feat: track token_security_type_destination in metrics (MetaMask#29381)

<!--
Please submit this PR as a draft initially.

Do not mark it as "Ready for review" until this PR meets the canonical
Definition of Ready For Review in `docs/readme/ready-for-review.md`.

In short: the template must be materially complete (not just section
titles
present), all status checks must be currently passing, and the only
expected
follow-up commits must be reviewer-driven.
-->

## **Description**

<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->

The `Unified SwapBridge Submitted` and `Unified SwapBridge Completed`
analytics events were missing the destination token's security
classification, so we could not measure how often users proceed with
risky tokens. They also had no source/destination token addresses on the
`Submitted` event for cross-event joins.

This PR threads the destination token's security type end-to-end into
the unified-swap analytics events, including from the trending-tokens
entry point (which uses a different `securityData` shape).

**Changes:**

1. **Bump bridge controllers** to pick up the new
`tokenSecurityTypeDestination` parameter on
`BridgeStatusController.submitTx` / `submitIntent` and the
`token_address_source` / `token_address_destination` /
`token_security_type_destination` properties on the pre-confirmation
event payload.
   - `@metamask/bridge-controller`: `^70.0.0` → `^71.0.0`
   - `@metamask/bridge-status-controller`: `^71.0.0` → `^71.1.0`
2. **Surface the field for analytics** in `useUnifiedSwapBridgeContext`
(`token_security_type_destination`, `security_warnings`) and pass it
through `useSubmitBridgeTx` to both `submitTx` and `submitIntent`.
3. **Close the trending-token data gap.** Trending tokens carry
`securityData` in the trending-API shape (`TokenSecurityData`:
`resultType` + top-level `features`), which doesn't match the bridge's
legacy `SecurityData` shape (`type` + `metadata.features`). Two pieces:
- Added `securityData?: TokenSecurityData` to `TokenI` so the read at
the Token Details → Bridge boundary is type-safe.
- Added `adaptTokenSecurityData()` in `tokenSecurityUtils` and applied
it at the only two boundary sites in `useTokenActions` (`getSwapTokens`
and `currentTokenAsBridgeToken`) so all downstream Bridge consumers
continue reading the legacy shape they already understand. No widening
of `BridgeToken.securityData` was required.

**Bonus side-effect of step 3:** `SwapsConfirmButton`'s warning banner
and modal now also render correctly for trending-token destinations
classified `Warning` / `Malicious` / `Spam`, since they reach
`destToken.securityData` in the shape the banner already reads.

## **Changelog**

<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`

If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`

(This helps the Release Engineer do their job more quickly and
accurately)
-->

CHANGELOG entry: null

## **Related issues**

Fixes:
[SWAPS-4422](https://consensyssoftware.atlassian.net/browse/SWAPS-4422)

## **Manual testing steps**

```gherkin
Feature: Destination token security type reaches unified-swap analytics

  Scenario: user swaps from a trending token classified as Warning/Malicious/Spam
    Given the user has opened the Bridge view
    And the trending tokens section is visible
    And one of the trending tokens carries securityData with resultType "Warning"

    When the user taps that trending token
    And the user taps "Convert" / "Swap" on the Token Details screen
    And the user enters a source amount and confirms the swap

    Then the SwapsConfirmButton renders the security warning banner before confirmation
    And the "Unified SwapBridge Submitted" Mixpanel event includes:
      | property                          | value                          |
      | token_security_type_destination   | Warning                        |
      | token_address_source              | <CAIP source asset id>         |
      | token_address_destination         | <CAIP destination asset id>    |
      | security_warnings                 | <list of feature descriptions> |
    And the "Unified SwapBridge Completed" event includes the same security_type_destination

  Scenario: user swaps to a destination token with no security data
    Given the user has opened the Bridge view
    And the user picks any source and destination token without securityData

    When the user enters a source amount and confirms the swap

    Then the "Unified SwapBridge Submitted" event property
         token_security_type_destination is null
```

## **Screenshots/Recordings**

<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->

### **Before**

N/A

### **After**



https://github.com/user-attachments/assets/e93b9542-603d-4faa-9f14-f36cb199484b



## **Pre-merge author checklist**

<!--
Every checklist item must be consciously assessed before marking this PR
as
"Ready for review". A checked box means you deliberately considered that
responsibility, not that you literally performed every action listed.

Unchecked boxes are ambiguous: they are not an implicit "N/A" and they
are not
a silent "skip". See `docs/readme/ready-for-review.md` for the full
checklist
semantics.
-->

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

#### Performance checks (if applicable)

- [ ] I've tested on Android
  - Ideally on a mid-range device; emulator is acceptable
- [ ] I've tested with a power user scenario
- Use these [power-user
SRPs](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/edit-v2/401401446401?draftShareId=9d77e1e1-4bdc-4be1-9ebb-ccd916988d93)
to import wallets with many accounts and tokens
- [ ] I've instrumented key operations with Sentry traces for production
performance metrics
- See [`trace()`](/app/util/trace.ts) for usage and
[`addToken`](/app/components/Views/AddAsset/components/AddCustomToken/AddCustomToken.tsx#L274)
for an example

For performance guidelines and tooling, see the [Performance
Guide](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/400085549067/Performance+Guide+for+Engineers).

## **Pre-merge reviewer checklist**

<!--
Reviewer checklist items follow the same semantics as the author
checklist: an
unchecked box is ambiguous, a checked box means the reviewer consciously
assessed that responsibility. See `docs/readme/ready-for-review.md`.
-->

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.

<!-- Generated with the help of the pr-description AI skill -->


[SWAPS-4422]:
https://consensyssoftware.atlassian.net/browse/SWAPS-4422?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Medium Risk**
> Touches swap/bridge transaction submission plumbing and controller
interfaces (plus dependency bumps), so incorrect threading/mapping could
silently skew analytics or break submissions on certain paths.
> 
> **Overview**
> Adds `token_security_type_destination` to the
`useUnifiedSwapBridgeContext` analytics payload and threads the same
value (`tokenSecurityTypeDestination`) through `useSubmitBridgeTx` into
`BridgeStatusController.submitTx`/`submitIntent`.
> 
> Introduces `adaptTokenSecurityData()` to convert trending-token
`TokenSecurityData` into the bridge’s legacy `securityData` shape, uses
it when converting `TokenI` to `BridgeToken` in Token Details swap entry
points, and updates types/tests plus initial background state
accordingly. Also bumps `@metamask/bridge-controller` and
`@metamask/bridge-status-controller` to versions that accept/emit these
new analytics fields.
> 
> <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit
c6f918c. Bugbot is set up for automated
code reviews on this repo. Configure
[here](https://www.cursor.com/dashboard/bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Author: infiniteflower

app/components/UI/Bridge/hooks/useUnifiedSwapBridgeContext/index.ts

@@ -62,6 +62,7 @@ export const useUnifiedSwapBridgeContext = () => {
       stx_enabled: smartTransactionsEnabled,
       token_symbol_source: fromToken?.symbol ?? '',
       token_symbol_destination: toToken?.symbol ?? '',
+      token_security_type_destination: toToken?.securityData?.type ?? null,
       security_warnings: getSecurityWarnings(toToken),
       warnings: [], // TODO
       usd_amount_source: usdAmountSource,

app/components/UI/Bridge/hooks/useUnifiedSwapBridgeContext/useUnifiedSwapBridgeContext.test.ts

@@ -91,6 +91,7 @@ describe('useUnifiedSwapBridgeContext', () => {
       stx_enabled: true,
       token_symbol_source: 'ETH',
       token_symbol_destination: 'USDC',
+      token_security_type_destination: null,
       security_warnings: [],
       warnings: [],
       usd_amount_source: 0,
@@ -130,6 +131,7 @@ describe('useUnifiedSwapBridgeContext', () => {
       'Honeypot risk detected',
       'Concentrated supply risk',
     ]);
+    expect(result.current.token_security_type_destination).toBe('Warning');
   });
 
   it('returns empty security_warnings when source token has warnings but destination does not', () => {
@@ -153,6 +155,7 @@ describe('useUnifiedSwapBridgeContext', () => {
     );
 
     expect(result.current.security_warnings).toEqual([]);
+    expect(result.current.token_security_type_destination).toBeNull();
   });
 
   it('returns empty security_warnings when destination token has no securityData', () => {
@@ -166,6 +169,7 @@ describe('useUnifiedSwapBridgeContext', () => {
     );
 
     expect(result.current.security_warnings).toEqual([]);
+    expect(result.current.token_security_type_destination).toBeNull();
   });
 
   it('returns empty token symbols when tokens are undefined', () => {
@@ -191,6 +195,7 @@ describe('useUnifiedSwapBridgeContext', () => {
       stx_enabled: false,
       token_symbol_source: '',
       token_symbol_destination: '',
+      token_security_type_destination: null,
       security_warnings: [],
       warnings: [],
       usd_amount_source: 0,

app/components/UI/Bridge/utils/tokenSecurityUtils.test.ts

@@ -1,9 +1,11 @@
+import { TokenSecurityData } from '@metamask/assets-controllers';
 import { IconColor, IconName } from '@metamask/design-system-react-native';
 import { TagSeverity } from '../../../../component-library/base-components/TagBase';
 import { strings } from '../../../../../locales/i18n';
 import { SecurityDataType } from '../hooks/usePopularTokens';
 import { createMockToken } from '../testUtils/fixtures';
 import {
+  adaptTokenSecurityData,
   getBridgeTokenSecurityConfig,
   getSecurityWarnings,
   isNegativeSecurityType,
@@ -118,4 +120,99 @@ describe('tokenSecurityUtils', () => {
       expect(config.severity).toBe(TagSeverity.Default);
     });
   });
+
+  describe('adaptTokenSecurityData', () => {
+    const buildTrendingShape = (
+      overrides: Partial<TokenSecurityData> = {},
+    ): TokenSecurityData => ({
+      resultType: 'Verified',
+      maliciousScore: '0',
+      fees: { transfer: 0, transferFeeMaxAmount: null, buy: 0, sell: null },
+      features: [],
+      financialStats: {
+        supply: 0,
+        topHolders: [],
+        holdersCount: 0,
+        tradeVolume24h: null,
+        lockedLiquidityPct: null,
+        markets: [],
+      },
+      metadata: {
+        externalLinks: {
+          homepage: null,
+          twitterPage: null,
+          telegramChannelId: null,
+        },
+      },
+      created: '2025-01-01T00:00:00Z',
+      ...overrides,
+    });
+
+    it('returns undefined when input is undefined', () => {
+      expect(adaptTokenSecurityData(undefined)).toBeUndefined();
+    });
+
+    it.each([
+      SecurityDataType.Verified,
+      SecurityDataType.Benign,
+      SecurityDataType.Warning,
+      SecurityDataType.Spam,
+      SecurityDataType.Malicious,
+      SecurityDataType.Info,
+    ])('maps resultType %s to type', (value) => {
+      const adapted = adaptTokenSecurityData(
+        buildTrendingShape({ resultType: value }),
+      );
+
+      expect(adapted?.type).toBe(value);
+    });
+
+    it('passes through unknown resultType strings as-is', () => {
+      const adapted = adaptTokenSecurityData(
+        buildTrendingShape({ resultType: 'SomethingNew' }),
+      );
+
+      expect(adapted?.type).toBe('SomethingNew');
+    });
+
+    it('maps top-level features to metadata.features preserving fields', () => {
+      const adapted = adaptTokenSecurityData(
+        buildTrendingShape({
+          features: [
+            {
+              featureId: 'HONEYPOT',
+              type: 'Warning',
+              description: 'Honeypot risk',
+            },
+            {
+              featureId: 'RUGPULL',
+              type: 'Malicious',
+              description: 'Rugpull risk',
+            },
+          ],
+        }),
+      );
+
+      expect(adapted?.metadata?.features).toEqual([
+        {
+          featureId: 'HONEYPOT',
+          type: 'Warning',
+          description: 'Honeypot risk',
+        },
+        {
+          featureId: 'RUGPULL',
+          type: 'Malicious',
+          description: 'Rugpull risk',
+        },
+      ]);
+    });
+
+    it('returns metadata.features as empty array when input has no features', () => {
+      const adapted = adaptTokenSecurityData(
+        buildTrendingShape({ features: [] }),
+      );
+
+      expect(adapted?.metadata?.features).toEqual([]);
+    });
+  });
 });

