SELF-1268: Fix paste button on recovery screen

[transphorm]

Summary

• make the paste control on the recovery phrase screen pressable using a dedicated pressable wrapper
• maintain existing layout while ensuring taps trigger clipboard paste logic on Android

Testing

• not run (not requested)

---

Codex Task

Summary by CodeRabbit

• Bug Fixes
  • Improved paste button in account recovery with enhanced touch responsiveness, larger interactive hit area, and better accessibility.
  • Made paste behavior more forgiving during recovery — non-empty clipboard content is now accepted to streamline pasting seed phrases.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

The clipboard paste handler in the recovery phrase screen was simplified: it no longer validates the clipboard with ethers.Mnemonic.isValidMnemonic and instead accepts any non-empty clipboard value and sets it as the mnemonic; a contextual comment was added to the code. No imports or public API changes.

Changes

Cohort / File(s)	Summary
Recovery Phrase Paste Handler app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx	Replaced strict mnemonic validation (ethers.Mnemonic.isValidMnemonic) with a simple truthy/non-empty clipboard check in the onPaste handler; sets clipboard content as mnemonic when present and adds an explanatory comment. No import or public API changes.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Security-sensitive change: removing deterministic mnemonic validation can allow malformed or invalid seeds to be accepted — verify intent and threat model.
• Confirm downstream flows properly handle invalid mnemonics (error messages, further validation before account use, or sanitation).
• Check for unit/integration tests covering paste behavior and wallet-recovery flow; add tests if missing.
• Ensure clipboard edge cases (leading/trailing whitespace, newline-separated words, different normalization/Unicode forms) are handled consistently.

Poem

🔐 A tiny paste, now bold and free,
It skips the checks and trusts what it sees.
Review the gates where secrets flow,
Guard the seed where wallets grow.
🪄 Paste with care, and vet what you key.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'SELF-1268: Fix paste button on recovery screen' directly and clearly describes the main change: fixing the paste button component on the recovery phrase screen, which aligns with the changeset's focus on replacing and improving the paste button with better accessibility and interaction handling.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5ac5f79 and 38b5965.

📒 Files selected for processing (1)

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (1 hunks)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

[transphorm]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (1)

221-228: Minor: Redundant flexbox property.

The justifyContent: 'flex-end' is unnecessary since the button is already position: 'absolute' with bottom: 0. The property has no effect in this context.

Consider simplifying to:

 pasteButton: {
   position: 'absolute',
   bottom: 0,
   width: '100%',
   alignItems: 'center',
-  justifyContent: 'flex-end',
   paddingBottom: 16,
 },

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 50dba6d and 5ac5f79.

📒 Files selected for processing (1)

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (4 hunks)

🧰 Additional context used

📓 Path-based instructions (13)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{js,jsx,ts,tsx}: NEVER log sensitive data including PII (names, DOB, passport numbers, addresses), credentials, tokens, API keys, private keys, or session identifiers.
ALWAYS redact/mask sensitive fields in logs using consistent patterns (e.g., ***-***-1234 for passport numbers, J*** D*** for names).

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursorrules)

**/*.{ts,tsx,js,jsx}: Use React Navigation with createStaticNavigation for type-safe navigation in React Native applications.
Implement platform-specific handling with Platform.OS === 'ios' ? 'iOS' : 'Android' checks before platform-specific code in React Native.
Initialize native modules with initializeNativeModules() before any native operations in React Native.
Implement lazy loading for screens using React.lazy() in React Native applications.
Implement custom modal system with useModal hook and callback registry in React Native.
Integrate haptic feedback using useHapticNavigation hook in React Native navigation.
Use platform-specific initial routes: web uses 'Home', mobile uses 'Splash' in React Navigation.
Use Zustand for global state management in React Native applications.
Use custom hooks for complex state (useModal, useHapticNavigation) instead of inline logic.
Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.
Use @/ alias for src imports and @tests/ alias for test imports in TypeScript/JavaScript files.
Use conditional rendering with Platform.OS for platform-specific code in React Native.
Use Tamagui for UI components in React Native applications.
Do not log sensitive data in production, including identity verification and passport information.
Use Keychain for secure storage of sensitive data in React Native.
Implement proper cleanup of sensitive data after use.
Implement certificate validation for passport data verification.
Always use try-catch for async operations in React Native and TypeScript code.
Implement graceful degradation when native modules fail in React Native.
Provide user-friendly error messages in UI and error handlers.
Lazy load screens and components to optimize bundle size in React Native.
Prevent memory leaks in native modules in React Native.

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

**/*.{tsx,jsx}

📄 CodeRabbit inference engine (.cursorrules)

Implement comprehensive error boundaries in React components.

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

**/*.{tsx,jsx,ts,js}

📄 CodeRabbit inference engine (.cursorrules)

Implement proper cleanup in useEffect and component unmount hooks in React.

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

**/{mobile,client,app,time,verification}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

Use server-signed time tokens or chain block timestamps for trusted time in mobile clients, do not trust device wall-clock alone

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}

📄 CodeRabbit inference engine (.cursor/rules/compliance-verification.mdc)

**/{mobile,client,app,proof,zk}/**/*.{ts,tsx,js,swift,kt}: Include trusted time anchor in proof generation and verify time anchor authenticity before proof generation in mobile implementations
Achieve proof generation in <60 seconds on mid-tier mobile devices

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

app/src/**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Use module mapping @/ → src/ and @tests/ → tests/src/ in app Jest configuration

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

**/*.{ts,tsx,js}: Never log PII, credentials, or private keys in production code; use DEBUG_SECRETS_TOKEN flag for debug-level secrets
Use consistent redaction patterns for sensitive fields in logs and test data

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

app/src/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/mobile-sdk-migration.mdc)

Update app to consume mobile-sdk-alpha modules after migration and validate all existing app tests pass

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

app/**/*.{ts,tsx,js,jsx,json,yml,yaml}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn nice passes (fixes linting and formatting) before creating a PR

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (app/AGENTS.md)

Ensure yarn types passes (TypeScript validation) before creating a PR

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

app/**/*.{ts,tsx,js,jsx,swift,kt,java}

📄 CodeRabbit inference engine (app/AGENTS.md)

app/**/*.{ts,tsx,js,jsx,swift,kt,java}: Flag security-sensitive operations and note performance implications in code comments
Ensure no sensitive data (PII, credentials, tokens) is present in logs

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

app/src/**/*.{ts,tsx,js,jsx}

⚙️ CodeRabbit configuration file

app/src/**/*.{ts,tsx,js,jsx}: Review React Native TypeScript code for:

• Component architecture and reusability
• State management patterns
• Performance optimizations
• TypeScript type safety
• React hooks usage and dependencies
• Navigation patterns

Files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

🧠 Learnings (10)

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Tamagui for UI components in React Native applications.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Integrate haptic feedback using `useHapticNavigation` hook in React Native navigation.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Zustand for global state management in React Native applications.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use Keychain for secure storage of sensitive data in React Native.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Implement custom modal system with `useModal` hook and callback registry in React Native.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use React Navigation with `createStaticNavigation` for type-safe navigation in React Native applications.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use AsyncStorage for simple data, SQLite for complex data, and Keychain for sensitive data in React Native.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-11-25T14:06:55.970Z

Learnt from: CR
Repo: selfxyz/self PR: 0
File: .cursorrules:0-0
Timestamp: 2025-11-25T14:06:55.970Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Use custom hooks for complex state (`useModal`, `useHapticNavigation`) instead of inline logic.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-08-23T02:02:02.556Z

Learnt from: transphorm
Repo: selfxyz/self PR: 942
File: app/vite.config.ts:170-0
Timestamp: 2025-08-23T02:02:02.556Z
Learning: In the selfxyz/self React Native app, devTools from '@/navigation/devTools' are intentionally shipped to production builds for testing purposes, not excluded as is typical in most applications.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

📚 Learning: 2025-08-26T14:49:11.190Z

Learnt from: shazarre
Repo: selfxyz/self PR: 936
File: app/src/screens/passport/PassportNFCScanScreen.tsx:28-31
Timestamp: 2025-08-26T14:49:11.190Z
Learning: SelfClientProvider is wrapped in app/App.tsx, providing context for useSelfClient() hook usage throughout the React Native app navigation stacks.

Applied to files:

• app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx

🧬 Code graph analysis (1)

app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (2)

packages/mobile-sdk-alpha/src/components/index.ts (2)

• XStack (47-47)
• Text (39-39)

packages/mobile-sdk-alpha/src/constants/colors.ts (1)

• white (59-59)

🔇 Additional comments (3)

app/src/screens/account/recovery/RecoverWithPhraseScreen.tsx (3)

7-7: LGTM - Correct import for touch handling.

Adding Pressable from react-native is the right approach for implementing pressable UI elements with accessibility support.

---

180-191: Well-implemented pressable paste button with good accessibility.

The Pressable wrapper correctly addresses the Android touch handling issue. The implementation includes:

• Appropriate hitSlop for better touch targets
• Proper accessibility attributes for screen readers
• Preserved layout with inner XStack

Verify that the absolutely positioned button at the bottom doesn't obscure text when users type long phrases or include extra newlines. Consider testing with edge cases like accidentally pasted multiline content.

---

206-206: LGTM - Appropriate touch target expansion.

The hitSlop values provide good touch target expansion, especially helpful for improving the button's pressability on mobile devices.