refactor: cache vault data while unlock #6205

lwin-kyaw · 2025-07-29T04:46:18Z

Explanation

This PR includes some refactors and optimizations of vault operations (lock/unlock) in the SeedlessOnboarding controller.

refactor vault unlock/lock (serialize, deserialize, parse)
cache unlocked vault data in the controller when vault is unlocked, to avoid multiple crypto operations which are CPU-intensive.

References

Related to [SeedlessOnboardingController] Restructure controller state #6159

Changelog

Checklist

I've updated the test suite for new or updated code as appropriate
I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
I've communicated my changes to consumers by updating changelogs for packages I've changed, highlighting breaking changes as necessary
I've prepared draft pull requests for clients and consumer packages to resolve any breaking changes

lwin-kyaw · 2025-07-29T04:53:21Z

@metamaskbot publish-preview

github-actions · 2025-07-29T04:58:53Z

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions.

{
  "@metamask-previews/account-tree-controller": "0.7.0-preview-1abef88",
  "@metamask-previews/accounts-controller": "32.0.1-preview-1abef88",
  "@metamask-previews/address-book-controller": "6.1.1-preview-1abef88",
  "@metamask-previews/announcement-controller": "7.0.3-preview-1abef88",
  "@metamask-previews/app-metadata-controller": "1.0.0-preview-1abef88",
  "@metamask-previews/approval-controller": "7.1.3-preview-1abef88",
  "@metamask-previews/assets-controllers": "73.0.0-preview-1abef88",
  "@metamask-previews/base-controller": "8.0.1-preview-1abef88",
  "@metamask-previews/bridge-controller": "37.0.0-preview-1abef88",
  "@metamask-previews/bridge-status-controller": "37.0.0-preview-1abef88",
  "@metamask-previews/build-utils": "3.0.3-preview-1abef88",
  "@metamask-previews/chain-agnostic-permission": "1.0.0-preview-1abef88",
  "@metamask-previews/composable-controller": "11.0.0-preview-1abef88",
  "@metamask-previews/controller-utils": "11.11.0-preview-1abef88",
  "@metamask-previews/delegation-controller": "0.6.0-preview-1abef88",
  "@metamask-previews/earn-controller": "4.0.0-preview-1abef88",
  "@metamask-previews/eip1193-permission-middleware": "1.0.0-preview-1abef88",
  "@metamask-previews/ens-controller": "17.0.1-preview-1abef88",
  "@metamask-previews/error-reporting-service": "2.0.0-preview-1abef88",
  "@metamask-previews/eth-json-rpc-provider": "4.1.8-preview-1abef88",
  "@metamask-previews/foundryup": "1.0.0-preview-1abef88",
  "@metamask-previews/gas-fee-controller": "24.0.0-preview-1abef88",
  "@metamask-previews/json-rpc-engine": "10.0.3-preview-1abef88",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.7-preview-1abef88",
  "@metamask-previews/keyring-controller": "22.1.0-preview-1abef88",
  "@metamask-previews/logging-controller": "6.0.4-preview-1abef88",
  "@metamask-previews/message-manager": "12.0.2-preview-1abef88",
  "@metamask-previews/messenger": "0.0.0-preview-1abef88",
  "@metamask-previews/multichain-account-service": "0.3.0-preview-1abef88",
  "@metamask-previews/multichain-api-middleware": "1.0.0-preview-1abef88",
  "@metamask-previews/multichain-network-controller": "0.11.0-preview-1abef88",
  "@metamask-previews/multichain-transactions-controller": "4.0.0-preview-1abef88",
  "@metamask-previews/name-controller": "8.0.3-preview-1abef88",
  "@metamask-previews/network-controller": "24.0.1-preview-1abef88",
  "@metamask-previews/notification-services-controller": "15.0.0-preview-1abef88",
  "@metamask-previews/permission-controller": "11.0.6-preview-1abef88",
  "@metamask-previews/permission-log-controller": "4.0.0-preview-1abef88",
  "@metamask-previews/phishing-controller": "13.1.0-preview-1abef88",
  "@metamask-previews/polling-controller": "14.0.0-preview-1abef88",
  "@metamask-previews/preferences-controller": "18.4.1-preview-1abef88",
  "@metamask-previews/profile-sync-controller": "22.0.0-preview-1abef88",
  "@metamask-previews/rate-limit-controller": "6.0.3-preview-1abef88",
  "@metamask-previews/remote-feature-flag-controller": "1.6.0-preview-1abef88",
  "@metamask-previews/sample-controllers": "1.0.0-preview-1abef88",
  "@metamask-previews/seedless-onboarding-controller": "2.5.0-preview-1abef88",
  "@metamask-previews/selected-network-controller": "23.0.0-preview-1abef88",
  "@metamask-previews/signature-controller": "32.0.0-preview-1abef88",
  "@metamask-previews/token-search-discovery-controller": "3.3.0-preview-1abef88",
  "@metamask-previews/transaction-controller": "59.0.0-preview-1abef88",
  "@metamask-previews/user-operation-controller": "38.0.0-preview-1abef88"
}

lwin-kyaw · 2025-07-29T14:34:30Z

@metamaskbot publish-preview

github-actions · 2025-07-29T14:40:12Z

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions.

{
  "@metamask-previews/account-tree-controller": "0.7.0-preview-b8352c78",
  "@metamask-previews/accounts-controller": "32.0.1-preview-b8352c78",
  "@metamask-previews/address-book-controller": "6.1.1-preview-b8352c78",
  "@metamask-previews/announcement-controller": "7.0.3-preview-b8352c78",
  "@metamask-previews/app-metadata-controller": "1.0.0-preview-b8352c78",
  "@metamask-previews/approval-controller": "7.1.3-preview-b8352c78",
  "@metamask-previews/assets-controllers": "73.0.0-preview-b8352c78",
  "@metamask-previews/base-controller": "8.0.1-preview-b8352c78",
  "@metamask-previews/bridge-controller": "37.0.0-preview-b8352c78",
  "@metamask-previews/bridge-status-controller": "37.0.0-preview-b8352c78",
  "@metamask-previews/build-utils": "3.0.3-preview-b8352c78",
  "@metamask-previews/chain-agnostic-permission": "1.0.0-preview-b8352c78",
  "@metamask-previews/composable-controller": "11.0.0-preview-b8352c78",
  "@metamask-previews/controller-utils": "11.11.0-preview-b8352c78",
  "@metamask-previews/delegation-controller": "0.6.0-preview-b8352c78",
  "@metamask-previews/earn-controller": "4.0.0-preview-b8352c78",
  "@metamask-previews/eip1193-permission-middleware": "1.0.0-preview-b8352c78",
  "@metamask-previews/ens-controller": "17.0.1-preview-b8352c78",
  "@metamask-previews/error-reporting-service": "2.0.0-preview-b8352c78",
  "@metamask-previews/eth-json-rpc-provider": "4.1.8-preview-b8352c78",
  "@metamask-previews/foundryup": "1.0.0-preview-b8352c78",
  "@metamask-previews/gas-fee-controller": "24.0.0-preview-b8352c78",
  "@metamask-previews/json-rpc-engine": "10.0.3-preview-b8352c78",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.7-preview-b8352c78",
  "@metamask-previews/keyring-controller": "22.1.0-preview-b8352c78",
  "@metamask-previews/logging-controller": "6.0.4-preview-b8352c78",
  "@metamask-previews/message-manager": "12.0.2-preview-b8352c78",
  "@metamask-previews/messenger": "0.0.0-preview-b8352c78",
  "@metamask-previews/multichain-account-service": "0.3.0-preview-b8352c78",
  "@metamask-previews/multichain-api-middleware": "1.0.0-preview-b8352c78",
  "@metamask-previews/multichain-network-controller": "0.11.0-preview-b8352c78",
  "@metamask-previews/multichain-transactions-controller": "4.0.0-preview-b8352c78",
  "@metamask-previews/name-controller": "8.0.3-preview-b8352c78",
  "@metamask-previews/network-controller": "24.0.1-preview-b8352c78",
  "@metamask-previews/notification-services-controller": "15.0.0-preview-b8352c78",
  "@metamask-previews/permission-controller": "11.0.6-preview-b8352c78",
  "@metamask-previews/permission-log-controller": "4.0.0-preview-b8352c78",
  "@metamask-previews/phishing-controller": "13.1.0-preview-b8352c78",
  "@metamask-previews/polling-controller": "14.0.0-preview-b8352c78",
  "@metamask-previews/preferences-controller": "18.4.1-preview-b8352c78",
  "@metamask-previews/profile-sync-controller": "22.0.0-preview-b8352c78",
  "@metamask-previews/rate-limit-controller": "6.0.3-preview-b8352c78",
  "@metamask-previews/remote-feature-flag-controller": "1.6.0-preview-b8352c78",
  "@metamask-previews/sample-controllers": "1.0.0-preview-b8352c78",
  "@metamask-previews/seedless-onboarding-controller": "2.5.0-preview-b8352c78",
  "@metamask-previews/selected-network-controller": "23.0.0-preview-b8352c78",
  "@metamask-previews/signature-controller": "32.0.0-preview-b8352c78",
  "@metamask-previews/token-search-discovery-controller": "3.3.0-preview-b8352c78",
  "@metamask-previews/transaction-controller": "59.0.0-preview-b8352c78",
  "@metamask-previews/user-operation-controller": "38.0.0-preview-b8352c78"
}

lwin-kyaw · 2025-07-29T15:00:49Z

@metamaskbot publish-preview

github-actions · 2025-07-29T15:06:41Z

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions.

{
  "@metamask-previews/account-tree-controller": "0.7.0-preview-848c8e7d",
  "@metamask-previews/accounts-controller": "32.0.1-preview-848c8e7d",
  "@metamask-previews/address-book-controller": "6.1.1-preview-848c8e7d",
  "@metamask-previews/announcement-controller": "7.0.3-preview-848c8e7d",
  "@metamask-previews/app-metadata-controller": "1.0.0-preview-848c8e7d",
  "@metamask-previews/approval-controller": "7.1.3-preview-848c8e7d",
  "@metamask-previews/assets-controllers": "73.0.0-preview-848c8e7d",
  "@metamask-previews/base-controller": "8.0.1-preview-848c8e7d",
  "@metamask-previews/bridge-controller": "37.0.0-preview-848c8e7d",
  "@metamask-previews/bridge-status-controller": "37.0.0-preview-848c8e7d",
  "@metamask-previews/build-utils": "3.0.3-preview-848c8e7d",
  "@metamask-previews/chain-agnostic-permission": "1.0.0-preview-848c8e7d",
  "@metamask-previews/composable-controller": "11.0.0-preview-848c8e7d",
  "@metamask-previews/controller-utils": "11.11.0-preview-848c8e7d",
  "@metamask-previews/delegation-controller": "0.6.0-preview-848c8e7d",
  "@metamask-previews/earn-controller": "4.0.0-preview-848c8e7d",
  "@metamask-previews/eip1193-permission-middleware": "1.0.0-preview-848c8e7d",
  "@metamask-previews/ens-controller": "17.0.1-preview-848c8e7d",
  "@metamask-previews/error-reporting-service": "2.0.0-preview-848c8e7d",
  "@metamask-previews/eth-json-rpc-provider": "4.1.8-preview-848c8e7d",
  "@metamask-previews/foundryup": "1.0.0-preview-848c8e7d",
  "@metamask-previews/gas-fee-controller": "24.0.0-preview-848c8e7d",
  "@metamask-previews/json-rpc-engine": "10.0.3-preview-848c8e7d",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.7-preview-848c8e7d",
  "@metamask-previews/keyring-controller": "22.1.0-preview-848c8e7d",
  "@metamask-previews/logging-controller": "6.0.4-preview-848c8e7d",
  "@metamask-previews/message-manager": "12.0.2-preview-848c8e7d",
  "@metamask-previews/messenger": "0.0.0-preview-848c8e7d",
  "@metamask-previews/multichain-account-service": "0.3.0-preview-848c8e7d",
  "@metamask-previews/multichain-api-middleware": "1.0.0-preview-848c8e7d",
  "@metamask-previews/multichain-network-controller": "0.11.0-preview-848c8e7d",
  "@metamask-previews/multichain-transactions-controller": "4.0.0-preview-848c8e7d",
  "@metamask-previews/name-controller": "8.0.3-preview-848c8e7d",
  "@metamask-previews/network-controller": "24.0.1-preview-848c8e7d",
  "@metamask-previews/notification-services-controller": "15.0.0-preview-848c8e7d",
  "@metamask-previews/permission-controller": "11.0.6-preview-848c8e7d",
  "@metamask-previews/permission-log-controller": "4.0.0-preview-848c8e7d",
  "@metamask-previews/phishing-controller": "13.1.0-preview-848c8e7d",
  "@metamask-previews/polling-controller": "14.0.0-preview-848c8e7d",
  "@metamask-previews/preferences-controller": "18.4.1-preview-848c8e7d",
  "@metamask-previews/profile-sync-controller": "22.0.0-preview-848c8e7d",
  "@metamask-previews/rate-limit-controller": "6.0.3-preview-848c8e7d",
  "@metamask-previews/remote-feature-flag-controller": "1.6.0-preview-848c8e7d",
  "@metamask-previews/sample-controllers": "1.0.0-preview-848c8e7d",
  "@metamask-previews/seedless-onboarding-controller": "2.5.0-preview-848c8e7d",
  "@metamask-previews/selected-network-controller": "23.0.0-preview-848c8e7d",
  "@metamask-previews/signature-controller": "32.0.0-preview-848c8e7d",
  "@metamask-previews/token-search-discovery-controller": "3.3.0-preview-848c8e7d",
  "@metamask-previews/transaction-controller": "59.0.0-preview-848c8e7d",
  "@metamask-previews/user-operation-controller": "38.0.0-preview-848c8e7d"
}

lwin-kyaw · 2025-07-29T15:12:49Z

@metamaskbot publish-preview

github-actions · 2025-07-29T15:18:31Z

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions.

