1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-26 12:29:06 +01:00
Commit Graph

3827 Commits

Author SHA1 Message Date
Erik Marks
eeee8852cd
Add eth_getProof to safe methods (#10070)
`eth_getProof` is an unpermissioned, read-only RPC method for getting account-related Merkle proofs, specified here: https://eips.ethereum.org/EIPS/eip-1186

It's been supported by major Ethereum clients, and Infura, for some time. By adding it to the safe methods list, we enable this method for our users.
2020-12-14 15:21:15 -08:00
Etienne Dusseault
69df19f195
Disable console in contentscript (#10040)
* Maintain console logging in dev mode

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Erik Marks <rekmarks@protonmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-12-14 11:17:13 -08:00
David Walsh
9a1548368f
Use Boolean for filters (#10066) 2020-12-14 11:03:59 -06:00
Erik Marks
8f40d03299
Add approval controller (#9401)
This PR introduces the new approval controller to the extension codebase. We use it for the permissions controller's pending approval functionality.

The approval controller sets us up for a new pattern of requesting and managing user confirmations in RPC methods. Along with the generic RPC method middleware, the approval controller will allow us to eliminate our message managers, and decouple various method handlers from our provider stack, making the implementations more portable between the extension and mobile.
2020-12-14 08:04:26 -08:00
Erik Marks
54e9c53b27
Add web3 shim usage notification (#10039)
* Add web3 shim usage alert background state and logic
* Cleanup alert background state, constants
* Implement web3 shim usage notification and settings
* nodeify alert controller background hooks
* Remove svg icon, again
* Tweak alert controller initialization
* Add support article URL
* Un-thunk alert UI "actions"
* Delete connect.svg file (unused)
2020-12-10 15:40:29 -08:00
Mark Stacey
86fba2dac1
Fix contentscript injection failure on Firefox 56 (#10034)
On Firefox 56 and Waterfox Classic, our `runLockdown.js` script throws
an error. This is fine on the HTML pages, as the next script tags still
get run without issue (though they don't benefit from the SES lockdown
sadly). But in the `contentscript`, an exception thrown here appears to
halt the execution of subsequent scripts.

To prevent the `contentscript` from crashing completely, lockdown
errors are now caught and logged. They are also logged to Sentry on the
pages where Sentry is setup.
2020-12-10 14:03:04 -03:30
Mark Stacey
4587e984f5
Increase Chrome minimum version (#10019)
The Chrome minimum version has been increased from v58 to v63. We found
that we had very few users on versions below v63, and v62 is
incompatible with our SES lockdown dependency.

This also makes us compatible with Object rest/spread syntax, so we
might not have to transpile that anymore. I'll revisit that separately.
2020-12-10 01:59:47 -03:30
Mark Stacey
b2aa14d676 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop: (22 commits)
  Fix TokenList component name (#10030)
  Update `tweetnacl` dependencies (#10028)
  Rename `lockdown.cjs` to `lockdown.js` (#10026)
  Revert "Revert "Add SES lockdown to extension webapp (#9729)""
  Revert "Revert "Remove redundant babelify (#9945)""
  Add hidden tokens to store (#9320)
  @metamask/inpage-provider@^8.0.0 (#8640)
  Log persistence errors with Sentry (#10018)
  Fix SES lockdown on older browsers (#10014)
  Reapply view quote screen designs (#9905)
  Fix unbound metrics track function (#10016)
  Deobfuscate error message (#10012)
  Add SES lockdown and Sentry to all pages (#10013)
  Remove web3 injection (#9156)
  Initialize network controller provider chainId to the appropriate default networks (#9999)
  Fix Infura network chain IDs (#8629)
  Prevent props error in swaps gas modal (#10001)
  Fix 9906 - Prevent unwanted 'no quotes available' message when going back to build quote screen while having insufficient funds (#9994)
  Fix 9988 - Don't allow more than 15% slippage (#9991)
  Bump highlight.js from 10.4.0 to 10.4.1 (#10004)
  ...
2020-12-09 18:11:19 -03:30
MetaMask Bot
d5be047b7b Version v8.1.8 2020-12-09 12:19:45 -03:30
Mark Stacey
07fab76dd0 Rename lockdown.cjs to lockdown.js (#10026)
When you load an extension `.zip` file in Firefox, it fails to load
scripts with the `.cjs` file extension. However, it works if you load
the extension via the `manifest.json` file instead.

After renaming the `lockdown.cjs` file to `lockdown.js`, it works in
Firefox in all cases, regardless whether it's loaded by manifest or by
`.zip`.
2020-12-09 12:19:17 -03:30
Mark Stacey
e9b5386f74 Log persistence errors with Sentry (#10018)
Failures to persist state are now logged in Sentry. Previously they
were only logged to the background console.
2020-12-09 12:19:16 -03:30
Mark Stacey
ba2c56c871 Fix SES lockdown on older browsers (#10014)
On older browsers that don't support `globalThis`[1], the SES lockdown
throws an error. The `globalthis` shim has been added to all pages, to
the background process, and to the `contentscript`. This should prevent
the error on older browsers.

[1]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/globalThis#Browser_compatibility
2020-12-09 12:19:16 -03:30
Mark Stacey
b75863dc00 Fix unbound metrics track function (#10016)
The new metrics controller has a `trackEvent` function that was being
called unbound, so `this` references were undefined. It is now bound
early in both places where it is passed in as a parameter.
2020-12-09 12:19:16 -03:30
Mark Stacey
01c0775486 Deobfuscate error message (#10012)
The SES lockdown added in #9729 had the effect of obfuscating our error
messages. Any messages printed to the console would have the error
message replaced with the string "Error #" followed by a number. The
stack was also updated to point at `lockdown.cjs`, though the original
stack was preserved beneath the top stack frame.

Marking the `console` API as untamed seems to have fixed both issues.
The original error message is now printed to the console, along with
the original stack.
2020-12-09 12:19:16 -03:30
Mark Stacey
4ae911eb23 Add SES lockdown and Sentry to all pages (#10013)
When the SES lockdown was added in #9729, the lockdown and the Sentry
initialization were migrated from the main bundle into separate
modules, which were run as separate `<script>` tags. These extra tags
were accidentally omitted for `home.html` and `notification.html`. As
a result Sentry was not initialized on these pages, so any errors
thrown on them would not be collected. They also do not benefit from
the SES lockdown.

The SES lockdown and Sentry initialization modules have been added to
both pages where they were missing.
2020-12-09 12:19:16 -03:30
Thomas Huang
6ecc3dee22 Initialize network controller provider chainId to the appropriate default networks (#9999) 2020-12-09 12:19:16 -03:30
David Walsh
b9cb0014ab Fix 9988 - Don't allow more than 15% slippage (#9991) 2020-12-09 12:19:16 -03:30
Erik Marks
0ed9ed008b Update transaction params validation (#9992)
* Update transaction params validation

* fixup! Update transaction params validation

* Update to/data error message

* fixup! Update to/data error message
2020-12-09 12:17:44 -03:30
Mark Stacey
ffcdd1e76a Revert "Revert "Add SES lockdown to extension webapp (#9729)""
This reverts commit d783966065.
2020-12-09 12:11:55 -03:30
Mark Stacey
f386e4ce4b
Rename lockdown.cjs to lockdown.js (#10026)
When you load an extension `.zip` file in Firefox, it fails to load
scripts with the `.cjs` file extension. However, it works if you load
the extension via the `manifest.json` file instead.

After renaming the `lockdown.cjs` file to `lockdown.js`, it works in
Firefox in all cases, regardless whether it's loaded by manifest or by
`.zip`.
2020-12-09 12:04:11 -03:30
Mark Stacey
427268b25f Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop:
  Add hidden tokens to store (#9320)
  @metamask/inpage-provider@^8.0.0 (#8640)
  Log persistence errors with Sentry (#10018)
  Fix SES lockdown on older browsers (#10014)
  Reapply view quote screen designs (#9905)
  Fix unbound metrics track function (#10016)
  Deobfuscate error message (#10012)
  Add SES lockdown and Sentry to all pages (#10013)
  Remove web3 injection (#9156)
  Initialize network controller provider chainId to the appropriate default networks (#9999)
  Fix Infura network chain IDs (#8629)
  Prevent props error in swaps gas modal (#10001)
  Fix 9906 - Prevent unwanted 'no quotes available' message when going back to build quote screen while having insufficient funds (#9994)
  Fix 9988 - Don't allow more than 15% slippage (#9991)
  Bump highlight.js from 10.4.0 to 10.4.1 (#10004)
  Add timeout to `wait-until-called` (#9996)
  Update transaction params validation (#9992)
2020-12-09 01:40:44 -03:30
Mark Stacey
0b0b91196d Revert "Revert "Add SES lockdown to extension webapp (#9729)""
This reverts commit d783966065.
2020-12-09 01:40:22 -03:30
MetaMask Bot
ec1d5f3424 Version v8.1.7 2020-12-09 01:08:24 -03:30
Mark Stacey
d783966065 Revert "Add SES lockdown to extension webapp (#9729)"
This reverts commit 9f6fa64d67.
2020-12-09 01:00:58 -03:30
Patryk Łucka
e4a77e1dc3
Add hidden tokens to store (#9320)
From a behavioral standpoint this PR fixes the issue with tracking, and persisting, tokens that the user hides. Whether we can/should optimize this to prevent duplicates of the accountHiddenTokens and hiddenToken is a point of contention, but it acts similiarly to how we track tokens and accountTokens. 

Also to note, for tokens under a custom network there is no way to distinguish two different custom network sets of hidden tokens, they are all under the `rpc` property, same as accountTokens.
2020-12-08 12:38:00 -08:00
Erik Marks
3bf94164ac
@metamask/inpage-provider@^8.0.0 (#8640)
* @metamask/inpage-provider@^8.0.0
* Replace public config store with JSON-RPC notifications
* Encapsulate notification permissioning in permissions controller
* Update prefix of certain internal RPC methods and notifications
* Add accounts to getProviderState
* Send accounts with isUnlocked notification (#10007)
* Rename provider streams, notify provider of stream failures (#10006)
2020-12-08 11:48:47 -08:00
Mark Stacey
55e5f5513c
Log persistence errors with Sentry (#10018)
Failures to persist state are now logged in Sentry. Previously they
were only logged to the background console.
2020-12-08 16:17:51 -03:30
Mark Stacey
d13aabde23
Fix SES lockdown on older browsers (#10014)
On older browsers that don't support `globalThis`[1], the SES lockdown
throws an error. The `globalthis` shim has been added to all pages, to
the background process, and to the `contentscript`. This should prevent
the error on older browsers.

[1]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/globalThis#Browser_compatibility
2020-12-08 15:08:31 -03:30
Dan J Miller
da5e5cd8b6
Reapply view quote screen designs (#9905) 2020-12-08 10:47:53 -06:00
Mark Stacey
f75c3c6f68
Fix unbound metrics track function (#10016)
The new metrics controller has a `trackEvent` function that was being
called unbound, so `this` references were undefined. It is now bound
early in both places where it is passed in as a parameter.
2020-12-08 12:40:55 -03:30
Mark Stacey
2bcb219501
Deobfuscate error message (#10012)
The SES lockdown added in #9729 had the effect of obfuscating our error
messages. Any messages printed to the console would have the error
message replaced with the string "Error #" followed by a number. The
stack was also updated to point at `lockdown.cjs`, though the original
stack was preserved beneath the top stack frame.

Marking the `console` API as untamed seems to have fixed both issues.
The original error message is now printed to the console, along with
the original stack.
2020-12-08 07:24:31 +08:00
Mark Stacey
7349801799
Add SES lockdown and Sentry to all pages (#10013)
When the SES lockdown was added in #9729, the lockdown and the Sentry
initialization were migrated from the main bundle into separate
modules, which were run as separate `<script>` tags. These extra tags
were accidentally omitted for `home.html` and `notification.html`. As
a result Sentry was not initialized on these pages, so any errors
thrown on them would not be collected. They also do not benefit from
the SES lockdown.

The SES lockdown and Sentry initialization modules have been added to
both pages where they were missing.
2020-12-07 18:46:03 -03:30
Erik Marks
6795298c65
Remove web3 injection (#9156)
* Remove web3 injection
* Implement logWeb3ShimUsage
2020-12-07 12:09:02 -08:00
Thomas Huang
26272d3557
Initialize network controller provider chainId to the appropriate default networks (#9999) 2020-12-07 11:40:42 -08:00
Erik Marks
4839e31e05
Fix Infura network chain IDs (#8629) 2020-12-07 11:39:39 -08:00
David Walsh
56f80ae9a9
Fix 9988 - Don't allow more than 15% slippage (#9991) 2020-12-07 09:12:55 -06:00
Mark Stacey
231e795143
Merge pull request #10002 from MetaMask/sync-master
Sync `master` with `develop`
2020-12-04 14:33:53 -03:30
Erik Marks
baea1b57fb
Update transaction params validation (#9992)
* Update transaction params validation

* fixup! Update transaction params validation

* Update to/data error message

* fixup! Update to/data error message
2020-12-03 18:15:59 -08:00
MetaMask Bot
9fab240c72 Version v8.1.6 2020-12-03 22:25:08 -03:30
Dan J Miller
1661953e23
Migration to remove legacy local storage keys from localStorage (#9986)
* Migration to remove legacy local storage keys from localStorage

* Update app/scripts/migrations/050.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update app/scripts/migrations/050.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Fix unit tests for migration 50

* Fixing stubbing and localstorage reference in migration 50

* Update test/helper.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-12-03 20:25:23 -03:30
Erik Marks
c515591e7b
Add 48x48 icon (#9993) 2020-12-03 13:14:21 -08:00
Mark Stacey
703a063ad1
Fix metrics error when options are not used (#9985)
Attempts to send metrics would fail when no `options` were used. This
was because when the options parameter was not set, it was often sent
over our RPC connection as `undefined`, which gets serialized to `null`
when the message is converted to JSON. This `null` parameter didn't
trigger the default parameter set in the metametrics controller, as
default parameters are only used for `undefined`.

Instead the `options` parameter is now treated as fully optional, with
no default value set. The optional chaining operator is used to ensure
it won't blow up if it's not set. A fallback of `{}` was used for the
one destructure case as well.
2020-12-03 15:35:11 -03:30
Mark Stacey
52d25f0df8
Fix inflated gas estimates (#9984)
If a `gasPrice` was specified in a transaction sent via a dapp, we
would include it in our `eth_estimateGas` call, causing it to fail if
the user had insufficient balance (for either the transaction amount or
the gas fee). This resulted in the fallback gas estimate being used;
the block gas limit. The block gas limit is quite a bit larger than
most transactions need, so this resulted in wildly inflated gas costs
being shown on our confirmation screen.

The `gasPrice` has been removed from the `txParams` object we pass to
`eth_estimateGas`, so now it won't perform any balance checks anymore.
This ensures that we'll get a valid gas estimate, as long as geth is
able to simulate the contract execution properly.

Fixes #9967
2020-12-03 13:55:42 -03:30
Dan J Miller
97d268c8ee
Remove use of ethgasstation; use metaswap /gasPrices api for gas price estimates (#9867)
* Remove use of ethgassthat; use metaswap /gasPrices api for gas price estimates

* Remove references to ethgasstation

* Pass base to BigNumber constructor in fetchExternalBasicGasEstimates

* Update ui/app/hooks/useTokenTracker.js

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>

* Delete gas price chart

* Remove price chart css import

* Delete additional fee chart code

* Lint fix

* Delete more code no longer used after ethgasstation removal

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2020-12-02 19:55:19 -03:30
Brad Decker
0653a489b0
add new MetaMetricsController (#9857) 2020-12-02 15:41:30 -06:00
David Walsh
673371d013
Fix #9872 - Show price difference warning on swaps price quote (#9899) 2020-12-02 15:27:45 -06:00
Erik Marks
5fb2e544d4
Add __isMetaMaskShim__ property to injected web3 (#9972) 2020-12-02 12:35:45 -08:00
Erik Marks
1da9ad77a4
json-rpc-engine@6.1.0 (#9922) 2020-12-02 11:41:24 -08:00
Erik Marks
c3eb272af9
Use method middleware for watchAsset (#9943)
* Use method middleware for watchAsset
* Update validation error messages
* Make addSuggestedERC20Asset private
* Remove redundant check in _handleWatchAssetERC20
2020-12-02 08:49:49 -08:00
Erik Marks
9d4b8a4903
@metamask/contract-metadata (#9968) 2020-12-01 14:55:01 -08:00