Skip to content

fix(kyc): verification poll never hard-stops — no user strand (post-merge /code-review)#2341

Merged
Hugo0 merged 1 commit into
devfrom
fix/kyc-poll-strand-guard
Jul 3, 2026
Merged

fix(kyc): verification poll never hard-stops — no user strand (post-merge /code-review)#2341
Hugo0 merged 1 commit into
devfrom
fix/kyc-poll-strand-guard

Conversation

@Hugo0

@Hugo0 Hugo0 commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Summary

/code-review high of the KYC poll-backoff change (already in dev, headed to prod via release #2340) found a confirmed user-strand: KYC_POLL_CAP_MS stopped the fallback poll entirely after 15 min. If the websocket connection dies during a long manual review (laptop sleep, mobile background, network switch) and the backend approves after the cap, the user is stuck on "Almost there" forever — onKycSuccess never fires. The old fixed-5s interval always recovered.

Fix: the poll settles at its 60s floor and keeps going for the whole modal-open lifetime instead of hard-stopping. Cost stays bounded — the backend self-recovery cooldown (hardened in api#1118) short-circuits repeat submissions server-side, so a 60s steady poll is nothing like the 5s battering ram the schedule replaced.

Risks

  • Slightly more polling on a very-long-open modal (≈1 call/60s past the 3-min mark) vs the previous hard stop — bounded and server-side-paced. Strictly safer than stranding the user.
  • Not fixed here (needs a BE change — noted as follow-up): the poll still hits the mutating initiateSumsubKyc; the durable fix is a read-only KYC-status endpoint that both this poll and the mount-time fetchCurrentStatus consume. Out of scope for this hotfix.

QA

Replaced the "stops after cap" test with two regressions: (1) keeps polling past 15 min but stays bounded (~10 calls in the next 10 min, not zero, not a flood); (2) a status that goes APPROVED after a 20-min wait still fires onKycSuccess. Full jest suite 1666 green, typecheck clean.

Merges to dev → release #2340 picks it up automatically.

…ce, never hard-stops

The 15-min KYC_POLL_CAP_MS stopped the fallback poll entirely, so a websocket
event missed during a long manual review (laptop sleep, mobile background,
network switch) left the user on 'Almost there' forever with onKycSuccess
never firing. The poll now settles at the 60s floor and keeps going for the
whole modal-open lifetime; the backend self-recovery cooldown bounds the
per-call cost, so it's nothing like the fixed-5s battering ram the schedule
replaced. Regression tests: keeps polling past 15 min (bounded ~10 calls in
the following 10 min, not zero, not a flood) and a late APPROVED still fires
onKycSuccess.
@vercel

vercel Bot commented Jul 3, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
peanut-wallet Ready Ready Preview, Comment Jul 3, 2026 12:53am

Request Review

@coderabbitai

coderabbitai Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Warning

Review limit reached

You’ve reached a temporary PR review limit under our Fair Usage Limits Policy.

Your recent review volume is higher than typical usage, so adaptive limits are currently applied.

Next review available in: 26 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 02ce34cf-10e0-46e8-b8cb-6319a41d14e3

📥 Commits

Reviewing files that changed from the base of the PR and between b655479 and bfdec3c.

📒 Files selected for processing (2)
  • src/hooks/__tests__/useSumsubKycFlow.test.ts
  • src/hooks/useSumsubKycFlow.ts

Comment @coderabbitai help to get the list of available commands.

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Code-analysis diff

Painscore total: 5857.65 → 5857.73 (+0.08)
Findings: 0 net (+9 new, -9 resolved)

🆕 New findings (9)

  • critical complexity — src/hooks/useSumsubKycFlow.ts — CC 84, MI 52.91, SLOC 379
  • high hotspot — src/hooks/useSumsubKycFlow.ts — 42 commits, +650/-90 lines since 6 months ago
  • medium high-mdd — src/hooks/useSumsubKycFlow.ts:51 — useSumsubKycFlow: MDD 176.0 (uses across many lines from declarations)
  • medium high-dlt — src/hooks/useSumsubKycFlow.ts:51 — useSumsubKycFlow: DLT 41 (calls 41 distinct functions — high context load)
  • medium high-mdd — src/hooks/useSumsubKycFlow.ts:200 — : MDD 36.7 (uses across many lines from declarations)
  • medium method-complexity — src/hooks/useSumsubKycFlow.ts:200 — CC 21 SLOC 91
  • low high-dlt — src/hooks/useSumsubKycFlow.ts:200 — : DLT 21 (calls 21 distinct functions — high context load)
  • low high-mdd — src/hooks/useSumsubKycFlow.ts:159 — : MDD 16.3 (uses across many lines from declarations)
  • low missing-return-type — src/hooks/useSumsubKycFlow.ts:51 — useSumsubKycFlow: exported fn missing return type annotation

✅ Resolved (9)

  • src/hooks/useSumsubKycFlow.ts — CC 85, MI 52.68, SLOC 382
  • src/hooks/useSumsubKycFlow.ts — 41 commits, +639/-81 lines since 6 months ago
  • src/hooks/useSumsubKycFlow.ts:47 — useSumsubKycFlow: MDD 176.1 (uses across many lines from declarations)
  • src/hooks/useSumsubKycFlow.ts:47 — useSumsubKycFlow: DLT 41 (calls 41 distinct functions — high context load)
  • src/hooks/useSumsubKycFlow.ts:198 — : MDD 36.7 (uses across many lines from declarations)
  • src/hooks/useSumsubKycFlow.ts:198 — CC 21 SLOC 91
  • src/hooks/useSumsubKycFlow.ts:198 — : DLT 21 (calls 21 distinct functions — high context load)
  • src/hooks/useSumsubKycFlow.ts:154 — : MDD 17.2 (uses across many lines from declarations)
  • src/hooks/useSumsubKycFlow.ts:47 — useSumsubKycFlow: exported fn missing return type annotation

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🧪 UI test report — ✅ all green

Suites

  • unit: 1669 ran, 0 failed, 0 skipped, 23.8s

📊 Coverage (unit)

metric %
statements 55.0%
branches 37.9%
functions 42.9%
lines 54.9%
⏱ 10 slowest test cases
time test
3.4s src/components/Card/share-asset/__tests__/shareAssetLayout.test.ts › never places two stickers in heavy overlap (broad seed sweep)
0.5s src/components/Card/share-asset/__tests__/shareAssetLayout.test.ts › every sticker stays within canvas at any count
0.3s src/app/actions/__tests__/api-headers.test.ts › should include Content-Type in updateUserById
0.2s src/app/actions/__tests__/api-headers-extended.test.ts › should not include apiKey in updateUserById body
0.2s src/context/__tests__/RainCooldownContext.test.tsx › does NOT re-pop the intro modal on a mid-cooldown retry
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle valid US account with spaces 2
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle valid 9-digit US account
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle valid ENS name
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle too long for US account
0.1s src/components/Global/GeneralRecipientInput/__tests__/GeneralRecipientInput.test.tsx › should handle unresolvable ENS name
📍 Inline annotations are in the **Unit test report** check above. Coverage artifact: `coverage-unit`. Generated by `.github/workflows/tests.yml`.

@Hugo0 Hugo0 merged commit 10f3b8f into dev Jul 3, 2026
18 of 20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant