* Migrate to new controller packages
`@metamask/controllers` is deprecated, and most of the controllers that
lived here are now located in their own package ([1]). This commit
replaces `@metamask/controllers` in `package.json` with references to
these packages and updates `import` lines to match.
[1]: https://github.com/MetaMask/controllers/pull/831
* Support GitHub registry for draft PRs (#16549)
* Add additional allowed host to lockfile linter
* Update LavaMoat policies
* Add policy exception for nanoid
* Add additional nanoid overrides
* Update LavaMoat policies again
* Bump controller packages
* Update lavamoat
* Bump controller packages
* Update packages to v1.0.0
* Expand gitignore comment
* Unpin controller dependencies, using ^ range instead
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
The controllers package has been updated to v33. The only breaking
change in this release was to rename the term "collectible" to "NFT"
wherever it appeared in the API.
Changes in this PR have been kept minimal; additional renaming can be
done in separate PRs. This PR only updates the controller names,
controller state, controller methods, and any direct references to
these things. NFTs are still called "collectibles" in most places.
* Show error message if service worker did not load (respond to the UI)
after 1 minute.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove console.log
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* New Error message design
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Use lastTimeStamp instead of keeping track of message ids
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Do not initial channe every second.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* New logic to check if SW is stuck
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove 3box feature and delete ThreeBoxController
Lint locale messages
lavamoat policy updates
* Restore 3Box user trait with value `false`
The 3Box user trait has been restored and hard-coded as `false`. This
ensures that users don't get stuck in our metrics as having this trait.
A deprecation comment has been left in various places for this trait.
* Remove unused state
* Remove additional 3box-related things
* Run `yarn-deduplicate`
* Restore migration that was lost while rebasing
* Remove obsolete override
* Remove additional unused resolutions/dependencies
* Update LavaMoat policies
* Remove obsolete security advisory ignore entries
* Remove 3Box fixture builder method
* Update unit tests
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* snaps-skunkworks@0.22.0
* Update LavaMoat policies
* Bump execution environment and fix a breaking change
* Fix caveat and permissions
* Fix test
* Exclude keyring endowment for now
* Fix test
* Fix snap_confirm missing title
* refactor backup controller to return the data to be backed up
and do the actual backup in the UI.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move export-utils to ui/helpers as it's only used in the UI now.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* use context to call event tracker.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Don't make backup function inline.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Deprecating Rinkeby, setting default debug network to Goerli
* Deprecating Ropsten and Kovan
* Conflict fix
* Remove unused localization, test fixes
* Add migration for moving used deprecated testnets to custom networks
* Fix migrator test
* Add more unit tests
* Migration updates provider type to rpc if deprecated network is selected
* Migration fully and correctly updates the provider if selected network is a deprecated testnet
* Continue to show deprecation warning on each of rinkeby, ropsten and kovan
* Add rpcUrl deprecation message to loading screen
* Removing mayBeFauceting prop
Co-authored-by: Dan Miller <danjm.com@gmail.com>
* Show 3box deprecation message in whats new
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add . after message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Change deprecation notification message and remove date
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* addding the legacy tokenlist, tuning token detection OFF by default, adding new message while importing tokens
updating the controller version and calling detectNewToken on network change
fixing rebase error
Run yarn lavamoat:auto for updating policies
updating lavamoat
Deleted node modules and run again lavamoat auto
fixing rebase issues
updating lavamoat policies
updating lavamoat after rebasing
policies
updating custom token warning and blocking detectedtoken link when tpken detection is off for supported networks
to update the token in fetchTosync
updating the contract map object
Revert build-system lavamoat policy changes
Move token list selection logic from components to getTokenList selector
updating the tokenList
Update lavamoat
Fix error
updating lavamoat
lint fix
fix unit test fail
fix unit test fail
lint fix
fixing rebase locale error
rebase fix
Revert build-system policy changes
temp
addressing review comments
* rebase fix
* Backup user data
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Tests for prependZero (utils.js)
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix advancedtab test
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
backup controller tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Backup controller don't have a store.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Restore from file.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Advanced Tab tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fix
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
e2e tests for backup
unit tests for restore.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix comments on PR.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
restore style
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
We should move the exportAsFile to a utility file in the shared/ directory
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move export as file to shared folder
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Refactor create download folder methods
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move the backup/restore buttons closer to 3box
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Change descriptions
Add to search
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
refactor code to use if instead of &&
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Restore button should change cursor to pointer.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix restore not uploading same file twice.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not backup these items in preferences
identities
lostIdentities
selectedAddress
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Only update what is needed.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fixed test for search
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* remove txError as it currently does nothing.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove dispatch, not needed since we're not dispatching any actions.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Event should be title case.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Make backup/restore normal async functions
rename event as per product suggestion.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Use success Actionable message for success message and danger for error
message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* change event name to match with backup
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* fix e2e
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Don't send errors to sentry if users have not opted-in to participate in metametrics
* Don't capture opt-out metrics
* Move the metrics-opt in screen to immediately after the welcome screen
* Ensure that global.getSentryState is set in the background
* Fix e2e tests after rearranging onboardin flow
* Fix unit tests
* More e2e test fixes
* Remove unnecessary wrappers around capture exception
* set more appropriate default for ticker symbol when wallet_addEthereumChain is called
* throw error to dapp when site suggests network with same chainId but different ticker symbol from already added network, instead of showing error and disabled notification to user
* Removed infura v3 key from rpcUrl display
* Code refactor
* Fixed error
* Prevent submission of form when editing an featured rpc and there is a chainId error
* Add optional chaining to rpcurls to prevent type errors
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
* MetaMetrics: identify number_of_tokens
* MetaMetrics: update number_of_tokens
do not filter by unique addresses.
Each token contract x chain id combo is a unique contract
* MetaMetrics: update MetaMetricsTraits @typedef
- add number_of_tokens
* MetaMetrics: clean up number_of_tokens
* MetaMetrics: alphabetize in test
* Add new user trait for 'Number of NFT collections'.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
FIx JS DOC
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Arrange TRAITS in alphabetical order
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Unit Tests for allCollectibles traits tracking.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
change cid to chainId
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* invert condition
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* jsdoc - alphabetical order
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* change {string} to the literal {number_of_nft_collections}
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Optimize _getNumberOfNFTs
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Create shared `TRAITS` constant
Create a new constant in shared/constants/metametrics.js called TRAITS.
Using the other issues in this epic as guidance, populate the constant with traits.
Add Documentation to this constant about what each trait is.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* use field names as the constants
only interested in 4 traits now for the MVP
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* cut down comments length for readability.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* 80 chars comments length
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* fix issue where we show contract address as recipient when calling safe transfer method on erc721 or erc1155 contracts
* updates function name getTransactionData -> parseStandardTokenTransactionData, and adds documentation
* Initial native notification implementation
* Simplify implementation
* Implementation based on RateLimitController
* Update controllers package
* Add notification to permission list
* Wire up correctly
* Remove snap_notify from the exclusion list
This PR adds `snaps` under Flask build flags to the extension. This branch is mostly equivalent to the current production version of Flask, excepting some bug fixes and tweaks.
Closes#11626
When a lot of transactions are occurring on the network, such as during
an NFT drop, it drives gas fees up. When this happens, we want to not
only inform the user about this, but also dissuade them from using a
higher gas fee (as we have proved in testing that high gas fees can
cause bidding wars and exacerbate the situation).
The method for determining whether the network is "busy" is already
handled by GasFeeController, which exposes a `networkCongestion`
property within the gas fee estimate data. If this number exceeds 0.66 —
meaning that the current base fee is above the 66th percentile among the
base fees over the last several days — then we determine that the
network is "busy".
ESLint rules have been added to enforce our JSDoc conventions. These
rules were introduced by updating `@metamask/eslint-config` to v9.
Some of the rules have been disabled because the effort to fix all lint
errors was too high. It might be easiest to enable these rules one
directory at a time, or one rule at a time.
Most of the changes in this PR were a result of running
`yarn lint:fix`. There were a handful of manual changes that seemed
obvious and simple to make. Anything beyond that and the rule was left
disabled.
* added wrapper around account list to prevent storybook from collapsing the list
* updated translation files
* added snap-connect page
* refactored account list out of the choose account component
* fixed width
* removed unnecessary scss from choose-account component, fixed props in choose account story
* removed snaps-connect page, added comments to ChooseAccount
* updated choose account subtitle text, updated styling for title & subtitle, removed redundant account list story
* updated component name, updated paths
* fixed linter errors
* added comments
* removed unused message
* removed selectAccounts key from all locales
* updated class name for account list header, updated allAreSelected function to use length checks
* Revert "removed unused message"
This reverts commit 32771bc83c08f120825ef75f0741f3034e7dbecb.
* Revert "removed selectAccounts key from all locales"
This reverts commit ccfa4a860f9a75693d893d7c404384e719de297e.
* updated locale messages to use selectAccounts key
* removed stray import
* updated scss
* updated translation key
* removed chooseAccounts key from en locale
* removed optional chaining
* changes
* updated subjectMetadata
* updated subject types
* update useOriginMetadata function to include unknown subject type
* updated permission connect header props, removed host and added subjectType to targetSubjectMetadata
* added subjectType to targetSubjectMetadata
* removed console.log
* changed prop name to iconUrl
This PR introduces the concept of subject _types_ to be associated with each subject in the `SubjectMetadataController`, and used for control flow in our RPC stack (`setupProviderEngine` and so forth).
We already differentiate between "types" of subjects in various places on an ad hoc basis via boolean flags (e.g. `isInternal` in our RPC stack) or the presence/absence of certain values in the subject's metadata (specifically `metadata.extensionId`). The status quo is manageable if not ideal, but will start to become untenable with the introduction of Snaps in the near future.
Therefore, this PR establishes a `SUBJECT_TYPES` enum and adds the `subjectType` property to the metadata of each subject. A new migration is added to accomplish this. Finally, we specify and `INTERNAL` subject type to distinguish internal from external requests.
# Permission System 2.0
## Background
This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.
With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.
Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.
The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.
## Changes in Detail
First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.
- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.
Reviewers should focus their attention on the following files:
- `app/scripts/`
- `metamask-controller.js`
- This is where most of the integration work for the new `PermissionController` occurs.
Some functions that were internal to the original controller were moved here.
- `controllers/permissions/`
- `selectors.js`
- These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
- `specifications.js`
- The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
See the `PermissionController` readme for details.
- `migrations/068.js`
- The new state should be cross-referenced with the controllers that manage it.
The accompanying tests should also be thoroughly reviewed.
Some files may appear new but have just moved and/or been renamed:
- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
- This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
- A truncated version of `test/mocks/permission-controller.js`.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* support qr based signer
* add CSP for fire fox
* get QR Hardware wallet name from device
* fix qrHardware state missing in runtime
* support qr based signer sign transaction
* refine Request Signature modal ui
* remove feature toggle
* refine ui
* fix notification is closing even there is a pending qr hardware transaction
* add chinese translation, refine ui, fix qr process was breaking in some case
* support import accounts by pubkeys
* refine qr-based wallet ui and fix bugs
* update @keystonehq/metamask-airgapped-keyring to fix that the signing hd path was inconsistent in some edge case
* fix: avoid unnecessay navigation, fix ci
* refactor qr-hardware-popover with @zxing/browser
* update lavamoat policy, remove firefox CSP
* refine qr reader ui, ignore unnecessary warning display
* code refactor, use async functions insteads promise
Co-authored-by: Soralit <soralitria@gmail.com>
* Background clears confirmations on popup close
* [WIP] Remove clearing confirmations through UI
* Confirmations are now rejected instead of cleared
* Erased commented out code
* Fix linter errors
* Changes after code review
* Moved metrics events from onWindowUnload to background
* PR review fixes
* Added abillity to add reason to rejection of messages
* Fix prettier
* Added type metrics event to signature cancel
* Fix test
* The uncofirmed transactions are now cleared even if Metamask is locked