vdhanan/testplan.patch

## testplan.patch
diff --git a/lib/actions/user-actions.js b/lib/actions/user-actions.js
index 3a1cc84444..a2785c89dc 100644
--- a/lib/actions/user-actions.js
+++ b/lib/actions/user-actions.js
@@ -685,15 +685,20 @@ function useIdentityPasswordRegister(): (
     throw new Error('Register password user method unimplemented');
   }
   const { registerPasswordUser } = identityClient;
-  const { markPrekeysAsPublished } = getConfig().olmAPI;
+  const { markPrekeysAsPublished, getUnpublishedPrekeys } = getConfig().olmAPI;

   return React.useCallback(
     async (username: string, password: string, fid: ?string) => {
       const response = await registerPasswordUser(username, password, fid);
+      console.log('unpublished prekeys:', await getUnpublishedPrekeys());
       await markPrekeysAsPublished();
+      console.log(
+        'unpublished prekeys (should be empty now):',
+        await getUnpublishedPrekeys(),
+      );
       return response;
     },
-    [registerPasswordUser, markPrekeysAsPublished],
+    [registerPasswordUser, markPrekeysAsPublished, getUnpublishedPrekeys],
   );
 }
 function useIdentityWalletRegister(): (
@@ -709,7 +714,7 @@ function useIdentityWalletRegister(): (
     throw new Error('Register wallet user method unimplemented');
   }
   const { registerWalletUser } = identityClient;
-  const { markPrekeysAsPublished } = getConfig().olmAPI;
+  const { markPrekeysAsPublished, getUnpublishedPrekeys } = getConfig().olmAPI;

   return React.useCallback(
     async (
@@ -724,10 +729,15 @@ function useIdentityWalletRegister(): (
         siweSignature,
         fid,
       );
+      console.log('unpublished prekeys:', await getUnpublishedPrekeys());
       await markPrekeysAsPublished();
+      console.log(
+        'unpublished prekeys (should be empty now):',
+        await getUnpublishedPrekeys(),
+      );
       return response;
     },
-    [registerWalletUser, markPrekeysAsPublished],
+    [registerWalletUser, markPrekeysAsPublished, getUnpublishedPrekeys],
   );
 }

@@ -783,7 +793,7 @@ function useIdentityPasswordLogIn(): (
   const identityClient = client?.identityClient;
   const preRequestUserState = useSelector(state => state.currentUserInfo);
   const callClaimUsername = useClaimUsername();
-  const { markPrekeysAsPublished } = getConfig().olmAPI;
+  const { markPrekeysAsPublished, getUnpublishedPrekeys } = getConfig().olmAPI;

   return React.useCallback(
     (username, password) => {
@@ -814,7 +824,12 @@ function useIdentityPasswordLogIn(): (
             signature,
           );
         }
+        console.log('unpublished prekeys:', await getUnpublishedPrekeys());
         await markPrekeysAsPublished();
+        console.log(
+          'unpublished prekeys (should be empty now):',
+          await getUnpublishedPrekeys(),
+        );
         return {
           ...result,
           preRequestUserState,
@@ -823,6 +838,7 @@ function useIdentityPasswordLogIn(): (
     },
     [
       identityClient,
+      getUnpublishedPrekeys,
       markPrekeysAsPublished,
       preRequestUserState,
       callClaimUsername,
@@ -838,7 +854,7 @@ function useIdentityWalletLogIn(): (
   const identityClient = client?.identityClient;
   invariant(identityClient, 'Identity client should be set');
   const { logInWalletUser } = identityClient;
-  const { markPrekeysAsPublished } = getConfig().olmAPI;
+  const { markPrekeysAsPublished, getUnpublishedPrekeys } = getConfig().olmAPI;

   return React.useCallback(
     async (
@@ -851,10 +867,15 @@ function useIdentityWalletLogIn(): (
         siweMessage,
         siweSignature,
       );
+      console.log('unpublished prekeys:', await getUnpublishedPrekeys());
       await markPrekeysAsPublished();
+      console.log(
+        'unpublished prekeys (should be empty now):',
+        await getUnpublishedPrekeys(),
+      );
       return response;
     },
-    [logInWalletUser, markPrekeysAsPublished],
+    [logInWalletUser, markPrekeysAsPublished, getUnpublishedPrekeys],
   );
 }
 function useIdentitySecondaryDeviceLogIn(): (
@@ -866,7 +887,8 @@ function useIdentitySecondaryDeviceLogIn(): (
   const { generateNonce, uploadKeysForRegisteredDeviceAndLogIn } =
     identityClient;

-  const { signMessage, markPrekeysAsPublished } = getConfig().olmAPI;
+  const { signMessage, markPrekeysAsPublished, getUnpublishedPrekeys } =
+    getConfig().olmAPI;

   return React.useCallback(
     async (userID: string) => {
@@ -876,7 +898,12 @@ function useIdentitySecondaryDeviceLogIn(): (
         nonce,
         nonceSignature,
       });
+      console.log('unpublished prekeys:', await getUnpublishedPrekeys());
       await markPrekeysAsPublished();
+      console.log(
+        'unpublished prekeys (should be empty now):',
+        await getUnpublishedPrekeys(),
+      );
       return response;
     },
     [
@@ -884,6 +911,7 @@ function useIdentitySecondaryDeviceLogIn(): (
       markPrekeysAsPublished,
       signMessage,
       uploadKeysForRegisteredDeviceAndLogIn,
+      getUnpublishedPrekeys,
     ],
   );
 }
diff --git a/lib/types/crypto-types.js b/lib/types/crypto-types.js
index 6becdfe571..d84c03030c 100644
--- a/lib/types/crypto-types.js
+++ b/lib/types/crypto-types.js
@@ -187,4 +187,5 @@ export type OlmAPI = {
     signingPublicKey: string,
   ) => Promise<boolean>,
   +markPrekeysAsPublished: () => Promise<void>,
+  +getUnpublishedPrekeys: () => Promise<string>,
 };
diff --git a/lib/utils/__mocks__/config.js b/lib/utils/__mocks__/config.js
index 8f1b2d8ebe..799c77f862 100644
--- a/lib/utils/__mocks__/config.js
+++ b/lib/utils/__mocks__/config.js
@@ -27,6 +27,7 @@ const getConfig = (): Config => ({
     signMessage: jest.fn(),
     verifyMessage: jest.fn(),
     markPrekeysAsPublished: jest.fn(),
+    getUnpublishedPrekeys: jest.fn(),
   },
   sqliteAPI: {
     getAllInboundP2PMessage: jest.fn(),
diff --git a/lib/utils/services-utils.js b/lib/utils/services-utils.js
index 684f444314..c22609665e 100644
--- a/lib/utils/services-utils.js
+++ b/lib/utils/services-utils.js
@@ -7,7 +7,7 @@ import type { AuthMetadata } from '../shared/identity-client-context.js';
 // If this is true then we're using the identity service for auth. After we
 // auth, the identity service gives us a CSAT, which we can use to auth with
 // other Comm services.
-const usingCommServicesAccessToken = false;
+const usingCommServicesAccessToken = true;

 // If this is true, then the app is able to support multiple keyservers. This
 // requires the use of Tunnelbroker and the backup service to persist and sync
diff --git a/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp b/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
index 99acaf3d23..35bd3a67e5 100644
--- a/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
+++ b/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
@@ -2594,4 +2594,49 @@ jsi::Value CommCoreModule::markPrekeysAsPublished(jsi::Runtime &rt) {
       });
 }

+jsi::Value CommCoreModule::getUnpublishedPrekeys(jsi::Runtime &rt) {
+  return createPromiseAsJSIValue(
+      rt, [=](jsi::Runtime &innerRt, std::shared_ptr<Promise> promise) {
+        taskType job = [=, &innerRt]() {
+          std::string error;
+          std::optional<std::string> maybeContentPrekey;
+          std::optional<std::string> maybeNotifPrekey;
+
+          if (this->contentCryptoModule == nullptr ||
+              this->notifsCryptoModule == nullptr) {
+            this->jsInvoker_->invokeAsync([=, &innerRt]() {
+              promise->reject("user has not been initialized");
+            });
+            return;
+          }
+
+          try {
+            maybeContentPrekey =
+                this->contentCryptoModule->getUnpublishedPrekey();
+            maybeNotifPrekey = this->notifsCryptoModule->getUnpublishedPrekey();
+          } catch (std::exception &e) {
+            error = e.what();
+          }
+
+          this->jsInvoker_->invokeAsync([=, &innerRt]() {
+            if (error.size()) {
+              promise->reject(error);
+              return;
+            }
+            if (maybeContentPrekey.has_value() &&
+                maybeNotifPrekey.has_value()) {
+              std::string ret =
+                  maybeContentPrekey.value() + "+++" + maybeNotifPrekey.value();
+              promise->resolve(jsi::String::createFromUtf8(innerRt, ret));
+            } else {
+              promise->resolve(jsi::String::createFromUtf8(innerRt, ""));
+            }
+            return;
+          });
+        };
+
+        this->cryptoThread->scheduleTask(job);
+      });
+}
+
 } // namespace comm
diff --git a/native/cpp/CommonCpp/NativeModules/CommCoreModule.h b/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
index a624758dd3..9fb1d798f0 100644
--- a/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
+++ b/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
@@ -230,6 +230,7 @@ class CommCoreModule : public facebook::react::CommCoreModuleSchemaCxxSpecJSI {
       jsi::String deviceID) override;
   virtual jsi::Value getSyncedDatabaseVersion(jsi::Runtime &rt) override;
   virtual jsi::Value markPrekeysAsPublished(jsi::Runtime &rt) override;
+  virtual jsi::Value getUnpublishedPrekeys(jsi::Runtime &rt) override;

 public:
   CommCoreModule(std::shared_ptr<facebook::react::CallInvoker> jsInvoker);
diff --git a/native/cpp/CommonCpp/_generated/commJSI-generated.cpp b/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
index faa681d887..8c219102df 100644
--- a/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
+++ b/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
@@ -208,6 +208,9 @@ static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getSyncedDatabas
 static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_markPrekeysAsPublished(jsi::Runtime &rt, TurboModule &turboModule, const jsi::Value* args, size_t count) {
   return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->markPrekeysAsPublished(rt);
 }
+static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getUnpublishedPrekeys(jsi::Runtime &rt, TurboModule &turboModule, const jsi::Value* args, size_t count) {
+  return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->getUnpublishedPrekeys(rt);
+}

 CommCoreModuleSchemaCxxSpecJSI::CommCoreModuleSchemaCxxSpecJSI(std::shared_ptr<CallInvoker> jsInvoker)
   : TurboModule("CommTurboModule", jsInvoker) {
@@ -274,6 +277,7 @@ CommCoreModuleSchemaCxxSpecJSI::CommCoreModuleSchemaCxxSpecJSI(std::shared_ptr<C
   methodMap_["removeOutboundP2PMessagesOlderThan"] = MethodMetadata {2, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_removeOutboundP2PMessagesOlderThan};
   methodMap_["getSyncedDatabaseVersion"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getSyncedDatabaseVersion};
   methodMap_["markPrekeysAsPublished"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_markPrekeysAsPublished};
+  methodMap_["getUnpublishedPrekeys"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getUnpublishedPrekeys};
 }


diff --git a/native/cpp/CommonCpp/_generated/commJSI.h b/native/cpp/CommonCpp/_generated/commJSI.h
index 088022aa41..47d2568753 100644
--- a/native/cpp/CommonCpp/_generated/commJSI.h
+++ b/native/cpp/CommonCpp/_generated/commJSI.h
@@ -83,6 +83,7 @@ public:
   virtual jsi::Value removeOutboundP2PMessagesOlderThan(jsi::Runtime &rt, jsi::String messageID, jsi::String deviceID) = 0;
   virtual jsi::Value getSyncedDatabaseVersion(jsi::Runtime &rt) = 0;
   virtual jsi::Value markPrekeysAsPublished(jsi::Runtime &rt) = 0;
+  virtual jsi::Value getUnpublishedPrekeys(jsi::Runtime &rt) = 0;

