@oxyhq/services 5.16.44 → 5.17.0

package/src/ui/context/OxyContext.tsx

@@ -17,22 +17,24 @@ import { toast } from '../../lib/sonner';
 import { useAuthStore, type AuthState } from '../stores/authStore';
 import { useShallow } from 'zustand/react/shallow';
 import { useSessionSocket } from '../hooks/useSessionSocket';
+import type { UseFollowHook } from '../hooks/useFollow.types';
 import { useStorage } from '../hooks/useStorage';
 import { useLanguageManagement } from '../hooks/useLanguageManagement';
+import { useSessionManagement } from '../hooks/useSessionManagement';
+import { useAuthOperations } from './hooks/useAuthOperations';
+import { useDeviceManagement } from '../hooks/useDeviceManagement';
 import { getStorageKeys } from '../utils/storageHelpers';
 import { isInvalidSessionError, isTimeoutOrNetworkError } from '../utils/errorHandlers';
 import type { RouteName } from '../navigation/routes';
 import { showBottomSheet as globalShowBottomSheet } from '../navigation/bottomSheetManager';
 import { useQueryClient } from '@tanstack/react-query';
+import { useCurrentUser } from '../hooks/queries';
 import { clearQueryCache } from '../hooks/queryClient';
-import { createIdentitySessionCore, type IdentitySessionCore, type BackupData } from '../../core/identity-session';
+import { KeyManager, type BackupData } from '../../crypto';
 import { translate } from '../../i18n';
+import { updateAvatarVisibility, updateProfileWithAvatar } from '../utils/avatarUtils';
 import { useAccountStore } from '../stores/accountStore';
-import { useTransferStore } from '../stores/transferStore';
-import { useCheckPendingTransfers } from '../hooks/useTransferQueries';
-import { useTransferCodesPersistence } from '../hooks/useTransferCodesPersistence';
-import { useIdentityTransfer } from '../hooks/useIdentityTransfer';
-import { useAvatarPicker } from '../hooks/useAvatarPicker';
+import { logger as loggerUtil } from '../../utils/loggerUtils';
 
 export interface OxyContextState {
   user: User | null;
@@ -50,14 +52,20 @@ export interface OxyContextState {
   currentNativeLanguageName: string;
 
   // Identity management (public key authentication - offline-first)
-  createIdentity: (username?: string) => Promise<{ synced: boolean }>;
-  importIdentity: (backupData: BackupData, password: string, username?: string) => Promise<{ synced: boolean }>;
+  createIdentity: () => Promise<{ synced: boolean }>;
+  importIdentity: (backupData: BackupData, password: string) => Promise<{ synced: boolean }>;
   signIn: (deviceName?: string) => Promise<User>;
   hasIdentity: () => Promise<boolean>;
   getPublicKey: () => Promise<string | null>;
   isIdentitySynced: () => Promise<boolean>;
-  syncIdentity: (username?: string) => Promise<User>;
+  syncIdentity: () => Promise<User>;
   deleteIdentityAndClearAccount: (skipBackup?: boolean, force?: boolean, userConfirmed?: boolean) => Promise<void>;
+  storeTransferCode: (transferId: string, code: string, sourceDeviceId: string | null, publicKey: string) => Promise<void>;
+  getTransferCode: (transferId: string) => { code: string; sourceDeviceId: string | null; publicKey: string; timestamp: number; state: 'pending' | 'completed' | 'failed' } | null;
+  clearTransferCode: (transferId: string) => Promise<void>;
+  getAllPendingTransfers: () => Array<{ transferId: string; data: { code: string; sourceDeviceId: string | null; publicKey: string; timestamp: number; state: 'pending' | 'completed' | 'failed' } }>;
+  getActiveTransferId: () => string | null;
+  updateTransferState: (transferId: string, state: 'pending' | 'completed' | 'failed') => Promise<void>;
 
   // Identity sync state (reactive, from Zustand store)
   identitySyncState: {
@@ -68,7 +76,7 @@ export interface OxyContextState {
   // Session management
   logout: (targetSessionId?: string) => Promise<void>;
   logoutAll: () => Promise<void>;
-  switchSession: (sessionId: string) => Promise<User>;
+  switchSession: (sessionId: string) => Promise<void>;
   removeSession: (sessionId: string) => Promise<void>;
   refreshSessions: () => Promise<void>;
   setLanguage: (languageId: string) => Promise<void>;
@@ -86,6 +94,7 @@ export interface OxyContextState {
   clearSessionState: () => Promise<void>;
   clearAllAccountData: () => Promise<void>;
   oxyServices: OxyServices;
+  useFollow?: UseFollowHook;
   showBottomSheet?: (screenOrConfig: RouteName | { screen: RouteName; props?: Record<string, unknown> }) => void;
   openAvatarPicker: () => void;
 }
@@ -101,6 +110,35 @@ export interface OxyContextProviderProps {
   onError?: (error: ApiError) => void;
 }
 
+let cachedUseFollowHook: UseFollowHook | null = null;
+
+const loadUseFollowHook = (): UseFollowHook => {
+  if (cachedUseFollowHook) {
+    return cachedUseFollowHook;
+  }
+
+  try {
+    // eslint-disable-next-line @typescript-eslint/no-var-requires
+    const { useFollow } = require('../hooks/useFollow');
+    cachedUseFollowHook = useFollow as UseFollowHook;
+    return cachedUseFollowHook;
+  } catch (error) {
+    if (__DEV__) {
+      loggerUtil.warn(
+        'useFollow hook is not available. Please import useFollow from @oxyhq/services directly.',
+        { component: 'OxyContext', method: 'loadUseFollowHook' },
+        error
+      );
+    }
+
+    const fallback: UseFollowHook = () => {
+      throw new Error('useFollow hook is only available in the UI bundle. Import it from @oxyhq/services.');
+    };
+
+    cachedUseFollowHook = fallback;
+    return cachedUseFollowHook;
+  }
+};
 
 export const OxyProvider: React.FC<OxyContextProviderProps> = ({
   children,
@@ -125,8 +163,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
   const oxyServices = oxyServicesRef.current;
 
   const {
-    user,
-    isAuthenticated: isAuthenticatedFromStore,
+    isAuthenticated,
     isLoading,
     error,
     loginSuccess,
@@ -139,7 +176,6 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     setSyncing,
   } = useAuthStore(
     useShallow((state: AuthState) => ({
-      user: state.user,
       isAuthenticated: state.isAuthenticated,
       isLoading: state.isLoading,
       error: state.error,
@@ -155,6 +191,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
   );
 
   const [tokenReady, setTokenReady] = useState(true);
+  const initializedRef = useRef(false);
   const setAuthState = useAuthStore.setState;
 
   const logger = useCallback((message: string, err?: unknown) => {
@@ -171,30 +208,51 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
 
   const { storage, isReady: isStorageReady } = useStorage({ onError, logger });
 
-  // Initialize Identity Session Core
-  const [identityCore, setIdentityCore] = useState<IdentitySessionCore | null>(null);
-  const [isCoreInitialized, setIsCoreInitialized] = useState(false);
-
+  // Identity integrity check and auto-restore on startup
+  // Skip on web platform - identity storage is only available on native platforms
   useEffect(() => {
-    let mounted = true;
-    const initCore = async () => {
+    if (!storage || !isStorageReady) return;
+    if (Platform.OS === 'web') return; // Identity operations are native-only
+
+    const checkAndRestoreIdentity = async () => {
       try {
-        const core = await createIdentitySessionCore(oxyServices.getBaseURL() || baseURL);
-        if (mounted) {
-          setIdentityCore(core);
-          setIsCoreInitialized(true);
+        // Check if identity exists and verify integrity
+        const hasIdentity = await KeyManager.hasIdentity();
+        if (hasIdentity) {
+          const isValid = await KeyManager.verifyIdentityIntegrity();
+          if (!isValid) {
+            // Try to restore from backup
+            const restored = await KeyManager.restoreIdentityFromBackup();
+            if (__DEV__) {
+              logger(restored
+                ? 'Identity restored from backup successfully'
+                : 'Identity integrity check failed - user may need to restore from backup file'
+              );
+            }
+          } else {
+            // Identity is valid - ensure backup is up to date
+            await KeyManager.backupIdentity();
+          }
+        } else {
+          // No identity - try to restore from backup
+          const restored = await KeyManager.restoreIdentityFromBackup();
+          if (restored && __DEV__) {
+            logger('Identity restored from backup on startup');
+          }
         }
       } catch (error) {
         if (__DEV__) {
-          logger('Failed to initialize identity session core', error);
+          logger('Error during identity integrity check', error);
         }
+        // Don't block app startup - user can recover with backup file
       }
     };
-    initCore();
-    return () => {
-      mounted = false;
-    };
-  }, [oxyServices, baseURL, logger]);
+
+    checkAndRestoreIdentity();
+  }, [storage, isStorageReady, logger]);
+
+  // Offline queuing is now handled by TanStack Query mutations
+  // No need for custom offline queue
 
   const {
     currentLanguage,
@@ -212,115 +270,75 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
 
   const queryClient = useQueryClient();
 
-  // Session state management using core
-  const [sessions, setSessions] = useState<ClientSession[]>([]);
-  const [activeSessionId, setActiveSessionId] = useState<string | null>(null);
-
-  // Load sessions from core
-  const loadSessionsFromCore = useCallback(async () => {
-    if (!identityCore || !isCoreInitialized) return;
-    try {
-      const coreSessions = await identityCore.getAllSessions();
-      const activeId = await identityCore.getActiveSessionId();
-
-      // Convert core sessions to ClientSession format
-      const clientSessions: ClientSession[] = coreSessions.map(s => ({
-        deviceInfo: s.deviceInfo,
-        sessionId: s.sessionId,
-        deviceId: s.deviceId,
-        userId: s.userId,
-        expiresAt: s.expiresAt,
-        lastActive: s.lastActive,
-        isCurrent: s.isCurrent || false,
-      }));
-
-      setSessions(clientSessions);
-      setActiveSessionId(activeId);
-    } catch (error) {
-      if (__DEV__) {
-        logger('Failed to load sessions from core', error);
-      }
-    }
-  }, [identityCore, isCoreInitialized, logger]);
-
-  // Load sessions when core is initialized
-  useEffect(() => {
-    if (isCoreInitialized) {
-      loadSessionsFromCore();
-    }
-  }, [isCoreInitialized, loadSessionsFromCore]);
-
-  // Subscribe to core events
-  useEffect(() => {
-    if (!identityCore || !isCoreInitialized) return;
-
-    const unsubscribe = identityCore.subscribe((event) => {
-      if (event.type === 'session:created' || event.type === 'session:refreshed' || event.type === 'session:invalidated' || event.type === 'session:all-invalidated') {
-        loadSessionsFromCore();
-      }
-    });
-
-    return unsubscribe;
-  }, [identityCore, isCoreInitialized, loadSessionsFromCore]);
-
-  // Identity operations using core
-  const hasIdentity = useCallback(async (): Promise<boolean> => {
-    if (!identityCore || !isCoreInitialized) return false;
-    return await identityCore.hasIdentity();
-  }, [identityCore, isCoreInitialized]);
-
-  const getPublicKey = useCallback(async (): Promise<string | null> => {
-    if (!identityCore || !isCoreInitialized) return null;
-    return await identityCore.getPublicKey();
-  }, [identityCore, isCoreInitialized]);
-
-  const isIdentitySynced = useCallback(async (): Promise<boolean> => {
-    if (!storage) return false;
-    const synced = await storage.getItem('oxy_identity_synced');
-    return synced === 'true';
-  }, [storage]);
-
-  const createIdentity = useCallback(async (username?: string): Promise<{ synced: boolean }> => {
-    if (!identityCore || !isCoreInitialized) {
-      throw new Error('Identity core not initialized');
-    }
+  const {
+    sessions,
+    activeSessionId,
+    setActiveSessionId,
+    updateSessions,
+    switchSession,
+    refreshSessions,
+    clearSessionState,
+    saveActiveSessionId,
+    trackRemovedSession,
+  } = useSessionManagement({
+    oxyServices,
+    storage,
+    storageKeyPrefix,
+    loginSuccess,
+    logoutStore,
+    applyLanguagePreference,
+    onAuthStateChange,
+    onError,
+    setAuthError: (message) => setAuthState({ error: message }),
+    logger,
+    setTokenReady,
+    queryClient,
+  });
 
-    setSyncing(true);
-    try {
-      // Create identity using core
-      const identity = await identityCore.createIdentity(username);
+  // Get current user from query (no persistent cache - always fetch fresh)
+  // Services never caches profile - always fetch from backend
+  const { data: userData } = useCurrentUser({ enabled: isAuthenticated && !!activeSessionId });
+  const user = userData ?? null;
 
-      // Try to register with backend
-      let synced = false;
-      try {
-        const { signature, publicKey, timestamp } = await identityCore.createRegistrationSignature();
-        const result = await oxyServices.register(publicKey, signature, timestamp, username);
-        if (result?.user) {
-          loginSuccess(result.user);
-          synced = true;
-          await storage?.setItem('oxy_identity_synced', 'true');
-          setIdentitySynced(true);
-        }
-      } catch (error) {
-        // Registration failed (likely offline) - identity still created locally
-        if (__DEV__) {
-          logger('Failed to register identity with backend (offline mode)', error);
-        }
-      }
+  const {
+    createIdentity,
+    importIdentity: importIdentityBase,
+    signIn,
+    logout,
+    logoutAll,
+    hasIdentity,
+    getPublicKey,
+    isIdentitySynced,
+    syncIdentity: syncIdentityBase,
+  } = useAuthOperations({
+    oxyServices,
+    storage,
+    sessions,
+    activeSessionId,
+    setActiveSessionId,
+    updateSessions,
+    saveActiveSessionId,
+    clearSessionState,
+    switchSession,
+    applyLanguagePreference,
+    onAuthStateChange,
+    onError,
+    loginSuccess,
+    loginFailure,
+    logoutStore,
+    setAuthState,
+    setIdentitySynced,
+    setSyncing,
+    logger,
+  });
 
