The "BIP44 Standard" HD path option in the Ledger connect flow listed
only Trezor as an example. It seemed appropriate to include MetaMask as
well, since we use the same path. This helps users who have imported
their MetaMask seed phrase onto a Ledger device to discover this
option.
* Swaps support for local testnet
* Create util method for comparison of token addresses/symbols to default swaps token
* Get chainId from txMeta in _trackSwapsMetrics of transaction controller
* Add comment to document purpose of getTransactionGroupRecipientAddressFilter
* Use isSwapsDefaultTokenSymbol in place of repeated defaultTokenSymbol comparisons in build-quote.js
Warnings were not shown on the Add Recipient page of the send flow. Now
any send warnings will be shown. This can be tested using an ENS name
with a confusable character in it (the confusable character warning
will be shown).
A condition was also removed that prevented any warnings or errors from
rendering when the user had non-zero contacts or recent addresses. I
have no idea why you'd want to hide warnings or errors if the user had
no contacts or recent addresses. None of these errors even pertain to
contacts or recent addresses.
* Add warning system for 'confusable' ENS names (#9129)
Uses unicode.org's TR39 confusables.txt to display a warning when
'confusable' unicode points are detected.
Currently only the `AddRecipient` component has been updated, but the new
`Confusable` component could be used elsewhere
The new `unicode-confusables` dependency adds close to 100KB to the
bundle size, and around 30KB when gzipped.
Adds 'tag' prop to the tooltop-v2 component
Use $Red-500 for confusable ens warning
Lint Tooltip component
Update copy for confusing ENS domain warning.
* Fix prop type
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* fixed message text overflow
* reverted and removed mesage title inside message--root
* fixed margin problem in sign message
* removed dead css
* fixed large left padding on data signing
* Use the includeFailedTokens option with useTokenTracker in viewQuote
* Show appropriate error message if we do not have data on the balance of token on the view-quote screen
* Update app/_locales/en/messages.json
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
The `@include Paragraph` was added in one of the typography PRs but I believe it was intended for the token options text, not the icon. I believe the Paragraph only applies to text like everywhere else in the UI and this should be safe to remove from the icon to display the font-family from Font Awesome.
The `transferFrom` localized message has been unused at least since the
transaction list redesign was implemented. The `transactionCategory`
has been used directly as the localized message key since then. For
most of the other categories this was fine, but for `transferFrom` the
message differs slightly from the category (the category is
`transferfrom`, with a lower-cased 'f').
We now use string literals for all transaction category localized
messages. This makes it easier to verify that we have translations for
each of them, and that we aren't leaving any unused translations around.
* Update standard swaps build quote screen token verification message
* Add actionable warning token verification message to swaps build quote screen
* Simplify swapTokenVerification translations
* Use original verifyThisTokenOn message instead of swapsConfirmTokenAddressOnEtherscan
* Restore verifyThisTokenOn message to hi locale
* Support type and the withRightButton option as parameters on the actionable message component
* Use 'continue' in place of swapPriceDifferenceAcknowledgementNoFiat message
* Use wrapperClassName property on infotooltip in actionable-message
* Remove unnecessary change
* Lint fix
* ci - run storybook and add to build-artifacts
* ci/storybook - rename storybook build path and fix artifact upload
* ci/storybook - rename link text
* clean - remove accidently committed storybook build dir
* storybook - fix image path to relative (#10364)
* Use nock in to intercept gas call for gas-duck test
Use nock instead of stubbing out the window fetch. My suspicion is that when the test runs the window sometimes wouldn't be intialized/referenced, which could explain the intermittent test failures in those particular tests that call window.fetch.
Using nock allows the call to be intercepted more reliably.
Upon the first render, the "original" signature request confirmation
page would trigger a PropType error. This was caused by unexpected
mutation of the state props. The container has been updated to avoid
mutating the props, and now the PropType warning is no longer present.
This fixes a bug where the network menu would remain present after a
second click on the network menu button. The bug was caused by the
click being handled _twice_, by two separate handlers. First it was
caught by the external click handler of the dropdown menu, which closed
the menu. Second, it was caught by the network button itself, which re-
opened the menu. This all happens quickly enough that to the user it
appears to stay open.
The external click handler of the menu now only fires if the menu is
open. Additionally, any click that is caught by the network menu is
stopped from propagating further, so that it can't trigger additional
click handlers.
