<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->

## **Description**

This PR aligns the **Contacts** screen with the inline header pattern by
replacing the stack navbar with an inline `HeaderCompactStandard`
component.

**Reason for change:** The Contacts screen used
`getNavigationOptionsTitle` and `navigation.setOptions()` in
`componentDidMount` / `componentDidUpdate` to configure the stack
header. Migrating to an inline header matches the app-wide header
approach (see `docs/header-alignment-plans.md`) and keeps the Contacts
Settings subpage consistent with other screens that use
`HeaderCompactStandard` (e.g. General Settings, main Settings view).

**What changed:**

1. **MainNavigator** – The `ContactsSettings` screen now uses
`options={{ headerShown: false }}` so the stack header is hidden and the
header is fully inline.
2. **Contacts** – Renders inline `HeaderCompactStandard` at the top with
title `strings('app_settings.contacts_title')`, back button calling
`navigation.goBack()`, and `includesTopInset`. Removed the
`getNavigationOptionsTitle` import and all `updateNavBar` logic
(including from `componentDidMount` and `componentDidUpdate`). Removed
`marginTop: 16` from the wrapper style so the header sits at the top.
The page remains wrapped in `SafeAreaView` with `edges={{ bottom:
'additive' }}`.
3. **Tests** – Switched from Enzyme shallow render to `renderScreen` for
full rendering with navigation. Added tests for: inline header presence
(via `ContactsViewSelectorIDs.HEADER`), "Contacts" title, and back
button press. Added `HEADER` to `ContactsView.testIds.ts` and passed
`testID` to `HeaderCompactStandard`. Updated snapshot.

User-visible behavior (back button, title, safe area) is unchanged; the
header is now rendered inline.

## **Changelog**

This PR is not end-user-facing (internal header implementation; same
UI/UX, header is now inline).

CHANGELOG entry: null

## **Related issues**

Fixes:
https://consensyssoftware.atlassian.net/jira/software/c/projects/DSYS/boards/1888?selectedIssue=DSYS-355

## **Manual testing steps**

```gherkin
Feature: Contacts inline header

  Scenario: user opens Contacts from Settings
    Given the app is open and the user is on the main Settings screen

    When the user taps "Contacts"
    Then the Contacts screen is shown with a header that displays "Contacts" and a back arrow on the left

    When the user taps the back arrow
    Then the app navigates back to the main Settings screen

  Scenario: safe area and content layout
    Given the user is on the Contacts screen

    When the screen is displayed
    Then the header sits below the status bar (safe area respected)
    And the contact list and "Add contact" button are visible and not covered by the header
```

## **Screenshots/Recordings**

<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->

### **Before**

<!-- [screenshots/recordings] -->

### **After**

<!-- [screenshots/recordings] -->


https://github.com/user-attachments/assets/aef19ecb-499c-4d89-902a-62c44295c900

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.


<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Low Risk**
> UI/navigation presentation refactor limited to the Contacts settings
screen plus test updates; no new data handling or auth logic, with low
regression risk mainly around header/back behavior and spacing.
> 
> **Overview**
> Updates the Settings `Contacts` screen to use an **inline**
`HeaderCompactStandard` instead of configuring the stack header via
`navigation.setOptions`, and hides the stack header for
`ContactsSettings` (`headerShown: false`). This also adjusts layout
spacing (removes the wrapper top margin) and adds stable test IDs for
the new header/back button.
> 
> Reworks the Contacts tests from Enzyme shallow rendering to React
Navigation + Testing Library (`renderScreen`/`renderWithProvider`),
adding coverage for header title rendering and back navigation, and
updates the snapshot accordingly.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
eb56dd2. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

…mber me + introduce auth capabilities functionality (#25994)

<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->

## **Description**

<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->

This change replaces the legacy authentication toggles in settings
(biometrics, passcode, and remember me) with a consolidated toggle:
Device Authentication. With the new implementation, we support three
authentication tiers: Remember Me (Legacy), Biometrics, and
Passcode/Pin/Pattern (Consolidated into Device Authentication). Since
Remember Me is deprecated, users using the feature will initially see a
Remember Me toggle (to preserve backwards compatibility). However, once
turned off, Remember Me will never be shown again. New users will never
see the Remember Me option. We are also supporting backwards
compatibility with respect to the other two authentication preferences:
biometrics and passcode. The app will continue to respect the option
that the user has chosen as long as the auth preference is toggled on.

The toggles and authentication system is also designed to support the
transition into a more seamless authentication system: Biometrics first
authentication with device passcode fallback. In other words, users will
be able to use any biometrics or device passcode to access their wallet.
For example, if a user disables biometrics in the OS settings while auth
preferences is enabled in the app, the app will automatically fallback
to use device passcode as opposed to password. Password is used as a
fallback whenever authentication preferences is disabled by a user in
the app. This is why the toggle is labeled as Device Authentication,
because the device handles which auth tier to use.

## **Changelog**

<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`

If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`

(This helps the Release Engineer do their job more quickly and
accurately)
-->

CHANGELOG entry:

## **Related issues**

Fixes: https://consensyssoftware.atlassian.net/browse/MCWP-305

## **Manual testing steps**

Remember Me (new users won't see this option anymore)
- With Remember Me previously toggled on
- User should see Remember Me toggle in Settings
- Turn off Remember Me
- With biometrics enabled in OS settings, device toggle should now show
biometrics option (or device authentication for Android)
- With biometrics disabled in OS settings, device toggle should now show
passcode option (or device authentication for Android)

Legacy biometrics on iOS (force use biometrics)
- Turn on biometrics
- App should prompt biometrics when locked
- Turn off biometrics in OS
- App should fallback to use password
- User should see CTA in settings that links into OS settings to
re-enable device authentication
- Turn on biometrics in OS settings
- App should now prompt biometrics
- Turn off biometrics toggle in settings
- App should now fallback to password

Legacy Passcode on iOS (force use passcode)
- Turn on passcode
- App should prompt passcode when locked
- Turn off passcode in OS
- App should fallback to use password
- User should see CTA in settings that links into OS settings to
re-enable device authentication
- Turn on passcode in OS settings
- App should now prompt passcode
- Turn off passcode toggle in settings
- App should now fallback to password

Device Authentication (Consolidated behavior)
- If biometrics is enabled in OS
- Turn on device authentication toggle
- App should prompt biometrics when locked
- Turn off biometrics in OS
- App should fallback to use passcode
- Turn off passcode in OS
- User should see CTA in settings that links into OS settings to
re-enable device authentication
- Turn on biometrics in OS
- App should prompt biometrics when locked
- Turn off device authentication in settings
- App should now fallback to password

## **Screenshots/Recordings**

<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->

### **Before**

<!-- [screenshots/recordings] -->

### **After**

<!-- [screenshots/recordings] -->
Turning off Remember Me


https://github.com/user-attachments/assets/606951fa-be6b-4e2f-8915-7eaa72f32a90

Legacy biometrics


https://github.com/user-attachments/assets/7c5fcbae-3e24-4af1-9971-827cda947319

Legacy passcode


https://github.com/user-attachments/assets/4bd20a71-314b-4544-a412-3091e05de0d3

Device authentication on iOS


https://github.com/user-attachments/assets/56db365b-efc7-4d51-866a-208da2e03f9b

Device authentication on Android


https://github.com/user-attachments/assets/a4d5ffbe-0f90-49cd-9ccd-a7f9bcb524e4

Device authentication on Login screen


https://github.com/user-attachments/assets/1190cfad-b015-4697-a8ef-176045bc6543

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [x] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [x] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.


<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Medium Risk**
> Touches login and security-settings authentication flows (capability
detection, unlock entry points, and preference updates), so regressions
could block sign-in or mis-handle auth state despite solid test updates.
> 
> **Overview**
> **Consolidates authentication UX around a single “Device
Authentication” capability model.** The login screen replaces the
platform-specific `BiometryButton` (and its many icon variants) with a
new `DeviceAuthenticationButton` that renders a single `SecurityKey`
icon and shows/hides based on `useAuthCapabilities` and lock state.
> 
> **Refactors Security Settings and Remember Me deprecation flow.** The
legacy settings sections for biometrics/passcode and the Remember Me
toggle are removed and replaced with a new `DeviceSecurityToggle` that
derives the target auth type via `getAuthCapabilities`, supports a
settings CTA when OS auth must be enabled, handles password-required
errors via `EnterPasswordSimple` callbacks, and uses optimistic UI
state. Disabling Remember Me via `TurnOffRememberMeModal` now always
restores `PASSWORD` auth and clears
`PREVIOUS_AUTH_TYPE_BEFORE_REMEMBER_ME`, with modal button styling made
configurable via `cancelButtonMode`.
> 
> Tests and snapshots are updated accordingly (new toggle/button tests,
updated selectors, and improved async/trace handling in login tests).
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
9a0dae8. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

## **Description**

Phase 2 analytics migration (Batch 2-11): migrate Stake/Earn's
`useMetrics` hook and `MetaMetrics.getInstance()` calls from the legacy
MetaMetrics system to the new analytics system.

**Reason**: Deprecate MetaMetrics in favour of the shared analytics
utility and AnalyticsController.

**Changes**: Stake components and hooks now use `useAnalytics` from
`hooks/useAnalytics/useAnalytics` and import `MetaMetricsEvents`
directly from `core/Analytics`; `withMetaMetrics` utility now uses
`analytics.trackEvent()` and `AnalyticsEventBuilder` instead of
`MetaMetrics.getInstance().trackEvent()` and `MetricsEventBuilder`; test
mocks updated accordingly.

### Changes

**Source files (6)**:
- `LearnMoreModalFooter.tsx`, `StakingButtons.tsx`,
`StakingBalance.tsx`, `StakeButton/index.tsx`: replaced `useMetrics`
with `useAnalytics`; `MetaMetricsEvents` now imported from
`core/Analytics`
- `usePoolStakedDeposit/index.ts`: replaced `useMetrics` with
`useAnalytics` (also migrated as it's the source for a listed test file)
- `withMetaMetrics.ts`: replaced
`MetaMetrics.getInstance().trackEvent()` with `analytics.trackEvent()`
and `MetricsEventBuilder` with `AnalyticsEventBuilder`

**Test files (3)**:
- `StakeButton.test.tsx`: replaced `useMetrics` mock with `useAnalytics`
mock; added transitive `useMetrics` mock for unmigrated
`useStablecoinLendingRedirect` dependency; replaced
`MetricsEventBuilder` with `AnalyticsEventBuilder`
- `usePoolStakedDeposit.test.tsx`: replaced `useMetrics` mock/import
with `useAnalytics`; replaced `MetricsEventBuilder` with
`AnalyticsEventBuilder`
- `withMetaMetrics.test.ts`: replaced `MetaMetrics.getInstance()` spy
with `analytics` module mock; updated `MetaMetricsEvents` import from
`core/Analytics`

## **Changelog**

CHANGELOG entry: null

## **Related issues**

Fixes: https://consensyssoftware.atlassian.net/browse/MCWP-298 (Batch
2-11)

## **Manual testing steps**

```gherkin
Feature: Stake/Earn analytics

  Scenario: user triggers a stake/earn flow event
    Given app is open and user is in a stake/earn flow

    When user performs an action that triggers analytics (e.g. stake button, unstake button, learn more, view staked positions)
    Then the event is tracked on Mixpanel
```

## **Screenshots/Recordings**

N/A – analytics migration, no UI change.

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Medium Risk**
> Touches analytics instrumentation across multiple stake/earn entry
points and a shared `withMetaMetrics` wrapper, so incorrect wiring could
silently drop or duplicate events; functional app behavior should be
unchanged.
> 
> **Overview**
> Updates Stake/Earn UI components and staking hooks to use the new
analytics stack by replacing legacy `useMetrics`/`MetricsEventBuilder`
and `MetaMetrics.getInstance().trackEvent()` calls with `useAnalytics`,
`AnalyticsEventBuilder`, and `analytics.trackEvent()`, while importing
`MetaMetricsEvents` from `core/Analytics`.
> 
> Refactors `withMetaMetrics` to build events with the new builder and
dispatch via the shared analytics utility (including promise-handling),
and updates affected unit tests/mocks accordingly (including a
`useStablecoinLendingRedirect` mock to keep navigation tests stable).
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
160d885. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

## Version Bump After Release

This PR bumps the main branch version from 7.67.0 to 7.68.0 after
cutting the release branch.

### Why this is needed:
- **Nightly builds**: Each nightly build needs to be one minor version
ahead of the current release candidate
- **Version conflicts**: Prevents conflicts between nightlies and
release candidates
- **Platform alignment**: Maintains version alignment between MetaMask
mobile and extension
- **Update systems**: Ensures nightlies are accepted by app stores and
browser update systems

### What changed:
- Version bumped from `7.67.0` to `7.68.0`
- Platform: `mobile`
- Files updated by `set-semvar-version.sh` script

### Next steps:
This PR should be **manually reviewed and merged by the release
manager** to maintain proper version flow.

### Related:
- Release version: 7.67.0
- Release branch: release/7.67.0
- Platform: mobile
- Test mode: false

---
*This PR was automatically created by the
`create-platform-release-pr.sh` script.*

Co-authored-by: metamaskbot <metamaskbot@users.noreply.github.com>

## **Description**

Phase 3 analytics migration (Batch 3-1): migrate Authentication core's
`Authentication.ts` from `MetaMetrics.getInstance()` to the new
analytics system.

**Reason**: Deprecate MetaMetrics in favour of the shared analytics
utility and AnalyticsController.

**Changes**: `Authentication.ts` now uses `analytics.isEnabled()` from
`app/util/analytics/analytics` instead of
`MetaMetrics.getInstance().isEnabled()`; test mocks updated to mock the
analytics utility instead of MetaMetrics.

## **Changelog**

CHANGELOG entry: null

## **Related issues**

Fixes: https://consensyssoftware.atlassian.net/browse/MCWP-301 (Batch
3-1)

## **Manual testing steps**

```gherkin
Feature: Authentication analytics

  Scenario: user triggers an authentication flow event
    Given app is open and user is in an authentication flow

    When user performs an action that triggers analytics (e.g. unlock wallet, login)
    Then the event is tracked on Mixpanel
```

## **Screenshots/Recordings**

N/A – analytics migration, no UI change.

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Low Risk**
> Small refactor limited to how the “metrics enabled” flag is read plus
corresponding test mock updates; minimal behavioral risk beyond
potential differences in enabled-state resolution.
> 
> **Overview**
> `Authentication.unlockWallet` now uses the shared
`analytics.isEnabled()` helper (instead of
`MetaMetrics.getInstance().isEnabled()`) to decide whether to route
users into the opt-in metrics onboarding flow.
> 
> Updates `Authentication.test.ts` to mock the new `analytics` module
and replaces all `MetaMetrics` spies with `analytics.isEnabled` spies to
keep navigation/login tests consistent.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
22c425d. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->