@metamask-previews/keyring-controller 19.1.0-preview-52c28555 → 19.2.0-preview-e2b3b183

package/CHANGELOG.md

@@ -7,10 +7,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Changed
+
+- Bump `@metamask/keyring-internal-api` from `^4.0.1` to `^4.0.2` ([#5356](https://github.com/MetaMask/core/pull/5356))
+
+## [19.2.0]
+
 ### Added
 
+- Add `signEip7702Authorization` to `KeyringController` ([#5301](https://github.com/MetaMask/core/pull/5301))
 - Add `KeyringController:withKeyring` action ([#5332](https://github.com/MetaMask/core/pull/5332))
   - The action can be used to consume the `withKeyring` method of the `KeyringController` class
+- Support keyring metadata in KeyringController ([#5112](https://github.com/MetaMask/core/pull/5112))
 
 ## [19.1.0]
 
@@ -675,7 +683,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
     All changes listed after this point were applied to this package following the monorepo conversion.
 
-[Unreleased]: https://github.com/MetaMask/core/compare/@metamask/keyring-controller@19.1.0...HEAD
+[Unreleased]: https://github.com/MetaMask/core/compare/@metamask/keyring-controller@19.2.0...HEAD
+[19.2.0]: https://github.com/MetaMask/core/compare/@metamask/keyring-controller@19.1.0...@metamask/keyring-controller@19.2.0
 [19.1.0]: https://github.com/MetaMask/core/compare/@metamask/keyring-controller@19.0.7...@metamask/keyring-controller@19.1.0
 [19.0.7]: https://github.com/MetaMask/core/compare/@metamask/keyring-controller@19.0.6...@metamask/keyring-controller@19.0.7
 [19.0.6]: https://github.com/MetaMask/core/compare/@metamask/keyring-controller@19.0.5...@metamask/keyring-controller@19.0.6

package/dist/KeyringController.cjs

@@ -36,7 +36,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
-var _KeyringController_instances, _KeyringController_controllerOperationMutex, _KeyringController_vaultOperationMutex, _KeyringController_keyringBuilders, _KeyringController_unsupportedKeyrings, _KeyringController_encryptor, _KeyringController_cacheEncryptionKey, _KeyringController_keyrings, _KeyringController_password, _KeyringController_qrKeyringStateListener, _KeyringController_registerMessageHandlers, _KeyringController_getKeyringBuilderForType, _KeyringController_addQRKeyring, _KeyringController_subscribeToQRKeyringEvents, _KeyringController_unsubscribeFromQRKeyringsEvents, _KeyringController_createNewVaultWithKeyring, _KeyringController_verifySeedPhrase, _KeyringController_getUpdatedKeyrings, _KeyringController_getSerializedKeyrings, _KeyringController_restoreSerializedKeyrings, _KeyringController_unlockKeyrings, _KeyringController_updateVault, _KeyringController_getAccountsFromKeyrings, _KeyringController_createKeyringWithFirstAccount, _KeyringController_newKeyring, _KeyringController_clearKeyrings, _KeyringController_restoreKeyring, _KeyringController_destroyKeyring, _KeyringController_removeEmptyKeyrings, _KeyringController_checkForDuplicate, _KeyringController_setUnlocked, _KeyringController_assertIsUnlocked, _KeyringController_persistOrRollback, _KeyringController_withRollback, _KeyringController_assertControllerMutexIsLocked, _KeyringController_withControllerLock, _KeyringController_withVaultLock;
+var _KeyringController_instances, _KeyringController_controllerOperationMutex, _KeyringController_vaultOperationMutex, _KeyringController_keyringBuilders, _KeyringController_unsupportedKeyrings, _KeyringController_encryptor, _KeyringController_cacheEncryptionKey, _KeyringController_keyrings, _KeyringController_keyringsMetadata, _KeyringController_password, _KeyringController_qrKeyringStateListener, _KeyringController_registerMessageHandlers, _KeyringController_getKeyringById, _KeyringController_getKeyringByIdOrDefault, _KeyringController_getKeyringBuilderForType, _KeyringController_addQRKeyring, _KeyringController_subscribeToQRKeyringEvents, _KeyringController_unsubscribeFromQRKeyringsEvents, _KeyringController_createNewVaultWithKeyring, _KeyringController_verifySeedPhrase, _KeyringController_getUpdatedKeyrings, _KeyringController_getSerializedKeyrings, _KeyringController_restoreSerializedKeyrings, _KeyringController_unlockKeyrings, _KeyringController_updateVault, _KeyringController_getAccountsFromKeyrings, _KeyringController_createKeyringWithFirstAccount, _KeyringController_newKeyring, _KeyringController_createKeyring, _KeyringController_clearKeyrings, _KeyringController_restoreKeyring, _KeyringController_destroyKeyring, _KeyringController_removeEmptyKeyrings, _KeyringController_checkForDuplicate, _KeyringController_setUnlocked, _KeyringController_assertIsUnlocked, _KeyringController_persistOrRollback, _KeyringController_withRollback, _KeyringController_assertControllerMutexIsLocked, _KeyringController_withControllerLock, _KeyringController_withVaultLock;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.KeyringController = exports.getDefaultKeyringState = exports.keyringBuilderFactory = exports.SignTypedDataVersion = exports.AccountImportStrategy = exports.isCustodyKeyring = exports.KeyringTypes = void 0;
 const util_1 = require("@ethereumjs/util");
@@ -48,6 +48,8 @@ const eth_simple_keyring_1 = __importDefault(require("@metamask/eth-simple-keyri
 const utils_1 = require("@metamask/utils");
 const async_mutex_1 = require("async-mutex");
 const ethereumjs_wallet_1 = __importStar(require("ethereumjs-wallet"));
+// When generating a ULID within the same millisecond, monotonicFactory provides some guarantees regarding sort order.
+const ulid_1 = require("ulid");
 const constants_1 = require("./constants.cjs");
 const name = 'KeyringController';
 /**
@@ -109,13 +111,17 @@ function keyringBuilderFactory(KeyringConstructor) {
 }
 exports.keyringBuilderFactory = keyringBuilderFactory;
 const defaultKeyringBuilders = [
+    // todo: keyring types are mismatched, this should be fixed in they keyrings themselves
+    // @ts-expect-error keyring types are mismatched
     keyringBuilderFactory(eth_simple_keyring_1.default),
+    // @ts-expect-error keyring types are mismatched
     keyringBuilderFactory(eth_hd_keyring_1.default),
 ];
 const getDefaultKeyringState = () => {
     return {
         isUnlocked: false,
         keyrings: [],
+        keyringsMetadata: [],
     };
 };
 exports.getDefaultKeyringState = getDefaultKeyringState;
@@ -247,6 +253,7 @@ class KeyringController extends base_controller_1.BaseController {
                 vault: { persist: true, anonymous: false },
                 isUnlocked: { persist: false, anonymous: true },
                 keyrings: { persist: false, anonymous: false },
+                keyringsMetadata: { persist: true, anonymous: false },
                 encryptionKey: { persist: false, anonymous: false },
                 encryptionSalt: { persist: false, anonymous: false },
             },
@@ -264,6 +271,7 @@ class KeyringController extends base_controller_1.BaseController {
         _KeyringController_encryptor.set(this, void 0);
         _KeyringController_cacheEncryptionKey.set(this, void 0);
         _KeyringController_keyrings.set(this, void 0);
+        _KeyringController_keyringsMetadata.set(this, void 0);
         _KeyringController_password.set(this, void 0);
         _KeyringController_qrKeyringStateListener.set(this, void 0);
         __classPrivateFieldSet(this, _KeyringController_keyringBuilders, keyringBuilders
@@ -271,6 +279,7 @@ class KeyringController extends base_controller_1.BaseController {
             : defaultKeyringBuilders, "f");
         __classPrivateFieldSet(this, _KeyringController_encryptor, encryptor, "f");
         __classPrivateFieldSet(this, _KeyringController_keyrings, [], "f");
+        __classPrivateFieldSet(this, _KeyringController_keyringsMetadata, state?.keyringsMetadata ?? [], "f");
         __classPrivateFieldSet(this, _KeyringController_unsupportedKeyrings, [], "f");
         // This option allows the controller to cache an exported key
         // for use in decrypting and encrypting data without password
@@ -419,13 +428,18 @@ class KeyringController extends base_controller_1.BaseController {
      * Gets the seed phrase of the HD keyring.
