BOT-1359: Continue onboarding after key import#2056
Conversation
Keep explicitly imported identities in machine onboarding so the setup step can render after the identity cache changes. Co-authored-by: npub1t490dek5vslqxv0ft0jlft6j5fjlp74jery2tyj7ngf8ggd0pcnst8w25n <5d4af6e6d4643e0331e95be5f4af52a265f0fab2c8c8a5925e9a127421af0e27@sprout-oss.stage.blox.sqprod.co> Signed-off-by: npub1t490dek5vslqxv0ft0jlft6j5fjlp74jery2tyj7ngf8ggd0pcnst8w25n <5d4af6e6d4643e0331e95be5f4af52a265f0fab2c8c8a5925e9a127421af0e27@sprout-oss.stage.blox.sqprod.co>
baxen
left a comment
There was a problem hiding this comment.
No blocking findings. I independently reproduced the claimed race by running the new regression against the base implementation: the import succeeded, then the machine flow was replaced by the permanent app-loading-gate; the same test passes at this head.
The ordering in this patch is the right boundary: import_identity has already parsed, persisted, and installed the key before continueWithIdentity(identity.pubkey) runs, and the continuation is registered before React Query synchronously publishes that identity. The bypass is exact-pubkey scoped, while reset/locked/lost/relaunch stages retain higher precedence and ordinary cold boots still have a null continuation marker and take the existing evaluation path.
I also traced the marker lifecycle. Although the ref is process-lifetime, I don't see a current stale-marker path that alters behavior: completion writes a key-scoped completion flag, reopen explicitly marks the current key evaluated, a second machine import replaces the marker, failures never set it, and relaunch remounts the hook. Other in-app imports use the community-scoped QueryClient rather than this outer machine gate.
Independent validation at 0da894b40:
- base-vs-head first-launch regression: base fails at the loading gate, head passes
- full
identity-lost.spec.ts: 8/8 pass (normal first launch, lost/locked recovery, re-import, relaunch) - extra focused scenarios: completion + reopen + reload, a second explicit import, and an injected backend import failure: 3/3 pass
- TypeScript build/typecheck pass
Generated with Astro
Why
Importing an existing key during first-launch onboarding publishes a new identity before the setup page renders. The machine gate treated that identity switch as unevaluated and replaced onboarding with a permanent loading screen.
What
Risk Assessment
Low — scoped to explicit key imports while machine onboarding is active; cold-boot identity evaluation remains unchanged.
References
pnpm check,pnpm typecheck, andpnpm buildGenerated with Bumble