{
  "@metamask-previews/account-tree-controller": "0.7.0-preview-713be623",
  "@metamask-previews/accounts-controller": "32.0.1-preview-713be623",
  "@metamask-previews/address-book-controller": "6.1.1-preview-713be623",
  "@metamask-previews/announcement-controller": "7.0.3-preview-713be623",
  "@metamask-previews/app-metadata-controller": "1.0.0-preview-713be623",
  "@metamask-previews/approval-controller": "7.1.3-preview-713be623",
  "@metamask-previews/assets-controllers": "73.0.0-preview-713be623",
  "@metamask-previews/base-controller": "8.0.1-preview-713be623",
  "@metamask-previews/bridge-controller": "37.0.0-preview-713be623",
  "@metamask-previews/bridge-status-controller": "37.0.0-preview-713be623",
  "@metamask-previews/build-utils": "3.0.3-preview-713be623",
  "@metamask-previews/chain-agnostic-permission": "1.0.0-preview-713be623",
  "@metamask-previews/composable-controller": "11.0.0-preview-713be623",
  "@metamask-previews/controller-utils": "11.11.0-preview-713be623",
  "@metamask-previews/delegation-controller": "0.6.0-preview-713be623",
  "@metamask-previews/earn-controller": "4.0.0-preview-713be623",
  "@metamask-previews/eip1193-permission-middleware": "1.0.0-preview-713be623",
  "@metamask-previews/ens-controller": "17.0.1-preview-713be623",
  "@metamask-previews/error-reporting-service": "2.0.0-preview-713be623",
  "@metamask-previews/eth-json-rpc-provider": "4.1.8-preview-713be623",
  "@metamask-previews/foundryup": "1.0.0-preview-713be623",
  "@metamask-previews/gas-fee-controller": "24.0.0-preview-713be623",
  "@metamask-previews/json-rpc-engine": "10.0.3-preview-713be623",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.7-preview-713be623",
  "@metamask-previews/keyring-controller": "22.1.0-preview-713be623",
  "@metamask-previews/logging-controller": "6.0.4-preview-713be623",
  "@metamask-previews/message-manager": "12.0.2-preview-713be623",
  "@metamask-previews/messenger": "0.0.0-preview-713be623",
  "@metamask-previews/multichain-account-service": "0.3.0-preview-713be623",
  "@metamask-previews/multichain-api-middleware": "1.0.0-preview-713be623",
  "@metamask-previews/multichain-network-controller": "0.11.0-preview-713be623",
  "@metamask-previews/multichain-transactions-controller": "4.0.0-preview-713be623",
  "@metamask-previews/name-controller": "8.0.3-preview-713be623",
  "@metamask-previews/network-controller": "24.0.1-preview-713be623",
  "@metamask-previews/notification-services-controller": "15.0.0-preview-713be623",
  "@metamask-previews/permission-controller": "11.0.6-preview-713be623",
  "@metamask-previews/permission-log-controller": "4.0.0-preview-713be623",
  "@metamask-previews/phishing-controller": "13.1.0-preview-713be623",
  "@metamask-previews/polling-controller": "14.0.0-preview-713be623",
  "@metamask-previews/preferences-controller": "18.4.1-preview-713be623",
  "@metamask-previews/profile-sync-controller": "22.0.0-preview-713be623",
  "@metamask-previews/rate-limit-controller": "6.0.3-preview-713be623",
  "@metamask-previews/remote-feature-flag-controller": "1.6.0-preview-713be623",
  "@metamask-previews/sample-controllers": "1.0.0-preview-713be623",
  "@metamask-previews/seedless-onboarding-controller": "2.5.0-preview-713be623",
  "@metamask-previews/selected-network-controller": "23.0.0-preview-713be623",
  "@metamask-previews/signature-controller": "32.0.0-preview-713be623",
  "@metamask-previews/token-search-discovery-controller": "3.3.0-preview-713be623",
  "@metamask-previews/transaction-controller": "59.0.0-preview-713be623",
  "@metamask-previews/user-operation-controller": "38.0.0-preview-713be623"
}

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts

packages/seedless-onboarding-controller/src/index.ts

mcmire · 2025-08-13T21:39:37Z

I notice that you've applied the no-changelog label. Is this merely a refactor PR or are there changes to the controller state type that are worth noting?

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts

lwin-kyaw · 2025-08-25T01:29:08Z

@metamaskbot publish-preview

github-actions · 2025-08-25T01:35:10Z

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions.

{
  "@metamask-previews/account-tree-controller": "0.10.0-preview-3f792d6",
  "@metamask-previews/accounts-controller": "33.0.0-preview-3f792d6",
  "@metamask-previews/address-book-controller": "6.1.1-preview-3f792d6",
  "@metamask-previews/announcement-controller": "7.0.3-preview-3f792d6",
  "@metamask-previews/app-metadata-controller": "1.0.0-preview-3f792d6",
  "@metamask-previews/approval-controller": "7.1.3-preview-3f792d6",
  "@metamask-previews/assets-controllers": "74.0.0-preview-3f792d6",
  "@metamask-previews/base-controller": "8.2.0-preview-3f792d6",
  "@metamask-previews/bridge-controller": "41.1.0-preview-3f792d6",
  "@metamask-previews/bridge-status-controller": "40.1.0-preview-3f792d6",
  "@metamask-previews/build-utils": "3.0.3-preview-3f792d6",
  "@metamask-previews/chain-agnostic-permission": "1.1.1-preview-3f792d6",
  "@metamask-previews/composable-controller": "11.0.0-preview-3f792d6",
  "@metamask-previews/controller-utils": "11.12.0-preview-3f792d6",
  "@metamask-previews/delegation-controller": "0.7.0-preview-3f792d6",
  "@metamask-previews/earn-controller": "6.0.0-preview-3f792d6",
  "@metamask-previews/eip1193-permission-middleware": "1.0.0-preview-3f792d6",
  "@metamask-previews/ens-controller": "17.0.1-preview-3f792d6",
  "@metamask-previews/error-reporting-service": "2.0.0-preview-3f792d6",
  "@metamask-previews/eth-json-rpc-provider": "4.1.8-preview-3f792d6",
  "@metamask-previews/foundryup": "1.0.1-preview-3f792d6",
  "@metamask-previews/gas-fee-controller": "24.0.0-preview-3f792d6",
  "@metamask-previews/gator-permissions-controller": "0.0.0-preview-3f792d6",
  "@metamask-previews/json-rpc-engine": "10.0.3-preview-3f792d6",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.7-preview-3f792d6",
  "@metamask-previews/keyring-controller": "23.0.0-preview-3f792d6",
  "@metamask-previews/logging-controller": "6.0.4-preview-3f792d6",
  "@metamask-previews/message-manager": "12.0.2-preview-3f792d6",
  "@metamask-previews/messenger": "0.1.0-preview-3f792d6",
  "@metamask-previews/multichain-account-service": "0.5.0-preview-3f792d6",
  "@metamask-previews/multichain-api-middleware": "1.0.0-preview-3f792d6",
  "@metamask-previews/multichain-network-controller": "0.12.0-preview-3f792d6",
  "@metamask-previews/multichain-transactions-controller": "5.0.0-preview-3f792d6",
  "@metamask-previews/name-controller": "8.0.3-preview-3f792d6",
  "@metamask-previews/network-controller": "24.1.0-preview-3f792d6",
  "@metamask-previews/network-enablement-controller": "0.3.0-preview-3f792d6",
  "@metamask-previews/notification-services-controller": "17.0.0-preview-3f792d6",
  "@metamask-previews/permission-controller": "11.0.6-preview-3f792d6",
  "@metamask-previews/permission-log-controller": "4.0.0-preview-3f792d6",
  "@metamask-previews/phishing-controller": "13.1.0-preview-3f792d6",
  "@metamask-previews/polling-controller": "14.0.0-preview-3f792d6",
  "@metamask-previews/preferences-controller": "19.0.0-preview-3f792d6",
  "@metamask-previews/profile-sync-controller": "24.0.0-preview-3f792d6",
  "@metamask-previews/rate-limit-controller": "6.0.3-preview-3f792d6",
  "@metamask-previews/remote-feature-flag-controller": "1.7.0-preview-3f792d6",
  "@metamask-previews/sample-controllers": "1.0.0-preview-3f792d6",
  "@metamask-previews/seedless-onboarding-controller": "3.0.0-preview-3f792d6",
  "@metamask-previews/selected-network-controller": "23.0.0-preview-3f792d6",
  "@metamask-previews/shield-controller": "0.0.0-preview-3f792d6",
  "@metamask-previews/signature-controller": "33.0.0-preview-3f792d6",
  "@metamask-previews/token-search-discovery-controller": "3.3.0-preview-3f792d6",
  "@metamask-previews/transaction-controller": "60.0.0-preview-3f792d6",
  "@metamask-previews/user-operation-controller": "39.0.0-preview-3f792d6"
}

packages/seedless-onboarding-controller/jest.config.js

lwin-kyaw · 2025-08-27T07:53:06Z

@metamaskbot publish-preview

github-actions · 2025-08-27T07:59:21Z

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions.

{
  "@metamask-previews/account-tree-controller": "0.10.0-preview-a3d8559e",
  "@metamask-previews/accounts-controller": "33.0.0-preview-a3d8559e",
  "@metamask-previews/address-book-controller": "6.1.1-preview-a3d8559e",
  "@metamask-previews/announcement-controller": "7.0.3-preview-a3d8559e",
  "@metamask-previews/app-metadata-controller": "1.0.0-preview-a3d8559e",
  "@metamask-previews/approval-controller": "7.1.3-preview-a3d8559e",
  "@metamask-previews/assets-controllers": "74.0.0-preview-a3d8559e",
  "@metamask-previews/base-controller": "8.2.0-preview-a3d8559e",
  "@metamask-previews/bridge-controller": "41.1.0-preview-a3d8559e",
  "@metamask-previews/bridge-status-controller": "40.1.0-preview-a3d8559e",
  "@metamask-previews/build-utils": "3.0.3-preview-a3d8559e",
  "@metamask-previews/chain-agnostic-permission": "1.1.1-preview-a3d8559e",
  "@metamask-previews/composable-controller": "11.0.0-preview-a3d8559e",
  "@metamask-previews/controller-utils": "11.12.0-preview-a3d8559e",
  "@metamask-previews/delegation-controller": "0.7.0-preview-a3d8559e",
  "@metamask-previews/earn-controller": "6.0.0-preview-a3d8559e",
  "@metamask-previews/eip1193-permission-middleware": "1.0.0-preview-a3d8559e",
  "@metamask-previews/ens-controller": "17.0.1-preview-a3d8559e",
  "@metamask-previews/error-reporting-service": "2.0.0-preview-a3d8559e",
  "@metamask-previews/eth-json-rpc-provider": "4.1.8-preview-a3d8559e",
  "@metamask-previews/foundryup": "1.0.1-preview-a3d8559e",
  "@metamask-previews/gas-fee-controller": "24.0.0-preview-a3d8559e",
  "@metamask-previews/gator-permissions-controller": "0.0.0-preview-a3d8559e",
  "@metamask-previews/json-rpc-engine": "10.0.3-preview-a3d8559e",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.7-preview-a3d8559e",
  "@metamask-previews/keyring-controller": "23.0.0-preview-a3d8559e",
  "@metamask-previews/logging-controller": "6.0.4-preview-a3d8559e",
  "@metamask-previews/message-manager": "12.0.2-preview-a3d8559e",
  "@metamask-previews/messenger": "0.1.0-preview-a3d8559e",
  "@metamask-previews/multichain-account-service": "0.5.0-preview-a3d8559e",
  "@metamask-previews/multichain-api-middleware": "1.0.0-preview-a3d8559e",
  "@metamask-previews/multichain-network-controller": "0.12.0-preview-a3d8559e",
  "@metamask-previews/multichain-transactions-controller": "5.0.0-preview-a3d8559e",
  "@metamask-previews/name-controller": "8.0.3-preview-a3d8559e",
  "@metamask-previews/network-controller": "24.1.0-preview-a3d8559e",
  "@metamask-previews/network-enablement-controller": "0.3.0-preview-a3d8559e",
  "@metamask-previews/notification-services-controller": "17.0.0-preview-a3d8559e",
  "@metamask-previews/permission-controller": "11.0.6-preview-a3d8559e",
  "@metamask-previews/permission-log-controller": "4.0.0-preview-a3d8559e",
  "@metamask-previews/phishing-controller": "13.1.0-preview-a3d8559e",
  "@metamask-previews/polling-controller": "14.0.0-preview-a3d8559e",
  "@metamask-previews/preferences-controller": "19.0.0-preview-a3d8559e",
  "@metamask-previews/profile-sync-controller": "24.0.0-preview-a3d8559e",
  "@metamask-previews/rate-limit-controller": "6.0.3-preview-a3d8559e",
  "@metamask-previews/remote-feature-flag-controller": "1.7.0-preview-a3d8559e",
  "@metamask-previews/sample-controllers": "1.0.0-preview-a3d8559e",
  "@metamask-previews/seedless-onboarding-controller": "3.0.0-preview-a3d8559e",
  "@metamask-previews/selected-network-controller": "23.0.0-preview-a3d8559e",
  "@metamask-previews/shield-controller": "0.0.0-preview-a3d8559e",
  "@metamask-previews/signature-controller": "33.0.0-preview-a3d8559e",
  "@metamask-previews/token-search-discovery-controller": "3.3.0-preview-a3d8559e",
  "@metamask-previews/transaction-controller": "60.0.0-preview-a3d8559e",
  "@metamask-previews/user-operation-controller": "39.0.0-preview-a3d8559e"
}

lwin-kyaw · 2025-08-27T08:23:13Z

I notice that you've applied the no-changelog label. Is this merely a refactor PR or are there changes to the controller state type that are worth noting?

Hi @mcmire, Yes, this is a refactor PR and some optimization (caching) for internal vault logics

matthiasgeihs · 2025-08-27T09:25:09Z

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts

-        revokeToken,
-        accessToken,
-      };
+      const deserializedVaultData = deserializeVaultData(vaultData);


Hm, I don't understand why you separate parsing and deserialization? Why don't you merge deserialization into #decryptAndParseVaultData?

matthiasgeihs · 2025-08-27T09:33:22Z

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.test.ts

+          await expect(
+            controller.submitPassword(MOCK_PASSWORD),
+          ).rejects.toThrow(
+            SeedlessOnboardingControllerErrorMessage.InvalidVaultData,


Are you throwing a different error here than before? If so, this can be considered a breaking change (depending on your definition of breaking change).

matthiasgeihs · 2025-08-27T09:34:42Z

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts

+  /**
+   * The TTL of the password outdated cache in milliseconds.
+   */
+  readonly #passwordOutdatedCacheTTL: number;
+


Why did you move that up?

TransactionController is maintaining an alphabetical ordering on properties and I kind of like it.

I just wanna group the readonly variables in one block. That's why I moved that up.

matthiasgeihs · 2025-08-27T09:35:33Z

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts

+      );
+      decryptedVaultData = result.vault;
+      vaultEncryptionKey = result.exportedKeyString;
+      vaultEncryptionSalt = result.salt;


It's not supposed to validate the password, if the key is given, right?

matthiasgeihs · 2025-08-27T09:36:21Z

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts

-        SeedlessOnboardingControllerErrorMessage.InvalidVaultData,
-      );
+      throw new Error(SeedlessOnboardingControllerErrorMessage.VaultDataError);
    }

    let parsedVaultData: unknown;
    try {
      parsedVaultData = JSON.parse(data);
    } catch {
-      throw new Error(
-        SeedlessOnboardingControllerErrorMessage.InvalidVaultData,
-      );
+      throw new Error(SeedlessOnboardingControllerErrorMessage.VaultDataError);


Changing the error type can be considered a breaking change.
Why did you change it?

Previously, it throws Invalid vault data error.
But I think the error should be The decrypted vault has an unexpected shape. since this is the parse error.

I see. I think the previous error message was fine, but the new one is more differentiated. I think the error variable names are not expressive enough to reflect that meaning, so this can lead to them not being used correctly.

packages/seedless-onboarding-controller/src/index.ts

packages/seedless-onboarding-controller/src/types.ts

packages/seedless-onboarding-controller/src/index.ts

packages/seedless-onboarding-controller/jest.config.js

mcmire · 2025-08-27T13:33:42Z

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.test.ts

+    | SeedlessOnboardingControllerEvents
+    | ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>


Nit: SeedlessOnboardingControllerEvents is already included in ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>, so you should be able to simplify this:

Suggested change

| SeedlessOnboardingControllerEvents

| ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>

ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>

Thanks for the review. I've addressed it in this commit, d7be4d5

mcmire · 2025-08-27T13:34:28Z

packages/seedless-onboarding-controller/tests/__fixtures__/mockMessenger.ts

+    | SeedlessOnboardingControllerEvents
+    | ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>


Nit: SeedlessOnboardingControllerEvents is already included in ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>, so you should be able to simplify this:

Suggested change

| SeedlessOnboardingControllerEvents

| ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>

ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>

Addressed here, d7be4d5

cursor · 2025-08-28T03:59:27Z

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts

-        await this.#decryptAndParseVaultData(password, encryptionKey);
+      if (this.#cachedDecryptedVaultData) {
+        return this.#cachedDecryptedVaultData;
+      }


Bug: Premature Cache Return Bypasses Security Checks

The caching in #unlockVaultAndGetVaultData returns cached vault data prematurely. This bypasses all validation checks, including password, encryption key, and salt verification, which could lead to incorrect credentials appearing valid or the use of stale/compromised data.

matthiasgeihs · 2025-08-28T05:57:48Z

Another worthwhile optimization would be to use the cached encryption key for encryption as well. (Currently it's only used for decryption.) And we may want to rotate the key after each controller unlock, like the KeyringController does it.

lwin-kyaw · 2025-08-28T05:59:51Z

Another worthwhile optimization would be to use the cached encryption key for encryption as well. (Currently it's only used for decryption.) And we may want to rotate the key after each controller unlock, like the KeyringController does it.

