fix: New Persistence Improvements based on Abuse testing cp-7.59.0 (#21990)

<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->

## **Description**

<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->


When Redux state migrations fail, redux-persist resets the state to
defaults and updates the version number to the latest, preventing
migrations from re-running. This leaves users stuck on the onboarding
screen unable to access their wallets, even though their vault backup
exists in secure storage.

## Implementation

### 1. Vault Recovery Detection on Onboarding Screen

Added automatic detection when users land on the onboarding screen with
an existing vault backup:
- Detects migration failure scenario: `!existingUser` (Redux reset) +
vault backup exists
- Skips detection if user explicitly deleted their wallet
(`route.params.delete`)
- Automatically navigates to vault recovery screen
- Users can restore their wallet using their password
- Prevents data loss from failed migrations

**Files Changed:**
- `app/components/Views/Onboarding/index.js` - Added vault recovery
detection
- `app/components/Views/RestoreWallet/WalletRestored.tsx` - Sets
`existingUser` flag after restore

### 2. Fixed Vault Recovery Persistence Bug

Fixed critical bug where vault recovery didn't persist controller state
changes:
- Added `setupEnginePersistence()` call in `initializeVaultFromBackup()`
path
- Ensures controller state changes are saved to individual files after
vault recovery
- Previously caused infinite vault recovery loops after successful
restore
- Consolidated persistence setup in `initializeControllers()` for
consistency

**Files Changed:**
- `app/core/EngineService/EngineService.ts` - Fixed persistence setup in
vault recovery path

### 3. Fixed Race Condition in Wallet Deletion

Prevents temporary wallets (created during reset) from being backed up:
- Added `disableAutomaticVaultBackup` flag to temporarily disable vault
backups during wallet reset
- Clears all vault backups before creating temporary wallet
- Re-enables automatic backups in `finally` block for robustness
- Applies to both manual wallet deletion and OAuth error recovery
- Prevents false vault recovery prompts after intentional wallet resets

**Files Changed:**
- `app/core/Engine/Engine.ts` - Added circuit breaker flag
- `app/components/hooks/DeleteWallet/useDeleteWallet.ts` - Manual
deletion fix
- `app/core/Authentication/Authentication.ts` - Uncommented
`setExistingUser(true)` for new wallets
- `app/core/BackupVault/backupVault.ts` - Vault backup utilities

### 4. Fixed Migration Inflation/Deflation Logic

Corrected conditions for the new file-based persistence system
(migrations 104-105):
- **Inflation**: `> 106` - Only migrations 106+ need to inflate from
individual controller files
- **Deflation**: `>= 106` - Migration 106 is the first to deflate into
individual controller files
- Only future migrations require inflation, that will follow this PR
- Ensures smooth transition to new persistence system without breaking
app on restart

**Files Changed:**
- `app/store/migrations/index.ts` - Fixed inflation/deflation conditions
and removed debug logs
- `app/store/migrations/index.test.ts` - Updated tests to reflect
correct logic

### 5. Code Cleanup

Removed all debugging logs added during investigation:
- `app/components/Views/Onboarding/index.js` - Removed migration
detection logs
- `app/core/EngineService/EngineService.ts` - Removed persistence setup
logs
- `app/store/migrations/index.ts` - Removed KeyringController debug logs
- `app/core/BackupVault/backupVault.ts` - Simplified error handling
- `app/core/Engine/Engine.ts` - Removed vault backup logs

### 6. Test Compliance

Fixed unit test naming violations to comply with project guidelines:
- Updated 19 tests in `EngineService.test.ts` to remove "should" from
test names
- Ensured all tests follow action-oriented naming convention

## **Changelog**

<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`

If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`

(This helps the Release Engineer do their job more quickly and
accurately)
-->

CHANGELOG entry:

## **Related issues**

Fixes:

## **Manual testing steps**

```gherkin
Feature: my feature name

  Scenario: user [verb for user action]
    Given [describe expected initial app state]

    When user [verb for user action]
    Then [describe expected outcome]
```

**Feature: Vault Recovery After Migration Failure**

  Scenario: user restores wallet after migration failure
    Given user has MetaMask installed with wallet data
    And a state migration fails during app startup
    And redux state is reset to defaults
    And vault backup exists in secure storage

    When user opens the app
    Then user sees the vault recovery screen automatically
    
    When user enters their wallet password
    Then user successfully restores their wallet
    And user can access their accounts and assets


**Feature: Manual Wallet Deletion**

  Scenario: user deletes wallet without false vault recovery
    Given user has MetaMask installed with an active wallet
    And user is on the Settings screen

    When user navigates to "Security & Privacy"
    And user taps "Delete Wallet"
    And user confirms the deletion
    And user restarts the app
    Then user sees the onboarding screen
    And user does NOT see the vault recovery screen


**Feature: OAuth Login Error Recovery**

  Feature: Vault Recovery After Migration Failure

  Scenario: user restores wallet after migration failure
    Given user has MetaMask installed with wallet data
    And a state migration fails during app startup
    And redux state is reset to defaults
    And vault backup exists in secure storage

    When user opens the app
    Then user sees the vault recovery screen automatically
    
    When user enters their wallet password
    Then user successfully restores their wallet
    And user can access their accounts and assets


**Feature: Manual Wallet Deletion**

  Scenario: user deletes wallet without false vault recovery
    Given user has MetaMask installed with an active wallet
    And user is on the Settings screen

    When user navigates to "Security & Privacy"
    And user taps "Delete Wallet"
    And user confirms the deletion
    And user restarts the app
    Then user sees the onboarding screen
    And user does NOT see the vault recovery screen


**Feature: OAuth Login Error Recovery**

Scenario: user experiences OAuth backup failure without false vault
recovery
    Given user is creating a new wallet with OAuth (Google/Apple login)
    And local wallet creation succeeds
    And cloud backup fails during OAuth process

    When the error handler resets the wallet state
    And user restarts the app
    Then user sees the onboarding screen
    And user does NOT see the vault recovery screen
    And user can retry OAuth login or import with seed phrase


**Feature: Migration System Upgrade Path**

  Scenario: user upgrades from version 103 to version 104+
    Given user has MetaMask version with migrations up to 103
    And controller data is stored in redux-persist
    And user has an active wallet

    When user upgrades to version 104 or higher
    Then migrations 104+ run successfully
    And controller data is deflated to individual files
    And user's wallet remains accessible
    And app functions normally after restart


  Scenario: user upgrades from version 104 to version 105+
    Given user has MetaMask version 104
    And controller data is in individual files
    And user has an active wallet

    When user upgrades to version 105 or higher
    Then controller data is inflated for migrations
    And new migrations run successfully
    And controller data is deflated back to individual files
    And user's wallet remains accessible
And app functions normally after restart**: user experiences OAuth
backup failure without false vault recovery
    Given user is creating a new wallet with OAuth (Google/Apple login)
    And local wallet creation succeeds
    And cloud backup fails during OAuth process

    When the error handler resets the wallet state
    And user restarts the app
    Then user sees the onboarding screen
    And user does NOT see the vault recovery screen
    And user can retry OAuth login or import with seed phrase


**Feature: Migration System Upgrade Path**

  Scenario: user upgrades from version 103 to version 104+
    Given user has MetaMask version with migrations up to 103
    And controller data is stored in redux-persist
    And user has an active wallet

    When user upgrades to version 104 or higher
    Then migrations 104+ run successfully
    And controller data is deflated to individual files
    And user's wallet remains accessible
    And app functions normally after restart


  Scenario: user upgrades from version 104 to version 105+
    Given user has MetaMask version 104
    And controller data is in individual files
    And user has an active wallet

    When user upgrades to version 105 or higher
    Then controller data is inflated for migrations
    And new migrations run successfully
    And controller data is deflated back to individual files
    And user's wallet remains accessible
    And app functions normally after restart

## **Screenshots/Recordings**

<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->

### **Before**

<!-- [screenshots/recordings] -->

### **After**

<!-- [screenshots/recordings] -->

## **Pre-merge author checklist**

- [x] I’ve followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I’ve included tests if applicable
- [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [x] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [x] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.



<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Detects migration failure and routes to vault recovery, ensures
controller persistence after recovery, prevents backing up temporary
wallets during resets, and updates login/recovery flows with tests.
> 
> - **Onboarding/Recovery**:
> - Detects migration failure on `Onboarding` by checking vault backup
and `existingUser`; skips in E2E and explicit delete, then navigates to
`Routes.VAULT_RECOVERY.RESTORE_WALLET`.
> - `WalletRestored` now routes to `Routes.ONBOARDING.LOGIN` with
`isVaultRecovery` instead of auto-auth; adds tests.
> - `Login` sets `existingUser` via `setExistingUser(true)` after
successful unlock when `isVaultRecovery` is true; adds tests.
> - **Engine/Authentication**:
> - Adds `Engine.disableAutomaticVaultBackup` and skips `backupVault`
when true.
> - Clears vault backups and temporarily disables auto-backup during
wallet reset and OAuth error recovery; always re-enables.
> - `EngineService` moves filesystem persistence setup to
`initializeControllers` and ensures it runs after vault recovery;
updates batching and tests.
> - **Hooks/Tests**:
> - `useDeleteWallet` clears backups first, disables auto-backup during
reset, re-enables in `finally`, and resets controllers; adds robust
tests.
> - Renames and tightens numerous test titles/expectations; snapshot
names updated.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
ed1a8a7. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Author: MarioAslau

app/components/Views/Login/index.test.tsx

@@ -25,6 +25,7 @@ import {
   TRUE,
 } from '../../../constants/storage';
 import { useMetrics } from '../../hooks/useMetrics';
+import { setExistingUser } from '../../../actions/user';
 
 const mockNavigate = jest.fn();
 const mockReplace = jest.fn();
@@ -113,6 +114,13 @@ jest.mock('../../../actions/security', () => ({
   },
 }));
 
+jest.mock('../../../actions/user', () => ({
+  setExistingUser: jest.fn((value) => ({
+    type: 'SET_EXISTING_USER',
+    existingUser: value,
+  })),
+}));
+
 jest.mock('../../../store/storage-wrapper', () => ({
   getItem: jest.fn().mockResolvedValue(null),
   setItem: jest.fn(),
@@ -263,7 +271,7 @@ describe('Login', () => {
     expect(toJSON()).toMatchSnapshot();
   });
 
-  it('should call trace function for AuthenticateUser during non-OAuth login', async () => {
+  it('calls trace function for AuthenticateUser during non-OAuth login', async () => {
     (StorageWrapper.getItem as jest.Mock).mockImplementation((key) => {
       if (key === OPTIN_META_METRICS_UI_SEEN) return true;
       return null;
@@ -296,11 +304,14 @@ describe('Login', () => {
   });
 
   describe('Forgot Password', () => {
-    it('show the forgot password modal', () => {
+    it('shows forgot password modal when reset wallet pressed', () => {
+      // Arrange
       const { getByTestId } = renderWithProvider(<Login />);
-      expect(getByTestId(LoginViewSelectors.RESET_WALLET)).toBeTruthy();
+
+      // Act
       fireEvent.press(getByTestId(LoginViewSelectors.RESET_WALLET));
 
+      // Assert
       expect(mockNavigate).toHaveBeenCalledWith(Routes.MODAL.ROOT_MODAL_FLOW, {
         screen: Routes.MODAL.DELETE_WALLET,
         params: {
@@ -320,7 +331,7 @@ describe('Login', () => {
         });
       });
 
-      it('should navigate to opt-in metrics when UI not seen and metrics disabled', async () => {
+      it('navigates to opt-in metrics when UI not seen and metrics disabled', async () => {
         // Arrange
         (StorageWrapper.getItem as jest.Mock).mockImplementation((key) => {
           if (key === OPTIN_META_METRICS_UI_SEEN) return Promise.resolve(null);
@@ -354,7 +365,6 @@ describe('Login', () => {
           fireEvent.press(loginButton);
         });
 
-        // Wait for async operations to complete
         await act(async () => {
           await new Promise((resolve) => setTimeout(resolve, 0));
         });
@@ -375,7 +385,7 @@ describe('Login', () => {
         });
       });
 
-      it('should navigate to home when UI not seen but metrics enabled', async () => {
+      it('navigates to home when UI not seen but metrics enabled', async () => {
         // Arrange
         (StorageWrapper.getItem as jest.Mock).mockImplementation((key) => {
           if (key === OPTIN_META_METRICS_UI_SEEN) return Promise.resolve(null);
@@ -418,7 +428,7 @@ describe('Login', () => {
         expect(mockReplace).toHaveBeenCalledWith(Routes.ONBOARDING.HOME_NAV);
       });
 
-      it('should navigate to home when UI seen and metrics disabled', async () => {
+      it('navigates to home when UI seen and metrics disabled', async () => {
         // Arrange
         (StorageWrapper.getItem as jest.Mock).mockImplementation((key) => {
           if (key === OPTIN_META_METRICS_UI_SEEN)
@@ -462,7 +472,7 @@ describe('Login', () => {
         expect(mockReplace).toHaveBeenCalledWith(Routes.ONBOARDING.HOME_NAV);
       });
 
-      it('should navigate to home when UI seen and metrics enabled', async () => {
+      it('navigates to home when UI seen and metrics enabled', async () => {
         // Arrange
         (StorageWrapper.getItem as jest.Mock).mockImplementation((key) => {
           if (key === OPTIN_META_METRICS_UI_SEEN)
@@ -726,7 +736,103 @@ describe('Login', () => {
       fireEvent.changeText(passwordInput, 'testpassword123');
 
       // Assert
-      expect(passwordInput).toBeTruthy();
+      expect(passwordInput).toBeOnTheScreen();
+    });
+  });
+
+  describe('Vault Recovery', () => {
+    beforeEach(() => {
+      jest.clearAllMocks();
+    });
+
+    it('dispatches setExistingUser after successful login from vault recovery', async () => {
+      // Arrange
+      mockRoute.mockReturnValue({
+        params: {
+          locked: false,
+          oauthLoginSuccess: false,
+          isVaultRecovery: true,
+        },
+      });
+
+      (StorageWrapper.getItem as jest.Mock).mockImplementation((key) => {
+        if (key === OPTIN_META_METRICS_UI_SEEN) return Promise.resolve('true');
+        return Promise.resolve(null);
+      });
+
+      (Authentication.userEntryAuth as jest.Mock).mockResolvedValueOnce(
+        undefined,
+      );
+      (
+        Authentication.componentAuthenticationType as jest.Mock
+      ).mockResolvedValueOnce({
+        currentAuthType: 'password',
+      });
+
+      const { getByTestId } = renderWithProvider(<Login />);
+      const passwordInput = getByTestId(LoginViewSelectors.PASSWORD_INPUT);
+      const loginButton = getByTestId(LoginViewSelectors.LOGIN_BUTTON_ID);
+
+      // Act
+      await act(async () => {
+        fireEvent.changeText(passwordInput, 'validPassword123');
+      });
+
+      await act(async () => {
+        fireEvent.press(loginButton);
+      });
+
+      await act(async () => {
+        await new Promise((resolve) => setTimeout(resolve, 0));
+      });
+
+      // Assert
+      expect(setExistingUser).toHaveBeenCalledWith(true);
+    });
+
+    it('does not dispatch setExistingUser when not from vault recovery', async () => {
+      // Arrange
+      mockRoute.mockReturnValue({
+        params: {
+          locked: false,
+          oauthLoginSuccess: false,
+          isVaultRecovery: false,
+        },
+      });
+
+      (StorageWrapper.getItem as jest.Mock).mockImplementation((key) => {
+        if (key === OPTIN_META_METRICS_UI_SEEN) return Promise.resolve('true');
+        return Promise.resolve(null);
+      });
+
+      (Authentication.userEntryAuth as jest.Mock).mockResolvedValueOnce(
+        undefined,
+      );
+      (
+        Authentication.componentAuthenticationType as jest.Mock
+      ).mockResolvedValueOnce({
+        currentAuthType: 'password',
+      });
+
+      const { getByTestId } = renderWithProvider(<Login />);
+      const passwordInput = getByTestId(LoginViewSelectors.PASSWORD_INPUT);
+      const loginButton = getByTestId(LoginViewSelectors.LOGIN_BUTTON_ID);
+
+      // Act
+      await act(async () => {
+        fireEvent.changeText(passwordInput, 'validPassword123');
+      });
+
+      await act(async () => {
+        fireEvent.press(loginButton);
+      });
+
+      await act(async () => {
+        await new Promise((resolve) => setTimeout(resolve, 0));
+      });
+
+      // Assert
+      expect(setExistingUser).not.toHaveBeenCalled();
     });
   });
 
@@ -795,7 +901,7 @@ describe('Login', () => {
       });
 
       // Should render biometric button when biometric is available
-      expect(getByTestId(LoginViewSelectors.BIOMETRY_BUTTON)).toBeTruthy();
+      expect(getByTestId(LoginViewSelectors.BIOMETRY_BUTTON)).toBeOnTheScreen();
     });
 
     it('biometric button is not shown when device is locked', async () => {
@@ -860,7 +966,8 @@ describe('Login', () => {
       jest.clearAllMocks();
     });
 
-    it('should handle WRONG_PASSWORD_ERROR', async () => {
+    it('displays invalid password error when decryption fails', async () => {
+      // Arrange
       mockRoute.mockReturnValue({
         params: {
           locked: false,
@@ -880,15 +987,17 @@ describe('Login', () => {
       const { getByTestId } = renderWithProvider(<Login />);
       const passwordInput = getByTestId(LoginViewSelectors.PASSWORD_INPUT);
 
+      // Act
       await act(async () => {
         fireEvent.changeText(passwordInput, 'valid-password123');
       });
       await act(async () => {
         fireEvent(passwordInput, 'submitEditing');
       });
 
+      // Assert
       const errorElement = getByTestId(LoginViewSelectors.PASSWORD_ERROR);
-      expect(errorElement).toBeTruthy();
+      expect(errorElement).toBeOnTheScreen();
       expect(errorElement.props.children).toEqual(
         strings('login.invalid_password'),
       );
@@ -910,7 +1019,7 @@ describe('Login', () => {
       expect(rehydrationCall).toBeDefined();
     });
 
-    it('should handle WRONG_PASSWORD_ERROR_ANDROID', async () => {
+    it('displays invalid password error for Android BAD_DECRYPT error', async () => {
       mockRoute.mockReturnValue({
         params: {
           locked: false,
@@ -940,7 +1049,7 @@ describe('Login', () => {
       });
 
       const errorElement = getByTestId(LoginViewSelectors.PASSWORD_ERROR);
-      expect(errorElement).toBeTruthy();
+      expect(errorElement).toBeOnTheScreen();
       expect(errorElement.props.children).toEqual(
         strings('login.invalid_password'),
       );
@@ -962,7 +1071,7 @@ describe('Login', () => {
       expect(rehydrationCall).toBeDefined();
     });
 