      *
      * @param password - Password of the keyring.
+     * @param keyringId - The id of the keyring.
      * @returns Promise resolving to the seed phrase.
      */
-    async exportSeedPhrase(password) {
+    async exportSeedPhrase(password, keyringId) {
         __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
         await this.verifyPassword(password);
-        assertHasUint8ArrayMnemonic(__classPrivateFieldGet(this, _KeyringController_keyrings, "f")[0]);
-        return __classPrivateFieldGet(this, _KeyringController_keyrings, "f")[0].mnemonic;
+        const selectedKeyring = __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringByIdOrDefault).call(this, keyringId);
+        if (!selectedKeyring) {
+            throw new Error('Keyring not found');
+        }
+        assertHasUint8ArrayMnemonic(selectedKeyring);
+        return selectedKeyring.mnemonic;
     }
     /**
      * Gets the private key from the keyring controlling an address.
@@ -610,6 +624,13 @@ class KeyringController extends base_controller_1.BaseController {
         __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
         await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_persistOrRollback).call(this, async () => {
             const keyring = (await this.getKeyringForAccount(address));
+            const keyringIndex = this.state.keyrings.findIndex((kr) => kr.accounts.includes(address));
+            const isPrimaryKeyring = keyringIndex === 0;
+            const shouldRemoveKeyring = (await keyring.getAccounts()).length === 1;
+            // Primary keyring should never be removed, so we need to keep at least one account in it
+            if (isPrimaryKeyring && shouldRemoveKeyring) {
+                throw new Error(constants_1.KeyringControllerError.LastAccountInPrimaryKeyring);
+            }
             // Not all the keyrings support this, so we have to check
             if (!keyring.removeAccount) {
                 throw new Error(constants_1.KeyringControllerError.UnsupportedRemoveAccount);
@@ -620,9 +641,7 @@ class KeyringController extends base_controller_1.BaseController {
             // because `Keyring<State>.removeAccount` requires address to be `Hex`. Those
             // type would need to be updated for a full non-EVM support.
             keyring.removeAccount(address);
-            const accounts = await keyring.getAccounts();
-            // Check if this was the last/only account
-            if (accounts.length === 0) {
+            if (shouldRemoveKeyring) {
                 await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_removeEmptyKeyrings).call(this);
             }
         });
@@ -666,6 +685,27 @@ class KeyringController extends base_controller_1.BaseController {
         }
         return await keyring.signMessage(address, messageParams.data);
     }
+    /**
+     * Signs EIP-7702 Authorization message by calling down into a specific keyring.
+     *
+     * @param params - EIP7702AuthorizationParams object to sign.
+     * @returns Promise resolving to an EIP-7702 Authorization signature.
+     * @throws Will throw UnsupportedSignEIP7702Authorization if the keyring does not support signing EIP-7702 Authorization messages.
+     */
+    async signEip7702Authorization(params) {
+        const from = (0, eth_sig_util_1.normalize)(params.from);
+        const keyring = (await this.getKeyringForAccount(from));
+        if (!keyring.signEip7702Authorization) {
+            throw new Error(constants_1.KeyringControllerError.UnsupportedSignEip7702Authorization);
+        }
+        const { chainId, nonce } = params;
+        const contractAddress = (0, eth_sig_util_1.normalize)(params.contractAddress);
+        return await keyring.signEip7702Authorization(from, [
+            chainId,
+            contractAddress,
+            nonce,
+        ]);
+    }
     /**
      * Signs personal message by calling down into a specific keyring.
      *
@@ -839,11 +879,12 @@ class KeyringController extends base_controller_1.BaseController {
     /**
      * Verifies the that the seed phrase restores the current keychain's accounts.
      *
+     * @param keyringId - The id of the keyring to verify.
      * @returns Promise resolving to the seed phrase as Uint8Array.
      */
-    async verifySeedPhrase() {
+    async verifySeedPhrase(keyringId) {
         __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
-        return __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_withControllerLock).call(this, async () => __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_verifySeedPhrase).call(this));
+        return __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_withControllerLock).call(this, async () => __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_verifySeedPhrase).call(this, keyringId));
     }
     async withKeyring(selector, operation, options = {
         createIfMissing: false,
@@ -854,12 +895,15 @@ class KeyringController extends base_controller_1.BaseController {
             if ('address' in selector) {
                 keyring = (await this.getKeyringForAccount(selector.address));
             }
-            else {
+            else if ('type' in selector) {
                 keyring = this.getKeyringsByType(selector.type)[selector.index || 0];
                 if (!keyring && options.createIfMissing) {
                     keyring = (await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_newKeyring).call(this, selector.type, options.createWithData));
                 }
             }
+            else if ('id' in selector) {
+                keyring = __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringById).call(this, selector.id);
+            }
             if (!keyring) {
                 throw new Error(constants_1.KeyringControllerError.KeyringNotFound);
             }
@@ -1073,8 +1117,9 @@ class KeyringController extends base_controller_1.BaseController {
     }
 }
 exports.KeyringController = KeyringController;
-_KeyringController_controllerOperationMutex = new WeakMap(), _KeyringController_vaultOperationMutex = new WeakMap(), _KeyringController_keyringBuilders = new WeakMap(), _KeyringController_unsupportedKeyrings = new WeakMap(), _KeyringController_encryptor = new WeakMap(), _KeyringController_cacheEncryptionKey = new WeakMap(), _KeyringController_keyrings = new WeakMap(), _KeyringController_password = new WeakMap(), _KeyringController_qrKeyringStateListener = new WeakMap(), _KeyringController_instances = new WeakSet(), _KeyringController_registerMessageHandlers = function _KeyringController_registerMessageHandlers() {
+_KeyringController_controllerOperationMutex = new WeakMap(), _KeyringController_vaultOperationMutex = new WeakMap(), _KeyringController_keyringBuilders = new WeakMap(), _KeyringController_unsupportedKeyrings = new WeakMap(), _KeyringController_encryptor = new WeakMap(), _KeyringController_cacheEncryptionKey = new WeakMap(), _KeyringController_keyrings = new WeakMap(), _KeyringController_keyringsMetadata = new WeakMap(), _KeyringController_password = new WeakMap(), _KeyringController_qrKeyringStateListener = new WeakMap(), _KeyringController_instances = new WeakSet(), _KeyringController_registerMessageHandlers = function _KeyringController_registerMessageHandlers() {
     this.messagingSystem.registerActionHandler(`${name}:signMessage`, this.signMessage.bind(this));
+    this.messagingSystem.registerActionHandler(`${name}:signEip7702Authorization`, this.signEip7702Authorization.bind(this));
     this.messagingSystem.registerActionHandler(`${name}:signPersonalMessage`, this.signPersonalMessage.bind(this));
     this.messagingSystem.registerActionHandler(`${name}:signTypedMessage`, this.signTypedMessage.bind(this));
     this.messagingSystem.registerActionHandler(`${name}:decryptMessage`, this.decryptMessage.bind(this));
@@ -1088,6 +1133,14 @@ _KeyringController_controllerOperationMutex = new WeakMap(), _KeyringController_
     this.messagingSystem.registerActionHandler(`${name}:signUserOperation`, this.signUserOperation.bind(this));
     this.messagingSystem.registerActionHandler(`${name}:addNewAccount`, this.addNewAccount.bind(this));
     this.messagingSystem.registerActionHandler(`${name}:withKeyring`, this.withKeyring.bind(this));
+}, _KeyringController_getKeyringById = function _KeyringController_getKeyringById(keyringId) {
+    const index = this.state.keyringsMetadata.findIndex((metadata) => metadata.id === keyringId);
+    return __classPrivateFieldGet(this, _KeyringController_keyrings, "f")[index];
+}, _KeyringController_getKeyringByIdOrDefault = function _KeyringController_getKeyringByIdOrDefault(keyringId) {
+    if (!keyringId) {
+        return __classPrivateFieldGet(this, _KeyringController_keyrings, "f")[0];
+    }
+    return __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringById).call(this, keyringId);
 }, _KeyringController_getKeyringBuilderForType = function _KeyringController_getKeyringBuilderForType(type) {
     return __classPrivateFieldGet(this, _KeyringController_keyringBuilders, "f").find((keyringBuilder) => keyringBuilder.type === type);
 }, _KeyringController_addQRKeyring = 
@@ -1140,23 +1193,29 @@ async function _KeyringController_createNewVaultWithKeyring(password, keyring) {
     });
     __classPrivateFieldSet(this, _KeyringController_password, password, "f");
     await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_clearKeyrings).call(this);
+    __classPrivateFieldSet(this, _KeyringController_keyringsMetadata, [], "f");
     await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_createKeyringWithFirstAccount).call(this, keyring.type, keyring.opts);
     __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_setUnlocked).call(this);
 }, _KeyringController_verifySeedPhrase = 
 /**
  * Internal non-exclusive method to verify the seed phrase.
  *
+ * @param keyringId - The id of the keyring to verify the seed phrase for.
  * @returns A promise resolving to the seed phrase as Uint8Array.
  */
-async function _KeyringController_verifySeedPhrase() {
+async function _KeyringController_verifySeedPhrase(keyringId) {
     __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertControllerMutexIsLocked).call(this);
-    const primaryKeyring = this.getKeyringsByType(KeyringTypes.hd)[0];
-    if (!primaryKeyring) {
-        throw new Error('No HD keyring found.');
+    const keyring = __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringByIdOrDefault).call(this, keyringId);
+    if (!keyring) {
+        throw new Error(constants_1.KeyringControllerError.KeyringNotFound);
     }
-    assertHasUint8ArrayMnemonic(primaryKeyring);
-    const seedWords = primaryKeyring.mnemonic;
-    const accounts = await primaryKeyring.getAccounts();
+    // eslint-disable-next-line @typescript-eslint/no-unsafe-enum-comparison
+    if (keyring.type !== KeyringTypes.hd) {
+        throw new Error(constants_1.KeyringControllerError.UnsupportedVerifySeedPhrase);
+    }
+    assertHasUint8ArrayMnemonic(keyring);
+    const seedWords = keyring.mnemonic;
+    const accounts = await keyring.getAccounts();
     /* istanbul ignore if */
     if (accounts.length === 0) {
         throw new Error('Cannot verify an empty keyring.');
@@ -1336,9 +1395,13 @@ async function _KeyringController_unlockKeyrings(password, encryptionKey, encryp
             throw new Error(constants_1.KeyringControllerError.MissingVaultData);
         }
         const updatedKeyrings = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getUpdatedKeyrings).call(this);
+        if (updatedKeyrings.length !== __classPrivateFieldGet(this, _KeyringController_keyringsMetadata, "f").length) {
+            throw new Error(constants_1.KeyringControllerError.KeyringMetadataLengthMismatch);
+        }
         this.update((state) => {
             state.vault = updatedState.vault;
             state.keyrings = updatedKeyrings;
+            state.keyringsMetadata = __classPrivateFieldGet(this, _KeyringController_keyringsMetadata, "f").slice();
             if (updatedState.encryptionKey) {
                 state.encryptionKey = updatedState.encryptionKey;
                 state.encryptionSalt = JSON.parse(updatedState.vault).salt;
@@ -1378,19 +1441,48 @@ async function _KeyringController_createKeyringWithFirstAccount(type, opts) {
     if (!firstAccount) {
         throw new Error(constants_1.KeyringControllerError.NoFirstAccount);
     }
+    return firstAccount;
 }, _KeyringController_newKeyring = 
 /**
  * Instantiate, initialize and return a new keyring of the given `type`,
  * using the given `opts`. The keyring is built using the keyring builder
  * registered for the given `type`.