-      return { synced };
-    } finally {
-      setSyncing(false);
-    }
-  }, [identityCore, isCoreInitialized, oxyServices, storage, loginSuccess, setIdentitySynced, setSyncing, logger]);
+  // syncIdentity - TanStack Query handles offline mutations automatically
+  const syncIdentity = useCallback(() => syncIdentityBase(), [syncIdentityBase]);
 
+  // Wrapper for importIdentity to handle legacy calls gracefully
   const importIdentity = useCallback(
     async (backupData: BackupData | string, password?: string): Promise<{ synced: boolean }> => {
-      if (!identityCore || !isCoreInitialized) {
-        throw new Error('Identity core not initialized');
-      }
-
-      // Handle legacy calls with single string argument
+      // Handle legacy calls with single string argument (old recovery phrase signature)
       if (typeof backupData === 'string') {
         throw new Error('Recovery phrase import is no longer supported. Please use backup file import or QR code transfer instead.');
       }
@@ -330,290 +348,63 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
         throw new Error('Password is required for backup file import.');
       }
 
-      setSyncing(true);
-      try {
-        // Import identity using core
-        const identity = await identityCore.importIdentity(backupData, password);
-
-        // Try to register with backend if not already registered
-        let synced = false;
-        try {
-          const { signature, publicKey, timestamp } = await identityCore.createRegistrationSignature();
-          const result = await oxyServices.register(publicKey, signature, timestamp);
-          if (result?.user) {
-            loginSuccess(result.user);
-            synced = true;
-            await storage?.setItem('oxy_identity_synced', 'true');
-            setIdentitySynced(true);
-          }
-        } catch (error: any) {
-          // Check if user already exists (409 conflict)
-          if (error?.status === 409) {
-            // User already registered - try to sign in instead
-            try {
-              await signIn();
-              synced = true;
-              await storage?.setItem('oxy_identity_synced', 'true');
-              setIdentitySynced(true);
-            } catch (signInError) {
-              if (__DEV__) {
-                logger('Failed to sign in after import', signInError);
-              }
-            }
-          } else if (__DEV__) {
-            logger('Failed to register identity with backend (offline mode)', error);
-          }
-        }
-
-        return { synced };
-      } finally {
-        setSyncing(false);
-      }
+      return importIdentityBase(backupData, password);
     },
-    [identityCore, isCoreInitialized, oxyServices, storage, loginSuccess, setIdentitySynced, setSyncing, logger]
+    [importIdentityBase]
   );
 
-  const syncIdentity = useCallback(async (username?: string): Promise<User> => {
-    if (!identityCore || !isCoreInitialized) {
-      throw new Error('Identity core not initialized');
-    }
-
-    const publicKey = await identityCore.getPublicKey();
-    if (!publicKey) {
-      throw new Error('No identity found');
-    }
-
-    setSyncing(true);
-    try {
-      const { signature, publicKey: pk, timestamp } = await identityCore.createRegistrationSignature();
-      const result = await oxyServices.register(pk, signature, timestamp, username);
-      if (result?.user) {
-        loginSuccess(result.user);
-        await storage?.setItem('oxy_identity_synced', 'true');
-        setIdentitySynced(true);
-        return result.user;
-      }
-      throw new Error('Registration failed');
-    } catch (error: any) {
-      // Check if user already exists (409 conflict) - try to sign in
-      if (error?.status === 409) {
-        const user = await signIn();
-        await storage?.setItem('oxy_identity_synced', 'true');
-        setIdentitySynced(true);
-        return user;
-      }
-      throw error;
-    } finally {
-      setSyncing(false);
-    }
-  }, [identityCore, isCoreInitialized, oxyServices, storage, loginSuccess, setIdentitySynced, setSyncing]);
-
-  const signIn = useCallback(async (deviceName?: string): Promise<User> => {
-    if (!identityCore || !isCoreInitialized) {
-      throw new Error('Identity core not initialized');
-    }
-
-    setAuthState({ isLoading: true });
-    try {
-      // Create session using core
-      const session = await identityCore.createSession(deviceName);
-
-      // Get user from OxyServices
-      const user = await oxyServices.getUserBySession(session.sessionId);
-      if (!user) {
-        throw new Error('Failed to get user data');
-      }
-
-      // Set token in OxyServices
-      if (session.accessToken) {
-        oxyServices.setTokens(session.accessToken, session.refreshToken || undefined);
-      }
-
-      // Update state
-      loginSuccess(user);
-      await loadSessionsFromCore();
-      onAuthStateChange?.(user);
-      await applyLanguagePreference(user);
-      setTokenReady(true);
-
-      return user;
-    } catch (error) {
-      const errorMessage = error instanceof Error ? error.message : String(error);
-      loginFailure(errorMessage);
-      throw error;
-    } finally {
-      setAuthState({ isLoading: false });
-    }
-  }, [identityCore, isCoreInitialized, oxyServices, loginSuccess, loginFailure, setAuthState, loadSessionsFromCore, onAuthStateChange, applyLanguagePreference, setTokenReady]);
-
-  // Session management functions
-  const clearSessionState = useCallback(async (): Promise<void> => {
-    setSessions([]);
-    setActiveSessionId(null);
-    logoutStore();
-    onAuthStateChange?.(null);
-
-    // Clear TanStack Query cache
+  // Clear all account data when identity is lost (for accounts app)
+  // In accounts app, identity = account, so losing identity means losing everything
+  const clearAllAccountData = useCallback(async (): Promise<void> => {
+    // Clear TanStack Query cache (in-memory)
     queryClient.clear();
 
-    // Clear persisted query cache and session storage
+    // Clear persisted query cache
     if (storage) {
       try {
         await clearQueryCache(storage);
-        await storage.removeItem(storageKeys.activeSessionId);
-        await storage.removeItem(storageKeys.sessionIds);
-        await storage.removeItem('oxy_identity_synced').catch(() => { });
       } catch (error) {
-        if (__DEV__) {
-          logger('Failed to clear session storage', error);
-        }
-      }
-    }
-  }, [logoutStore, onAuthStateChange, queryClient, storage, storageKeys, logger]);
-
-  const logout = useCallback(async (targetSessionId?: string): Promise<void> => {
-    if (!identityCore || !isCoreInitialized) return;
-
-    try {
-      await identityCore.invalidateSession(targetSessionId);
-      await loadSessionsFromCore();
-      await clearSessionState();
-      setTokenReady(false);
-    } catch (error) {
-      if (__DEV__) {
-        logger('Failed to logout', error);
-      }
-    }
-  }, [identityCore, isCoreInitialized, loadSessionsFromCore, clearSessionState, setTokenReady, logger]);
-
-  const logoutAll = useCallback(async (): Promise<void> => {
-    if (!identityCore || !isCoreInitialized) return;
-
-    try {
-      await identityCore.invalidateAllSessions();
-      await loadSessionsFromCore();
-      await clearSessionState();
-      setTokenReady(false);
-    } catch (error) {
-      if (__DEV__) {
-        logger('Failed to logout all', error);
+        logger('Failed to clear persisted query cache', error);
       }
     }
-  }, [identityCore, isCoreInitialized, loadSessionsFromCore, clearSessionState, setTokenReady, logger]);
-
-  const switchSession = useCallback(async (sessionId: string): Promise<User> => {
-    if (!identityCore || !isCoreInitialized) {
-      throw new Error('Identity core not initialized');
-    }
 
-    try {
-      // Validate session
-      const validation = await oxyServices.validateSession(sessionId, { useHeaderValidation: true });
-      if (!validation?.valid || !validation.user) {
-        throw new Error('Session is invalid or expired');
-      }
-
-      const user = validation.user;
-
-      // Get token for this session
-      await oxyServices.getTokenBySession(sessionId);
-
-      // Update active session in core
-      const sessionManager = identityCore.getSessionManager();
-      await sessionManager.setActiveSessionId(sessionId);
-
-      // Update local state
-      setActiveSessionId(sessionId);
-      loginSuccess(user);
-      await applyLanguagePreference(user);
-      onAuthStateChange?.(user);
-      setTokenReady(true);
-      await loadSessionsFromCore();
-
-      return user;
-    } catch (error) {
-      if (isInvalidSessionError(error)) {
-        // Remove invalid session from list
-        setSessions(prev => prev.filter(s => s.sessionId !== sessionId));
-        if (sessionId === activeSessionId) {
-          await clearSessionState();
-        }
-      }
-      throw error;
-    }
-  }, [identityCore, isCoreInitialized, oxyServices, loginSuccess, applyLanguagePreference, onAuthStateChange, setTokenReady, loadSessionsFromCore, activeSessionId, clearSessionState]);
-
-  const refreshSessions = useCallback(async (): Promise<void> => {
-    if (!identityCore || !isCoreInitialized || !activeSessionId) return;
-
-    try {
-      // Refresh current session
-      await identityCore.refreshSession();
-
-      // Reload sessions from core
-      await loadSessionsFromCore();
-    } catch (error) {
-      if (isInvalidSessionError(error)) {
-        await clearSessionState();
-      } else if (__DEV__) {
-        logger('Failed to refresh sessions', error);
-      }
-    }
-  }, [identityCore, isCoreInitialized, activeSessionId, loadSessionsFromCore, clearSessionState, logger]);
-
-  // Device management functions
-  const getDeviceSessions = useCallback(async () => {
-    if (!activeSessionId) throw new Error('No active session');
-    return await oxyServices.getDeviceSessions(activeSessionId);
-  }, [activeSessionId, oxyServices]);
-
-  const logoutAllDeviceSessions = useCallback(async (): Promise<void> => {
-    if (!activeSessionId) throw new Error('No active session');
-    await oxyServices.logoutAllDeviceSessions(activeSessionId);
-    await clearSessionState();
-  }, [activeSessionId, oxyServices, clearSessionState]);
-
-  const updateDeviceName = useCallback(async (deviceName: string): Promise<void> => {
-    if (!identityCore || !isCoreInitialized || !activeSessionId) {
-      throw new Error('Identity core not initialized or no active session');
-    }
-
-    await oxyServices.updateDeviceName(activeSessionId, deviceName);
-
-    // Update device name in core
-    const deviceManager = identityCore.getDeviceManager();
-    await deviceManager.updateDeviceName(deviceName);
-  }, [identityCore, isCoreInitialized, activeSessionId, oxyServices]);
-
-  useTransferCodesPersistence(storageKeyPrefix);
-
-  const clearAllAccountData = useCallback(async (): Promise<void> => {
-    if (__DEV__) logger('Clearing all account data - identity changed or lost');
-
-    queryClient.clear();
+    // Clear session state (sessions, activeSessionId, storage)
     await clearSessionState();
 
+    // Clear identity sync state from storage
     if (storage) {
       try {
-        await clearQueryCache(storage);
         await storage.removeItem('oxy_identity_synced');
       } catch (error) {
-        logger('Failed to clear persisted data', error);
+        logger('Failed to clear identity sync state', error);
       }
     }
 
+    // Reset auth store identity sync state
     useAuthStore.getState().setIdentitySynced(false);
     useAuthStore.getState().setSyncing(false);
+
+    // Reset account store
     useAccountStore.getState().reset();
-    useTransferStore.getState().clearAll();
+
+    // Clear HTTP service cache
     oxyServices.clearCache();
-    identityCore?.getIdentityManager().invalidateCache();
-  }, [queryClient, storage, clearSessionState, logger, oxyServices, identityCore]);
+  }, [queryClient, storage, clearSessionState, logger, oxyServices]);
+
+  // Transfer code management functions (must be defined before deleteIdentityAndClearAccount)
+  const getAllPendingTransfers = useCallback(() => {
+    const pending: Array<{ transferId: string; data: TransferCodeData }> = [];
+    transferCodesRef.current.forEach((data, transferId) => {
+      if (data.state === 'pending') {
+        pending.push({ transferId, data });
+      }
+    });
+    return pending;
+  }, []);
 
-  // Get transfer store functions (used in deleteIdentityAndClearAccount)
-  const getAllPendingTransfers = useTransferStore((state) => state.getAllPendingTransfers);
-  const getActiveTransferId = useTransferStore((state) => state.getActiveTransferId);
-  const getTransferCode = useTransferStore((state) => state.getTransferCode);
+  const getActiveTransferId = useCallback(() => {
+    return activeTransferIdRef.current;
+  }, []);
 
   // Delete identity and clear all account data
   // In accounts app, deleting identity means losing the account completely
@@ -628,7 +419,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
       const pendingTransfers = getAllPendingTransfers();
       if (pendingTransfers.length > 0) {
         const activeTransferId = getActiveTransferId();
-        const hasActiveTransfer = activeTransferId && pendingTransfers.some((t: { transferId: string; data: any }) => t.transferId === activeTransferId);
+        const hasActiveTransfer = activeTransferId && pendingTransfers.some(t => t.transferId === activeTransferId);
 
         if (hasActiveTransfer) {
           throw new Error(
@@ -644,118 +435,682 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     await clearAllAccountData();
 
     // Then delete the identity keys
-    if (identityCore) {
-      await identityCore.deleteIdentity(skipBackup, force, userConfirmed);
-    } else {
-      throw new Error('Identity core not initialized');
-    }
-  }, [clearAllAccountData, identityCore, getAllPendingTransfers, getActiveTransferId]);
+    await KeyManager.deleteIdentity(skipBackup, force, userConfirmed);
+  }, [clearAllAccountData, getAllPendingTransfers, getActiveTransferId]);
+
+  // Network reconnect sync - TanStack Query automatically retries mutations on reconnect
+  // We only need to sync identity if it's not synced
+  useEffect(() => {
+    if (!storage) return;
+
+    let wasOffline = false;
+    let checkTimeout: NodeJS.Timeout | null = null;
+    let lastReconnectionLog = 0;
+    const RECONNECTION_LOG_DEBOUNCE_MS = 5000; // 5 seconds
+
+    // Circuit breaker and exponential backoff state
+    const stateRef = {
+      consecutiveFailures: 0,
+      currentInterval: 10000, // Start with 10 seconds
+      baseInterval: 10000, // Base interval in milliseconds
+      maxInterval: 60000, // Maximum interval (60 seconds)
+      maxFailures: 5, // Circuit breaker threshold
+    };
+
+    const scheduleNextCheck = () => {
+      if (checkTimeout) {
+        clearTimeout(checkTimeout);
+      }
+      checkTimeout = setTimeout(() => {
+        checkNetworkAndSync();
+      }, stateRef.currentInterval);
+    };
+
+    const checkNetworkAndSync = async () => {
+      try {
+        // Try a lightweight health check to see if we're online
+        await oxyServices.healthCheck().catch(() => {
+          wasOffline = true;
+          throw new Error('Health check failed');
+        });
+
+        // Health check succeeded - reset circuit breaker and backoff
+        if (stateRef.consecutiveFailures > 0) {
+          stateRef.consecutiveFailures = 0;
+          stateRef.currentInterval = stateRef.baseInterval;
+        }
+
+        // If we were offline and now we're online, sync identity if needed
+        if (wasOffline) {
+          const now = Date.now();
+          const timeSinceLastLog = now - lastReconnectionLog;
+
+          if (timeSinceLastLog >= RECONNECTION_LOG_DEBOUNCE_MS) {
+            logger('Network reconnected, checking identity sync...');
+            lastReconnectionLog = now;
+
+            // Sync identity first (if not synced)
+            try {
+              const hasIdentityValue = await hasIdentity();
+              if (hasIdentityValue) {
+                // Check sync status directly - sync if not explicitly 'true'
+                // undefined = not synced yet, 'false' = explicitly not synced, 'true' = synced
+                const syncStatus = await storage.getItem('oxy_identity_synced');
+                if (syncStatus !== 'true') {
+                  await syncIdentity();
+                }
+              }
+            } catch (syncError: any) {
+              // Skip sync silently if username is required (expected when offline onboarding)
+              if (syncError?.code === 'USERNAME_REQUIRED' || syncError?.message === 'USERNAME_REQUIRED') {
+                if (__DEV__) {
+                  loggerUtil.debug('Sync skipped - username required', { component: 'OxyContext', method: 'checkNetworkAndSync' }, syncError as unknown);
+                }
+                // Don't log or show error - username will be set later
+              } else if (!isTimeoutOrNetworkError(syncError)) {
+                // Only log unexpected errors - timeouts/network issues are expected when offline
+                logger('Error syncing identity on reconnect', syncError);
+              } else if (__DEV__) {
+                loggerUtil.debug('Identity sync timeout (expected when offline)', { component: 'OxyContext', method: 'checkNetworkAndSync' }, syncError as unknown);
+              }
+            }
+          }
+
+          // TanStack Query will automatically retry pending mutations
+          // Reset flag immediately after processing (whether logged or not)
+          wasOffline = false;
+        }
+      } catch (error) {
+        // Network check failed - we're offline
+        wasOffline = true;
+
+        // Increment failure count and apply exponential backoff
+        stateRef.consecutiveFailures++;
+
+        // Calculate new interval with exponential backoff, capped at maxInterval
+        const backoffMultiplier = Math.min(
+          Math.pow(2, stateRef.consecutiveFailures - 1),
+          stateRef.maxInterval / stateRef.baseInterval
+        );
+        stateRef.currentInterval = Math.min(
+          stateRef.baseInterval * backoffMultiplier,
+          stateRef.maxInterval
+        );
+
+        // If we hit the circuit breaker threshold, use max interval
+        if (stateRef.consecutiveFailures >= stateRef.maxFailures) {
+          stateRef.currentInterval = stateRef.maxInterval;
+        }
+      } finally {
+        // Always schedule next check (will use updated interval)
+        scheduleNextCheck();
+      }
+    };
+
+    // Check immediately
+    checkNetworkAndSync();
+
+    return () => {
+      if (checkTimeout) {
+        clearTimeout(checkTimeout);
+      }
+    };
+  }, [oxyServices, storage, syncIdentity, logger]);
+
+  const { getDeviceSessions, logoutAllDeviceSessions, updateDeviceName } = useDeviceManagement({
+    oxyServices,
+    activeSessionId,
+    onError,
+    clearSessionState,
+    logger,
+  });
+
+  const useFollowHook = loadUseFollowHook();
 
   const restoreSessionsFromStorage = useCallback(async (): Promise<void> => {
-    if (!identityCore || !isCoreInitialized) return;
+    if (!storage) {
+      return;
+    }
 
     setTokenReady(false);
+
     try {
-      await loadSessionsFromCore();
-      const activeId = await identityCore.getActiveSessionId();
-      if (!activeId) {
-        setTokenReady(true);
-        return;
-      }
+      const storedSessionIdsJson = await storage.getItem(storageKeys.sessionIds);
+      const storedSessionIds: string[] = storedSessionIdsJson ? JSON.parse(storedSessionIdsJson) : [];
+      const storedActiveSessionId = await storage.getItem(storageKeys.activeSessionId);
 
-      try {
-        await switchSession(activeId);
-      } catch (switchError) {
-        if (isTimeoutOrNetworkError(switchError)) {
+      const validSessions: ClientSession[] = [];
+
+      if (storedSessionIds.length > 0) {
+        for (const sessionId of storedSessionIds) {
           try {
-            const validation = await oxyServices.validateSession(activeId, { useHeaderValidation: false });
+            const validation = await oxyServices.validateSession(sessionId, { useHeaderValidation: true });
             if (validation?.valid && validation.user) {
-              loginSuccess(validation.user);
+              const now = new Date();
+              validSessions.push({
+                sessionId,
+                deviceId: '',
+                expiresAt: new Date(now.getTime() + 7 * 24 * 60 * 60 * 1000).toISOString(),
+                lastActive: now.toISOString(),
+                userId: validation.user.id?.toString() ?? '',
+                isCurrent: sessionId === storedActiveSessionId,
+              });
+            }
+          } catch (validationError) {
+            // Silently handle expected errors (invalid sessions, timeouts, network issues) during restoration
+            // Only log unexpected errors
+            if (!isInvalidSessionError(validationError) && !isTimeoutOrNetworkError(validationError)) {
+              logger('Session validation failed during init', validationError);
+            } else if (__DEV__ && isTimeoutOrNetworkError(validationError)) {
+              // Only log timeouts in dev mode for debugging
+              loggerUtil.debug('Session validation timeout (expected when offline)', { component: 'OxyContext', method: 'restoreSessionsFromStorage' }, validationError as unknown);
             }
-          } catch {
-            // Offline - will sync when online
           }
-        } else if (isInvalidSessionError(switchError)) {
-          await identityCore.invalidateSession(activeId);
-          await loadSessionsFromCore();
+        }
+
+        if (validSessions.length > 0) {
+          updateSessions(validSessions, { merge: false });
+        }
+      }
+
+      if (storedActiveSessionId) {
+        try {
+          await switchSession(storedActiveSessionId);
+        } catch (switchError) {
+          // Silently handle expected errors (invalid sessions, timeouts, network issues)
+          if (isInvalidSessionError(switchError)) {
+            await storage.removeItem(storageKeys.activeSessionId);
+            updateSessions(
+              validSessions.filter((session) => session.sessionId !== storedActiveSessionId),
+              { merge: false },
+            );
+            // Don't log expected session errors during restoration
+          } else if (isTimeoutOrNetworkError(switchError)) {
+            // Timeout/network error - non-critical, don't block
+            if (__DEV__) {
+              loggerUtil.debug('Active session validation timeout (expected when offline)', { component: 'OxyContext', method: 'restoreSessionsFromStorage' }, switchError as unknown);
+            }
+          } else {
+            // Only log unexpected errors
+            logger('Active session validation error', switchError);
+          }
         }
       }
     } catch (error) {
-      if (__DEV__) logger('Failed to restore sessions from storage', error);
+      if (__DEV__) {
+        loggerUtil.error('Auth init error', error instanceof Error ? error : new Error(String(error)), { component: 'OxyContext', method: 'restoreSessionsFromStorage' });
+      }
       await clearSessionState();
     } finally {
       setTokenReady(true);
     }
-  }, [identityCore, isCoreInitialized, loadSessionsFromCore, switchSession, loginSuccess, clearSessionState, oxyServices, logger]);
+  }, [
+    clearSessionState,
+    logger,
+    oxyServices,
+    storage,
+    storageKeys.activeSessionId,
+    storageKeys.sessionIds,
+    switchSession,
+    updateSessions,
+  ]);
 
-  // Restore sessions when core is initialized
   useEffect(() => {
-    if (isCoreInitialized) {
-      void restoreSessionsFromStorage();
+    if (!storage || initializedRef.current) {
+      return;
     }
-  }, [isCoreInitialized, restoreSessionsFromStorage]);
+
+    initializedRef.current = true;
+    void restoreSessionsFromStorage();
+  }, [restoreSessionsFromStorage, storage]);
 
   const activeSession = activeSessionId
     ? sessions.find((session) => session.sessionId === activeSessionId)
     : undefined;
   const currentDeviceId = activeSession?.deviceId ?? null;
 
-  // Compute isAuthenticated from actual session state, not just auth store
-  // This ensures UI shows correct state even if loginSuccess wasn't called during restoration
-  const computedIsAuthenticated = useMemo(() => {
-    return isAuthenticatedFromStore || !!(activeSessionId && sessions.length > 0 && user);
-  }, [isAuthenticatedFromStore, activeSessionId, sessions.length, user]);
+  // Get userId from JWT token (MongoDB ObjectId) for socket room matching
+  const userId = oxyServices.getCurrentUserId();
 
-  const userId = oxyServices.getCurrentUserId() || user?.id;
+  // Transfer code storage interface
+  interface TransferCodeData {
+    code: string;
+    sourceDeviceId: string | null;
+    publicKey: string;
+    timestamp: number;
+    state: 'pending' | 'completed' | 'failed';
+  }
 
-  useCheckPendingTransfers(oxyServices, computedIsAuthenticated);
+  // Store transfer codes in memory for verification (also persisted to storage)
+  // Map: transferId -> TransferCodeData
+  const transferCodesRef = useRef<Map<string, TransferCodeData>>(new Map());
+  const activeTransferIdRef = useRef<string | null>(null);
+  const TRANSFER_CODES_STORAGE_KEY = `${storageKeyPrefix}_transfer_codes`;
+  const ACTIVE_TRANSFER_STORAGE_KEY = `${storageKeyPrefix}_active_transfer_id`;
 
-  const { handleIdentityTransferComplete } = useIdentityTransfer({
-    identityCore,
-    currentDeviceId,
-    activeSessionId,
-    getPublicKey,
-    deleteIdentityAndClearAccount,
-    logger,
-  });
+  // Load transfer codes from storage on startup
+  useEffect(() => {
+    if (!storage || !isStorageReady) return;
+
+    const loadTransferCodes = async () => {
+      try {
+        // Load transfer codes
+        const storedCodes = await storage.getItem(TRANSFER_CODES_STORAGE_KEY);
+        if (storedCodes) {
+          const parsed = JSON.parse(storedCodes);
+          const now = Date.now();
+          const fifteenMinutes = 15 * 60 * 1000;
+
+          // Only restore non-expired pending transfers
+          Object.entries(parsed).forEach(([transferId, data]: [string, any]) => {
+            if (data.state === 'pending' && (now - data.timestamp) < fifteenMinutes) {
+              transferCodesRef.current.set(transferId, data);
+              if (__DEV__) {
+                logger('Restored pending transfer from storage', { transferId });
+              }
+            }
+          });
+        }
+
+        // Load active transfer ID
+        const activeTransferId = await storage.getItem(ACTIVE_TRANSFER_STORAGE_KEY);
+        if (activeTransferId) {
+          // Verify it's still valid
+          const transferData = transferCodesRef.current.get(activeTransferId);
+          if (transferData && transferData.state === 'pending') {
+            activeTransferIdRef.current = activeTransferId;
+            if (__DEV__) {
+              logger('Restored active transfer ID from storage', { transferId: activeTransferId });
+            }
+          } else {
+            // Clear invalid active transfer
+            await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
+          }
+        }
+      } catch (error) {
+        if (__DEV__) {
+          logger('Failed to load transfer codes from storage', error);
+        }
+      }
+    };
+
+    loadTransferCodes();
+  }, [storage, isStorageReady, logger, storageKeyPrefix]);
+
+  // Persist transfer codes to storage whenever they change
+  const persistTransferCodes = useCallback(async () => {
+    if (!storage) return;
+
+    try {
+      const codesToStore: Record<string, TransferCodeData> = {};
+      transferCodesRef.current.forEach((value, key) => {
+        codesToStore[key] = value;
+      });
+      await storage.setItem(TRANSFER_CODES_STORAGE_KEY, JSON.stringify(codesToStore));
+    } catch (error) {
+      if (__DEV__) {
+        logger('Failed to persist transfer codes', error);
+      }
+    }
+  }, [storage, logger]);
+
+  // Cleanup old transfer codes (older than 15 minutes)
+  useEffect(() => {
+    const cleanup = setInterval(async () => {
+      const now = Date.now();
+      const fifteenMinutes = 15 * 60 * 1000;
+      let needsPersist = false;
+
+      transferCodesRef.current.forEach((value, key) => {
+        if (now - value.timestamp > fifteenMinutes) {
+          transferCodesRef.current.delete(key);
+          needsPersist = true;
+          if (__DEV__) {
+            logger('Cleaned up expired transfer code', { transferId: key });
+          }
+        }
+      });
+
+      // Clear active transfer if it was deleted
+      if (activeTransferIdRef.current && !transferCodesRef.current.has(activeTransferIdRef.current)) {
+        activeTransferIdRef.current = null;
+        if (storage) {
+          try {
+            await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
+          } catch (error) {
+            // Ignore storage errors
+          }
+        }
+      }
+
+      if (needsPersist) {
+        await persistTransferCodes();
+      }
+    }, 60000); // Check every minute
+
+    return () => clearInterval(cleanup);
+  }, [logger, persistTransferCodes, storage]);
+
+  // Transfer code management functions
+  const storeTransferCode = useCallback(async (transferId: string, code: string, sourceDeviceId: string | null, publicKey: string) => {
+    const transferData: TransferCodeData = {
+      code,
+      sourceDeviceId,
+      publicKey,
+      timestamp: Date.now(),
+      state: 'pending',
+    };
+
+    transferCodesRef.current.set(transferId, transferData);
+    activeTransferIdRef.current = transferId;
+
+    // Persist to storage
+    await persistTransferCodes();
+    if (storage) {
+      try {
+        await storage.setItem(ACTIVE_TRANSFER_STORAGE_KEY, transferId);
+      } catch (error) {
+        if (__DEV__) {
+          logger('Failed to persist active transfer ID', error);
+        }
+      }
+    }
+
+    if (__DEV__) {
+      logger('Stored transfer code', { transferId, sourceDeviceId, publicKey: publicKey.substring(0, 16) + '...' });
+    }
+  }, [logger, persistTransferCodes, storage]);
+
+  const getTransferCode = useCallback((transferId: string) => {
+    return transferCodesRef.current.get(transferId) || null;
+  }, []);
+
+  const updateTransferState = useCallback(async (transferId: string, state: 'pending' | 'completed' | 'failed') => {
+    const transferData = transferCodesRef.current.get(transferId);
+    if (transferData) {
+      transferData.state = state;
+      transferCodesRef.current.set(transferId, transferData);
+
+      // Clear active transfer if completed or failed
+      if (state === 'completed' || state === 'failed') {
+        if (activeTransferIdRef.current === transferId) {
+          activeTransferIdRef.current = null;
+          if (storage) {
+            try {
+              await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
+            } catch (error) {
+              // Ignore storage errors
+            }
+          }
+        }
+      }
+
+      await persistTransferCodes();
+
+      if (__DEV__) {
+        logger('Updated transfer state', { transferId, state });
+      }
+    }
+  }, [logger, persistTransferCodes, storage]);
+
+  const clearTransferCode = useCallback(async (transferId: string) => {
+    transferCodesRef.current.delete(transferId);
+
+    if (activeTransferIdRef.current === transferId) {
+      activeTransferIdRef.current = null;
+      if (storage) {
+        try {
+          await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
+        } catch (error) {
+          // Ignore storage errors
+        }
+      }
+    }
+
+    await persistTransferCodes();
+
+    if (__DEV__) {
+      logger('Cleared transfer code', { transferId });
+    }
+  }, [logger, persistTransferCodes, storage]);
+
+  const refreshSessionsWithUser = useCallback(
+    () => refreshSessions(userId || undefined),
+    [refreshSessions, userId],
+  );
+
+  const handleSessionRemoved = useCallback(
+    (sessionId: string) => {
+      trackRemovedSession(sessionId);
+    },
+    [trackRemovedSession],
+  );
+
+  const handleRemoteSignOut = useCallback(() => {
+    toast.info('You have been signed out remotely.');
+    logout().catch((remoteError) => logger('Failed to process remote sign out', remoteError));
+  }, [logger, logout]);
+
+  const handleIdentityTransferComplete = useCallback(
+    async (data: { transferId: string; sourceDeviceId: string; publicKey: string; transferCode?: string; completedAt: string }) => {
+      try {
+        logger('Received identity transfer complete notification', {
+          transferId: data.transferId,
+          sourceDeviceId: data.sourceDeviceId,
+          currentDeviceId,
+          hasActiveSession: activeSessionId !== null,
+          publicKey: data.publicKey.substring(0, 16) + '...',
+        });
+
+        const storedTransfer = getTransferCode(data.transferId);
+
+        if (!storedTransfer) {
+          logger('Transfer code not found for transferId', {
+            transferId: data.transferId,
+          });
+          toast.error('Transfer verification failed: Code not found. Identity will not be deleted.');
+          return;
+        }
+
+        // Verify publicKey matches first (most important check)
+        const publicKeyMatches = data.publicKey === storedTransfer.publicKey;
+        if (!publicKeyMatches) {
+          logger('Public key mismatch for transfer', {
+            transferId: data.transferId,
+            receivedPublicKey: data.publicKey.substring(0, 16) + '...',
+            storedPublicKey: storedTransfer.publicKey.substring(0, 16) + '...',
+          });
+          toast.error('Transfer verification failed: Public key mismatch. Identity will not be deleted.');
+          return;
+        }
+
+        // Verify deviceId matches - very lenient since publicKey is the critical check
+        // If publicKey matches, we allow deletion even if deviceId doesn't match exactly
+        // This handles cases where deviceId might not be available or slightly different
+        const deviceIdMatches =
+          // Exact match
+          (data.sourceDeviceId && data.sourceDeviceId === currentDeviceId) ||
+          // Stored sourceDeviceId matches current deviceId
+          (storedTransfer.sourceDeviceId && storedTransfer.sourceDeviceId === currentDeviceId);
+
+        // If publicKey matches, we're very lenient with deviceId - only warn but don't block
+        if (!deviceIdMatches && publicKeyMatches) {
+          logger('Device ID mismatch for transfer, but publicKey matches - proceeding with deletion', {
+            transferId: data.transferId,
+            receivedDeviceId: data.sourceDeviceId,
+            storedDeviceId: storedTransfer.sourceDeviceId,
+            currentDeviceId,
+            hasActiveSession: activeSessionId !== null,
+          });
+          // Proceed with deletion - publicKey match is the critical verification
+        } else if (!deviceIdMatches && !publicKeyMatches) {
+          // Both don't match - this is suspicious, block deletion
+          logger('Device ID and publicKey mismatch for transfer', {
+            transferId: data.transferId,
+            receivedDeviceId: data.sourceDeviceId,
+            currentDeviceId,
+          });
+          toast.error('Transfer verification failed: Device and key mismatch. Identity will not be deleted.');
+          return;
+        }
+
+        // Verify transfer code matches (if provided)
+        // Transfer code is optional - if not provided, we still proceed if publicKey matches
+        if (data.transferCode) {
+          const codeMatches = data.transferCode.toUpperCase() === storedTransfer.code.toUpperCase();
+          if (!codeMatches) {
+            logger('Transfer code mismatch, but publicKey matches - proceeding with deletion', {
+              transferId: data.transferId,
+              receivedCode: data.transferCode,
+              storedCode: storedTransfer.code.substring(0, 2) + '****',
+            });
+            // Don't block - publicKey match is sufficient, code mismatch might be due to user error
+            // Log warning but proceed
+          }
+        }
+
+        // Check if transfer is too old (safety timeout - 10 minutes)
+        const transferAge = Date.now() - storedTransfer.timestamp;
+        const tenMinutes = 10 * 60 * 1000;
+        if (transferAge > tenMinutes) {
+          logger('Transfer confirmation received too late', {
+            transferId: data.transferId,
+            age: transferAge,
+            ageMinutes: Math.round(transferAge / 60000),
+          });
+          toast.error('Transfer verification failed: Confirmation received too late. Identity will not be deleted.');
+          clearTransferCode(data.transferId);
+          return;
+        }
+
+        // NOTE: Target device verification already happened server-side when notifyTransferComplete was called
+        // The server verified that the target device is authenticated and has the matching public key
+        // Additional client-side verification is not necessary and would require source device authentication
+        // which may not be available. The existing checks (public key match, transfer code, device ID) are sufficient.
+
+        logger('All transfer verifications passed, deleting identity from source device', {
+          transferId: data.transferId,
+          sourceDeviceId: data.sourceDeviceId,
+          publicKey: data.publicKey.substring(0, 16) + '...',
+        });
+
+        try {
+          // Verify identity still exists before deletion (safety check)
+          const identityStillExists = await KeyManager.hasIdentity();
+          if (!identityStillExists) {
+            logger('Identity already deleted - skipping deletion', {
+              transferId: data.transferId,
+            });
+            await updateTransferState(data.transferId, 'completed');
+            await clearTransferCode(data.transferId);
+            return;
+          }
+
+          await deleteIdentityAndClearAccount(false, false, true);
+
+          // Verify identity was actually deleted
+          const identityDeleted = !(await KeyManager.hasIdentity());
+          if (!identityDeleted) {
+            logger('Identity deletion failed - identity still exists', {
+              transferId: data.transferId,
+            });
+            await updateTransferState(data.transferId, 'failed');
+            throw new Error('Identity deletion failed - identity still exists');
+          }
+
+          await updateTransferState(data.transferId, 'completed');
+          await clearTransferCode(data.transferId);
+
+          logger('Identity successfully deleted and transfer code cleared', {
+            transferId: data.transferId,
+          });
+
+          toast.success('Identity successfully transferred and removed from this device');
+        } catch (deleteError: any) {
+          logger('Error during identity deletion', deleteError);
+          await updateTransferState(data.transferId, 'failed');
+          throw deleteError;
+        }
+      } catch (error: any) {
+        logger('Failed to delete identity after transfer', error);
+        toast.error(error?.message || 'Failed to remove identity from this device. Please try again manually from Security Settings.');
+      }
+    },
+    [deleteIdentityAndClearAccount, logger, getTransferCode, clearTransferCode, updateTransferState, currentDeviceId, activeSessionId, oxyServices],
+  );
 
   useSessionSocket({
     userId,
     activeSessionId,
     currentDeviceId,
-    refreshSessions,
+    refreshSessions: refreshSessionsWithUser,
     logout,
     clearSessionState,
     baseURL: oxyServices.getBaseURL(),
     getAccessToken: () => oxyServices.getAccessToken(),
     getTransferCode: getTransferCode,
-    onRemoteSignOut: () => {
-      toast.info('You have been signed out remotely.');
-      logout().catch((err) => logger('Failed to process remote sign out', err));
-    },
-    onSessionRemoved: (sessionId: string) => {
-      setSessions(prev => prev.filter(s => s.sessionId !== sessionId));
-      if (sessionId === activeSessionId) {
-        setActiveSessionId(null);
-      }
-    },
+    onRemoteSignOut: handleRemoteSignOut,
+    onSessionRemoved: handleSessionRemoved,
     onIdentityTransferComplete: handleIdentityTransferComplete,
   });
 
-  const { openAvatarPicker } = useAvatarPicker({
-    oxyServices,
-    currentLanguage,
-    activeSessionId,
-    queryClient,
-    syncIdentity,
-  });
+  const switchSessionForContext = useCallback(
+    async (sessionId: string): Promise<void> => {
+      await switchSession(sessionId);
+    },
+    [switchSession],
+  );
+
+  // Create showBottomSheet function that uses the global function
+  const showBottomSheetForContext = useCallback(
+    (screenOrConfig: RouteName | { screen: RouteName; props?: Record<string, unknown> }) => {
+      globalShowBottomSheet(screenOrConfig);
+    },
+    [],
+  );
+
+  // Create openAvatarPicker function
+  const openAvatarPicker = useCallback(() => {
+    showBottomSheetForContext({
+      screen: 'FileManagement' as RouteName,
+      props: {
+        selectMode: true,
+        multiSelect: false,
+        disabledMimeTypes: ['video/', 'audio/', 'application/pdf'],
+        afterSelect: 'none', // Don't navigate away - stay on current screen
+        onSelect: async (file: any) => {
+          if (!file.contentType.startsWith('image/')) {
+            toast.error(translate(currentLanguage, 'editProfile.toasts.selectImage') || 'Please select an image file');
+            return;
+          }
+          try {
+            // Update file visibility to public for avatar
+            await updateAvatarVisibility(file.id, oxyServices, 'OxyContext');
+
+            // Update user profile (handles query invalidation and accountStore update)
+            await updateProfileWithAvatar(
+              { avatar: file.id },
+              oxyServices,
+              activeSessionId,
+              queryClient,
+              { syncIdentity, deviceId: currentDeviceId || undefined }
+            );
+
+            toast.success(translate(currentLanguage, 'editProfile.toasts.avatarUpdated') || 'Avatar updated');
+          } catch (e: any) {
+            toast.error(e.message || translate(currentLanguage, 'editProfile.toasts.updateAvatarFailed') || 'Failed to update avatar');
+          }
+        },
+      },
+    });
+  }, [oxyServices, currentLanguage, showBottomSheetForContext, activeSessionId, queryClient, syncIdentity]);
 
   const contextValue: OxyContextState = useMemo(() => ({
     user,
     sessions,
     activeSessionId,
     currentDeviceId,
-    isAuthenticated: computedIsAuthenticated,
+    isAuthenticated,
     isLoading,
     isTokenReady: tokenReady,
     isStorageReady,
@@ -772,15 +1127,21 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     isIdentitySynced,
     syncIdentity,
     deleteIdentityAndClearAccount,
+    storeTransferCode,
+    getTransferCode,
+    clearTransferCode,
+    getAllPendingTransfers,
+    getActiveTransferId,
+    updateTransferState,
     identitySyncState: {
       isSynced: isIdentitySyncedStore ?? true,
       isSyncing: isSyncing ?? false,
     },
     logout,
     logoutAll,
-    switchSession,
+    switchSession: switchSessionForContext,
     removeSession: logout,
-    refreshSessions,
+    refreshSessions: refreshSessionsWithUser,
     setLanguage,
     getDeviceSessions,
     logoutAllDeviceSessions,
@@ -788,7 +1149,8 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     clearSessionState,
     clearAllAccountData,
     oxyServices,
-    showBottomSheet: globalShowBottomSheet,
+    useFollow: useFollowHook,
+    showBottomSheet: showBottomSheetForContext,
     openAvatarPicker,
   }), [
     activeSessionId,
@@ -801,6 +1163,12 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     isIdentitySynced,
     syncIdentity,
     deleteIdentityAndClearAccount,
+    storeTransferCode,
+    getTransferCode,
+    clearTransferCode,
+    getAllPendingTransfers,
+    getActiveTransferId,
+    updateTransferState,
     isIdentitySyncedStore,
     isSyncing,
     currentLanguage,
@@ -809,21 +1177,23 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     currentNativeLanguageName,
     error,
     getDeviceSessions,
-    computedIsAuthenticated,
+    isAuthenticated,
     isLoading,
     logout,
     logoutAll,
     logoutAllDeviceSessions,
     oxyServices,
-    refreshSessions,
+    refreshSessionsWithUser,
     sessions,
     setLanguage,
-    switchSession,
+    switchSessionForContext,
     tokenReady,
     isStorageReady,
     updateDeviceName,
     clearAllAccountData,
+    useFollowHook,
     user,
+    showBottomSheetForContext,
     openAvatarPicker,
   ]);
 
@@ -845,5 +1215,3 @@ export const useOxy = (): OxyContextState => {
 };
 
 export default OxyContext;
-
-