": "0.0.1-preview-6ae8a59c",
  "@metamask-previews/subscription-controller": "5.4.0-preview-6ae8a59c",
  "@metamask-previews/token-search-discovery-controller": "4.0.0-preview-6ae8a59c",
  "@metamask-previews/transaction-controller": "62.9.2-preview-6ae8a59c",
  "@metamask-previews/transaction-pay-controller": "11.1.0-preview-6ae8a59c",
  "@metamask-previews/user-operation-controller": "41.0.2-preview-6ae8a59c"
}

This was referenced Feb 12, 2026
Open
Open
cursor[bot]
cursor bot reviewed Feb 23, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

@huggingbot
Copy link
Member Author

huggingbot commented Feb 23, 2026

@metamaskbot publish-preview

@github-actions
Copy link
Contributor

github-actions bot commented Feb 23, 2026

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions. 
{
  "@metamask-previews/account-tree-controller": "4.1.1-preview-71413498f",
  "@metamask-previews/accounts-controller": "36.0.1-preview-71413498f",
  "@metamask-previews/address-book-controller": "7.0.1-preview-71413498f",
  "@metamask-previews/ai-controllers": "0.1.0-preview-71413498f",
  "@metamask-previews/analytics-controller": "1.0.0-preview-71413498f",
  "@metamask-previews/analytics-data-regulation-controller": "0.0.0-preview-71413498f",
  "@metamask-previews/announcement-controller": "8.0.0-preview-71413498f",
  "@metamask-previews/app-metadata-controller": "2.0.0-preview-71413498f",
  "@metamask-previews/approval-controller": "8.0.0-preview-71413498f",
  "@metamask-previews/assets-controller": "2.0.2-preview-71413498f",
  "@metamask-previews/assets-controllers": "100.0.2-preview-71413498f",
  "@metamask-previews/base-controller": "9.0.0-preview-71413498f",
  "@metamask-previews/bridge-controller": "67.1.1-preview-71413498f",
  "@metamask-previews/bridge-status-controller": "67.0.1-preview-71413498f",
  "@metamask-previews/build-utils": "3.0.4-preview-71413498f",
  "@metamask-previews/chain-agnostic-permission": "1.4.0-preview-71413498f",
  "@metamask-previews/claims-controller": "0.4.2-preview-71413498f",
  "@metamask-previews/client-controller": "1.0.0-preview-71413498f",
  "@metamask-previews/compliance-controller": "1.0.0-preview-71413498f",
  "@metamask-previews/composable-controller": "12.0.0-preview-71413498f",
  "@metamask-previews/connectivity-controller": "0.1.0-preview-71413498f",
  "@metamask-previews/controller-utils": "11.19.0-preview-71413498f",
  "@metamask-previews/core-backend": "6.0.0-preview-71413498f",
  "@metamask-previews/delegation-controller": "2.0.1-preview-71413498f",
  "@metamask-previews/earn-controller": "11.1.1-preview-71413498f",
  "@metamask-previews/eip-5792-middleware": "2.1.0-preview-71413498f",
  "@metamask-previews/eip-7702-internal-rpc-middleware": "0.1.0-preview-71413498f",
  "@metamask-previews/eip1193-permission-middleware": "1.0.3-preview-71413498f",
  "@metamask-previews/ens-controller": "19.0.3-preview-71413498f",
  "@metamask-previews/error-reporting-service": "3.0.1-preview-71413498f",
  "@metamask-previews/eth-block-tracker": "15.0.1-preview-71413498f",
  "@metamask-previews/eth-json-rpc-middleware": "23.1.0-preview-71413498f",
  "@metamask-previews/eth-json-rpc-provider": "6.0.0-preview-71413498f",
  "@metamask-previews/foundryup": "1.0.1-preview-71413498f",
  "@metamask-previews/gas-fee-controller": "26.0.3-preview-71413498f",
  "@metamask-previews/gator-permissions-controller": "2.0.0-preview-71413498f",
  "@metamask-previews/json-rpc-engine": "10.2.2-preview-71413498f",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.8-preview-71413498f",
  "@metamask-previews/keyring-controller": "25.1.0-preview-71413498f",
  "@metamask-previews/logging-controller": "7.0.1-preview-71413498f",
  "@metamask-previews/message-manager": "14.1.0-preview-71413498f",
  "@metamask-previews/messenger": "0.3.0-preview-71413498f",
  "@metamask-previews/multichain-account-service": "7.0.0-preview-71413498f",
  "@metamask-previews/multichain-api-middleware": "1.2.7-preview-71413498f",
  "@metamask-previews/multichain-network-controller": "3.0.4-preview-71413498f",
  "@metamask-previews/multichain-transactions-controller": "7.0.1-preview-71413498f",
  "@metamask-previews/name-controller": "9.0.0-preview-71413498f",
  "@metamask-previews/network-controller": "30.0.0-preview-71413498f",
  "@metamask-previews/network-enablement-controller": "4.1.2-preview-71413498f",
  "@metamask-previews/notification-services-controller": "22.0.0-preview-71413498f",
  "@metamask-previews/permission-controller": "12.2.0-preview-71413498f",
  "@metamask-previews/permission-log-controller": "5.0.0-preview-71413498f",
  "@metamask-previews/perps-controller": "0.0.0-preview-71413498f",
  "@metamask-previews/phishing-controller": "16.3.0-preview-71413498f",
  "@metamask-previews/polling-controller": "16.0.3-preview-71413498f",
  "@metamask-previews/preferences-controller": "22.1.0-preview-71413498f",
  "@metamask-previews/profile-metrics-controller": "3.0.1-preview-71413498f",
  "@metamask-previews/profile-sync-controller": "27.1.0-preview-71413498f",
  "@metamask-previews/ramps-controller": "9.0.0-preview-71413498f",
  "@metamask-previews/rate-limit-controller": "7.0.0-preview-71413498f",
  "@metamask-previews/remote-feature-flag-controller": "4.0.0-preview-71413498f",
  "@metamask-previews/sample-controllers": "4.0.3-preview-71413498f",
  "@metamask-previews/seedless-onboarding-controller": "8.0.0-preview-71413498f",
  "@metamask-previews/selected-network-controller": "26.0.3-preview-71413498f",
  "@metamask-previews/shield-controller": "5.0.1-preview-71413498f",
  "@metamask-previews/signature-controller": "39.0.4-preview-71413498f",
  "@metamask-previews/storage-service": "1.0.0-preview-71413498f",
  "@metamask-previews/subscription-controller": "6.0.0-preview-71413498f",
  "@metamask-previews/transaction-controller": "62.18.0-preview-71413498f",
  "@metamask-previews/transaction-pay-controller": "16.0.0-preview-71413498f",
  "@metamask-previews/user-operation-controller": "41.0.3-preview-71413498f"
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@himanshuchawla009 himanshuchawla009 himanshuchawla009 left review comments

@lwin-kyaw lwin-kyaw lwin-kyaw left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

area-onboarding team-onboarding

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@huggingbot @himanshuchawla009 @lwin-kyaw