Yes definitely. I will address this in the new PR, coz that includes breaking change to the encryptor interface.

lwin-kyaw changed the title ~~chore: exports seedless-onboarding allowed actions/events~~ feat: restructure controller state after vault unlock Jul 29, 2025

lwin-kyaw force-pushed the feat/seedless-state-update branch from 08fa4b0 to 848c8e7 Compare July 29, 2025 14:59

lwin-kyaw added the no-changelog label Jul 29, 2025

matthiasgeihs reviewed Jul 29, 2025

View reviewed changes

lwin-kyaw marked this pull request as ready for review July 30, 2025 04:18

lwin-kyaw requested review from a team as code owners July 30, 2025 04:18

lwin-kyaw added team-web3auth and removed no-changelog labels Jul 30, 2025

lwin-kyaw force-pushed the feat/seedless-state-update branch from becffc2 to d084fe8 Compare July 30, 2025 04:22

lwin-kyaw added the no-changelog label Jul 30, 2025

This comment was marked as outdated.

Sign in to view

mcmire reviewed Aug 13, 2025

View reviewed changes

packages/seedless-onboarding-controller/src/index.ts Outdated Show resolved Hide resolved

This comment was marked as outdated.

Sign in to view

matthiasgeihs requested changes Aug 19, 2025

View reviewed changes

packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts Outdated Show resolved Hide resolved

lwin-kyaw force-pushed the feat/seedless-state-update branch from d37d238 to 4efa65b Compare August 25, 2025 00:35

lwin-kyaw changed the title ~~feat: restructure controller state after vault unlock~~ refactor: cache vault data while unlock Aug 25, 2025

lwin-kyaw mentioned this pull request Aug 25, 2025

[SeedlessOnboardingController] Restructure controller state #6159

Open

This comment was marked as outdated.

Sign in to view

lwin-kyaw commented Aug 27, 2025

View reviewed changes

packages/seedless-onboarding-controller/jest.config.js Outdated Show resolved Hide resolved

matthiasgeihs previously approved these changes Aug 27, 2025

View reviewed changes

lwin-kyaw dismissed matthiasgeihs’s stale review via 6feeb1e August 27, 2025 13:18

mcmire reviewed Aug 27, 2025

View reviewed changes

lwin-kyaw requested review from himanshuchawla009, mcmire and matthiasgeihs August 28, 2025 03:52

lwin-kyaw force-pushed the feat/seedless-state-update branch from d7be4d5 to 5c673a8 Compare August 28, 2025 03:52

cursor bot reviewed Aug 28, 2025

View reviewed changes

matthiasgeihs approved these changes Aug 28, 2025

View reviewed changes

lwin-kyaw and others added 6 commits August 29, 2025 15:16

feat: export seedless-onboarding-controller allowed events/actions

564be26

chore: refactor vault lock/unlock operations

17a2e5a

feat: cached decrypted vault

6e6828a

fix: updated tests and assertions

3ed9410

fix: updated messenger types

7a02ab8

test: add salt-expired test

2fccc63

lwin-kyaw force-pushed the feat/seedless-state-update branch from 5c673a8 to 2fccc63 Compare August 29, 2025 07:16

lwin-kyaw merged commit e8820d2 into main Aug 29, 2025
231 checks passed

lwin-kyaw deleted the feat/seedless-state-update branch August 29, 2025 10:54

		\| SeedlessOnboardingControllerEvents
		\| ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>

	\| SeedlessOnboardingControllerEvents
	\| ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>
	ExtractAvailableEvent<SeedlessOnboardingControllerMessenger>

Uh oh!

refactor: cache vault data while unlock #6205

refactor: cache vault data while unlock #6205

Uh oh!

Conversation

lwin-kyaw commented Jul 29, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Explanation

References

Changelog

Checklist

Uh oh!

lwin-kyaw commented Jul 29, 2025

Uh oh!

github-actions bot commented Jul 29, 2025

Uh oh!

lwin-kyaw commented Jul 29, 2025

Uh oh!

github-actions bot commented Jul 29, 2025

Uh oh!

lwin-kyaw commented Jul 29, 2025

Uh oh!

github-actions bot commented Jul 29, 2025

Uh oh!

lwin-kyaw commented Jul 29, 2025

Uh oh!

github-actions bot commented Jul 29, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

This comment was marked as outdated.

Uh oh!

This comment was marked as outdated.

Uh oh!

Uh oh!

mcmire commented Aug 13, 2025

Uh oh!

This comment was marked as outdated.

Uh oh!

This comment was marked as outdated.

Uh oh!

Uh oh!

lwin-kyaw commented Aug 25, 2025

Uh oh!

github-actions bot commented Aug 25, 2025

Uh oh!

This comment was marked as outdated.

Uh oh!

This comment was marked as outdated.

Uh oh!

Uh oh!

lwin-kyaw commented Aug 27, 2025

Uh oh!

github-actions bot commented Aug 27, 2025

Uh oh!

lwin-kyaw commented Aug 27, 2025

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

lwin-kyaw commented Jul 29, 2025 •

edited

Loading