@metamask-previews/chain-agnostic-permission 0.1.0-preview-b69c669

package/dist/caip25Permission.mjs

@@ -0,0 +1,280 @@
+import { CaveatMutatorOperation, PermissionType } from "@metamask/permission-controller";
+import { hasProperty, KnownCaipNamespace, parseCaipAccountId } from "@metamask/utils";
+import $lodash from "lodash";
+const { cloneDeep, isEqual } = $lodash;
+import { assertIsInternalScopesObject } from "./scope/assert.mjs";
+import { isSupportedAccount, isSupportedScopeString } from "./scope/supported.mjs";
+import { mergeInternalScopes } from "./scope/transform.mjs";
+import { parseScopeString } from "./scope/types.mjs";
+/**
+ * The name of the CAIP-25 permission caveat.
+ */
+export const Caip25CaveatType = 'authorizedScopes';
+/**
+ * The target name of the CAIP-25 endowment permission.
+ */
+export const Caip25EndowmentPermissionName = 'endowment:caip25';
+/**
+ * Creates a CAIP-25 permission caveat.
+ *
+ * @param value - The CAIP-25 permission caveat value.
+ * @returns The CAIP-25 permission caveat (now including the type).
+ */
+export const createCaip25Caveat = (value) => {
+    return {
+        type: Caip25CaveatType,
+        value,
+    };
+};
+/**
+ * Calculates the difference between two provided CAIP-25 permission caveat values, but only considering a single scope property at a time.
+ *
+ * @param originalValue - The existing CAIP-25 permission caveat value.
+ * @param mergedValue - The result from merging existing and incoming CAIP-25 permission caveat values.
+ * @param scopeToDiff - The required or optional scopes from the [CAIP-25](https://github.com/ChainAgnostic/CAIPs/blob/main/CAIPs/caip-25.md) request.
+ * @returns The difference between original and merged CAIP-25 permission caveat values.
+ */
+export function diffScopesForCaip25CaveatValue(originalValue, mergedValue, scopeToDiff) {
+    const diff = cloneDeep(originalValue);
+    const mergedScopeToDiff = mergedValue[scopeToDiff];
+    for (const [scopeString, mergedScopeObject] of Object.entries(mergedScopeToDiff)) {
+        const internalScopeString = scopeString;
+        const originalScopeObject = diff[scopeToDiff][internalScopeString];
+        if (originalScopeObject) {
+            const newAccounts = mergedScopeObject.accounts.filter((account) => !originalScopeObject?.accounts.includes(account));
+            if (newAccounts.length > 0) {
+                diff[scopeToDiff][internalScopeString] = {
+                    accounts: newAccounts,
+                };
+                continue;
+            }
+            delete diff[scopeToDiff][internalScopeString];
+        }
+        else {
+            diff[scopeToDiff][internalScopeString] = mergedScopeObject;
+        }
+    }
+    return diff;
+}
+/**
+ * Checks if every account in the given scopes object is supported.
+ *
+ * @param scopesObject - The scopes object to iterate over.
+ * @param listAccounts - The hook for getting internalAccount objects for all evm accounts.
+ * @param getNonEvmAccountAddresses - The hook that returns the supported CAIP-10 account addresses for a non EVM scope.
+ * addresses.
+ * @returns True if every account in the scopes object is supported, false otherwise.
+ */
+function isEveryAccountInScopesObjectSupported(scopesObject, listAccounts, getNonEvmAccountAddresses) {
+    return Object.values(scopesObject).every((scopeObject) => scopeObject.accounts.every((account) => isSupportedAccount(account, {
+        getEvmInternalAccounts: listAccounts,
+        getNonEvmAccountAddresses,
+    })));
+}
+/**
+ * Helper that returns a `authorizedScopes` CAIP-25 caveat specification
+ * that can be passed into the PermissionController constructor.
+ *
+ * @param options - The specification builder options.
+ * @param options.findNetworkClientIdByChainId - The hook for getting the networkClientId that serves a chainId.
+ * @param options.listAccounts - The hook for getting internalAccount objects for all evm accounts.
+ * @param options.isNonEvmScopeSupported - The hook that determines if an non EVM scopeString is supported.
+ * @param options.getNonEvmAccountAddresses - The hook that returns the supported CAIP-10 account addresses for a non EVM scope.
+ * @returns The specification for the `caip25` caveat.
+ */
+export const caip25CaveatBuilder = ({ findNetworkClientIdByChainId, listAccounts, isNonEvmScopeSupported, getNonEvmAccountAddresses, }) => {
+    return {
+        type: Caip25CaveatType,
+        validator: (caveat, _origin, _target) => {
+            if (!caveat.value ||
+                !hasProperty(caveat.value, 'requiredScopes') ||
+                !hasProperty(caveat.value, 'optionalScopes') ||
+                !hasProperty(caveat.value, 'isMultichainOrigin') ||
+                typeof caveat.value.isMultichainOrigin !== 'boolean') {
+                throw new Error(`${Caip25EndowmentPermissionName} error: Received invalid value for caveat of type "${Caip25CaveatType}".`);
+            }
+            const { requiredScopes, optionalScopes } = caveat.value;
+            assertIsInternalScopesObject(requiredScopes);
+            assertIsInternalScopesObject(optionalScopes);
+            const isEvmChainIdSupported = (chainId) => {
+                try {
+                    findNetworkClientIdByChainId(chainId);
+                    return true;
+                }
+                catch {
+                    return false;
+                }
+            };
+            const allRequiredScopesSupported = Object.keys(requiredScopes).every((scopeString) => isSupportedScopeString(scopeString, {
+                isEvmChainIdSupported,
+                isNonEvmScopeSupported,
+            }));
+            const allOptionalScopesSupported = Object.keys(optionalScopes).every((scopeString) => isSupportedScopeString(scopeString, {
+                isEvmChainIdSupported,
+                isNonEvmScopeSupported,
+            }));
+            if (!allRequiredScopesSupported || !allOptionalScopesSupported) {
+                throw new Error(`${Caip25EndowmentPermissionName} error: Received scopeString value(s) for caveat of type "${Caip25CaveatType}" that are not supported by the wallet.`);
+            }
+            const allRequiredAccountsSupported = isEveryAccountInScopesObjectSupported(requiredScopes, listAccounts, getNonEvmAccountAddresses);
+            const allOptionalAccountsSupported = isEveryAccountInScopesObjectSupported(optionalScopes, listAccounts, getNonEvmAccountAddresses);
