Skip to content

fix(kyc): back off verification-progress poll instead of a fixed 5s interval#2336

Merged
Hugo0 merged 2 commits into
devfrom
fix/kyc-modal-poll-backoff
Jul 2, 2026
Merged

fix(kyc): back off verification-progress poll instead of a fixed 5s interval#2336
Hugo0 merged 2 commits into
devfrom
fix/kyc-modal-poll-backoff

Conversation

@Hugo0

@Hugo0 Hugo0 commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Summary

Incident (2026-07-02): while the KYC verification-progress modal is open, useSumsubKycFlow fired initiateSumsubKyc on a fixed setInterval(..., 5000) as a websocket fallback — for the entire modal-open. That endpoint is mutating: for approved-LATAM users in the self-recovery state each call re-runs a full provider submission (86 re-submissions in 20 min for one user). Even with the new BE cooldown (api #1106), each poll still costs ~3 Sumsub API calls + DB writes on the create-action fall-through.

Why time-based, not error-based: the poll requests succeed (HTTP 200) even when the backend reprocess fails, so an error-count backoff would never escalate. Backoff must be purely time-driven.

The change (hook-only): replace the fixed 5s setInterval with a self-rescheduling setTimeout chain on a time-escalating schedule, plus an overall cap:

elapsed since modal opened poll cadence
0 – 60s 5s (fast path for the common quick transition)
60 – 120s 10s
120 – 180s 20s
180s+ 60s
≥ ~15 min stop polling entirely

After the ~15 min cap the modal stays in its existing long-running "Almost there" state (with its "Go to Home" CTA) and the websocket remains the only signal. Re-opening the modal restarts polling fresh. Cleanup on modal close / unmount cancels the pending timer (mirrors the old clearInterval semantics; adds an in-flight guard so a poll resolving after teardown can't re-arm).

Untouched by design: the websocket path, handleInitiateKyc, and the initial fetchCurrentStatus effect. Zero behavior change for flows that transition within the first minute (the common case).

Risks / blast radius

  • KYC verification UX only. Worst case after the first minute: a status transition that the websocket misses is noticed up to 60s late (previously up to 5s). The websocket remains the primary signal, so in practice transitions still surface promptly; this poll is only the fallback.
  • No API/schema/contract change; no cross-repo deploy ordering. FE-only.

QA

  • Automated: 5 new fake-timer hook tests in src/hooks/__tests__/useSumsubKycFlow.test.ts — cadence escalates 5s→10s→20s on schedule, polling stops at the cap, timer cleanup on modal close, timer cleanup on unmount, poll still calls initiateSumsubKyc with the same { regionIntent, levelName, targetCountry } args. Full suite: 106 suites / 1645 passing.
  • Manual: open the verification-progress modal (trigger the SDK-submitted state), watch the Network tab — the initiate calls should fire at 5s for the first minute, then space out to 10s → 20s → 60s, and stop after ~15 min. Confirm the modal stays visible after the cap and that the websocket still drives the completion transition.

…nterval

The verification-progress modal polled initiateSumsubKyc — a mutating
endpoint — every 5s for the whole modal-open as a websocket fallback. For
approved-LATAM users in the self-recovery state each call re-runs a full
provider submission (86 in 20 min for one user, 2026-07-02); even with the
BE cooldown each poll still costs ~3 provider calls + DB writes.

Replace the fixed setInterval with a self-rescheduling setTimeout chain on a
time-escalating schedule (5s for the first minute, then 10s → 20s → 60s) and
stop polling after a ~15 min cap. The backoff is time-based, not error-based:
the poll returns HTTP 200 even when the backend reprocess fails, so an error
count would never escalate. The websocket stays the primary signal and the
modal keeps its existing long-running state after the cap; re-opening restarts
polling fresh.
@vercel

vercel Bot commented Jul 2, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
peanut-wallet Ready Ready Preview, Comment Jul 2, 2026 9:05pm

Request Review

@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Warning

Review limit reached

You’ve reached a temporary PR review limit under our Fair Usage Limits Policy.

Your recent review volume is higher than typical usage, so adaptive limits are currently applied.

Next review available in: 46 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 25c00a1e-a8b5-41c1-a2f0-1545b4195768

📥 Commits

Reviewing files that changed from the base of the PR and between 9e7741c and 74e7c73.

📒 Files selected for processing (2)
  • src/hooks/__tests__/useSumsubKycFlow.test.ts
  • src/hooks/useSumsubKycFlow.ts

Comment @coderabbitai help to get the list of available commands.

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Code-analysis diff

Painscore total: 5858.65 → 5858.95 (+0.3)
Findings: +1 net (+9 new, -8 resolved)

🆕 New findings (9)

  • critical complexity — src/hooks/useSumsubKycFlow.ts — CC 85, MI 52.68, SLOC 382
  • high hotspot — src/hooks/useSumsubKycFlow.ts — 41 commits, +639/-81 lines since 6 months ago
  • medium high-mdd — src/hooks/useSumsubKycFlow.ts:47 — useSumsubKycFlow: MDD 176.1 (uses across many lines from declarations)
  • medium high-dlt — src/hooks/useSumsubKycFlow.ts:47 — useSumsubKycFlow: DLT 41 (calls 41 distinct functions — high context load)
  • medium high-mdd — src/hooks/useSumsubKycFlow.ts:198 — : MDD 36.7 (uses across many lines from declarations)
  • medium method-complexity — src/hooks/useSumsubKycFlow.ts:198 — CC 21 SLOC 91
  • low high-dlt — src/hooks/useSumsubKycFlow.ts:198 — : DLT 21 (calls 21 distinct functions — high context load)
  • low high-mdd — src/hooks/useSumsubKycFlow.ts:154 — : MDD 17.2 (uses across many lines from declarations)
  • low missing-return-type — src/hooks/useSumsubKycFlow.ts:47 — useSumsubKycFlow: exported fn missing return type annotation

✅ Resolved (8)

  • src/hooks/useSumsubKycFlow.ts — CC 79, MI 52.54, SLOC 349
  • src/hooks/useSumsubKycFlow.ts — 40 commits, +583/-76 lines since 6 months ago
  • src/hooks/useSumsubKycFlow.ts:21 — useSumsubKycFlow: MDD 169.6 (uses across many lines from declarations)
  • src/hooks/useSumsubKycFlow.ts:21 — useSumsubKycFlow: DLT 37 (calls 37 distinct functions — high context load)
  • src/hooks/useSumsubKycFlow.ts:147 — : MDD 36.7 (uses across many lines from declarations)
  • src/hooks/useSumsubKycFlow.ts:147 — CC 21 SLOC 91
  • src/hooks/useSumsubKycFlow.ts:147 — : DLT 21 (calls 21 distinct functions — high context load)
  • src/hooks/useSumsubKycFlow.ts:21 — useSumsubKycFlow: exported fn missing return type annotation

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

🧪 UI test report — ✅ all green

Suites

  • unit: 1648 ran, 0 failed, 0 skipped, 24.5s

📊 Coverage (unit)

metric %
statements 54.8%
branches 37.5%
functions 42.6%
lines 54.7%
⏱ 10 slowest test cases
time test
3.6s src/components/Card/share-asset/__tests__/shareAssetLayout.test.ts › never places two stickers in heavy overlap (broad seed sweep)
0.5s src/components/Card/share-asset/__tests__/shareAssetLayout.test.ts › every sticker stays within canvas at any count
0.3s src/app/actions/__tests__/api-headers.test.ts › should include Content-Type in updateUserById
0.3s src/app/actions/__tests__/api-headers-extended.test.ts › should not include apiKey in updateUserById body
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle valid 9-digit US account
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle valid ENS name
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle valid US account with spaces
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle too long for US account
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle invalid ETH address (missing 0x prefix)
0.1s src/app/(mobile-ui)/qr-pay/__tests__/qr-pay-states.test.tsx › Perk claimed shows shake class + go home button
📍 Inline annotations are in the **Unit test report** check above. Coverage artifact: `coverage-unit`. Generated by `.github/workflows/tests.yml`.

@Hugo0

Hugo0 commented Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@Hugo0 Hugo0 marked this pull request as ready for review July 2, 2026 21:10
@Hugo0

Hugo0 commented Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@Hugo0 Hugo0 merged commit cac1e93 into dev Jul 2, 2026
18 of 20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant