feat: React Native Upgrade / 0.81.5 (MetaMask#29195)

<!--
Please submit this PR as a draft initially.

Do not mark it as "Ready for review" until this PR meets the canonical
Definition of Ready For Review in `docs/readme/ready-for-review.md`.

In short: the template must be materially complete (not just section
titles
present), all status checks must be currently passing, and the only
expected
follow-up commits must be reviewer-driven.
-->

## **Description**

  Upgrades the core mobile stack from React Native 0.76.9 to 0.81.5,
  React 18.3 to 19.1, and Expo SDK 52 to 54. Includes all necessary
  migration fixes for breaking changes in the new architecture, test
  infrastructure updates, and dependency alignment.

<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->

## **Changelog**

### Core stack
- **React Native** 0.76.9 → 0.81.5
- **React** 18.3.1 → 19.1.0 (and `react-test-renderer` to match)
- **Expo SDK** 52 → 54 (every `expo-*` package bumped to its SDK 54
line)
- **Hermes** updated alongside RN 0.81
- **`@react-native-community/cli` (+ `cli-platform-android`/`-ios`)**
15.0.1 → 20.0.0
- **`@react-native/metro-config`** 0.76.9 → 0.81.5
- **`@types/react`** ^18.2.6 → ^19.1.0
- **iOS app entry point migrated from Objective-C (`main.m`) to Swift
(`AppDelegate.swift`)** as required by the RN 0.81 iOS template

### React Native ecosystem libraries
- **`react-native-screens`** 3.37.0 → 4.16.0 (major)
- **`react-native-safe-area-context`** ^5.4.0 → ~5.6.0
- **`react-native-reanimated`** ^3.17.2 → 3.19.0
- **`react-native-gesture-handler`** ^2.25.0 → ~2.28.0
- **`react-native-mmkv`** ^3.2.0 → ^4.1.2 (major; resolves to 4.3.1)
- **`react-native-pager-view`** ^6.7.0 → 6.9.1
- **`react-native-nitro-modules`** ^0.29.6 → 0.35.5
- **`react-native-svg`** ^15.11.1 → 15.12.1
- **`react-native-video`** ^6.10.1 → ^6.19.0
- **`react-native-vision-camera`** ^4.6.4 → ^4.7.3
- **`react-native-view-shot`** ^3.1.2 → 4.0.3 (major; legacy
`patch-package` patch dropped)
- **`react-native-qrcode-svg`** 5.1.2 → 6.3.21 (major; legacy patch
dropped)
- **`react-native-performance`** ^5.1.2 → ^6.0.0 (major; legacy patch
dropped)
- **`react-native-release-profiler`** ^0.4.0 → ^0.4.4
- **`@react-native-community/slider`** ^4.4.3 → 5.0.1 (major)
- **`@react-native-async-storage/async-storage`** ^1.23.1 → 2.2.0
(major)
- **`@react-native-community/viewpager`** new direct dep (patched) to
keep legacy paged-view consumers building under RN 0.81
- **`lottie-react-native`** 6.7.2 → ~7.3.1 (major)
- **`rive-react-native`** 9.3.4 → ^9.8.0 (legacy patch dropped)

### Native / platform integrations
- **`@sentry/react-native`** ~6.15.0 → ~7.2.0
- **`@segment/analytics-react-native`** ^2.20.3 → ^2.21.4
- **`@solana-mobile/mobile-wallet-adapter-protocol`** ^2.2.5 added
(replaces the removed Solana shim path)

### Tooling / test infra
- **`detox`** ^20.35.0 → ^20.43.0
- **`@expo/fingerprint`** ^0.15.0 → ~0.15.4
- **`pretty-format/react-is`** pinned to ^19.0.0 (resolution; required
for React 19 test compat)
- New global mock: `tests/module-mocking/sentry/react-native.ts`
(E2E-only Sentry shim selected by `metro.config.js` when `IS_TEST=true`)
- `tsconfig.json` path aliases for selected `@metamask/*` dist subpaths

## Breaking Changes Addressed

### React 19
- Removed `defaultProps` from all function components (deprecated in
React 18.3, removed in 19)
- `useRef` now requires an explicit initial value — every `useRef<T>()`
updated to `useRef<T>(null)`
- `RefObject<T>` typing tightened — call sites switched to `RefObject<T
| null>` where they were assuming non-null
- `React.cloneElement` generics tightened — added explicit type
parameters where inference no longer narrows
- `ReactChild` removed — switched to `ReactNode`
- Migrated hook tests from `@testing-library/react-hooks` (unmaintained
on React 19) to `@testing-library/react-native` `renderHook`
- Updated mocked ref parameters from `{}` to `undefined` to match the
new `forwardRef` signature
- Updated test `rerender()` call sites to the new return shape

### React Native 0.81
- Added a `BackHandler.removeEventListener` shim (the static method was
removed; `addEventListener` now returns a subscription)
- Migrated iOS entry point to **Swift `AppDelegate.swift`** + new
`LaunchScreen.xib` (deleted `main.m`)
- `MMKV` is now a type-only export and `.remove()` was renamed to
`.delete()` (`react-native-mmkv` v4)
- `NavigationContainerRef` requires a generic parameter
(`@react-navigation/native` v7)
- `BlurEvent` / `FocusEvent` typing changes on `TextInput` callbacks
- `refreshControl` prop typing on virtualized lists
- New `MessageEvent` (private) usage in `WebSocket` is internal — Snaps
continue to boot via the existing
`patches/@MetaMask+post-message-stream+10.0.0.patch` (no shim needed)
- Patched `@metamask/react-native-webview`,
`@metamask/react-native-button`, `@metamask/react-native-payments`,
`@metamask/react-native-acm` for RN 0.81 / React 19 compatibility (see
TODO list below)
- Fixed `expo-modules-core` `EventEmitter` mock, `Linking` mock path
(now `.default.openURL`), safe-area / screens snapshots

### Snaps
- `AbstractExecutionService` renamed to `ExecutionService` in
`@metamask/snaps-controllers`
- Allowed `XMLSerializer` and `DOMParser` inside the snap iframe via the
new yarn patch on `@metamask/snaps-execution-environments` (replaces the
runtime HTML mutation we previously carried in
`SnapsExecutionWebView.tsx`)
- Restored upstream `pump` usage in snap/background bridges (rolled back
local stream-cleanup defensive code in `MobilePortStream.js` and
`execution-service-init.ts`)

### Test infrastructure
- Fixed wallet adapter tests (dynamic import race with
`@expensify/react-native-wallet`)
- Restored the `isClosingRef` guard in `BottomSheetDialog` to prevent
double `goBack` (MUSD-406) and rolled back a faulty `lodash.debounce`
attempt
- Fixed `PolymarketProvider` fetch mocks (missing `response.text()`)
- Fixed `useTokenSearch` throttle timing, `EarnLendingWithdrawal` mock
ordering
- Updated `initial-background-state.json` fixture, `useTailwind` mock,
`reanimatedLogger` config
- E2E: fixed URL editor dismissal and snap error assertions across
platforms; raised default Detox timeout

### Build / CI
- iOS `Podfile.lock` regenerated for RN 0.81's new Pod graph
- iOS `PrivacyInfo.xcprivacy` updated for the SDK 54 surface
- Android: `CMAKE_VERSION` pinned for RN 0.81's NDK build
- E2E CI workflows append `${{ github.run_id }}` to native-build cache
keys (Android APKs/Gradle, iOS DerivedData) to force fresh builds during
the upgrade rollout
- `.depcheckrc.yml` ignores extended for short-name Babel plugins

## Dependencies Patched (`.yarn/patches/`)

**MetaMask-owned (see TODO below — should be upstreamed and the patches
dropped):**
- `@metamask/react-native-acm@1.2.0`
- `@metamask/react-native-button@3.0.0`
- `@metamask/react-native-payments@2.0.2`
- `@metamask/react-native-webview@14.6.0`
- `@metamask/snaps-execution-environments@11.0.2`

**Third-party (need upstream PRs or version bumps as they ship RN
0.81-compatible releases):**
- `react-native@0.81.5` (RN itself — small follow-up patch on top of
0.81.5)
- `@react-native-community/viewpager@3.3.0`
- `@braze/react-native-sdk@19.1.0` (ReactModuleInfo signature change)
- `react-native-aes-crypto-forked` (we maintain the fork; can be folded
into the fork repo)
- `react-native-fast-crypto@2.2.0`
- `react-native-gzip@1.1.0`
- `react-native-i18n@2.0.15` (deprecated upstream — long-term replace)
- `react-native-os@1.2.6`
- `react-native-sensors@5.3.0`
- `reactotron-core-client@2.9.7`
- `expo-web-browser@14.0.2`

**Legacy `patches/` (patch-package) entries removed in this PR**
because the upstream packages or our own forks now cover them, or
because the patched version is no longer installed:
`@metamask+react-native-button+3.0.0`,
`@metamask+react-native-payments+2.0.0`,
`react-native+0.76.9`,
`react-native-aes-crypto-forked+1.2.1`,
`react-native-fast-crypto+2.2.0`,
`react-native-performance+5.1.2`,
`react-native-qrcode-svg+5.1.2`,
`react-native-view-shot+3.8.0`,
`expo-updates-npm-0.27.4`. Net result: no orphan patches carried
forward.

## TODO — follow-ups after this PR is merged

Several Yarn patches added by this upgrade target packages we own under
`@metamask/*`. They unblock RN 0.81 today, but we should publish fixed
releases and drop the local patches in follow-up PRs:

- **`@metamask/react-native-acm@1.2.0`** — RN 0.81's Kotlin rewrite of
  `ReactContextBaseJavaModule` removed the `currentActivity` synthetic
accessor (now `getCurrentActivity()`) and made `onNewIntent(intent:
Intent)`
non-nullable. Patch updates the 4 affected sites in
`GoogleAcmModule.kt`.
  → Publish a 1.x compatible release that compiles against RN 0.81.
- **`@metamask/react-native-button@3.0.0`** —
`TouchableOpacity.propTypes`,
`Text.propTypes` and `ViewPropTypes.style` no longer exist on RN 0.81 /
React 19. Patch falls back to `PropTypes.any`/`PropTypes.bool`
defensively.
→ Replace `propTypes` with TypeScript types or PropTypes.shape literals
  upstream.
- **`@metamask/react-native-payments@2.0.2`** — Bumps Android
`compileSdk`/`buildTools`/`targetSdk` from 28 → 36 and drops the removed
  `ReactBridge` import. → Publish a release with the SDK bump (and
optionally migrate the module to Kotlin / TurboModules while we're
there).
- **`@metamask/react-native-webview@14.6.0`** — Adds
`codegenConfig.ios.componentProvider`/`modulesProvider` entries needed
by
RN 0.81's Fabric codegen so `RNCWebView` and `RNCWebViewModule` register
correctly. → Cherry-pick into the next published release; this is purely
  a `package.json` metadata fix.
- **`@metamask/snaps-execution-environments@11.0.2`** — Adds
`XMLSerializer`
  and `DOMParser` to the LavaMoat `scuttleGlobalThis.exceptions` list in
  `dist/webpack/webview/index.html` so snaps can run inside the iframe
  after lockdown. (This replaces the runtime HTML mutation we previously
carried in `SnapsExecutionWebView.tsx`.) → Land the equivalent change in
`snaps` upstream so the scuttle exceptions are baked into the published
  HTML.

Other notable patches added here target third-party packages we don't
own
(see the "Third-party" list above); they'll need separate upstream PRs
or
version bumps as those projects publish RN 0.81-compatible releases.

<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`

If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`

(This helps the Release Engineer do their job more quickly and
accurately)
-->

CHANGELOG entry: null

## **Manual testing steps**

Because this PR moves the entire native floor (RN 0.81 / React 19 / Expo
54),
the surfaces most likely to regress are the ones that cross the
JS↔native
bridge or rely on WebViews, animations, and platform integrations. Run
the
scenarios below on **both iOS and Android** (release-style build
preferred so
LavaMoat lockdown and Hermes kick in).

```gherkin
Feature: RN 0.81 / React 19 / Expo 54 upgrade smoke

  Scenario: In-place upgrade from the latest production build
    Given a device with the latest store version of MetaMask Mobile installed
    And a wallet that has been used (multiple accounts, custom networks, contacts, NFTs, recent txs, push enabled, biometrics enabled)
    When the user installs this build over the existing one (without uninstalling)
    Then the app launches without crashing on cold start
    And redux-persist migrations run cleanly (no migration errors in logs)
    And accounts, custom networks, contacts, hidden tokens, NFT collections, transaction history, and address book entries are preserved
    And MMKV-backed storage opens (no "Failed to open MMKV" or version mismatch errors)
    And biometric unlock still works without re-prompting for a password reset
    And push-notification token registration still resolves
    And no data needs to be re-imported

  Scenario: In-place upgrade from an older minor (n-3 versions back)
    Given a device with a 3-versions-old build of MetaMask Mobile and a used wallet
    When the user installs this build over it
    Then the chained migrations execute in order with no errors
    And the same continuity assertions as above hold

  Scenario: Onboarding — create new wallet
    Given a fresh install
    When the user creates a new wallet, sets a password, and skips backup
    Then onboarding completes and the wallet screen renders without animation glitches
    And the BackHandler shim does not trigger duplicate goBacks on Android

  Scenario: Onboarding — import via SRP
    Given a fresh install
    When the user imports an existing 12-word SRP via "Import using Secret Recovery Phrase"
    Then accounts populate and the home screen loads with balances

  Scenario: Manual backup flow (Steps 1, 2, 3)
    Given a wallet that has not yet completed manual backup
    When the user walks through ManualBackupStep1 → 2 → 3
    Then the SRP is shown, verification succeeds, and Step 3 navigates to HomeNav without re-registering the Android back handler twice

  Scenario: Send ETH (legacy + EIP-1559)
    Given a funded EOA on Sepolia and Mainnet
    When the user sends ETH to another address using both legacy and 1559 gas
    Then the confirmation sheet renders, the user signs, and the tx appears in Activity → confirmed

  Scenario: Token send + ERC-20 approval
    Given a funded EOA with USDC on Mainnet
    When the user sends USDC and (separately) approves a spender via dApp
    Then both flows render their confirmation sheets correctly and the txs land

  Scenario: Swap (single-chain) + Bridge (cross-chain)
    Given a funded EOA
    When the user performs a Swap and a Bridge from the wallet UI
    Then quotes load, approvals (if needed) sign, the user can switch routes, and the txs land

  Scenario: Smart transactions (STX) on Mainnet
    Given an account with STX enabled
    When the user submits a swap eligible for STX
    Then the STX status sheet renders, polls, and resolves to confirmed without flicker

  Scenario: Transaction batching (EIP-7702 / 5792)
    Given a smart account that supports batched txs
    When the user signs a batch confirmation
    Then the batch appears in Activity with the correct sub-txs

  Scenario: Hardware wallet — Ledger BLE
    Given a Ledger device paired via BLE
    When the user signs an EVM transaction using the Ledger account
    Then the BLE connection succeeds, the user approves on-device, and the tx is broadcast

  Scenario: WalletConnect / SDK dApp connection
    Given a sample dApp (e.g. Uniswap testnet) on desktop
    When the user scans the QR with the in-app camera and connects via WalletConnect
    Then the connection request renders, methods (eth_signTypedData_v4, personal_sign, eth_sendTransaction) work end-to-end, and the dApp shows the wallet address

  Scenario: Deeplinks — universal links + custom scheme + cold/warm start
    Given the app is killed (cold) and separately, in the background (warm)
    When the user taps:
      | metamask://send?recipient=0x...                          | from another app |
      | metamask://buy?address=0x...&chainId=0x1                 | from another app |
      | metamask://swap?from=ETH&to=USDC                         | from another app |
      | metamask://wc?uri=wc:abcd...                             | from a dApp QR  |
      | https://metamask.app.link/wallet                         | universal link  |
      | https://metamask.app.link/buy?...                        | universal link  |
    Then each link routes to the correct screen on both cold and warm starts
    And in-app `Linking.openURL(...)` (e.g. ramp Buy widget, support links) opens the external browser correctly

  Scenario: In-browser dApp via the built-in Browser tab
    Given the wallet is unlocked
    When the user opens the in-app Browser, navigates to a dApp, and signs a tx
    Then the WebView renders, the provider injects, and signing flows work
    # exercises the @metamask/react-native-webview Fabric codegen patch

  Scenario: Snaps — install + invoke
    Given a Flask build with snaps enabled
    When the user installs a permissioned snap and invokes a method that opens a snap UI dialog
    Then the snap iframe loads under LavaMoat lockdown without "XMLSerializer is not a function" or scuttle errors and the dialog renders
    # exercises the @metamask/snaps-execution-environments LavaMoat patch

  Scenario: Buy/Sell ramps (in-app + external browser)
    Given a wallet unlocked and a quote available
    When the user purchases via Transak (in-app widget) and via an external-browser provider
    Then both routes complete; on the external path Linking.openURL or InAppBrowser is invoked correctly and Activity reflects the precreated order

  Scenario: Apple Pay / Google ACM
    Given the user has an Apple Pay card (iOS) or a Google account on device (Android)
    When the user triggers a flow that hits @metamask/react-native-payments (iOS) and Google ACM sign-in (Android)
    Then both native sheets present, complete, and return values to JS without crashing
    # exercises the @metamask/react-native-payments and @metamask/react-native-acm patches

  Scenario: Biometrics / Keychain unlock
    Given a wallet protected by biometrics
    When the user backgrounds the app, returns, and unlocks
    Then Face ID / Touch ID / Android biometric prompts present and unlock works on cold start, warm resume, and after switching networks

  Scenario: Push notifications (transaction notifications)
    Given push notifications enabled
    When an inbound tx confirms
    Then a notification arrives, deeplink tap-through navigates to the right activity row, and Sentry breadcrumbs do NOT show "[E2E Sentry Mock]" (verifies dev/prod env separation)

  Scenario: Token detail chart (TradingView WebView)
    Given the user opens a token detail (e.g. ETH) with MM_CHARTING_LIBRARY_URL set
    When the chart loads
    Then the TradingView library loads from CDN, the OHLC data renders, the crosshair pills work, and there is no "Failed to load TradingView library" error

  Scenario: BottomSheets, modals, and gestures
    Given any flow with a bottom sheet (account selector, network picker, confirmation, settings)
    When the user opens a sheet and rapidly taps the overlay 3-5 times
    Then the sheet closes once, the screen behind is unchanged (no double goBack — MUSD-406 regression check), and the swipe-to-dismiss gesture also works

  Scenario: Animations and Reanimated surfaces
    Given the user navigates onboarding → wallet → token → bridge → settings
    When the fox loader, onboarding success animation, carousel cards, and Rive-driven loaders play
    Then all animations render at 60fps with no warning spam and no crash on iOS 18 / Android 14+

  Scenario: Background restoration after long suspend
    Given the app is backgrounded for >15 minutes
    When the user resumes
    Then accounts, balances, and websocket connections (price feed, notifications) reconnect without leaking timers or duplicate listeners

  Scenario: SDK / WebSocket reconnection
    Given an active dApp connection and an active price-feed websocket
    When the user toggles airplane mode off→on→off
    Then both connections recover and txs/quotes flow again

  Scenario: Settings → Reveal SRP / Private Key
    Given an unlocked wallet
    When the user reveals the SRP and a private key from settings
    Then biometrics gate works, the secrets render correctly, and the "Hold to reveal" + scroll-on-iPhone-SE behaviors are unchanged

  Scenario: Power-user wallet (many accounts / tokens / NFTs)
    Given a power-user SRP imported (see internal SRPs)
    When the user navigates Wallet, Activity, NFTs, and switches networks
    Then list rendering, scrolling, and network switching remain smooth (FlashList 2 / RN 0.81 perf check)
```

