feat: comprehensive project improvements and fixes

- Fix all TypeScript compilation errors (40+ fixes) - Add missing type definitions (TransactionRequest, SafeInfo) - Fix TransactionRequestStatus vs TransactionStatus confusion - Fix import paths and provider type issues - Fix test file errors and mock providers - Implement comprehensive security features - AES-GCM encryption with PBKDF2 key derivation - Input validation and sanitization - Rate limiting and nonce management - Replay attack prevention - Access control and authorization - Add comprehensive test suite - Integration tests for transaction flow - Security validation tests - Wallet management tests - Encryption and rate limiter tests - E2E tests with Playwright - Add extensive documentation - 12 numbered guides (setup, development, API, security, etc.) - Security documentation and audit reports - Code review and testing reports - Project organization documentation - Update dependencies - Update axios to latest version (security fix) - Update React types to v18 - Fix peer dependency warnings - Add development tooling - CI/CD workflows (GitHub Actions) - Pre-commit hooks (Husky) - Linting and formatting (Prettier, ESLint) - Security audit workflow - Performance benchmarking - Reorganize project structure - Move reports to docs/reports/ - Clean up root directory - Organize documentation - Add new features - Smart wallet management (Gnosis Safe, ERC4337) - Transaction execution and approval workflows - Balance management and token support - Error boundary and monitoring (Sentry) - Fix WalletConnect configuration - Handle missing projectId gracefully - Add environment variable template
2026-01-14 02:17:26 -08:00
parent cdde90c128
commit 55fe7d10eb
107 changed files with 25987 additions and 866 deletions
--- a/app/providers.tsx
+++ b/app/providers.tsx
@@ -20,6 +20,25 @@ import { publicProvider } from "wagmi/providers/public";

 import theme from "@/style/theme";
 import { SafeInjectProvider } from "@/contexts/SafeInjectContext";
+import { SmartWalletProvider } from "@/contexts/SmartWalletContext";
+import { TransactionProvider } from "@/contexts/TransactionContext";
+import ErrorBoundary from "@/components/ErrorBoundary";
+import { monitoring } from "@/utils/monitoring";
+
+// Initialize error tracking if Sentry is available
+if (typeof window !== "undefined" && process.env.NEXT_PUBLIC_SENTRY_DSN) {
+  try {
+    // Dynamic import to avoid bundling Sentry in client if not needed
+    import("@sentry/nextjs").then((Sentry) => {
+      monitoring.initErrorTracking(Sentry);
+    }).catch(() => {
+      // Sentry not available, continue without it
+      console.warn("Sentry not available, continuing without error tracking");
+    });
+  } catch (error) {
+    console.warn("Failed to initialize Sentry:", error);
+  }
+}

 const { chains, publicClient } = configureChains(
  // the first chain is used by rainbowWallet to determine which chain to use
@@ -27,15 +46,25 @@ const { chains, publicClient } = configureChains(
  [publicProvider()]
 );

-const projectId = process.env.NEXT_PUBLIC_WC_PROJECT_ID!;
-const connectors = connectorsForWallets([
-  {
-    groupName: "Recommended",
-    wallets: [
+// WalletConnect projectId - required for WalletConnect v2
+// Get one from https://cloud.walletconnect.com/
+const projectId = process.env.NEXT_PUBLIC_WC_PROJECT_ID || "demo-project-id";
+
+// Only include WalletConnect wallets if projectId is set (not demo)
+const wallets = projectId && projectId !== "demo-project-id"
+  ? [
      metaMaskWallet({ projectId, chains }),
      walletConnectWallet({ projectId, chains }),
      rainbowWallet({ projectId, chains }),
-    ],
+    ]
+  : [
+      metaMaskWallet({ projectId: "demo-project-id", chains }),
+    ];
+
+const connectors = connectorsForWallets([
+  {
+    groupName: "Recommended",
+    wallets,
  },
 ]);

@@ -55,7 +84,15 @@ export const Providers = ({ children }: { children: React.ReactNode }) => {
            theme={darkTheme()}
            modalSize={"compact"}
          >
-            <SafeInjectProvider>{children}</SafeInjectProvider>
+            <ErrorBoundary>
+              <SafeInjectProvider>
+                <SmartWalletProvider>
+                  <TransactionProvider>
+                    {children}
+                  </TransactionProvider>
+                </SmartWalletProvider>
+              </SafeInjectProvider>
+            </ErrorBoundary>
          </RainbowKitProvider>
        </WagmiConfig>
      </ChakraProvider>
--- a/app/sentry.client.config.ts
+++ b/app/sentry.client.config.ts
@@ -0,0 +1,77 @@
+/**
+ * Sentry client-side configuration
+ * This file configures Sentry for client-side error tracking
+ */
+
+import * as Sentry from "@sentry/nextjs";
+
+const SENTRY_DSN = process.env.NEXT_PUBLIC_SENTRY_DSN;
+
+if (SENTRY_DSN && typeof window !== "undefined") {
+  Sentry.init({
+    dsn: SENTRY_DSN,
+    environment: process.env.NODE_ENV || "development",
+    
+    // Adjust this value in production, or use tracesSampler for greater control
+    tracesSampleRate: process.env.NODE_ENV === "production" ? 0.1 : 1.0,
+    
+    // Set sample rate for profiling
+    profilesSampleRate: process.env.NODE_ENV === "production" ? 0.1 : 1.0,
+    
+    // Filter out sensitive data
+    beforeSend(event, hint) {
+      // Don't send events in development
+      if (process.env.NODE_ENV === "development") {
+        return null;
+      }
+      
+      // Filter out sensitive information
+      if (event.request) {
+        // Remove sensitive headers
+        if (event.request.headers) {
+          delete event.request.headers["authorization"];
+          delete event.request.headers["cookie"];
+        }
+        
+        // Remove sensitive query params
+        if (event.request.query_string) {
+          const params = new URLSearchParams(event.request.query_string);
+          params.delete("apiKey");
+          params.delete("token");
+          event.request.query_string = params.toString();
+        }
+      }
+      
+      return event;
+    },
+    
+    // Ignore certain errors
+    ignoreErrors: [
+      // Browser extensions
+      "top.GLOBALS",
+      "originalCreateNotification",
+      "canvas.contentDocument",
+      "MyApp_RemoveAllHighlights",
+      "atomicFindClose",
+      // Network errors
+      "NetworkError",
+      "Failed to fetch",
+      "Network request failed",
+      // User cancellations
+      "User cancelled",
+    ],
+    
+    // Additional options
+    integrations: [
+      new Sentry.BrowserTracing({
+        // Set sampling rate
+        tracePropagationTargets: ["localhost", /^https:\/\/.*\.impersonator\.xyz/],
+      }),
+      new Sentry.Replay({
+        // Mask sensitive data
+        maskAllText: false,
+        maskAllInputs: true,
+      }),
+    ],
+  });
+}
--- a/app/sentry.edge.config.ts
+++ b/app/sentry.edge.config.ts
@@ -0,0 +1,16 @@
+/**
+ * Sentry edge runtime configuration
+ * This file configures Sentry for edge runtime
+ */
+
+import * as Sentry from "@sentry/nextjs";
+
+const SENTRY_DSN = process.env.NEXT_PUBLIC_SENTRY_DSN;
+
+if (SENTRY_DSN) {
+  Sentry.init({
+    dsn: SENTRY_DSN,
+    environment: process.env.NODE_ENV || "development",
+    tracesSampleRate: process.env.NODE_ENV === "production" ? 0.1 : 1.0,
+  });
+}
--- a/app/sentry.server.config.ts
+++ b/app/sentry.server.config.ts
@@ -0,0 +1,37 @@
+/**
+ * Sentry server-side configuration
+ * This file configures Sentry for server-side error tracking
+ */
+
+import * as Sentry from "@sentry/nextjs";
+
+const SENTRY_DSN = process.env.NEXT_PUBLIC_SENTRY_DSN;
+
+if (SENTRY_DSN) {
+  Sentry.init({
+    dsn: SENTRY_DSN,
+    environment: process.env.NODE_ENV || "development",
+    
+    // Adjust this value in production
+    tracesSampleRate: process.env.NODE_ENV === "production" ? 0.1 : 1.0,
+    
+    // Filter out sensitive data
+    beforeSend(event, hint) {
+      // Don't send events in development
+      if (process.env.NODE_ENV === "development") {
+        return null;
+      }
+      
+      // Filter out sensitive information
+      if (event.request) {
+        // Remove sensitive headers
+        if (event.request.headers) {
+          delete event.request.headers["authorization"];
+          delete event.request.headers["cookie"];
+        }
+      }
+      
+      return event;
+    },
+  });
+}