* deprecate extensionizer for webextension-polyfill
* fix tests
* remove extensionizer
* fix browser windows api calls
* fix broken on firefox
* fix getAcceptLanguages call
* update more browser apis that are now promisified
* remove unnecessary console error ignoring in e2e tests
* fix issue where we show contract address as recipient when calling safe transfer method on erc721 or erc1155 contracts
* updates function name getTransactionData -> parseStandardTokenTransactionData, and adds documentation
* Initial native notification implementation
* Simplify implementation
* Implementation based on RateLimitController
* Update controllers package
* Add notification to permission list
* Wire up correctly
* Remove snap_notify from the exclusion list
* Added more info for EIP-712 schema errors
* Changed EthereumProviderError to EthereumRpcError
* Fixed error code to not be hardcoded for signTypedData
* Changed registryUrl for snaps only in firefox
Fixed getPlatform to only be imported into metamask-controller in flask
Removed snaps specific testrunner script and use run-all with a cli option
* Fixed flakey tests
* Removed unneeded await
* Added delay
* Fixed linting
* Draft methods to brak updateTransaction into smaller more targeted
methods.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* This is a combination of 52 commits.
normalize and validate tx params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Method to normalize tx and check if it's unapproved.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move the methods to controllers/transactions/index.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Flesh out the methods to update transaction with custom notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Test update gas fees
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
use lodash to remove undefined properties
update swap transaction tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Updates transaction user settings.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Add Update Transaction Metrics
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update transaction gas fees actions.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update EIP 1559 Params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Documentations.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove metrics from this PR
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes: Removed unused variables
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update swap approval transaction
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
1. updateSwapApprovalTransaction should have id as first parameter
2. updateSwapApprovalTransaction should not show loading indicator
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
update swap transaction.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove metrics code.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Add updateTransactionParams to actions.js updateXXX and return txData at
the end of updateXXX method
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix swapApprovalTransaction update to use same return method as swap
update
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Draft methods to brak updateTransaction into smaller more targeted
methods.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
normalize and validate tx params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Method to normalize tx and check if it's unapproved.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move the methods to controllers/transactions/index.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Flesh out the methods to update transaction with custom notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Test update gas fees
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update swap approval transaction
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
use lodash to remove undefined properties
update swap transaction tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Add Update Transaction Metrics
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update transaction gas fees actions.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update EIP 1559 Params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Documentations.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove metrics from this PR
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes: Removed unused variables
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update swap approval transaction
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
1. updateSwapApprovalTransaction should have id as first parameter
2. updateSwapApprovalTransaction should not show loading indicator
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
update swap transaction.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove metrics code.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Add updateTransactionParams to actions.js updateXXX and return txData at
the end of updateXXX method
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix swapApprovalTransaction update to use same return method as swap
update
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove duplicate tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove comments.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not hideLoading, since we're not showing it.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
...approveTxMeta no longer needed here.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove estimated base fee from swap approval txs.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
remove txTradeMeta from params
make sure rebase didn't mess up any code - first pass
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* make use of getTokenStandardAndDetails method exposed on assetsContractController to determine how to represent the contract being interacted with in token contract method calls
An array of integers is now used to represent the SRP in three cases:
* In the import wallet flow, the UI uses it to pass the user-provided
SRP to the background (which converts the array to a buffer).
* In the create wallet flow, the UI uses it to retrieve the generated
SRP from the background.
* When persisting the wallet to state, the background uses it to
serialize the SRP.