-    it('should handle WRONG_PASSWORD_ERROR_ANDROID_2', async () => {
+    it('displays invalid password error for Android DoCipher error', async () => {
       mockRoute.mockReturnValue({
         params: {
           locked: false,
@@ -990,7 +1099,7 @@ describe('Login', () => {
       });
 
       const errorElement = getByTestId(LoginViewSelectors.PASSWORD_ERROR);
-      expect(errorElement).toBeTruthy();
+      expect(errorElement).toBeOnTheScreen();
       expect(errorElement.props.children).toEqual(
         strings('login.invalid_password'),
       );
@@ -1012,7 +1121,7 @@ describe('Login', () => {
       expect(rehydrationCall).toBeDefined();
     });
 
-    it('should handle PASSWORD_REQUIREMENTS_NOT_MET error', async () => {
+    it('displays invalid password error when password requirements not met', async () => {
       mockRoute.mockReturnValue({
         params: {
           locked: false,
@@ -1040,7 +1149,7 @@ describe('Login', () => {
       });
 
       const errorElement = getByTestId(LoginViewSelectors.PASSWORD_ERROR);
-      expect(errorElement).toBeTruthy();
+      expect(errorElement).toBeOnTheScreen();
       expect(errorElement.props.children).toEqual(
         strings('login.invalid_password'),
       );
@@ -1054,7 +1163,7 @@ describe('Login', () => {
       expect(rehydrationCall).toBeUndefined();
     });
 
-    it('should handle generic error (else case)', async () => {
+    it('displays generic error message for unexpected errors', async () => {
       (Authentication.userEntryAuth as jest.Mock).mockRejectedValue(
         new Error('Some unexpected error'),
       );
@@ -1070,13 +1179,13 @@ describe('Login', () => {
       });
 
       const errorElement = getByTestId(LoginViewSelectors.PASSWORD_ERROR);
-      expect(errorElement).toBeTruthy();
+      expect(errorElement).toBeOnTheScreen();
       expect(errorElement.props.children).toEqual(
         'Error: Some unexpected error',
       );
     });
 
-    it('should handle OnboardingPasswordLoginError trace during onboarding flow', async () => {
+    it('traces OnboardingPasswordLoginError during onboarding flow', async () => {
       mockRoute.mockReturnValue({
         params: {
           locked: false,
@@ -1100,7 +1209,7 @@ describe('Login', () => {
       });
 
       const errorElement = getByTestId(LoginViewSelectors.PASSWORD_ERROR);
-      expect(errorElement).toBeTruthy();
+      expect(errorElement).toBeOnTheScreen();
       expect(errorElement.props.children).toEqual(
         'Error: Some unexpected error',
       );
@@ -1131,7 +1240,7 @@ describe('Login', () => {
       jest.clearAllMocks();
     });
 
-    it('should handle PASSCODE_NOT_SET_ERROR with alert', async () => {
+    it('displays alert when passcode not set', async () => {
       const mockAlert = jest
         .spyOn(Alert, 'alert')
         .mockImplementation(() => undefined);
@@ -1220,7 +1329,8 @@ describe('Login', () => {
       });
     });
 
-    it('handle biometric authentication failure', async () => {
+    it('does not navigate when biometric authentication fails', async () => {
+      // Arrange
       (passcodeType as jest.Mock).mockReturnValueOnce('device_passcode');
       (Authentication.getType as jest.Mock).mockResolvedValueOnce({
         currentAuthType: AUTHENTICATION_TYPE.PASSCODE,
@@ -1239,13 +1349,14 @@ describe('Login', () => {
 
       const biometryButton = getByTestId(LoginViewSelectors.BIOMETRY_BUTTON);
 
+      // Act
       await act(async () => {
         fireEvent.press(biometryButton);
       });
 
+      // Assert
       expect(Authentication.appTriggeredAuth).toHaveBeenCalled();
       expect(mockReplace).not.toHaveBeenCalled();
-      expect(biometryButton).toBeTruthy();
     });
   });