The PhishingController has been updated to v2. This release should
dramatically reduce network traffic and double the update speed of the
phishing list.
This was accomplished by combining both of our phishing configurations
into one list (the "stalelist"), then creating a separate list of the
changes just the past few days (the "hotlist"). Now users will download
a smaller list more frequently (every 30 minutes rather than every
hour), whereas the full list is only updated every 4 days.
The combined configuration means that we no longer know which list was
responsible for each block. The phishing warning page has been updated
to dynamically look this information up, to ensure users are still
directed to the correct place to dispute a block. This update to the
phishing warning page also includes the recent redesign.
* feat: add desktop enable button component
This component will be added
to the experimental page. Users
will then be able to initialize
a desktop connection
* feat: add desktop pairing page
* feat: add desktop deep-linking shared lib
* test: add initial entries to render helper
Allow specifying initialEntries for
MemoryRouter. This change will allow
testing pages that use the useParam
hook.
* feat: add desktop error page
Error page for any desktop pairing
related issue
* feat: add desktop routes to route component
* feat: add enable desktop button to experimental tab
* feat: add desktop icon when paired in dev mode
* feat: disable ledger live control when desktop enabled
* feat: register desktop error actions on ui init
* fix: add missing code fencing
* chore: remove enable desktop rpc middleware
Now that we are adding the UI
there's no need for this rpc middleware
(as it was used to test desktop background
code)
* fix: display experimental tab for desktop
The network controller has a variety of methods that just retrieve
controller state. These methods are not necessary because controller
state is already part of the public API of the controller and can be
accessed directly.
These methods are:
- getCurrentChainId
- getCurrentRpcUrl
- getNetworkIdentifier
- getNetworkState
- getProviderConfig
- isNetworkLoading
This is part of a larger effort to normalize the API of both network
controllers, to make them easier to merge.
Use DesktopManager in background script to redirect internal and external connections to the desktop app.
Include DesktopController in the MetaMask controller.
Support desktop keyrings in MetaMask controller via the overrides object.
Create middleware handler to connect to the desktop app while UI code is pending.
Add build system support for desktop specific configuration variables.
The network controller has some tests, but they are incomplete and don't
follow our latest best practices for writing unit tests.
This commit greatly increases the amount of test coverage for the API
that we want to retain in NetworkController, in particular the seemingly
myriad paths that the code takes starting from `initializeProvider`,
`resetConnection`, `setRpcTarget`, `setProviderType`,
`rollbackToPreviousProvider`, and `lookupNetwork`.
There were a couple of pieces of logic I noted which don't seem to have
any effect due to being redundant or unreachable, but they also don't
make our lives more difficult, either, so I opted to leave them in.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Zachary Belford <belfordz66@gmail.com>
* detect and track ui customizations on personal sign requests
* add feature flag check to metrics
* clean up comments
* get data only if it exists
* updated with PR feedback
* moved constants
* lint
* Apply suggestions from code review
Co-authored-by: Ariella Vu <20778143+digiwand@users.noreply.github.com>
---------
Co-authored-by: Ariella Vu <20778143+digiwand@users.noreply.github.com>
This package has been updated to reduce the bundle size (we already use
the v4 version indirectly). The only breaking change applicable to the
usage of this package in the extension is to the package's exports. The
one import line has been updated accordingly.
This update comes with types (v3 was the TypeScript migration).
* Added translation for eth sign toggle
* Disabled the ability to call eth_sign by default. Added ability within advanced settings to renable support for eth_sign
* Add test case for eth_sign being enabled and disabled
* Modified copy
* Moved rpc method preference to its own object within store
* Complete work on moving rpc method preference into its own object within store
* Fix with prettier
* Fix lint
* Fix a unit test
* Fix test
* Renamed function and object keys to be more intuitive
* Fix e2e test
* Enabled eth_sign through preferences fixture
* Fix lint
* Fix e2e test
Wait for the notification popup to close, leaving 2 window handles the extension and the test dapp
* Fix e2e test
* Fix unit test
Enable eth_sign method
* Lint fix
---------
Co-authored-by: PeterYinusa <peter.yinusa@consensys.net>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Any methods in the Ethereum JSON-RPC spec are now included in our
network client tests. These tests were skipped previously because they
are not supported by Infura.
Closes#16938
* Adding browser outdated notification
* updating dependency
* adding unit tests for util function
* adding unit tests for selectors, lintfix
* Added Tests, refactored notification delay logic
* lint:fix
* adding test coverage for method parameter
* Update app/scripts/controllers/app-state.js
adding documentation details
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* moving declaration into test
* Update app/scripts/controllers/app-state.test.js
spacing in test file
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Update jest.config.js
removing duplicate entries
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* using async submitRequestToBackground method
* removing unused import
* removing unnecessary link syntax in notification
* adding opera and edge and associated tests
* handling the undefined case in bowser.satisfies
* setOutdatedBrowserWarningLastShown try/catch
* lint:fix
* Removing try/catch and letting errors bubble up
Removing deprecated displayWarning method
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* taking out forceMetamaskUpdateState call
* excludint app-state test from mocha test suite
* Added note: Jest files should match Mocha excluded
* syntax error, lint:fix
---------
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Co-authored-by: Pedro Figueiredo <pedro.figueiredo@consensys.net>
Co-authored-by: brad-decker <bhdecker84@gmail.com>
* Add tests for `retryOnEmpty` middleware
Tests have been added for the `retryOnEmpty` middleware.
This middleware is only used on the Infura network client, so the tests
that demonstrate this retry behavior are only enabled for the `infura`
provider type.
Most of the tests added were to cover cases where the retry middleware
is skipped, so they were applicable for both provider types.
Closes#17004
* Improve readability of block number tests
The test cases for passing a block number parameter have been made more
readable. Specifically, a comment has been added each time params are
built to call attention to the block parameter and what value it has,
so that it's clear whether it's larger or smaller than the current
block number.
Additionally the blocks for "less than the current block number" and
"equal to the current block number" have been combined using
`describe.each`.
Tests have been added to ensure that our middleware will not return a
cached response to a request with unique parameters. Each parameter
supported by each method is tested independently.
Closes#17003
* Put hardware wallets behind an HARDWARE_WALLETS_MV3 flag
Disable Hardware connect buttons if the flag is set.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
update to metamask/eth-keyring-controller
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
revert to eth-keyring-controller v8
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
LAvamost after rebase
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
lock file.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Added toaster for removed NFTs (#17297)
* added notification for remove nfts
* reverted names for tabs
* updated default key
* updated snapshot
* updated remove nft toast to danger
Setup network controller mocks per-test (#17250)
The network controller unit test network mocks are now setup for each
test. This makes modifying network behavior on a per-test basis easier,
and makes it more clear which test relies upon which mocks.
Security provider check (OpenSea) (#16584)
chore: copy update for metamask fee on swaps (#17133)
* linter fix
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* setLedgerTransportPreference in the metamask-controller should not be called, or should return immediately, if canUseHardwareWallets() is false
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Co-authored-by: Jyoti Puri <jyotipuri@gmail.com>
Support has been restored for Chromium v78. Previously the extension
would crash upon startup.
The main incompatibility was the use of ES2020 operators (the optional
chain and nullish coalesce operators) in the libraries
`@ethereumjs/util` and `superstruct`. This was resolved by transpiling
those libraries.
After fixing that, the extension no longer crashed but the UI refused
to connect. This was because the UI process was not being identified as
an internal process, because the code responsible for checking that was
relying on the `origin` property of `MessageSender` [1] which wasn't
added until Chromium v80. The check has been updated to use the `url`
property instead, which existed in older versions of Chrome.
Lastly, the content security policy was updated to include the default
content security policy alongside the intended modification. Newer
versions of Chrome will merge the configired CSP with the default, but
older versions required it to be explicitly specified. This should not
result in any functional change.
[1]: https://developer.chrome.com/docs/extensions/reference/runtime/#type-MessageSender
The network controller unit test network mocks are now setup for each
test. This makes modifying network behavior on a per-test basis easier,
and makes it more clear which test relies upon which mocks.
* Persist phishing state controller state.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
update phishing controller to latest version
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Rebase, Yarn3, Lavamoat
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
run allow-scrips.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
lavamoat:auto and linter
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
The network controller is now constructed within each network
controller unit test, rather than in the `beforeEach`. This allows us
to customize the constructor options in each test, which some planned
future tests will require.
The controller is constructed with a helper function that also handles
calling `destroy` after each test, even if the test failed. This helps
to prevent tests from affecting each other.
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
This test was testing a function that was only present in the test
module.
The function under test was mistakenly moved here when it was
discovered that it wasn't being used elsewhere, under the assumption
that it was used in these tests. I hadn't realized it was being tested
directly.
The network controller unit tests now use network mocks rather than
mocking controller methods.
This makes the tests less brittle, as they will no longer break when
internal changes to the `_getLatestBlock` method are made.
* Ensure that account tracker does not set balances incorrectly when useMultiAccountBalanceChecker is false
* Lint fix
* Fix account setting in _updateAccount in useMultiAccountBalanceChecker === true case
* Fix _updateAccount
* Add unit tests
The network controller unit tests have been updated to wait until the
network controller is fully initialized before proceeding. This ensures
that the initialization doesn't have any side-effects that affect later
tests.
The NetworkController `destroy` method has been updated to ensure that
it no longer throws if called before initialization.
This method was added recently in #17032, but we forgot to handle the
case where the controller was not initialized.
The `initializeProvider` parameters were removed recently in #16863,
but they were still being set in tests. They have now been removed.
An unused property was also being set in the tests, which has now also
been removed.
The "MetaMask middleware" is the set of middleware for handling methods that
we don't send to the network. This includes signing, encryption, `getAccounts`,
and methods that rely on pending transaction state.
Previously this middleware was setup as part of the network client, despite
having nothing to do with the network. They have been moved into the main RPC
pipeline established in `metamask-controller.js` instead.
This is a pure refactor, and should have no functional changes. The middleware
are still run in exactly the same order with the same arguments.
Previously we had written tests for `createInfuraClient`, which creates a middleware stack designed to connect to an Infura provider. These tests exercise various RPC methods that relate to the behavior that the middleware provides (mainly around caching).
Now we need to write the same tests but for `createJsonRpcClient`, which creates a middleware stack designed to connect to a non-Infura RPC endpoint. To do this, we had to:
- Consolidate the tests for both types of RPC client into a single test file.
- Add conditions around tests or assertions in tests to account for differences in behavior between the two sets of middleware stacks.
- Relocate code in `createJsonRpcClient` which slows down `eth_estimateGas` calls just for tests so that this behavior can be disabled in the network client tests.
Eventually, as we unify the network controllers in this repo and in the core repo, we will move these tests into the core repo.
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
Our middleware for handling subscription and filter-related methods (`eth-json-rpc-filters`) currently lives in our RPC pipeline ahead of the network stack. This commit moves this middleware to the network client middleware instead. There are two reasons for this change. First, this middleware wraps RPC methods that are supported by the network. Second, it is necessary for this middleware to live with the network client so that it will aid us in unifying the NetworkController in this repo and the NetworkController in the `controllers` repo.
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
The network controller module has been renamed from `network.js` to
`network-controller.js`. All of our newer controllers have "controller"
in the module names, so this aligns better with that convention. It
also brings the test module name into alignment (it's already called
"network-controller.test.js").
* Make `initializeProvider` and `lookupNetwork` async
These two methods were "synchronous" previously, but initiated an
asynchronous operation. They have both been made `async` to bring them
more in-line with the mobile controller API, and to make them easier
to test.
This should include zero functional changes. These methods are still
being invoked without an `await`, to preserve the same behaviour they
had previously.
This relates to https://github.com/MetaMask/controllers/issues/971
* Move 'net_version' query to private function
* Fix error made when resolving conflicts
* Refactor to improve readability
This commit affects the network client tests, which were added in a
previous PR to test the behavior of `createInfuraClient`, a function
called that sets up a portion of the middleware stack in the JSON-RPC
layer.
An `if` statement appears in the tests which limits the execution of
certain tests. However, this seems to have been added for debugging
purposes and is not actually needed.
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
Five network controller methods have been renamed to start with an
underscore:
* `getLatestBlock`
* `setNetworkState`
* `setNetworkEIPSupport`
* `clearNetworkDetails`
* `setProviderConfig`
All of these methods were used solely within the network controller.
The leading underscore now documents these methods as being private.
A few tests required updates as well because they were stubbing out one
of these methods.
This should include zero functional changes.
This relates to https://github.com/MetaMask/controllers/issues/971
The network state is now passed to the TransactionController via a
getter function and a subscription function, instead of passing one of
the network controller stores directly.
This way of passing the state makes further refactoring easier, as we
don't have to change the input when the store is changed or replaced.
It's also more aligned with our conventions today.
This change was made as part of a larger refactor of the network
controller, as part of the effort to merge the mobile and extension
network controllers.
The network controller method `setProviderType` was marked as `async`
despite doing nothing async internally. The `async` has been dropped.
This should have zero functional impact.
This relates to https://github.com/MetaMask/controllers/issues/971
The network controller `setInfuraProjectId` method has been deleted.
The Infura project ID is only ever set upon construction, so it is now
passed in as a constructor parameter instead.
Rather than adding this as a second parameter, the network controller
now uses an "options bag" for constructor parameters. The initial state
was the first parameter, but it's now passed in as the `state` option
instead.
These changes make the API more similar to the mobile network
controller API.
This should have zero functional changes.
This relates to https://github.com/MetaMask/controllers/issues/971
Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
* Fix shared mocks in RPC network client test
Some of the provider api unit tests were inadvertently sharing test
mocks. A `params` object used for mock RPC calls was being shared
between tests and between calls within individual tests. They have been
updated to generate a fresh `params` object for each mock RPC call.
* Explicitly set blockParam to undefined
* dapp: handle ext unloaded or reloaded error
* dapp: handle ext unloaded or reloaded error pt. 2
- use const
- mention case is unsupported in Firefox
Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
* Migrate to new controller packages
`@metamask/controllers` is deprecated, and most of the controllers that
lived here are now located in their own package ([1]). This commit
replaces `@metamask/controllers` in `package.json` with references to
these packages and updates `import` lines to match.
[1]: https://github.com/MetaMask/controllers/pull/831
* Support GitHub registry for draft PRs (#16549)
* Add additional allowed host to lockfile linter
* Update LavaMoat policies
* Add policy exception for nanoid
* Add additional nanoid overrides
* Update LavaMoat policies again
* Bump controller packages
* Update lavamoat
* Bump controller packages
* Update packages to v1.0.0
* Expand gitignore comment
* Unpin controller dependencies, using ^ range instead
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Simplify MV3 initialization
The MV3 initialization logic was complicated and introduced race
difficult-to-reproduce race conditions when dapps connect during
initialization.
It seems that problems were encountered after the UI tried to connect
before the background was initialized. To address this, the
initialization step was _delayed_ until after the first connection.
That first connection was then passed into the initialization function,
and setup properly after initialization had begun.
However, this special treatment is only given for the first connection.
Subsequent connections that still occur during initialization would
fail. This also results in the initialization being needlessly delayed,
which is concerning given that our main performance goal is to speed it
up.
* Setup connect listeners before controller initialization
* Add comments
* Add comment explaining isInitialized step
* Add all controllers in memstore to store
Add methods to controller to reset memstore
Reset memstore when popup or tab is closed.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* When profile is loaded, set isFirstTime to true..
After resetting the controllers, set the flag to false.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove console.logs
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* For some reason programmatically computing the store is not working.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Proper check for browser.storage
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* do a list of rest methods instead of reset controllers.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Mock controller resetStates and localstore get/set
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Comments about TLC
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* bind this.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* use globalThis instead of locastore to store first time state.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Test to check that resetStates is not called a second time
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Set init state in GasFeeController and other controllers so that their
state is persisted accross SW restarts
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Revert localstore changes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* wrap the reset states changes in MV3 flag
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove localstore from metamask-controller
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Always reset state on MMController start in MV2.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Use relative path for import of isManifestV3
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix unit test
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add beta home banner to home screen
* Move the beta home notification to the app-header
* Updates to formatting
* Add beta home banner to home screen
* Move the beta home notification to the app-header
* Updates to formatting
* Update ui/components/app/app-header/index.scss
Co-authored-by: George Marshall <george.marshall@consensys.net>
* Update ui/components/app/app-header/index.scss
Co-authored-by: George Marshall <george.marshall@consensys.net>
* Update ui/components/app/app-header/index.scss
Co-authored-by: George Marshall <george.marshall@consensys.net>
* Move banner to top of page
* Move to own folder, update styles
* Swith to BOX component
* Address feedback
* Add tests
* Update name of component
* Fix tests
* Fix proptype errors
* Fixups
* Remove unrelated changes
* Remove unwanted string changes
* Update beta component name and text
* Update mock data
Co-authored-by: George Marshall <george.marshall@consensys.net>
The controllers package has been updated to v33. The only breaking
change in this release was to rename the term "collectible" to "NFT"
wherever it appeared in the API.
Changes in this PR have been kept minimal; additional renaming can be
done in separate PRs. This PR only updates the controller names,
controller state, controller methods, and any direct references to
these things. NFTs are still called "collectibles" in most places.
* Call onbootcleanup at the end of the tx controller constructor
* Update app/scripts/controllers/transactions/index.js
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
* Show error message if service worker did not load (respond to the UI)
after 1 minute.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove console.log
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* New Error message design
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Use lastTimeStamp instead of keeping track of message ids
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Do not initial channe every second.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* New logic to check if SW is stuck
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
The metric event for provider methods has been increased from 1 minute
to 5 minutes. This will reduce the event rate, ensuring a maximum of
one event is tracked for each method call every five minutes.
* Remove 3box feature and delete ThreeBoxController
Lint locale messages
lavamoat policy updates
* Restore 3Box user trait with value `false`
The 3Box user trait has been restored and hard-coded as `false`. This
ensures that users don't get stuck in our metrics as having this trait.
A deprecation comment has been left in various places for this trait.
* Remove unused state
* Remove additional 3box-related things
* Run `yarn-deduplicate`
* Restore migration that was lost while rebasing
* Remove obsolete override
* Remove additional unused resolutions/dependencies
* Update LavaMoat policies
* Remove obsolete security advisory ignore entries
* Remove 3Box fixture builder method
* Update unit tests
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Enable "Add Popular Network" feature by default
* Fixing e2e tests
* Attempt to fix e2e tests
* Revert "Attempt to fix e2e tests"
This reverts commit d88e8944b8df8f7c3075753f8d8b3480439f8e30.
* Get e2e tests passing
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
* Updating controller dependency
* fix
* fix
* fix
* fix
* fixes
* Lavamoat auto
* Update URLs for phishing detection testcase
* update lavamoat files
* call phishingController.test synchronously again
* bump @metamask/controllers to v32.0.1
* lint
* update policy files
* bump controllers version again
* modify update phishing list strategy
* revert back to use isOutOfDate, but without blocking substream
* possible way to fix e2e tests?
* enable testing
* Remove promise return from setupController in background.js, as it is no longer used
* Ensure updatePhishingLists is called in MM contrller constructer, so that phishing lists are updated right away
Co-authored-by: seaona <mariona@gmx.es>
Co-authored-by: Alex <adonesky@gmail.com>
Co-authored-by: Dan Miller <danjm.com@gmail.com>
This update includes fixes for our `block-ref` and `retry-on-empty`
middleware.
The `block-ref` middleware resolves the block reference `latest` to a
specific block number, the latest one we are aware of. This is meant to
protect against situations where the network gives inconsistent answers
for what the latest block number is due to some nodes being out-of-sync
with each other (this was a frequent problem years ago with Infura).
It was broken in that the `latest` resolution was failing, and we were
submitting an additional redundant request to Infura for each request.
The `retry-on-empty` middleware is meant to retry certain methods
when they return an empty response. This was also meant to deal with
network synchronization issues that were more common years ago. This
middleware works by making a "child" request over and over until either
a retry limit is reached, or a non-empty response is received.
It was broken in that the final response recieved was thrown away, so
it's as though the middleware was not used. Except that it did result
in additional redundant network requests.
As a result of this update we should see that the extension is more
resilient to certain network synchronization issues. But this is
difficult to test, and these issues may not happen in production
anymore today.
We should see a reduction in requests to Infura as well. This should
be easier to test.
* snaps-skunkworks@0.22.0
* Update LavaMoat policies
* Bump execution environment and fix a breaking change
* Fix caveat and permissions
* Fix test
* Exclude keyring endowment for now
* Fix test
* Fix snap_confirm missing title
Add tests for the `block-tracker-inspector` middleware — which makes
sure that the block tracker never has a reference to the latest block
which is less than a block number that shows up in an RPC method's
response — and the Infura middleware — which takes care of sending the
request to Infura, and will retry the request up to 5 times if Infura
sends back a certain type of error.
Note that the `retry-on-empty` middleware is not tested because it
currently has a [bug][1] which is making it ineffective.
[1]: https://github.com/MetaMask/eth-json-rpc-middleware/issues/139
* refactor backup controller to return the data to be backed up
and do the actual backup in the UI.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move export-utils to ui/helpers as it's only used in the UI now.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* use context to call event tracker.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Don't make backup function inline.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Deprecating Rinkeby, setting default debug network to Goerli
* Deprecating Ropsten and Kovan
* Conflict fix
* Remove unused localization, test fixes
* Add migration for moving used deprecated testnets to custom networks
* Fix migrator test
* Add more unit tests
* Migration updates provider type to rpc if deprecated network is selected
* Migration fully and correctly updates the provider if selected network is a deprecated testnet
* Continue to show deprecation warning on each of rinkeby, ropsten and kovan
* Add rpcUrl deprecation message to loading screen
* Removing mayBeFauceting prop
Co-authored-by: Dan Miller <danjm.com@gmail.com>
Refactor code and add unit tests for blocklist
Add small fix for undefined
Update property names
Structural refactoring
Refactor and improve unit tests
Add comment that explains part of snaps blocking logic
Refactor blocklist utility
Environment variables are now considered as higher-precedence than
configuration by our build system. This means that if the same value is
set in `.metamaskrc` and in an environment variable, the environment
variable is what will be used. Previously the reverse was true, the
configuration would take precedence.
It is conventional for CLI tools to consider environment variables as
higher precedence than configuration. This makes our build system less
surprising for most people.
We are working on migrating the extension to a unified network
controller, but before we do so we want to extract some of the existing
pieces, specifically `createInfuraClient` and `createJsonRpcClient`,
which provide the majority of the behavior exhibited within the provider
API that the existing NetworkController exposes. This necessitates that
we understand and test that behavior as a whole.
With that in mind, this commit starts with the Infura-specific network
client and adds some initial functional tests for `createInfuraClient`,
specifically covering three pieces of middleware provided by
`eth-json-rpc-middleware`: `createNetworkAndChainIdMiddleware`,
`createBlockCacheMiddleware`, and `createBlockRefMiddleware`.
These tests exercise logic that originate from multiple different places
and combine in sometimes surprising ways, and as a result, understanding
the nature of the tests can be tricky. I've tried to explain the logic
(both of the implementation and the tests) via comments. Additionally,
debugging why a certain test is failing is not the most fun thing in the
world, so to aid with this, I've added some logging to the underlying
packages used when a request passes through the middleware stack.
Because some middleware change the request being made, or make new
requests altogether, this greatly helps to peel back the curtain, as
failures from Nock do not supply much meaningful information on their
own. This logging is disabled by default, but can be activated by
setting `DEBUG=metamask:*,eth-query DEBUG_COLORS=1` alongside the `jest`
command.
We use this logging by bumping `eth-block-tracker`, and
`eth-json-rpc-middleware`.
* Update `eth-json-rpc-infura`
The package `eth-json-rpc-infura@5` has been updated to
`@metamask/eth-json-rpc-infura@7`. This update includes TypeScript
support, and it drops support for older node.js versions. The exports
have also been changed from default to named exports.
See here for a full list of changes: https://github.com/MetaMask/eth-json-rpc-infura/blob/main/CHANGELOG.md#700
* Fix LavaMoat policy issue
The `web3` package used by `@metamask/controllers` unintentionally
overwrites the `XMLHttpRequest` global, which breaks things. This was
fixed by revoking `web3`'s write access to that global using a policy
override.
Previously this policy override was applied to `web3`, but for some
unknown reason, this update caused that override to no longer apply.
* using the aggregators from tokenList instead of detectedToken to avoid conflicts between static and dynamic list
* removing aggregator from the detectTokens object List
A patch made in #15672 was found to be unnecessary. Instead of setting
a `rootGlobals` object upon construction of the root compartment, we
are now creating a `sentryHooks` object in the initial top-level
compartment. I hadn't realized at the time that the root compartment
would inherit all properties of the initial compartment `globalThis`.
This accomplishes the same goals as #15672 except without needing a
patch.
The Sentry `Dedupe` integration has been filtering out our events, even
when they were never sent due to our `beforeSend` handler. It was
wrongly identifying them as duplicates because it has no knowledge of
`beforeSend` or whether they were actually sent or not.
To resolve this, the filtering we were doing in `beforeSend` has been
moved to a Sentry integration. This integration is installed ahead of
the `Dedupe` integration, so `Dedupe` should never find out about any
events that we filter out, and thus will never consider them as sent
when they were not.
Our Sentry setup relies upon application state, but it wasn't able to
access it in LavaMoat builds because it's running in a separate
Compartment.
A patch has been introduced to the LavaMoat runtime to allow the root
Compartment to mutate the `rootGlobals` object, which is accessible
from outside the compartment as well. This lets us expose application
state to our Sentry integration.
* addding the legacy tokenlist, tuning token detection OFF by default, adding new message while importing tokens
updating the controller version and calling detectNewToken on network change
fixing rebase error
Run yarn lavamoat:auto for updating policies
updating lavamoat
Deleted node modules and run again lavamoat auto
fixing rebase issues
updating lavamoat policies
updating lavamoat after rebasing
policies
updating custom token warning and blocking detectedtoken link when tpken detection is off for supported networks
to update the token in fetchTosync
updating the contract map object
Revert build-system lavamoat policy changes
Move token list selection logic from components to getTokenList selector
updating the tokenList
Update lavamoat
Fix error
updating lavamoat
lint fix
fix unit test fail
fix unit test fail
lint fix
fixing rebase locale error
rebase fix
Revert build-system policy changes
temp
addressing review comments
* rebase fix
* Backup user data
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Tests for prependZero (utils.js)
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix advancedtab test
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
backup controller tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Backup controller don't have a store.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Restore from file.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Advanced Tab tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fix
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
e2e tests for backup
unit tests for restore.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix comments on PR.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
restore style
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
We should move the exportAsFile to a utility file in the shared/ directory
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move export as file to shared folder
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Refactor create download folder methods
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move the backup/restore buttons closer to 3box
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Change descriptions
Add to search
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
refactor code to use if instead of &&
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Restore button should change cursor to pointer.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix restore not uploading same file twice.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not backup these items in preferences
identities
lostIdentities
selectedAddress
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Only update what is needed.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fixed test for search
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* remove txError as it currently does nothing.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove dispatch, not needed since we're not dispatching any actions.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Event should be title case.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Make backup/restore normal async functions
rename event as per product suggestion.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Use success Actionable message for success message and danger for error
message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* change event name to match with backup
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* fix e2e
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Two comments have been added to reference a longer explanation of what
the legacy provider streams are, why we still have them, and why we
want to remove them.
* Fix "app-init" injection
The way we were injecting variables into the `app-init.js` bundle was
accidentally overwriting the bundle output with the raw `app-init.js`
source file. This is a problem because the bundling process handles a
lot of things we care about like source maps, polyfills and other
necessary Babel transformations, environment variable injection, and
minification.
Instead of using string replacement to inject variables, we are now
using environment variables. The old string replacement strategy has
been removed, and the `app-init.js` module is now generated using the
same process as our other bundles.
A new option, "extraEnvironmentVariables", was added to allow us to
inject environment variables specifically for this bundle.
* Add check to ensure APPLY_LAVAMOAT is set
* Stop throwing an error when adding gas defaults for a simple send, that has data, to an address without a response code
* Lint fix
* fixup lint
Co-authored-by: brad-decker <bhdecker84@gmail.com>
* remove decentralized 4byte function signature registry since it is griefed and we can't algorithmically check for best option when 4byte is down
* add migration
* remove nock of on chain registry call in getMethodDataAsync test
* Don't send errors to sentry if users have not opted-in to participate in metametrics
* Don't capture opt-out metrics
* Move the metrics-opt in screen to immediately after the welcome screen
* Ensure that global.getSentryState is set in the background
* Fix e2e tests after rearranging onboardin flow
* Fix unit tests
* More e2e test fixes
* Remove unnecessary wrappers around capture exception
* Ensure that editing a transaction from a transfer to a simple send properly resets data and updates type
* Handle case where there are no unapproved txes
* Improve comment in updateSendAsset
* Remove unnecessary code in send transaction edit function
* Fix
* Ensure hex data is properly reset when changing from a safe transfer from tx to native send
* set more appropriate default for ticker symbol when wallet_addEthereumChain is called
* throw error to dapp when site suggests network with same chainId but different ticker symbol from already added network, instead of showing error and disabled notification to user
Renames the `MetaMaskController.workerController` property to `snapExecutionService`, which better matches the naming scheme used throughout the Snaps codebase. No functional changes.
* Increase likelyhood of valid method signatures being returned by getMethodData
* Update coverage
* Update coverage
* Update coverage
* add a migration to clear knownMethodData
* Small typo changes
Co-authored-by: Alex <adonesky@gmail.com>
* Only have timeout for when payload is getState
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix test
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* we should not call normalize if we're failing the transaction
refactor out update history
we should fail if un update we get an error and the warning message is
error submitting.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* refactor _setTransactionStatus
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* add function to check if url is localhost
* allow localhost rpcUrls in `wallet_addEthereumChain`
* allow localhost blockExplorerUrls
* wrap new URL in try/catch
* Return an estimated amount for a completed swap if an RPC provider has a delay
* Create a recursive function for updating post tx balance
* Add a few tests for the "getSwapsTokensReceivedFromTxMeta" fn
* Trigger Build
* When background port closes, UI should display a user friendly error.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove console.log
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
A couple of fixes
1. Use timeout in metaRPCClientFactory to check if UI can't
communicate with bg
2. Refactor locale setup
3. Fixed wording/capitalization
4. Fix locales usage so that linting works
5. Refactor CSS
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
do not simulate errorwq
Refactor loading css
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove the onDisconnect event handler in ui as this is handled in
metarpcclientfactory
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not throw in bg
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix PR comments
Remove unused message 'failedToLoadMessage'
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move usage of locales to shared/** so that linter can see it.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not simulate error.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
metarpc can handle multiple requests, responseHandled should be a map.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
reload metamask button on critical error
Use metamask state (if available) to the locale, else read locale files
manually.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
use constant and numeric separator
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
refactor error utils
remove error simulation
Memoize setupLocale function
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
test cases
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not simulate error
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
1. store should be metamask state
2. code refactorings.
Tests: mock setupLocale
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Mock fetchLocale instead
Test setup locale
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
UI/CSS changes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not simulate failure
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* spell MetaMask correctly
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Rename state to mockStore
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* we should clean up this.responseHandled[id] in the error case.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fixed PR comments.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* clean up response handled.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* origin/develop: (131 commits)
Update `protobufjs` and remove obsolete advisory exclusion (#14841)
Include snap version in pill (#14803)
Update PULL_REQUEST_TEMPLATE.md (#14790)
fix: keystone transaction qrcode has no white spacing (#14798)
Snap notifications integration (#14605)
Upgrade @metamask/eth-ledger-bridge-keyring (#14799)
snaps-skunkworks@0.15.0 (#14772)
Fix proptype errors in network dropdown, tx list item details, and account details modal tests (#14747)
Ensure transaction type is correctly updated on edit (#14721)
Add fiat onboarding for AVAX and MATIC through Wyre (#14683)
Bump @metamask/contract-metadata from 1.33.0 to 1.35.0 (#14791)
Slight cleanup of constants/transactions, useTransactionDisplayData, and TransactionIcon (#14784)
Migrate the "estimateGas" API call to "getFees" for STX (#14767)
Ignore advisory GHSA-wm7h-9275-46v2 (#14789)
Adding flag for MV3 (#14762)
Add types to send state (#14740)
Remove site origin on snap install (#14752)
Update design tokens library from 1.5 to 1.6 WIP (#14732)
Enables the "Safe Transaction From" copy for safeTransferFrom transactions (#14769)
remove draft transaction (#14701)
...
* origin/master: (101 commits)
Updating changelog
Add token standard to custom token details (#14506)
Revert "Dark Mode: What's New Announcement (#14346)"
Ensure network name in confirm page container is defined (#14520)
Updating lavamoat policies
Fix the alerts toggles in settings (#14498)
Disable swaps whenever the environment is not development or testing, so that behaviour follows production for QA purposes (#14499)
[skip e2e] Updating changelog for v10.14.0 (#14487)
Version v10.14.0
Docs - segment metrics (#14435)
Add snaps view search (#14419)
Run main, flask and beta in sequence in generate-lavamoat-policies.sh (#14470)
Modify import SRP page (#14425)
Dark Mode: Implement Metrics (#14455)
HoldToRevealButton component (#13785)
e2e test import json file as import account strategy (#14449)
MetaMetrics: Identify 'number_of_tokens' user trait (#14427)
MetaMetrics: Identify 'nft_autodetection_enabled' & 'opensea_api_enabled' (#14367)
Swaps: Sort "token_from" dropdown tokens by their fiat value first and "token_to" by top tokens (#14436)
Update segment instantiation check. Only check if SEGMENT_WRITE_KEY exists (#14407)
...
* updated state on edit
* Update transaction type in updateEditableParams method instead of in the send duck
* Fix unit test
* Fix unit tests
* Fix and improve unit tests
Co-authored-by: dragana8 <dragana.simic@consensys.net>
The phishing warning page URL environment variable has been renamed
from `PHISHING_PAGE_URL` to `PHISHING_WARNING_PAGE_URL`. We call this
page the "phishing warning page" everywhere else, and this name seemed
better suited (it's not a phishing page itself).
The variable has been listed and documented in `.metamaskrc.dist` as
well.
An externally hosted phishing warning page is now used rather than the
built-in phishing warning page.The phishing page warning URL is set via
configuration file or environment variable. The default URL is either
the expected production URL or `http://localhost:9999/` for e2e testing
environments.
The new external phishing page includes a design change when it is
loaded within an iframe. In that case it now shows a condensed message,
and prompts the user to open the full warning page in a new tab to see
more details or bypass the warning. This is to prevent a clickjacking
attack from safelisting a site without user consent.
The new external phishing page also includes a simple caching service
worker to ensure it continues to work offline (or if our hosting goes
offline), as long as the user has successfully loaded the page at least
once. We also load the page temporarily during the extension startup
process to trigger the service worker installation.
The old phishing page and all related lines have been removed. The
property `web_accessible_resources` has also been removed from the
manifest. The only entry apart from the phishing page was `inpage.js`,
and we don't need that to be web accessible anymore because we inject
the script inline into each page rather than loading the file directly.
New e2e tests have been added to cover more phishing warning page
functionality, including the "safelist" action and the "iframe" case.
* Update version parsing to allow rollback release
When we want to rollback a release on Chrome, sometimes we use the
fourth part of the version for the rollback release. This is because
the Chrome web stores does not directly allow rolling back, but instead
requires us to re-submit the release we want to roll back to with a
higher version number.
The manifest version parsing now allows for a fourth version part.
The comments have also been updated to be more descriptive, and to fix
a minor inaccuracy.
* Fix typo in comment
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: David Walsh <davidwalsh83@gmail.com>