* Fix for #11503: when you send a transaction with value as 0x, you get a
Bignumber error. Fix this by setting value to 0x0 is it's 0x.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* 1. Fix this in app/scripts/controllers/transactions/lib/utils.js
2. Make sure other non-hex non-valid strings for value return 0x0
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Linting Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Instead of returning 0x0 for invalid hex values, throw a descriptive
error
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Unit tests.
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* assert.throws takes a function
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Use standardized error message.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* remove fixHexValue
move code validating hex value to validateTxParams
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Change message displayed if hex string is invalid.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fixed missing second quote mark on message.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
The extension version used throughout the wallet is now normalized to a
SemVer-compliant version that matches the version used in
`package.json`. We use this version for display on the "About" page,
and we attach it to all error reports and metric events, so it's
important that we format it consistently so that we can correlate
events on the same version across different browsers.
This normalization step is necessary because Firefox and Chrome both
have different requirements for the extension version, and neither is
SemVer-compliant.
* lockdown - breakout making globalThis properties non-writable into lockdown-more.js
* Update app/scripts/lockdown-more.js
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
* Update app/scripts/lockdown-more.js
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
* Fixes#12145
When transactions fail, preserve error message when presented with an error object. Fallback to stringified error for other cases.
* Perserve error stack when err.stack is present, else set stack to message.
* Use optional chaining
* Jestify migrations/
* Lint exclude migrations from mocha config, and add inclusion to jest config
* Add migration tests to jest config
* Exclude/ignore migration tests
* Set process.env.IN_TEST to true when running tests locally
* add command to debug unit tests
* remove extra zero balance account potentially created from seeking ahead
* Add PR 12074 to CHANGELOG
* Revert "Add PR 12074 to CHANGELOG"
This reverts commit 9f6f7eec1cac163c0ce1c711b1c205322aa5b2af.
* Remove test debug command
* Replace hardcoded sent ether label on confirm screen
* replace transaction type SENT_ETHER with network agnostic SENDING_NATIVE_ASSET
* remove sentEther translation base
* make backwards compatible with lingering transaction of legacy sentEther type
* update localalization files
* fixup legacy sentEther transaction type
* changing new transaction type away from localization string
* revert migration tests
* update fixtures and test data
* update name of new transaction type
* add migration
* remove legacy SENT_ETHER from transaction types enum object
* bump @metamask/controllers to v15.0.1 and remove AbortController workaround in e2e tests
* remove old abortcontroller polyfill
* bump @metamask/controllers to v15.0.2
* EIP-1559 - Provide support for Ledger
* Update ui/selectors/selectors.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Add shared constants for hw types
* bump eth-ledger-bridge-keyring to v0.7.0
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Alex <adonesky@gmail.com>
Adds the latest version of `@metamask/controllers`, and updates our usage of the `ApprovalController`, which has been migrated to `BaseControllerV2`. Of [the new `controllers` release](https://github.com/MetaMask/controllers/releases/tag/v15.0.0), only the `ApprovalController` migration should be breaking.
This is the first time we use events on the `ControllerMessenger` to update the badge, so I turned the messenger into a property on the main `MetaMaskController` in order to subscribe to events on it in `background.js`. I confirmed that the badge does indeed update during local QA.
As it turns out, [MetaMask/controllers#571](https://github.com/MetaMask/controllers/pull/571) was breaking for a single unit test case, which is now handled during setup and teardown for the related test suite (`metamask-controller.test.js`).
This PR makes ~all named intrinsics in all of our JavaScript processes non-modifiable. A named intrinsic is any property specified by the ECMAScript specification that exists on `globalThis` when the JavaScript process starts. We say that a property is non-modifiable if it is non-configurable and non-writable. We make exceptions for properties that meet any of the following criteria:
1. Properties that are non-configurable by the time `lockdown-run.js` is executed are not modified, because they can't be.
2. Properties that have accessor properties (`get` or `set`) are made non-configurable, but their writability cannot be modified, and is therefore left unchanged. It's unclear how many of the named intrinsics this applies to, if any, but it's good defensive programming, regardless.
* Fixes updates on the confirm screen.
* Better handling of internal send transactions
* maxFee -> maxFeePerGas property name fix
* Remove redundant setEstimateToUse call in onManualChange
* Fix unit tests
* rebase error fix
* Fixes to speedup loading and transaction breakdown priority fee
* Fix lint and unit tests
* Ensure gas price based transaction that have been customized (e.g. speed up and retry) are properly initialized in useGasFeeInputs
* Clean up
* Link fix
* Stop GasFeeController polling when pop closes
* Stop estimate gas polling on window unload
* lint + comments
* Improve client closed logic
* lint
* Add back _beforeUnload on unmount in gas-modal-page-container
* Add full check and call onClientClosed method for notifcation environment
* Add gas pollingToken tracking to appStateController and use to disconnect polling for each environment type
* remove unused method
* move controller manipulation logic from background.js to metamask-controller, disaggregate methods
* add beforeunload handling to reset gas polling tokens from root of send page
* cleanup, lint and address feedback
* clear appState gasPollingTokens when all instances of all env types are closed, fix pollingTokenType arg from onEnvironmentTypeClosed call in metamask-controller
* mock new methods to fix tests
* final bit of cleanup + comments
Co-authored-by: Dan Miller <danjm.com@gmail.com>
Fixing up tests and add back old custom gas modal for non-eip1559 compliant networks
Remove unnecessary props from send-gas-row.component
fix breaking test
Fix primary and secondary title overrides
fix rebase issue
Fix rebase conflict
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
wip
Documentation improvements for send slice support of EIP1559
Remove console.log in send duck
Property lookup safety improvement in selectors/confirm-transaction
Add code accidentally removed in rebase
Update addTxGasDefaults and _getDefaultGasFees to work with new estimate types, and ensure we correctly handle gas price estimates when on EIP1559 networks (#11615)
* Fix typo
Remove console.log in send duck
* Update addTxGasDefaults and _getDefaultGasFees to work correctly with all new gas fee estimate types
* Don't show gas timing support when not on eip1559 compatible network
* Hide gas timing component on transaction screen when on a non-1559 network
* Improve comments, tests and edge case handling
* Ensure eip1559 fees are applied and updated correctly when eip1559 estimate api fails
* Lint fix
Co-authored-by: Brad Decker <git@braddecker.dev>
Remove console.log
Handle possible gasEstimateType undefined
Remove unnecessary nonce field position change in confirm-page-container-content__details
* Add support for EIP1559 transactions to transaction breakdown
* Use userPreferencedCurrencyDisplay for effective gas price in transaction breakdown
* Hide eip1559 gas properties in transaction breakdown on non-1559 networks
* Add comment explaining gasPrice and effectiveGasPrice usage in transaction breakdown container.
* Fix a check for EIP presense
* Add support for Polygon
* Update default Polygon URL
* Trigger Build
* Use a more user-friendly error message for disabled Swaps API calls
* prepare for EIP1559 gas fields in speedup/cancel
* Update ui/components/app/gas-customization/gas-modal-page-container/gas-modal-page-container.container.js
* Call Wyre’s API via our backend to generate Wyre’s Checkout URL
* Add back paymentMethod=debit-card, use a fallback URL if no url is returned from BE
* Fix a lint issue
* Refactor how to return Wyre’s Checkout URL
* Add 2 constants into a test file, refactoring
* add erc-721 token detection and flag to disable sending
* addressing feedback
* remove redundant provider instantiation
* fix issue caused by unprotected destructuring
* add tests and documentation
* move add isERC721 flag to useTokenTracker hook
* Update and unit tests
* use memoizedTokens in useTokenTracker
Co-authored-by: Dan Miller <danjm.com@gmail.com>
Only the first parameter, `type`, was ever passed in. The others are
superfluous. The defaults have been set directly instead.
It's a bit silly to set the `rpcUrl` and `nickname` to an empty string,
but to make this more sensible would take much more effort. This at
least is simpler and guaranteed to be equivalent.
* Moving RPC Urls to network constants
* Including RPC url in switchEthereumChain requestData
* Setting project id to var
* Fix built-in networks switch-ethereum-chain
`switch-ethereum-chain` did not work correctly with built-in networks.
It was treating them as custom networks, rather than as built-in
networks. This affected how they were displayed in the network
dropdown, and resulted in slight differences to the network stack used
as well.
The problem was that `updateRpcTarget` was used, which was meant for
custom networks only. Now that `setProviderType` is used in the case of
a built-in network, the behaviour should match the network switcher
exactly.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Add stringified payload to metametrics controller trackEvent error message
* Don't include full payload when throwing error on missing event or category in trackEvent
The CurrencyRateController has been migrated to the BaseControllerV2
API, which includes various API changes. These changes include:
* The constructor now expects to be passed a
`RestrictedControllerMessenger`.
* State changes are subscribed to via the `ControllerMessenger` now,
rather than via a `subscribe` function.
* The state and configration are passed in as one "options" object,
rather than as two separate parameters
* The polling needs to be started explicitly by calling `start`. It
can be stopped and started on-demand now as well.
* Changing the current currency or native currency will now throw an
error if we fail to update the conversion rate.
The `ComposableObservableStore` has been updated to accomodate these
new types of controllers. The constructor has been updated to use an
options bag pattern as well, to make the addition of the new required
`controllerMessenger` parameter a bit less unweildly.
* Removing support notification from what's new
* Adding migration for support notification removal
* Expanding test cases, using async/await for storage comparison
Sentry is now configured with environment variables, rather than with
hard-coded values. This makes it easier to test Sentry functionality
using a different Sentry account, as we did recently during QA of
v9.5.1.
The only change for the normal build process is the introduction of the
`SENTRY_DSN_DEV` variable, which can be set via `.metamaskrc` or via an
environment variable. This determines where error reports are sent. It
still defaults to our team Sentry account's `metamask-testing` project.
The `sentry:publish` script now requires SENTRY_ORG and SENTRY_PROJECT
to be set in order to publish release artifacts. The CircleCI
configuration has been updated with these values, so it should act the
same as it did before. Previously we had used a CLI flag to specify the
organization and project, but Sentry already natively supports these
environment variables [1].
[1]: https://docs.sentry.io/product/cli/configuration/#configuration-values
Three uses of `hasOwnProperty.call` have been replaced with simpler
alternatives. I did this because I found this convention confusing.
The `ComposableObservableStore` changes required adding a check for
whether the `config` is defined, because the old syntax would allow
iterating over `undefined` as if it was an empty object. Functionally
it should be identical. A new test was added to highlight this
functionality.
The `assert` module has two modes: "Legacy" and "strict". When using
strict mode, the "strict" version of each assertion method is implied.
Whereas in legacy mode, by default it will use the deprecated, "loose"
version of each assertion.
We now use strict mode everywhere. A few tests required updates where
they were asserting the wrong thing, and it was passing beforehand due
to the loose matching.
The `SET_CURRENT_FIAT` action has been removed. It has been replaced
by a call to `forceUpdateMetamaskState`. The only purpose of this
action was to eagerly update the current fiat currency settings before
the next state update. Forcing a state update instead is simpler and
safer.
The `setCurrentCurrency` function in the background has been updated to
no longer return the state, now that it's no longer needed.
* Add 'What's New' notification popup
* Move selectors from shared/notifications into ui/ directory
* Use keys for localized message in whats new notifications objects, to ensure notifications will be translated.
* Remove unused swaps intro popup locale messages
* Fix keys of whats new notification locales
* Remove notifications messages and descriptions from comment in shared/notifications
* Move notifcationActionFunctions to shared/notifications and make it stateless
* Get notification data from constants instead of state in whats-new-popup
* Code cleanup
* Fix build quote reference to swapsEthToken, broken during rebase
* Rename notificationFilters to notificationToExclude to clarify its purpose
* Documentation for getSortedNotificationsToShow
* Move notification action functions from shared/ to whats-new-popup.js
* Stop setting swapsWelcomeMessageHasBeenShown to state in app-state controller
* Update e2e tests for whats new popup changes
* Updating migration files
* Addressing feedback part 1
* Addressing feedback part 2
* Remove unnecessary div in whats-new-popup
* Change getNotificationsToExclude to getNotificationsToInclude for use in the getSortedNotificationsToShow selector
* Delete intro-popup directory and test files
* Lint fix
* Add notifiction state to address-entry fixture
* Use two separate functions for rendering first and subsequent notifications in the whats-new-popup
* Ensure that string literals are passed to t for whats new popup text
* Update import-ui fixtures to include notificaiton controller state
* Remove unnecessary, accidental change confirm-approve
* Remove swaps notification in favour of mobile swaps as first notifcation and TBD 3rd notification
* Update whats-new-popup to use intersection observer api to detect if notification has been seen
* Add notifications to send-edit and threebox e2e test fixtures
* Update ui/app/selectors/selectors.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Update ui/app/selectors/selectors.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Clean up locale code for whats-new-popup notifications
* Disconnect observers in whats-new-popup when their callback is first called
* Add test case for migration 58 for when the AppStateController does not exist
* Rename popover components containerRef to popoverWrapRef
* Fix messages.json
* Update notification messages and images
* Rename popoverWrapRef -> popoverRef in whats-new-popup and popover.component
* Only create one observer, and only after images have loaded, in whats-new-popup
* Set width and height on whats-new-popup image, instead of setting state on img load
* Update ui/app/components/app/whats-new-popup/whats-new-popup.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Code clean up in whats new popup re: notification rendering and action functions
* Code cleanup in render notification functions of whats-new-popup
* Update ui/app/components/app/whats-new-popup/whats-new-popup.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* lint fix
* Update and localize notification dates
* Clean up date code in shred/notifications/index.js
Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Remove periodic calls to the /featureFlag API
* Always show the Swap button on the main page
* Check if the Swaps feature is enabled, show loading animation while waiting
* Reuse an existing useEffect call
* Use ‘isFeatureFlagLoaded’ in React’s state, resolve lint issues
* Add a watch mode for Jest testing
* Add unit tests for Swaps: fetchSwapsLiveness, add /ducks/swaps into Jest testing
* Remove Swaps Jest tests from Mocha’s ESLint rules
* Ignore Swaps Jest tests while running Mocha, update paths
* Increase test coverage to the current max
* Fix ESLint issues for Swaps
* Enable the Swaps feature by default and after state reset, remove loading screen before seeing Swaps
* Update Jest config, fix tests
* Update Jest coverage threshold to the current maximum
* Update ESLint rule in jest.config.js
* Disable the “Review Swap” button if the feature flag hasn’t loaded yet
* Update jest threshold
* build - declare background as html
* build - fill in empty file when a missing file is expected
* lint - fix
* Update development/build/manifest.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Update development/build/manifest.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* update ses
* build - reference ses directly
* deps - unify regenerator-runtime versions on 0.13.7
* patches - apply regenerator-runtime ses compat patch\nhttps://github.com/facebook/regenerator/pull/411
* patches - patch regenerator-runtime for latest ses fix
* reduc patch, new lockdown severe override taming
* updated redux patch
* update redux patch for production
* ignore lockdown in lint
* deps - bump patch-package just in case
* trailing comma
* remove ses as dep
* fix path for frozen promise
* remove js extension in lockdown require
* Revert "ignore lockdown in lint"
This reverts commit 8cefdc94dd25d7781bb09eed8af36441397676da.
* Revert "build - reference ses directly"
This reverts commit 30371a377dcdd781c1bf9abe55e9c8ae34da26b5.
* deps - update ses
* Revert "fix path for frozen promise"
This reverts commit 966e4c60921a25befe8ca8dea58313cc25852f72.
Co-authored-by: kumavis <aaron@kumavis.me>
* Swaps support for local testnet
* Create util method for comparison of token addresses/symbols to default swaps token
* Get chainId from txMeta in _trackSwapsMetrics of transaction controller
* Add comment to document purpose of getTransactionGroupRecipientAddressFilter
* Use isSwapsDefaultTokenSymbol in place of repeated defaultTokenSymbol comparisons in build-quote.js
In #10510 we changed how tokens are stored, keying them by `chainId`
rather than network type. However we didn't update our mobile sync
function to account for this, which ended up breaking the filtering
logic used to prepare the data that is synced.
Specifically, custom tokens added by users are filtered out to just
those that are confirmed to be ERC20 tokens in our built-in list of
tokens. This filters out unrecognized tokens and NFTs.
The filtering logic has been restored to the pre-#10510 behaviour.
* use @lavamoat/allow-scripts for package postinstall allow list
* dnode: set "weak" to false
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Fixes#10111
Determine if the msgParams/address for the newRequestEncryptionPublicKey is a ledger keyring via getKeyringForAccount and return a promise rejection.
This restores support for versions of the inpage provider prior to v8.
This is intended to support dapps and extensions that directly
instantiated their own provider rather than using the injected
provider.
* Forward traffic between old and new provider streams
* Ignore publicConfig stream for non-legacy muxes
* Transform accountsChanged notification for legacy streams
* Convert publicConfigStore to singleton
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Migration 51: ensure chainId is set in network controller provider state for all infura/default networks
* Clean up
* Migrate incorrect as well as falsy chainIds
Co-authored-by: Erik Marks <rekmarks@protonmail.com>
Our automatic token detection was hard-coded to only work on our built-
in Infura Mainnet endpoint. It now works with custom Mainnet RPC
endpoints as well.
Relates to #6992
The `disable-console` script introduced in #10040 used an arrow-
function no-op function to replace `console.log` and `console.info`.
This replacement function was early-bound to the `this` context of the
`disable-console` script, because that's how arrow functions work.
This violates an assumption baked into Sentry, which also replaces the
`console` functions. It wraps them in a function it uses to track
console logs as breadcrumbs. This wrapper function blows up for some
reason if the "original" `console` function is early-bound to a `this`
value of `undefined`.
This resulted in various UI freezes. One example is during onboarding,
when using Firefox with Enhanced Tracking Protection set in "strict"
mode. After submitting a password in the 'Create wallet' flow, the
Sentry `console` wrapper would throw and leave the user stuck on the
loading screen.
By replacing the no-op arrow function with a no-op function
declaration, the problem has been resolved.
Relates to #10097
Failure to persist state will now only report to Sentry if the last
attempt to save state succeeded. This ensures that if anyone is stuck
in a state where state can't be saved (e.g. low disk space), we aren't
flooded with repeated errors on Sentry.
This update comes with a breaking change to the Approval controller. It
now requires a `defaultApprovalType` parameter.
I don't think we have any use for a default approval type, but I've
added a "NO_TYPE" one for now because it's a strict requirement. We
should consider making this parameter optional in the future, for cases
like this where it's not needed.
This update will hopefully address some caching issues we've been
seeing with our phishing configuration. See here for more details:
https://github.com/MetaMask/controllers/pull/297
`eth_getProof` is an unpermissioned, read-only RPC method for getting account-related Merkle proofs, specified here: https://eips.ethereum.org/EIPS/eip-1186
It's been supported by major Ethereum clients, and Infura, for some time. By adding it to the safe methods list, we enable this method for our users.
* Maintain console logging in dev mode
Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Erik Marks <rekmarks@protonmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>