+            if (!allRequiredAccountsSupported || !allOptionalAccountsSupported) {
+                throw new Error(`${Caip25EndowmentPermissionName} error: Received account value(s) for caveat of type "${Caip25CaveatType}" that are not supported by the wallet.`);
+            }
+        },
+        merger: (leftValue, rightValue) => {
+            const mergedRequiredScopes = mergeInternalScopes(leftValue.requiredScopes, rightValue.requiredScopes);
+            const mergedOptionalScopes = mergeInternalScopes(leftValue.optionalScopes, rightValue.optionalScopes);
+            const mergedValue = {
+                requiredScopes: mergedRequiredScopes,
+                optionalScopes: mergedOptionalScopes,
+                isMultichainOrigin: leftValue.isMultichainOrigin,
+            };
+            const partialDiff = diffScopesForCaip25CaveatValue(leftValue, mergedValue, 'requiredScopes');
+            const diff = diffScopesForCaip25CaveatValue(partialDiff, mergedValue, 'optionalScopes');
+            return [mergedValue, diff];
+        },
+    };
+};
+/**
+ * Helper that returns a `endowment:caip25` specification that
+ * can be passed into the PermissionController constructor.
+ *
+ * @returns The specification for the `caip25` endowment.
+ */
+const specificationBuilder = () => {
+    return {
+        permissionType: PermissionType.Endowment,
+        targetName: Caip25EndowmentPermissionName,
+        allowedCaveats: [Caip25CaveatType],
+        endowmentGetter: (_getterOptions) => null,
+        validator: (permission) => {
+            if (permission.caveats?.length !== 1 ||
+                permission.caveats?.[0]?.type !== Caip25CaveatType) {
+                throw new Error(`${Caip25EndowmentPermissionName} error: Invalid caveats. There must be a single caveat of type "${Caip25CaveatType}".`);
+            }
+        },
+    };
+};
+/**
+ * The `caip25` endowment specification builder. Passed to the
+ * `PermissionController` for constructing and validating the
+ * `endowment:caip25` permission.
+ */
+export const caip25EndowmentBuilder = Object.freeze({
+    targetName: Caip25EndowmentPermissionName,
+    specificationBuilder,
+});
+/**
+ * Factories that construct caveat mutator functions that are passed to
+ * PermissionController.updatePermissionsByCaveat.
+ */
+export const Caip25CaveatMutators = {
+    [Caip25CaveatType]: {
+        removeScope,
+        removeAccount,
+    },
+};
+/**
+ * Removes the account from the scope object.
+ *
+ * @param targetAddress - The address to remove from the scope object.
+ * @returns A function that removes the account from the scope object.
+ */
+function removeAccountFilterFn(targetAddress) {
+    return (account) => {
+        const parsed = parseCaipAccountId(account);
+        return parsed.address !== targetAddress;
+    };
+}
+/**
+ * Removes the account from the scope object.
+ *
+ * @param scopeObject - The scope object to remove the account from.
+ * @param targetAddress - The address to remove from the scope object.
+ */
+function removeAccountFromScopeObject(scopeObject, targetAddress) {
+    if (scopeObject.accounts) {
+        scopeObject.accounts = scopeObject.accounts.filter(removeAccountFilterFn(targetAddress));
+    }
+}
+/**
+ * Removes the target account from the scope object.
+ *
+ * @param caip25CaveatValue - The CAIP-25 permission caveat value from which to remove the account (across all chain scopes).
+ * @param targetAddress - The address to remove from the scope object. Not a CAIP-10 formatted address because it will be removed across each chain scope.
+ * @returns The updated scope object.
+ */
+function removeAccount(caip25CaveatValue, targetAddress) {
+    const updatedCaveatValue = cloneDeep(caip25CaveatValue);
+    [
+        updatedCaveatValue.requiredScopes,
+        updatedCaveatValue.optionalScopes,
+    ].forEach((scopes) => {
+        Object.entries(scopes).forEach(([, scopeObject]) => {
+            removeAccountFromScopeObject(scopeObject, targetAddress);
+        });
+    });
+    const noChange = isEqual(updatedCaveatValue, caip25CaveatValue);
+    if (noChange) {
+        return {
+            operation: CaveatMutatorOperation.Noop,
+        };
+    }
+    const hasAccounts = [
+        ...Object.values(updatedCaveatValue.requiredScopes),
+        ...Object.values(updatedCaveatValue.optionalScopes),
+    ].some(({ accounts }) => accounts.length > 0);
+    if (hasAccounts) {
+        return {
+            operation: CaveatMutatorOperation.UpdateValue,
+            value: updatedCaveatValue,
+        };
+    }
+    return {
+        operation: CaveatMutatorOperation.RevokePermission,
+    };
+}
+/**
+ * Removes the target scope from the value arrays of the given
+ * `endowment:caip25` caveat. No-ops if the target scopeString is not in
+ * the existing scopes.
+ *
+ * @param caip25CaveatValue - The CAIP-25 permission caveat value to remove the scope from.
+ * @param targetScopeString - The scope that is being removed.
+ * @returns The updated CAIP-25 permission caveat value.
+ */
+function removeScope(caip25CaveatValue, targetScopeString) {
+    const newRequiredScopes = Object.entries(caip25CaveatValue.requiredScopes).filter(([scope]) => scope !== targetScopeString);
+    const newOptionalScopes = Object.entries(caip25CaveatValue.optionalScopes).filter(([scope]) => {
+        return scope !== targetScopeString;
+    });
+    const requiredScopesRemoved = newRequiredScopes.length !==
+        Object.keys(caip25CaveatValue.requiredScopes).length;
+    const optionalScopesRemoved = newOptionalScopes.length !==
+        Object.keys(caip25CaveatValue.optionalScopes).length;
+    if (!requiredScopesRemoved && !optionalScopesRemoved) {
+        return {
+            operation: CaveatMutatorOperation.Noop,
+        };
+    }
+    const updatedCaveatValue = {
+        ...caip25CaveatValue,
+        requiredScopes: Object.fromEntries(newRequiredScopes),
+        optionalScopes: Object.fromEntries(newOptionalScopes),
+    };
+    const hasNonWalletScopes = [...newRequiredScopes, ...newOptionalScopes].some(([scopeString]) => {
+        const { namespace } = parseScopeString(scopeString);
+        return namespace !== KnownCaipNamespace.Wallet;
+    });
+    if (hasNonWalletScopes) {
+        return {
+            operation: CaveatMutatorOperation.UpdateValue,
+            value: updatedCaveatValue,
+        };
+    }
+    return {
+        operation: CaveatMutatorOperation.RevokePermission,
+    };
+}
+//# sourceMappingURL=caip25Permission.mjs.map