The `[E2E Sentry Mock]` log line should NOT appear in any of the
dev/release
builds above; if it does, `IS_TEST=true` is leaking into the bundler
env.

<!-- [screenshots/recordings] -->

## **Pre-merge author checklist**

<!--
Every checklist item must be consciously assessed before marking this PR
as
"Ready for review". A checked box means you deliberately considered that
responsibility, not that you literally performed every action listed.

Unchecked boxes are ambiguous: they are not an implicit "N/A" and they
are not
a silent "skip". See `docs/readme/ready-for-review.md` for the full
checklist
semantics.
-->

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

#### Performance checks (if applicable)

- [ ] I've tested on Android
  - Ideally on a mid-range device; emulator is acceptable
- [ ] I've tested with a power user scenario
- Use these [power-user
SRPs](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/edit-v2/401401446401?draftShareId=9d77e1e1-4bdc-4be1-9ebb-ccd916988d93)
to import wallets with many accounts and tokens
- [ ] I've instrumented key operations with Sentry traces for production
performance metrics
- See [`trace()`](/app/util/trace.ts) for usage and
[`addToken`](/app/components/Views/AddAsset/components/AddCustomToken/AddCustomToken.tsx#L274)
for an example

For performance guidelines and tooling, see the [Performance
Guide](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/400085549067/Performance+Guide+for+Engineers).

## **Pre-merge reviewer checklist**

<!--
Reviewer checklist items follow the same semantics as the author
checklist: an
unchecked box is ambiguous, a checked box means the reviewer consciously
assessed that responsibility. See `docs/readme/ready-for-review.md`.
-->

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.




