* Expose transaction origin to transaction insight snaps
* Support multiple icons for each label for a permission
* Add transaction insight origin permission
* Fix fencing
* Fix import and permission crash
* Use function properly for connected accounts
* Add beta home banner to home screen
* Move the beta home notification to the app-header
* Updates to formatting
* Add beta home banner to home screen
* Move the beta home notification to the app-header
* Updates to formatting
* Update ui/components/app/app-header/index.scss
Co-authored-by: George Marshall <george.marshall@consensys.net>
* Update ui/components/app/app-header/index.scss
Co-authored-by: George Marshall <george.marshall@consensys.net>
* Update ui/components/app/app-header/index.scss
Co-authored-by: George Marshall <george.marshall@consensys.net>
* Move banner to top of page
* Move to own folder, update styles
* Swith to BOX component
* Address feedback
* Add tests
* Update name of component
* Fix tests
* Fix proptype errors
* Fixups
* Remove unrelated changes
* Remove unwanted string changes
* Update beta component name and text
* Update mock data
Co-authored-by: George Marshall <george.marshall@consensys.net>
The controllers package has been updated to v33. The only breaking
change in this release was to rename the term "collectible" to "NFT"
wherever it appeared in the API.
Changes in this PR have been kept minimal; additional renaming can be
done in separate PRs. This PR only updates the controller names,
controller state, controller methods, and any direct references to
these things. NFTs are still called "collectibles" in most places.
* Replaced addresses by the address component on SignTypedData v4 signatures
* Fixing signature-request e2e tests
* Modified scss file for signature-request message
* Using address component for rendering the addresses and bold label where hex address is not valid
* Modify the address component
* Added proper BEM syntax for class names and used Box and Typography
* FIxing e2e tests
* Commited requested changes from George and added storybook
* Review requested changes
* Created new component for rendering data in signature-request-message.js
* Fixing proper usage for getAccountName and getMetadataContractName selectors
* Fixing e2e tests
* Remove 3box feature and delete ThreeBoxController
Lint locale messages
lavamoat policy updates
* Restore 3Box user trait with value `false`
The 3Box user trait has been restored and hard-coded as `false`. This
ensures that users don't get stuck in our metrics as having this trait.
A deprecation comment has been left in various places for this trait.
* Remove unused state
* Remove additional 3box-related things
* Run `yarn-deduplicate`
* Restore migration that was lost while rebasing
* Remove obsolete override
* Remove additional unused resolutions/dependencies
* Update LavaMoat policies
* Remove obsolete security advisory ignore entries
* Remove 3Box fixture builder method
* Update unit tests
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Reduce the amount of calls to insight snaps
* Add dep
* Update LavaMoat policies
* Fix selectors and revert changes to hook
* Remove dep
* Revert "Update LavaMoat policies"
This reverts commit 7469c94e0e7c52eb877766a96005cc559c9d8d20.
* Enable "Add Popular Network" feature by default
* Fixing e2e tests
* Attempt to fix e2e tests
* Revert "Attempt to fix e2e tests"
This reverts commit d88e8944b8df8f7c3075753f8d8b3480439f8e30.
* Get e2e tests passing
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
* Deprecating Rinkeby, setting default debug network to Goerli
* Deprecating Ropsten and Kovan
* Conflict fix
* Remove unused localization, test fixes
* Add migration for moving used deprecated testnets to custom networks
* Fix migrator test
* Add more unit tests
* Migration updates provider type to rpc if deprecated network is selected
* Migration fully and correctly updates the provider if selected network is a deprecated testnet
* Continue to show deprecation warning on each of rinkeby, ropsten and kovan
* Add rpcUrl deprecation message to loading screen
* Removing mayBeFauceting prop
Co-authored-by: Dan Miller <danjm.com@gmail.com>
* Update mock state data
* Convert App Header test to tlr.
* Convert Gas Timing test to tlr.
* Convert Account Details Modal to tlr.
* Update Sig Req test to match mock state changes.
* Add test-ids to Editable Label for Account Details Modal
* Adjust selectors test for the mock state update.
* Add back gasIsLoading for selectors test.
* Ensure the seed phrase reminder is displayed with precedence over the network deprecation message
* Prevent error when attempting to get balance before account info has been fully sete
* Fix implementation of seedphrase-reminder-display-fix
* Prioritize seed phrase reminder notification over portfolio tooltip, and that tooltip over testnet deprecation
* Show 3box deprecation message in whats new
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add . after message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Change deprecation notification message and remove date
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* addding the legacy tokenlist, tuning token detection OFF by default, adding new message while importing tokens
updating the controller version and calling detectNewToken on network change
fixing rebase error
Run yarn lavamoat:auto for updating policies
updating lavamoat
Deleted node modules and run again lavamoat auto
fixing rebase issues
updating lavamoat policies
updating lavamoat after rebasing
policies
updating custom token warning and blocking detectedtoken link when tpken detection is off for supported networks
to update the token in fetchTosync
updating the contract map object
Revert build-system lavamoat policy changes
Move token list selection logic from components to getTokenList selector
updating the tokenList
Update lavamoat
Fix error
updating lavamoat
lint fix
fix unit test fail
fix unit test fail
lint fix
fixing rebase locale error
rebase fix
Revert build-system policy changes
temp
addressing review comments
* rebase fix
* Created a logic for the 'Add a block explorer URL'
Removed unused message
Message logic rollback
Modified history push operation
WIP: Pushing before rebasing
Applied requested changes
Removed unintenionally added code
* Lint fix
* Metrics fixed
* The contact pet name isn't replaced by the recipients address
* Create getEnsResolutionByAddress selector and use it in the codebase
* Modified the getRecipient selector such that it returns an ens resolution as the nickname if a nickname isn't present but a ens resolution is.
* Update ui/ducks/send/send.js
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
* Checked if ens resolution is present in the getRecipient selector
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
* Rename NotificationController to AnnouncementController
* Fix test
* Add test for missing NotificationController state
* Bump controllers
* Move test to correct file
* Rename config key
* Add migration 71 to list of migrations
* Fix selector after migration
* fix failed off chain tx mismatch with next confirmed transaction
* dont drop failed txs when tx in confirmed
* add comment for reassigning logic
* resolve change requests
* Show fiat on confirm screen on multilayer-fee network
* Disable gas editing on optimism
* Fix send max mode on optimism
* Represent layer 2 gas fee as a single value
* Hide gas fee edit UI on optimism
* Improvement multilayer-fee-message styling
* Lint fix
* Fix locales
* Remove unnecessary code change
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
This PR adds `snaps` under Flask build flags to the extension. This branch is mostly equivalent to the current production version of Flask, excepting some bug fixes and tweaks.
Closes#11626
This PR ensures that the `getLastConnectedInfo` selector handles missing `eth_accounts` permission history. Historically, `eth_accounts` was the only permission in existence, and the only way that a permission subject ended up with a permission history in the first place. This will no longer the case as of #11837, and we were perhaps never right to bake in this assumption to begin with.
When a lot of transactions are occurring on the network, such as during
an NFT drop, it drives gas fees up. When this happens, we want to not
only inform the user about this, but also dissuade them from using a
higher gas fee (as we have proved in testing that high gas fees can
cause bidding wars and exacerbate the situation).
The method for determining whether the network is "busy" is already
handled by GasFeeController, which exposes a `networkCongestion`
property within the gas fee estimate data. If this number exceeds 0.66 —
meaning that the current base fee is above the 66th percentile among the
base fees over the last several days — then we determine that the
network is "busy".
ESLint rules have been added to enforce our JSDoc conventions. These
rules were introduced by updating `@metamask/eslint-config` to v9.
Some of the rules have been disabled because the effort to fix all lint
errors was too high. It might be easiest to enable these rules one
directory at a time, or one rule at a time.
Most of the changes in this PR were a result of running
`yarn lint:fix`. There were a handful of manual changes that seemed
obvious and simple to make. Anything beyond that and the rule was left
disabled.
The ESLint config for the extension explicitly includes support for
Prettier. However, this is already being provided by our global ESLint
config (`@metamask/eslint-config`). Therefore there is no need to
include it here. In fact, this is causing weird issues where the `curly`
option is getting overridden somehow. After this change, these syntaxes
are invalid:
``` javascript
if (foo) return;
```
``` javascript
if (foo) return 'bar';
```
This selector is a duplicate of the `getSubjectMetadata` selector,
which does the same thing except that there is no fallback for the case
where the `subjectMetadata` is falsy. This is OK because that state can
never be falsy.
This change was extracted from the `snaps` branch.
The ESLint config has been updated to v8. The breaking changes are:
* The Prettier rule `quoteProps` has been changed from `consistent` to
`as-needed`, meaning that if one key requires quoting, only that key is
quoted rather than all keys.
* The ESLint rule `no-shadow` has been made more strict. It now
prevents globals from being shadowed as well.
Most of these changes were applied with `yarn lint:fix`. Only the
shadowing changes required manual fixing (shadowing variable names were
either replaced with destructuring or renamed).
The dependency `globalThis` was added to the list of dynamic
dependencies in the build system, where it should have been already.
This was causing `depcheck` to fail because the new lint rules required
removing the one place where `globalThis` had been erroneously imported
previously.
A rule requiring a newline between multiline blocks and expressions has
been disabled temporarily to make this PR smaller and to avoid
introducing conflicts with other PRs.
# Permission System 2.0
## Background
This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.
With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.
Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.
The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.
## Changes in Detail
First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.
- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.
Reviewers should focus their attention on the following files:
- `app/scripts/`
- `metamask-controller.js`
- This is where most of the integration work for the new `PermissionController` occurs.
Some functions that were internal to the original controller were moved here.
- `controllers/permissions/`
- `selectors.js`
- These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
- `specifications.js`
- The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
See the `PermissionController` readme for details.
- `migrations/068.js`
- The new state should be cross-referenced with the controllers that manage it.
The accompanying tests should also be thoroughly reviewed.
Some files may appear new but have just moved and/or been renamed:
- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
- This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
- A truncated version of `test/mocks/permission-controller.js`.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Add support for eip-1559 on Trezor
* temp
* Lint fix
* Store trezor model type in background state instead attempting to get it in the frontend
* code simplification
* Temp update to eth-trezor-keyring version
* Tempory update to eth-trezor-keyring version
* Temp update to eth-trezor-keyring version
* Fix display of hdpath selector in connect hardware flow for trezor
* Updating the package version but we still need to run yarn setup and update the lockfile, once the package is updated
* Update yarn.lock
* Fix unit tests
* support qr based signer
* add CSP for fire fox
* get QR Hardware wallet name from device
* fix qrHardware state missing in runtime
* support qr based signer sign transaction
* refine Request Signature modal ui
* remove feature toggle
* refine ui
* fix notification is closing even there is a pending qr hardware transaction
* add chinese translation, refine ui, fix qr process was breaking in some case
* support import accounts by pubkeys
* refine qr-based wallet ui and fix bugs
* update @keystonehq/metamask-airgapped-keyring to fix that the signing hd path was inconsistent in some edge case
* fix: avoid unnecessay navigation, fix ci
* refactor qr-hardware-popover with @zxing/browser
* update lavamoat policy, remove firefox CSP
* refine qr reader ui, ignore unnecessary warning display
* code refactor, use async functions insteads promise
Co-authored-by: Soralit <soralitria@gmail.com>
* Support for Layer 2 networks with transaction fees on both layers
* Use variable name in transaction-breakdown
* Add comment on code source to ui/helpers/utils/optimism/fetchEstimatedL1Fee.js
* Fix unit tests
* Ensure values passed to are defined
* Fix activity log
* GridPlus: Adds support for GridPlus Lattice1 hardware wallet
* Fixes issue with switching hardware HD path
The main `Select HD Path` piece of the account selection component was not
properly hooked up to the state manager (`onPathChange`) and the extra
`Popover` component was being used instead.
I'm not sure what the origin of this is, but I don't see why the Popover
is needed at all. I have remove it and hooked `onPathChange` directly into
the HD path selector dropdown.
This was an issue that nearly every Lattice user who had come from Ledger
has contacted us about.
* GridPlus: Addresses QA issues
* Adds Lattice tutorial + image
* Cleans up connectivity issues (see: https://github.com/GridPlus/eth-lattice-keyring/pull/16)
* GridPlus: Adds Firefox support
To connect to the Lattice you need to open a new tab/window and get
login data from it. We were not able to do this for Firefox because
we relied on the `window` API. This is now fixed.
See corresponding changes:
* `eth-lattice-keyring`: https://github.com/GridPlus/eth-lattice-keyring/pull/17
* Lattice connector: https://github.com/GridPlus/wallet-web/pull/152
* GridPlus: Adds missing error path for Firefox
See: 242a93f559