The `menu-droppo` external click handler would fail to update when the
prop changed while the menu wasn't shown. This bug isn't exposed
anywhere yet as far as I know, but I ran into it when working on a
different bug fix.
The Chip component was emitting a PropType error because it was missing
the `labelProps.children` prop. It was never supposed to be given that
prop - it was a mistake in the PropType declaration. The PropTypes have
been fixed to prevent this warning.
Fixes#5611
The origin that suggests a transaction is now shown on the transaction
confirmation page. If the transaction was initiated from within
MetaMask (e.g. via the 'Send' flow or swaps), no origin is shown.
This was based upon designs that were linked in the PR #9377. This is a
temporary measure until our newer transaction confirmation designs can
be implemented.
Fixes#6071
The origin of the dapp that suggested signing has been added to the
signature request confirmation page. This only applies to `eth_sign`,
`personal_sign`, `eth_signTypedData`, and `eth_signTypedData_v1`. The
confirmation page for `eth_signTypedData_v3` and `eth_signTypedData_v4`
already featured the origin.
The decrupt message confirmation UI will crash if the origin metadata
is not present. This PR makes the UI tolerant of that metadata being
missing. It was always intended to be optional anyway.
Fixes#9244
When trying to connect a Trezor account on a fresh install of MetaMask,
the radio buttons on the account selection page would not respond to
being clicked.
When debugging this, it looks like the `onChange` event was never
triggered. A radio `<input>` element should trigger `onChange` whenever
the selection state change, but seemingly this wouldn't happen if the
change in selection state was undone during the same render cycle. If
I paused at a breakpoint during the render, I could see the checkbox
get selected then unselected again without triggering `onChange`.
The simplest fix was to use `onClick` instead of `onChange`. This seems
more appropriate anyway because we're treating the radio button as a
controlled component here, so the state of the underlying element isn't
really of any concern.
The "Next nonce" warning warns users when the custom nonce they set is
higher than our suggested nonce. This warning was mistakenly being
shown even when we didn't have a suggested nonce yet.
Fixes#9989
New year, new problems.
It's working as expected, but we had hard-coded some 2020 date values, and `formatDateWithYearContext` adds the year to its output formatted date if the date is not from the current year.
Ensures that `hideLoadingIndication` is always called in all actions that call `showLoadingIndication`. It's unclear how many of these actions were failing to hide the loading indication, because other actions superset `hideLoadingIndication`.
At the very least, `updateTransaction` was probably failing to hide the loading indication in the error case.
This PR also refactors a lot of actions to call `hideLoadingIndication` once in `finally` blocks as opposed to multiple times across `try` and `catch` blocks. We avoided making changes to functions using `Promise` methods, because `Promise.finally` is not supported by Waterfox, and it's not properly transpiled by Babel.
A data race was introduced in #9919 when the old synchronous storage
API was replaced with an async storage API. The problem arises when
`fetchWithCache` is called a second time while it's still processing
another call. In this case, the `cachedFetch` object can become
stale while blocked waiting for a fetch response, and result in a cache
being overwritten unintentionally.
See this example (options omitted for simplicity, and assuming an empty
initial cache):
```
await Promise.all([
fetchWithCache('https://metamask.io/foo'),
fetchWithCache('https://metamask.io/bar'),
]
```
The order of events could be as follows:
1. Empty cache retrieved for `/foo` route
2. Empty cache retrieved for `/bar` route
3. Call made to `/foo` route
4. Call made to `/bar` route
5. `/foo` response is added to the empty cache object retrieved in
step 1, then is saved in the cache.
6. `/bar` response is added to the empty cache object retrieved in
step 2, then is saved in the cache.
In step 6, the cache object saved would not contain the `/foo`
response set in step 5. As a result, `/foo` would never be cached.
This problem was resolved by embedding the URL being cached directly in
the cache key. This prevents simultaneous responses from overwriting
each others caches.
Technically a data race still exists when handing simultaneous
responses to the same route, but the result would be that the last call
to finish would overwrite the previous. This seems acceptable.
Additional validation was added in #9907 to ensure that the "Known
contract address" warning was shown when sending tokens to another
token address after switching assets on the Send screen. Unfortunately
this change had the unintended side-effect of preventing _all_ token
sends after switching assets, so long as the recipient was not an
internal address.
The problem is that the `validate` function expects to be passed the
address of the token send recipient in the case where a token is
selected. Instead the token address was being passed to the validate
function.
The `query` state is now used, which should always contain the
recipient address. This is the same state used in the only other place
the `validate` function is called.
The TokenList component on the `add-token` page had the name `InfoBox`,
which doesn't seem applicable. It has been renamed to `TokenList`, to
match the module filename and the component name we use elsewhere.
The `errors` and `total` state has been removed from the `gas` slice,
along with related functions. It appears to have been unused for a long
time, though I'm not exactly sure as of when.
* Remove use of ethgassthat; use metaswap /gasPrices api for gas price estimates
* Remove references to ethgasstation
* Pass base to BigNumber constructor in fetchExternalBasicGasEstimates
* Update ui/app/hooks/useTokenTracker.js
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
* Delete gas price chart
* Remove price chart css import
* Delete additional fee chart code
* Lint fix
* Delete more code no longer used after ethgasstation removal
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Our Storybook dependencies have been updated to v6.1.9, from v5. This
was done to address a security vulnerability in a transitive dependency
of these packages (`highlight.js`).
The primary changes required by this Storybook update were the change
in import path for the `withKnobs` hook, the change in background
config format, and the webpack configuration. Storybook seems to work
correctly.
The migration was guided by the Storybook changelog[1] and the
Storybook v6 migration guide[2].
There is one Storybook error remaining; it fails to load the Euclid
font. This is a pre-existing error though, so we can fix it in a later
PR.
The `yarn.lock` file was deduplicated in this PR as well, as it was
required to fix various install warnings that were introduced with this
update.
[1]: https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md
[2]: https://github.com/storybookjs/storybook/blob/next/MIGRATION.md
* Validate sendToken address when component updates
On a reproduction of trying to get the error message it seems that if an token address is provided in the address form with ETH selected then changing to a token address, the error message won't show.
This will validate the sendtoken address on prop change to properly update the warning message.
* Update test to include second doesAmountErrorRequireUpdate call when state is updated and component is updated
This fixes a PropType error when using non-custom slippage, and it
fixes a type inconsistency when custom slippage is used.
Previously, `slippage` was being converted explicitly to a `Number` as
it was passed into `BuildQuote`, but not as it was passed into
`AwaitingSwap`. Also the PropType was set as `string`, despite the fact
that it's a number in most cases, and is used for math.
The PropType has been changed to `number`, and the selective casting to
`Number` has been removed. Instead, the `maxSlippage` value is cast to
a `Number` as it's being selected, so that the type is always
consistent.
* Revert "Update fee card designs to show savings and MM fee (#9629)"
This reverts commit d9924ca771.
* Revert "Update main-quote-summary designs/styles (#9612)"
This reverts commit 5456d55c88.
* Add token verification message to swaps build quote screen
* Adds description for locale
* Use <a> tag for etherscan link
* Remove unnecessary span
* Update ui/app/pages/swaps/build-quote/build-quote.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Move add contact button in fullscreen/expanded view.
Fixes#9868
Move the add contact button that is overlapping (x)/close setting icon lower, on the same line as Contacts in fullscreen/expanded view.
This reverts commit f30d261e69.
The custom HD path option was found to be unsafe to use, because the
displayed list of accounts would differ depending on which application
was open on the Ledger device. Essentially Ledger was accepting invalid
inputs, and returning junk responses.
This was too dangerous to ship, as it could leave users with an account
that they can't reliably recover. If we don't know how the derivation
is happening, then allowing this import puts our users at risk of
losing funds.
We can re-introduce this functionality after adding validation to
ensure that we only allow inputs that are handled correctly by Ledger.
* Update fee card designs to show savings and MM fee
css touch up
More semantic html and remove unnecessary container wrapper
Update message for case when there are no savings, in new swaps fee card designs
Improve display of tilde in savings designs
* Ensure terms of service is shown when insufficient eth warning is shown on view-quote screen
* Logic simplification in fee-card.js
* Better center info tooltip icons in fee-card
* Add comment about use of \!important in fee card css
* Use container class property on info tooltip in fee card
* Remove function call that was made redundant with 980b14089 but not removed during rebase
* Document where we need BigNumber-related changes
* Fix 1 unit test
* Debug progress
* Add required values for each upstream usage of getBigNumber
* Switch to base 10
* Address feedback
* Fixes related to swaps custom gas limit
* Update ui/app/pages/swaps/view-quote/view-quote.js
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
* Move selectQuotePopover onSubmit dispatches to a single action creator
* Correct type of minimumGasLimit in view-quote.js
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Failed metric events on the opt-in page no longer leave the user stuck
on that page. If the metric events fail, they still bubble up as errors
to be caught by Sentry and logged to the console, but the user is still
brought to the next page.
Fixes#9800
The bug with our onboarding library integration was introduced in #8873
because of a change in when `completeOnboarding` was called. We hadn't
realized at the time that the onboarding integration relied upon the
onboarding completing event to know when the onboarding state should
be cleared. Because onboarding is now marked as completed earlier, the
state was cleared just as it was intended to be used.
The onboarding completed event has been moved back to where it was
before: after the user exits the "end of flow" page.
The original problem that #8873 was addressing was a routing issue,
where the user would be redirected back to the seed phrase confirmation
page despite already having confirmed their seed phrase. This was fixed
in a different way here, by updating the routing in the first time flow
switch to skip straight to the end of flow page if the seed phrase has
already been confirmed.
This does involve one user-facing change in behavior; if the user opens
any MetaMask UI before navigating away from the end-of-flow screen,
they will still be considered mid-onboarding so it'll redirect to the
end-of-flow screen. But we do mark onboarding as completed if the user
closes the tab/window while on the end of flow screen, which was
another goal of #8873.
The property `quoteDataRows[0]rawNetworkFees` was described as a number
rather than a string. In practice it is a string in all cases. The
PropType and the tests have both been updated to expect it to be a
string.
A few inconsistencies in JSDoc formatting have been fixed throughout
the project. Many issues remain; these were just the few things that
were easy to fix with a regular expression.
The changes include:
* Using lower-case for primitive types, but capitalizing non-primitive
types
* Separating the parameter identifier and the description with a dash
* Omitting a dash between the return type and the return description
* Ensuring the parameter type is first and the identifier is second (in
a few places it was backwards)
* Using square brackets to denote when a parameter is optional, rather
than putting "(optional)" in the parameter description
* Including a type and identifier with every parameter
* Fixing inconsistent spacing, except where it's used for alignment
* Remove incorrectly formatted `@deprecated` tags that reference non-
existent properties
* Remove lone comment block without accompanying function
Additionally, one parameter was renamed for clarity.
The `seedPhraseBackedUp` now tracks whether or not the seed phrase has
been backed up. Previously this defaulted to `true`, which left no way
to distinguish whether it had been backed up or not during onboarding.
The default is now `null`, and the UI logic has been updated to account
for this, so that "existing users" (i.e. users that have a backup that
is years old) aren't mistakenly considered to have not backed up their
seed phrase. This value is already set explicitly to `true` or `false`
during onboarding, in both the create and import flow.
This change was made primarily to make it easier to fix the onboarding
library integration, which will be done in a subsequent PR.
This reverts commit f5265c24ab.
Apparently it wasn't unnecessary after all. The Lock page served a few
different purposes. First, it was used to safeguard the seed phrase, in
case the user was interrupted after setting a password. Otherwise
anyone could open MetaMask and see the seed phrase without verifying
the password. Second, the submit function for the initialization unlock
screen also returned the seed phrase, so that it could be set in React
state for the confirmation step. Third, the submit function was also
responsible for navigating back to the seed phrase reveal page.
Removing the lock page had the effect of causing an infinite render
loop if onboarding was interrupted in the "Create" flow after setting
a password but before seed phrase confirmation. That redirect loop has
now been fixed.
* create custom addHexPrefix function
* switch to custom addHexPrefix
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Erik Marks <rekmarks@protonmail.com>
A lint error was accidentally introduced recently when two PRs changed
the same area of code (#9793 and #9795). They didn't conflict, and the
lint passed for both, but when combined they left an unused variable.
This page appears to serve the sole purpose of locking the extension
and redirecting back to the base route if the page is refreshed during
the onboarding flow. This ineffectual before the vault has been
initialized, and it's a barrier to resuming interrupted onboarding
flows when done after initialization.
This prop was being passed to the `CreatePassword` component, but that
component has no prop with this name. In fact, no component in this
entire project does.
Adds swaps-gas-customization-modal and utilize in swaps
Remove swaps specific code from gas-modal-page-container/
Remove slow estimate data from swaps-gas-customization-modal.container
Use average as lower safe price limit in swaps-gas-customization-modal
Lint fix
Fix up unit tests
Update ui/app/ducks/swaps/swaps.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Remove stale properties from gas-modal-page-container.component.js
Replace use of isCustomPrice safe with isCustomSwapsGasPriceSafe, in swaps-gas-customization-modal
Remove use of averageIsSafe in isCustomPriceSafe function
Stop calling resetCustomGasState in swaps
Refactor 'setter' type actions and creators to 'event based', for swaps slice custom gas logic
Replace use of advanced-tab-content.component with advanceGasInputs in swaps gas customization component
Add validation for the gasPrices endpoint
swaps custom gas price should be considered safe if >= to average
Update renderDataSummary unit test
Lint fix
Remove customOnHideOpts for swapsGasCustomizationModal in modal.js
Better handling for swaps gas price loading and failure states
Improve semantics: isCustomSwapsGasPriceSafe renamed to isCustomSwapsGasPriceUnSafe
Mutate state directly in swaps gas slice reducer
Remove unused params
More reliable tracking of speed setting for Gas Fees Changed metrics event
Lint fix
Throw error when fetchSwapsGasPrices response is invalid
add disableSave and customTotalSupplement to swaps-gas-customization container return
Update ui/app/ducks/swaps/swaps.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Improve error handling in fetchMetaSwapsGasPriceEstimates
Remove metricsEvent from swaps-gas-customization-modal context
Base check of gas speed type in swaps-gas-customization-modal on gasEstimateType
Improve naming of variable and functions use to set customPriceIsSafe prop of AdvancedGasInputs in swaps-gas-customization-modal
Simplify sinon spy/stub code in gas-price-button-group-component.test.js
Remove unnecessary getSwapsFallbackGasPrice call in swaps-gas-customization-modal
Remove use of getSwapsTradeTxParams and clean up related gas price logic in swaps
Improve validator of SWAP_GAS_PRICE_VALIDATOR
Ensure default tradeValue
* Display network form chain ID in decimal
* Hide chainId tooltip in view mode
* Display chain ID error message in entered format
* Update locale messages
* Rename on change chain ID validator
There were a few lint errors introduced in #9768 due to the recently
merged prettier PR. They have now been fixed.
Additionally, one line using the property `eth_accounts` was
intermittently failing for me locally. I've been seeing this lint
failure off-and-on for a few days now - I'm not sure why I haven't seen
it on CI. Either way though, it's now ignored.
This will allow usage in areas where getting the line-height, etc
of the typography settings will introduce issues. The mixins have been
updated to references these variables so that they can be changed in
one place in the future
* Check if swapTokenValue is negative and set prefix accordingly
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Ensure that trade.value fees are included in displayed network fees
* Remove unused getTotalEthCost function
* Remove unused getTotalEthCost function
* Update ui/app/pages/swaps/swaps.util.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Lint fix
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
If the attempt to fetch quotes fails, an error message is now logged to
the console explaining why it failed. This makes it dramatically easier
to understand what's happening when quotes fail.
At some point later on we should also look specifically for errors we
expect to occur, and report to Sentry in unexpected cases. I've added a
TODO comment about this.
* Update main-quote-summary designs/styles
* Clean up css: use className instead of element types
* Style fixes to symbol elements in main-quote-view
* Use correct source for token iconUrls passed to main-quote-view
* Improve vertical spacing on view-quote screen and with new main-quote-view designs
* Remove unused classes
* Tweak space around large quote amount text in main-quote-summary
These two stories showcased components that used React context and
Redux state that was not made available in the stories themselves. They
both crashed with an error when rendered in Storybook.
Instead of going through a great deal of effort to setup mocks for the
global Redux state and context, they have been removed. They are
perhaps the wrong layer for us to showcase in Storybook. Storybook is
more well suited for individual components that contain just UI logic.
A PropType error was shown in the console when on the Awaiting Swap
page in certain error scenarios. The `symbol` property was sometimes
not set if `destinationTokenInfo` was missing.
The `symbol` prop has been removed, as the `AwaitingSwap` component
already selected the `fetchParams`, and the `destinationTokenInfo`
object within. The prop was effectively a duplicate.
Refs #9663
See [`node/no-deprecated-api`][1] for more information.
This change enables `node/no-deprecated-api` and fixes the issues raised by the rule.
[1]:https://github.com/mysticatea/eslint-plugin-node/blob/v11.1.0/docs/rules/no-deprecated-api.md
The change to the way that `punycode` is imported is to address the fact that
third-party module is hidden by the built-in. This is a silly hack but it works.
Consolidates the background and UI segment implementations into a shared solution.
This results in the introduction of our first shared module.
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>