Fix keystone flow#554
Open
dewabisma wants to merge 3 commits into
Open
Conversation
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes using default effort and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit b5960c8. Configure here.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

Summary
Intentionally didn't disable back button, because don't want to block the flow. User might be stuck if we disable back button.
Screenshots
Note
Medium Risk
Changes hardware-wallet signing payload reuse and navigation; incorrect session clearing could show a stale QR, though new sends explicitly reset the cache.
Overview
Improves the Keystone hardware send flow by caching the unsigned payload and UR QR parts for the current send, and by showing amount, recipient, and checkphrase on the sign screen.
A new Riverpod
keystoneSignCacheProviderholds a single entry keyed by account, recipient, and amount (block height and nonce are excluded so minor chain drift does not force a new QR while the user navigates back within the same send).KeystoneSignScreenreuses the cache on_preparewhen the key matches; otherwise it builds, stores, and displays as before.startNewSendSession()clears the cache when the user starts a fresh send from home (Send, multisig propose, pay intent) or from the shared-address “Send to this account” action so a new flow does not reuse an old QR.When continuing to signature scan, block height is taken from the cached unsigned payload’s
blockNumberinstead of the value passed into the sign screen. Unit tests cover cache keys (address trimming) and notifier store/lookup/session invalidation.Reviewed by Cursor Bugbot for commit b5960c8. Configure here.