From 1cfda1f2107b526fe2392f09a635bcd20fd323a2 Mon Sep 17 00:00:00 2001
From: ayumi-signal <143036029+ayumi-signal@users.noreply.github.com>
Date: Thu, 15 Jan 2026 09:40:22 -0800
Subject: [PATCH] Implement megaphone conditional standard_donate with local
 device createdAt

---
 ts/Crypto.node.ts                             |  55 ++++++++++++
 ts/background.preload.ts                      |   4 +-
 ts/components/RemoteMegaphone.dom.tsx         |   6 +-
 ts/services/megaphone.preload.ts              |  47 +++++++++-
 ts/test-electron/Crypto_test.preload.ts       |  26 ++++++
 .../textsecure/AccountManager_test.preload.ts |  29 ++++++-
 .../release-notes/megaphone_test.node.ts      |  82 ++++++++++++++++++
 .../release-notes/release-notes-v2.json       |  13 +++
 .../en.json                                   |   8 ++
 .../static/release-notes/donate-heart.png     | Bin 0 -> 6818 bytes
 .../services/megaphone_test.preload.ts        |  79 ++++++++++++++++-
 ts/textsecure/AccountManager.preload.ts       |  54 ++++++++++++
 ts/textsecure/WebAPI.preload.ts               |   2 +-
 ts/textsecure/storage/User.dom.ts             |   8 ++
 ts/types/Storage.d.ts                         |   1 +
 ts/util/onDeviceNameChangeSync.preload.ts     |  57 +++++++++---
 16 files changed, 452 insertions(+), 19 deletions(-)
 create mode 100644 ts/test-mock/release-notes/megaphone_test.node.ts
 create mode 100644 ts/test-mock/updates-data/static/release-notes/1A6FCAB5-2F4C-44D3-88B4-27140FACBF75/en.json
 create mode 100644 ts/test-mock/updates-data/static/release-notes/donate-heart.png

diff --git a/ts/Crypto.node.ts b/ts/Crypto.node.ts
index 052aed9f2e..67ee241ce6 100644
--- a/ts/Crypto.node.ts
+++ b/ts/Crypto.node.ts
@@ -158,6 +158,61 @@ export function decryptDeviceName(
   return Bytes.toString(plaintext);
 }
 
+// For testing
+export function encryptDeviceCreatedAt(
+  createdAt: number,
+  deviceId: number,
+  registrationId: number,
+  identityPublic: PublicKey
+): Uint8Array {
+  const createdAtBuffer = new ArrayBuffer(8);
+  const dataView = new DataView(createdAtBuffer);
+  dataView.setBigUint64(0, BigInt(createdAt), false);
+  const createdAtBytes = new Uint8Array(createdAtBuffer);
+
+  const associatedData = getAssociatedDataForDeviceCreatedAt(
+    deviceId,
+    registrationId
+  );
+
+  return identityPublic.seal(createdAtBytes, 'deviceCreatedAt', associatedData);
+}
+
+// createdAtCiphertext is an Int64, encrypted using the identity key
+// PrivateKey with 5 bytes of associated data (deviceId || registrationId).
+export function decryptDeviceCreatedAt(
+  createdAtCiphertext: Uint8Array,
+  deviceId: number,
+  registrationId: number,
+  identityPrivate: PrivateKey
+): number {
+  const associatedData = getAssociatedDataForDeviceCreatedAt(
+    deviceId,
+    registrationId
+  );
+  const createdAtData = identityPrivate.open(
+    createdAtCiphertext,
+    'deviceCreatedAt',
+    associatedData
+  );
+  return Number(Bytes.readBigUint64BE(createdAtData));
+}
+
+function getAssociatedDataForDeviceCreatedAt(
+  deviceId: number,
+  registrationId: number
+): Uint8Array {
+  if (deviceId > 255) {
+    throw new Error('deviceId above 255, must be 1 byte');
+  }
+
+  const associatedDataBuffer = new ArrayBuffer(5);
+  const dataView = new DataView(associatedDataBuffer);
+  dataView.setUint8(0, deviceId);
+  dataView.setUint32(1, registrationId, false);
+  return new Uint8Array(associatedDataBuffer);
+}
+
 export function deriveMasterKey(accountEntropyPool: string): Uint8Array {
   return AccountEntropyPool.deriveSvrKey(accountEntropyPool);
 }
diff --git a/ts/background.preload.ts b/ts/background.preload.ts
index cbe3289b53..276a6153a5 100644
--- a/ts/background.preload.ts
+++ b/ts/background.preload.ts
@@ -264,7 +264,7 @@ import { ReleaseNoteAndMegaphoneFetcher } from './services/releaseNoteAndMegapho
 import { initMegaphoneCheckService } from './services/megaphone.preload.js';
 import { BuildExpirationService } from './services/buildExpiration.preload.js';
 import {
-  maybeQueueDeviceNameFetch,
+  maybeQueueDeviceInfoFetch,
   onDeviceNameChangeSync,
 } from './util/onDeviceNameChangeSync.preload.js';
 import { postSaveUpdates } from './util/cleanup.preload.js';
@@ -1807,7 +1807,7 @@ export async function startApp(): Promise<void> {
     //   after connect on every startup
     drop(registerCapabilities());
     drop(ensureAEP());
-    drop(maybeQueueDeviceNameFetch());
+    drop(maybeQueueDeviceInfoFetch());
     Stickers.downloadQueuedPacks();
   }
 
diff --git a/ts/components/RemoteMegaphone.dom.tsx b/ts/components/RemoteMegaphone.dom.tsx
index adb7f2ab5f..bd4e227660 100644
--- a/ts/components/RemoteMegaphone.dom.tsx
+++ b/ts/components/RemoteMegaphone.dom.tsx
@@ -51,7 +51,11 @@ export function RemoteMegaphone({
 
   if (isFullSize) {
     return (
-      <div className={wrapperClassName} aria-live="polite">
+      <div
+        className={wrapperClassName}
+        aria-live="polite"
+        data-testid="RemoteMegaphone"
+      >
         <div className={tw('flex items-start gap-3')}>
           {image}
           <div className={tw('w-full')}>
diff --git a/ts/services/megaphone.preload.ts b/ts/services/megaphone.preload.ts
index 3bcff3b99d..93fc6db72d 100644
--- a/ts/services/megaphone.preload.ts
+++ b/ts/services/megaphone.preload.ts
@@ -10,7 +10,7 @@ import {
   type RemoteMegaphoneType,
   type VisibleRemoteMegaphoneType,
 } from '../types/Megaphone.std.js';
-import { HOUR } from '../util/durations/index.std.js';
+import { DAY, HOUR } from '../util/durations/index.std.js';
 import { DataReader, DataWriter } from '../sql/Client.preload.js';
 import { drop } from '../util/drop.std.js';
 import {
@@ -21,10 +21,13 @@ import {
 import { isEnabled } from '../RemoteConfig.dom.js';
 import { safeSetTimeout } from '../util/timeout.std.js';
 import { clearTimeoutIfNecessary } from '../util/clearTimeoutIfNecessary.std.js';
+import { itemStorage } from '../textsecure/Storage.preload.js';
+import { isMoreRecentThan } from '../util/timestamp.std.js';
 
 const log = createLogger('megaphoneService');
 
 const CHECK_INTERVAL = 12 * HOUR;
+const CONDITIONAL_STANDARD_DONATE_DEVICE_AGE = 7 * DAY;
 
 let nextCheckTimeout: NodeJS.Timeout | null;
 
@@ -91,6 +94,44 @@ export function isRemoteMegaphoneEnabled(): boolean {
   return false;
 }
 
+export function isConditionalActive(conditionalId: string | null): boolean {
+  if (conditionalId == null) {
+    return true;
+  }
+
+  if (conditionalId === 'standard_donate') {
+    const deviceCreatedAt = itemStorage.user.getDeviceCreatedAt();
+    if (
+      !deviceCreatedAt ||
+      isMoreRecentThan(deviceCreatedAt, CONDITIONAL_STANDARD_DONATE_DEVICE_AGE)
+    ) {
+      return false;
+    }
+
+    const me = window.ConversationController.getOurConversation();
+    if (!me) {
+      log.error(
+        "isConditionalActive: Can't check badges because our conversation not available"
+      );
+      return false;
+    }
+
+    const hasBadges = me.attributes.badges && me.attributes.badges.length > 0;
+    return !hasBadges;
+  }
+
+  if (conditionalId === 'internal_user') {
+    return isEnabled('desktop.internalUser');
+  }
+
+  if (conditionalId === 'test') {
+    return isMockEnvironment();
+  }
+
+  log.error(`isConditionalActive: Invalid value ${conditionalId}`);
+  return false;
+}
+
 // Private
 
 async function processMegaphone(megaphone: RemoteMegaphoneType): Promise<void> {
@@ -150,6 +191,10 @@ export function isMegaphoneShowable(
     return false;
   }
 
+  if (!isConditionalActive(megaphone.conditionalId)) {
+    return false;
+  }
+
   if (snoozedAt) {
     let snoozeDuration;
     try {
diff --git a/ts/test-electron/Crypto_test.preload.ts b/ts/test-electron/Crypto_test.preload.ts
index a960516734..bcb59b1fdd 100644
--- a/ts/test-electron/Crypto_test.preload.ts
+++ b/ts/test-electron/Crypto_test.preload.ts
@@ -38,6 +38,8 @@ import {
   decryptAttachmentV1,
   padAndEncryptAttachment,
   CipherType,
+  encryptDeviceCreatedAt,
+  decryptDeviceCreatedAt,
 } from '../Crypto.node.js';
 import {
   _generateAttachmentIv,
@@ -389,6 +391,30 @@ describe('Crypto', () => {
     });
   });
 
+  describe('encrypted device createdAt', () => {
+    it('roundtrips', () => {
+      const deviceId = 2;
+      const registrationId = 123;
+      const identityKey = Curve.generateKeyPair();
+      const createdAt = new Date().getTime();
+
+      const encrypted = encryptDeviceCreatedAt(
+        createdAt,
+        deviceId,
+        registrationId,
+        identityKey.publicKey
+      );
+      const decrypted = decryptDeviceCreatedAt(
+        encrypted,
+        deviceId,
+        registrationId,
+        identityKey.privateKey
+      );
+
+      assert.strictEqual(decrypted, createdAt);
+    });
+  });
+
   describe('verifyHmacSha256', () => {
     it('rejects if their MAC is too short', () => {
       const key = getRandomBytes(32);
diff --git a/ts/test-electron/textsecure/AccountManager_test.preload.ts b/ts/test-electron/textsecure/AccountManager_test.preload.ts
index 19fe5f9782..8c000f5884 100644
--- a/ts/test-electron/textsecure/AccountManager_test.preload.ts
+++ b/ts/test-electron/textsecure/AccountManager_test.preload.ts
@@ -5,7 +5,7 @@ import { assert } from 'chai';
 import lodash from 'lodash';
 import * as sinon from 'sinon';
 
-import { getRandomBytes } from '../../Crypto.node.js';
+import { generateRegistrationId, getRandomBytes } from '../../Crypto.node.js';
 import { generateKeyPair } from '../../Curve.node.js';
 import AccountManager from '../../textsecure/AccountManager.preload.js';
 import type {
@@ -32,6 +32,7 @@ describe('AccountManager', () => {
 
   const ourAci = generateAci();
   const ourPni = generatePni();
+  const ourRegistrationId = generateRegistrationId();
   const identityKey = generateKeyPair();
   const pubKey = getRandomBytes(33);
   const privKey = getRandomBytes(32);
@@ -42,6 +43,9 @@ describe('AccountManager', () => {
     sandbox
       .stub(signalProtocolStore, 'getIdentityKeyPair')
       .returns(identityKey);
+    sandbox
+      .stub(signalProtocolStore, 'getLocalRegistrationId')
+      .resolves(ourRegistrationId);
     const { user } = itemStorage;
     sandbox.stub(user, 'getAci').returns(ourAci);
     sandbox.stub(user, 'getPni').returns(ourPni);
@@ -77,6 +81,29 @@ describe('AccountManager', () => {
     });
   });
 
+  describe('encrypted device createdAt', () => {
+    it('roundtrips', async () => {
+      const deviceId = 2;
+      const createdAt = new Date().getTime();
+
+      const encrypted = await accountManager._encryptDeviceCreatedAt(
+        createdAt,
+        deviceId
+      );
+      if (!encrypted) {
+        throw new Error('failed to encrypt!');
+      }
+
+      assert.strictEqual(typeof encrypted, 'string');
+      const decrypted = await accountManager.decryptDeviceCreatedAt(
+        encrypted,
+        deviceId
+      );
+
+      assert.strictEqual(decrypted, createdAt);
+    });
+  });
+
   describe('#_cleanSignedPreKeys', () => {
     let originalLoadSignedPreKeys: any;
     let originalRemoveSignedPreKey: any;
diff --git a/ts/test-mock/release-notes/megaphone_test.node.ts b/ts/test-mock/release-notes/megaphone_test.node.ts
new file mode 100644
index 0000000000..71c3443ff2
--- /dev/null
+++ b/ts/test-mock/release-notes/megaphone_test.node.ts
@@ -0,0 +1,82 @@
+// Copyright 2026 Signal Messenger, LLC
+// SPDX-License-Identifier: AGPL-3.0-only
+
+import createDebug from 'debug';
+
+import { expect } from 'playwright/test';
+import { StorageState } from '@signalapp/mock-server';
+import { BackupLevel } from '@signalapp/libsignal-client/zkgroup.js';
+import Long from 'long';
+
+import type { App } from '../playwright.node.js';
+import { Bootstrap } from '../bootstrap.node.js';
+import { MINUTE } from '../../util/durations/index.std.js';
+
+export const debug = createDebug('mock:test:megaphone');
+
+describe('megaphone', function (this: Mocha.Suite) {
+  let bootstrap: Bootstrap;
+  let app: App;
+  let nextApp: App;
+
+  this.timeout(MINUTE);
+
+  beforeEach(async () => {
+    bootstrap = new Bootstrap();
+    await bootstrap.init();
+
+    let state = StorageState.getEmpty();
+
+    const { phone } = bootstrap;
+
+    state = state.updateAccount({
+      profileKey: phone.profileKey.serialize(),
+      givenName: phone.profileName,
+      readReceipts: true,
+      hasCompletedUsernameOnboarding: true,
+      backupTier: Long.fromNumber(BackupLevel.Free),
+    });
+
+    await phone.setStorageState(state);
+
+    app = await bootstrap.link();
+  });
+
+  afterEach(async function (this: Mocha.Context) {
+    if (!bootstrap) {
+      return;
+    }
+
+    if (nextApp) {
+      await bootstrap.maybeSaveLogs(this.currentTest, nextApp);
+    }
+    await nextApp?.close();
+    await bootstrap.teardown();
+  });
+
+  it('shows megaphone', async () => {
+    const firstWindow = await app.getWindow();
+
+    await app.waitForReleaseNoteAndMegaphoneFetcher();
+    await firstWindow.evaluate(
+      'window.SignalCI.resetReleaseNoteAndMegaphoneFetcher()'
+    );
+
+    await app.close();
+
+    nextApp = await bootstrap.startApp();
+
+    const secondWindow = await nextApp.getWindow();
+
+    debug('waiting for megaphone');
+    const megaphoneEl = secondWindow.getByTestId('RemoteMegaphone');
+    await megaphoneEl.waitFor();
+
+    await expect(megaphoneEl.locator('text=/Donate Today/')).toBeVisible();
+    await expect(megaphoneEl.locator('img')).toBeVisible();
+    await expect(
+      megaphoneEl.getByText('Donate', { exact: true })
+    ).toBeVisible();
+    await expect(megaphoneEl.locator('text=/Not now/')).toBeVisible();
+  });
+});
diff --git a/ts/test-mock/updates-data/dynamic/release-notes/release-notes-v2.json b/ts/test-mock/updates-data/dynamic/release-notes/release-notes-v2.json
index 2f3d5d96fc..6607ec396e 100644
--- a/ts/test-mock/updates-data/dynamic/release-notes/release-notes-v2.json
+++ b/ts/test-mock/updates-data/dynamic/release-notes/release-notes-v2.json
@@ -70,6 +70,19 @@
       "conditionalId": "standard_donate",
       "dontShowAfterEpochSeconds": 1734616800,
       "secondaryCtaData": { "snoozeDurationDays": [5, 7, 9, 100] }
+    },
+    {
+      "primaryCtaId": "donate",
+      "secondaryCtaId": "snooze",
+      "countries": "1:1000000",
+      "desktopMinVersion": "6.7.0",
+      "priority": 100,
+      "dontShowBeforeEpochSeconds": 1732024800,
+      "uuid": "1A6FCAB5-2F4C-44D3-88B4-27140FACBF75",
+      "showForNumberOfDays": 30,
+      "conditionalId": "test",
+      "dontShowAfterEpochSeconds": 2147485547,
+      "secondaryCtaData": { "snoozeDurationDays": [5, 7, 9, 100] }
     }
   ]
 }
diff --git a/ts/test-mock/updates-data/static/release-notes/1A6FCAB5-2F4C-44D3-88B4-27140FACBF75/en.json b/ts/test-mock/updates-data/static/release-notes/1A6FCAB5-2F4C-44D3-88B4-27140FACBF75/en.json
new file mode 100644
index 0000000000..4f9c31e526
--- /dev/null
+++ b/ts/test-mock/updates-data/static/release-notes/1A6FCAB5-2F4C-44D3-88B4-27140FACBF75/en.json
@@ -0,0 +1,8 @@
+{
+  "image": "/static/release-notes/donate-heart.png",
+  "uuid": "1A6FCAB5-2F4C-44D3-88B4-27140FACBF75",
+  "title": "Donate Today",
+  "body": "As a nonprofit, Signal needs your support.",
+  "primaryCtaText": "Donate",
+  "secondaryCtaText": "Not now"
+}
diff --git a/ts/test-mock/updates-data/static/release-notes/donate-heart.png b/ts/test-mock/updates-data/static/release-notes/donate-heart.png
new file mode 100644
index 0000000000000000000000000000000000000000..1befcd52d6801986b47d885cef1e52742652416d
GIT binary patch
literal 6818
zcmV;T8eQdyP)<h;3K|Lk000e1NJLTq006)M006)U1^@s6Qrv6@00009a7bBm001F4
z001F40Y#QEU;qFB0drDELIAGL9O(c600d`2O+f$vv5yP<VFdsH8aGKqK~#7F?VVq2
zT-BY&fA=~@EZB~dIwr8ub|Mw2<ppOSwtd)Dg0z*W7DS+3D#1!P@KPkG%L^1GQiHY;
zl$YXC30_(osUY=#P^;Z)sf45QK=)w@FWU!JV!BHMYYa?mlOi17+w(m$$6U{x-~BiD
z-Z|&q^N}Jup7D6*-rxV<@0{b2qY&N<!|AI(q?R90D+t9`pIYS6UJ7YiJUs1*pW%5S
zb^p)2Ove-d<nugg%b$p^;WqtI{9eZw-v>UmKfIdShdr-Dj-m0$kqIT}v`xpPkQ3b~
zq<W5cp)QM#xO?Zt*Vlu9+MZA64@`P1<j90mfCM1$lN)qgT&X#6v5tmaVK){}D24DA
z=Y&$OY>m_TYyZk?lY_-6KpznJiA^c&$3@t3n-HcJSqu~co+1qB#hEGZEID@J6o7hR
z%{tACkmj}#g)`OR(OHqBytqA1E6zJKSOFrT%{@Zsk5LoxXhkT)b01F9*`_AdjZ=Vk
zH^O5GZ-mg_Lv^<F+31KQ8lK^~rX|viP=LM==NLKSXa_`(%}#mC)BtL&01*7CO<E9@
zn{SY__E|w`b>-tRdaTa5LM;{G?LUXD@ykN!U6@k{LJ^khstC1G04exebXt6S4><~_
zj*3tV1#qEGwbV%wtXF{dHo|W?!5;~2Q8ike-RnI?7Gtdf$Z}>#OJsScwg$Afi5|Mf
z(k`=g3V?8D?<Oq?>vNnO#$an$WR(KEw;3*kflP8;xML>P^$@I3fL>X1$u+U;z$R~C
zyaN3HdU$+{WUTM3zFk=14UAQQUTITRcpR1@yunlc7Cp9apP9pUMk+wBq4hGk3Qt{V
zZ;jJUCWb^l8OGXXc#jbN*T@Nfoq$1mZFN1IC&MsG0npT<fR@R{`*mbm2-}jp#|B|U
z2;^$}4a1|eW0&cK33<WD6~M*&jm3z(V5AD*gun5OTnR>&1FUX_b1vC!JkkI{7HC9_
z!~@_1`+>ClF4=W}PT<o`vlHHVs+h_>0Lq+B_#J&r3z>KgvOyJ7sRxiBuv_MIIP~~5
zKQrMyM-@?-0`$V3*T~_Br_yk!k`O2o^E(_#ARMYJF)rN$xKgJhCmm5DJyLdwv{Vn^
zgx@g)(~up=5S2)29-z1PrmOQihNV5WO-ITan<&i#V77;x@H>X5wY^8mQYn<80GRl5
zgKdt&5VBO(6lvih5N5u8Do<k_4W@)1L7@uJOL`IayDqPz3<|Fd6&3;^>Frf~obWr!
zLdw_&AB2U;SYZl)1?=RKUPt+~f^jM=A1EXQa&f<71l(T4p?^awfNOR+Mnoa`z|bL3
zZ$JJPIULn8Eq4nXlA%06okE|@pZ`03{D=Rc%YS-Deg(nB4GK0k$)B7cfA1vuQxo$0
zD?axb+H>fj{Cef*kI<;O{MOs_(SM$&kN>;-{_!tZ-`sg@&!KDO_j~^Op!^J1etwRo
z=Kq=Mfao_pG|U$5xfP&pq0c*aFVIK7&pxd!72<~LY2uEX>B=w62_d_d$|hLfpi94f
zg+6-qJY9O}cT!2SaMc(8fo7jMqkUa}YLYCYGqz2K^NvdFp`6$l`ar-hz4Qw0KlR|i
zW3c9V6ad19-&4PPXyqr;JCp&e`s)2Bg{6NZv(QI@2hefh*88NlfHF^f`AcL8)4frN
z+bIXRa)7n<5MvJ3oWlj-goVey_2r*x1)UR$EFc^zOZWl8mtln;K-v4jH9_cvuWOGy
zPH!E(Q-+0B5YllRm_j+on*@KCEa38=-rf=XsL+4(`@zLVMa1&3oH`I%6vfnu;bV8*
zXWjhyZ+873%3zZs^iB)POlAeZAr)kJ=mUZ4d~ZqIysv7lz3zs>y7pUdgahhd5{UhE
zVFQ%#fB*KM<oihr-ZMfSmB>ax@`}784gTb$eDC<G;1rz;|CAzJxb<H7Sq!H2?#1vl
zWh7G)Y(wHJt^QpL^2WuXi`7v{*>l}BG7*GA^aFuJRizs$oR`%iB{(zRc~q+aYY#t8
zo4@EP9I7w}Usz-l<*wo`%P<W<*md~|lqsrE5b`VkZcZlQSA6y}J!QUD`~DF=;eAB;
z_z!Q$_&*7}?)2ABm|Q{1oDgSH01^8ylfkh+1gEpOlqyE%1U4&D8D4!&2;Y$b!9s-w
zmOKiCX#dFv2mZE<y@j&$EAF9lKORsRl?)?qLD-eXL&br=4aG}a1mG0Y1j3LWJFwR~
zo%Z>u6`*JR-y}onw~8DH0j9q`UrGHQ@iXU%U`g>0Kylyy_S4$u;e8%_evzsG?-d3_
zd8{~4`aSrgMXjeCF_}8VsTIIv>yH>UDN(CZ@B!Wr-d7wdlu#iL2Na;nhFe-iFjWa~
zM%kw(yc4OOo90O-TmK~CM*=wW<TqvWr)tuAr8pq?GfzG`5MEUQ6rr0>@yV~LN+7(z
z;WS<#l>(S*{Sh|AS<hjF2gxpS2~~-~YvhTw(+H7{yo!rNS|;m}&@1nIS0pKNm0?<H
zLRy^J>m{Bqm#6@yTK}Y*5{<EwP@@HyrRmPpyum&f77vw{tG@X6G6_vHIsjpWvLY!?
zLl(u2jz!?TLvf3I?~3&$k*Az_ntdFj6{GO7F{G*pB`Sca)<4d&qC%0TRHv#R!*o|C
z?)Z|Z=-iwtMo$wGrLC~wy`y=RXBJ42<-G&^EmW$ae-9NZcq$Wy0{cl*5lW)~u>LJF
z5S?XBQ{K#4_De(BBs)$C(kSjI-#dtwc1M|?q$JS`#43O-<IYN`k^~6h!rCKGqz*;$
z0INE^FdsV=+Fv0;yubg{1F?z=Pq+5)6NL(XKWW}OKsW^BV`?uTO47J=tOA&9{rkZU
ziL*ppqp1wibW9O;t=@l1en0!{8SQ|YB1?mBSa1zt)lCd(a^ca+%%pb{|1bll>%7pM
z9i3IIpJ(1auF+H`u&A(-T!~OABd54kcr1=AMT980PwPuRGs-)J9^G_c(p%9z#ty>?
z;h!gi=qxVF;kK-Gbv%C*!Vl0$iW?%6<w-{P@jIB$8HMnJJUt9N|H3Wzu_NcB!VCCa
z3bh^p`>t${$<n70d;F+*eg%XE7AC3eRzxGJ2$F{2`oVD8>eo(I60RkY#uMQFz{sej
zq`<J=0GkYJJ;2tO)EHwnxI)z<3Iqd{h`0{0jGGM*et`E2YYxFqer~#H)~diYjJwWq
zFi$9JRQN%3m7D=g_hfnitpfO-Idy*s4R;|ifvE#Rgrw0Vl%T|Qgq84Dk?dvx4KVI~
zBfsGm>0tS(DR449paAkff{>1pAt0gBfdrF_pG_1Zpqh8Og)XL9{wUq?>r?FGT=^C`
zknXdN1R>M9Efoh8U~J1A;m5_}CK9I?^l>Rd9}|U0p;lP+gCyVN_l>eGH+Ka?q$``^
z{*5Y$*Rkaf7Ip>{KxD<n?CZ~6JkI)eOK|a{#U_By6%{7L*lA|)M-B1;&Z47}tV6f{
zdQ|v6-8S&E{vQYhxQz^fiy<+;q64!rCR@=cN|<E6Vo0){1l}*_1+Mtq_1d+{mws!G
z2M}S<Tz?p}O96V@ofw1e;-Qqtbt$dc#)Cc)CeuToe(;`kUI59kt}Kn`_E(5T$n@ns
zv}^yHeh*-b0<e`IX8#@tzfFP!AWSxdK2hTGvMX-Tk8_yZ6x*c$o<}#5A#kxHX4!RY
z{^B=e8^%;fGQx$XTw@aJER4b19pdjO0Lq_XNR^z<od)iran%NstW4d(wbm)G+<aG)
z2N)CrfmSpR*inG-Epvn)=o&9F(b5c-IpMD!?wVuOSwE(2s1@xBe-Z*2)cgWEtHJHN
zX;P`JDR9?ZSDx-}C}vK6=0_r(9R=`wI!cDXC9~YjykRc35peg2Gg2mX=EI1r?<jyt
z@jth)o13dIa`Rb7I=GDkSOqZX9(j>|fK-6ITT53Bw<)ai0M(P#qMKIn+Ul)zlm}#l
z0nK@ZpBbMYB)hs<a{Sz32An{vh4N957Z`W%e3|o}-_!lxtaZQLbF6BzCbeNe*fFbR
zI!fmK-v5kgfH@qM(3APD0vMD4I~<kJlX<_F4I8ukF%M}^OmP&4f!m^IWg4=-XKS2V
zen7^dN}=k^TT~s;2hb%`{@w{ASAf+SZh=3#zN+b^&LuYW=v7pL_6Xr`kzqjK-#Yfy
zfuAF}>aQ?>D?WR@QJuynz<Gf8|MmOYG4{XtuYWVnYlLGk{-JpapiX4(hpYFOc{Hg*
z57(8~dE%}YFfU{h4Y8K*85;lVgqj<w;^xpD<-r*pU5D7z{tZf@erV|4pSp|24OPYM
ztLZ2Q-8F}S;yi$nc(m8|efl&R2xrxGn@e%)Q61&LH7fZv9A;M8!;tpnJt@9)IIGT$
z;p*nl9p%7<H0-@G)I)o|@Bp5HNig6pGM5N*OC=q}!(D6c-WWT>g(R2^1#VVnIk@F`
zrn=cWl4V&cw~EgckOUjs1?C3gxC`ydq2+@H7-yJt7;c!R;Q@?Q0M6BNv8D}Eh_=Js
z6K<yn8x+7;xatnKFO3U>%7@ztn)d)^kF^`E05T7_LEjJ1U2t4%w~nAZWSFU0^p1O>
zTO*8pf=nNpGg<)v=W^GVf0pU_j^UY_|BCkK*ppSqRsU%Iy)a$@5ZCL%Ag&t3J>M}L
zNPcza0HFKJhNNFG-y0jR0C8cEZl~h76H6TV;qt4GUgZlC1|Oik0~DY`hSR_IJPwwQ
zJBJrPcV3`axC2RGoOIPUZVP+E=y>m~hi{rX5ElhUq+;RA#2q(x!<>ZV3a1uwd)Yg(
z!L7rHf+QH{vZ)gFp>sbb3us%T07)mo>z;q%mV4bwu>v@B?kB0Qy;{9zL--?T`=Li|
zvVg1?6wi0L!0=>^<>8qv5q^wA3k3-2B3TZ%?Vig8hC}9B3n!?~Kmm+Tf;k}gIA06-
zfvz#;Dni3Cb>b^pYmU=+-a2}xRYy{3355snEvN$NK!OXwmxs-Xn6v*hc?G-xw}XL$
z2iFXhHXXR;>bO@Zg01H>2;=`p?1<7P%fLlPl_#3u;wI=U61>37liwsqHn?L?`_E#N
zhkxI_Kx+>_PPQS6KONt<BnghfokjKjnWvex0&Yeq3rKvq)8B15(lrez0QrG$p8~)&
z>yq2Jb8Jz^b_sDZafz=AeX{(H$#~mB0mirNQ-HYS77C!-J_X4f7t=aEVR~U+oA|~Z
z=*=a|rZbK{z`lJRl3?o+VXnjpFR=FT6Z+o~O5;Ky9wffpcnJ>l=6=Ug!_tB5cZcCT
zvhI{Qc!B+=9@IX@CB(pmLV6I!9DHF>`xvezH}T0O%f{1_`K|&4^g3Ax5;e}Ea|y8v
zh4kbJedHkAmn~g}+LL*|`@Ma6fMWm22edzzq0l4x(i}n|u9DP5Q1yumeYg`LXP-Gk
zwxVRd>jB1Sg)9YDh`V{0Uiuv$3Vr8M*C3-_49`?>;zOSkRwlj*&+mpn@@PC96tF!;
zACRTM+F!W!K5g{}xx#h7`hiy1kt?8y(`2su)eqTyKHs@(L2LbSEiD;$W|^7l9t$Zw
z0J34v!bDgR*X@<PfhGO=VdM|{Pd-RZ1y-Efwh-5h3w><wtcMX<|Ky<TfX<P{K$!bO
zAyhU{DdMU{0QrEmiQEt%?vE=5;4$6f_?hjcWG^D?JEsG$t%vjCi`9MZXeb0_kR9U`
z+j7K(P;~?$48p=R*G3M#J^Z)~7wZuEfNi4NubJ}B;`<#1ussh@;D81U$z`=tO<6$(
zAx6DFYXXae7`r^!ocJoXw(0P-`@A;3-*rB`Ez2W^0c!}jL))5=6d!zkvC-Xd#Qz5-
zy`2lNYg?2sq!+2iK)?~|aE+b1C&h8`dv{^cowW}G{cv}&XSV|Qbe3ug)(^nC%iRmU
zx5O^uKvG=CPBE9%0`yDNq$dnSop;l?OuLQzt`Mk~2fRs^ADkTp7H#!wCkGC1i0cmk
zbdjxJ^49}ZE;Rmh;QCy+<-UR3M^=gCctpLLg{uCq*yRD_WT?gc03Db9;}z}6C8+$M
z(W9Fe0tkhSJ=r7!_zZEvFRy_n@ka-k+w$C2bRqu0)`&q+uRI{G&JUNrdjCo7WAG42
z7;UzIvf}gnBKtTzBiHOg8JQa~u@#X34}|yw3NRkfGS!SYYmQt1`GF3p1TWaB1ghN0
zp6D(<Gkfs3y)*u?Y;O<FybUNoFAQ3t8UZ1gefA71$VmFQ$`I<_wkbhUtskG2OLUVI
z$6AC;tJ;4Q{qE2qJx4VI!Z7>Hx7o)b6kO74lM*Bef1I*|uA!*kS!)3!(^>@>+m^AC
zwHsz}V01dJ&X39uR~}VLVDf4*wW^B~V3a$#a1UT+%G5J`hom#UtuOIw6+nhTHS_`?
zsm_n2Sa%vdkV^2pnM#l({P;|9d-ud`H*Y(l?s>Mi_I&{MfQ&jf#c;E^$`Hz;-Rg+G
zBML8Kni44C=d5>Jxf7_t!MYN7yfJ4L;J~D}QnzF{3TorrSO7|c+__i4Bqc}^et=yv
zIN_J$AE#=)CZa86nIZOwq`LJ4`oWr3U3oNaY(N1exbD|K9BE>#65gb^9m=W;Z}9sz
zuj@@iK=fGL<6hi@bsUZ8NA7JYm;SxoTR`(brUf$5->;H9W6h}ks0vWtv1rR^&rErT
z<DL+!0N~w=;c3sKZ&8g=i$3yJL8?}QVT89k__kcza%U7F+{>Su@=hc?C!QvFfh4eo
zVC|77q<7##o~o1}N%-;iv7R^WYPdQRUHHP0cuZ=YOQLCz(~`H|CoN~3fU7=1nFDlq
z?IhvHdqlJAoqyp6{h9!*f0FR`o|nwqAB3&(t`}$&x~)Nyy25HhE+|Zqpjv~3m9y%)
z_bRJZKdRwaLkiMZe~{{+Z23YB^8(zyI7y+7oI4VNT4YlRuO-W_8H68TeRLB&L0an%
zQlAvR70_v_;dlf`aB-6roHX%166zwFOL&dAI(^&*R`T)xdxw3ju6(>5U;2!aS^=O@
zVMvSA5R#f*YWW~HHUXsY4zb1<&AK=xN)rAwO|rU?#rpT2pPnXGgb+ro-hV1K<bj~Z
zZMK{A8UwGHLU5sYapMh56n;Tl#QryBQGnDQ0H7k&BrgD@CrC(oF+dl$kUZ%%qR36F
ze*J@3!Nu5iobadZ5Z8@B$YvJd2bny8Vr@Ny7idv~NE7!bjZh?2h~P!wP2#FHP_(#_
z=7w~5btHCub!74YiqNCRoiLGRQA~8yK!>UjaeHpYl{wYxJK<+}h;oq21Aw)S@Ry=A
zdYl?Y8czU0PC9_2yEx_h(ko!M<)r5$?BNdl08JMDG$Ri&znhOHk4VTZRqkHUR)Eq>
zk}6d7CautNdlktJ@$=1Wcu|hTH%hJ$2p}OANk{5>Yn@P=YV}WzW)Xe>!Ovo`kstK`
zO?Zw53%?w9&MW*Nw+B#&Q0Qe53LT?{qT>EI;fKe_Dxh(j_$p6;4sp#Fv&1q?=o5L3
z;poi?VI_HEr$w=lo?l(oZC1f@r}Yk~^sF!aR32Z%DGqXoh9C4dROq7^S^<D4iy|5R
zB{_BhE8abLqZ{jEzfD+dPN?yG%<8M20+cFlXSXIJLZ1_}Q{FNSN$wmV$_!51Xjp?R
z4Ol}E9aF%5n-^}qS6e}np5pF>T@AIkUF#Z+khLO&9~7bhV5~bV*CvMqd4aCsrOK$$
z$K=5rcP(hQDwN?+jkhb$L3^VsYlTpl0-!2{n2Z`UG0K6Ym)my}s7-m*7KQ5E0*<=v
z(mVuG#tt)k{N$mK93V;^4%;h=q|R^}nqKLNQdHa@rEmoRO;|{u7L+Ry$7el!57V4D
zprWq3wPhs~J*NYEz0*`Mr6>Ss>ZpW{tPAGlem&2gY1}j?hltb9?w|5*rxGYE2k2+)
zvK*LelVfL)E=}DYrB8I3o$&9_zPMf9@MUQp0Q8z<FH^%tr{jpr3$l(<G=M^yU2&AE
z0Kj#M2SM2r`*o_22q6z9LYsVkuZGfvAC#^DV0AN`^8@J#oD%dvULccWIS&13Q)l=&
zI)M=W*?nH=2R2rs0Kh4MBP~Msk5nQ2ptK~opV<ldfpV?daWn^6>#s=oL1hX6X1Yxb
zm*qKhbjoOSB~e)j6vc%@jy@`j`TMEV11Jy<1-_gcYLlbsj7<2!NIZbT^$8kJC8f?d
zMyde7DM4cyx$uLLgg{Yn0mekxOQ>RPPo;G12D3dI;+~IM_`%3MKomDcT7Sx#>dcE#
z3IJBu!+BvLzDuq`R5wuOe5mR&XA;IK0C0Ih?Jy$V*D>-OK*vsA;1=53kGO}X#QQpo
z^Z-$MArbO|7CCI9vn@Ki*I>sGgE7(rL_y3b7uz@Zq)O}XXhqz!Bc=;KFx~@1ao)gq
z<bJWUd%dT~60A}HAQNPtPK$Sb4>^nhwS6pIEON_|DzHug6us>jQ7&zfW0bUUV9J3>
zZ-p$xS_M$7UJSqCd$d4K5voR>7iUsaD-YHy0B~VZrAWcw4CpD_!W|v8PymHfgmS@t
z{5XW#)S7-CYNY@QrwE18K?!<GSo}H(zM_^2pol2KQF1v#R%#XMaMW4>qPQMHN<<SY
z2<XKR16r=L;42!V0E%}v!ed@Q^Wu}=MsDI%A;X-|r?a+}GxO3o1yH>CK{$Q&7#;VK
zCp7htKVj`5_#4}Fwh7i=M`INr3UY<9F*@eME7W^O>yEhN=bIGbB;gc5gX}U3MeuyO
zQ6z$MWHBB(wIRKT@MiNeop(aN8>avX^cLsLAxshqany8$@PvgA13Cvw-{jCHElvS)
zfJ9md*_@AxlJFALRf?(;Y8lQ@K(7bbUule1KHQ?V6ZmX61t<uaRF6~352zJ{)DjnV
z+8d)!3*~6xaj*9^>?#VUEFG_R$YAKnO~WAM9onXg5OR^Dv;&{oPSA_vFB4I#aa<kw
QU;qFB07*qoM6N<$f?;svRR910

literal 0
HcmV?d00001

diff --git a/ts/test-node/services/megaphone_test.preload.ts b/ts/test-node/services/megaphone_test.preload.ts
index cf9fd7b29d..1b7831b406 100644
--- a/ts/test-node/services/megaphone_test.preload.ts
+++ b/ts/test-node/services/megaphone_test.preload.ts
@@ -3,6 +3,7 @@
 
 import { assert } from 'chai';
 import { v4 as uuid } from 'uuid';
+import sinon from 'sinon';
 
 import {
   isMegaphoneCtaIdValid,
@@ -14,6 +15,10 @@ import type {
   RemoteMegaphoneId,
   RemoteMegaphoneType,
 } from '../../types/Megaphone.std.js';
+import { generateAci } from '../../types/ServiceId.std.js';
+import { itemStorage } from '../../textsecure/Storage.preload.js';
+import type { ConversationController } from '../../ConversationController.preload.js';
+import type { ConversationModel } from '../../models/conversations.preload.js';
 
 const FAKE_MEGAPHONE: RemoteMegaphoneType = {
   id: uuid() as RemoteMegaphoneId,
@@ -22,7 +27,7 @@ const FAKE_MEGAPHONE: RemoteMegaphoneType = {
   dontShowBeforeEpochMs: Date.now() - 1 * DAY,
   dontShowAfterEpochMs: Date.now() + 14 * DAY,
   showForNumberOfDays: 30,
-  conditionalId: 'standard_donate',
+  conditionalId: 'test',
   primaryCtaId: 'donate',
   primaryCtaData: null,
   secondaryCtaId: 'snooze',
@@ -125,4 +130,76 @@ describe('megaphone service', () => {
       assert.strictEqual(isMegaphoneShowable(megaphone), false);
     });
   });
+
+  describe('conditionals', () => {
+    let sandbox: sinon.SinonSandbox;
+    let deviceCreatedAt: number;
+    let oldConversationController: ConversationController;
+    let ourConversation: ConversationModel;
+
+    const ourAci = generateAci();
+    const createMeWithBadges = (
+      badges: Array<{
+        id: string;
+      }>
+    ): ConversationModel => {
+      const attrs = {
+        id: 'our-conversation-id',
+        serviceId: ourAci,
+        badges,
+        type: 'private',
+        sharedGroupNames: [],
+        version: 0,
+        expireTimerVersion: 1,
+      };
+      return {
+        ...attrs,
+        attributes: attrs,
+      } as unknown as ConversationModel;
+    };
+
+    beforeEach(() => {
+      sandbox = sinon.createSandbox();
+      sandbox.stub(itemStorage, 'get').callsFake(key => {
+        if (key === 'deviceCreatedAt') {
+          return deviceCreatedAt;
+        }
+        return undefined;
+      });
+
+      deviceCreatedAt = Date.now();
+      ourConversation = createMeWithBadges([]);
+
+      oldConversationController = window.ConversationController;
+      window.ConversationController = {
+        getOurConversation: () => ourConversation,
+        conversationUpdated: () => undefined,
+      } as unknown as ConversationController;
+    });
+
+    afterEach(() => {
+      window.ConversationController = oldConversationController;
+      sandbox.restore();
+    });
+
+    describe('standard_donate', async () => {
+      const megaphone = getMegaphone({
+        conditionalId: 'standard_donate',
+      });
+
+      it('true when desktop has been registered for a week and has no badges', () => {
+        deviceCreatedAt = Date.now() - 7 * DAY;
+        assert.strictEqual(isMegaphoneShowable(megaphone), true);
+      });
+
+      it('false with fresh linked desktop', () => {
+        assert.strictEqual(isMegaphoneShowable(megaphone), false);
+      });
+
+      it('false with badges', () => {
+        ourConversation = createMeWithBadges([{ id: 'cool' }]);
+        assert.strictEqual(isMegaphoneShowable(megaphone), false);
+      });
+    });
+  });
 });
diff --git a/ts/textsecure/AccountManager.preload.ts b/ts/textsecure/AccountManager.preload.ts
index 5a76531cc6..a14bfa0cf5 100644
--- a/ts/textsecure/AccountManager.preload.ts
+++ b/ts/textsecure/AccountManager.preload.ts
@@ -43,6 +43,8 @@ import {
   encryptDeviceName,
   generateRegistrationId,
   getRandomBytes,
+  decryptDeviceCreatedAt,
+  encryptDeviceCreatedAt,
 } from '../Crypto.node.js';
 import {
   generateKeyPair,
@@ -311,6 +313,58 @@ export default class AccountManager extends EventTarget {
     return name;
   }
 
+  // For testing
+  async _encryptDeviceCreatedAt(
+    createdAt: number,
+    deviceId: number
+  ): Promise<string> {
+    const ourAci = itemStorage.user.getCheckedAci();
+    const identityKey = signalProtocolStore.getIdentityKeyPair(ourAci);
+    const registrationId =
+      await signalProtocolStore.getLocalRegistrationId(ourAci);
+    strictAssert(identityKey, 'Missing identity key pair');
+    strictAssert(registrationId, 'Missing registrationId for our Aci');
+
+    const createdAtCiphertextBytes = encryptDeviceCreatedAt(
+      createdAt,
+      deviceId,
+      registrationId,
+      identityKey.publicKey
+    );
+
+    return Bytes.toBase64(createdAtCiphertextBytes);
+  }
+
+  async decryptDeviceCreatedAt(
+    createdAtCiphertextBase64: string,
+    deviceId: number
+  ): Promise<number> {
+    const ourAci = itemStorage.user.getCheckedAci();
+    const identityKey = signalProtocolStore.getIdentityKeyPair(ourAci);
+    if (!identityKey) {
+      throw new Error('decryptDeviceCreatedAt: No identity key pair!');
+    }
+
+    const registrationId =
+      await signalProtocolStore.getLocalRegistrationId(ourAci);
+    if (!registrationId) {
+      throw new Error('decryptDeviceCreatedAt: No registrationId for our Aci!');
+    }
+
+    const createdAtCiphertextBytes = Bytes.fromBase64(
+      createdAtCiphertextBase64
+    );
+
+    const createdAt = decryptDeviceCreatedAt(
+      createdAtCiphertextBytes,
+      deviceId,
+      registrationId,
+      identityKey.privateKey
+    );
+
+    return createdAt;
+  }
+
   async maybeUpdateDeviceName(): Promise<void> {
     const isNameEncrypted = itemStorage.user.getDeviceNameEncrypted();
     if (isNameEncrypted) {
diff --git a/ts/textsecure/WebAPI.preload.ts b/ts/textsecure/WebAPI.preload.ts
index 41fdb682d5..70a47151d0 100644
--- a/ts/textsecure/WebAPI.preload.ts
+++ b/ts/textsecure/WebAPI.preload.ts
@@ -967,7 +967,7 @@ const getDevicesResultZod = z.object({
       id: z.number(),
       name: z.string().nullish(), // primary devices may not have a name
       lastSeen: z.number().nullish(),
-      created: z.number().nullish(),
+      createdAtCiphertext: z.string(),
     })
   ),
 });
diff --git a/ts/textsecure/storage/User.dom.ts b/ts/textsecure/storage/User.dom.ts
index 6f58bb29fc..731823c789 100644
--- a/ts/textsecure/storage/User.dom.ts
+++ b/ts/textsecure/storage/User.dom.ts
@@ -152,6 +152,14 @@ export class User {
     return parseInt(value, 10);
   }
 
