feat: [MUSD-445] complete money account upgrade controller flow (#30002)

<!--
Please submit this PR as a draft initially.

Do not mark it as "Ready for review" until this PR meets the canonical
Definition of Ready For Review in `docs/readme/ready-for-review.md`.

In short: the template must be materially complete (not just section
titles
present), all status checks must be currently passing, and the only
expected
follow-up commits must be reviewer-driven.
-->

## **Description**
This PR upgrades to the final version of the money account upgrade
controller - which can in theory run through the entire chomp upgrade
flow.

Things that we've changed in this PR in addition to bumping the package
1. Updated the config that is passed into the upgrade controller
2. Added a check which ensures the monad network is enabled before we
start the upgrade process. This is necessary, because monad is enabled
by default

# TODO
1. ~~This PR builds on @MoMannn's PR #29897 - and it should be merged
first.~~
2. This PR requires us to change the [vault config feature
flag](https://app.launchdarkly.com/projects/metamask-client-config-api-mobile/flags/money-account-vault-config/targeting?env=test&selected-env=test)
before it will function correctly.
3. Chomp returns a 500 on the final step of the upgrade process. We need
to figure out why this is happening and fix it
4. ~~We need to merge and publish [this core
pr](MetaMask/core#8621) and update the preview
packages that are currently used in this branch to the real published
updates.~~


<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->

## **Changelog**

<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`

If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`

(This helps the Release Engineer do their job more quickly and
accurately)
-->

CHANGELOG entry: Update to final version of money account upgrade
controller

## **Related issues**

Fixes:

## **Manual testing steps**

```gherkin
Feature: my feature name

  Scenario: user [verb for user action]
    Given [describe expected initial app state]

    When user [verb for user action]
    Then [describe expected outcome]
```

## **Screenshots/Recordings**

<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->

### **Before**

<!-- [screenshots/recordings] -->

### **After**

<!-- [screenshots/recordings] -->

## **Pre-merge author checklist**

<!--
Every checklist item must be consciously assessed before marking this PR
as
"Ready for review". A checked box means you deliberately considered that
responsibility, not that you literally performed every action listed.

Unchecked boxes are ambiguous: they are not an implicit "N/A" and they
are not
a silent "skip". See `docs/readme/ready-for-review.md` for the full
checklist
semantics.
-->

- [ ] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [ ] I've completed the PR template to the best of my ability
- [ ] I've included tests if applicable
- [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [ ] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

#### Performance checks (if applicable)

- [ ] I've tested on Android
  - Ideally on a mid-range device; emulator is acceptable
- [ ] I've tested with a power user scenario
- Use these [power-user
SRPs](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/edit-v2/401401446401?draftShareId=9d77e1e1-4bdc-4be1-9ebb-ccd916988d93)
to import wallets with many accounts and tokens
- [ ] I've instrumented key operations with Sentry traces for production
performance metrics
- See [`trace()`](/app/util/trace.ts) for usage and
[`addToken`](/app/components/Views/AddAsset/components/AddCustomToken/AddCustomToken.tsx#L274)
for an example

For performance guidelines and tooling, see the [Performance
Guide](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/400085549067/Performance+Guide+for+Engineers).

## **Pre-merge reviewer checklist**

<!--
Reviewer checklist items follow the same semantics as the author
checklist: an
unchecked box is ambiguous, a checked box means the reviewer consciously
assessed that responsibility. See `docs/readme/ready-for-review.md`.
-->

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.




<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Medium Risk**
> Touches money account upgrade bootstrap logic and programmatically
adds missing networks via `NetworkController.addNetwork`, which can
affect upgrade flow behavior and user network state if misconfigured.
Also bumps to `@metamask/money-account-upgrade-controller@^2.0.0` with
related dependency updates.
> 
> **Overview**
> Updates `moneyAccountUpgradeControllerInit` to initialize
`MoneyAccountUpgradeController` using the Money Account *vault config*
(chainId + boring vault address) instead of deriving addresses from
CHOMP service details / delegator environment.
> 
> Adds a bootstrap guard (`ensureChainConfigured`) that checks whether
the vault chain is present in the user’s `NetworkController` config and,
if missing, auto-adds it from `PopularList` (or logs an error and aborts
if unsupported). Tests are updated to cover the new init parameters,
missing vault config handling, and the chain auto-add behavior.
> 
> Expands the controller messenger permissions for the full upgrade flow
(delegation + additional CHOMP actions) and bumps
`@metamask/money-account-upgrade-controller` to `^2.0.0` plus related
dependency versions in `package.json`/`yarn.lock`.
> 
> <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit
74a760e. Bugbot is set up for automated
code reviews on this repo. Configure
[here](https://www.cursor.com/dashboard/bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Author: Jwhiles

app/core/Engine/controllers/money-account-upgrade-controller-init.test.ts

@@ -1,4 +1,4 @@
-import { CHAIN_IDS } from '@metamask/transaction-controller';
+import type { Hex } from '@metamask/utils';
 import { MoneyAccountUpgradeController } from '@metamask/money-account-upgrade-controller';
 import { MOCK_ANY_NAMESPACE, MockAnyNamespace } from '@metamask/messenger';
 import { ExtendedMessenger } from '../../ExtendedMessenger';
@@ -7,7 +7,13 @@ import {
   getMoneyAccountUpgradeControllerInitMessenger,
   getMoneyAccountUpgradeControllerMessenger,
 } from '../messengers/money-account-upgrade-controller-messenger';
-import { getDeleGatorEnvironment } from '../../Delegation/environment';
+import Engine from '../../Engine';
+import ReduxService from '../../redux';
+import {
+  type MoneyAccountVaultConfig,
+  selectMoneyAccountVaultConfig,
+} from '../../../selectors/featureFlagController/moneyAccount';
+import { selectEvmNetworkConfigurationsByChainId } from '../../../selectors/networkController';
 import {
   __resetMoneyAccountUpgradeBootstrapForTesting,
   moneyAccountUpgradeControllerInit,
@@ -17,38 +23,42 @@ import Logger from '../../../util/Logger';
 
 jest.mock('@metamask/money-account-upgrade-controller');
 
-jest.mock('../../Delegation/environment', () => ({
-  getDeleGatorEnvironment: jest.fn(),
+jest.mock('../../redux');
+
+jest.mock('../../Engine', () => ({
+  __esModule: true,
+  default: {
+    context: {
+      NetworkController: {
+        addNetwork: jest.fn().mockResolvedValue(undefined),
+      },
+    },
+  },
+}));
+
+jest.mock('../../../selectors/featureFlagController/moneyAccount');
+
+jest.mock('../../../selectors/networkController', () => ({
+  selectEvmNetworkConfigurationsByChainId: jest.fn(),
 }));
 
 jest.mock('../../../util/Logger', () => ({
   error: jest.fn(),
 }));
 
-const MUSD_TOKEN_ADDRESS = '0x000000000000000000000000000000000000dead';
-const DELEGATOR_IMPL = '0x0000000000000000000000000000000000000001';
-const REDEEMER_ENFORCER = '0x0000000000000000000000000000000000000002';
-const VALUE_LTE_ENFORCER = '0x0000000000000000000000000000000000000003';
-
-const SERVICE_DETAILS = {
-  chains: {
-    [CHAIN_IDS.ARBITRUM]: {
-      protocol: {
-        vedaProtocol: {
-          supportedTokens: [{ tokenAddress: MUSD_TOKEN_ADDRESS }],
-        },
-      },
-    },
-  },
+const VAULT_CHAIN_ID = '0x8f' as Hex;
+const BORING_VAULT_ADDRESS =
+  '0x000000000000000000000000000000000000beef' as Hex;
+
+const VAULT_CONFIG: MoneyAccountVaultConfig = {
+  chainId: VAULT_CHAIN_ID,
+  boringVault: BORING_VAULT_ADDRESS,
+  tellerAddress: '0x0000000000000000000000000000000000000001',
+  accountantAddress: '0x0000000000000000000000000000000000000002',
+  lensAddress: '0x0000000000000000000000000000000000000003',
 };
 
-function getInitRequestMock({
-  isUnlocked,
-  serviceDetails = SERVICE_DETAILS,
-}: {
-  isUnlocked: boolean;
-  serviceDetails?: unknown;
-}) {
+function getInitRequestMock({ isUnlocked }: { isUnlocked: boolean }) {
   const baseMessenger = new ExtendedMessenger<MockAnyNamespace, never, never>({
     namespace: MOCK_ANY_NAMESPACE,
   });
@@ -59,21 +69,14 @@ function getInitRequestMock({
     jest.fn().mockReturnValue({ isUnlocked }),
   );
 
-  const getServiceDetails = jest.fn().mockResolvedValue(serviceDetails);
-  baseMessenger.registerActionHandler(
-    // @ts-expect-error: Action not allowed on the mock messenger namespace.
-    'ChompApiService:getServiceDetails',
-    getServiceDetails,
-  );
-
   const requestMock = {
     ...buildMessengerClientInitRequestMock(baseMessenger),
     controllerMessenger:
       getMoneyAccountUpgradeControllerMessenger(baseMessenger),
     initMessenger: getMoneyAccountUpgradeControllerInitMessenger(baseMessenger),
   };
 
-  return { requestMock, baseMessenger, getServiceDetails };
+  return { requestMock, baseMessenger };
 }
 
 const flushAsync = () => new Promise(process.nextTick);
@@ -92,15 +95,20 @@ describe('moneyAccountUpgradeControllerInit', () => {
       .mocked(MoneyAccountUpgradeController)
       .mockImplementation(() => mockedController);
 
-    jest.mocked(getDeleGatorEnvironment).mockReturnValue({
-      EIP7702StatelessDeleGatorImpl: DELEGATOR_IMPL,
-      caveatEnforcers: {
-        RedeemerEnforcer: REDEEMER_ENFORCER,
-        ValueLteEnforcer: VALUE_LTE_ENFORCER,
-      },
-    } as unknown as ReturnType<typeof getDeleGatorEnvironment>);
+    (ReduxService as unknown as { store: { getState: jest.Mock } }).store = {
+      getState: jest.fn().mockReturnValue({}),
+    };
+    jest.mocked(selectMoneyAccountVaultConfig).mockReturnValue(VAULT_CONFIG);
+    jest.mocked(selectEvmNetworkConfigurationsByChainId).mockReturnValue({
+      [VAULT_CHAIN_ID]: {
+        chainId: VAULT_CHAIN_ID,
+      } as never,
+    });
   });
 
+  const mockAddNetwork = Engine.context.NetworkController
+    .addNetwork as jest.Mock;
+
   it('returns a MoneyAccountUpgradeController instance', () => {
     const { requestMock } = getInitRequestMock({ isUnlocked: false });
 
@@ -126,23 +134,15 @@ describe('moneyAccountUpgradeControllerInit', () => {
     });
   });
 
-  it('initializes the controller with addresses from service details and the delegator environment when unlocked', async () => {
-    const { requestMock, getServiceDetails } = getInitRequestMock({
-      isUnlocked: true,
-    });
+  it('initializes the controller with the chainId and boring vault address from the vault config when unlocked', async () => {
+    const { requestMock } = getInitRequestMock({ isUnlocked: true });
 
     moneyAccountUpgradeControllerInit(requestMock);
     await flushAsync();
 
-    expect(getServiceDetails).toHaveBeenCalledWith([CHAIN_IDS.ARBITRUM]);
-    expect(getDeleGatorEnvironment).toHaveBeenCalledWith(
-      Number(CHAIN_IDS.ARBITRUM),
-    );
-    expect(mockedController.init).toHaveBeenCalledWith(CHAIN_IDS.ARBITRUM, {
-      musdTokenAddress: MUSD_TOKEN_ADDRESS,
-      delegatorImplAddress: DELEGATOR_IMPL,
-      redeemerEnforcer: REDEEMER_ENFORCER,
-      valueLteEnforcer: VALUE_LTE_ENFORCER,
+    expect(mockedController.init).toHaveBeenCalledWith({
+      chainId: VAULT_CHAIN_ID,
+      boringVaultAddress: BORING_VAULT_ADDRESS,
     });
   });
 
@@ -178,45 +178,71 @@ describe('moneyAccountUpgradeControllerInit', () => {
     expect(mockedController.init).toHaveBeenCalledTimes(1);
   });
 
-  it('logs an error when CHOMP service details are missing', async () => {
-    const { requestMock } = getInitRequestMock({
-      isUnlocked: true,
-      serviceDetails: null,
-    });
+  it('logs an error when the vault config is missing', async () => {
+    jest.mocked(selectMoneyAccountVaultConfig).mockReturnValue(undefined);
+    const { requestMock } = getInitRequestMock({ isUnlocked: true });
 
     moneyAccountUpgradeControllerInit(requestMock);
     await flushAsync();
 
     expect(mockedController.init).not.toHaveBeenCalled();
     expect(Logger.error).toHaveBeenCalledWith(
       expect.objectContaining({
-        message: `Missing CHOMP service details for chain ${CHAIN_IDS.ARBITRUM}`,
+        message: 'Missing Money Account vault config',
       }),
       'MoneyAccountUpgradeController bootstrap',
     );
   });
 
-  it('logs an error when the MUSD token address is missing from service details', async () => {
-    const { requestMock } = getInitRequestMock({
-      isUnlocked: true,
-      serviceDetails: {
-        chains: {
-          [CHAIN_IDS.ARBITRUM]: {
-            protocol: { vedaProtocol: { supportedTokens: [] } },
-          },
-        },
-      },
+  describe('chain configuration', () => {
+    it('does not add the chain if it is already configured', async () => {
+      const { requestMock } = getInitRequestMock({ isUnlocked: true });
+
+      moneyAccountUpgradeControllerInit(requestMock);
+      await flushAsync();
+
+      expect(mockAddNetwork).not.toHaveBeenCalled();
+      expect(mockedController.init).toHaveBeenCalled();
     });
 
-    moneyAccountUpgradeControllerInit(requestMock);
-    await flushAsync();
+    it('adds the chain from PopularList when it is not configured', async () => {
+      jest.mocked(selectEvmNetworkConfigurationsByChainId).mockReturnValue({});
 
-    expect(mockedController.init).not.toHaveBeenCalled();
-    expect(Logger.error).toHaveBeenCalledWith(
-      expect.objectContaining({
-        message: `Missing MUSD token address for chain ${CHAIN_IDS.ARBITRUM} in CHOMP service details`,
-      }),
-      'MoneyAccountUpgradeController bootstrap',
-    );
+      const { requestMock } = getInitRequestMock({ isUnlocked: true });
+
+      moneyAccountUpgradeControllerInit(requestMock);
+      await flushAsync();
+
+      expect(mockAddNetwork).toHaveBeenCalledWith(
+        expect.objectContaining({
+          chainId: VAULT_CHAIN_ID,
+          name: 'Monad',
+        }),
+      );
+      expect(mockedController.init).toHaveBeenCalled();
+    });
+
+    it('logs an error when the missing chain is not in PopularList', async () => {
+      const UNSUPPORTED_CHAIN_ID = '0xdeadbeef' as Hex;
+      jest.mocked(selectMoneyAccountVaultConfig).mockReturnValue({
+        ...VAULT_CONFIG,
+        chainId: UNSUPPORTED_CHAIN_ID,
+      });
+      jest.mocked(selectEvmNetworkConfigurationsByChainId).mockReturnValue({});
+
+      const { requestMock } = getInitRequestMock({ isUnlocked: true });
+
+      moneyAccountUpgradeControllerInit(requestMock);
+      await flushAsync();
+
+      expect(mockAddNetwork).not.toHaveBeenCalled();
+      expect(mockedController.init).not.toHaveBeenCalled();
+      expect(Logger.error).toHaveBeenCalledWith(
+        expect.objectContaining({
+          message: expect.stringContaining(UNSUPPORTED_CHAIN_ID),
+        }),
+        'MoneyAccountUpgradeController bootstrap',
+      );
+    });
   });
 });

app/core/Engine/controllers/money-account-upgrade-controller-init.ts

@@ -2,16 +2,65 @@ import {
   MoneyAccountUpgradeController,
   type MoneyAccountUpgradeControllerMessenger,
 } from '@metamask/money-account-upgrade-controller';
-import { type Hex, hexToNumber } from '@metamask/utils';
-import { CHAIN_IDS } from '@metamask/transaction-controller';
+import type { Hex } from '@metamask/utils';
+import { RpcEndpointType } from '@metamask/network-controller';
+import { toHex } from '@metamask/controller-utils';
 import type { MessengerClientInitFunction } from '../types';
 import type { MoneyAccountUpgradeControllerInitMessenger } from '../messengers/money-account-upgrade-controller-messenger';
-import { getDeleGatorEnvironment } from '../../Delegation/environment';
+import Engine from '../../Engine';
+import ReduxService from '../../redux';
+import type { RootState } from '../../../reducers';
+import { selectMoneyAccountVaultConfig } from '../../../selectors/featureFlagController/moneyAccount';
+import { selectEvmNetworkConfigurationsByChainId } from '../../../selectors/networkController';
+import { PopularList } from '../../../util/networks/customNetworks';
 import Logger from '../../../util/Logger';
 
-// TODO: source this from a feature flag (parallel to ChompApiConfig.baseUrl)
-// so we can add/swap MUSD chains without a code deploy.
-const MUSD_CHAIN_ID: Hex = CHAIN_IDS.ARBITRUM;
+/**
+ * Ensures the given chain exists in the user's NetworkController configuration.
+ * If missing, adds it from `PopularList`. The upgrade flow's
+ * `eip-7702-authorization` step calls
+ * `NetworkController:findNetworkClientIdByChainId`, which throws if the chain
+ * hasn't been configured, and Monad is not enabled by default
+ * so we need to  make sure it's there before init runs.
+ */
+const ensureChainConfigured = async (chainId: Hex): Promise<void> => {
+  const networkConfigurations = selectEvmNetworkConfigurationsByChainId(
+    ReduxService.store.getState() as RootState,
+  );
+  if (networkConfigurations[chainId]) {
+    return;
+  }
+
+  const popularEntry = PopularList.find(
+    (network) => toHex(network.chainId as string) === chainId,
+  );
+  if (!popularEntry) {
+    throw new Error(
+      `Money Account upgrade chain ${chainId} is not in PopularList; cannot auto-add to NetworkController`,
+    );
+  }
+
+  await Engine.context.NetworkController.addNetwork({
+    chainId,
+    blockExplorerUrls: popularEntry.rpcPrefs?.blockExplorerUrl
+      ? [popularEntry.rpcPrefs.blockExplorerUrl]
+      : [],
+    defaultRpcEndpointIndex: 0,
+    defaultBlockExplorerUrlIndex: popularEntry.rpcPrefs?.blockExplorerUrl
+      ? 0
+      : undefined,
+    name: popularEntry.nickname,
+    nativeCurrency: popularEntry.ticker,
+    rpcEndpoints: [
+      {
+        url: popularEntry.rpcUrl,
+        failoverUrls: popularEntry.failoverRpcUrls,
+        name: popularEntry.nickname,
+        type: RpcEndpointType.Custom,
+      },
+    ],
+  });
+};
 
 let bootstrapPromise: Promise<void> | null = null;
 
@@ -61,33 +110,20 @@ export const moneyAccountUpgradeControllerInit: MessengerClientInitFunction<
   });
 
   const bootstrap = async () => {
-    const serviceDetails = await controllerMessenger.call(
-      'ChompApiService:getServiceDetails',
-      [MUSD_CHAIN_ID],
+    const vaultConfig = selectMoneyAccountVaultConfig(
+      ReduxService.store.getState() as RootState,
     );
-
-    if (!serviceDetails) {
-      throw new Error(
-        `Missing CHOMP service details for chain ${MUSD_CHAIN_ID}`,
-      );
+    if (!vaultConfig) {
+      throw new Error('Missing Money Account vault config');
     }
 
-    const chain = serviceDetails.chains[MUSD_CHAIN_ID];
-    const musdTokenAddress =
-      chain?.protocol.vedaProtocol?.supportedTokens[0]?.tokenAddress;
-    if (!musdTokenAddress) {
-      throw new Error(
-        `Missing MUSD token address for chain ${MUSD_CHAIN_ID} in CHOMP service details`,
-      );
-    }
+    const chainId = vaultConfig.chainId as Hex;
 
-    const environment = getDeleGatorEnvironment(hexToNumber(MUSD_CHAIN_ID));
+    await ensureChainConfigured(chainId);
 
-    await controller.init(MUSD_CHAIN_ID, {
-      musdTokenAddress,
-      delegatorImplAddress: environment.EIP7702StatelessDeleGatorImpl,
-      redeemerEnforcer: environment.caveatEnforcers.RedeemerEnforcer,
-      valueLteEnforcer: environment.caveatEnforcers.ValueLteEnforcer,
+    await controller.init({
+      chainId,
+      boringVaultAddress: vaultConfig.boringVault as Hex,
     });
   };
 

app/core/Engine/messengers/money-account-upgrade-controller-messenger.ts

@@ -31,9 +31,15 @@ export function getMoneyAccountUpgradeControllerMessenger(
   });
   rootMessenger.delegate({
     actions: [
+      'AuthenticatedUserStorageService:createDelegation',
+      'AuthenticatedUserStorageService:listDelegations',
       'ChompApiService:associateAddress',
+      'ChompApiService:createIntents',
       'ChompApiService:createUpgrade',
+      'ChompApiService:getIntentsByAddress',
       'ChompApiService:getServiceDetails',
+      'ChompApiService:verifyDelegation',
+      'DelegationController:signDelegation',
       'KeyringController:signEip7702Authorization',
       'KeyringController:signPersonalMessage',
       'NetworkController:findNetworkClientIdByChainId',