package/dist/caip25Permission.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"caip25Permission.mjs","sourceRoot":"","sources":["../src/caip25Permission.ts"],"names":[],"mappings":"AASA,OAAO,EACL,sBAAsB,EACtB,cAAc,EACf,wCAAwC;AAEzC,OAAO,EACL,WAAW,EACX,kBAAkB,EAClB,kBAAkB,EAGnB,wBAAwB;;;AAGzB,OAAO,EAAE,4BAA4B,EAAE,2BAAuB;AAC9D,OAAO,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,8BAA0B;AAC/E,OAAO,EAAE,mBAAmB,EAAE,8BAA0B;AACxD,OAAO,EACL,gBAAgB,EAIjB,0BAAsB;AAcvB;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,kBAAkB,CAAC;AAEnD;;GAEG;AACH,MAAM,CAAC,MAAM,6BAA6B,GAAG,kBAAkB,CAAC;AAEhE;;;;;GAKG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,KAAwB,EAAE,EAAE;IAC7D,OAAO;QACL,IAAI,EAAE,gBAAgB;QACtB,KAAK;KACN,CAAC;AACJ,CAAC,CAAC;AASF;;;;;;;GAOG;AACH,MAAM,UAAU,8BAA8B,CAC5C,aAAgC,EAChC,WAA8B,EAC9B,WAAgD;IAEhD,MAAM,IAAI,GAAG,SAAS,CAAC,aAAa,CAAC,CAAC;IAEtC,MAAM,iBAAiB,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;IACnD,KAAK,MAAM,CAAC,WAAW,EAAE,iBAAiB,CAAC,IAAI,MAAM,CAAC,OAAO,CAC3D,iBAAiB,CAClB,EAAE;QACD,MAAM,mBAAmB,GAAG,WAA6C,CAAC;QAC1E,MAAM,mBAAmB,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,mBAAmB,CAAC,CAAC;QAEnE,IAAI,mBAAmB,EAAE;YACvB,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,CAAC,MAAM,CACnD,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,mBAAmB,EAAE,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAC9D,CAAC;YACF,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;gBAC1B,IAAI,CAAC,WAAW,CAAC,CAAC,mBAAmB,CAAC,GAAG;oBACvC,QAAQ,EAAE,WAAW;iBACtB,CAAC;gBACF,SAAS;aACV;YACD,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,mBAAmB,CAAC,CAAC;SAC/C;aAAM;YACL,IAAI,CAAC,WAAW,CAAC,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC;SAC5D;KACF;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,qCAAqC,CAC5C,YAAkC,EAClC,YAAoD,EACpD,yBAA2D;IAE3D,OAAO,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,EAAE,CACvD,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,EAAE,CACrC,kBAAkB,CAAC,OAAO,EAAE;QAC1B,sBAAsB,EAAE,YAAY;QACpC,yBAAyB;KAC1B,CAAC,CACH,CACF,CAAC;AACJ,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,EAClC,4BAA4B,EAC5B,YAAY,EACZ,sBAAsB,EACtB,yBAAyB,GACwB,EAG/C,EAAE;IACJ,OAAO;QACL,IAAI,EAAE,gBAAgB;QACtB,SAAS,EAAE,CACT,MAAyD,EACzD,OAAgB,EAChB,OAAgB,EAChB,EAAE;YACF,IACE,CAAC,MAAM,CAAC,KAAK;gBACb,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,gBAAgB,CAAC;gBAC5C,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,gBAAgB,CAAC;gBAC5C,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,oBAAoB,CAAC;gBAChD,OAAO,MAAM,CAAC,KAAK,CAAC,kBAAkB,KAAK,SAAS,EACpD;gBACA,MAAM,IAAI,KAAK,CACb,GAAG,6BAA6B,sDAAsD,gBAAgB,IAAI,CAC3G,CAAC;aACH;YAED,MAAM,EAAE,cAAc,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC,KAAK,CAAC;YAExD,4BAA4B,CAAC,cAAc,CAAC,CAAC;YAC7C,4BAA4B,CAAC,cAAc,CAAC,CAAC;YAE7C,MAAM,qBAAqB,GAAG,CAAC,OAAY,EAAE,EAAE;gBAC7C,IAAI;oBACF,4BAA4B,CAAC,OAAO,CAAC,CAAC;oBACtC,OAAO,IAAI,CAAC;iBACb;gBAAC,MAAM;oBACN,OAAO,KAAK,CAAC;iBACd;YACH,CAAC,CAAC;YAEF,MAAM,0BAA0B,GAAG,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,KAAK,CAClE,CAAC,WAAW,EAAE,EAAE,CACd,sBAAsB,CAAC,WAAW,EAAE;gBAClC,qBAAqB;gBACrB,sBAAsB;aACvB,CAAC,CACL,CAAC;YACF,MAAM,0BAA0B,GAAG,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,KAAK,CAClE,CAAC,WAAW,EAAE,EAAE,CACd,sBAAsB,CAAC,WAAW,EAAE;gBAClC,qBAAqB;gBACrB,sBAAsB;aACvB,CAAC,CACL,CAAC;YACF,IAAI,CAAC,0BAA0B,IAAI,CAAC,0BAA0B,EAAE;gBAC9D,MAAM,IAAI,KAAK,CACb,GAAG,6BAA6B,6DAA6D,gBAAgB,yCAAyC,CACvJ,CAAC;aACH;YAED,MAAM,4BAA4B,GAChC,qCAAqC,CACnC,cAAc,EACd,YAAY,EACZ,yBAAyB,CAC1B,CAAC;YACJ,MAAM,4BAA4B,GAChC,qCAAqC,CACnC,cAAc,EACd,YAAY,EACZ,yBAAyB,CAC1B,CAAC;YACJ,IAAI,CAAC,4BAA4B,IAAI,CAAC,4BAA4B,EAAE;gBAClE,MAAM,IAAI,KAAK,CACb,GAAG,6BAA6B,yDAAyD,gBAAgB,yCAAyC,CACnJ,CAAC;aACH;QACH,CAAC;QACD,MAAM,EAAE,CACN,SAA4B,EAC5B,UAA6B,EACW,EAAE;YAC1C,MAAM,oBAAoB,GAAG,mBAAmB,CAC9C,SAAS,CAAC,cAAc,EACxB,UAAU,CAAC,cAAc,CAC1B,CAAC;YACF,MAAM,oBAAoB,GAAG,mBAAmB,CAC9C,SAAS,CAAC,cAAc,EACxB,UAAU,CAAC,cAAc,CAC1B,CAAC;YAEF,MAAM,WAAW,GAAsB;gBACrC,cAAc,EAAE,oBAAoB;gBACpC,cAAc,EAAE,oBAAoB;gBACpC,kBAAkB,EAAE,SAAS,CAAC,kBAAkB;aACjD,CAAC;YAEF,MAAM,WAAW,GAAG,8BAA8B,CAChD,SAAS,EACT,WAAW,EACX,gBAAgB,CACjB,CAAC;YAEF,MAAM,IAAI,GAAG,8BAA8B,CACzC,WAAW,EACX,WAAW,EACX,gBAAgB,CACjB,CAAC;YAEF,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QAC7B,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAUF;;;;;GAKG;AACH,MAAM,oBAAoB,GAItB,GAAG,EAAE;IACP,OAAO;QACL,cAAc,EAAE,cAAc,CAAC,SAAS;QACxC,UAAU,EAAE,6BAA6B;QACzC,cAAc,EAAE,CAAC,gBAAgB,CAAC;QAClC,eAAe,EAAE,CAAC,cAAsC,EAAE,EAAE,CAAC,IAAI;QACjE,SAAS,EAAE,CAAC,UAAgC,EAAE,EAAE;YAC9C,IACE,UAAU,CAAC,OAAO,EAAE,MAAM,KAAK,CAAC;gBAChC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,KAAK,gBAAgB,EAClD;gBACA,MAAM,IAAI,KAAK,CACb,GAAG,6BAA6B,mEAAmE,gBAAgB,IAAI,CACxH,CAAC;aACH;QACH,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,MAAM,CAAC,MAAM,CAAC;IAClD,UAAU,EAAE,6BAA6B;IACzC,oBAAoB;CACZ,CAAC,CAAC;AAEZ;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,CAAC,gBAAgB,CAAC,EAAE;QAClB,WAAW;QACX,aAAa;KACd;CACF,CAAC;AAEF;;;;;GAKG;AACH,SAAS,qBAAqB,CAAC,aAAqB;IAClD,OAAO,CAAC,OAAsB,EAAE,EAAE;QAChC,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAC3C,OAAO,MAAM,CAAC,OAAO,KAAK,aAAa,CAAC;IAC1C,CAAC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAS,4BAA4B,CACnC,WAAgC,EAChC,aAAqB;IAErB,IAAI,WAAW,CAAC,QAAQ,EAAE;QACxB,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,MAAM,CAChD,qBAAqB,CAAC,aAAa,CAAC,CACrC,CAAC;KACH;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAS,aAAa,CACpB,iBAAoC,EACpC,aAAkB;IAElB,MAAM,kBAAkB,GAAG,SAAS,CAAC,iBAAiB,CAAC,CAAC;IAExD;QACE,kBAAkB,CAAC,cAAc;QACjC,kBAAkB,CAAC,cAAc;KAClC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACnB,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,EAAE,EAAE;YACjD,4BAA4B,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QAC3D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,OAAO,CAAC,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;IAEhE,IAAI,QAAQ,EAAE;QACZ,OAAO;YACL,SAAS,EAAE,sBAAsB,CAAC,IAAI;SACvC,CAAC;KACH;IAED,MAAM,WAAW,GAAG;QAClB,GAAG,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,cAAc,CAAC;QACnD,GAAG,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,cAAc,CAAC;KACpD,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAE9C,IAAI,WAAW,EAAE;QACf,OAAO;YACL,SAAS,EAAE,sBAAsB,CAAC,WAAW;YAC7C,KAAK,EAAE,kBAAkB;SAC1B,CAAC;KACH;IAED,OAAO;QACL,SAAS,EAAE,sBAAsB,CAAC,gBAAgB;KACnD,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,WAAW,CAClB,iBAAoC,EACpC,iBAAsC;IAEtC,MAAM,iBAAiB,GAAG,MAAM,CAAC,OAAO,CACtC,iBAAiB,CAAC,cAAc,CACjC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,KAAK,iBAAiB,CAAC,CAAC;IACnD,MAAM,iBAAiB,GAAG,MAAM,CAAC,OAAO,CACtC,iBAAiB,CAAC,cAAc,CACjC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,EAAE;QACnB,OAAO,KAAK,KAAK,iBAAiB,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,MAAM,qBAAqB,GACzB,iBAAiB,CAAC,MAAM;QACxB,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC;IACvD,MAAM,qBAAqB,GACzB,iBAAiB,CAAC,MAAM;QACxB,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC;IAEvD,IAAI,CAAC,qBAAqB,IAAI,CAAC,qBAAqB,EAAE;QACpD,OAAO;YACL,SAAS,EAAE,sBAAsB,CAAC,IAAI;SACvC,CAAC;KACH;IAED,MAAM,kBAAkB,GAAG;QACzB,GAAG,iBAAiB;QACpB,cAAc,EAAE,MAAM,CAAC,WAAW,CAAC,iBAAiB,CAAC;QACrD,cAAc,EAAE,MAAM,CAAC,WAAW,CAAC,iBAAiB,CAAC;KACtD,CAAC;IAEF,MAAM,kBAAkB,GAAG,CAAC,GAAG,iBAAiB,EAAE,GAAG,iBAAiB,CAAC,CAAC,IAAI,CAC1E,CAAC,CAAC,WAAW,CAAC,EAAE,EAAE;QAChB,MAAM,EAAE,SAAS,EAAE,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;QACpD,OAAO,SAAS,KAAK,kBAAkB,CAAC,MAAM,CAAC;IACjD,CAAC,CACF,CAAC;IAEF,IAAI,kBAAkB,EAAE;QACtB,OAAO;YACL,SAAS,EAAE,sBAAsB,CAAC,WAAW;YAC7C,KAAK,EAAE,kBAAkB;SAC1B,CAAC;KACH;IAED,OAAO;QACL,SAAS,EAAE,sBAAsB,CAAC,gBAAgB;KACnD,CAAC;AACJ,CAAC","sourcesContent":["import type { NetworkClientId } from '@metamask/network-controller';\nimport type {\n  PermissionSpecificationBuilder,\n  EndowmentGetterParams,\n  ValidPermissionSpecification,\n  PermissionValidatorConstraint,\n  PermissionConstraint,\n  EndowmentCaveatSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport {\n  CaveatMutatorOperation,\n  PermissionType,\n} from '@metamask/permission-controller';\nimport type { CaipAccountId, CaipChainId, Json } from '@metamask/utils';\nimport {\n  hasProperty,\n  KnownCaipNamespace,\n  parseCaipAccountId,\n  type Hex,\n  type NonEmptyArray,\n} from '@metamask/utils';\nimport { cloneDeep, isEqual } from 'lodash';\n\nimport { assertIsInternalScopesObject } from './scope/assert';\nimport { isSupportedAccount, isSupportedScopeString } from './scope/supported';\nimport { mergeInternalScopes } from './scope/transform';\nimport {\n  parseScopeString,\n  type ExternalScopeString,\n  type InternalScopeObject,\n  type InternalScopesObject,\n} from './scope/types';\n\n/**\n * The CAIP-25 permission caveat value.\n * This permission contains the required and optional scopes and session properties from the [CAIP-25](https://github.com/ChainAgnostic/CAIPs/blob/main/CAIPs/caip-25.md) request that initiated the permission session.\n * It also contains a boolean (isMultichainOrigin) indicating if the permission session is multichain, which may be needed to determine implicit permissioning.\n */\nexport type Caip25CaveatValue = {\n  requiredScopes: InternalScopesObject;\n  optionalScopes: InternalScopesObject;\n  sessionProperties?: Record<string, Json>;\n  isMultichainOrigin: boolean;\n};\n\n/**\n * The name of the CAIP-25 permission caveat.\n */\nexport const Caip25CaveatType = 'authorizedScopes';\n\n/**\n * The target name of the CAIP-25 endowment permission.\n */\nexport const Caip25EndowmentPermissionName = 'endowment:caip25';\n\n/**\n * Creates a CAIP-25 permission caveat.\n *\n * @param value - The CAIP-25 permission caveat value.\n * @returns The CAIP-25 permission caveat (now including the type).\n */\nexport const createCaip25Caveat = (value: Caip25CaveatValue) => {\n  return {\n    type: Caip25CaveatType,\n    value,\n  };\n};\n\ntype Caip25EndowmentCaveatSpecificationBuilderOptions = {\n  findNetworkClientIdByChainId: (chainId: Hex) => NetworkClientId;\n  listAccounts: () => { type: string; address: Hex }[];\n  isNonEvmScopeSupported: (scope: CaipChainId) => boolean;\n  getNonEvmAccountAddresses: (scope: CaipChainId) => string[];\n};\n\n/**\n * Calculates the difference between two provided CAIP-25 permission caveat values, but only considering a single scope property at a time.\n *\n * @param originalValue - The existing CAIP-25 permission caveat value.\n * @param mergedValue - The result from merging existing and incoming CAIP-25 permission caveat values.\n * @param scopeToDiff - The required or optional scopes from the [CAIP-25](https://github.com/ChainAgnostic/CAIPs/blob/main/CAIPs/caip-25.md) request.\n * @returns The difference between original and merged CAIP-25 permission caveat values.\n */\nexport function diffScopesForCaip25CaveatValue(\n  originalValue: Caip25CaveatValue,\n  mergedValue: Caip25CaveatValue,\n  scopeToDiff: 'optionalScopes' | 'requiredScopes',\n): Caip25CaveatValue {\n  const diff = cloneDeep(originalValue);\n\n  const mergedScopeToDiff = mergedValue[scopeToDiff];\n  for (const [scopeString, mergedScopeObject] of Object.entries(\n    mergedScopeToDiff,\n  )) {\n    const internalScopeString = scopeString as keyof typeof mergedScopeToDiff;\n    const originalScopeObject = diff[scopeToDiff][internalScopeString];\n\n    if (originalScopeObject) {\n      const newAccounts = mergedScopeObject.accounts.filter(\n        (account) => !originalScopeObject?.accounts.includes(account),\n      );\n      if (newAccounts.length > 0) {\n        diff[scopeToDiff][internalScopeString] = {\n          accounts: newAccounts,\n        };\n        continue;\n      }\n      delete diff[scopeToDiff][internalScopeString];\n    } else {\n      diff[scopeToDiff][internalScopeString] = mergedScopeObject;\n    }\n  }\n\n  return diff;\n}\n\n/**\n * Checks if every account in the given scopes object is supported.\n *\n * @param scopesObject - The scopes object to iterate over.\n * @param listAccounts - The hook for getting internalAccount objects for all evm accounts.\n * @param getNonEvmAccountAddresses - The hook that returns the supported CAIP-10 account addresses for a non EVM scope.\n * addresses.\n * @returns True if every account in the scopes object is supported, false otherwise.\n */\nfunction isEveryAccountInScopesObjectSupported(\n  scopesObject: InternalScopesObject,\n  listAccounts: () => { type: string; address: Hex }[],\n  getNonEvmAccountAddresses: (scope: CaipChainId) => string[],\n) {\n  return Object.values(scopesObject).every((scopeObject) =>\n    scopeObject.accounts.every((account) =>\n      isSupportedAccount(account, {\n        getEvmInternalAccounts: listAccounts,\n        getNonEvmAccountAddresses,\n      }),\n    ),\n  );\n}\n\n/**\n * Helper that returns a `authorizedScopes` CAIP-25 caveat specification\n * that can be passed into the PermissionController constructor.\n *\n * @param options - The specification builder options.\n * @param options.findNetworkClientIdByChainId - The hook for getting the networkClientId that serves a chainId.\n * @param options.listAccounts - The hook for getting internalAccount objects for all evm accounts.\n * @param options.isNonEvmScopeSupported - The hook that determines if an non EVM scopeString is supported.\n * @param options.getNonEvmAccountAddresses - The hook that returns the supported CAIP-10 account addresses for a non EVM scope.\n * @returns The specification for the `caip25` caveat.\n */\nexport const caip25CaveatBuilder = ({\n  findNetworkClientIdByChainId,\n  listAccounts,\n  isNonEvmScopeSupported,\n  getNonEvmAccountAddresses,\n}: Caip25EndowmentCaveatSpecificationBuilderOptions): EndowmentCaveatSpecificationConstraint &\n  Required<\n    Pick<EndowmentCaveatSpecificationConstraint, 'validator' | 'merger'>\n  > => {\n  return {\n    type: Caip25CaveatType,\n    validator: (\n      caveat: { type: typeof Caip25CaveatType; value: unknown },\n      _origin?: string,\n      _target?: string,\n    ) => {\n      if (\n        !caveat.value ||\n        !hasProperty(caveat.value, 'requiredScopes') ||\n        !hasProperty(caveat.value, 'optionalScopes') ||\n        !hasProperty(caveat.value, 'isMultichainOrigin') ||\n        typeof caveat.value.isMultichainOrigin !== 'boolean'\n      ) {\n        throw new Error(\n          `${Caip25EndowmentPermissionName} error: Received invalid value for caveat of type \"${Caip25CaveatType}\".`,\n        );\n      }\n\n      const { requiredScopes, optionalScopes } = caveat.value;\n\n      assertIsInternalScopesObject(requiredScopes);\n      assertIsInternalScopesObject(optionalScopes);\n\n      const isEvmChainIdSupported = (chainId: Hex) => {\n        try {\n          findNetworkClientIdByChainId(chainId);\n          return true;\n        } catch {\n          return false;\n        }\n      };\n\n      const allRequiredScopesSupported = Object.keys(requiredScopes).every(\n        (scopeString) =>\n          isSupportedScopeString(scopeString, {\n            isEvmChainIdSupported,\n            isNonEvmScopeSupported,\n          }),\n      );\n      const allOptionalScopesSupported = Object.keys(optionalScopes).every(\n        (scopeString) =>\n          isSupportedScopeString(scopeString, {\n            isEvmChainIdSupported,\n            isNonEvmScopeSupported,\n          }),\n      );\n      if (!allRequiredScopesSupported || !allOptionalScopesSupported) {\n        throw new Error(\n          `${Caip25EndowmentPermissionName} error: Received scopeString value(s) for caveat of type \"${Caip25CaveatType}\" that are not supported by the wallet.