feat: add new hardware wallet signing qr code

[montelaidev]

Description

Wires the QR scan errors from PR 1 into pairing and signing flows. QR scan failures now surface through the hardware wallet bottom sheet with retry support, signing confirmations can reopen the scanner from the error CTA, and replacement transaction gas params are normalized through the shared helper.

This is PR 2 of 3 and is stacked on #29388.

Changelog

CHANGELOG entry: Improved retry behavior when QR hardware wallet signing scans fail

Related issues

Refs: MUL-1665

Manual testing steps

Feature: QR hardware signing retry

  Scenario: user retries a failed QR signing scan
    Given the user is signing with a QR-based hardware wallet
    When the user scans an invalid QR code
    Then the hardware wallet bottom sheet displays the QR scan error
    When the user taps Try again
    Then the QR scanner reopens for another signing scan

Screenshots/Recordings

Before

N/A

After

N/A

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Performance checks (if applicable)

• I've tested on Android
  • Ideally on a mid-range device; emulator is acceptable
• I've tested with a power user scenario
  • Use these power-user SRPs to import wallets with many accounts and tokens
• I've instrumented key operations with Sentry traces for production performance metrics
  • See trace() for usage and addToken for an example

For performance guidelines and tooling, see the Performance Guide.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

Made with Cursor

---

Note

Medium Risk
Moderate risk because it changes the hardware-wallet bottom-sheet recovery flow and retry behavior for QR signing, which could affect signing UX/state transitions. Adds new analytics properties for QR scan failures; incorrect classification could skew metrics but not funds.

Overview
Improves QR hardware wallet scan-failure recovery during pairing/signing. QR scan errors now route through the hardware wallet bottom sheet with a dedicated retry path that can reopen the QR scanner for signing retries, plus a provider-level setQrScanRetryHandler/onRetryQrScan mechanism to coordinate retries outside provider-managed flows.

Adds QR scan error-specific UI + analytics. ErrorContent treats QR scan errors specially (custom title, Try again + Learn more, no generic icon) and supports OPEN_SETTINGS recovery; useHardwareWalletAnalytics now attaches QR scan metadata (error_category, is_ur_format, optional received_ur_type) to recovery viewed/CTA/success events.

Includes supporting refactors and tests (QR adapter no longer emits AppOpened on ensureDeviceReady, new isQRHardwareScanError, useQrScanErrorForwarding, useIsConfirmationFromQrAccount, and useQrConfirm).

^{Reviewed by Cursor Bugbot for commit 31443d4. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[codecov-commenter]

Codecov Report

❌ Patch coverage is 91.12903% with 11 lines in your changes missing coverage. Please review.
✅ Project coverage is 81.98%. Comparing base (8437791) to head (eb05c39).
⚠️ Report is 103 commits behind head on main.

Files with missing lines	Patch %	Lines
app/core/HardwareWallet/HardwareWalletProvider.tsx	23.07%	10 Missing ⚠️
app/core/HardwareWallet/hooks/useQrConfirm.ts	96.77%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #29737      +/-   ##
==========================================
+ Coverage   81.86%   81.98%   +0.11%     
==========================================
  Files        5255     5296      +41     
  Lines      138980   140318    +1338     
  Branches    31518    31901     +383     
==========================================
+ Hits       113774   115033    +1259     
- Misses      17465    17479      +14     
- Partials     7741     7806      +65     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[david0xd]

Code looks good! I haven't tested due to limitations of the iOS simulator and incapabilities (slowness) of my Android device. Please find someone else to test it manually 🙏

[montelaidev]

Code looks good! I haven't tested due to limitations of the iOS simulator and incapabilities (slowness) of my Android device. Please find someone else to test it manually 🙏

The code is mainly dead code and will only be used in the subsequent pr

Attached is a video of the signing

Screen_Recording_20260506_195134_MetaMask.mp4

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit c210658. Configure here.}

[cursor]

Unused import actualIsQRHardwareScanError in test file

Low Severity

isQRHardwareScanError as actualIsQRHardwareScanError is imported but never used anywhere in the test file. This is dead code that adds confusion — it may suggest a missing assertion or test that was intended but forgotten.

 

^{Reviewed by Cursor Bugbot for commit c210658. Configure here.}

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: SmokeAccounts, SmokeConfirmations
• Selected Performance tags: None (no tests recommended)
• Risk Level: medium
• AI Confidence: 82%

click to see 🤖 AI reasoning details

E2E Test Selection:
All 25 changed files are within app/core/HardwareWallet/ and relate to QR-based hardware wallet functionality improvements:

1. SmokeAccounts: The tag description explicitly covers "adding QR-based hardware wallet accounts." The changes to QRWalletAdapter (camera permission logic, removed spurious AppOpened event), HardwareWalletProvider (new retry handler), and the new useIsConfirmationFromQrAccount hook all affect the QR hardware wallet account connection and management flow. These changes could affect how QR hardware wallet accounts are added and managed.

2. SmokeConfirmations: The new useQrConfirm hook directly integrates with the confirmations system (useApprovalRequest, useTransactionMetadataRequest) to coordinate QR hardware wallet confirmation for both transactions and message approvals. Changes to AwaitingConfirmationContent (auto-open scanner on retry), ErrorContent (redesigned error UI with Try Again/Learn More), and the overall retry flow all affect the confirmation experience for QR hardware wallet accounts. The SmokeConfirmations tag covers signature requests, transaction sending, and smart contract interactions - all of which can be initiated from QR hardware wallet accounts.

No performance-sensitive paths are affected - these are UI/UX and error handling improvements to the hardware wallet flow. No performance tests are warranted.

The changes are medium risk: they modify existing behavior (QRWalletAdapter camera permission logic, error handling flow) and add new retry coordination logic that could affect the QR hardware wallet confirmation flow. However, the scope is limited to the HardwareWallet module with no impact on core wallet infrastructure.

Performance Test Selection:
All changes are within the HardwareWallet module and focus on UI/UX improvements, error handling, and retry flow coordination for QR hardware wallets. There are no changes to performance-sensitive paths like rendering lists, data loading, state management at scale, or app initialization. No performance tests are warranted.

View GitHub Actions results

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
90.9% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud