* Version v10.18.4
* Fix default currency symbol for `wallet_addEthereumChain` + improve warnings for data that doesn't match our validation expectations (#15201)
* set more appropriate default for ticker symbol when wallet_addEthereumChain is called
* throw error to dapp when site suggests network with same chainId but different ticker symbol from already added network, instead of showing error and disabled notification to user
* Fix Provider Tracking Metrics (#15082)
* fix filetype audit (#15334)
* Remove decentralized 4byte function signature registry since it contains incorrect signatures and we can't algorithmically check for best option when 4byte.directory is down (#15300)
* remove decentralized 4byte function signature registry since it is griefed and we can't algorithmically check for best option when 4byte is down
* add migration
* remove nock of on chain registry call in getMethodDataAsync test
* remove audit exclusion (#15346)
* Updates `eth-lattice-keyring` to v0.10.0 (#15261)
This is mainly associated with an update in GridPlus SDK and enables
better strategies for fetching calldata decoder data.
`eth-lattice-keyring` changes:
GridPlus/eth-lattice-keyring@v0.7.3...v0.10.0
`gridplus-sdk` changes (which includes a codebase rewrite):
GridPlus/gridplus-sdk@v1.2.3...v2.2.2
* Fix 'block link explorer on custom networks' (#13870)
* Created a logic for the 'Add a block explorer URL'
Removed unused message
Message logic rollback
Modified history push operation
WIP: Pushing before rebasing
Applied requested changes
Removed unintenionally added code
* Lint fix
* Metrics fixed
* Stop injecting provider on docs.google.com (#15459)
* Fix setting of gasPrice when on non-eip 1559 networks (#15628)
* Fix setting of gasPrice when on non-eip 1559 networks
* Fix unit tests
* Fix logic
* Update ui/ducks/send/send.test.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* [GridPlus] Bumps `eth-lattice-keyring` to v0.11.0 (#15490)
* [GridPlus] Bumps `gridplus-sdk` to v2.2.4 (#15561)
* remove exclusions for mismatched object jsdoc type casing (#15351)
* Improve `tokenId` parsing and clean up `useAssetDetails` hook (#15304)
* Fix state creation in setupSentryGetStateGlobal (#15635)
* filter breadcrumbs for improved clarity while debugging sentry errors (#15639)
* Update v10.18.4 changelog (#15645)
* Auto generated changelog
* Update 10.18.4 changelog
* Run lavamoat:auto
* Call metrics event for wallet type selection at the right time (#15591)
* Fix Sentry in LavaMoat contexts (#15672)
Our Sentry setup relies upon application state, but it wasn't able to
access it in LavaMoat builds because it's running in a separate
Compartment.
A patch has been introduced to the LavaMoat runtime to allow the root
Compartment to mutate the `rootGlobals` object, which is accessible
from outside the compartment as well. This lets us expose application
state to our Sentry integration.
* Fix Sentry deduplication of events that were never sent (#15677)
The Sentry `Dedupe` integration has been filtering out our events, even
when they were never sent due to our `beforeSend` handler. It was
wrongly identifying them as duplicates because it has no knowledge of
`beforeSend` or whether they were actually sent or not.
To resolve this, the filtering we were doing in `beforeSend` has been
moved to a Sentry integration. This integration is installed ahead of
the `Dedupe` integration, so `Dedupe` should never find out about any
events that we filter out, and thus will never consider them as sent
when they were not.
* Replace `lavamoat-runtime.js` patch (#15682)
A patch made in #15672 was found to be unnecessary. Instead of setting
a `rootGlobals` object upon construction of the root compartment, we
are now creating a `sentryHooks` object in the initial top-level
compartment. I hadn't realized at the time that the root compartment
would inherit all properties of the initial compartment `globalThis`.
This accomplishes the same goals as #15672 except without needing a
patch.
* Update v10.18.4 changelog
* Fix lint issues
* Update yarn.lock
* Update `depcheck` to latest version (#15690)
`depcheck` has been updated to the latest version. This version pins
`@babel/parser` to v7.16.4 because of unresolved bugs in v7.16.5 that
result in `depcheck` failing to parse TypeScript files correctly.
We had a Yarn resolution in place to ensure `@babel/parser@7.16.4` was
being used already. That resolution is no longer needed so it has been
removed. This should resove the issue the dev team has been seeing
lately where `yarn` and `yarn-deduplicate` disagree about the state the
lockfile should be in.
* Update yarn.lock
* Update LavaMoat policy
* deduplicate
* Update LavaMoat build policy
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Alex Donesky <adonesky@gmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
Co-authored-by: Alex Miller <asmiller1989@gmail.com>
Co-authored-by: Filip Sekulic <filip.sekulic@consensys.net>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: seaona <54408225+seaona@users.noreply.github.com>
Co-authored-by: seaona <mariona@gmx.es>
Co-authored-by: PeterYinusa <peter.yinusa@consensys.net>
* Don't send errors to sentry if users have not opted-in to participate in metametrics
* Don't capture opt-out metrics
* Move the metrics-opt in screen to immediately after the welcome screen
* Ensure that global.getSentryState is set in the background
* Fix e2e tests after rearranging onboardin flow
* Fix unit tests
* More e2e test fixes
* Remove unnecessary wrappers around capture exception
* Only have timeout for when payload is getState
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix test
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* add function to check if url is localhost
* allow localhost rpcUrls in `wallet_addEthereumChain`
* allow localhost blockExplorerUrls
* wrap new URL in try/catch
* When background port closes, UI should display a user friendly error.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove console.log
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
A couple of fixes
1. Use timeout in metaRPCClientFactory to check if UI can't
communicate with bg
2. Refactor locale setup
3. Fixed wording/capitalization
4. Fix locales usage so that linting works
5. Refactor CSS
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
do not simulate errorwq
Refactor loading css
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove the onDisconnect event handler in ui as this is handled in
metarpcclientfactory
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not throw in bg
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix PR comments
Remove unused message 'failedToLoadMessage'
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move usage of locales to shared/** so that linter can see it.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not simulate error.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
metarpc can handle multiple requests, responseHandled should be a map.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
reload metamask button on critical error
Use metamask state (if available) to the locale, else read locale files
manually.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
use constant and numeric separator
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
refactor error utils
remove error simulation
Memoize setupLocale function
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
test cases
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not simulate error
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
1. store should be metamask state
2. code refactorings.
Tests: mock setupLocale
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Mock fetchLocale instead
Test setup locale
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
UI/CSS changes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not simulate failure
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* spell MetaMask correctly
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Rename state to mockStore
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* we should clean up this.responseHandled[id] in the error case.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fixed PR comments.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* clean up response handled.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* origin/develop: (131 commits)
Update `protobufjs` and remove obsolete advisory exclusion (#14841)
Include snap version in pill (#14803)
Update PULL_REQUEST_TEMPLATE.md (#14790)
fix: keystone transaction qrcode has no white spacing (#14798)
Snap notifications integration (#14605)
Upgrade @metamask/eth-ledger-bridge-keyring (#14799)
snaps-skunkworks@0.15.0 (#14772)
Fix proptype errors in network dropdown, tx list item details, and account details modal tests (#14747)
Ensure transaction type is correctly updated on edit (#14721)
Add fiat onboarding for AVAX and MATIC through Wyre (#14683)
Bump @metamask/contract-metadata from 1.33.0 to 1.35.0 (#14791)
Slight cleanup of constants/transactions, useTransactionDisplayData, and TransactionIcon (#14784)
Migrate the "estimateGas" API call to "getFees" for STX (#14767)
Ignore advisory GHSA-wm7h-9275-46v2 (#14789)
Adding flag for MV3 (#14762)
Add types to send state (#14740)
Remove site origin on snap install (#14752)
Update design tokens library from 1.5 to 1.6 WIP (#14732)
Enables the "Safe Transaction From" copy for safeTransferFrom transactions (#14769)
remove draft transaction (#14701)
...
* origin/master: (101 commits)
Updating changelog
Add token standard to custom token details (#14506)
Revert "Dark Mode: What's New Announcement (#14346)"
Ensure network name in confirm page container is defined (#14520)
Updating lavamoat policies
Fix the alerts toggles in settings (#14498)
Disable swaps whenever the environment is not development or testing, so that behaviour follows production for QA purposes (#14499)
[skip e2e] Updating changelog for v10.14.0 (#14487)
Version v10.14.0
Docs - segment metrics (#14435)
Add snaps view search (#14419)
Run main, flask and beta in sequence in generate-lavamoat-policies.sh (#14470)
Modify import SRP page (#14425)
Dark Mode: Implement Metrics (#14455)
HoldToRevealButton component (#13785)
e2e test import json file as import account strategy (#14449)
MetaMetrics: Identify 'number_of_tokens' user trait (#14427)
MetaMetrics: Identify 'nft_autodetection_enabled' & 'opensea_api_enabled' (#14367)
Swaps: Sort "token_from" dropdown tokens by their fiat value first and "token_to" by top tokens (#14436)
Update segment instantiation check. Only check if SEGMENT_WRITE_KEY exists (#14407)
...
An externally hosted phishing warning page is now used rather than the
built-in phishing warning page.The phishing page warning URL is set via
configuration file or environment variable. The default URL is either
the expected production URL or `http://localhost:9999/` for e2e testing
environments.
The new external phishing page includes a design change when it is
loaded within an iframe. In that case it now shows a condensed message,
and prompts the user to open the full warning page in a new tab to see
more details or bypass the warning. This is to prevent a clickjacking
attack from safelisting a site without user consent.
The new external phishing page also includes a simple caching service
worker to ensure it continues to work offline (or if our hosting goes
offline), as long as the user has successfully loaded the page at least
once. We also load the page temporarily during the extension startup
process to trigger the service worker installation.
The old phishing page and all related lines have been removed. The
property `web_accessible_resources` has also been removed from the
manifest. The only entry apart from the phishing page was `inpage.js`,
and we don't need that to be web accessible anymore because we inject
the script inline into each page rather than loading the file directly.
New e2e tests have been added to cover more phishing warning page
functionality, including the "safelist" action and the "iframe" case.
* segment: instantiate w/out SEGMENT_HOST check
If SEGMENT_HOST is null, then the analytics-node library will usea defaulted host
* Segment: rm IN_TEST check for instantiation
Certain build steps accidentally omitted the `version` variable. It has
now been restored to all steps, ensuring that all environment variables
are correctly injected into all bundles.
A check has been added to the Sentry setup module to ensure the release
is not omitted in the future.
Certain build steps accidentally omitted the `version` variable. It has
now been restored to all steps, ensuring that all environment variables
are correctly injected into all bundles.
A check has been added to the Sentry setup module to ensure the release
is not omitted in the future.
* origin/develop: (210 commits)
Dark Mode: Remove unwanted background for price quote (#14278)
Dark Mode: Fix colors in toggle button (#14280)
Ensure proper color for swaps edit link (#14273)
Dark Mode: Ensure actionable message button colors are the same color as previously (#14271)
Add token standard to Token Added event. (#14253)
Token Aggregators component for Tokens Detected page (#14157)
Ensure Metafox follows cursor on Fetching quotes screen (#14261)
TransactionsControllerTest: catch uncaught errors (#14196)
GasModalPageContainer story: convert knobs and actions to controls / args (#13516)
Show STX switch for wrapping / unwrapping (#14225)
Change over ImportToken stories to use controls instead of knobs, update props in stories (#14246)
Change over FeeCard stories to use controls instead of knobs, update props in stories (#13766)
Update What's new screen with Token Detection information (#14124)
Improvements for multi-layer fee UX (#13547)
metaMetricsEvent -> trackEvent (#14249)
E2e dapp interactions (#14149)
failing contract interaction e2e (#14227)
Removed metrics event (#14042)
Add TypeScript to the build system (#13489)
Build user traits object when metamask state changes (#14192)
...
An array of integers is now used to represent the SRP in three cases:
* In the import wallet flow, the UI uses it to pass the user-provided
SRP to the background (which converts the array to a buffer).
* In the create wallet flow, the UI uses it to retrieve the generated
SRP from the background.
* When persisting the wallet to state, the background uses it to
serialize the SRP.
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
* deprecate extensionizer for webextension-polyfill
* fix tests
* remove extensionizer
* fix browser windows api calls
* fix broken on firefox
* fix getAcceptLanguages call
* update more browser apis that are now promisified
* remove unnecessary console error ignoring in e2e tests
* Added more info for EIP-712 schema errors
* Changed EthereumProviderError to EthereumRpcError
* Fixed error code to not be hardcoded for signTypedData
An array of integers is now used to represent the SRP in three cases:
* In the import wallet flow, the UI uses it to pass the user-provided
SRP to the background (which converts the array to a buffer).
* In the create wallet flow, the UI uses it to retrieve the generated
SRP from the background.
* When persisting the wallet to state, the background uses it to
serialize the SRP.
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
This PR adds `snaps` under Flask build flags to the extension. This branch is mostly equivalent to the current production version of Flask, excepting some bug fixes and tweaks.
Closes#11626
ESLint rules have been added to enforce our JSDoc conventions. These
rules were introduced by updating `@metamask/eslint-config` to v9.
Some of the rules have been disabled because the effort to fix all lint
errors was too high. It might be easiest to enable these rules one
directory at a time, or one rule at a time.
Most of the changes in this PR were a result of running
`yarn lint:fix`. There were a handful of manual changes that seemed
obvious and simple to make. Anything beyond that and the rule was left
disabled.
* Prevent automatic rejection of confirmations
Confirmations are now only automatically rejected if a user explicitly
closes the notification window. If we close the window programmatically
because there are no notifications left to show, nothing gets rejected.
This partially avoids a race condition where a confirmation gets
rejected automatically without the user having seen the confirmation
first. This could happen if the confirmation was processed just as the
notification window was being closed.
It's still possible for a confirmation that the user has never seen to
get rejected as a result of the user closing the window. But at least
now it's no longer possible for a confirmation to get rejected in this
manner after the user resolves the last confirmation in the queue.
* Fix bug that prevented automatic closure detection
All windows were being detected as explicit window closures,
essentially just as they were previously, because this variable was
cleared too soon.
* Re-open popup when necessary
After the window is automatically closed, a confirmation may have been
queued up while the window was closing. If so, the popup is now re-
opened.
Adds a missing middleware hook for `wallet_requestPermissions` that we failed to add in #12243. Also adds a runtime check that throws an error if any expected hooks are not provided to `createMethodMiddleware`.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
The `environment` field we use for Sentry includes the build type for
all build types except `main`, but the log message indicating that
Sentry did not include this. This log message is useful for ensuring
that Sentry is setup correctly, so it should display the same
environment that Sentry is using. It has been updated to do just that.
* added wrapper around account list to prevent storybook from collapsing the list
* updated translation files
* added snap-connect page
* refactored account list out of the choose account component
* fixed width
* removed unnecessary scss from choose-account component, fixed props in choose account story
* removed snaps-connect page, added comments to ChooseAccount
* updated choose account subtitle text, updated styling for title & subtitle, removed redundant account list story
* updated component name, updated paths
* fixed linter errors
* added comments
* removed unused message
* removed selectAccounts key from all locales
* updated class name for account list header, updated allAreSelected function to use length checks
* Revert "removed unused message"
This reverts commit 32771bc83c08f120825ef75f0741f3034e7dbecb.
* Revert "removed selectAccounts key from all locales"
This reverts commit ccfa4a860f9a75693d893d7c404384e719de297e.
* updated locale messages to use selectAccounts key
* removed stray import
* updated scss
* updated translation key
* removed chooseAccounts key from en locale
* removed optional chaining
* changes
* updated subjectMetadata
* updated subject types
* update useOriginMetadata function to include unknown subject type
* updated permission connect header props, removed host and added subjectType to targetSubjectMetadata
* added subjectType to targetSubjectMetadata
* removed console.log
* changed prop name to iconUrl
The ESLint config has been updated to v8. The breaking changes are:
* The Prettier rule `quoteProps` has been changed from `consistent` to
`as-needed`, meaning that if one key requires quoting, only that key is
quoted rather than all keys.
* The ESLint rule `no-shadow` has been made more strict. It now
prevents globals from being shadowed as well.
Most of these changes were applied with `yarn lint:fix`. Only the
shadowing changes required manual fixing (shadowing variable names were
either replaced with destructuring or renamed).
The dependency `globalThis` was added to the list of dynamic
dependencies in the build system, where it should have been already.
This was causing `depcheck` to fail because the new lint rules required
removing the one place where `globalThis` had been erroneously imported
previously.
A rule requiring a newline between multiline blocks and expressions has
been disabled temporarily to make this PR smaller and to avoid
introducing conflicts with other PRs.
The `selectHooks` function has been replaced with the equivalent
function from the `@metamask/rpc-methods` package, which is
functionally equivalent.
The function was included in that package so that it could be used
elsewhere in the `snaps-skunkworks` repo. Eventually the goal is to
migrate much of our RPC logic into this package so that it can be
shared across products, and by our libraries as needed.
This PR introduces the concept of subject _types_ to be associated with each subject in the `SubjectMetadataController`, and used for control flow in our RPC stack (`setupProviderEngine` and so forth).
We already differentiate between "types" of subjects in various places on an ad hoc basis via boolean flags (e.g. `isInternal` in our RPC stack) or the presence/absence of certain values in the subject's metadata (specifically `metadata.extensionId`). The status quo is manageable if not ideal, but will start to become untenable with the introduction of Snaps in the near future.
Therefore, this PR establishes a `SUBJECT_TYPES` enum and adds the `subjectType` property to the metadata of each subject. A new migration is added to accomplish this. Finally, we specify and `INTERNAL` subject type to distinguish internal from external requests.
The `nodeify` utility is no longer needed for the background API.
Instead each method is assumed to be either synchronous or Promise-
returning.
The error handling was updated to at least log the error in the case
where a method fall fails after the connection is broken.
# Permission System 2.0
## Background
This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.
With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.
Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.
The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.
## Changes in Detail
First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.
- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.
Reviewers should focus their attention on the following files:
- `app/scripts/`
- `metamask-controller.js`
- This is where most of the integration work for the new `PermissionController` occurs.
Some functions that were internal to the original controller were moved here.
- `controllers/permissions/`
- `selectors.js`
- These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
- `specifications.js`
- The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
See the `PermissionController` readme for details.
- `migrations/068.js`
- The new state should be cross-referenced with the controllers that manage it.
The accompanying tests should also be thoroughly reviewed.
Some files may appear new but have just moved and/or been renamed:
- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
- This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
- A truncated version of `test/mocks/permission-controller.js`.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
