npm - @oxyhq/services - Versions diffs - 5.16.40 → 5.16.41 - Mend

@oxyhq/services 5.16.40 → 5.16.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (267) hide show

package/lib/module/ui/context/OxyContext.js CHANGED Viewed

@@ -1,7 +1,6 @@
 "use strict";
-import { createContext, useCallback, useContext, useEffect, useLayoutEffect, useMemo, useRef, useState } from 'react';
-import { Platform } from 'react-native';
+import { createContext, useCallback, useContext, useEffect, useMemo, useRef, useState } from 'react';
 import { OxyServices } from '../../core';
 import { toast } from '../../lib/sonner';
 import { useAuthStore } from '../stores/authStore';
@@ -9,49 +8,20 @@ import { useShallow } from 'zustand/react/shallow';
 import { useSessionSocket } from '../hooks/useSessionSocket';
 import { useStorage } from '../hooks/useStorage';
 import { useLanguageManagement } from '../hooks/useLanguageManagement';
-import { useSessionManagement } from '../hooks/useSessionManagement';
-import { useAuthOperations } from './hooks/useAuthOperations';
-import { useDeviceManagement } from '../hooks/useDeviceManagement';
 import { getStorageKeys } from '../utils/storageHelpers';
 import { isInvalidSessionError, isTimeoutOrNetworkError } from '../utils/errorHandlers';
 import { showBottomSheet as globalShowBottomSheet } from '../navigation/bottomSheetManager';
 import { useQueryClient } from '@tanstack/react-query';
 import { clearQueryCache } from '../hooks/queryClient';
-import { KeyManager } from '../../crypto';
-import { translate } from '../../i18n';
-import { updateAvatarVisibility, updateProfileWithAvatar } from '../utils/avatarUtils';
+import { createIdentitySessionCore } from '../../core/identity-session';
 import { useAccountStore } from '../stores/accountStore';
-import { logger as loggerUtil } from '../../utils/loggerUtils';
-import { useTransferStore, useTransferCodesForPersistence } from '../stores/transferStore';
+import { useTransferStore } from '../stores/transferStore';
 import { useCheckPendingTransfers } from '../hooks/useTransferQueries';
+import { useTransferCodesPersistence } from '../hooks/useTransferCodesPersistence';
+import { useIdentityTransfer } from '../hooks/useIdentityTransfer';
+import { useAvatarPicker } from '../hooks/useAvatarPicker';
 import { jsx as _jsx } from "react/jsx-runtime";
 const OxyContext = /*#__PURE__*/createContext(null);
-let cachedUseFollowHook = null;
-const loadUseFollowHook = () => {
-  if (cachedUseFollowHook) {
-    return cachedUseFollowHook;
-  }
-  try {
-    // eslint-disable-next-line @typescript-eslint/no-var-requires
-    const {
-      useFollow
-    } = require('../hooks/useFollow');
-    cachedUseFollowHook = useFollow;
-    return cachedUseFollowHook;
-  } catch (error) {
-    if (__DEV__) {
-      loggerUtil.warn('useFollow hook is not available. Please import useFollow from @oxyhq/services directly.', {
-        component: 'OxyContext',
-        method: 'loadUseFollowHook'
-      }, error);
-    }
-    const fallback = () => {
-      throw new Error('useFollow hook is only available in the UI bundle. Import it from @oxyhq/services.');
-    };
-    cachedUseFollowHook = fallback;
-    return cachedUseFollowHook;
-  }
-};
 export const OxyProvider = ({
   children,
   oxyServices: providedOxyServices,
@@ -101,7 +71,6 @@ export const OxyProvider = ({
     setSyncing: state.setSyncing
   })));
   const [tokenReady, setTokenReady] = useState(true);
-  const initializedRef = useRef(false);
   const setAuthState = useAuthStore.setState;
   const logger = useCallback((message, err) => {
     if (__DEV__) {
@@ -121,55 +90,29 @@ export const OxyProvider = ({
     logger
   });
-  // Invalidate KeyManager cache on mount to prevent stale cache issues
-  // useLayoutEffect runs synchronously after render but before paint, ensuring cache
-  // invalidation happens before any async operations start
-  useLayoutEffect(() => {
-    if (Platform.OS !== 'web') {
-      KeyManager.invalidateCache();
-    }
-  }, []);
-  // Identity integrity check and auto-restore on startup
-  // Skip on web platform - identity storage is only available on native platforms
+  // Initialize Identity Session Core
+  const [identityCore, setIdentityCore] = useState(null);
+  const [isCoreInitialized, setIsCoreInitialized] = useState(false);
   useEffect(() => {
-    if (!storage || !isStorageReady) return;
-    if (Platform.OS === 'web') return; // Identity operations are native-only
-    const checkAndRestoreIdentity = async () => {
+    let mounted = true;
+    const initCore = async () => {
       try {
-        // Cache was already invalidated synchronously above
-        // Check if identity exists and verify integrity
-        const hasIdentity = await KeyManager.hasIdentity();
-        if (hasIdentity) {
-          const isValid = await KeyManager.verifyIdentityIntegrity();
-          if (!isValid) {
-            // Try to restore from backup (cache will be invalidated inside restoreIdentityFromBackup)
-            const restored = await KeyManager.restoreIdentityFromBackup();
-            if (__DEV__) {
-              logger(restored ? 'Identity restored from backup successfully' : 'Identity integrity check failed - user may need to restore from backup file');
-            }
-          } else {
-            // Identity is valid - ensure backup is up to date
-            await KeyManager.backupIdentity();
-          }
-        } else {
-          // No identity - try to restore from backup (cache will be invalidated inside restoreIdentityFromBackup)
-          const restored = await KeyManager.restoreIdentityFromBackup();
-          if (restored && __DEV__) {
-            logger('Identity restored from backup on startup');
-          }
+        const core = await createIdentitySessionCore(oxyServices.getBaseURL() || baseURL);
+        if (mounted) {
+          setIdentityCore(core);
+          setIsCoreInitialized(true);
         }
       } catch (error) {
         if (__DEV__) {
-          logger('Error during identity integrity check', error);
+          logger('Failed to initialize identity session core', error);
         }
-        // Don't block app startup - user can recover with backup file
       }
     };
-    checkAndRestoreIdentity();
-  }, [storage, isStorageReady, logger]);
+    initCore();
+    return () => {
+      mounted = false;
+    };
+  }, [oxyServices, baseURL, logger]);
   const {
     currentLanguage,
     metadata: currentLanguageMetadata,
@@ -184,70 +127,112 @@ export const OxyProvider = ({
     logger
   });
   const queryClient = useQueryClient();
-  const {
-    sessions,
-    activeSessionId,
-    setActiveSessionId: setActiveSessionIdFromHook,
-    updateSessions,
-    switchSession,
-    refreshSessions,
-    clearSessionState,
-    saveActiveSessionId,
-    trackRemovedSession
-  } = useSessionManagement({
-    oxyServices,
-    storage,
-    storageKeyPrefix,
-    loginSuccess,
-    logoutStore,
-    applyLanguagePreference,
-    onAuthStateChange,
-    onError,
-    setAuthError: message => setAuthState({
-      error: message
-    }),
-    logger,
-    setTokenReady,
-    queryClient
-  });
-  const {
-    createIdentity,
-    importIdentity: importIdentityBase,
-    signIn,
-    logout,
-    logoutAll,
-    hasIdentity,
-    getPublicKey,
-    isIdentitySynced,
-    syncIdentity: syncIdentityBase
-  } = useAuthOperations({
-    oxyServices,
-    storage,
-    sessions,
-    activeSessionId,
-    setActiveSessionId: setActiveSessionIdFromHook,
-    updateSessions,
-    saveActiveSessionId,
-    clearSessionState,
-    switchSession,
-    applyLanguagePreference,
-    onAuthStateChange,
-    onError,
-    loginSuccess,
-    loginFailure,
-    logoutStore,
-    setAuthState,
-    setIdentitySynced,
-    setSyncing,
-    logger
-  });
-  // syncIdentity - TanStack Query handles offline mutations automatically
-  const syncIdentity = useCallback(() => syncIdentityBase(), [syncIdentityBase]);
+  // Session state management using core
+  const [sessions, setSessions] = useState([]);
+  const [activeSessionId, setActiveSessionId] = useState(null);
+  // Load sessions from core
+  const loadSessionsFromCore = useCallback(async () => {
+    if (!identityCore || !isCoreInitialized) return;
+    try {
+      const coreSessions = await identityCore.getAllSessions();
+      const activeId = await identityCore.getActiveSessionId();
+      // Convert core sessions to ClientSession format
+      const clientSessions = coreSessions.map(s => ({
+        deviceInfo: s.deviceInfo,
+        sessionId: s.sessionId,
+        deviceId: s.deviceId,
+        userId: s.userId,
+        expiresAt: s.expiresAt,
+        lastActive: s.lastActive,
+        isCurrent: s.isCurrent || false
+      }));
+      setSessions(clientSessions);
+      setActiveSessionId(activeId);
+    } catch (error) {
+      if (__DEV__) {
+        logger('Failed to load sessions from core', error);
+      }
+    }
+  }, [identityCore, isCoreInitialized, logger]);
+  // Load sessions when core is initialized
+  useEffect(() => {
+    if (isCoreInitialized) {
+      loadSessionsFromCore();
+    }
+  }, [isCoreInitialized, loadSessionsFromCore]);
+  // Subscribe to core events
+  useEffect(() => {
+    if (!identityCore || !isCoreInitialized) return;
+    const unsubscribe = identityCore.subscribe(event => {
+      if (event.type === 'session:created' || event.type === 'session:refreshed' || event.type === 'session:invalidated' || event.type === 'session:all-invalidated') {
+        loadSessionsFromCore();
+      }
+    });
+    return unsubscribe;
+  }, [identityCore, isCoreInitialized, loadSessionsFromCore]);
+  // Identity operations using core
+  const hasIdentity = useCallback(async () => {
+    if (!identityCore || !isCoreInitialized) return false;
+    return await identityCore.hasIdentity();
+  }, [identityCore, isCoreInitialized]);
+  const getPublicKey = useCallback(async () => {
+    if (!identityCore || !isCoreInitialized) return null;
+    return await identityCore.getPublicKey();
+  }, [identityCore, isCoreInitialized]);
+  const isIdentitySynced = useCallback(async () => {
+    if (!storage) return false;
+    const synced = await storage.getItem('oxy_identity_synced');
+    return synced === 'true';
+  }, [storage]);
+  const createIdentity = useCallback(async username => {
+    if (!identityCore || !isCoreInitialized) {
+      throw new Error('Identity core not initialized');
+    }
+    setSyncing(true);
+    try {
+      // Create identity using core
+      const identity = await identityCore.createIdentity(username);
-  // Wrapper for importIdentity to handle legacy calls gracefully
+      // Try to register with backend
+      let synced = false;
+      try {
+        const {
+          signature,
+          publicKey,
+          timestamp
+        } = await identityCore.createRegistrationSignature();
+        const result = await oxyServices.register(publicKey, signature, timestamp, username);
+        if (result?.user) {
+          loginSuccess(result.user);
+          synced = true;
+          await storage?.setItem('oxy_identity_synced', 'true');
+          setIdentitySynced(true);
+        }
+      } catch (error) {
+        // Registration failed (likely offline) - identity still created locally
+        if (__DEV__) {
+          logger('Failed to register identity with backend (offline mode)', error);
+        }
+      }
+      return {
+        synced
+      };
+    } finally {
+      setSyncing(false);
+    }
+  }, [identityCore, isCoreInitialized, oxyServices, storage, loginSuccess, setIdentitySynced, setSyncing, logger]);
   const importIdentity = useCallback(async (backupData, password) => {
-    // Handle legacy calls with single string argument (old recovery phrase signature)
+    if (!identityCore || !isCoreInitialized) {
+      throw new Error('Identity core not initialized');
+    }
+    // Handle legacy calls with single string argument
     if (typeof backupData === 'string') {
       throw new Error('Recovery phrase import is no longer supported. Please use backup file import or QR code transfer instead.');
     }
@@ -256,90 +241,279 @@ export const OxyProvider = ({
     if (!password || typeof password !== 'string') {
       throw new Error('Password is required for backup file import.');
     }
-    return importIdentityBase(backupData, password);
-  }, [importIdentityBase]);
+    setSyncing(true);
+    try {
+      // Import identity using core
+      const identity = await identityCore.importIdentity(backupData, password);
-  // Storage keys for transfer codes
-  const TRANSFER_CODES_STORAGE_KEY = `${storageKeyPrefix}_transfer_codes`;
-  const ACTIVE_TRANSFER_STORAGE_KEY = `${storageKeyPrefix}_active_transfer_id`;
+      // Try to register with backend if not already registered
+      let synced = false;
+      try {
+        const {
+          signature,
+          publicKey,
+          timestamp
+        } = await identityCore.createRegistrationSignature();
+        const result = await oxyServices.register(publicKey, signature, timestamp);
+        if (result?.user) {
+          loginSuccess(result.user);
+          synced = true;
+          await storage?.setItem('oxy_identity_synced', 'true');
+          setIdentitySynced(true);
+        }
+      } catch (error) {
+        // Check if user already exists (409 conflict)
+        if (error?.status === 409) {
+          // User already registered - try to sign in instead
+          try {
+            await signIn();
+            synced = true;
+            await storage?.setItem('oxy_identity_synced', 'true');
+            setIdentitySynced(true);
+          } catch (signInError) {
+            if (__DEV__) {
+              logger('Failed to sign in after import', signInError);
+            }
+          }
+        } else if (__DEV__) {
+          logger('Failed to register identity with backend (offline mode)', error);
+        }
+      }
+      return {
+        synced
+      };
+    } finally {
+      setSyncing(false);
+    }
+  }, [identityCore, isCoreInitialized, oxyServices, storage, loginSuccess, setIdentitySynced, setSyncing, logger]);
+  const syncIdentity = useCallback(async username => {
+    if (!identityCore || !isCoreInitialized) {
+      throw new Error('Identity core not initialized');
+    }
+    const publicKey = await identityCore.getPublicKey();
+    if (!publicKey) {
+      throw new Error('No identity found');
+    }
+    setSyncing(true);
+    try {
+      const {
+        signature,
+        publicKey: pk,
+        timestamp
+      } = await identityCore.createRegistrationSignature();
+      const result = await oxyServices.register(pk, signature, timestamp, username);
+      if (result?.user) {
+        loginSuccess(result.user);
+        await storage?.setItem('oxy_identity_synced', 'true');
+        setIdentitySynced(true);
+        return result.user;
+      }
+      throw new Error('Registration failed');
+    } catch (error) {
+      // Check if user already exists (409 conflict) - try to sign in
+      if (error?.status === 409) {
+        const user = await signIn();
+        await storage?.setItem('oxy_identity_synced', 'true');
+        setIdentitySynced(true);
+        return user;
+      }
+      throw error;
+    } finally {
+      setSyncing(false);
+    }
+  }, [identityCore, isCoreInitialized, oxyServices, storage, loginSuccess, setIdentitySynced, setSyncing]);
+  const signIn = useCallback(async deviceName => {
+    if (!identityCore || !isCoreInitialized) {
+      throw new Error('Identity core not initialized');
+    }
+    setAuthState({
+      isLoading: true
+    });
+    try {
+      // Create session using core
+      const session = await identityCore.createSession(deviceName);
-  // Clear all account data when identity is lost (for accounts app)
-  // In accounts app, identity = account, so losing identity means losing everything
-  const clearAllAccountData = useCallback(async () => {
-    if (__DEV__) {
-      logger('Clearing all account data - identity changed or lost');
+      // Get user from OxyServices
+      const user = await oxyServices.getUserBySession(session.sessionId);
+      if (!user) {
+        throw new Error('Failed to get user data');
+      }
+      // Set token in OxyServices
+      if (session.accessToken) {
+        oxyServices.setTokens(session.accessToken, session.refreshToken || undefined);
+      }
+      // Update state
+      loginSuccess(user);
+      await loadSessionsFromCore();
+      onAuthStateChange?.(user);
+      await applyLanguagePreference(user);
+      setTokenReady(true);
+      return user;
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      loginFailure(errorMessage);
+      throw error;
+    } finally {
+      setAuthState({
+        isLoading: false
+      });
     }
+  }, [identityCore, isCoreInitialized, oxyServices, loginSuccess, loginFailure, setAuthState, loadSessionsFromCore, onAuthStateChange, applyLanguagePreference, setTokenReady]);
+  // Session management functions
+  const clearSessionState = useCallback(async () => {
+    setSessions([]);
+    setActiveSessionId(null);
+    logoutStore();
+    onAuthStateChange?.(null);
-    // Clear TanStack Query cache (in-memory)
+    // Clear TanStack Query cache
     queryClient.clear();
-    // Clear persisted query cache
+    // Clear persisted query cache and session storage
     if (storage) {
       try {
         await clearQueryCache(storage);
+        await storage.removeItem(storageKeys.activeSessionId);
+        await storage.removeItem(storageKeys.sessionIds);
+        await storage.removeItem('oxy_identity_synced').catch(() => {});
       } catch (error) {
-        logger('Failed to clear persisted query cache', error);
+        if (__DEV__) {
+          logger('Failed to clear session storage', error);
+        }
+      }
+    }
+  }, [logoutStore, onAuthStateChange, queryClient, storage, storageKeys, logger]);
+  const logout = useCallback(async targetSessionId => {
+    if (!identityCore || !isCoreInitialized) return;
+    try {
+      await identityCore.invalidateSession(targetSessionId);
+      await loadSessionsFromCore();
+      await clearSessionState();
+      setTokenReady(false);
+    } catch (error) {
+      if (__DEV__) {
+        logger('Failed to logout', error);
+      }
+    }
+  }, [identityCore, isCoreInitialized, loadSessionsFromCore, clearSessionState, setTokenReady, logger]);
+  const logoutAll = useCallback(async () => {
+    if (!identityCore || !isCoreInitialized) return;
+    try {
+      await identityCore.invalidateAllSessions();
+      await loadSessionsFromCore();
+      await clearSessionState();
+      setTokenReady(false);
+    } catch (error) {
+      if (__DEV__) {
+        logger('Failed to logout all', error);
+      }
+    }
+  }, [identityCore, isCoreInitialized, loadSessionsFromCore, clearSessionState, setTokenReady, logger]);
+  const switchSession = useCallback(async sessionId => {
+    if (!identityCore || !isCoreInitialized) {
+      throw new Error('Identity core not initialized');
+    }
+    try {
+      // Validate session
+      const validation = await oxyServices.validateSession(sessionId, {
+        useHeaderValidation: true
+      });
+      if (!validation?.valid || !validation.user) {
+        throw new Error('Session is invalid or expired');
+      }
+      const user = validation.user;
+      // Get token for this session
+      await oxyServices.getTokenBySession(sessionId);
+      // Update active session in core
+      const sessionManager = identityCore.getSessionManager();
+      await sessionManager.setActiveSessionId(sessionId);
+      // Update local state
+      setActiveSessionId(sessionId);
+      loginSuccess(user);
+      await applyLanguagePreference(user);
+      onAuthStateChange?.(user);
+      setTokenReady(true);
+      await loadSessionsFromCore();
+      return user;
+    } catch (error) {
+      if (isInvalidSessionError(error)) {
+        // Remove invalid session from list
+        setSessions(prev => prev.filter(s => s.sessionId !== sessionId));
+        if (sessionId === activeSessionId) {
+          await clearSessionState();
+        }
       }
+      throw error;
     }
+  }, [identityCore, isCoreInitialized, oxyServices, loginSuccess, applyLanguagePreference, onAuthStateChange, setTokenReady, loadSessionsFromCore, activeSessionId, clearSessionState]);
+  const refreshSessions = useCallback(async () => {
+    if (!identityCore || !isCoreInitialized || !activeSessionId) return;
+    try {
+      // Refresh current session
+      await identityCore.refreshSession();
-    // Clear session state (sessions, activeSessionId, storage)
+      // Reload sessions from core
+      await loadSessionsFromCore();
+    } catch (error) {
+      if (isInvalidSessionError(error)) {
+        await clearSessionState();
+      } else if (__DEV__) {
+        logger('Failed to refresh sessions', error);
+      }
+    }
+  }, [identityCore, isCoreInitialized, activeSessionId, loadSessionsFromCore, clearSessionState, logger]);
+  // Device management functions
+  const getDeviceSessions = useCallback(async () => {
+    if (!activeSessionId) throw new Error('No active session');
+    return await oxyServices.getDeviceSessions(activeSessionId);
+  }, [activeSessionId, oxyServices]);
+  const logoutAllDeviceSessions = useCallback(async () => {
+    if (!activeSessionId) throw new Error('No active session');
+    await oxyServices.logoutAllDeviceSessions(activeSessionId);
     await clearSessionState();
+  }, [activeSessionId, oxyServices, clearSessionState]);
+  const updateDeviceName = useCallback(async deviceName => {
+    if (!identityCore || !isCoreInitialized || !activeSessionId) {
+      throw new Error('Identity core not initialized or no active session');
+    }
+    await oxyServices.updateDeviceName(activeSessionId, deviceName);
-    // Clear identity sync state from storage
+    // Update device name in core
+    const deviceManager = identityCore.getDeviceManager();
+    await deviceManager.updateDeviceName(deviceName);
+  }, [identityCore, isCoreInitialized, activeSessionId, oxyServices]);
+  useTransferCodesPersistence(storageKeyPrefix);
+  const clearAllAccountData = useCallback(async () => {
+    if (__DEV__) logger('Clearing all account data - identity changed or lost');
+    queryClient.clear();
+    await clearSessionState();
     if (storage) {
       try {
+        await clearQueryCache(storage);
         await storage.removeItem('oxy_identity_synced');
       } catch (error) {
-        logger('Failed to clear identity sync state', error);
+        logger('Failed to clear persisted data', error);
       }
     }
-    // Reset auth store identity sync state
     useAuthStore.getState().setIdentitySynced(false);
     useAuthStore.getState().setSyncing(false);
-    // Reset account store
     useAccountStore.getState().reset();
-    // CRITICAL: Clear ALL transfer codes and active transfer state
-    // This prevents transfer state from previous identity from lingering
-    if (storage) {
-      try {
-        await storage.removeItem(TRANSFER_CODES_STORAGE_KEY);
-        await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
-        // Also clear Zustand transfer store
-        useTransferStore.getState().clearAll();
-        if (__DEV__) {
-          logger('Cleared all transfer state');
-        }
-      } catch (error) {
-        logger('Failed to clear transfer state', error);
-      }
-    }
-    // Clear HTTP service cache
+    useTransferStore.getState().clearAll();
     oxyServices.clearCache();
+    identityCore?.getIdentityManager().invalidateCache();
+  }, [queryClient, storage, clearSessionState, logger, oxyServices, identityCore]);
-    // Force KeyManager cache invalidation
-    KeyManager.invalidateCache();
-  }, [queryClient, storage, clearSessionState, logger, oxyServices, TRANSFER_CODES_STORAGE_KEY, ACTIVE_TRANSFER_STORAGE_KEY]);
-  // Extract Zustand store functions early (before they're used in callbacks)
-  const getAllPendingTransfersStore = useTransferStore(state => state.getAllPendingTransfers);
-  const getActiveTransferIdStore = useTransferStore(state => state.getActiveTransferId);
-  const storeTransferCodeStore = useTransferStore(state => state.storeTransferCode);
-  const getTransferCodeStore = useTransferStore(state => state.getTransferCode);
-  const updateTransferStateStore = useTransferStore(state => state.updateTransferState);
-  const clearTransferCodeStore = useTransferStore(state => state.clearTransferCode);
-  // Transfer code management functions (must be defined before deleteIdentityAndClearAccount)
-  const getAllPendingTransfers = useCallback(() => {
-    return getAllPendingTransfersStore();
-  }, [getAllPendingTransfersStore]);
-  const getActiveTransferId = useCallback(() => {
-    return getActiveTransferIdStore();
-  }, [getActiveTransferIdStore]);
+  // Get transfer store functions (used in deleteIdentityAndClearAccount)
+  const getAllPendingTransfers = useTransferStore(state => state.getAllPendingTransfers);
+  const getActiveTransferId = useTransferStore(state => state.getActiveTransferId);
+  const getTransferCode = useTransferStore(state => state.getTransferCode);
   // Delete identity and clear all account data
   // In accounts app, deleting identity means losing the account completely
@@ -361,659 +535,106 @@ export const OxyProvider = ({
     await clearAllAccountData();
     // Then delete the identity keys
-    await KeyManager.deleteIdentity(skipBackup, force, userConfirmed);
-  }, [clearAllAccountData, getAllPendingTransfers, getActiveTransferId]);
-  // Network reconnect sync - TanStack Query automatically retries mutations on reconnect
-  // We only need to sync identity if it's not synced
-  useEffect(() => {
-    if (!storage) return;
-    let wasOffline = false;
-    let checkTimeout = null;
-    let lastReconnectionLog = 0;
-    const RECONNECTION_LOG_DEBOUNCE_MS = 5000; // 5 seconds
-    // Circuit breaker and exponential backoff state
-    const stateRef = {
-      consecutiveFailures: 0,
-      currentInterval: 10000,
-      // Start with 10 seconds
-      baseInterval: 10000,
-      // Base interval in milliseconds
-      maxInterval: 60000,
-      // Maximum interval (60 seconds)
-      maxFailures: 5 // Circuit breaker threshold
-    };
-    const scheduleNextCheck = () => {
-      if (checkTimeout) {
-        clearTimeout(checkTimeout);
-      }
-      checkTimeout = setTimeout(() => {
-        checkNetworkAndSync();
-      }, stateRef.currentInterval);
-    };
-    const checkNetworkAndSync = async () => {
-      try {
-        // Try a lightweight health check to see if we're online
-        await oxyServices.healthCheck().catch(() => {
-          wasOffline = true;
-          throw new Error('Health check failed');
-        });
-        // Health check succeeded - reset circuit breaker and backoff
-        if (stateRef.consecutiveFailures > 0) {
-          stateRef.consecutiveFailures = 0;
-          stateRef.currentInterval = stateRef.baseInterval;
-        }
-        // If we were offline and now we're online, sync identity if needed
-        if (wasOffline) {
-          const now = Date.now();
-          const timeSinceLastLog = now - lastReconnectionLog;
-          if (timeSinceLastLog >= RECONNECTION_LOG_DEBOUNCE_MS) {
-            logger('Network reconnected, checking identity sync...');
-            lastReconnectionLog = now;
-            // Sync identity first (if not synced)
-            try {
-              const hasIdentityValue = await hasIdentity();
-              if (hasIdentityValue) {
-                // Check sync status directly - sync if not explicitly 'true'
-                // undefined = not synced yet, 'false' = explicitly not synced, 'true' = synced
-                const syncStatus = await storage.getItem('oxy_identity_synced');
-                if (syncStatus !== 'true') {
-                  await syncIdentity();
-                }
-              }
-            } catch (syncError) {
-              // Skip sync silently if username is required (expected when offline onboarding)
-              if (syncError?.code === 'USERNAME_REQUIRED' || syncError?.message === 'USERNAME_REQUIRED') {
-                if (__DEV__) {
-                  loggerUtil.debug('Sync skipped - username required', {
-                    component: 'OxyContext',
-                    method: 'checkNetworkAndSync'
-                  }, syncError);
-                }
-                // Don't log or show error - username will be set later
-              } else if (!isTimeoutOrNetworkError(syncError)) {
-                // Only log unexpected errors - timeouts/network issues are expected when offline
-                logger('Error syncing identity on reconnect', syncError);
-              } else if (__DEV__) {
-                loggerUtil.debug('Identity sync timeout (expected when offline)', {
-                  component: 'OxyContext',
-                  method: 'checkNetworkAndSync'
-                }, syncError);
-              }
-            }
-            // Check for pending transfers that may have completed while offline
-            // This is handled by useCheckPendingTransfers hook which runs automatically
-            // when authenticated and online
-          }
-          // TanStack Query will automatically retry pending mutations
-          // Reset flag immediately after processing (whether logged or not)
-          wasOffline = false;
-        }
-      } catch (error) {
-        // Network check failed - we're offline
-        wasOffline = true;
-        // Increment failure count and apply exponential backoff
-        stateRef.consecutiveFailures++;
-        // Calculate new interval with exponential backoff, capped at maxInterval
-        const backoffMultiplier = Math.min(Math.pow(2, stateRef.consecutiveFailures - 1), stateRef.maxInterval / stateRef.baseInterval);
-        stateRef.currentInterval = Math.min(stateRef.baseInterval * backoffMultiplier, stateRef.maxInterval);
-        // If we hit the circuit breaker threshold, use max interval
-        if (stateRef.consecutiveFailures >= stateRef.maxFailures) {
-          stateRef.currentInterval = stateRef.maxInterval;
-        }
-      } finally {
-        // Always schedule next check (will use updated interval)
-        scheduleNextCheck();
-      }
-    };
-    // Check immediately
-    checkNetworkAndSync();
-    return () => {
-      if (checkTimeout) {
-        clearTimeout(checkTimeout);
-      }
-    };
-  }, [oxyServices, storage, syncIdentity, logger, hasIdentity]);
-  const {
-    getDeviceSessions,
-    logoutAllDeviceSessions,
-    updateDeviceName
-  } = useDeviceManagement({
-    oxyServices,
-    activeSessionId,
-    onError,
-    clearSessionState,
-    logger
-  });
-  const useFollowHook = loadUseFollowHook();
-  const restoreSessionsFromStorage = useCallback(async () => {
-    if (!storage) {
-      return;
+    if (identityCore) {
+      await identityCore.deleteIdentity(skipBackup, force, userConfirmed);
+    } else {
+      throw new Error('Identity core not initialized');
     }
+  }, [clearAllAccountData, identityCore, getAllPendingTransfers, getActiveTransferId]);
+  const restoreSessionsFromStorage = useCallback(async () => {
+    if (!identityCore || !isCoreInitialized) return;
     setTokenReady(false);
     try {
-      // CRITICAL: Get current identity's public key first
-      // Only restore sessions that belong to this identity
-      // Force cache invalidation to ensure we get the actual current identity
-      KeyManager.invalidateCache();
-      const currentPublicKey = await KeyManager.getPublicKey().catch(() => null);
-      const storedSessionIdsJson = await storage.getItem(storageKeys.sessionIds);
-      const storedSessionIds = storedSessionIdsJson ? JSON.parse(storedSessionIdsJson) : [];
-      const storedActiveSessionId = await storage.getItem(storageKeys.activeSessionId);
-      // If no identity exists, clear all sessions and return
-      if (!currentPublicKey) {
-        if (storedSessionIds.length > 0 || storedActiveSessionId) {
-          if (__DEV__) {
-            logger('No identity found - clearing all stored sessions to prevent cross-identity data leak');
-          }
-          await clearSessionState();
-        }
+      await loadSessionsFromCore();
+      const activeId = await identityCore.getActiveSessionId();
+      if (!activeId) {
         setTokenReady(true);
         return;
       }
-      if (__DEV__) {
-        logger('Restoring sessions for identity', {
-          publicKey: currentPublicKey.substring(0, 16) + '...',
-          sessionCount: storedSessionIds.length
-        });
-      }
-      const validSessions = [];
-      const invalidSessionIds = []; // Track invalid sessions for batch removal
-      if (storedSessionIds.length > 0) {
-        for (const sessionId of storedSessionIds) {
+      try {
+        await switchSession(activeId);
+      } catch (switchError) {
+        if (isTimeoutOrNetworkError(switchError)) {
           try {
-            const validation = await oxyServices.validateSession(sessionId, {
-              useHeaderValidation: true
+            const validation = await oxyServices.validateSession(activeId, {
+              useHeaderValidation: false
             });
             if (validation?.valid && validation.user) {
-              // CRITICAL: Verify session belongs to current identity
-              // Compare session's publicKey to current identity's publicKey
-              if (validation.user.publicKey !== currentPublicKey) {
-                // Session belongs to different identity - skip it and log warning
-                if (__DEV__) {
-                  logger('CRITICAL: Skipping session from different identity during restoration', {
-                    sessionPublicKey: validation.user.publicKey?.substring(0, 16) + '...',
-                    currentPublicKey: currentPublicKey.substring(0, 16) + '...',
-                    sessionId: sessionId.substring(0, 16) + '...'
-                  });
-                }
-                // Mark for batch removal
-                invalidSessionIds.push(sessionId);
-                continue;
-              }
-              const now = new Date();
-              validSessions.push({
-                sessionId,
-                deviceId: '',
-                expiresAt: new Date(now.getTime() + 7 * 24 * 60 * 60 * 1000).toISOString(),
-                lastActive: now.toISOString(),
-                userId: validation.user.id?.toString() ?? '',
-                isCurrent: sessionId === storedActiveSessionId
-              });
-            }
-          } catch (validationError) {
-            // Silently handle expected errors (invalid sessions, timeouts, network issues) during restoration
-            // Only log unexpected errors
-            if (!isInvalidSessionError(validationError) && !isTimeoutOrNetworkError(validationError)) {
-              logger('Session validation failed during init', validationError);
-            } else if (__DEV__ && isTimeoutOrNetworkError(validationError)) {
-              // Only log timeouts in dev mode for debugging
-              loggerUtil.debug('Session validation timeout (expected when offline)', {
-                component: 'OxyContext',
-                method: 'restoreSessionsFromStorage'
-              }, validationError);
-            }
-          }
-        }
-        // Batch remove invalid sessions from storage (performance optimization)
-        if (invalidSessionIds.length > 0) {
-          try {
-            // Use Set for O(n) lookup instead of O(n²) with includes()
-            const invalidSessionSet = new Set(invalidSessionIds);
-            const updatedIds = storedSessionIds.filter(id => !invalidSessionSet.has(id));
-            await storage.setItem(storageKeys.sessionIds, JSON.stringify(updatedIds));
-            if (__DEV__) {
-              logger('Removed invalid sessions from storage', {
-                count: invalidSessionIds.length
-              });
-            }
-          } catch (cleanupError) {
-            // Ignore cleanup errors - will be cleaned on next restart
-            if (__DEV__) {
-              logger('Failed to remove invalid sessions from storage', cleanupError);
-            }
-          }
-        }
-        if (validSessions.length > 0) {
-          updateSessions(validSessions, {
-            merge: false
-          });
-        }
-      }
-      if (storedActiveSessionId) {
-        try {
-          await switchSession(storedActiveSessionId);
-        } catch (switchError) {
-          // Silently handle expected errors (invalid sessions, timeouts, network issues)
-          if (isInvalidSessionError(switchError)) {
-            await storage.removeItem(storageKeys.activeSessionId);
-            updateSessions(validSessions.filter(session => session.sessionId !== storedActiveSessionId), {
-              merge: false
-            });
-            // Don't log expected session errors during restoration
-          } else if (isTimeoutOrNetworkError(switchError)) {
-            // Timeout/network error - non-critical, don't block
-            // However, if we have valid sessions, we should still set activeSessionId
-            // so that isAuthenticated can be computed correctly
-            if (validSessions.length > 0) {
-              const matchingSession = validSessions.find(s => s.sessionId === storedActiveSessionId);
-              if (matchingSession) {
-                // Set active session even if validation timed out (offline scenario)
-                setActiveSessionIdFromHook(storedActiveSessionId);
-                // Try to get user from session if possible (might fail offline, but that's OK)
-                try {
-                  const validation = await oxyServices.validateSession(storedActiveSessionId, {
-                    useHeaderValidation: false
-                  });
-                  if (validation?.valid && validation.user) {
-                    loginSuccess(validation.user);
-                  }
-                } catch {
-                  // Ignore - we're offline, will sync when online
-                }
-              }
-            }
-            if (__DEV__) {
-              loggerUtil.debug('Active session validation timeout (expected when offline)', {
-                component: 'OxyContext',
-                method: 'restoreSessionsFromStorage'
-              }, switchError);
-            }
-          } else {
-            // Only log unexpected errors
-            logger('Active session validation error', switchError);
-          }
-        }
-      } else if (validSessions.length > 0) {
-        // No stored active session, but we have valid sessions - activate the first one
-        const firstSession = validSessions[0];
-        try {
-          await switchSession(firstSession.sessionId);
-        } catch (switchError) {
-          // If switch fails, at least set the activeSessionId so UI can show sessions
-          if (isTimeoutOrNetworkError(switchError)) {
-            setActiveSessionIdFromHook(firstSession.sessionId);
-            // Try to get user from session
-            try {
-              const validation = await oxyServices.validateSession(firstSession.sessionId, {
-                useHeaderValidation: false
-              });
-              if (validation?.valid && validation.user) {
-                loginSuccess(validation.user);
-              }
-            } catch {
-              // Ignore - offline scenario
+              loginSuccess(validation.user);
             }
+          } catch {
+            // Offline - will sync when online
           }
+        } else if (isInvalidSessionError(switchError)) {
+          await identityCore.invalidateSession(activeId);
+          await loadSessionsFromCore();
         }
       }
     } catch (error) {
-      if (__DEV__) {
-        loggerUtil.error('Auth init error', error instanceof Error ? error : new Error(String(error)), {
-          component: 'OxyContext',
-          method: 'restoreSessionsFromStorage'
-        });
-      }
+      if (__DEV__) logger('Failed to restore sessions from storage', error);
       await clearSessionState();
     } finally {
       setTokenReady(true);
     }
-  }, [clearSessionState, logger, oxyServices, storage, storageKeys.activeSessionId, storageKeys.sessionIds, switchSession, updateSessions, setActiveSessionIdFromHook, loginSuccess]);
+  }, [identityCore, isCoreInitialized, loadSessionsFromCore, switchSession, loginSuccess, clearSessionState, oxyServices, logger]);
+  // Restore sessions when core is initialized
   useEffect(() => {
-    if (!storage || initializedRef.current) {
-      return;
+    if (isCoreInitialized) {
+      void restoreSessionsFromStorage();
     }
-    initializedRef.current = true;
-    void restoreSessionsFromStorage();
-  }, [restoreSessionsFromStorage, storage]);
+  }, [isCoreInitialized, restoreSessionsFromStorage]);
   const activeSession = activeSessionId ? sessions.find(session => session.sessionId === activeSessionId) : undefined;
   const currentDeviceId = activeSession?.deviceId ?? null;
   // Compute isAuthenticated from actual session state, not just auth store
   // This ensures UI shows correct state even if loginSuccess wasn't called during restoration
-  const isAuthenticatedFromSessions = useMemo(() => {
-    return !!(activeSessionId && sessions.length > 0 && user);
-  }, [activeSessionId, sessions.length, user]);
-  // Use session-based authentication state if auth store says not authenticated but we have sessions
-  // This handles the case where sessions were restored but loginSuccess wasn't called
   const computedIsAuthenticated = useMemo(() => {
-    return isAuthenticatedFromStore || isAuthenticatedFromSessions;
-  }, [isAuthenticatedFromStore, isAuthenticatedFromSessions]);
-  // Get userId from JWT token (MongoDB ObjectId) for socket room matching
-  // user.id contains the MongoDB ObjectId, user.publicKey contains the cryptographic public key
+    return isAuthenticatedFromStore || !!(activeSessionId && sessions.length > 0 && user);
+  }, [isAuthenticatedFromStore, activeSessionId, sessions.length, user]);
   const userId = oxyServices.getCurrentUserId() || user?.id;
-  // Use Zustand store for transfer state management
-  // Storage keys are defined above (TRANSFER_CODES_STORAGE_KEY, ACTIVE_TRANSFER_STORAGE_KEY)
-  const isRestored = useTransferStore(state => state.isRestored);
-  const restoreFromStorage = useTransferStore(state => state.restoreFromStorage);
-  const markRestored = useTransferStore(state => state.markRestored);
-  const cleanupExpired = useTransferStore(state => state.cleanupExpired);
-  // Load transfer codes from storage on startup (only once)
-  useEffect(() => {
-    if (!storage || !isStorageReady || isRestored) return;
-    const loadTransferCodes = async () => {
-      try {
-        // Load transfer codes
-        const storedCodes = await storage.getItem(TRANSFER_CODES_STORAGE_KEY);
-        const storedActiveTransferId = await storage.getItem(ACTIVE_TRANSFER_STORAGE_KEY);
-        const parsedCodes = storedCodes ? JSON.parse(storedCodes) : {};
-        const activeTransferId = storedActiveTransferId || null;
-        // Restore to Zustand store (store handles validation and expiration)
-        restoreFromStorage(parsedCodes, activeTransferId);
-        markRestored();
-        if (__DEV__ && Object.keys(parsedCodes).length > 0) {
-          logger('Restored transfer codes from storage', {
-            count: Object.keys(parsedCodes).length,
-            hasActiveTransfer: !!activeTransferId
-          });
-        }
-      } catch (error) {
-        if (__DEV__) {
-          logger('Failed to load transfer codes from storage', error);
-        }
-        // Mark as restored even on error to prevent retries
-        markRestored();
-      }
-    };
-    loadTransferCodes();
-  }, [storage, isStorageReady, isRestored, restoreFromStorage, markRestored, logger, storageKeyPrefix]);
-  // Persist transfer codes to storage whenever store changes
-  const {
-    transferCodes,
-    activeTransferId
-  } = useTransferCodesForPersistence();
-  useEffect(() => {
-    if (!storage || !isStorageReady || !isRestored) return;
-    const persistTransferCodes = async () => {
-      try {
-        await storage.setItem(TRANSFER_CODES_STORAGE_KEY, JSON.stringify(transferCodes));
-        if (activeTransferId) {
-          await storage.setItem(ACTIVE_TRANSFER_STORAGE_KEY, activeTransferId);
-        } else {
-          await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
-        }
-      } catch (error) {
-        if (__DEV__) {
-          logger('Failed to persist transfer codes', error);
-        }
-      }
-    };
-    persistTransferCodes();
-  }, [transferCodes, activeTransferId, storage, isStorageReady, isRestored, logger]);
-  // Cleanup expired transfer codes (every minute)
-  useEffect(() => {
-    const cleanup = setInterval(() => {
-      cleanupExpired();
-    }, 60000); // Check every minute
-    return () => clearInterval(cleanup);
-  }, [cleanupExpired]);
-  // Transfer code management functions using Zustand store
-  const storeTransferCode = useCallback(async (transferId, code, sourceDeviceId, publicKey) => {
-    storeTransferCodeStore(transferId, code, sourceDeviceId, publicKey);
-    if (__DEV__) {
-      logger('Stored transfer code', {
-        transferId,
-        sourceDeviceId,
-        publicKey: publicKey.substring(0, 16) + '...'
-      });
-    }
-  }, [logger, storeTransferCodeStore]);
-  const getTransferCode = useCallback(transferId => {
-    return getTransferCodeStore(transferId);
-  }, [getTransferCodeStore]);
-  const updateTransferState = useCallback(async (transferId, state) => {
-    updateTransferStateStore(transferId, state);
-    if (__DEV__) {
-      logger('Updated transfer state', {
-        transferId,
-        state
-      });
-    }
-  }, [logger, updateTransferStateStore]);
-  const clearTransferCode = useCallback(async transferId => {
-    clearTransferCodeStore(transferId);
-    if (__DEV__) {
-      logger('Cleared transfer code', {
-        transferId
-      });
-    }
-  }, [logger, clearTransferCodeStore]);
-  const refreshSessionsWithUser = useCallback(() => refreshSessions(userId), [refreshSessions, userId]);
-  const handleSessionRemoved = useCallback(sessionId => {
-    trackRemovedSession(sessionId);
-  }, [trackRemovedSession]);
-  const handleRemoteSignOut = useCallback(() => {
-    toast.info('You have been signed out remotely.');
-    logout().catch(remoteError => logger('Failed to process remote sign out', remoteError));
-  }, [logger, logout]);
-  // Check pending transfers when authenticated and online using TanStack Query
-  // Check for pending transfers that may have completed while offline
-  // Results are processed via socket events (onIdentityTransferComplete), so we don't need to process query results here
   useCheckPendingTransfers(oxyServices, computedIsAuthenticated);
-  const handleIdentityTransferComplete = useCallback(async data => {
-    try {
-      logger('Received identity transfer complete notification', {
-        transferId: data.transferId,
-        sourceDeviceId: data.sourceDeviceId,
-        currentDeviceId,
-        hasActiveSession: activeSessionId !== null,
-        publicKey: data.publicKey.substring(0, 16) + '...'
-      });
-      const storedTransfer = getTransferCode(data.transferId);
-      if (!storedTransfer) {
-        logger('Transfer code not found for transferId', {
-          transferId: data.transferId
-        });
-        toast.error('Transfer verification failed: Code not found. Identity will not be deleted.');
-        return;
-      }
-      // Verify publicKey matches first (most important check)
-      const publicKeyMatches = data.publicKey === storedTransfer.publicKey;
-      if (!publicKeyMatches) {
-        logger('Public key mismatch for transfer', {
-          transferId: data.transferId,
-          receivedPublicKey: data.publicKey.substring(0, 16) + '...',
-          storedPublicKey: storedTransfer.publicKey.substring(0, 16) + '...'
-        });
-        toast.error('Transfer verification failed: Public key mismatch. Identity will not be deleted.');
-        return;
-      }
-      // Verify deviceId matches - very lenient since publicKey is the critical check
-      // If publicKey matches, we allow deletion even if deviceId doesn't match exactly
-      // This handles cases where deviceId might not be available or slightly different
-      const deviceIdMatches =
-      // Exact match
-      data.sourceDeviceId && data.sourceDeviceId === currentDeviceId ||
-      // Stored sourceDeviceId matches current deviceId
-      storedTransfer.sourceDeviceId && storedTransfer.sourceDeviceId === currentDeviceId;
-      // If publicKey matches, we're very lenient with deviceId - only warn but don't block
-      if (!deviceIdMatches && publicKeyMatches) {
-        logger('Device ID mismatch for transfer, but publicKey matches - proceeding with deletion', {
-          transferId: data.transferId,
-          receivedDeviceId: data.sourceDeviceId,
-          storedDeviceId: storedTransfer.sourceDeviceId,
-          currentDeviceId,
-          hasActiveSession: activeSessionId !== null
-        });
-        // Proceed with deletion - publicKey match is the critical verification
-      } else if (!deviceIdMatches && !publicKeyMatches) {
-        // Both don't match - this is suspicious, block deletion
-        logger('Device ID and publicKey mismatch for transfer', {
-          transferId: data.transferId,
-          receivedDeviceId: data.sourceDeviceId,
-          currentDeviceId
-        });
-        toast.error('Transfer verification failed: Device and key mismatch. Identity will not be deleted.');
-        return;
-      }
-      // Verify transfer code matches (if provided)
-      // Transfer code is optional - if not provided, we still proceed if publicKey matches
-      if (data.transferCode) {
-        const codeMatches = data.transferCode.toUpperCase() === storedTransfer.code.toUpperCase();
-        if (!codeMatches) {
-          logger('Transfer code mismatch, but publicKey matches - proceeding with deletion', {
-            transferId: data.transferId,
-            receivedCode: data.transferCode,
-            storedCode: storedTransfer.code.substring(0, 2) + '****'
-          });
-          // Don't block - publicKey match is sufficient, code mismatch might be due to user error
-          // Log warning but proceed
-        }
-      }
-      // Check if transfer is too old (safety timeout - 10 minutes)
-      const transferAge = Date.now() - storedTransfer.timestamp;
-      const tenMinutes = 10 * 60 * 1000;
-      if (transferAge > tenMinutes) {
-        logger('Transfer confirmation received too late', {
-          transferId: data.transferId,
-          age: transferAge,
-          ageMinutes: Math.round(transferAge / 60000)
-        });
-        toast.error('Transfer verification failed: Confirmation received too late. Identity will not be deleted.');
-        clearTransferCode(data.transferId);
-        return;
-      }
-      // NOTE: Target device verification already happened server-side when notifyTransferComplete was called
-      // The server verified that the target device is authenticated and has the matching public key
-      // Additional client-side verification is not necessary and would require source device authentication
-      // which may not be available. The existing checks (public key match, transfer code, device ID) are sufficient.
-      logger('All transfer verifications passed, deleting identity from source device', {
-        transferId: data.transferId,
-        sourceDeviceId: data.sourceDeviceId,
-        publicKey: data.publicKey.substring(0, 16) + '...'
-      });
-      try {
-        // Verify identity still exists before deletion (safety check)
-        const identityStillExists = await KeyManager.hasIdentity();
-        if (!identityStillExists) {
-          logger('Identity already deleted - skipping deletion', {
-            transferId: data.transferId
-          });
-          await updateTransferState(data.transferId, 'completed');
-          await clearTransferCode(data.transferId);
-          return;
-        }
-        await deleteIdentityAndClearAccount(false, false, true);
-        // Verify identity was actually deleted
-        const identityDeleted = !(await KeyManager.hasIdentity());
-        if (!identityDeleted) {
-          logger('Identity deletion failed - identity still exists', {
-            transferId: data.transferId
-          });
-          await updateTransferState(data.transferId, 'failed');
-          throw new Error('Identity deletion failed - identity still exists');
-        }
-        await updateTransferState(data.transferId, 'completed');
-        await clearTransferCode(data.transferId);
-        logger('Identity successfully deleted and transfer code cleared', {
-          transferId: data.transferId
-        });
-        toast.success('Identity successfully transferred and removed from this device');
-      } catch (deleteError) {
-        logger('Error during identity deletion', deleteError);
-        await updateTransferState(data.transferId, 'failed');
-        throw deleteError;
-      }
-    } catch (error) {
-      logger('Failed to delete identity after transfer', error);
-      toast.error(error?.message || 'Failed to remove identity from this device. Please try again manually from Security Settings.');
-    }
-  }, [deleteIdentityAndClearAccount, logger, getTransferCode, clearTransferCode, updateTransferState, currentDeviceId, activeSessionId, oxyServices]);
+  const {
+    handleIdentityTransferComplete
+  } = useIdentityTransfer({
+    identityCore,
+    currentDeviceId,
+    activeSessionId,
+    getPublicKey,
+    deleteIdentityAndClearAccount,
+    logger
+  });
   useSessionSocket({
     userId,
     activeSessionId,
     currentDeviceId,
-    refreshSessions: refreshSessionsWithUser,
+    refreshSessions,
     logout,
     clearSessionState,
     baseURL: oxyServices.getBaseURL(),
     getAccessToken: () => oxyServices.getAccessToken(),
     getTransferCode: getTransferCode,
-    onRemoteSignOut: handleRemoteSignOut,
-    onSessionRemoved: handleSessionRemoved,
+    onRemoteSignOut: () => {
+      toast.info('You have been signed out remotely.');
+      logout().catch(err => logger('Failed to process remote sign out', err));
+    },
+    onSessionRemoved: sessionId => {
+      setSessions(prev => prev.filter(s => s.sessionId !== sessionId));
+      if (sessionId === activeSessionId) {
+        setActiveSessionId(null);
+      }
+    },
     onIdentityTransferComplete: handleIdentityTransferComplete
   });
-  const switchSessionForContext = useCallback(async sessionId => {
-    await switchSession(sessionId);
-  }, [switchSession]);
-  // Create showBottomSheet function that uses the global function
-  const showBottomSheetForContext = useCallback(screenOrConfig => {
-    globalShowBottomSheet(screenOrConfig);
-  }, []);
-  // Create openAvatarPicker function
-  const openAvatarPicker = useCallback(() => {
-    showBottomSheetForContext({
-      screen: 'FileManagement',
-      props: {
-        selectMode: true,
-        multiSelect: false,
-        disabledMimeTypes: ['video/', 'audio/', 'application/pdf'],
-        afterSelect: 'none',
-        // Don't navigate away - stay on current screen
-        onSelect: async file => {
-          if (!file.contentType.startsWith('image/')) {
-            toast.error(translate(currentLanguage, 'editProfile.toasts.selectImage') || 'Please select an image file');
-            return;
-          }
-          try {
-            // Update file visibility to public for avatar
-            await updateAvatarVisibility(file.id, oxyServices, 'OxyContext');
-            // Update user profile (handles query invalidation and accountStore update)
-            await updateProfileWithAvatar({
-              avatar: file.id
-            }, oxyServices, activeSessionId, queryClient, syncIdentity);
-            toast.success(translate(currentLanguage, 'editProfile.toasts.avatarUpdated') || 'Avatar updated');
-          } catch (e) {
-            toast.error(e.message || translate(currentLanguage, 'editProfile.toasts.updateAvatarFailed') || 'Failed to update avatar');
-          }
-        }
-      }
-    });
-  }, [oxyServices, currentLanguage, showBottomSheetForContext, activeSessionId, queryClient, syncIdentity]);
+  const {
+    openAvatarPicker
+  } = useAvatarPicker({
+    oxyServices,
+    currentLanguage,
+    activeSessionId,
+    queryClient,
+    syncIdentity
+  });
   const contextValue = useMemo(() => ({
     user,
     sessions,
@@ -1036,21 +657,15 @@ export const OxyProvider = ({
     isIdentitySynced,
     syncIdentity,
     deleteIdentityAndClearAccount,
-    storeTransferCode,
-    getTransferCode,
-    clearTransferCode,
-    getAllPendingTransfers,
-    getActiveTransferId,
-    updateTransferState,
     identitySyncState: {
       isSynced: isIdentitySyncedStore ?? true,
       isSyncing: isSyncing ?? false
     },
     logout,
     logoutAll,
-    switchSession: switchSessionForContext,
+    switchSession,
     removeSession: logout,
-    refreshSessions: refreshSessionsWithUser,
+    refreshSessions,
     setLanguage,
     getDeviceSessions,
     logoutAllDeviceSessions,
@@ -1058,10 +673,9 @@ export const OxyProvider = ({
     clearSessionState,
     clearAllAccountData,
     oxyServices,
-    useFollow: useFollowHook,
-    showBottomSheet: showBottomSheetForContext,
+    showBottomSheet: globalShowBottomSheet,
     openAvatarPicker
-  }), [activeSessionId, currentDeviceId, createIdentity, importIdentity, signIn, hasIdentity, getPublicKey, isIdentitySynced, syncIdentity, deleteIdentityAndClearAccount, storeTransferCode, getTransferCode, clearTransferCode, getAllPendingTransfers, getActiveTransferId, updateTransferState, isIdentitySyncedStore, isSyncing, currentLanguage, currentLanguageMetadata, currentLanguageName, currentNativeLanguageName, error, getDeviceSessions, computedIsAuthenticated, isLoading, logout, logoutAll, logoutAllDeviceSessions, oxyServices, refreshSessionsWithUser, sessions, setLanguage, switchSessionForContext, tokenReady, isStorageReady, updateDeviceName, clearAllAccountData, useFollowHook, user, showBottomSheetForContext, openAvatarPicker]);
+  }), [activeSessionId, currentDeviceId, createIdentity, importIdentity, signIn, hasIdentity, getPublicKey, isIdentitySynced, syncIdentity, deleteIdentityAndClearAccount, isIdentitySyncedStore, isSyncing, currentLanguage, currentLanguageMetadata, currentLanguageName, currentNativeLanguageName, error, getDeviceSessions, computedIsAuthenticated, isLoading, logout, logoutAll, logoutAllDeviceSessions, oxyServices, refreshSessions, sessions, setLanguage, switchSession, tokenReady, isStorageReady, updateDeviceName, clearAllAccountData, user, openAvatarPicker]);
   return /*#__PURE__*/_jsx(OxyContext.Provider, {
     value: contextValue,
     children: children