Skip to content

feat(ramp): consume JSON moneyHeadlessAllProviders payload + thread rampSurface into headless getQuotes#33362

Draft
saustrie-consensys wants to merge 5 commits into
mainfrom
saustrie/headless-allowlist-surface
Draft

feat(ramp): consume JSON moneyHeadlessAllProviders payload + thread rampSurface into headless getQuotes#33362
saustrie-consensys wants to merge 5 commits into
mainfrom
saustrie/headless-allowlist-surface

Conversation

@saustrie-consensys

Copy link
Copy Markdown
Contributor

Description

Phase 2 of Headless Buy all-providers needs QA to force a specific provider mix (for example external-browser-only) with only a LaunchDarkly edit. MetaMask/core#9524 widens the moneyHeadlessAllProviders flag's value contract so the same key also accepts a JSON payload { "enabled": true, "providerIds": [...], "surfaces": { "money": [...], "perps": [...], "predictions": [...] } }; when provider ids are listed, the controller's widened quote pick drops candidates whose provider is not listed. Old clients coerce the payload to false (native-only), and production serves false everywhere, so serving it cannot enable widening for a client that cannot parse it.

This PR is the mobile half:

  • Bump @metamask/ramps-controller to consume the new contract. No mobile flag-interpretation logic is added: useHeadlessAllProvidersEnabled still delegates to the core helper, so the object form flows through the existing UI availability gates automatically.
  • Thread an optional rampSurface through the headless getQuotes params (HeadlessGetQuotesParams, useHeadlessBuy, GetQuotesOptions), mapped from the ramp_surface analytics vocabulary onto the payload's surface keys (money_account to money, perps to perps, prediction to predictions), so a per-surface allowlist applies to quote requests tagged with a surface.

Note: surfaces entries only affect callers that pass a surface tag, and no shipped widened caller does yet (TPC getRampsQuote passes none), so MM Pay money deposits are governed by the payload's top-level providerIds list. That list is sufficient for the Phase 2 QA forcing scenario; threading a surface through TPC is a follow-up tracked with P2.M6.

Plan doc: app/components/UI/Ramp/headless/PLAN_-_ALL_PROVIDERS_SUPPORT.md, milestone P2.M5 (revision in #32906 records the single-flag JSON design).

Changelog

CHANGELOG entry: null

Related issues

Refs: MetaMask/core#9524

Manual testing steps

  1. In the LaunchDarkly dev environment (or via Settings > Feature flag override once LD serves an object variation), set money-headless-all-providers to { "enabled": true, "providerIds": ["/providers/<external-browser-provider>"] } in a region where an in-app aggregator normally wins on reliability.
  2. Drive an MM Pay money deposit (Money account > Add funds) and confirm the selected quote comes from the forced provider.
  3. Set the flag back to true (or remove providerIds) and confirm selection reverts to the reliability winner.
  4. Set the flag to false (or { "enabled": false }) and confirm the flow is native-only again.

Screenshots/Recordings

Before

N/A (dev/QA-gated quoting behavior; no UI change)

After

N/A (dev/QA-gated quoting behavior; no UI change)

Pre-merge author checklist

Performance checks (if applicable)

  • I've tested on Android
    • Ideally on a mid-range device; emulator is acceptable
  • I've tested with a power user scenario
    • Use these power-user SRPs to import wallets with many accounts and tokens
  • I've instrumented key operations with Sentry traces for production performance metrics

For performance guidelines and tooling, see the Performance Guide.

Pre-merge reviewer checklist

  • I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
  • I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

@saustrie-consensys saustrie-consensys added the team-money-movement issues related to Money Movement features label Jul 15, 2026
@github-actions

Copy link
Copy Markdown
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@github-actions github-actions Bot added the pr-not-ready-for-e2e Skip E2E and block merging. Remove this label once the PR is ready to run the E2E tests. label Jul 15, 2026
@metamask-ci

metamask-ci Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

PR template — items to address before "Ready for review"

Warnings — informational, address before merging:

  • Pre-merge author checklist has unchecked items (e.g. "I've tested on Android"). Every box must be consciously checked — see docs/readme/ready-for-review.md.

See docs/readme/ready-for-review.md for the full Definition of Ready for Review.

@socket-security

socket-security Bot commented Jul 15, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addednpm/​@​metamask-previews/​ramps-controller@​17.0.0-preview-1ccf11bcb100100100100100

View full report

@socket-security

socket-security Bot commented Jul 15, 2026

Copy link
Copy Markdown

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report

…r fetch

On a region switch RampsController clears providers to [] (persist:false) and
refetches, a window that can last ~24s on a cold switch (observed in NY). The
Money Add-funds gate keyed the Deposit row on regionHasProviderForAsset, which
returns false for an empty list, so the entry vanished for the whole fetch even
in regions that do offer fiat. useRegionHasFiatProvider now treats "widening on
+ still loading + nothing fetched yet" as available, resolving to the real
asset-aware answer once providers arrive. Gated on the flag so the production
native-only default is unchanged.
The hook stopped meaning "has a native provider" once it became flag-aware:
with moneyHeadlessAllProviders on it returns true for aggregator and
external-browser/custom-action providers (PayPal, Coinbase), not just native.
Rename the hook, its file, and its consumers, and correct the stale
"native-only for v0" docstring on useIsFiatPaymentAvailable. Pure rename plus
doc fix; no behavior change.
@saustrie-consensys saustrie-consensys removed the pr-not-ready-for-e2e Skip E2E and block merging. Remove this label once the PR is ready to run the E2E tests. label Jul 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

size-M team-money-movement issues related to Money Movement features

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant