update protos to latest

[insipx]

Update generated protobuf and gRPC code across Go and Swift to the latest proto definitions

Regenerate protobuf and gRPC artifacts across the repository; add new messages (PayerReport, NodeSignature, etc.), new RPCs (ReplicationApi.GetNewestEnvelope, PayerApi.GetNodes), add Metadata API and device_sync proto types, and bump protoc-gen-go output format in multiple Go files.

📍Where to Start

Start by reviewing the regenerated Go protobuf/gRPC surface for message API in pkg/proto/xmtpv4/message_api/message_api_grpc.pb.go and the new envelopes types in pkg/proto/xmtpv4/envelopes/payer_report.pb.go.

---

Macroscope summarized 48c2f4c.

Summary by CodeRabbit

• New Features

  • Added device synchronization backup support with capabilities for messaging, consent, events, and group backups.
  • Introduced passkey authentication support for identity management.

• Refactor

  • Updated identity model to support identifier-based approaches alongside traditional address-based methods.
  • Reorganized internal protocol buffer definitions for improved data structure handling.

• Tests

  • Removed listener test suite.

[coderabbitai]

Walkthrough

The PR removes a Go listener test file and adds six new generated Swift protobuf files for device sync backup models. It also refactors identity-related Swift protobuf files to use bytecode-based name maps, rename address-based fields to identifier-based terminology, and introduce passkey signature support.

Changes

Cohort / File(s)	Summary
Go test removal pkg/xmtp/listener_test.go	Deleted test suite for Listener with test cases (BasicDelivery, MultipleDeliveries), helper functions (buildTestListener, sendMessage, subscribeToTopic), and test constants.
Device sync protobuf models swift/device_sync/consent_backup.pb.swift, swift/device_sync/content.pb.swift, swift/device_sync/device_sync.pb.swift, swift/device_sync/event_backup.pb.swift, swift/device_sync/group_backup.pb.swift, swift/device_sync/message_backup.pb.swift	Six new generated Swift protobuf files defining message types, enums, and SwiftProtobuf conformance extensions for device sync backup schemas (consent, content, device sync core, event, group, and message backups).
Identity API updates swift/identity/api/v1/identity.pb.swift	Refactored GetInboxIdsRequest/Response to replace address field with identifier and added identifierKind field; updated VerifySmartContractWalletSignatureRequestSignature conformance from @unchecked Sendable to Sendable; migrated _protobuf_nameMap to bytecode-based initialization.
Identity associations refactoring swift/identity/associations/association.pb.swift	Major refactoring replacing address-based terminology with identifier-based across multiple types (CreateInbox, AddAssociation, RevokeAssociation, ChangeRecoveryAddress, AssociationState); added passkey support via new Passkey struct and IdentifierKind enum; transitioned _protobuf_nameMap declarations to bytecode initialization.
Identity signature support swift/identity/associations/signature.pb.swift	Added new RecoverablePasskeySignature struct; extended Signature oneof to include passkey case; updated signature types conformance from @unchecked Sendable to Sendable; migrated all _protobuf_nameMap to bytecode-based initialization.
Identity credential swift/identity/api/v1/identity.connect.swift	Added header comments (swift-format-ignore-file, swiftlint disable).
Credential name map swift/identity/credential.pb.swift	Converted _protobuf_nameMap from dictionary-style to bytecode-based initializer for MlsCredential.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Areas requiring extra attention:

• swift/identity/associations/association.pb.swift: Extensive field renames from address-based to identifier-based (initialAddress → initialIdentifier, recoveryAddress → recoveryIdentifier, etc.) and introduction of passkey fields across multiple message types; verify decoding/traversal logic correctly handles all renamed fields and new oneof branches.
• swift/identity/api/v1/identity.pb.swift: GetInboxIdsRequest/Response field replacement (address → identifier) with added identifierKind field; ensure protobuf field numbering and decoding mappings are correct.
• swift/identity/associations/signature.pb.swift: New passkey signature variant added to existing oneof; review oneof conflict handling and traversal logic in decoding path.
• Device sync protobuf files: While generated and repetitive, verify that all six files correctly implement decoding, traversal, and equality semantics, and that proto package names and field numbering match the underlying proto definitions.

Poem

🐰 Six backup schemas bloom in Swift so bright,
Address gives way to identifiers' light,
Passpkeys now join the signature band,
Bytecode name maps across the land—
Generated files help sync take flight! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 21.99% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.
Title check	❓ Inconclusive	The title 'update protos to latest' is vague and generic, using non-descriptive language that does not convey meaningful information about the specific changes in the changeset.	Provide a more specific title that describes the main changes, such as 'Add device sync protobuf definitions' or 'Update identity associations with identifier-based workflow' to clarify the primary intent.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch insipx/update-protos

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

swift/identity/api/v1/identity.pb.swift (1)

230-256: Identifier + identifierKind changes for GetInboxIds are wired correctly (note docstring wording)

The migration of GetInboxIdsRequest.Request and GetInboxIdsResponse.Response to use:

• identifier: String
• identifierKind: Xmtp_Identity_Associations_IdentifierKind

is consistently reflected across the struct definitions, _protobuf_nameMap bytecode, decodeMessage, traverse, and == implementations. Field numbers (1 → identifier, 2 → identifierKind on the request; 1 → identifier, 2 → inbox_id, 3 → identifier_kind on the response) line up correctly, so on-the-wire compatibility is preserved while the Swift API surface moves from “address” to generic identifiers.

One minor nit: the surrounding comments still speak about “addresses”; if that’s no longer accurate for the updated proto schema, consider updating the .proto comments upstream so future regenerations reflect the new terminology here.

Also applies to: 259-295, 711-744, 776-817

swift/device_sync/message_backup.pb.swift (1)

3-3: SwiftLint blanket disable in generated file

Since this file is generator‑owned (// DO NOT EDIT.), the swiftlint:disable all pragma is expected. If the SwiftLint warning is noisy, prefer excluding your generated Swift proto paths in .swiftlint.yml rather than touching the generated source.

swift/identity/associations/association.pb.swift (1)

187-191: Docs still use “address” terminology where fields are now identifier‑based

A few comments (e.g., around CreateInbox and RevokeAssociation/ChangeRecoveryAddress) still talk about “recovery address” even though the fields have been renamed to identifiers and now support passkeys. Consider updating the proto comments so the generated Swift docs match the new identifier semantics and avoid confusion for consumers.

Also applies to: 286-291, 318-321

swift/device_sync/content.pb.swift (1)

1-4: Handle SwiftLint blanket disable via configuration for generated files

SwiftLint is flagging the // swiftlint:disable all directive. Since this file is generated (// DO NOT EDIT.), it's better not to change it manually. Instead, consider excluding *.pb.swift (or this path) from SwiftLint in your configuration, or explicitly allowing blanket disables for generated code, so you avoid churn on regenerated files while keeping lint rules strict for hand-written sources.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4185cda and 48c2f4c.

⛔ Files ignored due to path filters (58)

• integration/gen/notifications/v1/service_pb.d.ts is excluded by !**/gen/**
• integration/gen/notifications/v1/service_pb.js is excluded by !**/gen/**
• pkg/proto/device_sync/consent_backup.pb.go is excluded by !**/*.pb.go
• pkg/proto/device_sync/content.pb.go is excluded by !**/*.pb.go
• pkg/proto/device_sync/device_sync.pb.go is excluded by !**/*.pb.go
• pkg/proto/device_sync/event_backup.pb.go is excluded by !**/*.pb.go
• pkg/proto/device_sync/group_backup.pb.go is excluded by !**/*.pb.go
• pkg/proto/device_sync/message_backup.pb.go is excluded by !**/*.pb.go
• pkg/proto/identity/api/v1/identity.pb.go is excluded by !**/*.pb.go
• pkg/proto/identity/associations/association.pb.go is excluded by !**/*.pb.go
• pkg/proto/identity/associations/signature.pb.go is excluded by !**/*.pb.go
• pkg/proto/identity/credential.pb.go is excluded by !**/*.pb.go
• pkg/proto/keystore_api/v1/keystore.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_api/v1/authn.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_api/v1/message_api.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/ciphertext.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/composite.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/contact.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/content.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/conversation_reference.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/ecies.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/frames.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/invitation.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/message.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/private_key.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/private_preferences.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/public_key.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/signature.pb.go is excluded by !**/*.pb.go
• pkg/proto/message_contents/signed_payload.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/api/v1/mls.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/api/v1/mls_grpc.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/database/intents.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/database/task.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/commit_log.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/content.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/content_types/leave_request.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/content_types/multi_remote_attachment.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/content_types/reaction.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/content_types/wallet_send_calls.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/group_membership.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/group_metadata.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/group_mutable_metadata.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/group_permissions.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/oneshot.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/transcript_messages.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/welcome_pointer.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls/message_contents/wrapper_encryption.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls_validation/v1/service.pb.go is excluded by !**/*.pb.go
• pkg/proto/mls_validation/v1/service_grpc.pb.go is excluded by !**/*.pb.go
• pkg/proto/xmtpv4/envelopes/envelopes.pb.go is excluded by !**/*.pb.go
• pkg/proto/xmtpv4/envelopes/payer_report.pb.go is excluded by !**/*.pb.go
• pkg/proto/xmtpv4/message_api/message_api.pb.go is excluded by !**/*.pb.go
• pkg/proto/xmtpv4/message_api/message_api_grpc.pb.go is excluded by !**/*.pb.go
• pkg/proto/xmtpv4/message_api/misbehavior_api.pb.go is excluded by !**/*.pb.go
• pkg/proto/xmtpv4/metadata_api/metadata_api.pb.go is excluded by !**/*.pb.go
• pkg/proto/xmtpv4/metadata_api/metadata_api_grpc.pb.go is excluded by !**/*.pb.go
• pkg/proto/xmtpv4/payer_api/payer_api.pb.go is excluded by !**/*.pb.go
• pkg/proto/xmtpv4/payer_api/payer_api_grpc.pb.go is excluded by !**/*.pb.go

📒 Files selected for processing (12)

• pkg/xmtp/listener_test.go (0 hunks)
• swift/device_sync/consent_backup.pb.swift (1 hunks)
• swift/device_sync/content.pb.swift (1 hunks)
• swift/device_sync/device_sync.pb.swift (1 hunks)
• swift/device_sync/event_backup.pb.swift (1 hunks)
• swift/device_sync/group_backup.pb.swift (1 hunks)
• swift/device_sync/message_backup.pb.swift (1 hunks)
• swift/identity/api/v1/identity.connect.swift (1 hunks)
• swift/identity/api/v1/identity.pb.swift (18 hunks)
• swift/identity/associations/association.pb.swift (23 hunks)
• swift/identity/associations/signature.pb.swift (13 hunks)
• swift/identity/credential.pb.swift (1 hunks)

💤 Files with no reviewable changes (1)

• pkg/xmtp/listener_test.go

🧰 Additional context used

🧬 Code graph analysis (9)

swift/device_sync/group_backup.pb.swift (1)

swift/device_sync/device_sync.pb.swift (9)

• decodeMessage (213-287)
• decodeMessage (331-344)
• decodeMessage (380-392)
• traverse (289-318)
• traverse (346-364)
• traverse (394-409)
• lhs (320-324)
• lhs (366-373)
• lhs (411-417)

swift/device_sync/device_sync.pb.swift (2)

swift/device_sync/content.pb.swift (18)

• decodeMessage (282-343)
• decodeMessage (383-393)
• decodeMessage (413-423)
• decodeMessage (443-478)
• decodeMessage (510-520)
• decodeMessage (540-551)
• decodeMessage (575-588)
• decodeMessage (624-639)
• decodeMessage (683-700)
• traverse (345-370)
• traverse (395-400)
• traverse (425-430)
• traverse (480-497)
• traverse (522-527)
• traverse (553-561)
• traverse (590-608)
• traverse (641-665)
• traverse (702-711)

swift/device_sync/group_backup.pb.swift (6)