app/components/UI/Bridge/utils/tokenSecurityUtils.ts

@@ -1,8 +1,13 @@
+import { TokenSecurityData } from '@metamask/assets-controllers';
 import { IconColor, IconName } from '@metamask/design-system-react-native';
 import { TagSeverity } from '../../../../component-library/base-components/TagBase';
 import { strings } from '../../../../../locales/i18n';
 import { getResultTypeConfig } from '../../SecurityTrust/utils/securityUtils';
-import { SecurityDataType } from '../hooks/usePopularTokens';
+import {
+  SecurityData,
+  SecurityDataType,
+  SecurityFeature,
+} from '../hooks/usePopularTokens';
 import { BridgeToken } from '../types';
 
 /**
@@ -14,6 +19,31 @@ export const getSecurityWarnings = (
 ): string[] =>
   token?.securityData?.metadata?.features?.map((f) => f.description) ?? [];
 
+/**
+ * Adapts the trending-API security shape (`TokenSecurityData`) to the bridge's
+ * legacy `SecurityData` shape consumed by Bridge UI and analytics.
+ *
+ * Returns `undefined` if the input is missing. Unknown `resultType` strings are
+ * passed through cast as `SecurityDataType`; downstream consumers already
+ * tolerate unrecognized values via default branches in
+ * `getBridgeTokenSecurityConfig`, `isNegativeSecurityType`, etc.
+ */
+export const adaptTokenSecurityData = (
+  data: TokenSecurityData | undefined,
+): SecurityData | undefined => {
+  if (!data) return undefined;
+  return {
+    type: data.resultType as SecurityDataType,
+    metadata: {
+      features: (data.features ?? []).map((f) => ({
+        featureId: f.featureId,
+        type: f.type as SecurityDataType,
+        description: f.description,
+      })) as SecurityFeature[],
+    },
+  };
+};
+
 export interface BridgeTokenSecurityConfig {
   iconName: IconName;
   iconColor: IconColor;

app/components/UI/TokenDetails/hooks/useTokenActions.test.ts

@@ -1,7 +1,9 @@
 import { renderHook } from '@testing-library/react-native';
+import { TokenSecurityData } from '@metamask/assets-controllers';
 import { useSelector } from 'react-redux';
 import { useTokenActions, getSwapTokens } from './useTokenActions';
 import { TokenI } from '../../Tokens/types';
+import { SecurityDataType } from '../../Bridge/hooks/usePopularTokens';
 import { selectEvmChainId } from '../../../../selectors/networkController';
 import { selectSelectedInternalAccount } from '../../../../selectors/accountsController';
 import { selectSelectedAccountGroup } from '../../../../selectors/multichainAccounts/accountTreeController';
@@ -716,5 +718,105 @@ describe('useTokenActions', () => {
         );
       },
     );
+
+    describe('securityData adaptation', () => {
+      const buildTrendingSecurityData = (
+        overrides: Partial<TokenSecurityData> = {},
+      ): TokenSecurityData => ({
+        resultType: 'Warning',
+        maliciousScore: '50',
+        fees: { transfer: 0, transferFeeMaxAmount: null, buy: 0, sell: null },
+        features: [
+          {
+            featureId: 'HONEYPOT',
+            type: 'Warning',
+            description: 'Honeypot risk',
+          },
+        ],
+        financialStats: {
+          supply: 0,
+          topHolders: [],
+          holdersCount: 0,
+          tradeVolume24h: null,
+          lockedLiquidityPct: null,
+          markets: [],
+        },
+        metadata: {
+          externalLinks: {
+            homepage: null,
+            twitterPage: null,
+            telegramChannelId: null,
+          },
+        },
+        created: '2025-01-01T00:00:00Z',
+        ...overrides,
+      });
+
+      it("adapts trending-shape securityData to the bridge's legacy shape when handing off to goToSwaps", () => {
+        const tokenWithSecurity: TokenI = {
+          ...defaultToken,
+          balance: '1',
+          securityData: buildTrendingSecurityData(),
+        } as TokenI;
+
+        const { result } = renderHook(() =>
+          useTokenActions({
+            token: tokenWithSecurity,
+            networkName: 'Ethereum Mainnet',
+          }),
+        );
+
+        result.current.handleStickySwapPress();
+
+        expect(mockGoToSwaps).toHaveBeenCalledTimes(1);
+        expect(mockGoToSwaps).toHaveBeenCalledWith(
+          expect.objectContaining({
+            address: defaultToken.address,
+            securityData: {
+              type: SecurityDataType.Warning,
+              metadata: {
+                features: [
+                  {
+                    featureId: 'HONEYPOT',
+                    type: SecurityDataType.Warning,
+                    description: 'Honeypot risk',
+                  },
+                ],
+              },
+            },
+          }),
+          undefined,
+          undefined,
+          true,
+        );
+      });
+
+      it('passes securityData as undefined when token has no security data', () => {
+        const tokenWithBalance: TokenI = {
+          ...defaultToken,
+          balance: '1',
+        } as TokenI;
+
+        const { result } = renderHook(() =>
+          useTokenActions({
+            token: tokenWithBalance,
+            networkName: 'Ethereum Mainnet',
+          }),
+        );
+
+        result.current.handleStickySwapPress();
+
+        expect(mockGoToSwaps).toHaveBeenCalledTimes(1);
+        expect(mockGoToSwaps).toHaveBeenCalledWith(
+          expect.objectContaining({
+            address: defaultToken.address,
+            securityData: undefined,
+          }),
+          undefined,
+          undefined,
+          true,
+        );
+      });
+    });
   });
 });

