Show badge for inactive documents

[shazarre]

Note

Implements an inactive-document flow across home and verification, and augments document metadata to track expiration capability.

• Home: IdCard shows warning banner and INACTIVE badge for selected inactive docs; tap opens reactivation modal routing to the correct onboarding
• Verify: Prove screen checks selected doc via isDocumentInactive; shows reactivation modal if inactive and disables verify until hasCheckedForInactiveDocument is true; updates HeldPrimaryButtonProveScreen state machine to accept the new prop and gate interaction
• Data model: Adds hasExpirationDate to DocumentMetadata; set on store for passport/id_card (true) and aadhaar (false) in both app and SDK storage paths
• Dev: Adds "Remove expiration date flag" action in Dev Settings
• Utils/Tests: New isDocumentInactive util with unit tests; SDK tests for storeDocumentWithDeduplication setting hasExpirationDate
• Misc: Bumps CI bundle size thresholds to 46MB; refines Aadhaar qrHash to ignore timestamp; adds red600 color

^{Written by Cursor Bugbot for commit d9f142d. This will update automatically on new commits. Configure here.}

Summary by CodeRabbit

• New Features

  • Documents show an inactive state with a warning banner, inline INACTIVE badge, a reactivation modal, and verification flow now gates progress until inactivity check completes.

• Developer

  • Dev settings include a “Remove expiration date flag” action (dev-only).

• Data

  • Documents gain a metadata flag indicating whether they have an expiration date.

• Tests

  • Added tests for inactivity detection, expiration-flag behavior, and category inference.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds document inactivity detection and handling: a hasExpirationDate metadata flag, isDocumentInactive utility and tests, UI/state for inactive documents (banner, badge, modal), navigation to re‑onboarding flows, provider/SDK metadata updates, dev tooling to remove the flag, and a new red600 color token.

Changes

Cohort / File(s)	Summary
IdCard UI & behavior app/src/components/homescreen/IdCard.tsx	Adds optional isInactive prop; renders full-width inactive warning banner and inline INACTIVE badge; adds pressable warning area, modal wiring via registerModalCallbacks, navigation handlers, and inactiveWarningContainer style.
Home & Prove flows app/src/screens/home/HomeScreen.tsx, app/src/screens/verification/ProveScreen.tsx	HomeScreen computes isSelectedDocumentInactive and passes isInactive to IdCard. ProveScreen checks for inactive selected document on mount, gates subsequent flows with hasCheckedForInactiveDocument, registers modal callbacks, opens reactivation modal, and routes to onboarding (DocumentOnboarding/AadhaarUpload) when confirmed.
Document metadata, provider & SDK app/src/providers/passportDataProvider.tsx, packages/mobile-sdk-alpha/src/documents/utils.ts, common/src/utils/types.ts, packages/mobile-sdk-alpha/src/types/ui.ts	Introduce local documentCategory inference; add hasExpirationDate to DocumentMetadata (true for id_card/passport, false for aadhaar); update metadata assignment and export keychain helpers loadDocumentCatalogDirectlyFromKeychain / saveDocumentCatalogDirectlyToKeychain.
Inactivity utility & tests app/src/utils/documents.ts, app/tests/src/utils/documents.test.ts	New isDocumentInactive(metadata: DocumentMetadata) utility and unit tests covering documentCategory × hasExpirationDate permutations.
HeldPrimaryButton gating & UI prop plumbing packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx, app/src/components/proof-request/BottomVerifyBar.tsx	Thread new hasCheckedForInactiveDocument prop through BottomVerifyBar → HeldPrimaryButton, machine context and events; disable primary button until inactive check completes.
Dev tooling app/src/screens/dev/DevSettingsScreen.tsx	Adds "Remove expiration date flag" danger action that loads catalog from keychain, removes hasExpirationDate from selected document, and saves catalog back; handler appears duplicated in the diff.
SDK tests & color token packages/mobile-sdk-alpha/tests/documents/utils.test.ts, packages/mobile-sdk-alpha/src/constants/colors.ts	Tests for storeDocumentWithDeduplication verifying hasExpirationDate behavior; adds exported color red600 = '#DC2626'.
Aadhaar mock & bundle ci common/src/utils/aadhaar/mockData.ts, app/scripts/bundle-analyze-ci.cjs	Aadhaar QR hash now zeroes bytes 9–25 before hashing; bump bundle threshold from 45MB to 46MB.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Screen as Home/ProveScreen
    participant Provider as passportDataProvider
    participant Utils as isDocumentInactive
    participant Modal as ModalSystem
    participant Onboarding as DocumentOnboarding/AadhaarUpload

    User->>Screen: Open screen (Home or Prove)
    Screen->>Provider: Load document catalog / selected document
    Provider-->>Screen: document + metadata
    Screen->>Utils: isDocumentInactive(metadata)
    alt inactive == true
        Utils-->>Screen: true
        Screen->>Modal: register callbacks & open reactivation modal
        Modal->>User: Prompt to continue onboarding or go home
        User->>Modal: Confirm "Continue"
        Modal-->>Screen: onConfirm callback
        Screen->>Onboarding: Navigate to onboarding route (by category)
    else inactive == false
        Utils-->>Screen: false
        Screen->>User: Proceed with normal verification flow
    end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Possibly related PRs

• selfxyz/self#967 — Overlaps passportDataProvider exports and direct keychain load/save helpers used here.
• selfxyz/self#1495 — Related to Aadhaar QR hashing logic (timestamp-zeroing / byte-zeroing before hash).
• selfxyz/self#1497 — Similar changes to HeldPrimaryButton props/state gating (adds prop-based readiness checks).

Suggested labels

codex

Suggested reviewers

• transphorm
• remicolin
• aaronmgdr

Poem

🚩 A red small badge and banner on show,
Tap to return where re-onboarding goes.
Catalogs checked, flags set and clear,
Modal prompts guide the hesitant near.
Reactivate — journey resumes with a glow.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main visible change: displaying an inactive badge for inactive documents in the UI.
Description check	✅ Passed	The description covers most required sections with comprehensive detail about changes, testing approach, and implementation; however, QA instructions are missing.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

app/src/screens/verification/ProveScreen.tsx (1)

5-12: Fix import sorting to pass CI.

The pipeline is failing with simple-import-sort/imports: Run autofix to sort these imports!. Run yarn nice to auto-fix import ordering.

🧹 Nitpick comments (3)

app/src/screens/home/HomeScreen.tsx (1)

113-141: Consider resetting inactive state on load failures.

The inactivity check has good error handling (lines 127-134), but isSelectedDocumentInactive is not reset when:

• catalog.selectedDocumentId is undefined
• documentData is not found
• The outer try-catch fails (line 137)

This could leave stale inactive state showing in the UI. Consider resetting the state at the start of loadDocuments:

 const loadDocuments = useCallback(async () => {
   setLoading(true);
+  setIsSelectedDocumentInactive(null);

   try {

app/tests/src/utils/documents.test.ts (1)

23-131: Comprehensive test coverage with potentially misleading naming.

The test coverage is thorough and correctly validates the implementation. However, the test suite names ("registered pre-document expiration" and "registered post-document expiration") suggest time-based expiration checks, but the function doesn't validate actual expiration dates—it checks feature rollout metadata.

Consider renaming test suites to better reflect the actual behavior:

• "registered pre-document expiration" → "when expiration tracking not yet initialized"
• "registered post-document expiration" → "when expiration tracking is initialized"

app/src/components/homescreen/IdCard.tsx (1)

64-75: Navigation calls lack type safety.

The navigation.navigate('DocumentOnboarding') and navigation.navigate('AadhaarUpload', ...) calls are not type-checked because useNavigation() is used without a type parameter. This could cause silent runtime failures if screen names are refactored.

Consider typing the navigation hook:

+import type { NativeStackNavigationProp } from '@react-navigation/native-stack';
+import type { RootStackParamList } from '@/navigation';

-  const navigation = useNavigation();
+  const navigation = useNavigation<NativeStackNavigationProp<RootStackParamList>>();

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e1c7ecd and 0c618a5.

📒 Files selected for processing (12)

• app/src/components/homescreen/IdCard.tsx (7 hunks)
• app/src/providers/passportDataProvider.tsx (1 hunks)
• app/src/screens/dev/DevSettingsScreen.tsx (3 hunks)
• app/src/screens/home/HomeScreen.tsx (4 hunks)
• app/src/screens/verification/ProveScreen.tsx (8 hunks)
• app/src/utils/documents.ts (1 hunks)
• app/tests/src/utils/documents.test.ts (1 hunks)
• common/src/utils/types.ts (1 hunks)
• packages/mobile-sdk-alpha/src/constants/colors.ts (1 hunks)
• packages/mobile-sdk-alpha/src/documents/utils.ts (1 hunks)
• packages/mobile-sdk-alpha/src/types/ui.ts (1 hunks)
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts (2 hunks)

🧰 Additional context used

📓 Path-based instructions (39)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• app/src/providers/passportDataProvider.tsx
• common/src/utils/types.ts
• app/src/components/homescreen/IdCard.tsx
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• app/src/providers/passportDataProvider.tsx
• common/src/utils/types.ts
• app/src/components/homescreen/IdCard.tsx
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• app/src/providers/passportDataProvider.tsx
• common/src/utils/types.ts
• app/src/components/homescreen/IdCard.tsx
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

**/*.{ts,tsx,js}: Never log PII, credentials, or private keys in production code; use DEBUG_SECRETS_TOKEN flag for debug-level secrets
Use consistent redaction patterns for sensitive fields in logs and test data

Files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• app/src/providers/passportDataProvider.tsx
• common/src/utils/types.ts
• app/src/components/homescreen/IdCard.tsx
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

packages/mobile-sdk-alpha/src/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

packages/mobile-sdk-alpha/src/**/*.{ts,tsx}: Test platform-specific code paths for React Native (iOS and Android) and web implementations
Ensure all exports in migrated modules support tree shaking for optimal bundle size
Use TypeScript adapter pattern for cross-platform implementations with consistent interfaces
Implement consistent SDKError class for error handling with error codes and details
Use lazy loading for modules to optimize runtime performance and memory usage
Use async/await patterns for non-blocking operations throughout SDK modules
Provide comprehensive TypeScript type definitions and maintain type safety across SDK exports
Create clear and actionable error messages with descriptive error codes for SDK consumers
Support flexible configuration options and partner branding customization in SDK integrations

Files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts

packages/mobile-sdk-alpha/**/*.{ts,tsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

Use TypeScript with strict type checking for this package

Files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts

packages/mobile-sdk-alpha/**/*.{js,ts,tsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

Configure ESLint with TypeScript-specific rules

Files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts

packages/mobile-sdk-alpha/**/*.{js,ts,tsx,json,md,yml,yaml}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

Use Prettier for code formatting with root Prettier and EditorConfig settings

Files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts

packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}: Review alpha mobile SDK code for:

• API consistency with core SDK
• Platform-neutral abstractions
• Performance considerations
• Clear experimental notes or TODOs

Files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts

**/*.test.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.test.{ts,tsx,js,jsx}: Use renderHook for testing custom React hooks instead of rendering components.
Mock console.error in tests to avoid test output clutter while testing error scenarios.
Test error boundaries and recovery mechanisms in React components.
Mock SQLite operations with executeSql method in database tests using utilities from tests/__setup__/databaseMocks.ts.

Files:

• app/tests/src/utils/documents.test.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

**/{compliance,ofac,verification,identity,utils}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Normalize names using case-folding, Unicode NFKC normalization, and diacritics removal for OFAC matching

Files:

• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• common/src/utils/types.ts
• app/src/screens/verification/ProveScreen.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

app/**/*.{test.js,test.ts,test.tsx,spec.js,spec.ts,spec.tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Use Jest for testing in the app directory with React Native preset configured in jest.config.cjs

Files:

• app/tests/src/utils/documents.test.ts

app/**/*.{ts,tsx,js,jsx,json,yml,yaml}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn nice passes (fixes linting and formatting) before creating a PR

Files:

• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

app/**/*.{test,spec}.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn test passes (unit tests) before creating a PR

Files:

• app/tests/src/utils/documents.test.ts

app/**/*.{ts,tsx,js,jsx,swift,kt,java}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx,swift,kt,java}: Flag security-sensitive operations and note performance implications in code comments
Ensure no sensitive data (PII, credentials, tokens) is present in logs

Files:

• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

**/*.{test,spec}.{ts,js,tsx,jsx}

⚙️ CodeRabbit configuration file

**/*.{test,spec}.{ts,js,tsx,jsx}: Review test files for:

• Test coverage completeness
• Test case quality and edge cases
• Mock usage appropriateness
• Test readability and maintainability

Files:

• app/tests/src/utils/documents.test.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

app/src/**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Use module mapping @/ → src/ and @tests/ → tests/src/ in app Jest configuration

Files:

• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

app/src/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Update app to consume mobile-sdk-alpha modules after migration and validate all existing app tests pass

Files:

• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• app/src/providers/passportDataProvider.tsx
• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

common/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

common/src/**/*.{ts,tsx,js,jsx}: Review shared utilities for:

• Reusability and modular design
• Type safety and error handling
• Side-effect management
• Documentation and naming clarity

Files:

• common/src/utils/types.ts

packages/mobile-sdk-alpha/tests/**/*.{ts,tsx,test.ts,test.tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Create tests BEFORE migrating logic to verify functionality works correctly in the mobile-sdk-alpha package

Files:

• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

packages/mobile-sdk-alpha/tests/**/*.{test.ts,test.tsx,spec.ts,spec.tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

packages/mobile-sdk-alpha/tests/**/*.{test.ts,test.tsx,spec.ts,spec.tsx}: Use Vitest for testing in the mobile-sdk-alpha package with Node environment configured in vitest.config.ts
Suppress console noise in mobile-sdk-alpha tests using setup in tests/setup.ts
Create comprehensive test fixtures and mock data for each migrated module without exposing sensitive information
Mock native dependencies appropriately in tests when testing platform-specific code

Files:

• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

packages/mobile-sdk-alpha/**/*.test.{ts,tsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

packages/mobile-sdk-alpha/**/*.test.{ts,tsx}: Do NOT mock the mobile-sdk-alpha package in tests; use actual imports from @selfxyz/mobile-sdk-alpha and write integration tests that exercise real validation logic
Test isPassportDataValid() with realistic, synthetic passport data and never use real user PII
Verify extractMRZInfo() using published sample MRZ strings (e.g., ICAO examples) rather than fake data
Ensure parseNFCResponse() is tested with representative, synthetic NFC data rather than mocks

Files:

• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}: Implement three-tier OFAC verification system: Passport Number Check (direct passport validation), Name + DOB Check (full name with exact date of birth), and Name + Year Check (name with year of birth, defaulting to Jan-01)
Apply Jaro–Winkler fuzzy matching algorithm with ≥0.92 threshold for OFAC name verification
Validate passport numbers by removing whitespace/punctuation and performing country-specific format validation
Protect all PII by committing via domain-separated hashes using Poseidon hash function with 'ofac-v1' domain separator
Implement per-issuer salt for additional privacy in OFAC hash commitments, with unique salt per issuing country

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity,age}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use ISO 8601 format (YYYY-MM-DD) for all date inputs in compliance verification

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{age,verification,identity,compliance}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement age verification with day-level precision for 'olderThan' checks accepting ISO 8601 date inputs

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,age,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of age without disclosing actual date of birth

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}: Implement forbidden country validation using Bloom filter with false positive rate ≤1e-6
Validate country codes in ISO 3166-1 alpha-3 format for forbidden country checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,country,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of country non-inclusion without revealing actual country code

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement graceful degradation for country validation when filter is unavailable

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}: Use UTC timestamps only for all compliance verification operations
Allow ±5 minutes clock drift tolerance in timestamp validation for compliance checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Enforce 24-hour verification window with drift adjustment for compliance proof validity

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof,zk,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain peak memory usage below 300MB for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}: Make all network calls idempotent with exponential backoff retry logic
Implement exponential backoff with jitter for compliance verification retry logic

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,audit,log,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain privacy-preserving audit logs for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

🧠 Learnings (46)

📓 Common learnings

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:39.400Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/index.ts : Re-export all new migrated modules via packages/mobile-sdk-alpha/src/index.ts and document them in packages/mobile-sdk-alpha/README.md

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• app/src/screens/verification/ProveScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

📚 Learning: 2025-08-25T14:25:57.586Z

Learnt from: aaronmgdr
Repo: selfxyz/self PR: 951
File: app/src/providers/authProvider.web.tsx:17-18
Timestamp: 2025-08-25T14:25:57.586Z
Learning: The selfxyz/mobile-sdk-alpha/constants/analytics import path is properly configured with SDK exports, Metro aliases, and TypeScript resolution. Import changes from @/consts/analytics to this path are part of valid analytics migration, not TypeScript resolution issues.

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/**/*.{ts,tsx} : Support flexible configuration options and partner branding customization in SDK integrations

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• packages/mobile-sdk-alpha/src/types/ui.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/**/*.{ts,tsx} : Create clear and actionable error messages with descriptive error codes for SDK consumers

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/**/*.{ts,tsx} : Provide comprehensive TypeScript type definitions and maintain type safety across SDK exports

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/processing/**/*.{ts,tsx} : Migrate MRZ processing helpers from app/src/utils/ to packages/mobile-sdk-alpha/src/processing/ with comprehensive tests for MRZ parsing and cross-platform compatibility

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• app/src/screens/verification/ProveScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/validation/**/*.{ts,tsx} : Migrate document validation logic from app/src/utils/ to packages/mobile-sdk-alpha/src/validation/ with unit tests for each validation rule and edge cases

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/tests/src/utils/documents.test.ts
• app/src/utils/documents.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• app/src/providers/passportDataProvider.tsx
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• app/src/screens/verification/ProveScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/artifacts/**/*.{ts,tsx} : Migrate artifact management from app/src/utils/ to packages/mobile-sdk-alpha/src/artifacts/ with tests for manifest validation, CDN downloads, signature verification, and storage

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/protocol/**/*.{ts,tsx} : Migrate protocol synchronization from app/src/utils/ to packages/mobile-sdk-alpha/src/protocol/ with tests for tree fetching, TTL caching, rate limiting, and memory bounds

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.{test.ts,test.tsx,spec.ts,spec.tsx} : Create comprehensive test fixtures and mock data for each migrated module without exposing sensitive information

Applied to files:

• app/tests/src/utils/documents.test.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

📚 Learning: 2025-11-25T14:08:51.177Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:51.177Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Test `isPassportDataValid()` with realistic, synthetic passport data and never use real user PII

Applied to files:

• app/tests/src/utils/documents.test.ts
• app/src/providers/passportDataProvider.tsx
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.{ts,tsx,test.ts,test.tsx} : Create tests BEFORE migrating logic to verify functionality works correctly in the mobile-sdk-alpha package

Applied to files:

• app/tests/src/utils/documents.test.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.{test.ts,test.tsx,spec.ts,spec.tsx} : Mock native dependencies appropriately in tests when testing platform-specific code

Applied to files:

• app/tests/src/utils/documents.test.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

📚 Learning: 2025-11-25T14:08:51.177Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:51.177Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Verify `extractMRZInfo()` using published sample MRZ strings (e.g., ICAO examples) rather than fake data

Applied to files:

• app/tests/src/utils/documents.test.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/attestation/**/*.{ts,tsx} : Migrate attestation verification from app/src/utils/ to packages/mobile-sdk-alpha/src/attestation/ with tests for PCR0 validation and certificate chain validation

Applied to files:

• app/tests/src/utils/documents.test.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• app/src/screens/verification/ProveScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.integration.{test.ts,test.tsx,spec.ts,spec.tsx} : Test end-to-end flows covering complete user journeys through the identity verification process

Applied to files:

• app/tests/src/utils/documents.test.ts
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/crypto/**/*.{ts,tsx} : Migrate crypto adapters from app/src/utils/ to packages/mobile-sdk-alpha/src/crypto/ with tests for WebCrypto vs noble/* fallback and timing-safe comparisons

Applied to files:

• app/tests/src/utils/documents.test.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts

📚 Learning: 2025-12-13T18:00:39.400Z

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:39.400Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

Applied to files:

• app/src/utils/documents.ts
• packages/mobile-sdk-alpha/src/types/ui.ts
• common/src/utils/types.ts
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement certificate validation for passport data verification.

Applied to files:

• app/src/utils/documents.ts
• app/src/providers/passportDataProvider.tsx
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/providers/passportDataProvider.tsx
• packages/mobile-sdk-alpha/tests/documents/utils.test.ts
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• packages/mobile-sdk-alpha/src/documents/utils.ts
• app/src/screens/dev/DevSettingsScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py} : Implement three-tier OFAC verification system: Passport Number Check (direct passport validation), Name + DOB Check (full name with exact date of birth), and Name + Year Check (name with year of birth, defaulting to Jan-01)

Applied to files:

• app/src/providers/passportDataProvider.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Tamagui for UI components in React Native applications.

Applied to files:

• app/src/components/homescreen/IdCard.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use React Navigation with `createStaticNavigation` for type-safe navigation in React Native applications.

Applied to files:

• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement custom modal system with `useModal` hook and callback registry in React Native.

Applied to files:

• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Integrate haptic feedback using `useHapticNavigation` hook in React Native navigation.

Applied to files:

• app/src/components/homescreen/IdCard.tsx

📚 Learning: 2025-08-23T02:02:02.556Z

Learnt from: transphorm
Repo: selfxyz/self PR: 942
File: app/vite.config.ts:170-0
Timestamp: 2025-08-23T02:02:02.556Z
Learning: In the selfxyz/self React Native app, devTools from '@/navigation/devTools' are intentionally shipped to production builds for testing purposes, not excluded as is typical in most applications.

Applied to files:

• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Zustand for global state management in React Native applications.

Applied to files:

• app/src/components/homescreen/IdCard.tsx

📚 Learning: 2025-08-26T14:41:41.821Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/aesop/PassportOnboardingScreen.tsx:0-0
Timestamp: 2025-08-26T14:41:41.821Z
Learning: When verifying provider hierarchies in React Native apps, always check the main App.tsx file at the app root, not just navigation/index.tsx and layout files, as providers are often configured at the top-level App component.

Applied to files:

• app/src/components/homescreen/IdCard.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/demo/**/*.{ts,tsx,js,jsx} : Create an in-SDK lightweight demo in packages/mobile-sdk-alpha/demo/ using embedded React Native with MRZ flow and theming hooks integration

Applied to files:

• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/components/homescreen/IdCard.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

📚 Learning: 2025-09-11T19:41:16.601Z

Learnt from: aaronmgdr
Repo: selfxyz/self PR: 1055
File: app/src/components/homeScreen/idCard.tsx:6-6
Timestamp: 2025-09-11T19:41:16.601Z
Learning: The React Native app in selfxyz/self does not implement responsive layouts for orientation changes. The codebase consistently uses Dimensions.get('window') rather than useWindowDimensions(), indicating that orientation handling is not a priority or architectural pattern in this project.

Applied to files:

• app/src/components/homescreen/IdCard.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.{test.ts,test.tsx,spec.ts,spec.tsx} : Use Vitest for testing in the mobile-sdk-alpha package with Node environment configured in vitest.config.ts

Applied to files:

• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

📚 Learning: 2025-11-25T14:08:51.177Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:51.177Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Do NOT mock the mobile-sdk-alpha package in tests; use actual imports from `selfxyz/mobile-sdk-alpha` and write integration tests that exercise real validation logic

Applied to files:

• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

📚 Learning: 2025-11-25T14:08:51.177Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:51.177Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Ensure `parseNFCResponse()` is tested with representative, synthetic NFC data rather than mocks

Applied to files:

• packages/mobile-sdk-alpha/tests/documents/utils.test.ts

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/proving/**/*.{ts,tsx} : Migrate proof input generation from app/src/utils/proving/ to packages/mobile-sdk-alpha/src/proving/ with tests for register, disclose, and TEE input generation

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,verification,proof}/**/*.{ts,tsx,js,py} : Enforce 24-hour verification window with drift adjustment for compliance proof validity

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt} : Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Identity Verification Hub manages multi-step verification process for passports and EU ID cards, handles document attestation through zero-knowledge proofs, and implements verification paths (E-PASSPORT and EU_ID_CARD) in `contracts/contracts/IdentityVerificationHubImplV2.sol`.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/samples/**/*.{ts,tsx,js,jsx} : Create sample React Native and web applications in packages/mobile-sdk-alpha/samples/ demonstrating MRZ parsing, proof flow, and iOS URL scheme integration

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

📚 Learning: 2025-10-23T12:08:55.529Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1236
File: packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx:356-378
Timestamp: 2025-10-23T12:08:55.529Z
Learning: In packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx, the NFC native events emitted via NativeEventEmitter are generic status strings (e.g., "PACE succeeded", "BAC failed", "Reading DG1 succeeded") and do not contain sensitive MRZ data or passport numbers, so they do not require sanitization before logging.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement lazy loading for screens using `React.lazy()` in React Native applications.

Applied to files:

• app/src/screens/home/HomeScreen.tsx

📚 Learning: 2025-11-25T14:08:23.106Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:23.106Z
Learning: Applies to app/{ios,android}/** : Document complex native module changes and explain platform-specific code paths

Applied to files:

• app/src/screens/dev/DevSettingsScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Organize screens by feature modules (passport, home, settings, etc.) with navigation defined in separate files.

Applied to files:

• app/src/screens/dev/DevSettingsScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Keychain for secure storage of sensitive data in React Native.

Applied to files:

• app/src/screens/dev/DevSettingsScreen.tsx

🧬 Code graph analysis (6)

app/tests/src/utils/documents.test.ts (2)

common/src/utils/types.ts (1)

• DocumentMetadata (39-48)

app/src/utils/documents.ts (1)

• isDocumentInactive (7-20)

app/src/components/homescreen/IdCard.tsx (3)

packages/mobile-sdk-demo/src/navigation/NavigationProvider.tsx (1)

• useNavigation (110-116)

packages/mobile-sdk-alpha/src/constants/colors.ts (3)

• red600 (29-29)
• white (61-61)
• yellow500 (63-63)

packages/mobile-sdk-demo/tests/mocks/react-native.ts (1)

• StyleSheet (27-29)

app/src/screens/verification/ProveScreen.tsx (1)

app/src/utils/documents.ts (1)

• isDocumentInactive (7-20)

app/src/screens/home/HomeScreen.tsx (2)

packages/mobile-sdk-alpha/src/documents/utils.ts (1)

• getAllDocuments (93-111)

app/src/utils/documents.ts (1)

• isDocumentInactive (7-20)

packages/mobile-sdk-alpha/src/documents/utils.ts (5)

common/index.ts (4)

• inferDocumentCategory (95-95)
• DocumentMetadata (8-8)
• isMRZDocument (125-125)
• AadhaarData (3-3)

common/src/utils/index.ts (4)

• inferDocumentCategory (30-30)
• DocumentMetadata (6-6)
• isMRZDocument (73-73)
• AadhaarData (2-2)

common/src/utils/passports/passport.ts (1)

• inferDocumentCategory (318-327)

common/src/utils/types.ts (3)

• DocumentMetadata (39-48)
• isMRZDocument (172-178)
• AadhaarData (15-22)

packages/mobile-sdk-alpha/src/index.ts (1)

• DocumentMetadata (36-36)

app/src/screens/dev/DevSettingsScreen.tsx (1)

app/src/providers/passportDataProvider.tsx (2)

• loadDocumentCatalogDirectlyFromKeychain (463-499)
• saveDocumentCatalogDirectlyToKeychain (745-754)

🪛 GitHub Actions: Mobile CI

app/src/screens/verification/ProveScreen.tsx

[error] 5-5: simple-import-sort/imports: Run autofix to sort these imports!

🪛 GitHub Actions: Workspace CI

app/src/screens/verification/ProveScreen.tsx

[error] 5-5: simple-import-sort/imports: Run autofix to sort these imports!

🪛 GitHub Check: build-deps

app/src/screens/verification/ProveScreen.tsx

[warning] 238-238:
Replace selectedApp?.sessionId,·isFocused,·selfClient,·hasCheckedForInactiveDocument with ⏎····selectedApp?.sessionId,⏎····isFocused,⏎····selfClient,⏎····hasCheckedForInactiveDocument,⏎··

🪛 GitHub Check: workspace-lint

app/src/screens/verification/ProveScreen.tsx

[warning] 238-238:
Replace selectedApp?.sessionId,·isFocused,·selfClient,·hasCheckedForInactiveDocument with ⏎····selectedApp?.sessionId,⏎····isFocused,⏎····selfClient,⏎····hasCheckedForInactiveDocument,⏎··

⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Cursor Bugbot
• GitHub Check: e2e-ios
• GitHub Check: android-build-test
• GitHub Check: iOS E2E Tests Demo App
• GitHub Check: Android E2E Tests Demo App
• GitHub Check: analyze-android
• GitHub Check: analyze-ios

🔇 Additional comments (12)

packages/mobile-sdk-alpha/src/constants/colors.ts (1)

29-30: Constant is correctly implemented and actively used.

The red600 export follows the design system convention with appropriate hex value #DC2626 (darker than red500). Usage in app/src/components/homescreen/IdCard.tsx confirms it's applied for inactive warning states as intended.

common/src/utils/types.ts (1)

47-47: LGTM: Clean type extension.

The optional hasExpirationDate field is a straightforward addition that maintains backward compatibility while enabling the new inactivity tracking feature.

app/src/providers/passportDataProvider.tsx (1)

814-831: LGTM: Consistent metadata enrichment.

The local documentCategory variable and hasExpirationDate computation are well-structured. The logic correctly identifies that passports and ID cards have expiration dates while Aadhaar documents do not, aligning with the inactivity detection logic elsewhere in the codebase.

packages/mobile-sdk-alpha/src/types/ui.ts (1)

23-23: LGTM: Consistent SDK type extension.

The hasExpirationDate field addition maintains type consistency with the common package definition.

packages/mobile-sdk-alpha/src/documents/utils.ts (1)

237-248: LGTM: Consistent implementation across packages.

The document category computation and hasExpirationDate logic match the app implementation, ensuring consistent metadata enrichment across the SDK and app layers.

packages/mobile-sdk-alpha/tests/documents/utils.test.ts (1)

165-331: LGTM: Thorough test coverage for metadata enrichment.

The test suite comprehensively validates:

• Correct hasExpirationDate values for all document types
• Category inference when documentCategory is missing
• Proper catalog persistence

The tests ensure the SDK's document storage logic aligns with app-level behavior.

app/src/screens/verification/ProveScreen.tsx (2)

91-148: Inactive document flow looks well-structured.

The pattern of checking for inactive documents first and guarding subsequent effects with hasCheckedForInactiveDocument is clean. When an inactive document is found, the user is navigated to a modal, and the early return correctly prevents setting the flag—this ensures the flow doesn't proceed until the user takes action.

One note: the document category switch in navigateToDocumentOnboarding is duplicated in IdCard.tsx. Consider extracting this to a shared utility if the pattern spreads further.

---

304-320: Guard in onVerify prevents premature action.

The early return when hasCheckedForInactiveDocument is false ensures users can't trigger verification before the inactivity check completes. This is a sensible UX safeguard.

app/src/components/homescreen/IdCard.tsx (3)

77-91: Modal callback wiring is correct.

The handleInactivePress properly registers callbacks and navigates to the modal with appropriate parameters. The empty onModalDismiss callback for "Not now" is acceptable since dismissing requires no action.

---

135-169: Inactive warning banner implementation looks good.

The Pressable wrapper with handleInactivePress provides clear visual feedback and actionable UX for inactive documents. The styling with red600 background and warning icon is appropriately attention-grabbing.

---

251-273: INACTIVE badge placement and styling is appropriate.

The badge is positioned consistently with the existing DEVELOPER badge and uses matching styling patterns with distinct red coloring for visibility.

app/src/screens/dev/DevSettingsScreen.tsx (1)

41-45: New keychain utility imports are appropriate.

The direct keychain access functions are correctly imported for dev tooling that needs to bypass the normal provider flow.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Add error handling and success feedback for consistency.

This handler lacks try/catch error handling and success feedback that other danger zone handlers provide (e.g., handleClearPointEventsPress at line 459). While this is dev-only functionality, consistency improves debuggability.

