m/metamask-extension
1
0
Fork 0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-10-22 19:26:13 +02:00
Code
74f2d27d10
metamask-extension/app/scripts/lib/createRPCMethodTrackingMiddleware.js
Elliot Winkler 1304ec7af5
Convert shared/constants/metametrics to TS (#18353) 
We want to convert NetworkController to TypeScript in order to be able
to compare differences in the controller between in this repo and the
core repo. To do this, however, we need to convert the dependencies of
the controller to TypeScript.

As a part of this effort, this commit converts
`shared/constants/metametrics` to TypeScript. Note that simple objects
have been largely replaced with enums. There are some cases where I even
split up some of these objects into multiple enums.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2023-04-03 09:31:04 -06:00

267 lines
9.5 KiB
JavaScript
Raw Blame History

import { errorCodes } from 'eth-rpc-errors';
import { MESSAGE_TYPE, ORIGIN_METAMASK } from '../../../shared/constants/app';
import { TransactionStatus } from '../../../shared/constants/transaction';
import { SECOND } from '../../../shared/constants/time';
import { detectSIWE } from '../../../shared/modules/siwe';
import {
MetaMetricsEventCategory,
MetaMetricsEventName,
MetaMetricsEventUiCustomization,
} from '../../../shared/constants/metametrics';
/**
* These types determine how the method tracking middleware handles incoming
* requests based on the method name. There are three options right now but
* the types could be expanded to cover other options in the future.
*/
const RATE_LIMIT_TYPES = {
RATE_LIMITED: 'rate_limited',
BLOCKED: 'blocked',
NON_RATE_LIMITED: 'non_rate_limited',
};
/**
* This object maps a method name to a RATE_LIMIT_TYPE. If not in this map the
* default is 'RATE_LIMITED'
*/
const RATE_LIMIT_MAP = {
[MESSAGE_TYPE.ETH_SIGN]: RATE_LIMIT_TYPES.NON_RATE_LIMITED,
[MESSAGE_TYPE.ETH_SIGN_TYPED_DATA]: RATE_LIMIT_TYPES.NON_RATE_LIMITED,
[MESSAGE_TYPE.ETH_SIGN_TYPED_DATA_V3]: RATE_LIMIT_TYPES.NON_RATE_LIMITED,
[MESSAGE_TYPE.ETH_SIGN_TYPED_DATA_V4]: RATE_LIMIT_TYPES.NON_RATE_LIMITED,
[MESSAGE_TYPE.PERSONAL_SIGN]: RATE_LIMIT_TYPES.NON_RATE_LIMITED,
[MESSAGE_TYPE.ETH_DECRYPT]: RATE_LIMIT_TYPES.NON_RATE_LIMITED,
[MESSAGE_TYPE.ETH_GET_ENCRYPTION_PUBLIC_KEY]:
RATE_LIMIT_TYPES.NON_RATE_LIMITED,
[MESSAGE_TYPE.ETH_REQUEST_ACCOUNTS]: RATE_LIMIT_TYPES.RATE_LIMITED,
[MESSAGE_TYPE.WALLET_REQUEST_PERMISSIONS]: RATE_LIMIT_TYPES.RATE_LIMITED,
[MESSAGE_TYPE.SEND_METADATA]: RATE_LIMIT_TYPES.BLOCKED,
[MESSAGE_TYPE.GET_PROVIDER_STATE]: RATE_LIMIT_TYPES.BLOCKED,
};
/**
* For events with user interaction (approve / reject | cancel) this map will
* return an object with APPROVED, REJECTED, REQUESTED, and FAILED keys that map to the
* appropriate event names.
*/
const EVENT_NAME_MAP = {
[MESSAGE_TYPE.ETH_SIGN]: {
APPROVED: MetaMetricsEventName.SignatureApproved,
FAILED: MetaMetricsEventName.SignatureFailed,
REJECTED: MetaMetricsEventName.SignatureRejected,
REQUESTED: MetaMetricsEventName.SignatureRequested,
},
[MESSAGE_TYPE.ETH_SIGN_TYPED_DATA]: {
APPROVED: MetaMetricsEventName.SignatureApproved,
REJECTED: MetaMetricsEventName.SignatureRejected,
REQUESTED: MetaMetricsEventName.SignatureRequested,
},
[MESSAGE_TYPE.ETH_SIGN_TYPED_DATA_V3]: {
APPROVED: MetaMetricsEventName.SignatureApproved,
REJECTED: MetaMetricsEventName.SignatureRejected,
REQUESTED: MetaMetricsEventName.SignatureRequested,
},
[MESSAGE_TYPE.ETH_SIGN_TYPED_DATA_V4]: {
APPROVED: MetaMetricsEventName.SignatureApproved,
REJECTED: MetaMetricsEventName.SignatureRejected,
REQUESTED: MetaMetricsEventName.SignatureRequested,
},
[MESSAGE_TYPE.PERSONAL_SIGN]: {
APPROVED: MetaMetricsEventName.SignatureApproved,
REJECTED: MetaMetricsEventName.SignatureRejected,
REQUESTED: MetaMetricsEventName.SignatureRequested,
},
[MESSAGE_TYPE.ETH_DECRYPT]: {
APPROVED: MetaMetricsEventName.DecryptionApproved,
REJECTED: MetaMetricsEventName.DecryptionRejected,
REQUESTED: MetaMetricsEventName.DecryptionRequested,
},
[MESSAGE_TYPE.ETH_GET_ENCRYPTION_PUBLIC_KEY]: {
APPROVED: MetaMetricsEventName.EncryptionPublicKeyApproved,
REJECTED: MetaMetricsEventName.EncryptionPublicKeyRejected,
REQUESTED: MetaMetricsEventName.EncryptionPublicKeyRequested,
},
[MESSAGE_TYPE.ETH_REQUEST_ACCOUNTS]: {
APPROVED: MetaMetricsEventName.PermissionsApproved,
REJECTED: MetaMetricsEventName.PermissionsRejected,
REQUESTED: MetaMetricsEventName.PermissionsRequested,
},
[MESSAGE_TYPE.WALLET_REQUEST_PERMISSIONS]: {
APPROVED: MetaMetricsEventName.PermissionsApproved,
REJECTED: MetaMetricsEventName.PermissionsRejected,
REQUESTED: MetaMetricsEventName.PermissionsRequested,
},
};
const rateLimitTimeouts = {};
/**
* Returns a middleware that tracks inpage_provider usage using sampling for
* each type of event except those that require user interaction, such as
* signature requests
*
* @param {object} opts - options for the rpc method tracking middleware
* @param {Function} opts.trackEvent - trackEvent method from
* MetaMetricsController
* @param {Function} opts.getMetricsState - get the state of
* MetaMetricsController
* @param {number} [opts.rateLimitSeconds] - number of seconds to wait before
* allowing another set of events to be tracked.
* @param opts.securityProviderRequest
* @returns {Function}
*/
export default function createRPCMethodTrackingMiddleware({
trackEvent,
getMetricsState,
rateLimitSeconds = 60 * 5,
securityProviderRequest,
}) {
return async function rpcMethodTrackingMiddleware(
/** @type {any} */ req,
/** @type {any} */ res,
/** @type {Function} */ next,
) {
const { origin, method } = req;
// Determine what type of rate limit to apply based on method
const rateLimitType =
RATE_LIMIT_MAP[method] ?? RATE_LIMIT_TYPES.RATE_LIMITED;
// If the rateLimitType is RATE_LIMITED check the rateLimitTimeouts
const rateLimited =
rateLimitType === RATE_LIMIT_TYPES.RATE_LIMITED &&
typeof rateLimitTimeouts[method] !== 'undefined';
// Get the participateInMetaMetrics state to determine if we should track
// anything. This is extra redundancy because this value is checked in
// the metametrics controller's trackEvent method as well.
const userParticipatingInMetaMetrics =
getMetricsState().participateInMetaMetrics === true;
// Get the event type, each of which has APPROVED, REJECTED and REQUESTED
// keys for the various events in the flow.
const eventType = EVENT_NAME_MAP[method];
const eventProperties = {};
// Boolean variable that reduces code duplication and increases legibility
const shouldTrackEvent =
// Don't track if the request came from our own UI or background
origin !== ORIGIN_METAMASK &&
// Don't track if this is a blocked method
rateLimitType !== RATE_LIMIT_TYPES.BLOCKED &&
// Don't track if the rate limit has been hit
rateLimited === false &&
// Don't track if the user isn't participating in metametrics
userParticipatingInMetaMetrics === true;
if (shouldTrackEvent) {
// We track an initial "requested" event as soon as the dapp calls the
// provider method. For the events not special cased this is the only
// event that will be fired and the event name will be
// 'Provider Method Called'.
const event = eventType
? eventType.REQUESTED
: MetaMetricsEventName.ProviderMethodCalled;
if (event === MetaMetricsEventName.SignatureRequested) {
eventProperties.signature_type = method;
const data = req?.params?.[0];
const from = req?.params?.[1];
const paramsExamplePassword = req?.params?.[2];
const msgData = {
msgParams: {
...paramsExamplePassword,
from,
data,
origin,
},
status: TransactionStatus.unapproved,
type: req.method,
};
try {
const securityProviderResponse = await securityProviderRequest(
msgData,
req.method,
);
if (securityProviderResponse?.flagAsDangerous === 1) {
eventProperties.ui_customizations = [
MetaMetricsEventUiCustomization.FlaggedAsMalicious,
];
} else if (securityProviderResponse?.flagAsDangerous === 2) {
eventProperties.ui_customizations = [
MetaMetricsEventUiCustomization.FlaggedAsSafetyUnknown,
];
}
if (method === MESSAGE_TYPE.PERSONAL_SIGN) {
const { isSIWEMessage } = detectSIWE({ data });
if (isSIWEMessage) {
eventProperties.ui_customizations = (
eventProperties.ui_customizations || []
).concat(MetaMetricsEventUiCustomization.Siwe);
}
}
} catch (e) {
console.warn(
`createRPCMethodTrackingMiddleware: Error calling securityProviderRequest - ${e}`,
);
}
} else {
eventProperties.method = method;
}
trackEvent({
event,
category: MetaMetricsEventCategory.InpageProvider,
referrer: {
url: origin,
},
properties: eventProperties,
});
rateLimitTimeouts[method] = setTimeout(() => {
delete rateLimitTimeouts[method];
}, SECOND * rateLimitSeconds);
}
next(async (callback) => {
if (shouldTrackEvent === false || typeof eventType === 'undefined') {
return callback();
}
// The rpc error methodNotFound implies that 'eth_sign' is disabled in Advanced Settings
const isDisabledEthSignAdvancedSetting =
method === MESSAGE_TYPE.ETH_SIGN &&
res.error?.code === errorCodes.rpc.methodNotFound;
const isDisabledRPCMethod = isDisabledEthSignAdvancedSetting;
let event;
if (isDisabledRPCMethod) {
event = eventType.FAILED;
eventProperties.error = res.error;
} else if (res.error?.code === errorCodes.provider.userRejectedRequest) {
event = eventType.REJECTED;
} else {
event = eventType.APPROVED;
}
trackEvent({
event,
category: MetaMetricsEventCategory.InpageProvider,
referrer: {
url: origin,
},
properties: eventProperties,
});
return callback();
});
};
}
View Git Blame Copy Permalink