<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **High Risk**
> High risk because it updates core React Native/Android build toolchain
and introduces multiple Yarn patches to native dependencies, which can
affect app startup, native compilation, and E2E reliability across both
platforms.
> 
> **Overview**
> Upgrades the RN stack to `react-native@0.81.5` and aligns native build
tooling around it: Android moves to `compileSdk/targetSdk 36`, Kotlin
`2.1.20`, NDK `27.1`, Gradle `8.14.3`, updates app initialization to
`loadReactNative(this)`, and adds an MLKit dependency override plus
Detox flavor handling.
> 
> Stabilizes CI/E2E builds during the upgrade by forcing fresh native
caches (cache keys include `${{ github.run_id }}`), pinning CMake for
Android E2E builds, bumping iOS cache versions, increasing E2E timeout,
and restoring iOS app/framework execute permissions after artifact
download.
> 
> Introduces/updates multiple `.yarn/patches/*` to keep third-party and
MetaMask native modules building under RN 0.81 (Gradle/SDK bumps,
Kotlin/ObjC signature fixes, codegen metadata, safer JS snippets),
removes obsolete patches, and adjusts JS/TS code for React 19
typing/runtime changes (BackHandler subscription cleanup, stricter
`RefObject<T | null>`/`useRef` init, safer prop spreads/cloneElement
generics, default props moved to parameters, and test expectation
updates).
> 
> <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit
c3c6e6e. Bugbot is set up for automated
code reviews on this repo. Configure
[here](https://www.cursor.com/dashboard/bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------

Co-authored-by: BubbleTrouble14 <ronald.goedeke@outlook.com>
Co-authored-by: tommasini <tommasini15@gmail.com>
Co-authored-by: tommasini <46944231+tommasini@users.noreply.github.com>
Co-authored-by: Andre Pimenta <andrepimenta7@gmail.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: ieow <4881057+ieow@users.noreply.github.com>
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
Co-authored-by: metamaskbot <metamaskbot@users.noreply.github.com>

Author: 9 people

.depcheckrc.yml

@@ -139,3 +139,18 @@ ignores:
 
   # Used in Yarn plugin for preview builds
   - '@yarnpkg/core'
+
+  # Babel plugins referenced in babel.config.js by their short name (without
+  # the `babel-plugin-` prefix). Babel resolves them correctly at build time
+  # but depcheck doesn't recognize the indirect reference. See babel.config.js
+  # line 65 comment for details.
+  - 'babel-plugin-react-compiler' # used as 'react-compiler' (line 68)
+  - 'babel-plugin-transform-inline-environment-variables' # used as 'transform-inline-environment-variables' (line 81)
+  - 'babel-plugin-transform-remove-console' # used as 'transform-remove-console' (line 166, production env)
+
+  # Listed as a direct dep in package.json but no longer referenced in
+  # babel.config.js (we use babel-preset-expo) or anywhere in our source.
+  # It's still available transitively via babel-preset-expo + Metro, so
+  # removing the direct declaration should be a no-op — left for a follow-up
+  # cleanup once the RN 0.81 upgrade has settled to avoid surprises.
+  - '@react-native/babel-preset'

.github/workflows/build-android-e2e.yml

@@ -117,6 +117,13 @@ jobs:
             exit 1
           fi
 
+      # TEMPORARY: `${{ github.run_id }}` makes every key unique per workflow
+      # run so we always get a fresh build during the RN 0.81 upgrade — the
+      # `yarn fingerprint:generate` heuristic doesn't track every native input
+      # being changed (yarn patches, MainApplication, Podfile shims, etc.) so
+      # the branch cache can serve a stale .apk and only the JS gets repacked.
+      # Remove the trailing `-${{ github.run_id }}` from each `key:` below
+      # once the upgrade is settled and fingerprint covers the touched paths.
       - name: Restore APKs matching fingerprint from branch cache
         if: ${{ inputs.runner_provider != 'namespace' }}
         id: apk-cache-restore
@@ -132,7 +139,7 @@ jobs:
           # - "Restore APKs matching fingerprint from main cache"
           # - "Restore Gradle dependencies from branch cache"
           # - "Restore Gradle dependencies from main cache"
-          key: android-apk-${{ github.ref_name }}-${{ inputs.build_type }}-${{ env.CACHE_GENERATION }}-${{ steps.generate-fingerprint.outputs.fingerprint }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          key: android-apk-${{ github.ref_name }}-${{ inputs.build_type }}-${{ env.CACHE_GENERATION }}-${{ steps.generate-fingerprint.outputs.fingerprint }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}-${{ github.run_id }}
 
       - name: Restore APKs matching fingerprint from main cache
         if: ${{ inputs.runner_provider != 'namespace' && steps.apk-cache-restore.outputs.cache-hit != 'true' && github.ref_name != 'main' }}
@@ -149,7 +156,7 @@ jobs:
           # - "Restore APKs matching fingerprint from main cache"
           # - "Restore Gradle dependencies from branch cache"
           # - "Restore Gradle dependencies from main cache"
-          key: android-apk-main-${{ inputs.build_type }}-${{ env.CACHE_GENERATION }}-${{ steps.generate-fingerprint.outputs.fingerprint }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          key: android-apk-main-${{ inputs.build_type }}-${{ env.CACHE_GENERATION }}-${{ steps.generate-fingerprint.outputs.fingerprint }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}-${{ github.run_id }}
 
       - name: Restore Gradle dependencies from branch cache
         id: gradle-cache-restore
@@ -168,7 +175,7 @@ jobs:
           # - "Restore APKs matching fingerprint from main cache"
           # - "Restore Gradle dependencies from branch cache"
           # - "Restore Gradle dependencies from main cache"
-          key: gradle-${{ github.ref_name }}-${{ env.GRADLE_CACHE_VERSION }}-${{ runner.os }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          key: gradle-${{ github.ref_name }}-${{ env.GRADLE_CACHE_VERSION }}-${{ runner.os }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}-${{ github.run_id }}
 