 };

@@ -608,6 +609,14 @@ private:
       return bridging::callFromJs<jsi::Value>(
           rt, &T::markPrekeysAsPublished, jsInvoker_, instance_);
     }
+    jsi::Value getUnpublishedPrekeys(jsi::Runtime &rt) override {
+      static_assert(
+          bridging::getParameterCount(&T::getUnpublishedPrekeys) == 1,
+          "Expected getUnpublishedPrekeys(...) to have 1 parameters");
+
+      return bridging::callFromJs<jsi::Value>(
+          rt, &T::getUnpublishedPrekeys, jsInvoker_, instance_);
+    }

   private:
     T *instance_;
diff --git a/native/crypto/olm-api.js b/native/crypto/olm-api.js
index d333ad8757..5fd297bfd8 100644
--- a/native/crypto/olm-api.js
+++ b/native/crypto/olm-api.js
@@ -117,6 +117,7 @@ const olmAPI: OlmAPI = {
     }
   },
   markPrekeysAsPublished: commCoreModule.markPrekeysAsPublished,
+  getUnpublishedPrekeys: commCoreModule.getUnpublishedPrekeys,
 };

 export { olmAPI };
diff --git a/native/schema/CommCoreModuleSchema.js b/native/schema/CommCoreModuleSchema.js
index 7c74fb4a02..dce2d97d14 100644
--- a/native/schema/CommCoreModuleSchema.js
+++ b/native/schema/CommCoreModuleSchema.js
@@ -165,6 +165,7 @@ interface Spec extends TurboModule {
   ) => Promise<void>;
   +getSyncedDatabaseVersion: () => Promise<string>;
   +markPrekeysAsPublished: () => Promise<void>;
+  +getUnpublishedPrekeys: () => Promise<string>;
 }

 export interface CoreModuleSpec extends Spec {
diff --git a/web/crypto/olm-api.js b/web/crypto/olm-api.js
index 64d4cebea5..6886a77336 100644
--- a/web/crypto/olm-api.js
+++ b/web/crypto/olm-api.js
@@ -57,6 +57,7 @@ const olmAPI: OlmAPI = {
   signMessage: proxyToWorker('signMessage'),
   verifyMessage: proxyToWorker('verifyMessage'),
   markPrekeysAsPublished: proxyToWorker('markPrekeysAsPublished'),
+  getUnpublishedPrekeys: proxyToWorker('getUnpublishedPrekeys'),
 };

 export { olmAPI };
diff --git a/web/shared-worker/worker/worker-crypto.js b/web/shared-worker/worker/worker-crypto.js
index c123d95ca1..9dbfb25d4d 100644
--- a/web/shared-worker/worker/worker-crypto.js
+++ b/web/shared-worker/worker/worker-crypto.js
@@ -873,6 +873,20 @@ const olmAPI: OlmAPI = {

     persistCryptoStore();
   },
+  async getUnpublishedPrekeys(): Promise<string> {
+    if (!cryptoStore) {
+      throw new Error('Crypto account not initialized');
+    }
+    const { contentAccount, notificationAccount } = cryptoStore;
+
+    const contentPrekey = contentAccount.unpublished_prekey();
+    const notifPrekey = notificationAccount.unpublished_prekey();
+
+    if (!contentPrekey || !notifPrekey) {
+      return '';
+    }
+    return contentPrekey + '+++' + notifPrekey;
+  },
 };

