ethagent 2.1.0 → 2.2.0

package/src/identity/hub/effects/publicProfile/runPublicProfileSave.ts

@@ -1,4 +1,4 @@
-import { getAddress, type Address, type Hex } from 'viem'
+import { getAddress, type Address } from 'viem'
 import type { EthagentIdentity } from '../../../../storage/config.js'
 import {
   createWalletRestoreAccessChallenge,
@@ -32,19 +32,13 @@ import { resolveValidatedPinataJwt, savePinataJwt } from '../../../storage/pinat
 import {
   openBrowserWalletSession,
   requestBrowserWalletSignatureAndTransaction,
-  type BrowserWalletSession,
   type BrowserWalletSignature,
   type WalletPurpose,
 } from '../../../wallet/browserWallet.js'
 import type { ProfileUpdates, Step } from '../../identityHubReducer.js'
-import { reconcileWalletSetup } from '../../reconciliation/index.js'
 import { acquireTxGuard, releaseTxGuard } from '../../txGuard.js'
 import type { EffectCallbacks } from '../types.js'
 import { awaitConfirmedReceipt } from '../receipts.js'
-import {
-  createMainnetEnsPublicClient,
-  runUpdateEnsRecords,
-} from '../ens/transactions.js'
 import {
   assertVerifiedPin,
   deriveAgentName,
@@ -55,7 +49,7 @@ import {
   appendResolverSyncWarning,
   markCurrentContinuityFilesPublished,
   resolverSyncWarningMessage,
-  syncResolverApprovalsAfterOwnerSave,
+  syncVaultOperatorsAfterOwnerSave,
 } from '../shared/sync.js'
 import {
   assertSnapshotSaveSignerAuthorized,
@@ -241,7 +235,7 @@ async function runPublicProfileSigningInner(
   }
   await writePublicSkillsFile(nextIdentity, result.prepared.publicSkillsJson)
   await markCurrentContinuityFilesPublished(nextIdentity)
-  const resolverSyncWarning = await syncResolverApprovalsAfterOwnerSave({
+  const resolverSyncWarning = await syncVaultOperatorsAfterOwnerSave({
     beforeIdentity: step.identity,
     afterIdentity: nextIdentity,
     registry: step.registry,
@@ -263,92 +257,21 @@ async function runOperatorWalletPublicProfileSave(
   callbacks: EffectCallbacks,
 ): Promise<void> {
   if (!step.identity.agentId) throw new Error('Cannot update public profile: identity is missing an agent token ID')
-  const baseState = (step.identity.state ?? {}) as Record<string, unknown>
-  const ensName = typeof baseState.ensName === 'string' ? baseState.ensName.trim() : ''
-  if (!ensName) {
-    throw new Error('Operator wallet profile updates require an ENS subdomain, connect the owner wallet to set one up first')
+  if (!step.vaultAddress) {
+    throw new Error('Operator-wallet profile updates require a Vault. Set one up via Advanced Mode, or connect the owner wallet to update the profile.')
   }
   const snapshotOwner = ownerAddressForSnapshotSave(step.identity, step.profileUpdates)
   const walletAccess = walletRestoreAccessContext(step.identity, step.registry, step.profileUpdates, snapshotOwner)
   if (!walletAccess) throw new Error('Operator-wallet profile updates require wallet restore access context')
   const challengePurpose: WalletChallengePurpose = 'restore-operator'
-  if (step.vaultAddress) {
-    await runOperatorWalletVaultPublicProfileSave({
-      step,
-      callbacks,
-      snapshotOwner,
-      walletAccess,
-      challengePurpose,
-      vaultAddress: step.vaultAddress,
-    })
-    return
-  }
-
-  const reconcileBaseState = (step.identity.state ?? {}) as Record<string, unknown>
-  const activeOperator = typeof reconcileBaseState.activeOperatorAddress === 'string'
-    ? reconcileBaseState.activeOperatorAddress.trim()
-    : ''
-  if (activeOperator) {
-    const fixPlan = await reconcileWalletSetup({ identity: step.identity, registry: step.registry })
-    const stale = fixPlan.items.find(
-      (item): item is Extract<typeof item, { kind: 'missing-approval' }> =>
-        item.kind === 'missing-approval'
-        && item.address.toLowerCase() === activeOperator.toLowerCase(),
-    )
-    if (stale) {
-      throw new Error(
-        `Operator wallet ${stale.address} is no longer approved as a resolver delegate for this agent's ENS subdomain. Connect the owner wallet and run "Fix Records" to restore the approval before retrying.`,
-      )
-    }
-  }
-
-  const session = await openBrowserWalletSession({ onReady: callbacks.onWalletReady })
-  try {
-    const wallet = await session.requestSignature({
-      chainId: step.registry.chainId,
-      messageForAccount: account => createWalletRestoreAccessChallenge({
-        token: walletAccess.token,
-        ownerAddress: snapshotOwner,
-        walletAddress: account,
-        accessEpoch: walletAccess.accessEpoch,
-        purpose: challengePurpose,
-      }),
-      purpose: 'update-profile-operator',
-    })
-    assertSnapshotSaveSignerAuthorized(step.identity, step.profileUpdates, wallet.account, snapshotOwner, walletAccess)
-    const prepared = await prepareOperatorProfileArtifacts({
-      step,
-      wallet,
-      snapshotOwner,
-      walletAccess,
-      challengePurpose,
-      includeMetadata: false,
-    })
-    await publishOperatorProfileEnsRecord({
-      ensName,
-      signer: wallet.account,
-      registry: step.registry,
-      agentCardUri: prepared.agentCardUri,
-      callbacks,
-      session,
-    })
-
-    await writePublicSkillsFile(prepared.nextIdentity, prepared.publicSkillsJson)
-    await markCurrentContinuityFilesPublished(prepared.nextIdentity).catch(() => null)
-    await recordPublishedContinuitySnapshot({
-      identity: prepared.nextIdentity,
-      label: 'operator-wallet ENS profile update',
-    }).catch(() => null)
-
-    await callbacks.onIdentityComplete(
-      prepared.nextIdentity,
-      'Profile pointer published to ENS records (org.ethagent.profile). ERC-8004 metadata stays put until owner wallet next signs.',
-      'update',
-    )
-  } finally {
-    await session.close().catch(() => null)
-    callbacks.onWalletReady(null)
-  }
+  await runOperatorWalletVaultPublicProfileSave({
+    step,
+    callbacks,
+    snapshotOwner,
+    walletAccess,
+    challengePurpose,
+    vaultAddress: step.vaultAddress,
+  })
 }
 
 type WalletAccessContext = NonNullable<ReturnType<typeof walletRestoreAccessContext>>
@@ -391,11 +314,7 @@ async function runOperatorWalletVaultPublicProfileSave(args: {
       snapshotOwner,
       walletAccess,
       challengePurpose,
-      includeMetadata: true,
     })
-    if (!prepared.agentUri || !prepared.metadataCid) {
-      throw new Error('Vault profile update did not prepare ERC-8004 metadata')
-    }
 
     const vaultCall = encodeRotateAgentURI({
       registry: getAddress(step.registry.identityRegistryAddress),
@@ -447,9 +366,8 @@ async function runOperatorWalletVaultPublicProfileSave(args: {
 type OperatorProfileArtifacts = {
   nextIdentity: EthagentIdentity
   publicSkillsJson: string
-  agentCardUri: string
-  agentUri?: string
-  metadataCid?: string
+  agentUri: string
+  metadataCid: string
 }
 
 async function prepareOperatorProfileArtifacts(args: {
@@ -458,7 +376,6 @@ async function prepareOperatorProfileArtifacts(args: {
   snapshotOwner: Address
   walletAccess: WalletAccessContext
   challengePurpose: WalletChallengePurpose
-  includeMetadata: boolean
 }): Promise<OperatorProfileArtifacts> {
   const { step, wallet, snapshotOwner, walletAccess, challengePurpose } = args
   const {
@@ -523,80 +440,41 @@ async function prepareOperatorProfileArtifacts(args: {
     agentId: step.identity.agentId!,
   }
 
-  let metadataCid: string | undefined
-  let agentUri: string | undefined
-  if (args.includeMetadata) {
-    const registration = withEthagentPointers({
-      type: 'https://eips.ethereum.org/EIPS/eip-8004#registration-v1',
-      name: nextName ?? deriveAgentName(step.identity),
-      ...(nextDescription ? { description: nextDescription } : {}),
-      ...(uploadedImageUri ? { image: uploadedImageUri } : {}),
-    }, {
-      backup: { cid: statePin.cid, envelopeVersion: envelope.envelopeVersion, createdAt: envelope.createdAt },
-      publicDiscovery: { skillsCid: publicSkills.cid, agentCardCid: publicSkills.agentCardCid, updatedAt: publicSkills.updatedAt },
-      registration: { chainId: step.registry.chainId, identityRegistryAddress: step.registry.identityRegistryAddress, agentId: step.identity.agentId },
-      ensName: nextEnsName,
-      operators: operatorsPointerFromState(state, nextEnsName),
-      ownerAddress: snapshotOwner,
-    })
-    const metadataPin = await addToIpfs(DEFAULT_IPFS_API_URL, JSON.stringify(registration, null, 2), fetch, { pinataJwt: step.pinataJwt })
-    assertVerifiedPin(metadataPin)
-    metadataCid = metadataPin.cid
-    agentUri = `ipfs://${metadataCid}`
-  }
+  const registration = withEthagentPointers({
+    type: 'https://eips.ethereum.org/EIPS/eip-8004#registration-v1',
+    name: nextName ?? deriveAgentName(step.identity),
+    ...(nextDescription ? { description: nextDescription } : {}),
+    ...(uploadedImageUri ? { image: uploadedImageUri } : {}),
+  }, {
+    backup: { cid: statePin.cid, envelopeVersion: envelope.envelopeVersion, createdAt: envelope.createdAt },
+    publicDiscovery: { skillsCid: publicSkills.cid, agentCardCid: publicSkills.agentCardCid, updatedAt: publicSkills.updatedAt },
+    registration: { chainId: step.registry.chainId, identityRegistryAddress: step.registry.identityRegistryAddress, agentId: step.identity.agentId },
+    ensName: nextEnsName,
+    operators: operatorsPointerFromState(state, nextEnsName),
+    ownerAddress: snapshotOwner,
+  })
+  const metadataPin = await addToIpfs(DEFAULT_IPFS_API_URL, JSON.stringify(registration, null, 2), fetch, { pinataJwt: step.pinataJwt })
+  assertVerifiedPin(metadataPin)
+  const metadataCid = metadataPin.cid
+  const agentUri = `ipfs://${metadataCid}`
 
-  const nextBackup = agentUri && metadataCid
-    ? { ...backup, metadataCid, agentUri }
-    : backup
   const nextIdentity: EthagentIdentity = {
     ...step.identity,
     state,
-    backup: nextBackup,
+    backup: { ...backup, metadataCid, agentUri },
     publicSkills,
-    ...(agentUri ? { agentUri } : {}),
-    ...(metadataCid ? { metadataCid } : {}),
+    agentUri,
+    metadataCid,
   }
 
   return {
     nextIdentity,
     publicSkillsJson,
-    agentCardUri: `ipfs://${agentCardPin.cid}`,
-    ...(agentUri ? { agentUri } : {}),
-    ...(metadataCid ? { metadataCid } : {}),
+    agentUri,
+    metadataCid,
   }
 }
 
-async function publishOperatorProfileEnsRecord(args: {
-  ensName: string
-  signer: Address
-  registry: Erc8004RegistryConfig
-  agentCardUri: string
-  callbacks: EffectCallbacks
-  session: BrowserWalletSession
-  flowId?: string
-  flowStep?: number
-}): Promise<void> {
-  const ensClient = createMainnetEnsPublicClient()
-  const tx = await runUpdateEnsRecords({
-    fullName: args.ensName,
-    ownerAddress: args.signer,
-    records: { profile: args.agentCardUri },
-    callbacks: args.callbacks,
-    purpose: 'update-profile-operator',
-    tokenChainId: args.registry.chainId,
-    session: args.session,
-    publicClient: ensClient,
-    ...(args.flowId ? { flowId: args.flowId } : {}),
-    ...(typeof args.flowStep === 'number' ? { flowStep: args.flowStep } : {}),
-  })
-  await awaitConfirmedReceipt(
-    ensClient,
-    tx.txHash as Hex,
-    'Public profile ENS record update',
-    { kind: 'public-profile', chainId: 1 },
-  )
-}
-
 async function assertVaultSignerCanRotateAgentUri(args: {
   registry: Erc8004RegistryConfig
   vaultAddress: Address

package/src/identity/hub/effects/rebackup/runRebackup.ts

@@ -63,7 +63,7 @@ import {
   appendResolverSyncWarning,
   markCurrentContinuityFilesPublished,
   resolverSyncWarningMessage,
-  syncResolverApprovalsAfterOwnerSave,
+  syncVaultOperatorsAfterOwnerSave,
 } from '../shared/sync.js'
 import { runOperatorWalletRebackup } from './vault.js'
 
@@ -360,7 +360,7 @@ async function runRebackupSigningInner(
   }
   await recordPublishedContinuitySnapshot({ identity: nextIdentity, label: 'published encrypted snapshot' }).catch(() => null)
   await markCurrentContinuityFilesPublished(nextIdentity).catch(() => null)
-  const resolverSyncWarning = await syncResolverApprovalsAfterOwnerSave({
+  const resolverSyncWarning = await syncVaultOperatorsAfterOwnerSave({
     beforeIdentity: step.identity,
     afterIdentity: nextIdentity,
     registry: step.registry,

package/src/identity/hub/effects/restoreAdmin.ts

@@ -1,24 +1,9 @@
-import { getAddress, type Address } from 'viem'
-import type { EthagentConfig, EthagentIdentity } from '../../../storage/config.js'
+import type { EthagentConfig } from '../../../storage/config.js'
 import { saveConfig } from '../../../storage/config.js'
-import {
-  normalizeErc8004RegistryConfig,
-  type Erc8004RegistryConfig,
-} from '../../registry/erc8004.js'
+import { normalizeErc8004RegistryConfig } from '../../registry/erc8004.js'
 import { registryConfigFromConfig } from '../../registry/registryConfig.js'
-import { readOwnerAddressField } from '../../identityCompat.js'
-import {
-  sendBrowserWalletTransaction,
-} from '../../wallet/browserWallet.js'
-import {
-  encodeResolverApprovalChanges,
-  verifyResolverApprovalsLanded,
-  type RecordsFixPlan,
-} from '../reconciliation/index.js'
 import type { Step } from '../identityHubReducer.js'
 import type { EffectCallbacks } from './types.js'
-import { awaitOptionalReceipt } from './receipts.js'
-import { createMainnetEnsPublicClient } from './ens/transactions.js'
 
 export async function runRestoreRegistrySubmit(
   value: string,
@@ -47,47 +32,3 @@ export async function runRestoreRegistrySubmit(
   }
   callbacks.onStep({ kind: 'restore-discovering', ownerHandle: step.ownerHandle, registry, purpose: step.purpose })
 }
-
-export async function runFixRecordsSubmit(args: {
-  identity: EthagentIdentity
-  registry: Erc8004RegistryConfig
-  plan: RecordsFixPlan
-  callbacks: EffectCallbacks
-}): Promise<void> {
-  const baseState = (args.identity.state ?? {}) as Record<string, unknown>
-  const ensName = args.plan.ensName ?? (typeof baseState.ensName === 'string' ? baseState.ensName.trim() : '')
-  if (!ensName) throw new Error('Cannot fix records: identity has no ENS subdomain')
-  const missing: Address[] = []
-  const stale: Address[] = []
-  for (const item of args.plan.items) {
-    if (item.kind === 'missing-approval') missing.push(item.address)
-    else if (item.kind === 'stale-approval') stale.push(item.address)
-  }
-  if (missing.length === 0 && stale.length === 0) return
-  const encoded = await encodeResolverApprovalChanges({
-    ensName,
-    diff: { added: missing, removed: stale },
-  })
-  if (!encoded) return
-  const ownerAddressRaw = readOwnerAddressField(baseState) ?? args.identity.ownerAddress ?? args.identity.address
-  const ownerAddress = getAddress(ownerAddressRaw)
-  const tx = await sendBrowserWalletTransaction({
-    chainId: 1,
-    expectedAccount: ownerAddress,
-    to: encoded.resolverAddress,
-    data: encoded.data,
-    onReady: args.callbacks.onWalletReady,
-    purpose: 'reconcile-resolver-approvals',
-  })
-  args.callbacks.onWalletReady(null)
-  const client = createMainnetEnsPublicClient()
-  await awaitOptionalReceipt(client, tx.txHash, 'Resolver approval reconciliation')
-  await verifyResolverApprovalsLanded({
-    ensName,
-    ownerAddress: ownerAddress,
-    resolverAddress: encoded.resolverAddress,
-    added: encoded.added,
-    removed: encoded.removed,
-    client,
-  })
-}

package/src/identity/hub/effects/shared/sync.ts

@@ -9,14 +9,9 @@ import {
   encodeSetMetadataOperator,
   readMetadataOperators,
 } from '../../../registry/vault.js'
-import {
-  sendBrowserWalletTransaction,
-  type WalletPurpose,
-} from '../../../wallet/browserWallet.js'
+import { sendBrowserWalletTransaction } from '../../../wallet/browserWallet.js'
 import {
   computeApprovalDiff,
-  encodeResolverApprovalChanges,
-  verifyResolverApprovalsLanded,
   type ApprovalDiff,
 } from '../../reconciliation/index.js'
 import { normalizeApprovedOperatorWallets } from '../../operatorWallets.js'
@@ -24,8 +19,7 @@ import { readOwnerAddressField } from '../../../identityCompat.js'
 import { localContinuitySnapshotContentHashes } from '../../../continuity/storage.js'
 import { updatePublishedContinuitySnapshotContentHashes } from '../../../continuity/snapshots.js'
 import type { EffectCallbacks } from '../types.js'
-import { awaitConfirmedReceipt, awaitOptionalReceipt } from '../receipts.js'
-import { createMainnetEnsPublicClient } from '../ens/transactions.js'
+import { awaitConfirmedReceipt } from '../receipts.js'
 
 export function resolverSyncWarningMessage(err: unknown): string {
   return err instanceof Error ? err.message : String(err)
@@ -36,7 +30,7 @@ export function appendResolverSyncWarning(message: string, warning: string | nul
   return `${message}\n\nWarning: ${warning}`
 }
 
-export async function syncResolverApprovalsAfterOwnerSave(args: {
+export async function syncVaultOperatorsAfterOwnerSave(args: {
   beforeIdentity: EthagentIdentity
   afterIdentity: EthagentIdentity
   registry: Erc8004RegistryConfig
@@ -45,7 +39,6 @@ export async function syncResolverApprovalsAfterOwnerSave(args: {
 }): Promise<void> {
   const beforeState = (args.beforeIdentity.state ?? {}) as Record<string, unknown>
   const afterState = (args.afterIdentity.state ?? {}) as Record<string, unknown>
-  const ensName = typeof afterState.ensName === 'string' ? afterState.ensName.trim() : ''
   const before = normalizeApprovedOperatorWallets(beforeState.approvedOperatorWallets)
   const after = normalizeApprovedOperatorWallets(afterState.approvedOperatorWallets)
   const diff = computeApprovalDiff(before, after)
@@ -54,40 +47,6 @@ export async function syncResolverApprovalsAfterOwnerSave(args: {
   const ownerAddressRaw = readOwnerAddressField(afterState) ?? args.afterIdentity.ownerAddress ?? args.afterIdentity.address
   const ownerAddress = getAddress(ownerAddressRaw)
 
-  if (ensName) {
-    let encoded
-    try {
-      encoded = await encodeResolverApprovalChanges({ ensName, diff })
-    } catch {
-      encoded = null
-    }
-    if (encoded) {
-      const purpose: WalletPurpose = diff.removed.length > 0 && diff.added.length === 0
-        ? 'revoke-operator-wallet-resolver'
-        : 'authorize-operator-wallet-resolver'
-
-      const tx = await sendBrowserWalletTransaction({
-        chainId: 1,
-        expectedAccount: ownerAddress,
-        to: encoded.resolverAddress,
-        data: encoded.data,
-        onReady: args.callbacks.onWalletReady,
-        purpose,
-      })
-      args.callbacks.onWalletReady(null)
-      const client = createMainnetEnsPublicClient()
-      await awaitOptionalReceipt(client, tx.txHash, 'Resolver delegation sync')
-      await verifyResolverApprovalsLanded({
-        ensName,
-        ownerAddress: ownerAddress,
-        resolverAddress: encoded.resolverAddress,
-        added: encoded.added,
-        removed: encoded.removed,
-        client,
-      })
-    }
-  }
-
   await syncVaultMetadataOperatorsAfterOwnerSave({
     afterIdentity: args.afterIdentity,
     registry: args.registry,

package/src/identity/hub/flows/custody/CustodyEditFlow.tsx

@@ -15,11 +15,7 @@ import { ensValidationReasonText, selectEnsStatus } from '../../model/ens.js'
 import { shortAddress } from '../../model/format.js'
 import { lastBackupLabel } from '../../model/identity.js'
 import {
-  describeFixPlanItem,
-  fixPlanRequiresOwnerWallet,
-  reconcileWalletSetup,
   type AgentReconciliation,
-  type RecordsFixPlan,
 } from '../../reconciliation/index.js'
 
 const footerHint = (hint: string) => <Text color={theme.dim}>{hint}</Text>
@@ -37,7 +33,6 @@ interface CustodyEditFlowProps {
   onReturnToVault: (returnTo: Step, vaultAddress: Address) => void
   onResumeAdvanced: (returnTo: Step) => void
   onManageOperatorWallets: () => void
-  onFixRecords: (plan: RecordsFixPlan) => void
   onPrepareTransfer: () => void
   onBack: () => void
 }
@@ -59,7 +54,6 @@ export const CustodyEditFlow: React.FC<CustodyEditFlowProps> = ({
   onReturnToVault,
   onResumeAdvanced,
   onManageOperatorWallets,
-  onFixRecords,
   onPrepareTransfer,
   onBack,
 }) => {
@@ -77,19 +71,8 @@ export const CustodyEditFlow: React.FC<CustodyEditFlowProps> = ({
   const tokenLabel = identity.agentId ? `Token #${identity.agentId}` : 'Token #unknown'
   const tokenOwner = identity.ownerAddress ?? identity.address
 
-  const [fixPlan, setFixPlan] = React.useState<RecordsFixPlan | null>(null)
-  React.useEffect(() => {
-    if (step.kind !== 'custody-model') return
-    if (custodyMode !== 'advanced') return
-    let cancelled = false
-    reconcileWalletSetup({ identity, registry })
-      .then(plan => { if (!cancelled) setFixPlan(plan) })
-      .catch(() => { if (!cancelled) setFixPlan(null) })
-    return () => { cancelled = true }
-  }, [identity, registry, step.kind, custodyMode])
-
   if (step.kind === 'custody-model') {
-    type Action = 'switch-advanced' | 'switch-simple' | 'resume-advanced' | 'cancel-advanced' | 'withdraw-token' | 'return-to-vault' | 'manage-operator-wallets' | 'fix-records' | 'back'
+    type Action = 'switch-advanced' | 'switch-simple' | 'resume-advanced' | 'cancel-advanced' | 'withdraw-token' | 'return-to-vault' | 'manage-operator-wallets' | 'back'
     const onChainCustody = reconciliation?.custody
     const midFlow = onChainCustody === 'mid-flow-uri-pending'
     const isAdvanced = onChainCustody === 'advanced' || midFlow || custodyMode === 'advanced'
@@ -149,15 +132,6 @@ export const CustodyEditFlow: React.FC<CustodyEditFlowProps> = ({
         hint: 'Add or revoke wallets that can publish updates onchain.',
       })
     }
-    const hasFixablePlan = fixPlan !== null && fixPlanRequiresOwnerWallet(fixPlan)
-    if (hasFixablePlan) {
-      options.push({ value: 'fix-records', role: 'section', label: 'Records Out Of Sync' })
-      options.push({
-        value: 'fix-records',
-        label: 'Fix Records (Owner Wallet)',
-        hint: 'Sync ENS resolver approvals with the operator wallet list.',
-      })
-    }
     options.push({ value: 'back', role: 'section', label: 'Navigation' })
     options.push({ value: 'back', label: 'Back', hint: 'Return to Identity Hub', role: 'utility' })
     const notice = step.kind === 'custody-model' ? step.notice : undefined
@@ -201,14 +175,6 @@ export const CustodyEditFlow: React.FC<CustodyEditFlowProps> = ({
             return <Row label="Last Saved" value={lastBackup} muted={lastBackup === 'never'} />
           })()}
         </Box>
-        {fixPlan && fixPlan.items.length > 0 ? (
-          <Box marginTop={1} flexDirection="column">
-            <Text color={theme.accentPeriwinkle} bold>Records out of sync:</Text>
-            {fixPlan.items.map((item, idx) => (
-              <Text key={idx} color={theme.dim}>· {describeFixPlanItem(item)}</Text>
-            ))}
-          </Box>
-        ) : null}
         <Box marginTop={1}>
           <Select<Action>
             options={options}
@@ -226,10 +192,6 @@ export const CustodyEditFlow: React.FC<CustodyEditFlowProps> = ({
                 onSetStep({ kind: 'custody-simple-confirm', identity, registry, returnTo })
                 return
               }
-              if (choice === 'fix-records') {
-                if (fixPlan) onFixRecords(fixPlan)
-                return
-              }
               if (choice === 'switch-advanced') {
                 onSetStep({ kind: 'custody-advanced-confirm', identity, registry, returnTo })
                 return