       - name: Restore Gradle dependencies from main cache
         # This will only restore the cache, not update it
@@ -186,7 +193,7 @@ jobs:
           # - "Restore APKs matching fingerprint from main cache"
           # - "Restore Gradle dependencies from branch cache"
           # - "Restore Gradle dependencies from main cache"
-          key: gradle-main-${{ env.GRADLE_CACHE_VERSION }}-${{ runner.os }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          key: gradle-main-${{ env.GRADLE_CACHE_VERSION }}-${{ runner.os }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}-${{ github.run_id }}
 
       - name: Build Android E2E APKs
         if: ${{ inputs.runner_provider == 'namespace' || (steps.apk-cache-restore.outputs.cache-hit != 'true' && steps.apk-cache-restore-main.outputs.cache-hit != 'true') }}
@@ -208,6 +215,12 @@ jobs:
           NODE_OPTIONS: '--max-old-space-size=4096'
           # Limit Metro workers to prevent OOM (each worker uses ~3GB)
           METRO_MAX_WORKERS: '4'
+          # React Native 0.81's ReactAndroid/build.gradle.kts requests CMake 3.30.5
+          # via `System.getenv("CMAKE_VERSION") ?: "3.30.5"`. The self-hosted runner
+          # only ships CMake 3.22.1 in /opt/android-sdk/cmake/ and AGP cannot auto-
+          # download missing components, causing CXX1300. RN's CMakeLists.txt files
+          # only require >= 3.13, so 3.22.1 is fully sufficient.
+          CMAKE_VERSION: '3.22.1'
           BRIDGE_USE_DEV_APIS: 'true'
           RAMP_INTERNAL_BUILD: 'true'
           SEEDLESS_ONBOARDING_ENABLED: 'true'

.github/workflows/build-ios-e2e.yml

@@ -37,8 +37,8 @@ jobs:
       sourcemap-uploaded: ${{ steps.upload-sourcemap.outcome == 'success' }}
     env:
       # Bump these to bust the respective caches and force a full rebuild
-      XCODE_CACHE_VERSION: 1
-      IOS_APP_CACHE_VERSION: 2
+      XCODE_CACHE_VERSION: 4
+      IOS_APP_CACHE_VERSION: 5
       RCT_NO_LAUNCH_PACKAGER: 1
       XCODE_BUILD_SETTINGS: 'COMPILER_INDEX_STORE_ENABLE=NO'
       GITHUB_CI: 'true' # This ensures it's available during pod install
@@ -75,6 +75,13 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@v6
 
+      # TEMPORARY: `${{ github.run_id }}` makes every key unique per workflow
+      # run so we always get a fresh build during the RN 0.81 upgrade — the
+      # `yarn fingerprint:generate` heuristic doesn't track every native input
+      # being changed (yarn patches, AppDelegate, Podfile shims, etc.) so the
+      # branch cache can serve a stale .app and only the JS gets repacked.
+      # Remove the trailing `-${{ github.run_id }}` from each `key:` below
+      # once the upgrade is settled and fingerprint covers the touched paths.
       - name: Restore Xcode derived data from branch cache
         id: xcode-restore-cache
         # This action automatically updates the cache at the end of the workflow
@@ -83,7 +90,7 @@ jobs:
           path: |
             ~/Library/Developer/Xcode/DerivedData
             ios/build
-          key: ${{ runner.os }}-xcode-${{ github.ref_name }}-${{ env.XCODE_CACHE_VERSION }}-${{ hashFiles('ios/**/*.{h,m,mm,swift}', 'ios/**/Podfile.lock', 'yarn.lock') }}
+          key: ${{ runner.os }}-xcode-${{ github.ref_name }}-${{ env.XCODE_CACHE_VERSION }}-${{ hashFiles('ios/**/*.{h,m,mm,swift}', 'ios/**/Podfile.lock', 'yarn.lock') }}-${{ github.run_id }}
 
       - name: Restore Xcode derived data from main cache
         if: ${{ steps.xcode-restore-cache.outputs.cache-hit != 'true' && github.ref_name != 'main' }}
@@ -94,7 +101,7 @@ jobs:
           path: |
             ~/Library/Developer/Xcode/DerivedData
             ios/build
-          key: ${{ runner.os }}-xcode-main-${{ env.XCODE_CACHE_VERSION }}-${{ hashFiles('ios/**/*.{h,m,mm,swift}', 'ios/**/Podfile.lock', 'yarn.lock') }}
+          key: ${{ runner.os }}-xcode-main-${{ env.XCODE_CACHE_VERSION }}-${{ hashFiles('ios/**/*.{h,m,mm,swift}', 'ios/**/Podfile.lock', 'yarn.lock') }}-${{ github.run_id }}
 
       - name: Restore .metamask folder (Foundry download cache for install:foundryup)
         uses: actions/cache@v4
@@ -154,7 +161,7 @@ jobs:
         with:
           path: |
             ios/build/Build/Products/Release-iphonesimulator/MetaMask.app
-          key: ios-app-${{ github.ref_name }}-v${{ env.IOS_APP_CACHE_VERSION }}-${{ steps.generate-fingerprint.outputs.fingerprint }}
+          key: ios-app-${{ github.ref_name }}-v${{ env.IOS_APP_CACHE_VERSION }}-${{ steps.generate-fingerprint.outputs.fingerprint }}-${{ github.run_id }}
 