 export {
	diff --git a/lib/actions/user-actions.js b/lib/actions/user-actions.js
	index 3a1cc84444..a2785c89dc 100644
	--- a/lib/actions/user-actions.js
	+++ b/lib/actions/user-actions.js
	@@ -685,15 +685,20 @@ function useIdentityPasswordRegister(): (
	throw new Error('Register password user method unimplemented');
	}
	const { registerPasswordUser } = identityClient;
	- const { markPrekeysAsPublished } = getConfig().olmAPI;
	+ const { markPrekeysAsPublished, getUnpublishedPrekeys } = getConfig().olmAPI;

	return React.useCallback(
	async (username: string, password: string, fid: ?string) => {
	const response = await registerPasswordUser(username, password, fid);
	+ console.log('unpublished prekeys:', await getUnpublishedPrekeys());
	await markPrekeysAsPublished();
	+ console.log(
	+ 'unpublished prekeys (should be empty now):',
	+ await getUnpublishedPrekeys(),
	+ );
	return response;
	},
	- [registerPasswordUser, markPrekeysAsPublished],
	+ [registerPasswordUser, markPrekeysAsPublished, getUnpublishedPrekeys],
	);
	}
	function useIdentityWalletRegister(): (
	@@ -709,7 +714,7 @@ function useIdentityWalletRegister(): (
	throw new Error('Register wallet user method unimplemented');
	}
	const { registerWalletUser } = identityClient;
	- const { markPrekeysAsPublished } = getConfig().olmAPI;
	+ const { markPrekeysAsPublished, getUnpublishedPrekeys } = getConfig().olmAPI;

	return React.useCallback(
	async (
	@@ -724,10 +729,15 @@ function useIdentityWalletRegister(): (
	siweSignature,
	fid,
	);
	+ console.log('unpublished prekeys:', await getUnpublishedPrekeys());
	await markPrekeysAsPublished();
	+ console.log(
	+ 'unpublished prekeys (should be empty now):',
	+ await getUnpublishedPrekeys(),
	+ );
	return response;
	},
	- [registerWalletUser, markPrekeysAsPublished],
	+ [registerWalletUser, markPrekeysAsPublished, getUnpublishedPrekeys],
	);
	}

	@@ -783,7 +793,7 @@ function useIdentityPasswordLogIn(): (
	const identityClient = client?.identityClient;
	const preRequestUserState = useSelector(state => state.currentUserInfo);
	const callClaimUsername = useClaimUsername();
	- const { markPrekeysAsPublished } = getConfig().olmAPI;
	+ const { markPrekeysAsPublished, getUnpublishedPrekeys } = getConfig().olmAPI;

	return React.useCallback(
	(username, password) => {
	@@ -814,7 +824,12 @@ function useIdentityPasswordLogIn(): (
	signature,
	);
	}
	+ console.log('unpublished prekeys:', await getUnpublishedPrekeys());
	await markPrekeysAsPublished();
	+ console.log(
	+ 'unpublished prekeys (should be empty now):',
	+ await getUnpublishedPrekeys(),
	+ );
	return {
	...result,
	preRequestUserState,
	@@ -823,6 +838,7 @@ function useIdentityPasswordLogIn(): (
	},
	[
	identityClient,
	+ getUnpublishedPrekeys,
	markPrekeysAsPublished,
	preRequestUserState,
	callClaimUsername,
	@@ -838,7 +854,7 @@ function useIdentityWalletLogIn(): (
	const identityClient = client?.identityClient;
	invariant(identityClient, 'Identity client should be set');
	const { logInWalletUser } = identityClient;
	- const { markPrekeysAsPublished } = getConfig().olmAPI;
	+ const { markPrekeysAsPublished, getUnpublishedPrekeys } = getConfig().olmAPI;

	return React.useCallback(
	async (
	@@ -851,10 +867,15 @@ function useIdentityWalletLogIn(): (
	siweMessage,
	siweSignature,
	);
	+ console.log('unpublished prekeys:', await getUnpublishedPrekeys());
	await markPrekeysAsPublished();
	+ console.log(
	+ 'unpublished prekeys (should be empty now):',
	+ await getUnpublishedPrekeys(),
	+ );
	return response;
	},
	- [logInWalletUser, markPrekeysAsPublished],
	+ [logInWalletUser, markPrekeysAsPublished, getUnpublishedPrekeys],
	);
	}
	function useIdentitySecondaryDeviceLogIn(): (
	@@ -866,7 +887,8 @@ function useIdentitySecondaryDeviceLogIn(): (
	const { generateNonce, uploadKeysForRegisteredDeviceAndLogIn } =
	identityClient;

	- const { signMessage, markPrekeysAsPublished } = getConfig().olmAPI;
	+ const { signMessage, markPrekeysAsPublished, getUnpublishedPrekeys } =
	+ getConfig().olmAPI;

	return React.useCallback(
	async (userID: string) => {
	@@ -876,7 +898,12 @@ function useIdentitySecondaryDeviceLogIn(): (
	nonce,
	nonceSignature,
	});
	+ console.log('unpublished prekeys:', await getUnpublishedPrekeys());
	await markPrekeysAsPublished();
	+ console.log(
	+ 'unpublished prekeys (should be empty now):',
	+ await getUnpublishedPrekeys(),
	+ );
	return response;
	},
	[
	@@ -884,6 +911,7 @@ function useIdentitySecondaryDeviceLogIn(): (
	markPrekeysAsPublished,
	signMessage,
	uploadKeysForRegisteredDeviceAndLogIn,
	+ getUnpublishedPrekeys,
	],
	);
	}
	diff --git a/lib/types/crypto-types.js b/lib/types/crypto-types.js
	index 6becdfe571..d84c03030c 100644
	--- a/lib/types/crypto-types.js
	+++ b/lib/types/crypto-types.js
	@@ -187,4 +187,5 @@ export type OlmAPI = {
	signingPublicKey: string,
	) => Promise<boolean>,
	+markPrekeysAsPublished: () => Promise<void>,
	+ +getUnpublishedPrekeys: () => Promise<string>,
	};
	diff --git a/lib/utils/__mocks__/config.js b/lib/utils/__mocks__/config.js
	index 8f1b2d8ebe..799c77f862 100644
	--- a/lib/utils/__mocks__/config.js
	+++ b/lib/utils/__mocks__/config.js
	@@ -27,6 +27,7 @@ const getConfig = (): Config => ({
	signMessage: jest.fn(),
	verifyMessage: jest.fn(),
	markPrekeysAsPublished: jest.fn(),
	+ getUnpublishedPrekeys: jest.fn(),
	},
	sqliteAPI: {
	getAllInboundP2PMessage: jest.fn(),
	diff --git a/lib/utils/services-utils.js b/lib/utils/services-utils.js
	index 684f444314..c22609665e 100644
	--- a/lib/utils/services-utils.js
	+++ b/lib/utils/services-utils.js
	@@ -7,7 +7,7 @@ import type { AuthMetadata } from '../shared/identity-client-context.js';
	// If this is true then we're using the identity service for auth. After we
	// auth, the identity service gives us a CSAT, which we can use to auth with
	// other Comm services.
	-const usingCommServicesAccessToken = false;
	+const usingCommServicesAccessToken = true;

	// If this is true, then the app is able to support multiple keyservers. This
	// requires the use of Tunnelbroker and the backup service to persist and sync
	diff --git a/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp b/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
	index 99acaf3d23..35bd3a67e5 100644
	--- a/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
	+++ b/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
	@@ -2594,4 +2594,49 @@ jsi::Value CommCoreModule::markPrekeysAsPublished(jsi::Runtime &rt) {
	});
	}

	+jsi::Value CommCoreModule::getUnpublishedPrekeys(jsi::Runtime &rt) {
	+ return createPromiseAsJSIValue(
	+ rt, [=](jsi::Runtime &innerRt, std::shared_ptr<Promise> promise) {
	+ taskType job = [=, &innerRt]() {
	+ std::string error;
	+ std::optional<std::string> maybeContentPrekey;
	+ std::optional<std::string> maybeNotifPrekey;
	+
	+ if (this->contentCryptoModule == nullptr \|\|
	+ this->notifsCryptoModule == nullptr) {
	+ this->jsInvoker_->invokeAsync([=, &innerRt]() {
	+ promise->reject("user has not been initialized");
	+ });
	+ return;
	+ }
	+
	+ try {
	+ maybeContentPrekey =
	+ this->contentCryptoModule->getUnpublishedPrekey();
	+ maybeNotifPrekey = this->notifsCryptoModule->getUnpublishedPrekey();
	+ } catch (std::exception &e) {
	+ error = e.what();
	+ }
	+
	+ this->jsInvoker_->invokeAsync([=, &innerRt]() {
	+ if (error.size()) {
	+ promise->reject(error);
	+ return;
	+ }
	+ if (maybeContentPrekey.has_value() &&
	+ maybeNotifPrekey.has_value()) {
	+ std::string ret =
	+ maybeContentPrekey.value() + "+++" + maybeNotifPrekey.value();
	+ promise->resolve(jsi::String::createFromUtf8(innerRt, ret));
	+ } else {
	+ promise->resolve(jsi::String::createFromUtf8(innerRt, ""));
	+ }
	+ return;
	+ });
	+ };
	+
	+ this->cryptoThread->scheduleTask(job);
	+ });
	+}
	+
	} // namespace comm
	diff --git a/native/cpp/CommonCpp/NativeModules/CommCoreModule.h b/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
	index a624758dd3..9fb1d798f0 100644
	--- a/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
	+++ b/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
	@@ -230,6 +230,7 @@ class CommCoreModule : public facebook::react::CommCoreModuleSchemaCxxSpecJSI {
	jsi::String deviceID) override;
	virtual jsi::Value getSyncedDatabaseVersion(jsi::Runtime &rt) override;
	virtual jsi::Value markPrekeysAsPublished(jsi::Runtime &rt) override;
	+ virtual jsi::Value getUnpublishedPrekeys(jsi::Runtime &rt) override;

	public:
	CommCoreModule(std::shared_ptr<facebook::react::CallInvoker> jsInvoker);
	diff --git a/native/cpp/CommonCpp/_generated/commJSI-generated.cpp b/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
	index faa681d887..8c219102df 100644
	--- a/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
	+++ b/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
	@@ -208,6 +208,9 @@ static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getSyncedDatabas
	static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_markPrekeysAsPublished(jsi::Runtime &rt, TurboModule &turboModule, const jsi::Value* args, size_t count) {
	return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->markPrekeysAsPublished(rt);
	}
	+static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getUnpublishedPrekeys(jsi::Runtime &rt, TurboModule &turboModule, const jsi::Value* args, size_t count) {
	+ return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->getUnpublishedPrekeys(rt);
	+}

	CommCoreModuleSchemaCxxSpecJSI::CommCoreModuleSchemaCxxSpecJSI(std::shared_ptr<CallInvoker> jsInvoker)
	: TurboModule("CommTurboModule", jsInvoker) {
	@@ -274,6 +277,7 @@ CommCoreModuleSchemaCxxSpecJSI::CommCoreModuleSchemaCxxSpecJSI(std::shared_ptr<C
	methodMap_["removeOutboundP2PMessagesOlderThan"] = MethodMetadata {2, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_removeOutboundP2PMessagesOlderThan};
	methodMap_["getSyncedDatabaseVersion"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getSyncedDatabaseVersion};
	methodMap_["markPrekeysAsPublished"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_markPrekeysAsPublished};
	+ methodMap_["getUnpublishedPrekeys"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getUnpublishedPrekeys};
	}


	diff --git a/native/cpp/CommonCpp/_generated/commJSI.h b/native/cpp/CommonCpp/_generated/commJSI.h
	index 088022aa41..47d2568753 100644
	--- a/native/cpp/CommonCpp/_generated/commJSI.h
	+++ b/native/cpp/CommonCpp/_generated/commJSI.h
	@@ -83,6 +83,7 @@ public:
	virtual jsi::Value removeOutboundP2PMessagesOlderThan(jsi::Runtime &rt, jsi::String messageID, jsi::String deviceID) = 0;
	virtual jsi::Value getSyncedDatabaseVersion(jsi::Runtime &rt) = 0;
	virtual jsi::Value markPrekeysAsPublished(jsi::Runtime &rt) = 0;
	+ virtual jsi::Value getUnpublishedPrekeys(jsi::Runtime &rt) = 0;

	};

	@@ -608,6 +609,14 @@ private:
	return bridging::callFromJs<jsi::Value>(
	rt, &T::markPrekeysAsPublished, jsInvoker_, instance_);
	}
	+ jsi::Value getUnpublishedPrekeys(jsi::Runtime &rt) override {
	+ static_assert(
	+ bridging::getParameterCount(&T::getUnpublishedPrekeys) == 1,
	+ "Expected getUnpublishedPrekeys(...) to have 1 parameters");
	+
	+ return bridging::callFromJs<jsi::Value>(
	+ rt, &T::getUnpublishedPrekeys, jsInvoker_, instance_);
	+ }

	private:
	T *instance_;
	diff --git a/native/crypto/olm-api.js b/native/crypto/olm-api.js
	index d333ad8757..5fd297bfd8 100644
	--- a/native/crypto/olm-api.js
	+++ b/native/crypto/olm-api.js
	@@ -117,6 +117,7 @@ const olmAPI: OlmAPI = {
	}
	},
	markPrekeysAsPublished: commCoreModule.markPrekeysAsPublished,
	+ getUnpublishedPrekeys: commCoreModule.getUnpublishedPrekeys,
	};

	export { olmAPI };
	diff --git a/native/schema/CommCoreModuleSchema.js b/native/schema/CommCoreModuleSchema.js
	index 7c74fb4a02..dce2d97d14 100644
	--- a/native/schema/CommCoreModuleSchema.js
	+++ b/native/schema/CommCoreModuleSchema.js
	@@ -165,6 +165,7 @@ interface Spec extends TurboModule {
	) => Promise<void>;
	+getSyncedDatabaseVersion: () => Promise<string>;
	+markPrekeysAsPublished: () => Promise<void>;
	+ +getUnpublishedPrekeys: () => Promise<string>;
	}

	export interface CoreModuleSpec extends Spec {
	diff --git a/web/crypto/olm-api.js b/web/crypto/olm-api.js
	index 64d4cebea5..6886a77336 100644
	--- a/web/crypto/olm-api.js
	+++ b/web/crypto/olm-api.js
	@@ -57,6 +57,7 @@ const olmAPI: OlmAPI = {
	signMessage: proxyToWorker('signMessage'),
	verifyMessage: proxyToWorker('verifyMessage'),
	markPrekeysAsPublished: proxyToWorker('markPrekeysAsPublished'),
	+ getUnpublishedPrekeys: proxyToWorker('getUnpublishedPrekeys'),
	};

	export { olmAPI };
	diff --git a/web/shared-worker/worker/worker-crypto.js b/web/shared-worker/worker/worker-crypto.js
	index c123d95ca1..9dbfb25d4d 100644
	--- a/web/shared-worker/worker/worker-crypto.js
	+++ b/web/shared-worker/worker/worker-crypto.js
	@@ -873,6 +873,20 @@ const olmAPI: OlmAPI = {

	persistCryptoStore();
	},
	+ async getUnpublishedPrekeys(): Promise<string> {
	+ if (!cryptoStore) {
	+ throw new Error('Crypto account not initialized');
	+ }
	+ const { contentAccount, notificationAccount } = cryptoStore;
	+
	+ const contentPrekey = contentAccount.unpublished_prekey();
	+ const notifPrekey = notificationAccount.unpublished_prekey();
	+
	+ if (!contentPrekey \|\| !notifPrekey) {
	+ return '';
	+ }
	+ return contentPrekey + '+++' + notifPrekey;
	+ },
	};

	export {