project access token migration

Author: d4mr

apps/dashboard/src/app/(app)/team/[team_slug]/[project_slug]/(sidebar)/components/ProjectSidebarLayout.tsx

@@ -48,7 +48,11 @@ export function ProjectSidebarLayout(props: {
             {
               href: `${props.layoutPath}/transactions`,
               icon: ArrowLeftRightIcon,
-              label: "Transactions",
+              label: (
+                <span className="flex items-center gap-2">
+                  Transactions <Badge>New</Badge>
+                </span>
+              ),
             },
             {
               href: `${props.layoutPath}/contracts`,
@@ -81,11 +85,7 @@ export function ProjectSidebarLayout(props: {
             {
               href: `${props.layoutPath}/tokens`,
               icon: TokenIcon,
-              label: (
-                <span className="flex items-center gap-2">
-                  Tokens <Badge>New</Badge>
-                </span>
-              ),
+              label: "Tokens",
             },
           ],
         },

apps/dashboard/src/app/(app)/team/[team_slug]/[project_slug]/(sidebar)/transactions/analytics/send-test-solana-tx.client.tsx

@@ -3,6 +3,7 @@ import { zodResolver } from "@hookform/resolvers/zod";
 import { useMutation, useQueryClient } from "@tanstack/react-query";
 import { ExternalLinkIcon, Loader2Icon, LockIcon } from "lucide-react";
 import Link from "next/link";
+import { useQueryState } from "nuqs";
 import { useState } from "react";
 import { useForm } from "react-hook-form";
 import { toast } from "sonner";
@@ -50,6 +51,9 @@ function SendTestSolanaTransactionModal(props: {
   onOpenChange: (open: boolean) => void;
 }) {
   const queryClient = useQueryClient();
+  const [, setTxChain] = useQueryState("txChain", {
+    history: "push",
+  });
 
   const form = useForm<FormValues>({
     defaultValues: {
@@ -122,6 +126,8 @@ function SendTestSolanaTransactionModal(props: {
     },
     onSuccess: () => {
       toast.success("Test Solana transaction sent successfully!");
+      // Set the transaction chain to solana so the table switches
+      setTxChain("solana");
       // Close the modal after successful transaction
       setTimeout(() => {
         props.onOpenChange(false);

apps/dashboard/src/app/(app)/team/[team_slug]/[project_slug]/(sidebar)/transactions/components/server-wallets-table.client.tsx

@@ -61,6 +61,7 @@ import { updateDefaultProjectWallet } from "../lib/vault.client";
 import CreateServerWallet from "../server-wallets/components/create-server-wallet.client";
 import type { Wallet as EVMWallet } from "../server-wallets/wallet-table/types";
 import { CreateSolanaWallet } from "../solana-wallets/components/create-solana-wallet.client";
+import { UpgradeSolanaPermissions } from "../solana-wallets/components/upgrade-solana-permissions.client";
 import type { SolanaWallet } from "../solana-wallets/wallet-table/types";
 
 type WalletChain = "evm" | "solana";
@@ -154,6 +155,7 @@ export function ServerWalletsTable(props: ServerWalletsTableProps) {
                   managementAccessToken={managementAccessToken}
                   project={project}
                   teamSlug={teamSlug}
+                  disabled={solanaPermissionError}
                 />
               )}
             </div>
@@ -211,7 +213,9 @@ export function ServerWalletsTable(props: ServerWalletsTableProps) {
 
         {/* Table Content */}
         {activeChain === "solana" && solanaPermissionError ? (
-          <SolanaPermissionMessage teamSlug={teamSlug} />
+          <div className="p-6">
+            <UpgradeSolanaPermissions project={project} />
+          </div>
         ) : (
           <>
             <TableContainer className="rounded-none border-x-0 border-b-0">
@@ -315,32 +319,6 @@ export function ServerWalletsTable(props: ServerWalletsTableProps) {
   );
 }
 
-// Solana Permission Error Message
-function SolanaPermissionMessage({ teamSlug }: { teamSlug: string }) {
-  return (
-    <div className="p-8 flex flex-col items-center justify-center text-center gap-4 border-t">
-      <div className="p-3 rounded-full bg-warning/10 border border-warning/50">
-        <XIcon className="size-6 text-warning" />
-      </div>
-      <div className="max-w-md">
-        <h3 className="font-semibold text-lg mb-2">
-          Solana Access Not Available
-        </h3>
-        <p className="text-muted-foreground text-sm mb-4">
-          This project doesn't have access to Solana functionality. To use
-          Solana server wallets, please create a new project with Solana support
-          enabled.
-        </p>
-        <Link href={`/team/${teamSlug}`}>
-          <Button variant="default" className="rounded-full">
-            Create New Project
-          </Button>
-        </Link>
-      </div>
-    </div>
-  );
-}
-
 // Wallets Pagination Component
 function WalletsPagination({
   activeChain,

apps/dashboard/src/app/(app)/team/[team_slug]/[project_slug]/(sidebar)/transactions/components/transactions-table.client.tsx

@@ -4,6 +4,7 @@ import { keepPreviousData, useQuery } from "@tanstack/react-query";
 import { format, formatDistanceToNowStrict } from "date-fns";
 import { ExternalLinkIcon, InfoIcon } from "lucide-react";
 import Link from "next/link";
+import { useQueryState } from "nuqs";
 import { useId, useState } from "react";
 import type { ThirdwebClient } from "thirdweb";
 import { engineCloudProxy } from "@/actions/proxies";
@@ -66,7 +67,17 @@ export function UnifiedTransactionsTable({
   client,
 }: UnifiedTransactionsTableProps) {
   const router = useDashboardRouter();
-  const [activeChain, setActiveChain] = useState<TransactionChain>("evm");
+
+  // Use nuqs to manage chain selection in URL - this is the source of truth
+  const [activeChainParam, setActiveChainParam] = useQueryState("txChain", {
+    defaultValue: "evm",
+    history: "push",
+  });
+
+  const activeChain = (activeChainParam || "evm") as TransactionChain;
+  const setActiveChain = (chain: TransactionChain) =>
+    setActiveChainParam(chain);
+
   const [autoUpdate, setAutoUpdate] = useState(true);
   const [status, setStatus] = useState<
     TransactionStatus | SolanaTransactionStatus | undefined

apps/dashboard/src/app/(app)/team/[team_slug]/[project_slug]/(sidebar)/transactions/lib/vault.client.ts

@@ -1,6 +1,6 @@
 "use client";
 
-import { encrypt } from "@thirdweb-dev/service-utils";
+import { decrypt, encrypt } from "@thirdweb-dev/service-utils";
 import {
   createAccessToken,
   createEoa,
@@ -795,6 +795,187 @@ async function createManagementAccessToken(props: {
   });
 }
 
+/**
+ * Upgrades existing access tokens to include Solana permissions
+ * This is needed when a project was created before Solana support was added
+ *
+ * Returns an object with success/error instead of throwing for Next.js server actions
+ */
+export async function upgradeAccessTokensForSolana(props: {
+  project: Project;
+  projectSecretKey?: string;
+}): Promise<{
+  success: boolean;
+  error?: string;
+  data?: {
+    managementToken: string;
+    walletToken?: string;
+  };
+}> {
+  const { project, projectSecretKey } = props;
+
+  try {
+    // Find the engineCloud service
+    const engineCloudService = project.services.find(
+      (service) => service.name === "engineCloud",
+    );
+
+    if (!engineCloudService) {
+      return {
+        success: false,
+        error: "No engineCloud service found on project",
+      };
+    }
+
+    const vaultClient = await initVaultClient();
+    const hasEncryptedAdminKey = !!engineCloudService.encryptedAdminKey;
+
+    // Check if this is an ejected vault (no encrypted admin key stored)
+    if (!hasEncryptedAdminKey) {
+      // For ejected vaults, we only need to update the management token
+      // User manages their own admin key, so we can't create wallet tokens
+
+      // We need the admin key from the user
+      if (!projectSecretKey) {
+        return {
+          success: false,
+          error: "Admin key required. Please enter your vault admin key.",
+        };
+      }
+
+      // For ejected vault, the "secret key" parameter is actually the admin key
+      const managementTokenResult = await createManagementAccessToken({
+        project,
+        adminKey: projectSecretKey,
+        vaultClient,
+      });
+
+      if (!managementTokenResult.success) {
+        return {
+          success: false,
+          error: `Failed to create management token: ${managementTokenResult.error}`,
+        };
+      }
+
+      // Update only the management token for ejected vaults
+      // Keep everything else the same (no encrypted keys to update)
+      await updateProjectClient(
+        {
+          projectId: project.id,
+          teamId: project.teamId,
+        },
+        {
+          services: [
+            ...project.services.filter(
+              (service) => service.name !== "engineCloud",
+            ),
+            {
+              ...engineCloudService,
+              managementAccessToken: managementTokenResult.data.accessToken,
+            },
+          ],
+        },
+      );
+
+      return {
+        success: true,
+        data: {
+          managementToken: managementTokenResult.data.accessToken,
+        },
+      };
+    }
+
+    // For non-ejected vaults (with encrypted admin key)
+    if (!projectSecretKey) {
+      return {
+        success: false,
+        error: "Project secret key is required to upgrade tokens",
+      };
+    }
+
+    // Verify the project secret key
+    const projectSecretKeyHash = await hashSecretKey(projectSecretKey);
+    if (!project.secretKeys.some((key) => key?.hash === projectSecretKeyHash)) {
+      return {
+        success: false,
+        error: "Invalid project secret key",
+      };
+    }
+
+    // Decrypt the admin key (we know it exists from the hasEncryptedAdminKey check)
+    const adminKey = await decrypt(
+      engineCloudService.encryptedAdminKey as string,
+      projectSecretKey,
+    );
+
+    // Create new tokens with Solana permissions
+    const [managementTokenResult, walletTokenResult] = await Promise.all([
+      createManagementAccessToken({ project, adminKey, vaultClient }),
+      createWalletAccessToken({ project, adminKey, vaultClient }),
+    ]);
+
+    if (!managementTokenResult.success) {
+      return {
+        success: false,
+        error: `Failed to create management token: ${managementTokenResult.error}`,
+      };
+    }
+
+    if (!walletTokenResult.success) {
+      return {
+        success: false,
+        error: `Failed to create wallet token: ${walletTokenResult.error}`,
+      };
+    }
+
+    const managementToken = managementTokenResult.data;
+    const walletToken = walletTokenResult.data;
+
+    // Encrypt the new wallet token
+    const [encryptedAdminKey, encryptedWalletAccessToken] = await Promise.all([
+      encrypt(adminKey, projectSecretKey),
+      encrypt(walletToken.accessToken, projectSecretKey),
+    ]);
+
+    // Update the project with new tokens
+    await updateProjectClient(
+      {
+        projectId: project.id,
+        teamId: project.teamId,
+      },
+      {
+        services: [
+          ...project.services.filter(
+            (service) => service.name !== "engineCloud",
+          ),
+          {
+            ...engineCloudService,
+            managementAccessToken: managementToken.accessToken,
+            encryptedAdminKey,
+            encryptedWalletAccessToken,
+          },
+        ],
+      },
+    );
+
+    return {
+      success: true,
+      data: {
+        managementToken: managementToken.accessToken,
+        walletToken: walletToken.accessToken,
+      },
+    };
+  } catch (error) {
+    return {
+      success: false,
+      error:
+        error instanceof Error
+          ? error.message
+          : "Failed to upgrade access tokens",
+    };
+  }
+}
+
 export function maskSecret(secret: string) {
   return `${secret.substring(0, 11)}...${secret.substring(secret.length - 5)}`;
 }

apps/dashboard/src/app/(app)/team/[team_slug]/[project_slug]/(sidebar)/transactions/page.tsx

@@ -15,6 +15,8 @@ import type { Wallet } from "./server-wallets/wallet-table/types";
 import { listSolanaAccounts } from "./solana-wallets/lib/vault.client";
 import type { SolanaWallet } from "./solana-wallets/wallet-table/types";
 
+export const dynamic = "force-dynamic";
+
 export default async function TransactionsAnalyticsPage(props: {
   params: Promise<{ team_slug: string; project_slug: string }>;
   searchParams: Promise<{