• decodeMessage (343-370)
• decodeMessage (460-472)
• decodeMessage (500-510)
• traverse (372-425)
• traverse (474-485)
• traverse (512-517)

swift/identity/api/v1/identity.pb.swift (1)

swift/identity/associations/association.pb.swift (36)

• decodeMessage (525-563)
• decodeMessage (599-610)
• decodeMessage (638-651)
• decodeMessage (687-701)
• decodeMessage (741-754)
• decodeMessage (790-801)
• decodeMessage (829-842)
• decodeMessage (878-939)
• decodeMessage (979-991)
• decodeMessage (1019-1030)
• decodeMessage (1058-1073)
• decodeMessage (1117-1128)
• traverse (565-586)
• traverse (612-624)
• traverse (653-671)
• traverse (703-724)
• traverse (756-774)
• traverse (803-815)
• traverse (844-862)
• traverse (941-966)
• traverse (993-1004)
• traverse (1032-1044)
• traverse (1075-1099)
• traverse (1130-1138)
• lhs (588-592)
• lhs (626-631)
• lhs (673-680)
• lhs (726-734)
• lhs (776-783)
• lhs (817-822)
• lhs (864-871)
• lhs (968-972)
• lhs (1006-1012)
• lhs (1046-1051)
• lhs (1101-1110)
• lhs (1140-1145)

swift/device_sync/consent_backup.pb.swift (2)

swift/device_sync/content.pb.swift (18)

• decodeMessage (282-343)
• decodeMessage (383-393)
• decodeMessage (413-423)
• decodeMessage (443-478)
• decodeMessage (510-520)
• decodeMessage (540-551)
• decodeMessage (575-588)
• decodeMessage (624-639)
• decodeMessage (683-700)
• traverse (345-370)
• traverse (395-400)
• traverse (425-430)
• traverse (480-497)
• traverse (522-527)
• traverse (553-561)
• traverse (590-608)
• traverse (641-665)
• traverse (702-711)

swift/device_sync/device_sync.pb.swift (6)

• decodeMessage (213-287)
• decodeMessage (331-344)
• decodeMessage (380-392)
• traverse (289-318)
• traverse (346-364)
• traverse (394-409)

swift/device_sync/event_backup.pb.swift (2)

swift/device_sync/consent_backup.pb.swift (3)

• decodeMessage (148-161)
• traverse (163-177)
• lhs (179-186)

swift/device_sync/device_sync.pb.swift (9)

• decodeMessage (213-287)
• decodeMessage (331-344)
• decodeMessage (380-392)
• traverse (289-318)
• traverse (346-364)
• traverse (394-409)
• lhs (320-324)
• lhs (366-373)
• lhs (411-417)

swift/device_sync/content.pb.swift (2)

swift/device_sync/consent_backup.pb.swift (2)

• decodeMessage (148-161)
• traverse (163-177)

swift/device_sync/device_sync.pb.swift (6)

• decodeMessage (213-287)
• decodeMessage (331-344)
• decodeMessage (380-392)
• traverse (289-318)
• traverse (346-364)
• traverse (394-409)

swift/identity/associations/signature.pb.swift (1)

swift/identity/associations/association.pb.swift (2)

• decodeMessage (525-563)
• traverse (565-586)

swift/identity/associations/association.pb.swift (1)

swift/identity/api/v1/identity.pb.swift (30)

• decodeMessage (305-315)
• decodeMessage (335-348)
• decodeMessage (384-394)
• decodeMessage (414-426)
• decodeMessage (458-468)
• decodeMessage (492-495)
• decodeMessage (511-521)
• decodeMessage (541-552)
• decodeMessage (576-586)
• decodeMessage (606-618)
• decodeMessage (650-661)
• decodeMessage (685-695)
• decodeMessage (715-726)
• decodeMessage (750-760)
• decodeMessage (780-792)
• traverse (317-322)
• traverse (350-368)
• traverse (396-401)
• traverse (428-443)
• traverse (470-479)
• traverse (497-499)
• traverse (523-528)
• traverse (554-562)
• traverse (588-593)
• traverse (620-635)
• traverse (663-671)
• traverse (697-702)
• traverse (728-736)
• traverse (762-767)
• traverse (794-809)

swift/device_sync/message_backup.pb.swift (3)

swift/device_sync/consent_backup.pb.swift (3)

• decodeMessage (148-161)
• traverse (163-177)
• lhs (179-186)

swift/device_sync/device_sync.pb.swift (9)

• decodeMessage (213-287)
• decodeMessage (331-344)
• decodeMessage (380-392)
• traverse (289-318)
• traverse (346-364)
• traverse (394-409)
• lhs (320-324)
• lhs (366-373)
• lhs (411-417)

swift/device_sync/event_backup.pb.swift (3)

• decodeMessage (128-143)
• traverse (145-169)
• lhs (171-180)

🪛 SwiftLint (0.57.0)

swift/identity/api/v1/identity.connect.swift

[Warning] 3-3: Use 'next', 'this' or 'previous' instead to disable the 'all' rule once, or re-enable it as soon as possible`

(blanket_disable_command)

swift/device_sync/group_backup.pb.swift

[Warning] 3-3: Use 'next', 'this' or 'previous' instead to disable the 'all' rule once, or re-enable it as soon as possible`

(blanket_disable_command)

swift/device_sync/device_sync.pb.swift

[Warning] 3-3: Use 'next', 'this' or 'previous' instead to disable the 'all' rule once, or re-enable it as soon as possible`

(blanket_disable_command)

swift/device_sync/event_backup.pb.swift

[Warning] 3-3: Use 'next', 'this' or 'previous' instead to disable the 'all' rule once, or re-enable it as soon as possible`

(blanket_disable_command)

swift/device_sync/content.pb.swift

[Warning] 3-3: Use 'next', 'this' or 'previous' instead to disable the 'all' rule once, or re-enable it as soon as possible`

(blanket_disable_command)

swift/device_sync/message_backup.pb.swift

[Warning] 3-3: Use 'next', 'this' or 'previous' instead to disable the 'all' rule once, or re-enable it as soon as possible`

(blanket_disable_command)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: build_image
• GitHub Check: Unit

🔇 Additional comments (13)

swift/identity/api/v1/identity.connect.swift (1)

2-3: Generated client header directives are appropriate

Using // swift-format-ignore-file and // swiftlint:disable all on this generated Connect client is reasonable so that formatting/lint tools don’t churn or flag machine‑generated code. No further action needed here despite the SwiftLint blanket‑disable warning.

swift/identity/credential.pb.swift (1)

42-45: Bytecode-based name map update looks correct

The switch of _protobuf_nameMap to the SwiftProtobuf._NameMap(bytecode: ...) initializer for inbox_id matches the pattern used across the updated protos and should be a no-op behaviorally.

swift/device_sync/group_backup.pb.swift (1)

26-524: Group backup generated models are consistent and well-formed

The new Xmtp_DeviceSync_GroupBackup_* enums and messages follow the standard SwiftProtobuf generation patterns: enum raw values and allCases are aligned, the GroupSave COW storage and optional field handling in decodeMessage, traverse, and == are internally consistent, and the bytecode _protobuf_nameMap definitions match the declared fields. No issues spotted for this generated surface.

swift/device_sync/event_backup.pb.swift (1)

26-181: Event backup enum and message generation look correct

Xmtp_DeviceSync_EventBackup_EventLevelSave and EventSave are wired up consistently: optional groupID/icon use backing optionals with matching decode/traverse/== logic, and the bytecode _protobuf_nameMap matches the defined fields and numbers. Nothing concerning here for this generated file.

swift/identity/api/v1/identity.pb.swift (2)

38-67: Sendable conformance for signature request struct is appropriate

Xmtp_Identity_Api_V1_VerifySmartContractWalletSignatureRequestSignature being declared Sendable matches the other messages in this file and its fields are all value types, so this tightens the concurrency model without introducing obvious safety issues.

Please just confirm your Swift version’s concurrency checks pass cleanly (build/tests) after this generator bump.

---

301-409: Identity message runtime/name-map updates look consistent

Across the various identity API messages (VerifySmartContractWalletSignatures*, PublishIdentityUpdate*, GetIdentityUpdates*, GetInboxIds*), the switch to bytecode-based _protobuf_nameMap initializers and the existing decodeMessage/traverse/== implementations are internally consistent with the declared fields and field numbers. This is in line with the other regenerated SwiftProtobuf surfaces in the PR and doesn’t introduce any obvious behavioral changes.

If you haven’t already, it’s worth confirming your SwiftProtobuf runtime and protoc Swift plugin versions match whatever produced these bytecode name maps (e.g., via your build tooling or dependency lockfiles).

Also applies to: 454-575, 602-679, 681-709, 746-774

swift/device_sync/message_backup.pb.swift (1)

26-362: Group message backup enums/message and runtime wiring look consistent

The enums, GroupMessageSave fields, name maps, decode/traverse logic, and equality implementation all line up and match the patterns used in the other device_sync generated types; I don’t see any wire-compatibility or functional issues here.

swift/identity/associations/signature.pb.swift (1)

78-95: Passkey signature type and oneof integration look correct

RecoverablePasskeySignature’s fields, field numbers, and name map align with its decode/traverse implementation, and the new .passkey branch in Xmtp_Identity_Associations_Signature follows the same oneof pattern as the existing signature variants. I don’t see any issues with wire format or runtime behavior here.

Also applies to: 179-201, 315-357, 399-505

swift/identity/associations/association.pb.swift (1)

26-133: IdentifierKind and passkey support are wired consistently

The new IdentifierKind enum, MemberIdentifier oneof (including .passkey), Passkey message, and the identifier/relyingParty fields on CreateInbox, AddAssociation, RevokeAssociation, ChangeRecoveryAddress, and AssociationState all have matching field numbers across name maps, decode, traverse, and equality. The patterns match existing SwiftProtobuf‑generated code, and I don’t see any serialization or runtime correctness issues.

Also applies to: 196-228, 266-284, 301-316, 326-355, 465-496

swift/device_sync/consent_backup.pb.swift (1)

25-187: Consent backup enums/message and runtime wiring look good

ConsentTypeSave, ConsentStateSave, and ConsentSave are internally consistent: enum values match their name maps, and the message’s field numbers/types are handled symmetrically in decode/traverse/equality. The deprecated address enum value is preserved correctly for compatibility.

swift/device_sync/device_sync.pb.swift (1)

25-199: Backup selection/element/metadata/options definitions are coherent and symmetric

BackupElementSelection, BackupElement (and its oneof), BackupMetadataSave, and BackupOptions all have consistent field numbers across name maps, decode/traverse, and equality. The repeated enum fields and optional start/end ranges are handled in the standard SwiftProtobuf style, so the wire format and runtime behavior look correct.

Also applies to: 205-418

swift/device_sync/content.pb.swift (2)

26-272: Generated message structs and oneofs look consistent with existing device_sync models

The message types (DeviceSyncContent, DeviceSyncAcknowledge, PreferenceUpdates, PreferenceUpdate, V1UserPreferenceUpdate, HmacKeyUpdate, DeviceSyncRequest, DeviceSyncReply, DeviceSyncKeyType) and their oneof-backed accessors follow the same patterns as the other device_sync protos (including optional backing storage for message fields and explicit has*/clear* APIs). Field names and types line up with the related backup models referenced in the rest of the module, so the public surface looks coherent and ready to use.

---

278-718: Decode/traverse implementations and oneof handling align with SwiftProtobuf patterns

The decodeMessage and traverse implementations for all types (especially the oneof-driven logic in DeviceSyncContent, PreferenceUpdate, and DeviceSyncKeyType) mirror the established pattern from device_sync.pb.swift and consent_backup.pb.swift: inline closures for stack-usage quirks, correct hadOneofValue + handleConflictingOneOf semantics, and consistent equality comparisons based on the underlying optionals and unknownFields. I don't see any mismatched field numbers or enum/field-type pairs.