Jl/caip25 permission migration/move request grant hooks into mmc #29213
+1,388
−1,145
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…on. Use in wallet_requestPermissions and eth_requestAccounts. Remove updateCaveat and support of unexpected permissions in wallet_requestPermissions
…ermission requestPermittedChainsPermissionIncremental to MMC. Use downstream.
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
7 tasks
Builds ready [036a418]
Page Load Metrics (1518 ± 27 ms)
Bundle size diffs [🚨 Warning! Bundle size has increased!]
|
adonesky1
reviewed
Dec 16, 2024
Comment on lines
176
to
177
| * @param hooks.requestPermittedChainsPermissionForOrigin | ||
| * @param hooks.requestPermittedChainsPermissionIncrementalForOrigin |
There was a problem hiding this comment.
Should we add a jsdoc descriptor for these hooks?
adonesky1
reviewed
Dec 16, 2024
app/scripts/metamask-controller.js
Outdated
Comment on lines
5408
to
5412
| async requestPermittedChainsPermissionIncremental( | ||
| origin, | ||
| chainId, | ||
| autoApprove, | ||
| ) { |
There was a problem hiding this comment.
nit - I find it easier to understand these functions inline when the args are passed in as object rather than by position - like in this case where this is used in ethereum-chain-utils you can see that the isAddFlow boolean is used for the autoApprove arg without having toggle between the declaration to understand ... I suppose the docs also help with this. Anyways I know we do it both ways throughout the codebase. Just putting in for my preference 😅
adonesky1
reviewed
Dec 16, 2024
app/scripts/metamask-controller.js
Outdated
| * | ||
| * @param {string} origin - The origin to request approval for. | ||
| * @param {Hex} chainId - The chainId to add incrementally. | ||
| * @param {boolean} autoApprove - If the chain should be granted without prompting for user approval. |
There was a problem hiding this comment.
Should we include an explanation of why we might want to auto approve in some cases: i.e. currently chainPermissions may be granted as part of a wallet_addEthereumChain request in which the permissions and addition of the network are combined into one confirmation
…migration/move-request-grant-hooks-into-mmc
…ionIncremental to object param
Builds ready [c70f7b7]
Page Load Metrics (1507 ± 29 ms)
Bundle size diffs [🚨 Warning! Bundle size has increased!]
|
adonesky1
reviewed
Dec 16, 2024
| expect(mocks.requestPermissionApprovalForOrigin).toHaveBeenCalled(); | ||
| expect( | ||
| mocks.requestPermittedChainsPermissionIncrementalForOrigin, | ||
| ).toHaveBeenCalled(); | ||
| expect(mocks.setActiveNetwork).not.toHaveBeenCalled(); | ||
| expect(end).toHaveBeenCalledWith(); | ||
| }); | ||
| }); | ||
|
|
||
| describe('with an existing CAIP-25 permission granted from the multichain flow (isMultichainOrigin: true) and the chainId is not already permissioned', () => { |
There was a problem hiding this comment.
🤔 is it weird that we have tests for the multichain API in here already?
There was a problem hiding this comment.
yeah. To fix this we could just drop/move all of the isMultichainOrigin checks
adonesky1
reviewed
Dec 16, 2024
Comment on lines
-190
to
-277
| it('sets the approved chainIds on an empty CAIP-25 caveat with isMultichainOrigin: false if origin is not snapId', async () => { | ||
| const { handler } = createMockedHandler(); | ||
|
|
||
| await handler(baseRequest); | ||
| expect(MockMultichain.setPermittedEthChainIds).toHaveBeenCalledWith( | ||
| { | ||
| requiredScopes: {}, | ||
| optionalScopes: {}, | ||
| isMultichainOrigin: false, | ||
| }, | ||
| ['0x1', '0x5'], | ||
| ); | ||
| }); | ||
|
|
||
| it('sets the approved accounts on the CAIP-25 caveat after the approved chainIds if origin is not snapId', async () => { | ||
| const { handler } = createMockedHandler(); | ||
|
|
||
| MockMultichain.setPermittedEthChainIds.mockReturnValue({ | ||
| requiredScopes: {}, | ||
| optionalScopes: {}, | ||
| sessionProperties: { caveatValueWithEthChainIdsSet: true }, | ||
| isMultichainOrigin: false, | ||
| }); | ||
|
|
||
| await handler(baseRequest); | ||
| expect(MockMultichain.setEthAccounts).toHaveBeenCalledWith( | ||
| { | ||
| requiredScopes: {}, | ||
| optionalScopes: {}, | ||
| sessionProperties: { caveatValueWithEthChainIdsSet: true }, | ||
| isMultichainOrigin: false, | ||
| }, | ||
| ['0xdeadbeef'], | ||
| ); | ||
| }); | ||
|
|
||
| it('does not set the approved chainIds on an empty CAIP-25 caveat if origin is snapId', async () => { | ||
| const { handler } = createMockedHandler(); | ||
|
|
||
| await handler({ ...baseRequest, origin: 'npm:snap' }); | ||
| expect(MockMultichain.setPermittedEthChainIds).not.toHaveBeenCalled(); | ||
| }); | ||
|
|
||
| it('sets the approved accounts for the `wallet:eip155` scope with isMultichainOrigin: false if origin is snapId', async () => { | ||
| const { handler } = createMockedHandler(); | ||
|
|
||
| await handler({ ...baseRequest, origin: 'npm:snap' }); | ||
| expect(MockMultichain.setEthAccounts).toHaveBeenCalledWith( | ||
| { | ||
| requiredScopes: {}, | ||
| optionalScopes: { | ||
| 'wallet:eip155': { | ||
| accounts: [], | ||
| }, | ||
| }, | ||
| isMultichainOrigin: false, | ||
| }, | ||
| ['0xdeadbeef'], | ||
| ); | ||
| }); | ||
|
|
||
| it('grants a CAIP-25 permission', async () => { | ||
| const { handler, grantPermissions } = createMockedHandler(); | ||
|
|
||
| MockMultichain.setEthAccounts.mockReturnValue({ | ||
| requiredScopes: {}, | ||
| optionalScopes: {}, | ||
| sessionProperties: { caveatValueWithEthAccountsSet: true }, | ||
| isMultichainOrigin: false, | ||
| }); | ||
|
|
||
| await handler(baseRequest); | ||
| expect(grantPermissions).toHaveBeenCalledWith({ | ||
| [Caip25EndowmentPermissionName]: { | ||
| caveats: [ | ||
| { | ||
| type: Caip25CaveatType, | ||
| value: { | ||
| requiredScopes: {}, | ||
| optionalScopes: {}, | ||
| sessionProperties: { caveatValueWithEthAccountsSet: true }, | ||
| isMultichainOrigin: false, | ||
| }, | ||
| }, | ||
| ], | ||
| }, | ||
| }); | ||
| }); |
There was a problem hiding this comment.
Forgive me if its obvious but why aren't these tests relevant anymore? I see they would need to be adjusted but aren't they still test cases?
There was a problem hiding this comment.
they've been moved/adjusted into MetaMaskController
Screen.Recording.2024-12-16.at.3.21.33.PM.mov |
adonesky1
reviewed
Dec 16, 2024
adonesky1
reviewed
Dec 16, 2024
app/scripts/lib/rpc-method-middleware/handlers/wallet-requestPermissions.ts
Outdated
Show resolved
Hide resolved
adonesky1
reviewed
Dec 16, 2024
app/scripts/lib/rpc-method-middleware/handlers/wallet-requestPermissions.ts
Outdated
Show resolved
Hide resolved
adonesky1
reviewed
Dec 16, 2024
app/scripts/lib/rpc-method-middleware/handlers/wallet-requestPermissions.ts
Outdated
Show resolved
Hide resolved
adonesky1
reviewed
Dec 16, 2024
app/scripts/lib/rpc-method-middleware/handlers/wallet-requestPermissions.ts
Outdated
Show resolved
Hide resolved
…ermissions.ts Co-authored-by: Alex Donesky <[email protected]>
…ermissions.ts Co-authored-by: Alex Donesky <[email protected]>
…ermissions.ts Co-authored-by: Alex Donesky <[email protected]>
…ermissions.ts Co-authored-by: Alex Donesky <[email protected]>
ticketed here https://github.com/MetaMask/MetaMask-planning/issues/3814 |
adonesky1
reviewed
Dec 16, 2024
| 'addAndShowApprovalRequest', | ||
| ) | ||
| .mockResolvedValue({ | ||
| approvedChainIds: ['0x1', '0x5'], |
There was a problem hiding this comment.
Suggested change
| approvedChainIds: ['0x1', '0x5'], | |
| approvedChainIds: ['0x1', '0x5'], |
presumably this isn't currently possible?
There was a problem hiding this comment.
yeah, the UI should not showing an Approval veiw that can return approvedChainIds, but I also explicitly filter out / ignore them in code. Is it worth leaving this in to be doubly sure or do you think it just causes confusion?
adonesky1
reviewed
Dec 16, 2024
adonesky1
reviewed
Dec 16, 2024
adonesky1
reviewed
Dec 16, 2024
adonesky1
reviewed
Dec 16, 2024
| ); | ||
| }); | ||
|
|
||
| it('gets the CAIP-25 caveat', async () => { |
There was a problem hiding this comment.
🤔 not sure I follow
oh I see. Hmmm, one of those cases where I see you're trying to avoid overly specific implementation detail language but kindof confuses without looking closer
|
❌ API Spec Test Failed. View the report here. |
Co-authored-by: Alex Donesky <[email protected]>
Co-authored-by: Alex Donesky <[email protected]>
Co-authored-by: Alex Donesky <[email protected]>
…migration/move-request-grant-hooks-into-mmc
…ove-request-grant-hooks-into-mmc' into jl/caip25-permission-migration/move-request-grant-hooks-into-mmc
…migration/move-request-grant-hooks-into-mmc
…migration/move-request-grant-hooks-into-mmc
…ove-request-grant-hooks-into-mmc' into jl/caip25-permission-migration/move-request-grant-hooks-into-mmc
jiexi
force-pushed
the
jl/caip25-permission-migration/move-request-grant-hooks-into-mmc
branch
from
a65eec9 to
9ac2b92
Compare
|
@metamaskbot update-policies |
|
No policy changes |
Builds ready [e3a903b]
Page Load Metrics (1572 ± 63 ms)
Bundle size diffs [🚨 Warning! Bundle size has increased!]
|
jiexi
deleted the
jl/caip25-permission-migration/move-request-grant-hooks-into-mmc
branch
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
requestPermittedChainsPermission,requestPermittedChainsPermissionIncremental, andrequestCaip25Permissionmethods toMetamaskControllerwallet_requestPermissions,eth_requestAccounts,wallet_switchEthereumChain,wallet_addEthereumChainwallet_requestPermissionsupdate caveat flowwallet_requestPermissionsno longer support anything buteth_requestAccountsandendowment:permittedChainsRelated issues
See: #27847 (comment)
Manual testing steps
Only user facing change is that
wallet_requestPermissionsshould correctly replace instead update existing permissions againScreenshots/Recordings
Before
After
Pre-merge author checklist
Pre-merge reviewer checklist