       - name: Restore iOS app matching fingerprint from main cache
         if: ${{ steps.cache-restore.outputs.cache-hit != 'true' && github.ref_name != 'main' }}
@@ -164,7 +171,7 @@ jobs:
         with:
           path: |
             ios/build/Build/Products/Release-iphonesimulator/MetaMask.app
-          key: ios-app-main-v${{ env.IOS_APP_CACHE_VERSION }}-${{ steps.generate-fingerprint.outputs.fingerprint }}
+          key: ios-app-main-v${{ env.IOS_APP_CACHE_VERSION }}-${{ steps.generate-fingerprint.outputs.fingerprint }}-${{ github.run_id }}
 
       # Build the iOS E2E app for simulator
       - name: Build iOS E2E App

.github/workflows/run-e2e-workflow.yml

@@ -29,10 +29,11 @@ on:
         type: number
         default: 1
       test-timeout-minutes:
+        # Hard cap on the `Run E2E tests` step — when it elapses, GitHub kills the whole suite.
         description: 'The timeout in minutes for the test command'
         required: false
         type: number
-        default: 30
+        default: 40
       build_type:
         description: 'The type of build to perform'
         required: false
@@ -210,6 +211,21 @@ jobs:
           fi
 
           chmod +x "$APP_PATH/$BUNDLE_EXEC"
+
+          # actions/upload-artifact strips execute permissions from ALL files, not just the
+          # main binary. Framework dylibs and binaries inside Frameworks/ also need +x or
+          # SpringBoard (SBMainWorkspace) will refuse to launch the app with:
+          #   FBSOpenApplicationServiceErrorDomain code=1: denied by service delegate
+          if [ -d "$APP_PATH/Frameworks" ]; then
+            find "$APP_PATH/Frameworks" -type d -name "*.framework" | while IFS= read -r fw; do
+              binary="$fw/$(basename "$fw" .framework)"
+              if [ -f "$binary" ]; then
+                chmod +x "$binary"
+              fi
+            done
+            find "$APP_PATH/Frameworks" -type f -name "*.dylib" -exec chmod +x {} \;
+          fi
+          echo "✅ Restored execute permissions on main binary and all framework binaries"
         shell: bash
 
       # On re-run (run_attempt > 1), download previous test results to identify failed tests

.gitignore

@@ -3,6 +3,8 @@
 
 # claude code worktrees (agent-local, not shipped)
 .claude/worktrees/
+# claude code per-user settings (agent-local, not shipped)
+.claude/settings.local.json
 
 # osx
 .DS_Store
@@ -46,6 +48,7 @@ android/app/gradle*
 android/app/_build*
 android/libs
 .cxx/
+.kotlin/
 
 # if we ever want to add google services
 android/app/google-services.json

.yarn/patches/@metamask-react-native-acm-npm-1.2.0-944bf863eb.patch

@@ -0,0 +1,57 @@
+# @metamask/react-native-acm@1.2.0 was authored against an older RN where:
+#   - ReactContextBaseJavaModule.getCurrentActivity() was a Java method, so Kotlin
+#     auto-exposed it as the synthetic property `currentActivity`.
+#   - ActivityEventListener.onNewIntent took a nullable `Intent?` parameter.
+#
+# In React Native 0.81 both classes were rewritten in Kotlin source. Because
+# `getCurrentActivity()` is now declared as `fun getCurrentActivity()` (not as a
+# property), Kotlin does NOT expose `currentActivity` as a synthetic accessor —
+# callers must use the explicit method form. Additionally, `onNewIntent` is now
+# `fun onNewIntent(intent: Intent)` (non-nullable). Without this patch the
+# package fails to compile on RN 0.81 with:
+#   - "Unresolved reference 'currentActivity'." (3 sites)
+#   - "'onNewIntent' overrides nothing. Potential signatures for overriding:
+#      fun onNewIntent(intent: Intent): Unit"
+#
+# When @metamask/react-native-acm publishes an RN 0.81-compatible release, this
+# patch (and the resolution in package.json) can be removed.
+diff --git a/android/src/main/java/com/googleacm/GoogleAcmModule.kt b/android/src/main/java/com/googleacm/GoogleAcmModule.kt
+index 395a46ebdcc45bc3afd596903e7926525ebe5874..0495944fb891b0999624b50801c11a313e8adee1 100644
+--- a/android/src/main/java/com/googleacm/GoogleAcmModule.kt
++++ b/android/src/main/java/com/googleacm/GoogleAcmModule.kt
+@@ -65,7 +65,7 @@ class GoogleAcmModule(reactContext: ReactApplicationContext) :
+     requestObject: ReadableMap,
+     promise: Promise
+   ) {
+-    val activity: Activity? = currentActivity
++    val activity: Activity? = getCurrentActivity()
+     if (activity == null) {
+       promise.reject("E_NO_ACTIVITY", "Current activity is null, cannot launch UI.")
+       return
+@@ -133,7 +133,7 @@ class GoogleAcmModule(reactContext: ReactApplicationContext) :
+   }
+ 
+   private suspend fun tryLegacySignIn(serverClientId: String): ReadableMap? {
+-    val activity = currentActivity
++    val activity = getCurrentActivity()
+       ?: throw Exception("No activity available for legacy sign-in")
+ 
+     val gso = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
+@@ -188,7 +188,7 @@ class GoogleAcmModule(reactContext: ReactApplicationContext) :
+     }
+   }
+ 
+-  override fun onNewIntent(intent: Intent?) { }
++  override fun onNewIntent(intent: Intent) { }
+ 
+   private fun handleLegacySignInResult(resultCode: Int, data: Intent?): ReadableMap? {
+     if (resultCode != Activity.RESULT_OK) {
+@@ -278,7 +278,7 @@ class GoogleAcmModule(reactContext: ReactApplicationContext) :
+   }
+ 
+   suspend fun handleSignOut() {
+-    val activity: Activity? = currentActivity
++    val activity: Activity? = getCurrentActivity()
+     if (activity == null) {
+       throw Exception("Current activity is null, cannot sign out.")
+     }

.yarn/patches/@metamask-react-native-button-npm-3.0.0-05f357e85a.patch

@@ -0,0 +1,35 @@
+diff --git a/Button.js b/Button.js
+index 46dc1e06fa389a3660f6ce67c0d2eaead3e2782d..7f92ea9421bd90ba858ad9f81c7f4c1008a2553e 100644
+--- a/Button.js
++++ b/Button.js
+@@ -11,18 +11,23 @@ import {
+ import coalesceNonElementChildren from './coalesceNonElementChildren';
+ 
+ const systemButtonOpacity = 0.2;
++const touchableOpacityPropTypes = TouchableOpacity.propTypes || {};
++const textPropTypes = Text.propTypes || {};
++const viewStylePropType = (ViewPropTypes && ViewPropTypes.style) || PropTypes.any;
++const textStylePropType = textPropTypes.style || PropTypes.any;
++const allowFontScalingPropType = textPropTypes.allowFontScaling || PropTypes.bool;
+ 
+ export default class Button extends Component {
+   static propTypes = {
+-    ...TouchableOpacity.propTypes,
++    ...touchableOpacityPropTypes,
+     accessibilityLabel: PropTypes.string,
+-    allowFontScaling: Text.propTypes.allowFontScaling,
+-    containerStyle: ViewPropTypes.style,
+-    disabledContainerStyle: ViewPropTypes.style,
++    allowFontScaling: allowFontScalingPropType,
++    containerStyle: viewStylePropType,
++    disabledContainerStyle: viewStylePropType,
+     disabled: PropTypes.bool,
+-    style: Text.propTypes.style,
+-    styleDisabled: Text.propTypes.style,
+-    childGroupStyle: ViewPropTypes.style,
++    style: textStylePropType,
++    styleDisabled: textStylePropType,
++    childGroupStyle: viewStylePropType,
+   };
+ 
+   render() {

.yarn/patches/@metamask-react-native-payments-npm-2.0.2-4ddc5f9862.patch

@@ -0,0 +1,32 @@
+diff --git a/android/build.gradle b/android/build.gradle
+index 0d066bd15543931e4029146f627a5902f244d4ee..db6528a8db0b21634c3eb0ca7aabc2405b89818c 100644
+--- a/android/build.gradle
++++ b/android/build.gradle
+@@ -1,12 +1,12 @@
+ apply plugin: 'com.android.library'
+ 
+ android {
+-    compileSdkVersion 28
+-    buildToolsVersion "28.0.3"
++    compileSdkVersion 36
++    buildToolsVersion "36.0.0"
+ 
+     defaultConfig {
+         minSdkVersion 21
+-        targetSdkVersion 28
++        targetSdkVersion 36
+         versionCode 1
+         versionName "1.0"
+         ndk {
+diff --git a/android/src/main/java/com/reactnativepayments/ReactNativePaymentsModule.java b/android/src/main/java/com/reactnativepayments/ReactNativePaymentsModule.java
+index f26dd586ec397f5259c00ba147974a58825a03fe..e671afcc3faf5368e7987e2d9b8d1797d4249a29 100644
+--- a/android/src/main/java/com/reactnativepayments/ReactNativePaymentsModule.java
++++ b/android/src/main/java/com/reactnativepayments/ReactNativePaymentsModule.java
+@@ -13,7 +13,6 @@ import androidx.annotation.RequiresPermission;
+ import android.util.Log;
+ 
+ import com.facebook.react.bridge.Callback;
+-import com.facebook.react.bridge.ReactBridge;
+ import com.facebook.react.bridge.ReadableArray;
+ import com.facebook.react.bridge.ReadableMapKeySetIterator;
+ import com.google.android.gms.common.api.GoogleApiClient;

.yarn/patches/@metamask-react-native-webview-npm-14.6.0-f12ccc06ff.patch

@@ -0,0 +1,19 @@
+diff --git a/package.json b/package.json
+index 6b9ca814f3e2b4630e81371235f6ad942d5eac3f..1d7129b41beb19c53b3fbe277b9670ff72b30d6d 100644
+--- a/package.json
++++ b/package.json
+@@ -95,6 +95,14 @@
+     "jsSrcsDir": "./src",
+     "android": {
+       "javaPackageName": "com.reactnativecommunity.webview"
++    },
++    "ios": {
++      "componentProvider": {
++        "RNCWebView": "RNCWebView"
++      },
++      "modulesProvider": {
++        "RNCWebViewModule": "RNCWebViewModule"
++      }
+     }
+   },
+   "packageManager": "yarn@1.22.19"

.yarn/patches/@react-native-community-viewpager-npm-3.3.0.patch

@@ -0,0 +1,9 @@
+diff --git a/ios/ReactNativePageView.h b/ios/ReactNativePageView.h
+index 0000000000000000000000000000000000000000..0000000000000000000000000000000000000001 100644
+--- a/ios/ReactNativePageView.h
++++ b/ios/ReactNativePageView.h
+@@ -1,3 +1,4 @@
+ #import <React/RCTShadowView.h>
++#import <React/RCTEventDispatcher.h>
+ #import <React/UIView+React.h>
+ #import <UIKit/UIKit.h>