`,\n        );\n      }\n\n      const allRequiredAccountsSupported =\n        isEveryAccountInScopesObjectSupported(\n          requiredScopes,\n          listAccounts,\n          getNonEvmAccountAddresses,\n        );\n      const allOptionalAccountsSupported =\n        isEveryAccountInScopesObjectSupported(\n          optionalScopes,\n          listAccounts,\n          getNonEvmAccountAddresses,\n        );\n      if (!allRequiredAccountsSupported || !allOptionalAccountsSupported) {\n        throw new Error(\n          `${Caip25EndowmentPermissionName} error: Received account value(s) for caveat of type \"${Caip25CaveatType}\" that are not supported by the wallet.`,\n        );\n      }\n    },\n    merger: (\n      leftValue: Caip25CaveatValue,\n      rightValue: Caip25CaveatValue,\n    ): [Caip25CaveatValue, Caip25CaveatValue] => {\n      const mergedRequiredScopes = mergeInternalScopes(\n        leftValue.requiredScopes,\n        rightValue.requiredScopes,\n      );\n      const mergedOptionalScopes = mergeInternalScopes(\n        leftValue.optionalScopes,\n        rightValue.optionalScopes,\n      );\n\n      const mergedValue: Caip25CaveatValue = {\n        requiredScopes: mergedRequiredScopes,\n        optionalScopes: mergedOptionalScopes,\n        isMultichainOrigin: leftValue.isMultichainOrigin,\n      };\n\n      const partialDiff = diffScopesForCaip25CaveatValue(\n        leftValue,\n        mergedValue,\n        'requiredScopes',\n      );\n\n      const diff = diffScopesForCaip25CaveatValue(\n        partialDiff,\n        mergedValue,\n        'optionalScopes',\n      );\n\n      return [mergedValue, diff];\n    },\n  };\n};\n\ntype Caip25EndowmentSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.Endowment;\n  targetName: typeof Caip25EndowmentPermissionName;\n  endowmentGetter: (_options?: EndowmentGetterParams) => null;\n  validator: PermissionValidatorConstraint;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n}>;\n\n/**\n * Helper that returns a `endowment:caip25` specification that\n * can be passed into the PermissionController constructor.\n *\n * @returns The specification for the `caip25` endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.Endowment,\n  Record<never, never>,\n  Caip25EndowmentSpecification\n> = () => {\n  return {\n    permissionType: PermissionType.Endowment,\n    targetName: Caip25EndowmentPermissionName,\n    allowedCaveats: [Caip25CaveatType],\n    endowmentGetter: (_getterOptions?: EndowmentGetterParams) => null,\n    validator: (permission: PermissionConstraint) => {\n      if (\n        permission.caveats?.length !== 1 ||\n        permission.caveats?.[0]?.type !== Caip25CaveatType\n      ) {\n        throw new Error(\n          `${Caip25EndowmentPermissionName} error: Invalid caveats. There must be a single caveat of type \"${Caip25CaveatType}\".`,\n        );\n      }\n    },\n  };\n};\n\n/**\n * The `caip25` endowment specification builder. Passed to the\n * `PermissionController` for constructing and validating the\n * `endowment:caip25` permission.\n */\nexport const caip25EndowmentBuilder = Object.freeze({\n  targetName: Caip25EndowmentPermissionName,\n  specificationBuilder,\n} as const);\n\n/**\n * Factories that construct caveat mutator functions that are passed to\n * PermissionController.updatePermissionsByCaveat.\n */\nexport const Caip25CaveatMutators = {\n  [Caip25CaveatType]: {\n    removeScope,\n    removeAccount,\n  },\n};\n\n/**\n * Removes the account from the scope object.\n *\n * @param targetAddress - The address to remove from the scope object.\n * @returns A function that removes the account from the scope object.\n */\nfunction removeAccountFilterFn(targetAddress: string) {\n  return (account: CaipAccountId) => {\n    const parsed = parseCaipAccountId(account);\n    return parsed.address !== targetAddress;\n  };\n}\n\n/**\n * Removes the account from the scope object.\n *\n * @param scopeObject - The scope object to remove the account from.\n * @param targetAddress - The address to remove from the scope object.\n */\nfunction removeAccountFromScopeObject(\n  scopeObject: InternalScopeObject,\n  targetAddress: string,\n) {\n  if (scopeObject.accounts) {\n    scopeObject.accounts = scopeObject.accounts.filter(\n      removeAccountFilterFn(targetAddress),\n    );\n  }\n}\n\n/**\n * Removes the target account from the scope object.\n *\n * @param caip25CaveatValue - The CAIP-25 permission caveat value from which to remove the account (across all chain scopes).\n * @param targetAddress - The address to remove from the scope object. Not a CAIP-10 formatted address because it will be removed across each chain scope.\n * @returns The updated scope object.\n */\nfunction removeAccount(\n  caip25CaveatValue: Caip25CaveatValue,\n  targetAddress: Hex,\n) {\n  const updatedCaveatValue = cloneDeep(caip25CaveatValue);\n\n  [\n    updatedCaveatValue.requiredScopes,\n    updatedCaveatValue.optionalScopes,\n  ].forEach((scopes) => {\n    Object.entries(scopes).forEach(([, scopeObject]) => {\n      removeAccountFromScopeObject(scopeObject, targetAddress);\n    });\n  });\n\n  const noChange = isEqual(updatedCaveatValue, caip25CaveatValue);\n\n  if (noChange) {\n    return {\n      operation: CaveatMutatorOperation.Noop,\n    };\n  }\n\n  const hasAccounts = [\n    ...Object.values(updatedCaveatValue.requiredScopes),\n    ...Object.values(updatedCaveatValue.optionalScopes),\n  ].some(({ accounts }) => accounts.length > 0);\n\n  if (hasAccounts) {\n    return {\n      operation: CaveatMutatorOperation.UpdateValue,\n      value: updatedCaveatValue,\n    };\n  }\n\n  return {\n    operation: CaveatMutatorOperation.RevokePermission,\n  };\n}\n\n/**\n * Removes the target scope from the value arrays of the given\n * `endowment:caip25` caveat. No-ops if the target scopeString is not in\n * the existing scopes.\n *\n * @param caip25CaveatValue - The CAIP-25 permission caveat value to remove the scope from.\n * @param targetScopeString - The scope that is being removed.\n * @returns The updated CAIP-25 permission caveat value.\n */\nfunction removeScope(\n  caip25CaveatValue: Caip25CaveatValue,\n  targetScopeString: ExternalScopeString,\n) {\n  const newRequiredScopes = Object.entries(\n    caip25CaveatValue.requiredScopes,\n  ).filter(([scope]) => scope !== targetScopeString);\n  const newOptionalScopes = Object.entries(\n    caip25CaveatValue.optionalScopes,\n  ).filter(([scope]) => {\n    return scope !== targetScopeString;\n  });\n\n  const requiredScopesRemoved =\n    newRequiredScopes.length !==\n    Object.keys(caip25CaveatValue.requiredScopes).length;\n  const optionalScopesRemoved =\n    newOptionalScopes.length !==\n    Object.keys(caip25CaveatValue.optionalScopes).length;\n\n  if (!requiredScopesRemoved && !optionalScopesRemoved) {\n    return {\n      operation: CaveatMutatorOperation.Noop,\n    };\n  }\n\n  const updatedCaveatValue = {\n    ...caip25CaveatValue,\n    requiredScopes: Object.fromEntries(newRequiredScopes),\n    optionalScopes: Object.fromEntries(newOptionalScopes),\n  };\n\n  const hasNonWalletScopes = [...newRequiredScopes, ...newOptionalScopes].some(\n    ([scopeString]) => {\n      const { namespace } = parseScopeString(scopeString);\n      return namespace !== KnownCaipNamespace.Wallet;\n    },\n  );\n\n  if (hasNonWalletScopes) {\n    return {\n      operation: CaveatMutatorOperation.UpdateValue,\n      value: updatedCaveatValue,\n    };\n  }\n\n  return {\n    operation: CaveatMutatorOperation.RevokePermission,\n  };\n}\n"]}

package/dist/index.cjs

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Caip25CaveatMutators = exports.caip25EndowmentBuilder = exports.Caip25EndowmentPermissionName = exports.createCaip25Caveat = exports.Caip25CaveatType = exports.caip25CaveatBuilder = exports.normalizeAndMergeScopes = exports.mergeInternalScopes = exports.mergeNormalizedScopes = exports.mergeScopeObject = exports.normalizeScope = exports.getUniqueArrayItems = exports.parseScopeString = exports.getSupportedScopeObjects = exports.KnownWalletScopeString = exports.KnownNotifications = exports.KnownWalletNamespaceRpcMethods = exports.KnownRpcMethods = exports.KnownWalletRpcMethods = exports.assertIsInternalScopeString = exports.bucketScopes = exports.validateAndNormalizeScopes = exports.getSessionScopes = exports.getInternalScopesObject = exports.setPermittedEthChainIds = exports.addPermittedEthChainId = exports.getPermittedEthChainIds = exports.setEthAccounts = exports.getEthAccounts = void 0;
+var caip_permission_adapter_eth_accounts_1 = require("./adapters/caip-permission-adapter-eth-accounts.cjs");
+Object.defineProperty(exports, "getEthAccounts", { enumerable: true, get: function () { return caip_permission_adapter_eth_accounts_1.getEthAccounts; } });
+Object.defineProperty(exports, "setEthAccounts", { enumerable: true, get: function () { return caip_permission_adapter_eth_accounts_1.setEthAccounts; } });
+var caip_permission_adapter_permittedChains_1 = require("./adapters/caip-permission-adapter-permittedChains.cjs");
+Object.defineProperty(exports, "getPermittedEthChainIds", { enumerable: true, get: function () { return caip_permission_adapter_permittedChains_1.getPermittedEthChainIds; } });
+Object.defineProperty(exports, "addPermittedEthChainId", { enumerable: true, get: function () { return caip_permission_adapter_permittedChains_1.addPermittedEthChainId; } });
+Object.defineProperty(exports, "setPermittedEthChainIds", { enumerable: true, get: function () { return caip_permission_adapter_permittedChains_1.setPermittedEthChainIds; } });
+var caip_permission_adapter_session_scopes_1 = require("./adapters/caip-permission-adapter-session-scopes.cjs");
+Object.defineProperty(exports, "getInternalScopesObject", { enumerable: true, get: function () { return caip_permission_adapter_session_scopes_1.getInternalScopesObject; } });
+Object.defineProperty(exports, "getSessionScopes", { enumerable: true, get: function () { return caip_permission_adapter_session_scopes_1.getSessionScopes; } });
+var authorization_1 = require("./scope/authorization.cjs");
+Object.defineProperty(exports, "validateAndNormalizeScopes", { enumerable: true, get: function () { return authorization_1.validateAndNormalizeScopes; } });
+Object.defineProperty(exports, "bucketScopes", { enumerable: true, get: function () { return authorization_1.bucketScopes; } });
+var assert_1 = require("./scope/assert.cjs");
+Object.defineProperty(exports, "assertIsInternalScopeString", { enumerable: true, get: function () { return assert_1.assertIsInternalScopeString; } });
+var constants_1 = require("./scope/constants.cjs");
+Object.defineProperty(exports, "KnownWalletRpcMethods", { enumerable: true, get: function () { return constants_1.KnownWalletRpcMethods; } });
+Object.defineProperty(exports, "KnownRpcMethods", { enumerable: true, get: function () { return constants_1.KnownRpcMethods; } });
+Object.defineProperty(exports, "KnownWalletNamespaceRpcMethods", { enumerable: true, get: function () { return constants_1.KnownWalletNamespaceRpcMethods; } });
+Object.defineProperty(exports, "KnownNotifications", { enumerable: true, get: function () { return constants_1.KnownNotifications; } });
+Object.defineProperty(exports, "KnownWalletScopeString", { enumerable: true, get: function () { return constants_1.KnownWalletScopeString; } });
+var filter_1 = require("./scope/filter.cjs");
+Object.defineProperty(exports, "getSupportedScopeObjects", { enumerable: true, get: function () { return filter_1.getSupportedScopeObjects; } });
+var types_1 = require("./scope/types.cjs");
+Object.defineProperty(exports, "parseScopeString", { enumerable: true, get: function () { return types_1.parseScopeString; } });
+var transform_1 = require("./scope/transform.cjs");
+Object.defineProperty(exports, "getUniqueArrayItems", { enumerable: true, get: function () { return transform_1.getUniqueArrayItems; } });
+Object.defineProperty(exports, "normalizeScope", { enumerable: true, get: function () { return transform_1.normalizeScope; } });
+Object.defineProperty(exports, "mergeScopeObject", { enumerable: true, get: function () { return transform_1.mergeScopeObject; } });
+Object.defineProperty(exports, "mergeNormalizedScopes", { enumerable: true, get: function () { return transform_1.mergeNormalizedScopes; } });
+Object.defineProperty(exports, "mergeInternalScopes", { enumerable: true, get: function () { return transform_1.mergeInternalScopes; } });
+Object.defineProperty(exports, "normalizeAndMergeScopes", { enumerable: true, get: function () { return transform_1.normalizeAndMergeScopes; } });
+var caip25Permission_1 = require("./caip25Permission.cjs");
+Object.defineProperty(exports, "caip25CaveatBuilder", { enumerable: true, get: function () { return caip25Permission_1.caip25CaveatBuilder; } });
+Object.defineProperty(exports, "Caip25CaveatType", { enumerable: true, get: function () { return caip25Permission_1.Caip25CaveatType; } });
+Object.defineProperty(exports, "createCaip25Caveat", { enumerable: true, get: function () { return caip25Permission_1.createCaip25Caveat; } });
+Object.defineProperty(exports, "Caip25EndowmentPermissionName", { enumerable: true, get: function () { return caip25Permission_1.Caip25EndowmentPermissionName; } });
+Object.defineProperty(exports, "caip25EndowmentBuilder", { enumerable: true, get: function () { return caip25Permission_1.caip25EndowmentBuilder; } });
+Object.defineProperty(exports, "Caip25CaveatMutators", { enumerable: true, get: function () { return caip25Permission_1.Caip25CaveatMutators; } });
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.cjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,4GAGyD;AAFvD,sIAAA,cAAc,OAAA;AACd,sIAAA,cAAc,OAAA;AAEhB,kHAI4D;AAH1D,kJAAA,uBAAuB,OAAA;AACvB,iJAAA,sBAAsB,OAAA;AACtB,kJAAA,uBAAuB,OAAA;AAEzB,gHAG2D;AAFzD,iJAAA,uBAAuB,OAAA;AACvB,0IAAA,gBAAgB,OAAA;AAIlB,2DAG+B;AAF7B,2HAAA,0BAA0B,OAAA;AAC1B,6GAAA,YAAY,OAAA;AAEd,6CAA6D;AAApD,qHAAA,2BAA2B,OAAA;AACpC,mDAM2B;AALzB,kHAAA,qBAAqB,OAAA;AACrB,4GAAA,eAAe,OAAA;AACf,2HAAA,8BAA8B,OAAA;AAC9B,+GAAA,kBAAkB,OAAA;AAClB,mHAAA,sBAAsB,OAAA;AAExB,6CAA0D;AAAjD,kHAAA,wBAAwB,OAAA;AAajC,2CAAiD;AAAxC,yGAAA,gBAAgB,OAAA;AACzB,mDAO2B;AANzB,gHAAA,mBAAmB,OAAA;AACnB,2GAAA,cAAc,OAAA;AACd,6GAAA,gBAAgB,OAAA;AAChB,kHAAA,qBAAqB,OAAA;AACrB,gHAAA,mBAAmB,OAAA;AACnB,oHAAA,uBAAuB,OAAA;AAIzB,2DAO4B;AAN1B,uHAAA,mBAAmB,OAAA;AACnB,oHAAA,gBAAgB,OAAA;AAChB,sHAAA,kBAAkB,OAAA;AAClB,iIAAA,6BAA6B,OAAA;AAC7B,0HAAA,sBAAsB,OAAA;AACtB,wHAAA,oBAAoB,OAAA","sourcesContent":["export {\n  getEthAccounts,\n  setEthAccounts,\n} from './adapters/caip-permission-adapter-eth-accounts';\nexport {\n  getPermittedEthChainIds,\n  addPermittedEthChainId,\n  setPermittedEthChainIds,\n} from './adapters/caip-permission-adapter-permittedChains';\nexport {\n  getInternalScopesObject,\n  getSessionScopes,\n} from './adapters/caip-permission-adapter-session-scopes';\n\nexport type { Caip25Authorization } from './scope/authorization';\nexport {\n  validateAndNormalizeScopes,\n  bucketScopes,\n} from './scope/authorization';\nexport { assertIsInternalScopeString } from './scope/assert';\nexport {\n  KnownWalletRpcMethods,\n  KnownRpcMethods,\n  KnownWalletNamespaceRpcMethods,\n  KnownNotifications,\n  KnownWalletScopeString,\n} from './scope/constants';\nexport { getSupportedScopeObjects } from './scope/filter';\nexport type {\n  ExternalScopeString,\n  ExternalScopeObject,\n  ExternalScopesObject,\n  InternalScopeString,\n  InternalScopeObject,\n  InternalScopesObject,\n  NormalizedScopeObject,\n  NormalizedScopesObject,\n  ScopedProperties,\n  NonWalletKnownCaipNamespace,\n} from './scope/types';\nexport { parseScopeString } from './scope/types';\nexport {\n  getUniqueArrayItems,\n  normalizeScope,\n  mergeScopeObject,\n  mergeNormalizedScopes,\n  mergeInternalScopes,\n  normalizeAndMergeScopes,\n} from './scope/transform';\n\nexport type { Caip25CaveatValue } from './caip25Permission';\nexport {\n  caip25CaveatBuilder,\n  Caip25CaveatType,\n  createCaip25Caveat,\n  Caip25EndowmentPermissionName,\n  caip25EndowmentBuilder,\n  Caip25CaveatMutators,\n} from './caip25Permission';\n"]}

package/dist/index.d.cts

@@ -0,0 +1,14 @@
+export { getEthAccounts, setEthAccounts, } from "./adapters/caip-permission-adapter-eth-accounts.cjs";
+export { getPermittedEthChainIds, addPermittedEthChainId, setPermittedEthChainIds, } from "./adapters/caip-permission-adapter-permittedChains.cjs";
+export { getInternalScopesObject, getSessionScopes, } from "./adapters/caip-permission-adapter-session-scopes.cjs";
+export type { Caip25Authorization } from "./scope/authorization.cjs";
+export { validateAndNormalizeScopes, bucketScopes, } from "./scope/authorization.cjs";
+export { assertIsInternalScopeString } from "./scope/assert.cjs";
+export { KnownWalletRpcMethods, KnownRpcMethods, KnownWalletNamespaceRpcMethods, KnownNotifications, KnownWalletScopeString, } from "./scope/constants.cjs";
+export { getSupportedScopeObjects } from "./scope/filter.cjs";
+export type { ExternalScopeString, ExternalScopeObject, ExternalScopesObject, InternalScopeString, InternalScopeObject, InternalScopesObject, NormalizedScopeObject, NormalizedScopesObject, ScopedProperties, NonWalletKnownCaipNamespace, } from "./scope/types.cjs";
+export { parseScopeString } from "./scope/types.cjs";
+export { getUniqueArrayItems, normalizeScope, mergeScopeObject, mergeNormalizedScopes, mergeInternalScopes, normalizeAndMergeScopes, } from "./scope/transform.cjs";
+export type { Caip25CaveatValue } from "./caip25Permission.cjs";
+export { caip25CaveatBuilder, Caip25CaveatType, createCaip25Caveat, Caip25EndowmentPermissionName, caip25EndowmentBuilder, Caip25CaveatMutators, } from "./caip25Permission.cjs";
+//# sourceMappingURL=index.d.cts.map

package/dist/index.d.cts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.cts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,cAAc,GACf,4DAAwD;AACzD,OAAO,EACL,uBAAuB,EACvB,sBAAsB,EACtB,uBAAuB,GACxB,+DAA2D;AAC5D,OAAO,EACL,uBAAuB,EACvB,gBAAgB,GACjB,8DAA0D;AAE3D,YAAY,EAAE,mBAAmB,EAAE,kCAA8B;AACjE,OAAO,EACL,0BAA0B,EAC1B,YAAY,GACb,kCAA8B;AAC/B,OAAO,EAAE,2BAA2B,EAAE,2BAAuB;AAC7D,OAAO,EACL,qBAAqB,EACrB,eAAe,EACf,8BAA8B,EAC9B,kBAAkB,EAClB,sBAAsB,GACvB,8BAA0B;AAC3B,OAAO,EAAE,wBAAwB,EAAE,2BAAuB;AAC1D,YAAY,EACV,mBAAmB,EACnB,mBAAmB,EACnB,oBAAoB,EACpB,mBAAmB,EACnB,mBAAmB,EACnB,oBAAoB,EACpB,qBAAqB,EACrB,sBAAsB,EACtB,gBAAgB,EAChB,2BAA2B,GAC5B,0BAAsB;AACvB,OAAO,EAAE,gBAAgB,EAAE,0BAAsB;AACjD,OAAO,EACL,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,qBAAqB,EACrB,mBAAmB,EACnB,uBAAuB,GACxB,8BAA0B;AAE3B,YAAY,EAAE,iBAAiB,EAAE,+BAA2B;AAC5D,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,kBAAkB,EAClB,6BAA6B,EAC7B,sBAAsB,EACtB,oBAAoB,GACrB,+BAA2B"}

package/dist/index.d.mts

@@ -0,0 +1,14 @@
+export { getEthAccounts, setEthAccounts, } from "./adapters/caip-permission-adapter-eth-accounts.mjs";
+export { getPermittedEthChainIds, addPermittedEthChainId, setPermittedEthChainIds, } from "./adapters/caip-permission-adapter-permittedChains.mjs";
+export { getInternalScopesObject, getSessionScopes, } from "./adapters/caip-permission-adapter-session-scopes.mjs";
+export type { Caip25Authorization } from "./scope/authorization.mjs";
+export { validateAndNormalizeScopes, bucketScopes, } from "./scope/authorization.mjs";
+export { assertIsInternalScopeString } from "./scope/assert.mjs";
+export { KnownWalletRpcMethods, KnownRpcMethods, KnownWalletNamespaceRpcMethods, KnownNotifications, KnownWalletScopeString, } from "./scope/constants.mjs";
+export { getSupportedScopeObjects } from "./scope/filter.mjs";
+export type { ExternalScopeString, ExternalScopeObject, ExternalScopesObject, InternalScopeString, InternalScopeObject, InternalScopesObject, NormalizedScopeObject, NormalizedScopesObject, ScopedProperties, NonWalletKnownCaipNamespace, } from "./scope/types.mjs";
+export { parseScopeString } from "./scope/types.mjs";
+export { getUniqueArrayItems, normalizeScope, mergeScopeObject, mergeNormalizedScopes, mergeInternalScopes, normalizeAndMergeScopes, } from "./scope/transform.mjs";
+export type { Caip25CaveatValue } from "./caip25Permission.mjs";
+export { caip25CaveatBuilder, Caip25CaveatType, createCaip25Caveat, Caip25EndowmentPermissionName, caip25EndowmentBuilder, Caip25CaveatMutators, } from "./caip25Permission.mjs";
+//# sourceMappingURL=index.d.mts.map

package/dist/index.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.mts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,cAAc,GACf,4DAAwD;AACzD,OAAO,EACL,uBAAuB,EACvB,sBAAsB,EACtB,uBAAuB,GACxB,+DAA2D;AAC5D,OAAO,EACL,uBAAuB,EACvB,gBAAgB,GACjB,8DAA0D;AAE3D,YAAY,EAAE,mBAAmB,EAAE,kCAA8B;AACjE,OAAO,EACL,0BAA0B,EAC1B,YAAY,GACb,kCAA8B;AAC/B,OAAO,EAAE,2BAA2B,EAAE,2BAAuB;AAC7D,OAAO,EACL,qBAAqB,EACrB,eAAe,EACf,8BAA8B,EAC9B,kBAAkB,EAClB,sBAAsB,GACvB,8BAA0B;AAC3B,OAAO,EAAE,wBAAwB,EAAE,2BAAuB;AAC1D,YAAY,EACV,mBAAmB,EACnB,mBAAmB,EACnB,oBAAoB,EACpB,mBAAmB,EACnB,mBAAmB,EACnB,oBAAoB,EACpB,qBAAqB,EACrB,sBAAsB,EACtB,gBAAgB,EAChB,2BAA2B,GAC5B,0BAAsB;AACvB,OAAO,EAAE,gBAAgB,EAAE,0BAAsB;AACjD,OAAO,EACL,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,qBAAqB,EACrB,mBAAmB,EACnB,uBAAuB,GACxB,8BAA0B;AAE3B,YAAY,EAAE,iBAAiB,EAAE,+BAA2B;AAC5D,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,kBAAkB,EAClB,6BAA6B,EAC7B,sBAAsB,EACtB,oBAAoB,GACrB,+BAA2B"}

package/dist/index.mjs

@@ -0,0 +1,11 @@
+export { getEthAccounts, setEthAccounts } from "./adapters/caip-permission-adapter-eth-accounts.mjs";
+export { getPermittedEthChainIds, addPermittedEthChainId, setPermittedEthChainIds } from "./adapters/caip-permission-adapter-permittedChains.mjs";
+export { getInternalScopesObject, getSessionScopes } from "./adapters/caip-permission-adapter-session-scopes.mjs";
+export { validateAndNormalizeScopes, bucketScopes } from "./scope/authorization.mjs";
+export { assertIsInternalScopeString } from "./scope/assert.mjs";
+export { KnownWalletRpcMethods, KnownRpcMethods, KnownWalletNamespaceRpcMethods, KnownNotifications, KnownWalletScopeString } from "./scope/constants.mjs";
+export { getSupportedScopeObjects } from "./scope/filter.mjs";
+export { parseScopeString } from "./scope/types.mjs";
+export { getUniqueArrayItems, normalizeScope, mergeScopeObject, mergeNormalizedScopes, mergeInternalScopes, normalizeAndMergeScopes } from "./scope/transform.mjs";
+export { caip25CaveatBuilder, Caip25CaveatType, createCaip25Caveat, Caip25EndowmentPermissionName, caip25EndowmentBuilder, Caip25CaveatMutators } from "./caip25Permission.mjs";
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.mjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,cAAc,EACf,4DAAwD;AACzD,OAAO,EACL,uBAAuB,EACvB,sBAAsB,EACtB,uBAAuB,EACxB,+DAA2D;AAC5D,OAAO,EACL,uBAAuB,EACvB,gBAAgB,EACjB,8DAA0D;AAG3D,OAAO,EACL,0BAA0B,EAC1B,YAAY,EACb,kCAA8B;AAC/B,OAAO,EAAE,2BAA2B,EAAE,2BAAuB;AAC7D,OAAO,EACL,qBAAqB,EACrB,eAAe,EACf,8BAA8B,EAC9B,kBAAkB,EAClB,sBAAsB,EACvB,8BAA0B;AAC3B,OAAO,EAAE,wBAAwB,EAAE,2BAAuB;AAa1D,OAAO,EAAE,gBAAgB,EAAE,0BAAsB;AACjD,OAAO,EACL,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,qBAAqB,EACrB,mBAAmB,EACnB,uBAAuB,EACxB,8BAA0B;AAG3B,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,kBAAkB,EAClB,6BAA6B,EAC7B,sBAAsB,EACtB,oBAAoB,EACrB,+BAA2B","sourcesContent":["export {\n  getEthAccounts,\n  setEthAccounts,\n} from './adapters/caip-permission-adapter-eth-accounts';\nexport {\n  getPermittedEthChainIds,\n  addPermittedEthChainId,\n  setPermittedEthChainIds,\n} from './adapters/caip-permission-adapter-permittedChains';\nexport {\n  getInternalScopesObject,\n  getSessionScopes,\n} from './adapters/caip-permission-adapter-session-scopes';\n\nexport type { Caip25Authorization } from './scope/authorization';\nexport {\n  validateAndNormalizeScopes,\n  bucketScopes,\n} from './scope/authorization';\nexport { assertIsInternalScopeString } from './scope/assert';\nexport {\n  KnownWalletRpcMethods,\n  KnownRpcMethods,\n  KnownWalletNamespaceRpcMethods,\n  KnownNotifications,\n  KnownWalletScopeString,\n} from './scope/constants';\nexport { getSupportedScopeObjects } from './scope/filter';\nexport type {\n  ExternalScopeString,\n  ExternalScopeObject,\n  ExternalScopesObject,\n  InternalScopeString,\n  InternalScopeObject,\n  InternalScopesObject,\n  NormalizedScopeObject,\n  NormalizedScopesObject,\n  ScopedProperties,\n  NonWalletKnownCaipNamespace,\n} from './scope/types';\nexport { parseScopeString } from './scope/types';\nexport {\n  getUniqueArrayItems,\n  normalizeScope,\n  mergeScopeObject,\n  mergeNormalizedScopes,\n  mergeInternalScopes,\n  normalizeAndMergeScopes,\n} from './scope/transform';\n\nexport type { Caip25CaveatValue } from './caip25Permission';\nexport {\n  caip25CaveatBuilder,\n  Caip25CaveatType,\n  createCaip25Caveat,\n  Caip25EndowmentPermissionName,\n  caip25EndowmentBuilder,\n  Caip25CaveatMutators,\n} from './caip25Permission';\n"]}

package/dist/scope/assert.cjs

@@ -0,0 +1,170 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.assertIsInternalScopesObject = exports.assertIsInternalScopeString = exports.assertIsExternalScopesObject = exports.assertScopesSupported = exports.assertScopeSupported = void 0;
+const utils_1 = require("@metamask/utils");
+const errors_1 = require("./errors.cjs");
+const supported_1 = require("./supported.cjs");
+/**
+ * Asserts that a scope string and its associated scope object are supported.
+ *
+ * @param scopeString - The scope string against which to assert support.
+ * @param scopeObject - The scope object against which to assert support.
+ * @param hooks - An object containing the following properties:
+ * @param hooks.isEvmChainIdSupported - A predicate that determines if an EVM chainID is supported.
+ * @param hooks.isNonEvmScopeSupported - A predicate that determines if an non EVM scopeString is supported.
+ * @param hooks.getNonEvmSupportedMethods - A function that returns the supported methods for a non EVM scope.
+ */
+const assertScopeSupported = (scopeString, scopeObject, { isEvmChainIdSupported, isNonEvmScopeSupported, getNonEvmSupportedMethods, }) => {
+    const { methods, notifications } = scopeObject;
+    if (!(0, supported_1.isSupportedScopeString)(scopeString, {
+        isEvmChainIdSupported,
+        isNonEvmScopeSupported,
+    })) {
+        throw errors_1.Caip25Errors.requestedChainsNotSupportedError();
+    }
+    const allMethodsSupported = methods.every((method) => (0, supported_1.isSupportedMethod)(scopeString, method, { getNonEvmSupportedMethods }));
+    if (!allMethodsSupported) {
+        throw errors_1.Caip25Errors.requestedMethodsNotSupportedError();
+    }
+    if (notifications &&
+        !notifications.every((notification) => (0, supported_1.isSupportedNotification)(scopeString, notification))) {
+        throw errors_1.Caip25Errors.requestedNotificationsNotSupportedError();
+    }
+};
+exports.assertScopeSupported = assertScopeSupported;
+/**
+ * Asserts that all scope strings and their associated scope objects are supported.
+ *
+ * @param scopes - The scopes object against which to assert support.
+ * @param hooks - An object containing the following properties:
+ * @param hooks.isEvmChainIdSupported - A predicate that determines if an EVM chainID is supported.
+ * @param hooks.isNonEvmScopeSupported - A predicate that determines if an non EVM scopeString is supported.
+ * @param hooks.getNonEvmSupportedMethods - A function that returns the supported methods for a non EVM scope.
+ */
+const assertScopesSupported = (scopes, { isEvmChainIdSupported, isNonEvmScopeSupported, getNonEvmSupportedMethods, }) => {
+    for (const [scopeString, scopeObject] of Object.entries(scopes)) {
+        (0, exports.assertScopeSupported)(scopeString, scopeObject, {
+            isEvmChainIdSupported,
+            isNonEvmScopeSupported,
+            getNonEvmSupportedMethods,
+        });
+    }
+};
+exports.assertScopesSupported = assertScopesSupported;
+/**
+ * Asserts that an object is a valid ExternalScopeObject.
+ *
+ * @param obj - The object to assert.
+ */
+function assertIsExternalScopeObject(obj) {
+    if (typeof obj !== 'object' || obj === null) {
+        throw new Error('ExternalScopeObject must be an object');
+    }
+    if ((0, utils_1.hasProperty)(obj, 'references')) {
+        if (!Array.isArray(obj.references) ||
+            !obj.references.every(utils_1.isCaipReference)) {
+            throw new Error('ExternalScopeObject.references must be an array of CaipReference');
+        }
+    }
+    if ((0, utils_1.hasProperty)(obj, 'accounts')) {
+        if (!Array.isArray(obj.accounts) || !obj.accounts.every(utils_1.isCaipAccountId)) {
+            throw new Error('ExternalScopeObject.accounts must be an array of CaipAccountId');
+        }
+    }
+    if ((0, utils_1.hasProperty)(obj, 'methods')) {
+        if (!Array.isArray(obj.methods) ||
+            !obj.methods.every((method) => typeof method === 'string')) {
+            throw new Error('ExternalScopeObject.methods must be an array of strings');
+        }
+    }
+    if ((0, utils_1.hasProperty)(obj, 'notifications')) {
+        if (!Array.isArray(obj.notifications) ||
+            !obj.notifications.every((notification) => typeof notification === 'string')) {
+            throw new Error('ExternalScopeObject.notifications must be an array of strings');
+        }
+    }
+    if ((0, utils_1.hasProperty)(obj, 'rpcDocuments')) {
+        if (!Array.isArray(obj.rpcDocuments) ||
+            !obj.rpcDocuments.every((doc) => typeof doc === 'string')) {
+            throw new Error('ExternalScopeObject.rpcDocuments must be an array of strings');
+        }
+    }
+    if ((0, utils_1.hasProperty)(obj, 'rpcEndpoints')) {
+        if (!Array.isArray(obj.rpcEndpoints) ||
+            !obj.rpcEndpoints.every((endpoint) => typeof endpoint === 'string')) {
+            throw new Error('ExternalScopeObject.rpcEndpoints must be an array of strings');
+        }
+    }
+}
+/**
+ * Asserts that a scope string is a valid ExternalScopeString.
+ *
+ * @param scopeString - The scope string to assert.
+ */
+function assertIsExternalScopeString(scopeString) {
+    if (typeof scopeString !== 'string' ||
+        (!(0, utils_1.isCaipNamespace)(scopeString) && !(0, utils_1.isCaipChainId)(scopeString))) {
+        throw new Error('scopeString is not a valid ExternalScopeString');
+    }
+}
+/**
+ * Asserts that an object is a valid ExternalScopesObject.
+ *
+ * @param obj - The object to assert.
+ */
+function assertIsExternalScopesObject(obj) {
+    if (typeof obj !== 'object' || obj === null) {
+        throw new Error('ExternalScopesObject must be an object');
+    }
+    for (const [scopeString, scopeObject] of Object.entries(obj)) {
+        assertIsExternalScopeString(scopeString);
+        assertIsExternalScopeObject(scopeObject);
+    }
+}
+exports.assertIsExternalScopesObject = assertIsExternalScopesObject;
+/**
+ * Asserts that an object is a valid InternalScopeObject.
+ *
+ * @param obj - The object to assert.
+ */
+function assertIsInternalScopeObject(obj) {
+    if (typeof obj !== 'object' || obj === null) {
+        throw new Error('InternalScopeObject must be an object');
+    }
+    if (!(0, utils_1.hasProperty)(obj, 'accounts') ||
+        !Array.isArray(obj.accounts) ||
+        !obj.accounts.every(utils_1.isCaipAccountId)) {
+        throw new Error('InternalScopeObject.accounts must be an array of CaipAccountId');
+    }
+}
+/**
+ * Asserts that a scope string is a valid InternalScopeString.
+ *
+ * @param scopeString - The scope string to assert.
+ */
+function assertIsInternalScopeString(scopeString) {
+    if (typeof scopeString !== 'string' ||
+        // `InternalScopeString` is defined as either `KnownCaipNamespace.Wallet` or
+        // `CaipChainId`, so our conditions intentionally match the type.
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-enum-comparison
+        (scopeString !== utils_1.KnownCaipNamespace.Wallet && !(0, utils_1.isCaipChainId)(scopeString))) {
+        throw new Error('scopeString is not a valid InternalScopeString');
+    }
+}
+exports.assertIsInternalScopeString = assertIsInternalScopeString;
+/**
+ * Asserts that an object is a valid InternalScopesObject.
+ *
+ * @param obj - The object to assert.
+ */
+function assertIsInternalScopesObject(obj) {
+    if (typeof obj !== 'object' || obj === null) {
+        throw new Error('InternalScopesObject must be an object');
+    }
+    for (const [scopeString, scopeObject] of Object.entries(obj)) {
+        assertIsInternalScopeString(scopeString);
+        assertIsInternalScopeObject(scopeObject);
+    }
+}
+exports.assertIsInternalScopesObject = assertIsInternalScopesObject;
+//# sourceMappingURL=assert.cjs.map