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
* Draft methods to brak updateTransaction into smaller more targeted
methods.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* normalize and validate tx params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Method to normalize tx and check if it's unapproved.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move the methods to controllers/transactions/index.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Flesh out the methods to update transaction with custom notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Test update gas fees
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Update swap approval transaction
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* use lodash to remove undefined properties
update swap transaction tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Updates transaction user settings.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add Update Transaction Metrics
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Update transaction gas fees actions.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Update EIP 1559 Params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Documentations.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove metrics from this PR
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes: Removed unused variables
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add more params to updateTransactionGasFees.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Update eip1559 method to editableParams.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix Mocha tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* add gasPrice to updateEditableParams
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove duplicated Params in notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* A few more tests to cover if
transaction status is not unapproved
transaction is passed more parameters than it requires.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Update EIP1559 params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove metrics
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add updateTransactionParams to actions.js updateXXX and return txData at the end of updateXXX method
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* change method name to update editable params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Editable params should pass in the txParams and not the full tx object
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix jest tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Do not hideLoading since we're not showing it.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Proper JSDOCs comments.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove gas settings from updateEditableParams since we already have a
dedicated gas update method.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix duplicate codes from rebasing.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Draft methods to brak updateTransaction into smaller more targeted
methods.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* normalize and validate tx params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Method to normalize tx and check if it's unapproved.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move the methods to controllers/transactions/index.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Flesh out the methods to update transaction with custom notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* enforce that only the properties for the specific methid can be updated via the method.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Rename calls to check transaction status.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Test update gas fees
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Test update estimated base fee
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Update swap approval transaction
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* use lodash to remove undefined properties
update swap transaction tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Updates transaction user settings.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove commented log lines
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add more parameters to updateSwapTransaction
approvalTxId
estimatedBaseFee
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix documentation for updateSwapTransaction
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add Update Transaction Metrics
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Update transaction gas fees actions.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Update EIP 1559 Params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Documentations.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove metrics from this PR
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes: Removed unused variables
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add more params to updateTransactionGasFees.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Update eip1559 method to editableParams.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix Mocha tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* add gasPrice to updateEditableParams
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove duplicated Params in notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* A few more tests to cover if
transaction status is not unapproved
transaction is passed more parameters than it requires.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix: Insufficient number of substitutions for key "stxSuccessDescription"
* Only calculate "approvalGas" if the "approvalNeeded" param is truthy in a quote
* "Swap from" has to be set to enable "Review Swap", set a default token for "Swap from"
* Fix: Unable to find value of key "undefined" for locale
* Use array destructuring
* Fix: Insufficient number of substitutions for key "stxSuccessDescription"
* Only calculate "approvalGas" if the "approvalNeeded" param is truthy in a quote
* "Swap from" has to be set to enable "Review Swap", set a default token for "Swap from"
* Fix: Unable to find value of key "undefined" for locale
* Use array destructuring
This PR adds `snaps` under Flask build flags to the extension. This branch is mostly equivalent to the current production version of Flask, excepting some bug fixes and tweaks.
Closes#11626
* Do not call `decimalToHex` for `minimumGasLimit`, which is already in hex
* Add `0x` prefix when returning a gas estimate
* Fix UTs
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
ESLint rules have been added to enforce our JSDoc conventions. These
rules were introduced by updating `@metamask/eslint-config` to v9.
Some of the rules have been disabled because the effort to fix all lint
errors was too high. It might be easiest to enable these rules one
directory at a time, or one rule at a time.
Most of the changes in this PR were a result of running
`yarn lint:fix`. There were a handful of manual changes that seemed
obvious and simple to make. Anything beyond that and the rule was left
disabled.
The ESLint config for the extension explicitly includes support for
Prettier. However, this is already being provided by our global ESLint
config (`@metamask/eslint-config`). Therefore there is no need to
include it here. In fact, this is causing weird issues where the `curly`
option is getting overridden somehow. After this change, these syntaxes
are invalid:
``` javascript
if (foo) return;
```
``` javascript
if (foo) return 'bar';
```
* Prevent automatic rejection of confirmations
Confirmations are now only automatically rejected if a user explicitly
closes the notification window. If we close the window programmatically
because there are no notifications left to show, nothing gets rejected.
This partially avoids a race condition where a confirmation gets
rejected automatically without the user having seen the confirmation
first. This could happen if the confirmation was processed just as the
notification window was being closed.
It's still possible for a confirmation that the user has never seen to
get rejected as a result of the user closing the window. But at least
now it's no longer possible for a confirmation to get rejected in this
manner after the user resolves the last confirmation in the queue.
* Fix bug that prevented automatic closure detection
All windows were being detected as explicit window closures,
essentially just as they were previously, because this variable was
cleared too soon.
* Re-open popup when necessary
After the window is automatically closed, a confirmation may have been
queued up while the window was closing. If so, the popup is now re-
opened.
Adds a missing middleware hook for `wallet_requestPermissions` that we failed to add in #12243. Also adds a runtime check that throws an error if any expected hooks are not provided to `createMethodMiddleware`.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
The Firefox extension version format does not support the version
format we use (SemVer), so we have to specially format the extension
version to be compatible. The format we chose was
`[major].[minor].[patch].[buildType][buildVersion]`. But when we tried
to submit a build with a version in that format, it was rejected as
invalid for unknown reasons.
The Firefox extension format has been updated to
`[major].[minor].[patch][buildType][buildVersion]`. This seems to pass
validation.
The `version_name` manifest field was being used on Chrome to store the
build type. However, Chrome intended this field to be a full
representation of the version, for display purposes. This was evident
when uploading this version to the Chrome Web Store, because it used
`flask` as the entire version.
Instead the `version_name` field now includes the full SemVer version
string. The version parsing code within the build script and in the
wallet itself have been updated accordingly.
The `environment` field we use for Sentry includes the build type for
all build types except `main`, but the log message indicating that
Sentry did not include this. This log message is useful for ensuring
that Sentry is setup correctly, so it should display the same
environment that Sentry is using. It has been updated to do just that.
* added wrapper around account list to prevent storybook from collapsing the list
* updated translation files
* added snap-connect page
* refactored account list out of the choose account component
* fixed width
* removed unnecessary scss from choose-account component, fixed props in choose account story
* removed snaps-connect page, added comments to ChooseAccount
* updated choose account subtitle text, updated styling for title & subtitle, removed redundant account list story
* updated component name, updated paths
* fixed linter errors
* added comments
* removed unused message
* removed selectAccounts key from all locales
* updated class name for account list header, updated allAreSelected function to use length checks
* Revert "removed unused message"
This reverts commit 32771bc83c08f120825ef75f0741f3034e7dbecb.
* Revert "removed selectAccounts key from all locales"
This reverts commit ccfa4a860f9a75693d893d7c404384e719de297e.
* updated locale messages to use selectAccounts key
* removed stray import
* updated scss
* updated translation key
* removed chooseAccounts key from en locale
* removed optional chaining
* changes
* updated subjectMetadata
* updated subject types
* update useOriginMetadata function to include unknown subject type
* updated permission connect header props, removed host and added subjectType to targetSubjectMetadata
* added subjectType to targetSubjectMetadata
* removed console.log
* changed prop name to iconUrl
The ESLint config has been updated to v8. The breaking changes are:
* The Prettier rule `quoteProps` has been changed from `consistent` to
`as-needed`, meaning that if one key requires quoting, only that key is
quoted rather than all keys.
* The ESLint rule `no-shadow` has been made more strict. It now
prevents globals from being shadowed as well.
Most of these changes were applied with `yarn lint:fix`. Only the
shadowing changes required manual fixing (shadowing variable names were
either replaced with destructuring or renamed).
The dependency `globalThis` was added to the list of dynamic
dependencies in the build system, where it should have been already.
This was causing `depcheck` to fail because the new lint rules required
removing the one place where `globalThis` had been erroneously imported
previously.
A rule requiring a newline between multiline blocks and expressions has
been disabled temporarily to make this PR smaller and to avoid
introducing conflicts with other PRs.
The `selectHooks` function has been replaced with the equivalent
function from the `@metamask/rpc-methods` package, which is
functionally equivalent.
The function was included in that package so that it could be used
elsewhere in the `snaps-skunkworks` repo. Eventually the goal is to
migrate much of our RPC logic into this package so that it can be
shared across products, and by our libraries as needed.
This PR introduces the concept of subject _types_ to be associated with each subject in the `SubjectMetadataController`, and used for control flow in our RPC stack (`setupProviderEngine` and so forth).
We already differentiate between "types" of subjects in various places on an ad hoc basis via boolean flags (e.g. `isInternal` in our RPC stack) or the presence/absence of certain values in the subject's metadata (specifically `metadata.extensionId`). The status quo is manageable if not ideal, but will start to become untenable with the introduction of Snaps in the near future.
Therefore, this PR establishes a `SUBJECT_TYPES` enum and adds the `subjectType` property to the metadata of each subject. A new migration is added to accomplish this. Finally, we specify and `INTERNAL` subject type to distinguish internal from external requests.
The `nodeify` utility is no longer needed for the background API.
Instead each method is assumed to be either synchronous or Promise-
returning.
The error handling was updated to at least log the error in the case
where a method fall fails after the connection is broken.
# Permission System 2.0
## Background
This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.
With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.
Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.
The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.
## Changes in Detail
First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.
- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.
Reviewers should focus their attention on the following files:
- `app/scripts/`
- `metamask-controller.js`
- This is where most of the integration work for the new `PermissionController` occurs.
Some functions that were internal to the original controller were moved here.
- `controllers/permissions/`
- `selectors.js`
- These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
- `specifications.js`
- The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
See the `PermissionController` readme for details.
- `migrations/068.js`
- The new state should be cross-referenced with the controllers that manage it.
The accompanying tests should also be thoroughly reviewed.
Some files may appear new but have just moved and/or been renamed:
- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
- This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
- A truncated version of `test/mocks/permission-controller.js`.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
A propType error was showing up during e2e tests with a `testDev`
build. It was caused by `process.env.IN_TEST` being treated as a
boolean, when in fact it is either the string `'true'` or a boolean.
`IN_TEST` has been updated to always be a boolean. `loose-envify` has
no trouble injecting boolean values, so there's no reason to treat this
as a string.
* Add support for eip-1559 on Trezor
* temp
* Lint fix
* Store trezor model type in background state instead attempting to get it in the frontend
* code simplification
* Temp update to eth-trezor-keyring version
* Tempory update to eth-trezor-keyring version
* Temp update to eth-trezor-keyring version
* Fix display of hdpath selector in connect hardware flow for trezor
* Updating the package version but we still need to run yarn setup and update the lockfile, once the package is updated
* Update yarn.lock
* Fix unit tests
* support qr based signer
* add CSP for fire fox
* get QR Hardware wallet name from device
* fix qrHardware state missing in runtime
* support qr based signer sign transaction
* refine Request Signature modal ui
* remove feature toggle
* refine ui
* fix notification is closing even there is a pending qr hardware transaction
* add chinese translation, refine ui, fix qr process was breaking in some case
* support import accounts by pubkeys
* refine qr-based wallet ui and fix bugs
* update @keystonehq/metamask-airgapped-keyring to fix that the signing hd path was inconsistent in some edge case
* fix: avoid unnecessay navigation, fix ci
* refactor qr-hardware-popover with @zxing/browser
* update lavamoat policy, remove firefox CSP
* refine qr reader ui, ignore unnecessary warning display
* code refactor, use async functions insteads promise
Co-authored-by: Soralit <soralitria@gmail.com>
* Add CollectiblesController
* bump controllers version
* add CollectibleDetectionController
* adapt to ERC1155 support changes in CollectiblesController
* update @metamask/controllers to v20.0.0
* update lavamoat policy files
* put collectibleDetectionController instantiation behind feature flag
* Fix#5039
* Converted function into async
* Added more explicit explanation of why the number of bits for EcSign
* eth_sign and eth_personalSign now report errors correctly back to the user
* Added leeway to unsigned message byte check
* Fix lint
These background API methods were not used anywhere in the UI. One of
them was called in `actions.js` by a function that itself was never
called, so it have been removed. Additionally, one unused `actions.js`
function was found and removed as well.
`setAdvancedGasFee` is the only unused background method that remains.
It was recently added and will be used in the near future.
* Use a Swaps v2 API to get a fiat onboarding URL
* Fix an issue with wrapping / unwrapping if an address contained uppercase chars
* Rename a constant
* Use a constant in a test
Adds a property, `hookNames`, to each RPC method handler export in `app/scripts/lib/rpc-method-middleware` and a function, `selectHooks`, to select from them.
`createMethodMiddleware` receives a giant `opts` object that includes a bunch of different methods from `MetaMaskController` and its subcontrollers. Each method implementation only requires a subset of these methods to do its work. Because they need some kind of name, we call these methods "hooks". With this change, whenever an RPC method is called, `selectHooks` will be called to ensure that each method only receives the hooks that it needs in order to do its job.
This implementation is based on [work in `snaps-skunkworks`](https://github.com/MetaMask/snaps-skunkworks/blob/a3e1248/packages/rpc-methods/src/utils.ts#L17-L34) that will be merged in the near future.
* Add migration to set showTestNetworks to true if there is evidence the user has used a test network
* Add migration to index file
* Remove console.log
* Clean up conditional structure in migration 67
* Background clears confirmations on popup close
* [WIP] Remove clearing confirmations through UI
* Confirmations are now rejected instead of cleared
* Erased commented out code
* Fix linter errors
* Changes after code review
* Moved metrics events from onWindowUnload to background
* PR review fixes
* Added abillity to add reason to rejection of messages
* Fix prettier
* Added type metrics event to signature cancel
* Fix test
* The uncofirmed transactions are now cleared even if Metamask is locked
We're bumping from `^6` to `^8`. All imports are now named, and they have been updated. This is a breaking change, in that support for `eth_signTransaction` is added in `^8.0.0`. We do not support this method in our UI, so our middleware stack has been instrumented to reject.
In addition, there are some non-breaking behavioral changes in this version that reviewers should be aware of, see the [7.0.0 release](https://github.com/MetaMask/eth-json-rpc-middleware/releases).
* metametrics - ensure segment submission failures do not bubble up
* metametrics - differentiate between trackEvent and submitEvent
* metametrics - validate event in trackEvent
* metametrics - re-throw error on clean stack
* lint fix
* controllers/metametrics - take a captureException option
* controllers/metametrics - capture and report any errors in trackPage
* Update app/scripts/controllers/metametrics.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* GridPlus: Adds support for GridPlus Lattice1 hardware wallet
* Fixes issue with switching hardware HD path
The main `Select HD Path` piece of the account selection component was not
properly hooked up to the state manager (`onPathChange`) and the extra
`Popover` component was being used instead.
I'm not sure what the origin of this is, but I don't see why the Popover
is needed at all. I have remove it and hooked `onPathChange` directly into
the HD path selector dropdown.
This was an issue that nearly every Lattice user who had come from Ledger
has contacted us about.
* GridPlus: Addresses QA issues
* Adds Lattice tutorial + image
* Cleans up connectivity issues (see: https://github.com/GridPlus/eth-lattice-keyring/pull/16)
* GridPlus: Adds Firefox support
To connect to the Lattice you need to open a new tab/window and get
login data from it. We were not able to do this for Firefox because
we relied on the `window` API. This is now fixed.
See corresponding changes:
* `eth-lattice-keyring`: https://github.com/GridPlus/eth-lattice-keyring/pull/17
* Lattice connector: https://github.com/GridPlus/wallet-web/pull/152
* GridPlus: Adds missing error path for Firefox
See: 242a93f559
* Check if ledger was successfully able to establish transport on mount of confirm screens
* Update ledger message/action if transport creation was blocked by existing connection
* TEMP: point eth-ledger-bridge-keyring to commite, REMOVE BEFORE MERGE
* Update eth-ledger-bridge-keyring to v0.10.0
* Show test networks toggle button in settings/advanced tab.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Apply toggle testnet settings and show/hide testnets when on/off
Add localhost to testnet.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Show add network button
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Open full screen when add network is called.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Show custonm rpc before testnet rpcs
lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Test cases for network dropdown.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Test cases for toggle test networks in advanced tab component.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix Locales.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* E2E Tests: Custom RPC is now called Add Network
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fix
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* E2E: When Add Network button is clicked, wait for the full screen window to
be visible
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* findVisibleElement should use a class. i.e start with a dot
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Hide Dropdown when Add Netwok is clicked.
Only show full screen if it's not already showing.
E2E tests passing.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix tests for jest
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Testnets are not being shown by default anymore, tests should use
Mainnet instead.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Import Button from ui
Change selector name to getShowTestnetworks
Fix button to show full width
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix e2e tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove localhost from INFURA provider types.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix errors in Advanced Tab Component tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix unit tests for advanced tab component.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove deleted elements from e2e tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Make sure all tests passed.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
The build type (i.e. the distribution) is now included in the Sentry
environment during setup, for all builds except the "main" build. This
will allow us to track Flask and beta errors separately from other
errors.
A constant was created for the build types. The equivalent constant in
our build scripts was updated to match it more closely, for
consistency. We can't use the same constant in both places because our
shared constants are in modules that use ES6 exports, and our build
script does not yet support ES6 exports.
The singular `BuildType` was used rather than `BuildTypes` to match our
naming conventions elsewhere for enums. We name them like classes or
types, rather than like a collection.
Relates to #11896
* Connect ledger via webhid if that option is available
* Explicitly setting preference for webhid
* Use ledgerTransportType enum instead of booleans for ledger live and webhid preferences
* Use single setLEdgerTransport preference methods and property
* Temp
* Lint fix
* Unit test fix
* Remove async keyword from setLedgerTransportPreference function definition in preferences controller
* Fix ledgelive setting toggle logic
* Migrate useLedgerLive preference property to ledgerTransportType
* Use shared constants for ledger transport type enums
* Use constant for ledger usb vendor id
* Use correct property to check if ledgerLive preference is set when deciding whether to ask for webhid connection
* Update eth-ledger-bridge-keyring to v0.9.0
* Only show ledger live transaction helper messages if using ledger live
* Only show ledger live part of tutorial if ledger live setting is on
* Fix ledger related prop type errors
* Explicitly use u2f enum instead of empty string as a transport type; default transport type to webhid if available; use constants for u2f and webhid
* Cleanup
* Wrap ledger webhid device request in try/catch
* Clean up
* Lint fix
* Ensure user can easily connect their ledger wallet when they need to.
* Fix locales
* Fix/improve locales changes
* Remove unused isFirefox property from confirm-transaction-base.container.js
* Disable transaction and message signing confirmation if ledger webhid requires connection
* Ensure translation keys for ledger connection options in settings dropdown can be properly detected by verify-locales
* Drop .component from ledger-instruction-field file name
* Move renderLedgerLiveStep to module scope
* Remove ledgerLive from function and message names in ledger-instruction-field
* Wrap ledger connection logic in ledger-instruction-field in try catch
* Clean up signature-request.component.js
* Check whether the signing address, and not the selected address, is a ledger account in singature-request.container
* Ensure ledger instructions and webhid connection button are shown on signature-request-original signatures
* Improve webhid selection handling in select-ledger-transport-type onChange handler
* Move metamask redux focused ledger selectors to metamask duck
* Lint fix
* Use async await in checkWebHidStatusRef.current
* Remove unnecessary use of ref in ledger-instruction-field.js
* Lint fix
* Remove unnecessary try/catch in ledger-instruction-field.js
* Check if from address, not selected address, is from a ledger account in confirm-approve
* Move findKeyringForAddress to metamask duck
* Fix typo in function name
* Ensure isEqualCaseInsensitive handles possible differences in address casing
* Fix Learn More link size in advanced settings tab
* Update app/scripts/migrations/066.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Update ui/pages/settings/advanced-tab/advanced-tab.component.test.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Add jsdoc comments for new selectors
* Use jest.spyOn for mocking navigator in ledger webhid migration tests
* Use LEDGER_TRANSPORT_TYPES values to set proptype of ledgerTransportType
* Use LEDGER_TRANSPORT_TYPES values to set proptype of ledgerTransportType
* Fix font size of link in ledger connection description in advanced settings
* Fix return type in setLedgerTransportPreference comment
* Clean up connectHardware code for webhid connection in actions.js
* Update app/scripts/migrations/066.test.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Update ui/ducks/metamask/metamask.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Add migration test for when useLedgerLive is true in a browser that supports webhid
* Lint fix
* Fix inline-link size
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Refactor checking if address is contract into a new module.
Tests for new module.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* addressIsContract is an async function, use await when calling it.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Mock ethQuery
change variable names
refactor in transaction.utils.
fix possible boolean destructiring.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Refactor isContractAddress boolean checks.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix for #11503: when you send a transaction with value as 0x, you get a
Bignumber error. Fix this by setting value to 0x0 is it's 0x.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* 1. Fix this in app/scripts/controllers/transactions/lib/utils.js
2. Make sure other non-hex non-valid strings for value return 0x0
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Linting Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Instead of returning 0x0 for invalid hex values, throw a descriptive
error
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Unit tests.
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* assert.throws takes a function
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Use standardized error message.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* remove fixHexValue
move code validating hex value to validateTxParams
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Change message displayed if hex string is invalid.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fixed missing second quote mark on message.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
The extension version used throughout the wallet is now normalized to a
SemVer-compliant version that matches the version used in
`package.json`. We use this version for display on the "About" page,
and we attach it to all error reports and metric events, so it's
important that we format it consistently so that we can correlate
events on the same version across different browsers.
This normalization step is necessary because Firefox and Chrome both
have different requirements for the extension version, and neither is
SemVer-compliant.
* lockdown - breakout making globalThis properties non-writable into lockdown-more.js
* Update app/scripts/lockdown-more.js
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
* Update app/scripts/lockdown-more.js
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
* Fixes#12145
When transactions fail, preserve error message when presented with an error object. Fallback to stringified error for other cases.
* Perserve error stack when err.stack is present, else set stack to message.
* Use optional chaining
* Jestify migrations/
* Lint exclude migrations from mocha config, and add inclusion to jest config
* Add migration tests to jest config
* Exclude/ignore migration tests
* Set process.env.IN_TEST to true when running tests locally
* add command to debug unit tests
* remove extra zero balance account potentially created from seeking ahead
* Add PR 12074 to CHANGELOG
* Revert "Add PR 12074 to CHANGELOG"
This reverts commit 9f6f7eec1cac163c0ce1c711b1c205322aa5b2af.
* Remove test debug command
* Replace hardcoded sent ether label on confirm screen
* replace transaction type SENT_ETHER with network agnostic SENDING_NATIVE_ASSET
* remove sentEther translation base
* make backwards compatible with lingering transaction of legacy sentEther type
* update localalization files
* fixup legacy sentEther transaction type
* changing new transaction type away from localization string
* revert migration tests
* update fixtures and test data
* update name of new transaction type
* add migration
* remove legacy SENT_ETHER from transaction types enum object