Feat: sdk v11 hooks#139
Conversation
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 21f83dd. Configure here.
| } | ||
|
|
||
| private isSkipped() { | ||
| // const dappOrigin = window.location.origin; |
There was a problem hiding this comment.
i don't think we should, there is no window in react native
There was a problem hiding this comment.
Then can we remove the irrelevant codes please?
There was a problem hiding this comment.
do you mean this part ?
// const dappOrigin = window.location.origin;
it's already removed
| const accessToken = await web3Auth.getAccessToken(); | ||
| setToken(accessToken); | ||
| return accessToken; | ||
| const nextAccessToken = await web3Auth.getAccessToken(); |
There was a problem hiding this comment.
Should we have guards here? Asserting connector statuses might be helpful I think.
There was a problem hiding this comment.
I think no need because RN’s core only has connected and connected / disconnected - no status machine to sync.
| const [isMFAEnabled, setIsMFAEnabled] = useState<boolean>(false); | ||
| const [isConnected, setIsConnected] = useState<boolean>(false); | ||
| const [isAuthorized, setIsAuthorized] = useState<boolean>(false); | ||
| const [accessToken, setAccessToken] = useState<string | null>(null); |
There was a problem hiding this comment.
Should we add connector statuses state too?
| setIsMFAEnabled(true); | ||
| } | ||
| // Refresh rotated citadel tokens / MFA flags into the provider snapshot. | ||
| await syncSessionState(); |
There was a problem hiding this comment.
Please correct me if I'm wrong. Do we really need this?
Under the hood, it just looks like updating the local state for the web3AuthInnerContext.
If I understand it correct, web3AuthInnerContext has already handled this in useEffect.
There was a problem hiding this comment.
enableMFA() does not emit connected. It rotates tokens via setTokens, then refreshSession(), and returns. The user was already connected, so that listener never fires.
Without the explicit sync, React context stays stale for:
- accessToken / isAuthorized — citadel tokens were rotated
- isMFAEnabled — updated on the SDK instance, not pushed into context automatically
There was a problem hiding this comment.
refreshSession under the hood update the Web3Auth instance state.
React.effect watches the web3Auth instance, triggered the useEffect again due to the state change.
From the implementation, it should trigger.
There was a problem hiding this comment.
refreshSession mutates fields on that same object (updateState, session data, etc.). That does not change the web3Auth reference, so the effect should not re-run for that reason alone.
(the web3Auth instance in react hook dependency is a shallow compare)
| try { | ||
| await web3Auth.manageMFA(); | ||
| // Redirect may rotate citadel tokens; resync MFA + authorization snapshot. | ||
| await syncSessionState(); |
| * Ignored when {@link disableAnalytics} is true. Production/release builds | ||
| * already send analytics by default. | ||
| */ | ||
| enableAnalyticsInDev?: boolean; |
There was a problem hiding this comment.
Is this only for our debug/local purpose?
There was a problem hiding this comment.
yes, only for dev analytics purpose

Motivation and Context
This PR brings the React Hooks integration in line with Web3Auth SDK v11 session/auth APIs and dashboard-driven project configuration. Hooks consumers need clearer separation between connected (wallet/session keys) and authorized (citadel access token), plus hooks for token info and session refresh. It also aligns analytics, account abstraction (including EIP-7702), and setup docs with the rest of the v11 SDK surface.
Jira Link: https://consensyssoftware.atlassian.net/browse/EMBED-399
Description
React Hooks
Core SDK
Metro & docs
How has this been tested?
Screenshots (if appropriate):
Types of changes
Checklist:
Note
Low Risk
Changes are limited to README, a sample app, and lockfile updates with no production SDK logic in this diff.
Overview
Documentation is expanded to match the v11 React Native integration: Node/npm requirements, separate Bare vs Expo dependency installs, Metro
withWeb3Auth, mandatory@web3auth/react-native-sdk/setupas the first import, and clearer redirect URL / whitelist guidance (including Expo Go vs standalone). Usage examples now useEncryptedStorage/SecureStore,WEB3AUTH_NETWORK,init()+connectTo()instead oflogin(), and a new analytics section (disableAnalytics,enableAnalyticsInDev). The sample apps link points atdemo/instead ofexample/.The bare hooks demo (
demo/rn-bare-hooks-example) is updated to import setup first and exercise v11 session APIs:isAuthorized/accessToken,useAccessToken,useAuthTokenInfo, anduseRefreshSession(replacinguseIdentityToken). iOSPodfile.lockaddsRNCAsyncStorageand refreshes several pod checksums.Reviewed by Cursor Bugbot for commit 2c9b246. Bugbot is set up for automated code reviews on this repo. Configure here.