Apply this diff:

          onPress: async () => {
+           try {
              const catalog = await loadDocumentCatalogDirectlyFromKeychain();
              const selectedDocumentId = catalog.selectedDocumentId;
              const selectedDocument = catalog.documents.find(
                document => document.id === selectedDocumentId,
              );

              if (selectedDocument) {
                delete selectedDocument.hasExpirationDate;
-
                await saveDocumentCatalogDirectlyToKeychain(catalog);
+               Alert.alert('Success', 'Expiration date flag removed.', [
+                 { text: 'OK' },
+               ]);
+             } else {
+               Alert.alert('Error', 'No selected document found.', [
+                 { text: 'OK' },
+               ]);
              }
+           } catch (error) {
+             Alert.alert(
+               'Error',
+               error instanceof Error ? error.message : 'Failed to remove flag',
+               [{ text: 'OK' }],
+             );
+           }
          },

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const handleRemoveExpirationDateFlagPress = () => {
	Alert.alert(
	'Remove Expiration Date Flag',
	'Are you sure you want to remove the expiration date flag for the current (selected) document?.',
	[
	{ text: 'Cancel', style: 'cancel' },
	{
	text: 'Remove',
	style: 'destructive',
	onPress: async () => {
	const catalog = await loadDocumentCatalogDirectlyFromKeychain();
	const selectedDocumentId = catalog.selectedDocumentId;
	const selectedDocument = catalog.documents.find(
	document => document.id === selectedDocumentId,
	);
	if (selectedDocument) {
	delete selectedDocument.hasExpirationDate;
	await saveDocumentCatalogDirectlyToKeychain(catalog);
	}
	},
	},
	],
	);
	};
	const handleRemoveExpirationDateFlagPress = () => {
	Alert.alert(
	'Remove Expiration Date Flag',
	'Are you sure you want to remove the expiration date flag for the current (selected) document?.',
	[
	{ text: 'Cancel', style: 'cancel' },
	{
	text: 'Remove',
	style: 'destructive',
	onPress: async () => {
	try {
	const catalog = await loadDocumentCatalogDirectlyFromKeychain();
	const selectedDocumentId = catalog.selectedDocumentId;
	const selectedDocument = catalog.documents.find(
	document => document.id === selectedDocumentId,
	);
	if (selectedDocument) {
	delete selectedDocument.hasExpirationDate;
	await saveDocumentCatalogDirectlyToKeychain(catalog);
	Alert.alert('Success', 'Expiration date flag removed.', [
	{ text: 'OK' },
	]);
	} else {
	Alert.alert('Error', 'No selected document found.', [
	{ text: 'OK' },
	]);
	}
	} catch (error) {
	Alert.alert(
	'Error',
	error instanceof Error ? error.message : 'Failed to remove flag',
	[{ text: 'OK' }],
	);
	}
	},
	},
	],
	);
	};

🤖 Prompt for AI Agents

In app/src/screens/dev/DevSettingsScreen.tsx around lines 520-545, the
remove-expiration handler lacks error handling and success feedback; wrap the
async work in a try/catch, perform the load/find/delete/save operations inside
the try, and on success call the same success feedback used by other handlers
(e.g., Alert.alert or the existing success UI) to confirm removal; in the catch
log the error (console.error or processLogger) and show an error Alert.alert to
surface the failure, and also handle the case where no selectedDocument is found
by showing an informative alert.

[shazarre]

as this is just a dev screen there's no need for it

[coderabbitai]

@shazarre, understood! That makes sense for dev tooling. I'll skip the error handling for this dev-only feature. 👍

---

🧠 Learnings used

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:39.400Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

---

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Always use try-catch for async operations in React Native and TypeScript code.

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:23.106Z
Learning: Applies to app/**/*.{ts,tsx,js,jsx,swift,kt,java} : Flag security-sensitive operations and note performance implications in code comments

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:11.887Z
Learning: Flag security-sensitive changes for special review in PR descriptions.

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:23.106Z
Learning: Applies to app/{ios,android}/** : Document complex native module changes and explain platform-specific code paths

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement certificate validation for passport data verification.

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/index.ts : Re-export all new migrated modules via packages/mobile-sdk-alpha/src/index.ts and document them in packages/mobile-sdk-alpha/README.md

---

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/processing/**/*.{ts,tsx} : Migrate MRZ processing helpers from app/src/utils/ to packages/mobile-sdk-alpha/src/processing/ with comprehensive tests for MRZ parsing and cross-platform compatibility

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Search for isDocumentInactive usage and related code
rg -n "isDocumentInactive" --type=ts --type=tsx -C5

Repository: selfxyz/self

Length of output: 83

---

🏁 Script executed:

#!/bin/bash
# Search for isDocumentInactive usage
rg -n "isDocumentInactive" -A5 -B5

Repository: selfxyz/self

Length of output: 13301

---

🏁 Script executed:

#!/bin/bash
# Check the full documents.ts file for any JSDoc or comments
cat -n app/src/utils/documents.ts

Repository: selfxyz/self

Length of output: 704

---

🏁 Script executed:

#!/bin/bash
# Check the test file to understand the intended behavior better
head -n 130 app/tests/src/utils/documents.test.ts | tail -n 70

Repository: selfxyz/self

Length of output: 1980

---

🏁 Script executed:

#!/bin/bash
# Check how isDocumentInactive is used in the broader context
rg -n "hasExpirationDate" -B2 -A2 | head -100

Repository: selfxyz/self

Length of output: 8453

---

🏁 Script executed:

#!/bin/bash
# Check the common types to understand DocumentMetadata structure
cat -n common/src/utils/types.ts | head -60

Repository: selfxyz/self

Length of output: 2334

---

Add JSDoc to clarify that isDocumentInactive checks feature rollout status, not actual expiration.

The function logic is intentional—it checks whether expiration metadata has been populated for a document type. Passport/id_card types support expiration tracking from registration, while other types (aadhaar) may have the feature rolled out later. When hasExpirationDate is undefined, the feature hasn't been rolled out; otherwise, it's ready. Add JSDoc documenting this UX-only check and why each document type is handled differently to prevent confusion.

🤖 Prompt for AI Agents

In app/src/utils/documents.ts around lines 7 to 20, add a JSDoc block above
isDocumentInactive explaining that this function is a UX/feature-rollout check
(it returns whether expiration-tracking has been rolled out for the document
type), that passport and id_card are treated as supporting expiration-tracking
(so always return false), that a metadata.hasExpirationDate value of undefined
means the expiration feature hasn’t been rolled out for that document type (so
return true), and that this does not reflect the document’s real-world
expiration status; keep the existing logic but document why aadhaar/other types
are handled differently to avoid confusion.

[cursor]

This is the final PR Bugbot will review for you during this billing cycle

Your free Bugbot reviews will reset on December 17

Details

Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

---

Bug: Re-onboarding existing documents doesn't clear inactive status

When a user re-onboards an existing document (following the inactive document prompt), storeDocumentWithDeduplication finds the document with the same content hash and returns early after updating only the document data and selectedDocumentId. The existing document's metadata in catalog.documents is never updated to include hasExpirationDate. This means old aadhaar documents will remain marked as "inactive" forever after re-onboarding, since isDocumentInactive checks for hasExpirationDate === undefined. The if (existing) branch needs to update existing.hasExpirationDate before saving the catalog.

packages/mobile-sdk-alpha/src/documents/utils.ts#L219-L231

self/packages/mobile-sdk-alpha/src/documents/utils.ts

Lines 219 to 231 in 0c618a5

	const existing = catalog.documents.find(d => d.id === contentHash);
	if (existing) {
	// Even if content hash is the same, we should update the document
	// in case metadata (like CSCA) has changed
	console.log('Document with same content exists, updating stored data');
	// Update the stored document with potentially new metadata
	await selfClient.saveDocument(contentHash, passportData);
	// Update selected document to this one
	catalog.selectedDocumentId = contentHash;
	await selfClient.saveDocumentCatalog(catalog);
	return contentHash;

app/src/providers/passportDataProvider.tsx#L796-L808

self/app/src/providers/passportDataProvider.tsx

Lines 796 to 808 in 0c618a5

	const existing = catalog.documents.find(d => d.id === contentHash);
	if (existing) {
	// Even if content hash is the same, we should update the document
	// in case metadata (like CSCA) has changed
	console.log('Document with same content exists, updating stored data');
	// Update the stored document with potentially new metadata
	await storeDocumentDirectlyToKeychain(contentHash, passportData);
	// Update selected document to this one
	catalog.selectedDocumentId = contentHash;
	await saveDocumentCatalogDirectlyToKeychain(catalog);
	return contentHash;

 

---

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0c618a5 and 0e9d145.

📒 Files selected for processing (1)

• app/src/screens/verification/ProveScreen.tsx (8 hunks)

🧰 Additional context used

📓 Path-based instructions (26)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• app/src/screens/verification/ProveScreen.tsx

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• app/src/screens/verification/ProveScreen.tsx

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• app/src/screens/verification/ProveScreen.tsx

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}: Implement three-tier OFAC verification system: Passport Number Check (direct passport validation), Name + DOB Check (full name with exact date of birth), and Name + Year Check (name with year of birth, defaulting to Jan-01)
Apply Jaro–Winkler fuzzy matching algorithm with ≥0.92 threshold for OFAC name verification
Validate passport numbers by removing whitespace/punctuation and performing country-specific format validation
Protect all PII by committing via domain-separated hashes using Poseidon hash function with 'ofac-v1' domain separator
Implement per-issuer salt for additional privacy in OFAC hash commitments, with unique salt per issuing country

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity,utils}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Normalize names using case-folding, Unicode NFKC normalization, and diacritics removal for OFAC matching

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity,age}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use ISO 8601 format (YYYY-MM-DD) for all date inputs in compliance verification

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{age,verification,identity,compliance}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement age verification with day-level precision for 'olderThan' checks accepting ISO 8601 date inputs

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,age,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of age without disclosing actual date of birth

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}: Implement forbidden country validation using Bloom filter with false positive rate ≤1e-6
Validate country codes in ISO 3166-1 alpha-3 format for forbidden country checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,country,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of country non-inclusion without revealing actual country code

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement graceful degradation for country validation when filter is unavailable

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}: Use UTC timestamps only for all compliance verification operations
Allow ±5 minutes clock drift tolerance in timestamp validation for compliance checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Enforce 24-hour verification window with drift adjustment for compliance proof validity

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof,zk,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain peak memory usage below 300MB for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}: Make all network calls idempotent with exponential backoff retry logic
Implement exponential backoff with jitter for compliance verification retry logic

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,audit,log,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain privacy-preserving audit logs for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

app/src/**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Use module mapping @/ → src/ and @tests/ → tests/src/ in app Jest configuration

Files:

• app/src/screens/verification/ProveScreen.tsx

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

**/*.{ts,tsx,js}: Never log PII, credentials, or private keys in production code; use DEBUG_SECRETS_TOKEN flag for debug-level secrets
Use consistent redaction patterns for sensitive fields in logs and test data

Files:

• app/src/screens/verification/ProveScreen.tsx

app/src/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Update app to consume mobile-sdk-alpha modules after migration and validate all existing app tests pass

Files:

• app/src/screens/verification/ProveScreen.tsx

app/**/*.{ts,tsx,js,jsx,json,yml,yaml}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn nice passes (fixes linting and formatting) before creating a PR

Files:

• app/src/screens/verification/ProveScreen.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/src/screens/verification/ProveScreen.tsx

app/**/*.{ts,tsx,js,jsx,swift,kt,java}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx,swift,kt,java}: Flag security-sensitive operations and note performance implications in code comments
Ensure no sensitive data (PII, credentials, tokens) is present in logs

Files:

• app/src/screens/verification/ProveScreen.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/screens/verification/ProveScreen.tsx

🧠 Learnings (23)

📓 Common learnings

Learnt from: CR
Repo: selfxyz/self PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:11.887Z
Learning: Flag security-sensitive changes for special review in PR descriptions.

