hotfix: infinite render of ethereum phantom wallet pop up

[kabugatti]

Removed the Zustand setters (setEthWallet, setStrkWallet) from the dependency arrays in the newly introduced useEffects

Fixes #248

Summary by CodeRabbit

• Refactor
  • Optimized wallet state effects to avoid unnecessary re-runs, improving responsiveness and stability when connecting or switching Ethereum and Starknet wallets.

[coderabbitai]

Walkthrough

This PR updates app/hooks/useWallet.ts by removing state setter functions from two useEffect dependency arrays (Ethereum and Starknet wallet effects), so reruns depend only on wallet state values.

Changes

Cohort / File(s)	Summary
Wallet hook effect deps app/hooks/useWallet.ts	Removed setEthWallet and setStrkWallet from useEffect dependency arrays to prevent unnecessary effect reruns; no exported API changes.

Sequence Diagram(s)

sequenceDiagram
  participant UI
  participant useWallet
  participant EthWallet
  participant StrkWallet

  rect rgb(240,248,255)
  note over useWallet: Old flow (before)
  useWallet->>useWallet: useEffect(dep: wallet state + setters)
  useWallet-->>EthWallet: Trigger connect/auth logic
  loop Setter identity changes
    useWallet->>useWallet: Effect re-runs
    useWallet-->>EthWallet: Re-triggers popup
  end
  end

  rect rgb(245,255,240)
  note over useWallet: New flow (after)
  useWallet->>useWallet: useEffect(dep: wallet state only)
  useWallet-->>EthWallet: Trigger connect/auth logic
  note over useWallet,EthWallet: No rerun from setter identity changes
  end

Loading

sequenceDiagram
  participant UI
  participant useWallet
  participant StrkWallet

  rect rgb(245,255,240)
  note over useWallet: Starknet effect (after)
  useWallet->>useWallet: useEffect(dep: strkWallet state only)
  useWallet-->>StrkWallet: Connect/auth as state changes
  end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• feat: create helper for message signing #233 — Adjusts authentication/signing flows and effects in useWallet.ts; directly related to the effect logic touched here.

Suggested reviewers

• JoE11-y

Pre-merge checks (5 passed)

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title "hotfix: infinite render of ethereum phantom wallet pop up" accurately and concisely describes the primary change in this PR — a hotfix addressing the infinite render of the Ethereum (Phantom) wallet popup tied to useWallet.ts. It directly references the user-facing symptom fixed by the changeset and is relevant to the modified code. The phrasing is clear enough for teammates scanning history to understand the main intent.
Linked Issues Check	✅ Passed	The changes remove the Zustand setters (setEthWallet, setStrkWallet) from useEffect dependency arrays in app/hooks/useWallet.ts, which directly targets the infinite-render behavior described in issue [#248] by preventing effects from re-running due to setter identity changes. This is aligned with the primary coding objective from the linked issue and addresses the suspected root cause. The diff does not include automated tests or runtime verification, so whether the fix completely resolves the issue in all environments cannot be confirmed from code alone.
Out of Scope Changes Check	✅ Passed	The raw_summary and PR description indicate the only code edits are in app/hooks/useWallet.ts (removing setters from effect dependency arrays), so there are no apparent out-of-scope or unrelated file changes in this PR. The change is narrowly scoped to the wallet hook and directly tied to the linked issue. A final diff review should still be done to confirm there are no accidental unrelated edits.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

Poem

A twitch of the ear, a tap of the paw,
No more popups stuck in a loop of awe.
I trimmed the deps, kept state in sight—
One hop, connect, and all is right.
Carrots queued, wallets too—boop! ✅🥕

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[kabugatti]

@CodeRabbit review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

app/hooks/useWallet.ts (1)

25-34: Fix nonce regex (captures only 1 char) and harden CSRF fetch.

.? matches at most one character; only the first nonce char is captured. This can break auth/replay protection. Also check csrf fetch ok before parsing.

-    const csrfTokenResponse = await fetch("/api/auth/csrf");
-    const { csrfToken } = await csrfTokenResponse.json();
+    const csrfTokenResponse = await fetch("/api/auth/csrf");
+    if (!csrfTokenResponse.ok) {
+      throw new Error("Failed to fetch CSRF token");
+    }
+    const { csrfToken } = await csrfTokenResponse.json();

-    const nonceMatch = message.match(/Nonce:\s*(.?)(?:\n|$)/);
+    const nonceMatch = message.match(/Nonce:\s*(.+)(?:\n|$)/);
     const nonce = nonceMatch ? nonceMatch[1].trim() : null;

Optionally: pass the generated nonce as a param to authenticateWithSignature to avoid parsing altogether.

🧹 Nitpick comments (4)

app/hooks/useWallet.ts (4)

152-221: Narrow Starknet auth deps to the address.

Depending on account object can retrigger when its identity changes even if the address didn’t. Use address + status to limit runs.

-  }, [strkWallet.account, strkWallet.status]);
+  }, [strkWallet.account?.address, strkWallet.status]);

---

274-281: Await Starknet connect if it returns a Promise.

Prevents races where platform UI updates before connection completes.

-        strkWallet.connectStarknetWallet({
+        await strkWallet.connectStarknetWallet({
           connector: starknetConnectors[connectorId],
         });

If the API is sync, ignore.

---

64-73: Avoid capturing the entire store in callbacks.

Pull setError out of store so callbacks don’t depend on the whole object (cuts unnecessary re-creations on unrelated store updates).

   const {
     setEthWallet,
     setStrkWallet,
     clearError,
     resetWallet,
     setWalletPlatform,
-    ...store
+    setError,
+    ...store
   } = useWalletStore();

And update usages/deps below accordingly:

-        store.setError(String(error));
+        setError(String(error));

-    [ethWallet, clearError, resetWallet, setWalletPlatform, store]
+    [ethWallet, clearError, resetWallet, setWalletPlatform, setError]

Repeat the same change for STRK connect/disconnect blocks.

---

36-58: Surface backend error details for easier debugging.

When /api/auth/callback/credentials fails, try to parse and propagate the error message.

-    if (!response.ok) {
-      throw new Error("Authentication failed");
-    }
+    if (!response.ok) {
+      let detail = "Authentication failed";
+      try { detail = (await response.json())?.error ?? detail; } catch {}
+      throw new Error(detail);
+    }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a38ef3a and eaeff7d.

📒 Files selected for processing (1)

• app/hooks/useWallet.ts (1 hunks)

🔇 Additional comments (3)

app/hooks/useWallet.ts (3)

84-97: LGTM: removed setEthWallet from deps.

Correct to depend only on wallet values; avoids unnecessary effect churn.

---

144-151: LGTM: removed setStrkWallet from deps.

Matches the ETH effect; reduces spurious reruns.

---

98-143: Remove ethWallet.getSigner from effect deps to prevent re-prompts

File: app/hooks/useWallet.ts — lines 98–143

getSigner function identity may be unstable and retrigger the effect; depend only on ethWallet.address.

-  }, [ethWallet.address, ethWallet.getSigner]);
+  }, [ethWallet.address]);

Manual verification: with Phantom (Ethereum) — connect, cancel signature once, confirm no repeated prompts until address changes.