fix(mwa): send CAIP-2 chain on reauthorize so signing stays on the right network

The chain fix only covered authorize. Every sign re-establishes the session via
reauthorize, which omitted chain — so MWA 2.0 wallets (Seeker Seed Vault) defaulted
the re-established session to solana:mainnet and rejected devnet transactions with
'Network mismatch', even though the original authorize was devnet.

Per the MWA 2.0 spec, reauthorize is deprecated in favour of authorize carrying an
auth_token, and chain defaults to solana:mainnet when absent. So:

- MobileWalletAdapterClient.Reauthorize now emits an 'authorize' request with the
  auth_token plus cluster + chain. When the chain matches the token's binding the
  wallet silently reuses the token (no extra prompt).
- IAdapterOperations.Reauthorize / ReauthorizeOperation thread rpcCluster + chain;
  RunPrivileged passes them through.
- Tests: contract test updated for the new Reauthorize signature; client tests assert
  chain is forwarded on reauthorize and that it now uses the authorize method.

Verified on a physical Seeker (Seed Vault, devnet): authorize and reauthorize both
send chain=solana:devnet and the wallet establishes a devnet session.

Author: lopeselio

Runtime/codebase/SolanaMobileStack/Interfaces/IAdapterOperations.cs

@@ -12,7 +12,11 @@ public interface IAdapterOperations
     // chain: optional CAIP-2 identifier (e.g. "solana:devnet") for MWA 2.0 wallets.
     public Task<AuthorizationResult> Authorize(Uri identityUri, Uri iconUri, string identityName, string rpcCluster, string chain = null);
     [Preserve]
-    public Task<AuthorizationResult> Reauthorize(Uri identityUri, Uri iconUri, string identityName, string authToken);
+    // rpcCluster/chain: MWA 2.0 requires the network identifier on reauthorize too.
+    // The spec deprecates the standalone reauthorize in favour of authorize carrying an
+    // auth_token; when chain is absent the wallet (e.g. Seeker Seed Vault) defaults the
+    // re-established session to solana:mainnet, causing a "Network mismatch" at sign time.
+    public Task<AuthorizationResult> Reauthorize(Uri identityUri, Uri iconUri, string identityName, string authToken, string rpcCluster = null, string chain = null);
     [Preserve]
     public Task Deauthorize(string authToken);
     [Preserve]

Runtime/codebase/SolanaMobileStack/MobileWalletAdapterClient.cs

@@ -34,15 +34,22 @@ public Task<AuthorizationResult> Authorize(Uri identityUri, Uri iconUri, string
         return SendRequest<AuthorizationResult>(request);
     }
 
-    public Task<AuthorizationResult> Reauthorize(Uri identityUri, Uri iconUri, string identityName, string authToken)
+    public Task<AuthorizationResult> Reauthorize(Uri identityUri, Uri iconUri, string identityName, string authToken, string cluster = null, string chain = null)
     {
+        // MWA 2.0 deprecated the standalone `reauthorize` method in favour of `authorize`
+        // carrying an `auth_token`. The `chain` MUST be re-sent here: when it is absent the
+        // wallet (e.g. Seeker Seed Vault) defaults the re-established session to
+        // solana:mainnet, producing a "Network mismatch" at sign time even though the
+        // original authorize was devnet. When the chain matches the token's binding the
+        // wallet silently reuses the existing auth_token (no extra user prompt).
         var request = PrepareAuthRequest(
             identityUri,
-            iconUri, 
-            identityName, 
-            null,
-            "reauthorize");
-        
+            iconUri,
+            identityName,
+            cluster,
+            "authorize",
+            chain);
+
         request.Params.AuthToken = authToken;
 
         return SendRequest<AuthorizationResult>(request);

Runtime/codebase/SolanaMobileStack/SolanaMobileWalletAdapter.cs

@@ -189,7 +189,8 @@ private async Task RunPrivileged(Action<IAdapterOperations> privilegedAction, st
             // operation in one session, so only the operation itself prompts.
             if (!_authToken.IsNullOrEmpty())
             {
-                var reauthorize = new ReauthorizeOperation(_walletOptions, _authToken);
+                var reauthorize = new ReauthorizeOperation(
+                    _walletOptions, _authToken, RPCNameMap[(int)RpcCluster], ChainNameMap[(int)RpcCluster]);
                 using (var scenario = await CreateTargetedScenario())
                 {
                     var actions = reauthorize.BuildActions();
@@ -609,13 +610,17 @@ internal sealed class ReauthorizeOperation
 {
     private readonly SolanaMobileWalletAdapterOptions _opts;
     private readonly string _authToken;
-    
+    private readonly string _cluster;
+    private readonly string _chain;
+
     public AuthorizationResult Authorization { get; private set; }
 
-    public ReauthorizeOperation(SolanaMobileWalletAdapterOptions opts, string authToken)
+    public ReauthorizeOperation(SolanaMobileWalletAdapterOptions opts, string authToken, string cluster = null, string chain = null)
     {
         _opts = opts;
         _authToken = authToken;
+        _cluster = cluster;
+        _chain = chain;
     }
 
     public List<Action<IAdapterOperations>> BuildActions()
@@ -627,7 +632,7 @@ public List<Action<IAdapterOperations>> BuildActions()
                 Authorization = await client.Reauthorize(
                     new Uri(_opts.identityUri),
                     new Uri(_opts.iconUri, UriKind.Relative),
-                    _opts.name, _authToken);
+                    _opts.name, _authToken, _cluster, _chain);
             }
         };
     }

Tests/EditMode/Contracts/IAdapterOperationsContractTests.cs

@@ -60,8 +60,8 @@ public void Interface_Has_Reauthorize_WithExpectedSignature()
             Assert.IsNotNull(method, "IAdapterOperations.Reauthorize must exist");
             Assert.AreEqual(typeof(Task<AuthorizationResult>), method.ReturnType,
                 "Reauthorize must return Task<AuthorizationResult>");
-            Assert.IsTrue(HasParams(method, typeof(Uri), typeof(Uri), typeof(string), typeof(string)),
-                "Reauthorize params must be (Uri identityUri, Uri iconUri, string identityName, string authToken)");
+            Assert.IsTrue(HasParams(method, typeof(Uri), typeof(Uri), typeof(string), typeof(string), typeof(string), typeof(string)),
+                "Reauthorize params must be (Uri identityUri, Uri iconUri, string identityName, string authToken, string rpcCluster, string chain)");
         }
 
 

Tests/EditMode/MwaClient/MobileWalletAdapterClientTests.cs

@@ -210,8 +210,10 @@ public void Authorize_ThrowsArgumentException_WhenIconUri_IsAbsolute()
 
         // Reauthorize
         [Test]
-        public void Reauthorize_SendsJsonRpc_WithCorrectMethod()
+        public void Reauthorize_SendsJsonRpc_AsAuthorizeWithAuthToken()
         {
+            // MWA 2.0 deprecated the standalone `reauthorize` method; reauthorization is
+            // performed via `authorize` carrying an auth_token.
             // Arrange
             var identityUri = new Uri("https://example.com");
             const string authToken = "test-auth-token-abc123";
@@ -221,8 +223,8 @@ public void Reauthorize_SendsJsonRpc_WithCorrectMethod()
 
             // Assert
             var request = DecodeLastRequest();
-            Assert.AreEqual("reauthorize", request.Method,
-                "Method must be 'reauthorize'");
+            Assert.AreEqual("authorize", request.Method,
+                "Method must be 'authorize' (MWA 2.0 reauthorize-via-authorize)");
         }
 
         [Test]
@@ -240,5 +242,24 @@ public void Reauthorize_SendsJsonRpc_WithAuthToken()
             Assert.AreEqual(authToken, request.Params.AuthToken,
                 "Params.AuthToken must match the supplied auth token");
         }
+
+        [Test]
+        public void Reauthorize_SendsJsonRpc_WithChain()
+        {
+            // The chain MUST be forwarded on reauthorize, or the wallet defaults the
+            // re-established session to solana:mainnet (Network mismatch at sign time).
+            // Arrange
+            var identityUri = new Uri("https://example.com");
+            const string authToken = "test-auth-token-abc123";
+            const string chain = "solana:devnet";
+
+            // Act
+            _ = _client.Reauthorize(identityUri, null, "TestApp", authToken, "devnet", chain);
+
+            // Assert
+            var request = DecodeLastRequest();
+            Assert.AreEqual(chain, request.Params.Chain,
+                "Params.Chain must match the supplied CAIP-2 chain string on reauthorize");
+        }
     }
 }