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:39.400Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

📚 Learning: 2025-12-13T18:00:39.400Z

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:39.400Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/proving/**/*.{ts,tsx} : Migrate proof input generation from app/src/utils/proving/ to packages/mobile-sdk-alpha/src/proving/ with tests for register, disclose, and TEE input generation

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/attestation/**/*.{ts,tsx} : Migrate attestation verification from app/src/utils/ to packages/mobile-sdk-alpha/src/attestation/ with tests for PCR0 validation and certificate chain validation

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/tests/**/*.integration.{test.ts,test.tsx,spec.ts,spec.tsx} : Test end-to-end flows covering complete user journeys through the identity verification process

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,verification,proof}/**/*.{ts,tsx,js,py} : Enforce 24-hour verification window with drift adjustment for compliance proof validity

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt} : Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/validation/**/*.{ts,tsx} : Migrate document validation logic from app/src/utils/ to packages/mobile-sdk-alpha/src/validation/ with unit tests for each validation rule and edge cases

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:08:23.106Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:23.106Z
Learning: Applies to app/**/*.{ts,tsx,js,jsx,json,yml,yaml} : Ensure `yarn nice` passes (fixes linting and formatting) before creating a PR

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:08:11.887Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:11.887Z
Learning: Before committing, run linting and formatting fixes with `yarn workspaces foreach -A -p -v --topological-dev --since=HEAD run nice --if-present`.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:08:51.177Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-11-25T14:08:51.177Z
Learning: Before committing changes, run `yarn nice` to fix linting and formatting issues automatically

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/samples/**/*.{ts,tsx,js,jsx} : Create sample React Native and web applications in packages/mobile-sdk-alpha/samples/ demonstrating MRZ parsing, proof flow, and iOS URL scheme integration

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/demo/**/*.{ts,tsx,js,jsx} : Create an in-SDK lightweight demo in packages/mobile-sdk-alpha/demo/ using embedded React Native with MRZ flow and theming hooks integration

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/processing/**/*.{ts,tsx} : Migrate MRZ processing helpers from app/src/utils/ to packages/mobile-sdk-alpha/src/processing/ with comprehensive tests for MRZ parsing and cross-platform compatibility

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-23T02:02:02.556Z

Learnt from: transphorm
Repo: selfxyz/self PR: 942
File: app/vite.config.ts:170-0
Timestamp: 2025-08-23T02:02:02.556Z
Learning: In the selfxyz/self React Native app, devTools from '@/navigation/devTools' are intentionally shipped to production builds for testing purposes, not excluded as is typical in most applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use React Navigation with `createStaticNavigation` for type-safe navigation in React Native applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-10-23T12:08:55.529Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1236
File: packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx:356-378
Timestamp: 2025-10-23T12:08:55.529Z
Learning: In packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx, the NFC native events emitted via NativeEventEmitter are generic status strings (e.g., "PACE succeeded", "BAC failed", "Reading DG1 succeeded") and do not contain sensitive MRZ data or passport numbers, so they do not require sanitization before logging.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:55.507Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/mobile-sdk-migration.mdc:0-0
Timestamp: 2025-11-25T14:07:55.507Z
Learning: Applies to packages/mobile-sdk-alpha/src/index.ts : Re-export all new migrated modules via packages/mobile-sdk-alpha/src/index.ts and document them in packages/mobile-sdk-alpha/README.md

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement custom modal system with `useModal` hook and callback registry in React Native.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use custom hooks for complex state (`useModal`, `useHapticNavigation`) instead of inline logic.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

🧬 Code graph analysis (1)

app/src/screens/verification/ProveScreen.tsx (1)

app/src/utils/documents.ts (1)

• isDocumentInactive (7-20)

⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (11)

• GitHub Check: build-android
• GitHub Check: test
• GitHub Check: build-ios
• GitHub Check: test-common
• GitHub Check: type-check
• GitHub Check: Cursor Bugbot
• GitHub Check: Android E2E Tests Demo App
• GitHub Check: iOS E2E Tests Demo App
• GitHub Check: android-build-test
• GitHub Check: e2e-ios
• GitHub Check: analyze-ios

🔇 Additional comments (3)

app/src/screens/verification/ProveScreen.tsx (3)

78-79: LGTM! Clean guard flag pattern.

The hasCheckedForInactiveDocument state properly gates subsequent logic, preventing race conditions between the inactive document check and other initialization effects.

---

91-104: LGTM! Routing logic is correct.

The callback correctly routes to the appropriate onboarding screen based on document category, and the use of useCallback prevents unnecessary re-creation.

---

150-181: LGTM! Proper gating of proving flow behind inactive document check.

All effects and the onVerify function correctly gate execution on hasCheckedForInactiveDocument, ensuring the proving flow doesn't proceed until the inactive document check completes. This prevents wasted gas and improves UX.

Based on learnings, document checks like this are UX-only safeguards; authoritative validation occurs in circuits and smart contracts using trusted time sources.

Also applies to: 183-193, 195-243, 246-270, 310-312

[cursor]

Bug: Re-onboarding doesn't update metadata, document stays inactive

When a user follows the reactivation workflow for an inactive aadhaar document and re-scans the same document, storeDocumentWithDeduplication triggers the deduplication path (same content hash). This path only updates the stored document data and selection, but does not update the catalog metadata. Since hasExpirationDate in the existing metadata remains undefined, the document will still be marked as inactive after completing the reactivation flow. The metadata needs to be updated with the new hasExpirationDate field in the deduplication case for the reactivation workflow to work correctly.

app/src/providers/passportDataProvider.tsx#L796-L808

self/app/src/providers/passportDataProvider.tsx

Lines 796 to 808 in 0e9d145

	const existing = catalog.documents.find(d => d.id === contentHash);
	if (existing) {
	// Even if content hash is the same, we should update the document
	// in case metadata (like CSCA) has changed
	console.log('Document with same content exists, updating stored data');
	// Update the stored document with potentially new metadata
	await storeDocumentDirectlyToKeychain(contentHash, passportData);
	// Update selected document to this one
	catalog.selectedDocumentId = contentHash;
	await saveDocumentCatalogDirectlyToKeychain(catalog);
	return contentHash;

packages/mobile-sdk-alpha/src/documents/utils.ts#L218-L231

self/packages/mobile-sdk-alpha/src/documents/utils.ts

Lines 218 to 231 in 0e9d145

	// Check for existing document with same content
	const existing = catalog.documents.find(d => d.id === contentHash);
	if (existing) {
	// Even if content hash is the same, we should update the document
	// in case metadata (like CSCA) has changed
	console.log('Document with same content exists, updating stored data');
	// Update the stored document with potentially new metadata
	await selfClient.saveDocument(contentHash, passportData);
	// Update selected document to this one
	catalog.selectedDocumentId = contentHash;
	await selfClient.saveDocumentCatalog(catalog);
	return contentHash;

 

---

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @app/src/screens/verification/ProveScreen.tsx:
- Around line 110-152: The async load in checkForInactiveDocument can throw and
leave hasCheckedForInactiveDocument false; wrap the await loadDocumentCatalog()
and subsequent processing inside a try-catch (or try-finally) in the
checkForInactiveDocument function, catch and log the error, and ensure
setHasCheckedForInactiveDocument(true) is called in the catch or finally branch
so the effect won't deadlock; update references inside checkForInactiveDocument
(loadDocumentCatalog, isDocumentInactive, navigate, registerModalCallbacks,
navigateToDocumentOnboarding, setHasCheckedForInactiveDocument) accordingly.

🧹 Nitpick comments (1)

app/src/screens/verification/ProveScreen.tsx (1)

95-108: Add a default case for defensive coding.

The switch handles passport, id_card, and aadhaar, but if a new document category is introduced, this will silently fail. Consider adding a default case with logging or a fallback route.

♻️ Suggested fix

   const navigateToDocumentOnboarding = useCallback(
     (documentMetadata: DocumentMetadata) => {
       switch (documentMetadata.documentCategory) {
         case 'passport':
         case 'id_card':
           navigate('DocumentOnboarding');
           break;
         case 'aadhaar':
           navigate('AadhaarUpload', { countryCode: 'IND' });
           break;
+        default:
+          console.warn(
+            `Unhandled document category for reactivation: ${documentMetadata.documentCategory}`,
+          );
+          navigate('DocumentOnboarding');
       }
     },
     [navigate],
   );

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0e9d145 and fea235b.

📒 Files selected for processing (2)

• app/src/screens/dev/DevSettingsScreen.tsx
• app/src/screens/verification/ProveScreen.tsx

🚧 Files skipped from review as they are similar to previous changes (1)

• app/src/screens/dev/DevSettingsScreen.tsx

🧰 Additional context used

📓 Path-based instructions (22)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• app/src/screens/verification/ProveScreen.tsx

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• app/src/screens/verification/ProveScreen.tsx

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• app/src/screens/verification/ProveScreen.tsx

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}: Implement three-tier OFAC verification system: Passport Number Check (direct passport validation), Name + DOB Check (full name with exact date of birth), and Name + Year Check (name with year of birth, defaulting to Jan-01)
Apply Jaro–Winkler fuzzy matching algorithm with ≥0.92 threshold for OFAC name verification
Validate passport numbers by removing whitespace/punctuation and performing country-specific format validation
Protect all PII by committing via domain-separated hashes using Poseidon hash function with 'ofac-v1' domain separator
Implement per-issuer salt for additional privacy in OFAC hash commitments, with unique salt per issuing country

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity,utils}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Normalize names using case-folding, Unicode NFKC normalization, and diacritics removal for OFAC matching

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity,age}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use ISO 8601 format (YYYY-MM-DD) for all date inputs in compliance verification

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{age,verification,identity,compliance}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement age verification with day-level precision for 'olderThan' checks accepting ISO 8601 date inputs

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,age,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of age without disclosing actual date of birth

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}: Implement forbidden country validation using Bloom filter with false positive rate ≤1e-6
Validate country codes in ISO 3166-1 alpha-3 format for forbidden country checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,country,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of country non-inclusion without revealing actual country code

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement graceful degradation for country validation when filter is unavailable

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}: Use UTC timestamps only for all compliance verification operations
Allow ±5 minutes clock drift tolerance in timestamp validation for compliance checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Enforce 24-hour verification window with drift adjustment for compliance proof validity

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof,zk,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain peak memory usage below 300MB for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}: Make all network calls idempotent with exponential backoff retry logic
Implement exponential backoff with jitter for compliance verification retry logic

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,audit,log,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain privacy-preserving audit logs for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/src/screens/verification/ProveScreen.tsx

app/**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx}: Ensure web build succeeds with yarn web before creating a PR
Do not include sensitive data in logs - avoid logging PII, credentials, and tokens
Use react-native-dotenv for environment configuration via @env import
Confirm no sensitive data exposed before PR merge

Files:

• app/src/screens/verification/ProveScreen.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/screens/verification/ProveScreen.tsx

🧠 Learnings (20)

📓 Common learnings

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:46.963Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

📚 Learning: 2025-12-13T18:00:46.963Z

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:46.963Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,verification,proof}/**/*.{ts,tsx,js,py} : Enforce 24-hour verification window with drift adjustment for compliance proof validity

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt} : Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:04.954Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Document complex native module changes in PRs

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:04.954Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Applies to app/**/*.{ts,tsx,js,jsx} : Confirm no sensitive data exposed before PR merge

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Before committing changes, ensure code is properly formatted by running `yarn nice`

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : Verify cross-platform compatibility for both React Native and Web environments

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Run `yarn fmt` to check formatting or `yarn fmt:fix` to automatically format files with Prettier

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Always use try-catch for async operations in React Native and TypeScript code.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-23T02:02:02.556Z

Learnt from: transphorm
Repo: selfxyz/self PR: 942
File: app/vite.config.ts:170-0
Timestamp: 2025-08-23T02:02:02.556Z
Learning: In the selfxyz/self React Native app, devTools from '@/navigation/devTools' are intentionally shipped to production builds for testing purposes, not excluded as is typical in most applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use React Navigation with `createStaticNavigation` for type-safe navigation in React Native applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-10-23T12:08:55.529Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1236
File: packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx:356-378
Timestamp: 2025-10-23T12:08:55.529Z
Learning: In packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx, the NFC native events emitted via NativeEventEmitter are generic status strings (e.g., "PACE succeeded", "BAC failed", "Reading DG1 succeeded") and do not contain sensitive MRZ data or passport numbers, so they do not require sanitization before logging.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement custom modal system with `useModal` hook and callback registry in React Native.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:41:41.821Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/aesop/PassportOnboardingScreen.tsx:0-0
Timestamp: 2025-08-26T14:41:41.821Z
Learning: When verifying provider hierarchies in React Native apps, always check the main App.tsx file at the app root, not just navigation/index.tsx and layout files, as providers are often configured at the top-level App component.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Tamagui for UI components in React Native applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use custom hooks for complex state (`useModal`, `useHapticNavigation`) instead of inline logic.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

🧬 Code graph analysis (1)

app/src/screens/verification/ProveScreen.tsx (1)

app/src/utils/documents.ts (1)

• isDocumentInactive (7-20)

⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)

• GitHub Check: test
• GitHub Check: type-check
• GitHub Check: test-common
• GitHub Check: Cursor Bugbot
• GitHub Check: analyze-android
• GitHub Check: android-build-test
• GitHub Check: e2e-ios
• GitHub Check: Android E2E Tests Demo App

🔇 Additional comments (4)

app/src/screens/verification/ProveScreen.tsx (4)

24-24: LGTM on the new imports.

Clean additions for the inactive document detection feature.

Also applies to: 55-55, 60-60

---

82-84: LGTM on the gate state.

Using hasCheckedForInactiveDocument to sequence the inactive document check before other flows is a solid pattern.

---

154-158: Consistent gating pattern applied across effects.

The hasCheckedForInactiveDocument guard is properly placed in all relevant effects, ensuring the inactive document check completes before other flows execute. This sequencing is well-implemented.

Also applies to: 187-190, 199-202, 252-257

---

338-354: LGTM on verify action gating.

The early return blocks the prove flow until the inactive document check completes. This prevents users from attempting verification with an inactive document, aligning with the UX-level validation strategy (noting per learnings that authoritative validation happens in circuits/contracts).

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @app/src/screens/verification/ProveScreen.tsx:
- Around line 110-152: The effect's async function (checkForInactiveDocument)
must wrap the await loadDocumentCatalog() in try-catch (or use
try-catch-finally) so a thrown error doesn't leave hasCheckedForInactiveDocument
false; modify checkForInactiveDocument inside useEffect to try { const catalog =
await loadDocumentCatalog(); ... } catch (err) { /* log/report error via
console.error or errorReporter */ } finally {
setHasCheckedForInactiveDocument(true); } and keep the existing early return
when an inactive document is found so you still navigate the modal path.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fea235b and eb6dbe5.

📒 Files selected for processing (2)

• app/src/screens/verification/ProveScreen.tsx
• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx

🧰 Additional context used

📓 Path-based instructions (25)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx

packages/mobile-sdk-alpha/**/*.{ts,tsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

packages/mobile-sdk-alpha/**/*.{ts,tsx}: Check types across the codebase by running yarn types
Run yarn types or yarn typecheck to check TypeScript types across the codebase
Run yarn build to build the package for distribution
Before committing changes, ensure TypeScript types are valid by running yarn types
Before committing changes, ensure the build succeeds by running yarn build
Before creating a PR, ensure yarn types passes (TypeScript validation)
Before creating a PR, ensure yarn build succeeds (package builds correctly)
Ensure no breaking changes to public API or document them properly
Verify cross-platform compatibility for both React Native and Web environments
This package uses TypeScript with strict type checking
Use ESLint with TypeScript-specific rules
Use platform detection Platform.OS === 'web' when adding platform-specific code
Maintain type definitions that are complete and accurate

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx

packages/mobile-sdk-alpha/**/*.{js,ts,tsx,jsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

Run yarn lint to check for linting issues or yarn lint:fix to automatically fix them

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx

packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}: Review alpha mobile SDK code for:

• API consistency with core SDK
• Platform-neutral abstractions
• Performance considerations
• Clear experimental notes or TODOs

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}: Implement three-tier OFAC verification system: Passport Number Check (direct passport validation), Name + DOB Check (full name with exact date of birth), and Name + Year Check (name with year of birth, defaulting to Jan-01)
Apply Jaro–Winkler fuzzy matching algorithm with ≥0.92 threshold for OFAC name verification
Validate passport numbers by removing whitespace/punctuation and performing country-specific format validation
Protect all PII by committing via domain-separated hashes using Poseidon hash function with 'ofac-v1' domain separator
Implement per-issuer salt for additional privacy in OFAC hash commitments, with unique salt per issuing country

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity,utils}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Normalize names using case-folding, Unicode NFKC normalization, and diacritics removal for OFAC matching

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity,age}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use ISO 8601 format (YYYY-MM-DD) for all date inputs in compliance verification

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{age,verification,identity,compliance}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement age verification with day-level precision for 'olderThan' checks accepting ISO 8601 date inputs

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,age,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of age without disclosing actual date of birth

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}: Implement forbidden country validation using Bloom filter with false positive rate ≤1e-6
Validate country codes in ISO 3166-1 alpha-3 format for forbidden country checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,country,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of country non-inclusion without revealing actual country code

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement graceful degradation for country validation when filter is unavailable

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}: Use UTC timestamps only for all compliance verification operations
Allow ±5 minutes clock drift tolerance in timestamp validation for compliance checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Enforce 24-hour verification window with drift adjustment for compliance proof validity

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof,zk,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain peak memory usage below 300MB for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}: Make all network calls idempotent with exponential backoff retry logic
Implement exponential backoff with jitter for compliance verification retry logic

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,audit,log,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain privacy-preserving audit logs for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/src/screens/verification/ProveScreen.tsx

app/**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx}: Ensure web build succeeds with yarn web before creating a PR
Do not include sensitive data in logs - avoid logging PII, credentials, and tokens
Use react-native-dotenv for environment configuration via @env import
Confirm no sensitive data exposed before PR merge

Files:

• app/src/screens/verification/ProveScreen.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/screens/verification/ProveScreen.tsx

🧠 Learnings (20)

📓 Common learnings

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:46.963Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

📚 Learning: 2025-12-13T18:00:46.963Z

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:46.963Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

Applied to files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T12:48:14.120Z

Learnt from: aaronmgdr
Repo: selfxyz/self PR: 951
File: app/src/screens/passport/PassportNFCScanScreen.web.tsx:8-9
Timestamp: 2025-08-26T12:48:14.120Z
Learning: SecondaryButton forwards the trackEvent prop to AbstractButton via prop spreading (...props). AbstractButton handles analytics tracking in its handlePress method using the legacy analytics() system rather than the new Self SDK approach, ensuring button analytics work consistently across the app.

Applied to files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,verification,proof}/**/*.{ts,tsx,js,py} : Enforce 24-hour verification window with drift adjustment for compliance proof validity

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt} : Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:04.954Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Applies to app/**/*.{ts,tsx,js,jsx} : Confirm no sensitive data exposed before PR merge

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Before committing changes, ensure code is properly formatted by running `yarn nice`

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : Verify cross-platform compatibility for both React Native and Web environments

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Run `yarn fmt` to check formatting or `yarn fmt:fix` to automatically format files with Prettier

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Always use try-catch for async operations in React Native and TypeScript code.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-23T02:02:02.556Z

Learnt from: transphorm
Repo: selfxyz/self PR: 942
File: app/vite.config.ts:170-0
Timestamp: 2025-08-23T02:02:02.556Z
Learning: In the selfxyz/self React Native app, devTools from '@/navigation/devTools' are intentionally shipped to production builds for testing purposes, not excluded as is typical in most applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use React Navigation with `createStaticNavigation` for type-safe navigation in React Native applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-10-23T12:08:55.529Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1236
File: packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx:356-378
Timestamp: 2025-10-23T12:08:55.529Z
Learning: In packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx, the NFC native events emitted via NativeEventEmitter are generic status strings (e.g., "PACE succeeded", "BAC failed", "Reading DG1 succeeded") and do not contain sensitive MRZ data or passport numbers, so they do not require sanitization before logging.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement custom modal system with `useModal` hook and callback registry in React Native.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:41:41.821Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/aesop/PassportOnboardingScreen.tsx:0-0
Timestamp: 2025-08-26T14:41:41.821Z
Learning: When verifying provider hierarchies in React Native apps, always check the main App.tsx file at the app root, not just navigation/index.tsx and layout files, as providers are often configured at the top-level App component.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Tamagui for UI components in React Native applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use custom hooks for complex state (`useModal`, `useHapticNavigation`) instead of inline logic.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

🧬 Code graph analysis (1)

app/src/screens/verification/ProveScreen.tsx (1)

app/src/utils/documents.ts (1)

• isDocumentInactive (7-20)

⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)

• GitHub Check: test
• GitHub Check: type-check
• GitHub Check: test-common
• GitHub Check: Cursor Bugbot
• GitHub Check: e2e-ios
• GitHub Check: android-build-test
• GitHub Check: Android E2E Tests Demo App
• GitHub Check: analyze-android

[cursor]

This PR is being reviewed by Cursor Bugbot

Details

Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

[cursor]

Re-onboarding inactive documents does not update metadata flag

High Severity

When a user re-onboards an existing document (same content hash), storeDocumentWithDeduplication only updates the stored document data and selection, but does not update the catalog metadata. Specifically, hasExpirationDate is never set on the existing document's metadata. This means old aadhaar documents that were registered before this feature (with hasExpirationDate: undefined) will remain marked as inactive even after the user completes the reactivation flow. The inactive badge prompts users to re-onboard, but re-onboarding the same document won't actually clear the inactive state, creating an unescapable loop.

Additional Locations (1)

• packages/mobile-sdk-alpha/src/documents/utils.ts#L219-L231

 

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between eb6dbe5 and 97fbb15.

📒 Files selected for processing (2)

• app/scripts/bundle-analyze-ci.cjs
• common/src/utils/aadhaar/mockData.ts

🧰 Additional context used

📓 Path-based instructions (5)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• common/src/utils/aadhaar/mockData.ts

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• common/src/utils/aadhaar/mockData.ts

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• common/src/utils/aadhaar/mockData.ts

**/{compliance,ofac,verification,identity,utils}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Normalize names using case-folding, Unicode NFKC normalization, and diacritics removal for OFAC matching

Files:

• common/src/utils/aadhaar/mockData.ts

common/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

common/src/**/*.{ts,tsx,js,jsx}: Review shared utilities for:

• Reusability and modular design
• Type safety and error handling
• Side-effect management
• Documentation and naming clarity

Files:

• common/src/utils/aadhaar/mockData.ts

🧠 Learnings (7)

📓 Common learnings

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:46.963Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Test `isPassportDataValid()` with realistic, synthetic passport data (never use real user data)

Applied to files:

• common/src/utils/aadhaar/mockData.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Verify `extractMRZInfo()` using published sample MRZ strings (e.g., ICAO examples)

Applied to files:

• common/src/utils/aadhaar/mockData.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.test.{ts,tsx} : Never use real user PII (personally identifiable information) in tests - use only synthetic, anonymized, or approved test vectors

Applied to files:

• common/src/utils/aadhaar/mockData.ts

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py} : Implement per-issuer salt for additional privacy in OFAC hash commitments, with unique salt per issuing country

Applied to files:

• common/src/utils/aadhaar/mockData.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Ensure bundle size impact is acceptable when making changes

Applied to files:

• app/scripts/bundle-analyze-ci.cjs

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Implement bundle size optimization with tree shaking in React Native applications.

Applied to files:

• app/scripts/bundle-analyze-ci.cjs

🧬 Code graph analysis (1)

common/src/utils/aadhaar/mockData.ts (2)

common/index.ts (1)

• packBytesAndPoseidon (120-120)

common/src/utils/hash.ts (1)

• packBytesAndPoseidon (185-188)

⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: test
• GitHub Check: type-check
• GitHub Check: Android E2E Tests Demo App
• GitHub Check: analyze-android
• GitHub Check: android-build-test
• GitHub Check: e2e-ios

🔇 Additional comments (1)

common/src/utils/aadhaar/mockData.ts (1)

577-583: [rewritten comment]
[classification tag]

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Bundle threshold bump needs explicit tracking (owner + link + revert-by date).

A +1MB CI allowance is fine as a temporary unblock, but the current // TODO: fix temporary bundle bump is too vague and risks making the increase permanent. Please add a tracking reference (issue/PR), an owner, and a concrete “revert to 45MB by ” note (or a clearly justified new baseline). Based on learnings, keep bundle size impact acceptable and prefer tree-shaking/size optimization over moving thresholds.

Proposed tweak

 const BUNDLE_THRESHOLDS_MB = {
-  // TODO: fix temporary bundle bump
+  // TODO(<issue-or-pr-link>, <owner>, revert-by YYYY-MM-DD): revert to 45MB once bundle size is reduced
   ios: 46,
   android: 46,
 };

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	// Bundle size thresholds in MB - easy to update!
	const BUNDLE_THRESHOLDS_MB = {
	// TODO: fix temporary bundle bump
	ios: 45,
	android: 45,
	ios: 46,
	android: 46,
	};
	// Bundle size thresholds in MB - easy to update!
	const BUNDLE_THRESHOLDS_MB = {
	// TODO(<issue-or-pr-link>, <owner>, revert-by YYYY-MM-DD): revert to 45MB once bundle size is reduced
	ios: 46,
	android: 46,
	};

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @app/src/screens/verification/ProveScreen.tsx:
- Around line 138-180: The useEffect's async helper checkForInactiveDocument
calls loadDocumentCatalog() without try/catch so if that promise rejects
setHasCheckedForInactiveDocument(true) never runs and the UI stays blocked; wrap
the body of checkForInactiveDocument in a try/catch (or try/finally) around
loadDocumentCatalog() and the subsequent loop, log or handle any error, and
ensure setHasCheckedForInactiveDocument(true) is invoked in the catch or finally
so the effect completes even on failure; reference the existing functions
useEffect, checkForInactiveDocument, loadDocumentCatalog, and
setHasCheckedForInactiveDocument when applying the fix.

🧹 Nitpick comments (1)

app/src/screens/verification/ProveScreen.tsx (1)

123-136: Missing default case in switch statement.

If documentMetadata.documentCategory contains an unexpected value (e.g., a future document type), the function silently does nothing. Consider adding a default case to handle unknown categories gracefully.

Suggested improvement

 const navigateToDocumentOnboarding = useCallback(
   (documentMetadata: DocumentMetadata) => {
     switch (documentMetadata.documentCategory) {
       case 'passport':
       case 'id_card':
         navigate('DocumentOnboarding');
         break;
       case 'aadhaar':
         navigate('AadhaarUpload', { countryCode: 'IND' });
         break;
+      default:
+        console.warn(
+          `Unknown document category: ${documentMetadata.documentCategory}`,
+        );
+        navigate('DocumentOnboarding');
+        break;
     }
   },
   [navigate],
 );

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 97fbb15 and d9f142d.

📒 Files selected for processing (7)

• app/src/components/proof-request/BottomVerifyBar.tsx
• app/src/providers/passportDataProvider.tsx
• app/src/screens/dev/DevSettingsScreen.tsx
• app/src/screens/home/HomeScreen.tsx
• app/src/screens/verification/ProveScreen.tsx
• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• packages/mobile-sdk-alpha/src/constants/colors.ts

🚧 Files skipped from review as they are similar to previous changes (2)

• app/src/providers/passportDataProvider.tsx
• app/src/screens/dev/DevSettingsScreen.tsx

🧰 Additional context used

📓 Path-based instructions (25)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx
• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/src/screens/home/HomeScreen.tsx

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx
• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/src/screens/home/HomeScreen.tsx

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx
• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/src/screens/home/HomeScreen.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

app/**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx}: Ensure web build succeeds with yarn web before creating a PR
Do not include sensitive data in logs - avoid logging PII, credentials, and tokens
Use react-native-dotenv for environment configuration via @env import
Confirm no sensitive data exposed before PR merge

Files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

packages/mobile-sdk-alpha/**/*.{ts,tsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

packages/mobile-sdk-alpha/**/*.{ts,tsx}: Check types across the codebase by running yarn types
Run yarn types or yarn typecheck to check TypeScript types across the codebase
Run yarn build to build the package for distribution
Before committing changes, ensure TypeScript types are valid by running yarn types
Before committing changes, ensure the build succeeds by running yarn build
Before creating a PR, ensure yarn types passes (TypeScript validation)
Before creating a PR, ensure yarn build succeeds (package builds correctly)
Ensure no breaking changes to public API or document them properly
Verify cross-platform compatibility for both React Native and Web environments
This package uses TypeScript with strict type checking
Use ESLint with TypeScript-specific rules
Use platform detection Platform.OS === 'web' when adding platform-specific code
Maintain type definitions that are complete and accurate

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• packages/mobile-sdk-alpha/src/constants/colors.ts

packages/mobile-sdk-alpha/**/*.{js,ts,tsx,jsx}

📄 CodeRabbit inference engine (packages/mobile-sdk-alpha/AGENTS.md)

Run yarn lint to check for linting issues or yarn lint:fix to automatically fix them

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• packages/mobile-sdk-alpha/src/constants/colors.ts

packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

packages/mobile-sdk-alpha/**/*.{ts,tsx,js,jsx}: Review alpha mobile SDK code for:

• API consistency with core SDK
• Platform-neutral abstractions
• Performance considerations
• Clear experimental notes or TODOs

Files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• packages/mobile-sdk-alpha/src/constants/colors.ts

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,ofac,verification,identity}/**/*.{ts,tsx,js,py}: Implement three-tier OFAC verification system: Passport Number Check (direct passport validation), Name + DOB Check (full name with exact date of birth), and Name + Year Check (name with year of birth, defaulting to Jan-01)
Apply Jaro–Winkler fuzzy matching algorithm with ≥0.92 threshold for OFAC name verification
Validate passport numbers by removing whitespace/punctuation and performing country-specific format validation
Protect all PII by committing via domain-separated hashes using Poseidon hash function with 'ofac-v1' domain separator
Implement per-issuer salt for additional privacy in OFAC hash commitments, with unique salt per issuing country

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity,utils}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Normalize names using case-folding, Unicode NFKC normalization, and diacritics removal for OFAC matching

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,ofac,verification,identity,age}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use ISO 8601 format (YYYY-MM-DD) for all date inputs in compliance verification

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{age,verification,identity,compliance}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement age verification with day-level precision for 'olderThan' checks accepting ISO 8601 date inputs

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,age,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of age without disclosing actual date of birth

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,country,verification,identity}/**/*.{ts,tsx,js,py}: Implement forbidden country validation using Bloom filter with false positive rate ≤1e-6
Validate country codes in ISO 3166-1 alpha-3 format for forbidden country checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{circuits,country,verification,zk,proof}/**/*.{circom,ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement zero-knowledge proof of country non-inclusion without revealing actual country code

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,country,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Implement graceful degradation for country validation when filter is unavailable

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,identity,age,country}/**/*.{ts,tsx,js,py}: Use UTC timestamps only for all compliance verification operations
Allow ±5 minutes clock drift tolerance in timestamp validation for compliance checks

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Enforce 24-hour verification window with drift adjustment for compliance proof validity

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,proof,zk,identity,age,country}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain peak memory usage below 300MB for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{compliance,verification,service,api}/**/*.{ts,tsx,js,py}: Make all network calls idempotent with exponential backoff retry logic
Implement exponential backoff with jitter for compliance verification retry logic

Files:

• app/src/screens/verification/ProveScreen.tsx

**/{compliance,audit,log,verification}/**/*.{ts,tsx,js,py}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Maintain privacy-preserving audit logs for compliance verification operations

Files:

• app/src/screens/verification/ProveScreen.tsx

🧠 Learnings (26)

📓 Common learnings

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:46.963Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

📚 Learning: 2025-12-13T18:00:46.963Z

Learnt from: seshanthS
Repo: selfxyz/self PR: 1497
File: app/src/screens/verification/ProveScreen.tsx:125-161
Timestamp: 2025-12-13T18:00:46.963Z
Learning: In app/src/screens/verification/ProveScreen.tsx: The document expiration check using checkDocumentExpiration() is UX-only to prevent wasted gas and provide better user experience. The authoritative expiration validation is enforced in the circuits and smart contracts using trusted time sources (block timestamps), not device clock.

Applied to files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt} : Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations

Applied to files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:07:28.188Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursor/rules/compliance-verification.mdc:0-0
Timestamp: 2025-11-25T14:07:28.188Z
Learning: Applies to **/{compliance,verification,proof}/**/*.{ts,tsx,js,py} : Enforce 24-hour verification window with drift adjustment for compliance proof validity

Applied to files:

• app/src/components/proof-request/BottomVerifyBar.tsx

📚 Learning: 2025-12-25T19:19:04.954Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Applies to app/**/*.{ts,tsx,js,jsx} : Confirm no sensitive data exposed before PR merge

Applied to files:

• app/src/components/proof-request/BottomVerifyBar.tsx
• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : Ensure no breaking changes to public API or document them properly

Applied to files:

• packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx
• packages/mobile-sdk-alpha/src/constants/colors.ts
• app/src/screens/home/HomeScreen.tsx

📚 Learning: 2025-12-25T19:19:04.954Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: app/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:04.954Z
Learning: Document complex native module changes in PRs

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Before committing changes, ensure code is properly formatted by running `yarn nice`

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : Verify cross-platform compatibility for both React Native and Web environments

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Run `yarn fmt` to check formatting or `yarn fmt:fix` to automatically format files with Prettier

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Always use try-catch for async operations in React Native and TypeScript code.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-09-10T14:47:40.945Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1041
File: app/src/providers/passportDataProvider.tsx:297-301
Timestamp: 2025-09-10T14:47:40.945Z
Learning: In app/src/providers/passportDataProvider.tsx: The deleteDocumentDirectlyFromKeychain function is a low-level utility used by the DocumentsAdapter and should not include error handling since callers like deleteDocument() already implement appropriate try/catch with logging for Keychain operations.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use React Navigation with `createStaticNavigation` for type-safe navigation in React Native applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-10-23T12:08:55.529Z

Learnt from: shazarre
Repo: selfxyz/self PR: 1236
File: packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx:356-378
Timestamp: 2025-10-23T12:08:55.529Z
Learning: In packages/mobile-sdk-alpha/src/flows/onboarding/document-nfc-screen.tsx, the NFC native events emitted via NativeEventEmitter are generic status strings (e.g., "PACE succeeded", "BAC failed", "Reading DG1 succeeded") and do not contain sensitive MRZ data or passport numbers, so they do not require sanitization before logging.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-23T02:02:02.556Z

Learnt from: transphorm
Repo: selfxyz/self PR: 942
File: app/vite.config.ts:170-0
Timestamp: 2025-08-23T02:02:02.556Z
Learning: In the selfxyz/self React Native app, devTools from '@/navigation/devTools' are intentionally shipped to production builds for testing purposes, not excluded as is typical in most applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement custom modal system with `useModal` hook and callback registry in React Native.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:41:41.821Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/aesop/PassportOnboardingScreen.tsx:0-0
Timestamp: 2025-08-26T14:41:41.821Z
Learning: When verifying provider hierarchies in React Native apps, always check the main App.tsx file at the app root, not just navigation/index.tsx and layout files, as providers are often configured at the top-level App component.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Zustand for global state management in React Native applications.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Integrate haptic feedback using `useHapticNavigation` hook in React Native navigation.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: The main App.tsx file is located at app/App.tsx (not in app/src), and it properly wraps the entire app with SelfClientProvider at the top of the provider hierarchy, enabling useSelfClient() hook usage throughout all navigation screens.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx
• app/src/screens/home/HomeScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use custom hooks for complex state (`useModal`, `useHapticNavigation`) instead of inline logic.

Applied to files:

• app/src/screens/verification/ProveScreen.tsx

📚 Learning: 2025-08-25T14:25:57.586Z

Learnt from: aaronmgdr
Repo: selfxyz/self PR: 951
File: app/src/providers/authProvider.web.tsx:17-18
Timestamp: 2025-08-25T14:25:57.586Z
Learning: The selfxyz/mobile-sdk-alpha/constants/analytics import path is properly configured with SDK exports, Metro aliases, and TypeScript resolution. Import changes from @/consts/analytics to this path are part of valid analytics migration, not TypeScript resolution issues.

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : This package uses TypeScript with strict type checking

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts

📚 Learning: 2025-12-25T19:19:35.354Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: packages/mobile-sdk-alpha/AGENTS.md:0-0
Timestamp: 2025-12-25T19:19:35.354Z
Learning: Applies to packages/mobile-sdk-alpha/**/*.{ts,tsx} : Maintain type definitions that are complete and accurate

Applied to files:

• packages/mobile-sdk-alpha/src/constants/colors.ts

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement lazy loading for screens using `React.lazy()` in React Native applications.

Applied to files:

• app/src/screens/home/HomeScreen.tsx

🧬 Code graph analysis (2)

app/src/screens/verification/ProveScreen.tsx (3)

packages/mobile-sdk-alpha/src/index.ts (2)

• DocumentMetadata (38-38)
• buttonTap (86-86)

app/src/utils/documents.ts (1)

• isDocumentInactive (7-20)

app/src/utils/index.ts (1)

• registerModalCallbacks (47-47)

app/src/screens/home/HomeScreen.tsx (2)

packages/mobile-sdk-alpha/src/documents/utils.ts (1)

• getAllDocuments (93-111)

app/src/utils/documents.ts (1)

• isDocumentInactive (7-20)

⏰ Context from checks skipped due to timeout of 300000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: android-build-test
• GitHub Check: Android E2E Tests Demo App
• GitHub Check: e2e-ios
• GitHub Check: Cursor Bugbot

🔇 Additional comments (8)

packages/mobile-sdk-alpha/src/constants/colors.ts (1)

32-33: LGTM!

Clean addition of red600 following the established naming convention and shade ordering. The hex value #DC2626 is correct (standard red-600 shade) and this additive export introduces no breaking changes to the SDK's public API.

packages/mobile-sdk-alpha/src/components/buttons/HeldPrimaryButtonProveScreen.tsx (2)

17-34: Props and context updates look correct.

The new hasCheckedForInactiveDocument prop is properly threaded through the component's type definitions, state machine context, and event payloads. The prop is correctly initialized to false in the context factory.

---

227-236: Dependency array and disabled logic are correct.

The useEffect properly includes hasCheckedForInactiveDocument and send in dependencies. The isDisabled calculation correctly gates interaction until the inactive document check completes, complementing the existing state machine conditions.

app/src/components/proof-request/BottomVerifyBar.tsx (1)

13-22: Clean prop passthrough implementation.

The component correctly accepts and forwards hasCheckedForInactiveDocument to HeldPrimaryButtonProveScreen. Type definition aligns with the SDK component's expectations.

Also applies to: 44-52

app/src/screens/home/HomeScreen.tsx (2)

121-149: Solid implementation with appropriate error handling.

The inactivity check is correctly gated to the selected document, and the non-blocking error handling ensures the home screen loads even if the check fails. The outer try/catch appropriately handles async operations.

Minor note: The inner try/catch around isDocumentInactive() (lines 135-142) is defensive for a pure synchronous function that cannot throw, but it doesn't cause harm and aligns with the stated intent to avoid blocking the screen.

---

285-297: Correct conditional rendering for inactive state.

The condition isSelected && isSelectedDocumentInactive === true properly ensures the inactive indicator only appears for the selected document and only when definitively determined to be inactive (distinguishing true from null/false).

app/src/screens/verification/ProveScreen.tsx (2)

182-214: Effect gating is correctly implemented.

All subsequent effects properly check hasCheckedForInactiveDocument before executing, ensuring the inactive document flow completes first. Dependency arrays are updated appropriately. Based on learnings, the document expiration check remains a UX safeguard—authoritative validation happens in circuits/contracts with trusted time sources.

Also applies to: 216-243, 245-302, 305-354

---

457-466: BottomVerifyBar integration is correct.

The hasCheckedForInactiveDocument prop is passed to BottomVerifyBar, which propagates it to the SDK button component for proper interaction gating until the inactive document check completes.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Missing error handling could block the verification flow.

If loadDocumentCatalog() throws, the catch block never executes since it's outside the async function body, and setHasCheckedForInactiveDocument(true) is never called. This leaves the user permanently stuck—all subsequent effects gate on hasCheckedForInactiveDocument, and BottomVerifyBar will remain disabled.

Proposed fix

   useEffect(() => {
     // Don't check twice
     if (hasCheckedForInactiveDocument) {
       return;
     }

     const checkForInactiveDocument = async () => {
-      const catalog = await loadDocumentCatalog();
-      const selectedDocumentId = catalog.selectedDocumentId;
-
-      for (const documentMetadata of catalog.documents) {
-        if (
-          documentMetadata.id === selectedDocumentId &&
-          isDocumentInactive(documentMetadata)
-        ) {
-          const callbackId = registerModalCallbacks({
-            onButtonPress: () => navigateToDocumentOnboarding(documentMetadata),
-            onModalDismiss: () => navigate('Home' as never),
-          });
-
-          navigate('Modal', {
-            titleText: 'Your ID needs to be reactivated to continue',
-            bodyText:
-              'Make sure that you have your document and recovery method ready.',
-            buttonText: 'Continue',
-            secondaryButtonText: 'Not now',
-            callbackId,
-          });
-
-          return;
+      try {
+        const catalog = await loadDocumentCatalog();
+        const selectedDocumentId = catalog.selectedDocumentId;
+
+        for (const documentMetadata of catalog.documents) {
+          if (
+            documentMetadata.id === selectedDocumentId &&
+            isDocumentInactive(documentMetadata)
+          ) {
+            const callbackId = registerModalCallbacks({
+              onButtonPress: () => navigateToDocumentOnboarding(documentMetadata),
+              onModalDismiss: () => navigate('Home' as never),
+            });
+
+            navigate('Modal', {
+              titleText: 'Your ID needs to be reactivated to continue',
+              bodyText:
+                'Make sure that you have your document and recovery method ready.',
+              buttonText: 'Continue',
+              secondaryButtonText: 'Not now',
+              callbackId,
+            });
+
+            return;
+          }
         }
+      } catch (error) {
+        console.warn('Failed to check for inactive document:', error);
       }

       setHasCheckedForInactiveDocument(true);
     };

     checkForInactiveDocument();
   }, [

🤖 Prompt for AI Agents

In @app/src/screens/verification/ProveScreen.tsx around lines 138 - 180, The
useEffect's async helper checkForInactiveDocument calls loadDocumentCatalog()
without try/catch so if that promise rejects
setHasCheckedForInactiveDocument(true) never runs and the UI stays blocked; wrap
the body of checkForInactiveDocument in a try/catch (or try/finally) around
loadDocumentCatalog() and the subsequent loop, log or handle any error, and
ensure setHasCheckedForInactiveDocument(true) is invoked in the catch or finally
so the effect completes even on failure; reference the existing functions
useEffect, checkForInactiveDocument, loadDocumentCatalog, and
setHasCheckedForInactiveDocument when applying the fix.