+  public getDeviceCreatedAt(): number | undefined {
+    return this.storage.get('deviceCreatedAt');
+  }
+
+  public async setDeviceCreatedAt(createdAt: number): Promise<void> {
+    return this.storage.put('deviceCreatedAt', createdAt);
+  }
+
   public getDeviceName(): string | undefined {
     return this.storage.get('device_name');
   }
diff --git a/ts/types/Storage.d.ts b/ts/types/Storage.d.ts
index 61fb2b0973..b7e88eb828 100644
--- a/ts/types/Storage.d.ts
+++ b/ts/types/Storage.d.ts
@@ -83,6 +83,7 @@ export type StorageAccessType = {
 
   customColors: CustomColorsItemType;
   device_name: string;
+  deviceCreatedAt: number;
   existingOnboardingStoryMessageIds: ReadonlyArray<string> | undefined;
   hasSetMyStoriesPrivacy: boolean;
   hasCompletedUsernameOnboarding: boolean;
diff --git a/ts/util/onDeviceNameChangeSync.preload.ts b/ts/util/onDeviceNameChangeSync.preload.ts
index 3c831443b1..300ce60edd 100644
--- a/ts/util/onDeviceNameChangeSync.preload.ts
+++ b/ts/util/onDeviceNameChangeSync.preload.ts
@@ -27,41 +27,45 @@ export async function onDeviceNameChangeSync(
   const { confirm } = event;
 
   const maybeQueueAndThenConfirm = async () => {
-    await maybeQueueDeviceNameFetch();
+    await maybeQueueDeviceInfoFetch();
     confirm();
   };
 
   drop(maybeQueueAndThenConfirm());
 }
 
-export async function maybeQueueDeviceNameFetch(): Promise<void> {
+export async function maybeQueueDeviceInfoFetch(): Promise<void> {
   if (deviceNameFetchQueue.size >= 1) {
-    log.info('maybeQueueDeviceNameFetch: skipping; fetch already queued');
+    log.info('maybeQueueDeviceInfoFetch: skipping; fetch already queued');
   }
 
   try {
-    await deviceNameFetchQueue.add(fetchAndUpdateDeviceName);
+    await deviceNameFetchQueue.add(fetchAndUpdateDeviceInfo);
   } catch (e) {
     log.error(
-      'maybeQueueDeviceNameFetch: error when fetching device name',
+      'maybeQueueDeviceInfoFetch: error when fetching device name',
       toLogFormat(e)
     );
   }
 }
 
-async function fetchAndUpdateDeviceName() {
+async function fetchAndUpdateDeviceInfo() {
   const { devices } = await getDevices();
   const localDeviceId = parseIntOrThrow(
     itemStorage.user.getDeviceId(),
-    'fetchAndUpdateDeviceName: localDeviceId'
+    'fetchAndUpdateDeviceInfo: localDeviceId'
   );
   const ourDevice = devices.find(device => device.id === localDeviceId);
   strictAssert(ourDevice, 'ourDevice must be returned from devices endpoint');
 
-  const newNameEncrypted = ourDevice.name;
+  await maybeUpdateDeviceCreatedAt(
+    ourDevice.createdAtCiphertext,
+    localDeviceId
+  );
 
+  const newNameEncrypted = ourDevice.name;
   if (!newNameEncrypted) {
-    log.error('fetchAndUpdateDeviceName: device had empty name');
+    log.error('fetchAndUpdateDeviceInfo: device had empty name');
     return;
   }
 
@@ -71,20 +75,49 @@ async function fetchAndUpdateDeviceName() {
   } catch (e) {
     const deviceNameWasEncrypted = itemStorage.user.getDeviceNameEncrypted();
     log.error(
-      `fetchAndUpdateDeviceName: failed to decrypt device name. Was encrypted local state: ${deviceNameWasEncrypted}`
+      `fetchAndUpdateDeviceInfo: failed to decrypt device name. Was encrypted local state: ${deviceNameWasEncrypted}`
     );
     return;
   }
 
   const existingName = itemStorage.user.getDeviceName();
   if (newName === existingName) {
-    log.info('fetchAndUpdateDeviceName: new name matches existing name');
+    log.info('fetchAndUpdateDeviceInfo: new name matches existing name');
     return;
   }
 
   await itemStorage.user.setDeviceName(newName);
   window.Whisper.events.emit('deviceNameChanged');
   log.info(
-    'fetchAndUpdateDeviceName: successfully updated new device name locally'
+    'fetchAndUpdateDeviceInfo: successfully updated new device name locally'
   );
 }
+
+async function maybeUpdateDeviceCreatedAt(
+  createdAtCiphertext: string,
+  deviceId: number
+): Promise<void> {
+  const existingCreatedAt = itemStorage.user.getDeviceCreatedAt();
+  if (existingCreatedAt) {
+    return;
+  }
+
+  const createdAtEncrypted = createdAtCiphertext;
+  let createdAt: number | undefined;
+  try {
+    createdAt = await accountManager.decryptDeviceCreatedAt(
+      createdAtEncrypted,
+      deviceId
+    );
+  } catch (e) {
+    log.error(
+      'maybeUpdateDeviceCreatedAt: failed to decrypt device createdAt',
+      toLogFormat(e)
+    );
+  }
+
+  if (createdAt) {
+    await itemStorage.user.setDeviceCreatedAt(createdAt);
+    log.info('maybeUpdateDeviceCreatedAt: saved createdAt');
+  }
+}