1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Commit Graph

378 Commits

Author SHA1 Message Date
OGPoyraz
d37d5bf0ee
feat: Refactor Transaction Confirmation selector (#18796) 2023-05-11 07:56:17 +02:00
Vinicius Stevam
df3db6e559
Adopt ApprovalType from core (#18567) 2023-05-10 06:36:01 +01:00
Matthew Walsh
f62d8fce61
Use core signature controller (#18654) 2023-05-05 13:05:52 +01:00
witmicko
8d2803c179
limit connections (#18355)
limit background connections
2023-05-03 16:39:56 +01:00
Mark Stacey
d1cea85f33
Rename provider to providerConfig (#18907)
* Rename `provider` to `providerConfig`

The network controller `provider` state has been renamed to
 `providerConfig`. This better reflects what this state is, and makes
this controller more closely aligned with the core network controller.

All references to the provider configuration have been updated to
prefer `providerConfig` over `provider`, to make the distinction clear
between a provider and provider config.

Closes #18902

* Add migration
2023-05-02 13:23:20 -02:30
OGPoyraz
6d0f3a0b26
Consume Decrypt Message Manager from @metamask/message-manager (#18379) 2023-04-26 17:02:33 +02:00
Olaf Tomalka
95c37e1ba3
feat: add yaml feature management (#18125)
* feat: add yaml feature management

Add yaml feature file per build type.
Also add method to parse yaml and set
enabled features env to true. The build
process will then replace any process.env[feature]
that exists on the config by its value

* chore: add example for desktop

* Added initial draft of build features

* [TMP] Sync between computers

* Is able to succesfully build stable extension with snaps feature

* Removing var context from builds.yml

* Add asssets to builds.yml

* Minor bug fixes and removing debug logs

* [WIP] Test changes

* Removed TODOs

* Fix regession bug

Also
* remove debug logs
* merge Variables.set and Variables.setMany with an overload

* Fix build, lint and a bunch of issues

* Update LavaMoat policies

* Re-add desktop build type

* Fix some tests

* Fix desktop build

* Define some env variables used by MV3

* Fix lint

* Fix remove-fenced-code tests

* Fix README typo

* Move new code

* Fix missing asset copy

* Move Jest env setup

* Fix path for test after rebase

* Fix code fences

* Fix fencing and LavaMoat policies

* Fix MMI code-fencing after rebase

* Fix MMI code fencing after merge

* Fix more MMI code fencing

---------

Co-authored-by: cryptotavares <joao.tavares@consensys.net>
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-04-25 16:32:51 +02:00
Bernardo Garces Chapero
8632acbba3
Update tokens controller (#18459)
* update tokens controller
2023-04-21 09:05:27 +01:00
David Walsh
eb51460cae
UX: Multichain: App header (#18363)
* UX: Multichain: App header

* Export app header, provide required information, put feature flag in place

* Provide available data

* Implement account picker -- centered and opens account popover

* Remove backgrounds, use isUnlocked

* Fix placement of the global menu

* Show logo when unlocked

* Add selector for getting current network, provide props to AvatarNetwork and PickerNetwork

* Wire up the network menu to the header

* fixed ui for all the screens

* updated story for header

* fixed import and header settings

* updated lint error

* fixed tests

* updated header

* removed test

* updated snapshot test

* updated network menu

* updated changes

* removed comment from menu bar

* updated css

* updated test for network list menu

* updated stylesheet

* updated ButtonIcon import

---------

Co-authored-by: NidhiKJha <menidhikjha@gmail.com>
2023-04-13 22:24:03 +05:30
Bernardo Garces Chapero
6ed72d6934
Refactor eth_getEncryptionPublicKey handling (#18319)
* add EncryptionPublicKeyController

* update message-managers package
2023-04-13 09:24:59 +01:00
Vinicius Stevam
6ebef431a8
Remove METAMASK_NOTIFIER (#18437) 2023-04-12 13:25:28 +01:00
Matthew Walsh
bb0dff9443
Trigger transaction popup using ApprovalController (#18400) 2023-04-11 14:18:43 +01:00
Dan J Miller
b2dc2c4639
Fix firsttimeloaded logic (#18344)
* use session storage, instead of chrome.runtime.onStartup and globalThis, for firstTimeLoaded architecture

* Ensure account tracker accounts remain defined upon service worker restart

* lint fix

* Simplify code

* Only call browser.storage.session in mv3

* Only call browser.storage.session.set after resetStates in mv3

* fix metamask controller reset states unit tests

* fix test

* fix test

* Actually fix tests

* lint fix
2023-04-06 12:13:01 -02:30
Elliot Winkler
1304ec7af5
Convert shared/constants/metametrics to TS (#18353)
We want to convert NetworkController to TypeScript in order to be able
to compare differences in the controller between in this repo and the
core repo. To do this, however, we need to convert the dependencies of
the controller to TypeScript.

As a part of this effort, this commit converts
`shared/constants/metametrics` to TypeScript. Note that simple objects
have been largely replaced with enums. There are some cases where I even
split up some of these objects into multiple enums.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2023-04-03 09:31:04 -06:00
Pedro Figueiredo
fbd68d4a3f
Introduce action metrics for mv3 service worker restart (#18346)
* fix dapp interaction e2e test

* wip

* add sentry post request mock

* fix console errors

* fix scripting console error and remove e2e test unnecessary check

* clean up

* remove e2e test

* stop skipping  test

* fixing build mv3 job

* fixing unit tests

* fixing unit tests

* fixing unit tests

* update coverages

* revert skip mv3 e2e test

* remove IN_TEST on the npm script

* remove console.log

* revert aria label changes

* revert aria label changes

* revert permission changes

* revert permission changes

* implement sw restart delay tracking

* fix rebase
2023-03-31 14:22:33 +01:00
Elliot Winkler
ed3cc404f2
NetworkController: Split network into networkId and networkStatus (#17556)
The `network` store of the network controller crams two types of data
into one place. It roughly tracks whether we have enough information to
make requests to the network and whether the network is capable of
receiving requests, but it also stores the ID of the network (as
obtained via `net_version`).

Generally we shouldn't be using the network ID for anything, as it has
been completely replaced by chain ID, which all custom RPC endpoints
have been required to support for over a year now. However, as the
network ID is used in various places within the extension codebase,
removing it entirely would be a non-trivial effort. So, minimally, this
commit splits `network` into two stores: `networkId` and
`networkStatus`. But it also expands the concept of network status.

Previously, the network was in one of two states: "loading" and
"not-loading". But now it can be in one of four states:

- `available`: The network is able to receive and respond to requests.
- `unavailable`: The network is not able to receive and respond to
  requests for unknown reasons.
- `blocked`: The network is actively blocking requests based on the
  user's geolocation. (This is specific to Infura.)
- `unknown`: We don't know whether the network can receive and respond
  to requests, either because we haven't checked or we tried to check
  and were unsuccessful.

This commit also changes how the network status is determined —
specifically, how many requests are used to determine that status, when
they occur, and whether they are awaited. Previously, the network
controller would make 2 to 3 requests during the course of running
`lookupNetwork`.

* First, if it was an Infura network, it would make a request for
  `eth_blockNumber` to determine whether Infura was blocking requests or
  not, then emit an appropriate event. This operation was not awaited.
* Then, regardless of the network, it would fetch the network ID via
  `net_version`. This operation was awaited.
* Finally, regardless of the network, it would fetch the latest block
  via `eth_getBlockByNumber`, then use the result to determine whether
  the network supported EIP-1559. This operation was awaited.

Now:

* One fewer request is made, specifically `eth_blockNumber`, as we don't
  need to make an extra request to determine whether Infura is blocking
  requests; we can reuse `eth_getBlockByNumber`;
* All requests are awaited, which makes `lookupNetwork` run fully
  in-band instead of partially out-of-band; and
* Both requests for `net_version` and `eth_getBlockByNumber` are
  performed in parallel to make `lookupNetwork` run slightly faster.
2023-03-30 16:49:12 -06:00
Matthew Walsh
bf29922488
Use core message managers and create sign controller (#18163) 2023-03-20 13:19:50 +00:00
Alex Donesky
23ca4460cf
Migrate network configurations (previously frequentRpcListDetail) from PreferencesController to NetworkController (#17421) 2023-03-09 15:00:28 -06:00
Matthew Walsh
d0417da3d0
Move desktop code to flask build type (#17960) 2023-03-06 19:35:00 +00:00
Danica Shen
987daee854
fix(17855): persist popup when sw is restarted (#17855)
* fix(17463): persist popup when sw is restarted

* feat(17855): clear local variable when close window
2023-03-02 16:50:00 +00:00
Elliot Winkler
b106bbf1d9
Remove extraneous methods from NetworkController (#17522)
The network controller has a variety of methods that just retrieve
controller state. These methods are not necessary because controller
state is already part of the public API of the controller and can be
accessed directly.

These methods are:

- getCurrentChainId
- getCurrentRpcUrl
- getNetworkIdentifier
- getNetworkState
- getProviderConfig
- isNetworkLoading

This is part of a larger effort to normalize the API of both network
controllers, to make them easier to merge.
2023-02-22 10:43:37 -07:00
Matthew Walsh
cc99a25228
Add desktop support (#17683)
Use DesktopManager in background script to redirect internal and external connections to the desktop app.
Include DesktopController in the MetaMask controller.
Support desktop keyrings in MetaMask controller via the overrides object.
Create middleware handler to connect to the desktop app while UI code is pending.
Add build system support for desktop specific configuration variables.
2023-02-20 17:13:12 +00:00
Bernardo Garces Chapero
3814616c7a
feat: refactor background.js to support overrides (#17625) 2023-02-14 16:06:19 +00:00
Mark Stacey
cb12cb8f5a
Restore support for Chromium v78 (#17251)
Support has been restored for Chromium v78. Previously the extension
would crash upon startup.

The main incompatibility was the use of ES2020 operators (the optional
chain and nullish coalesce operators) in the libraries
 `@ethereumjs/util` and `superstruct`. This was resolved by transpiling
those libraries.

After fixing that, the extension no longer crashed but the UI refused
to connect. This was because the UI process was not being identified as
an internal process, because the code responsible for checking that was
relying on the `origin` property of `MessageSender` [1] which wasn't
added until Chromium v80. The check has been updated to use the `url`
property instead, which existed in older versions of Chrome.

Lastly, the content security policy was updated to include the default
content security policy alongside the intended modification. Newer
versions of Chrome will merge the configired CSP with the default, but
older versions required it to be explicitly specified. This should not
result in any functional change.

[1]: https://developer.chrome.com/docs/extensions/reference/runtime/#type-MessageSender
2023-01-23 12:36:48 -03:30
Guillaume Roux
3cfef11f71
[FLASK] Resolve snap_dialog approval on close (#16801) 2022-12-21 20:15:52 +01:00
Mark Stacey
943453cfb2
Simplify MV3 initialization (#16559)
* Simplify MV3 initialization

The MV3 initialization logic was complicated and introduced race
difficult-to-reproduce race conditions when dapps connect during
initialization.

It seems that problems were encountered after the UI tried to connect
before the background was initialized. To address this, the
initialization step was _delayed_ until after the first connection.
That first connection was then passed into the initialization function,
and setup properly after initialization had begun.

However, this special treatment is only given for the first connection.
Subsequent connections that still occur during initialization would
fail. This also results in the initialization being needlessly delayed,
which is concerning given that our main performance goal is to speed it
up.

* Setup connect listeners before controller initialization

* Add comments

* Add comment explaining isInitialized step
2022-11-24 10:02:05 -03:30
David Walsh
266d7d93d5
Fix #15050 - MV3: Keep the user logged in when service worker restarts (#15558) 2022-11-23 18:49:24 -06:00
Ariella Vu
e01b067d0c
Minor scripts/ui.js file cleanup (#16566)
* clean:ui: mv comments

* clean:ui: fix typo recieved -> received

* clean:ui: rn handle -> keepAliveInterval

* clean:ui: rn timeoutHandle -> ackTimeoutToDisplayError

* clean: replace "Xs" w/ variable name

* clean:ui: rm duplicate comment

* add EXTENSION_MESSAGES.CONNECTION_READY const

* clean:ui: bit more clean up
2022-11-18 20:57:01 +07:00
Ariella Vu
a87c1750b0
MV3: Update service worker restart logic and keep-alive logic for dapp support (#16075)
* dapp: add debug statements

* dapp: add retry logic [debug]

* dapp: keep SW alive on rpc request

* Revert "dapp: add debug statements"

This reverts commit ea21786f7f66c712eea02405cd68fe925d227ffa.

* dapp: try to set up ext streams asap on reset

* dapp: apply keep alive logic to phishingPageStream

* dapp:put keep-alive logic behind isManifestV3 flag

* Re-activate streams after a period of service worker in-activity

* dapp: rm extra function

* dapp: update phishing onDisconnect

* dapp: fix eslint missing global chrome

* add EXTENSION_MESSAGES const

* use EXTENSION_MESSAGES more generic comment

* update comment

* dapp: clean timeout and interval

* Fix DAPP action replay

* execute DAPP action replay for only MV3

* fix

* fix

* fix

* comment out DAPP action replay code

* fix

* fix

* fix

* scripts/background: use browser polyfill

* Revert "scripts/background: use browser polyfill"

This reverts commit 2ab6234d11b3b11e10dd993d454eeaad63bfc886.

* scripts/background: use browser polyfill

* script/background: check lastError

* dapp: use EXTENSION_MESSAGES

* scripts/background: send ready msg to all tabs

* dapp: update onMessage handler comment and name

* dapp: return values onMessage listener
see: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/runtime/onMessage#addlistener_syntax

* dapp: mv onMessage listener

* dapp: add onMessage setupPhishingExtStreams

* dapp: rn reset -> destroy streams

* dapp: rn reset -> destroy for phishing streams

* dapp: clean comment

* dapp: rm unused comments
planning to be readded in follow-up PR: #16250

* dapp: onMessage return Promise|undefined

* dapp:clean: add missing undefined return type

* dapp: use new checkForErrorAndLog for Chrome API
handy stackoverflow: https://stackoverflow.com/a/28432087/4053142

* dapp:fix: return tabs.query result

* dapp:eslint: return undefined
fix Expected to return a value at the end of arrow
function.eslintconsistent-return

* background: do not query tabs w/out url

* background: rm Could not establish... catch
- no longer needed after improved tabs query

* dapp:clean: rm unused checkForError... for now...

* dapp: prevent setupExtensionStreams called twice
- calling connect will trigger disconnect and may cause issues
- only setup streams if they are not connected

* dapp: handle onDisconnect lastError
- throwing errors from contentscript will break the dapp, so only warn
- not handling lastError when it's found will also break the dapp

* background: update tabs.query url comment

* background: update tabs.query url comment 2

* dapp: fix SW restart for multi dapp support
- ref: https://stackoverflow.com/a/54686484/4053142

* dapp:clean: rm extra "." from console.warn

* clean: comments for dapp and background

* Adding catch block (#16454)

* fix: FireFox provider injection

* lib/util: fix invalid checkForErrorAndWarn export

* bg: add explanation for tabs.sendMessage catch

* dapp: add browser-runtime.utils

* runtime.utils: add checkForLastErrorAndLog

Co-authored-by: Jyoti Puri <jyotipuri@gmail.com>
Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
2022-11-15 00:18:08 +07:00
Peter Yinusa
6cca9892b2
refactor sentryHooks object (#16435) 2022-11-09 19:28:32 +00:00
Olusegun Akintayo
107525bb1d
Show error message if service worker did not load (respond to the UI) (#15774)
* Show error message if service worker did not load (respond to the UI)
after 1 minute.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* Remove console.log

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* New Error message design

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* Fix tests

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* Use lastTimeStamp instead of keeping track of message ids

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* Do not initial channe every second.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* New logic to check if SW is stuck

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
2022-11-03 21:25:13 +04:00
Jyoti Puri
68642ee47a
Updating controller dependency (#16033)
* Updating controller dependency

* fix

* fix

* fix

* fix

* fixes

* Lavamoat auto

* Update URLs for phishing detection testcase

* update lavamoat files

* call phishingController.test synchronously again

* bump @metamask/controllers to v32.0.1

* lint

* update policy files

* bump controllers version again

* modify update phishing list strategy

* revert back to use isOutOfDate, but without blocking substream

* possible way to fix e2e tests?

* enable testing

* Remove promise return from setupController in background.js, as it is no longer used

* Ensure updatePhishingLists is called in MM contrller constructer, so that phishing lists are updated right away

Co-authored-by: seaona <mariona@gmx.es>
Co-authored-by: Alex <adonesky@gmail.com>
Co-authored-by: Dan Miller <danjm.com@gmail.com>
2022-10-25 02:24:02 -02:30
Alex Donesky
20986e17b7
Persist state in metaRPCHandler so that we are sure state is persisted before sending back response to actions (#15978)
* persist state in metaRPCHandler so that we are sure state is persisted before sending back response to actions
2022-10-10 17:10:44 -05:00
Alex Donesky
fc38f11580
ensure phishing-detection page preload works in MV3 (#16029)
* ensure phishing-detection page preload works in MV3

* remove stored flag for FireFox in MV3 solution
2022-10-04 10:14:46 -05:00
Mark Stacey
35dbdbc438
Replace lavamoat-runtime.js patch (#15682)
A patch made in #15672 was found to be unnecessary. Instead of setting
a `rootGlobals` object upon construction of the root compartment, we
are now creating a `sentryHooks` object in the initial top-level
compartment. I hadn't realized at the time that the root compartment
would inherit all properties of the initial compartment `globalThis`.

This accomplishes the same goals as #15672 except without needing a
patch.
2022-08-24 09:50:45 -02:30
Mark Stacey
d55507615c
Fix Sentry in LavaMoat contexts (#15672)
Our Sentry setup relies upon application state, but it wasn't able to
access it in LavaMoat builds because it's running in a separate
Compartment.

A patch has been introduced to the LavaMoat runtime to allow the root
Compartment to mutate the `rootGlobals` object, which is accessible
from outside the compartment as well. This lets us expose application
state to our Sentry integration.
2022-08-23 11:12:50 -02:30
Dan J Miller
fc232da4c4
Fix state creation in setupSentryGetStateGlobal (#15635) 2022-08-18 15:25:28 -02:30
Jyoti Puri
eb85fc266d
Refactoring isManifestV3 variable (#15568) 2022-08-16 20:51:42 +05:30
Daniel
2eb0fe6978
Add more tracking for MetaMask (#15462) 2022-08-11 19:33:33 +02:00
Brad Decker
c72199a1a6
update prettier (#15360) 2022-07-31 13:26:40 -05:00
Brad Decker
652d631cda
remove exclusions for mismatched object jsdoc type casing (#15351) 2022-07-27 08:28:05 -05:00
Dan J Miller
101fe0b27a
Metrics adjustments (#15313)
* Don't send errors to sentry if users have not opted-in to participate in metametrics

* Don't capture opt-out metrics

* Move the metrics-opt in screen to immediately after the welcome screen

* Ensure that global.getSentryState is set in the background

* Fix e2e tests after rearranging onboardin flow

* Fix unit tests

* More e2e test fixes

* Remove unnecessary wrappers around capture exception
2022-07-22 18:09:48 -02:30
Mark Stacey
e6d5af5f9a Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (131 commits)
  Update `protobufjs` and remove obsolete advisory exclusion (#14841)
  Include snap version in pill (#14803)
  Update PULL_REQUEST_TEMPLATE.md (#14790)
  fix: keystone transaction qrcode has no white spacing (#14798)
  Snap notifications integration (#14605)
  Upgrade @metamask/eth-ledger-bridge-keyring (#14799)
  snaps-skunkworks@0.15.0 (#14772)
  Fix proptype errors in network dropdown, tx list item details, and account details modal tests (#14747)
  Ensure transaction type is correctly updated on edit (#14721)
  Add fiat onboarding for AVAX and MATIC through Wyre (#14683)
  Bump @metamask/contract-metadata from 1.33.0 to 1.35.0 (#14791)
  Slight cleanup of constants/transactions, useTransactionDisplayData, and TransactionIcon (#14784)
  Migrate the "estimateGas" API call to "getFees" for STX (#14767)
  Ignore advisory GHSA-wm7h-9275-46v2 (#14789)
  Adding flag for MV3 (#14762)
  Add types to send state (#14740)
  Remove site origin on snap install (#14752)
  Update design tokens library from 1.5 to 1.6 WIP (#14732)
  Enables the "Safe Transaction From" copy for safeTransferFrom transactions (#14769)
  remove draft transaction (#14701)
  ...
2022-06-03 11:53:40 -02:30
Jyoti Puri
25082ae272
Adding flag for MV3 (#14762) 2022-05-26 10:18:23 +05:30
Mark Stacey
d1ac1a8389 Rename phishing warning page environment variable
The phishing warning page URL environment variable has been renamed
from `PHISHING_PAGE_URL` to `PHISHING_WARNING_PAGE_URL`. We call this
page the "phishing warning page" everywhere else, and this name seemed
better suited (it's not a phishing page itself).

The variable has been listed and documented in `.metamaskrc.dist` as
well.
2022-05-16 18:48:20 -02:30
Mark Stacey
7199d9c567 Use externally hosted phishing warning page
An externally hosted phishing warning page is now used rather than the
built-in phishing warning page.The phishing page warning URL is set via
configuration file or environment variable. The default URL is either
the expected production URL or `http://localhost:9999/` for e2e testing
environments.

The new external phishing page includes a design change when it is
loaded within an iframe. In that case it now shows a condensed message,
and prompts the user to open the full warning page in a new tab to see
more details or bypass the warning. This is to prevent a clickjacking
attack from safelisting a site without user consent.

The new external phishing page also includes a simple caching service
worker to ensure it continues to work offline (or if our hosting goes
offline), as long as the user has successfully loaded the page at least
once. We also load the page temporarily during the extension startup
process to trigger the service worker installation.

The old phishing page and all related lines have been removed. The
property `web_accessible_resources` has also been removed from the
manifest. The only entry apart from the phishing page was `inpage.js`,
and we don't need that to be web accessible anymore because we inject
the script inline into each page rather than loading the file directly.

New e2e tests have been added to cover more phishing warning page
functionality, including the "safelist" action and the "iframe" case.
2022-05-16 14:40:50 -02:30
Alex Donesky
8df8f81df7
Deprecate extensionizer for webextension-polyfill (#13960)
* deprecate extensionizer for webextension-polyfill

* fix tests

* remove extensionizer

* fix browser windows api calls

* fix broken on firefox

* fix getAcceptLanguages call

* update more browser apis that are now promisified

* remove unnecessary console error ignoring in e2e tests
2022-03-18 14:07:05 -05:00
Jyoti Puri
9d26bd762f
Improvements in connectRemote function in background.js (#13762) 2022-03-09 20:45:07 +05:30
Shane
3772dfee11
Added subjectType to setupProviderConnection and setupUntrustedCommunication (#13437)
These changes were split off from the snaps branch [here](https://github.com/MetaMask/metamask-extension/pull/11837#discussion_r792942834).

The `subjectType` is necessary to handle connecting to snaps using these methods.
2022-01-28 13:42:32 -08:00
Mark Stacey
3732c5f71e
Add JSDoc ESLint rules (#12112)
ESLint rules have been added to enforce our JSDoc conventions. These
rules were introduced by updating `@metamask/eslint-config` to v9.

Some of the rules have been disabled because the effort to fix all lint
errors was too high. It might be easiest to enable these rules one
directory at a time, or one rule at a time.

Most of the changes in this PR were a result of running
`yarn lint:fix`. There were a handful of manual changes that seemed
obvious and simple to make. Anything beyond that and the rule was left
disabled.
2022-01-07 12:27:33 -03:30