app/components/UI/TokenDetails/hooks/useTokenActions.ts

@@ -35,7 +35,6 @@ import {
 } from '../../Bridge/utils/tokenUtils';
 import { useSendNonEvmAsset } from '../../../hooks/useSendNonEvmAsset';
 import {
-  formatAddressToAssetId,
   formatChainIdToCaip,
   isNativeAddress,
 } from '@metamask/bridge-controller';
@@ -46,6 +45,7 @@ import { getDetectedGeolocation } from '../../../../reducers/fiatOrders';
 import { useRampsButtonClickData } from '../../Ramp/hooks/useRampsButtonClickData';
 import useRampsUnifiedV1Enabled from '../../Ramp/hooks/useRampsUnifiedV1Enabled';
 import { BridgeToken } from '../../Bridge/types';
+import { adaptTokenSecurityData } from '../../Bridge/utils/tokenSecurityUtils';
 import { TokenDetailsSource } from '../constants/constants';
 import type { TransactionActiveAbTestEntry } from '../../../../util/transactions/transaction-active-ab-test-attribution-registry';
 
@@ -69,6 +69,7 @@ export const getSwapTokens = (
     symbol: token.symbol,
     name: token.name,
     image: token.image,
+    securityData: adaptTokenSecurityData(token.securityData),
   };
 
   if (wantsToBuyToken) {
@@ -342,6 +343,7 @@ export const useTokenActions = ({
       symbol: token.symbol,
       name: token.name,
       image: token.image,
+      securityData: adaptTokenSecurityData(token.securityData),
     }),
     [
       token.address,
@@ -350,6 +352,7 @@ export const useTokenActions = ({
       token.symbol,
       token.name,
       token.image,
+      token.securityData,
     ],
   );
 

app/components/UI/Tokens/types.ts

@@ -1,5 +1,5 @@
 import { KeyringAccountType } from '@metamask/keyring-api';
-import { TokenRwaData } from '@metamask/assets-controllers';
+import { TokenRwaData, TokenSecurityData } from '@metamask/assets-controllers';
 
 export interface BrowserTab {
   id: string;
@@ -26,4 +26,5 @@ export interface TokenI {
   accountType?: KeyringAccountType;
   pricePercentChange1d?: number;
   rwaData?: TokenRwaData;
+  securityData?: TokenSecurityData;
 }