package/src/identity/hub/flows/custody/custodyFlowActions.ts

@@ -16,7 +16,7 @@ export function createCustodyFlowActions({
 }: CustodyFlowDeps): {
   beginVaultDeposit: (currentStep: Step, returnTo: Step, profileUpdates: ProfileUpdates) => void
   beginVaultUnwrap: (currentStep: Step, returnTo: Step, profileUpdates: ProfileUpdates) => void
-  beginWithdrawToken: (currentStep: Step, returnTo: Step) => void
+  beginWithdrawToken: (currentStep: Step, returnTo: Step, returnContext?: 'ens' | 'simple-exit') => void
   beginReturnToVault: (currentStep: Step, returnTo: Step, vaultAddress: Address) => void
 } {
   const beginVaultDeposit = (currentStep: Step, returnTo: Step, profileUpdates: ProfileUpdates): void => {
@@ -122,8 +122,8 @@ export function createCustodyFlowActions({
     })()
   }
 
-  const beginWithdrawToken = (currentStep: Step, returnTo: Step): void => {
-    if (!isCustodyEditStep(currentStep)) return
+  const beginWithdrawToken = (currentStep: Step, returnTo: Step, returnContext?: 'ens' | 'simple-exit'): void => {
+    if (!isCustodyEditStep(currentStep) && currentStep.kind !== 'edit-profile-ens') return
     const vaultAddress = resolveVaultAddress(currentStep.identity, config?.erc8004?.operatorVaults)
     if (!vaultAddress) {
       handleStepError(
@@ -147,6 +147,7 @@ export function createCustodyFlowActions({
       registry: currentStep.registry,
       vaultAddress,
       returnTo,
+      ...(returnContext ? { returnContext } : {}),
     })
     ;(async () => {
       const client = createErc8004PublicClient(currentStep.registry)
@@ -172,6 +173,7 @@ export function createCustodyFlowActions({
             vaultAddress,
             agentId: activeAgentId,
             returnTo,
+            ...(returnContext ? { returnContext } : {}),
           })
           return
         }

package/src/identity/hub/flows/custody/custodyFlowTypes.ts

@@ -35,7 +35,7 @@ export interface CustodyFlowDeps {
 export interface CustodyFlow {
   beginVaultDeposit: (currentStep: Step, returnTo: Step, profileUpdates: ProfileUpdates) => void
   beginVaultUnwrap: (currentStep: Step, returnTo: Step, profileUpdates: ProfileUpdates) => void
-  beginWithdrawToken: (currentStep: Step, returnTo: Step) => void
+  beginWithdrawToken: (currentStep: Step, returnTo: Step, returnContext?: 'ens' | 'simple-exit') => void
   beginReturnToVault: (currentStep: Step, returnTo: Step, vaultAddress: Address) => void
   renderCustodyStep: () => React.ReactElement | null
   renderRebackupSubtitle: (