  *
+ * The internal keyring and keyring metadata arrays are updated with the new
+ * keyring as well.
  *
  * @param type - The type of keyring to add.
- * @param data - The data to restore a previously serialized keyring.
+ * @param data - Keyring initialization options.
  * @returns The new keyring.
  * @throws If the keyring includes duplicated accounts.
  */
 async function _KeyringController_newKeyring(type, data) {
+    const keyring = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_createKeyring).call(this, type, data);
+    if (__classPrivateFieldGet(this, _KeyringController_keyrings, "f").length !== __classPrivateFieldGet(this, _KeyringController_keyringsMetadata, "f").length) {
+        throw new Error('Keyring metadata missing');
+    }
+    __classPrivateFieldGet(this, _KeyringController_keyrings, "f").push(keyring);
+    __classPrivateFieldGet(this, _KeyringController_keyringsMetadata, "f").push(getDefaultKeyringMetadata());
+    return keyring;
+}, _KeyringController_createKeyring = 
+/**
+ * Instantiate, initialize and return a keyring of the given `type` using the
+ * given `opts`. The keyring is built using the keyring builder registered
+ * for the given `type`.
+ *
+ * The keyring might be new, or it might be restored from the vault. This
+ * function should only be called from `#newKeyring` or `#restoreKeyring`,
+ * for the "new" and "restore" cases respectively.
+ *
+ * The internal keyring and keyring metadata arrays are *not* updated, the
+ * caller is expected to update them.
+ *
+ * @param type - The type of keyring to add.
+ * @param data - Keyring initialization options.
+ * @returns The new keyring.
+ * @throws If the keyring includes duplicated accounts.
+ */
+async function _KeyringController_createKeyring(type, data) {
     __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertControllerMutexIsLocked).call(this);
     const keyringBuilder = __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringBuilderForType).call(this, type);
     if (!keyringBuilder) {
@@ -1418,7 +1510,6 @@ async function _KeyringController_newKeyring(type, data) {
         // to its events after creating it
         __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_subscribeToQRKeyringEvents).call(this, keyring);
     }
-    __classPrivateFieldGet(this, _KeyringController_keyrings, "f").push(keyring);
     return keyring;
 }, _KeyringController_clearKeyrings = 
 /**
@@ -1443,7 +1534,15 @@ async function _KeyringController_restoreKeyring(serialized) {
     __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertControllerMutexIsLocked).call(this);
     try {
         const { type, data } = serialized;
-        return await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_newKeyring).call(this, type, data);
+        const keyring = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_createKeyring).call(this, type, data);
+        __classPrivateFieldGet(this, _KeyringController_keyrings, "f").push(keyring);
+        // If metadata is missing, assume the data is from an installation before
+        // we had keyring metadata.
+        if (__classPrivateFieldGet(this, _KeyringController_keyringsMetadata, "f").length < __classPrivateFieldGet(this, _KeyringController_keyrings, "f").length) {
+            console.log(`Adding missing metadata for '${type}' keyring`);
+            __classPrivateFieldGet(this, _KeyringController_keyringsMetadata, "f").push(getDefaultKeyringMetadata());
+        }
+        return keyring;
     }
     catch (_) {
         __classPrivateFieldGet(this, _KeyringController_unsupportedKeyrings, "f").push(serialized);
@@ -1471,19 +1570,22 @@ async function _KeyringController_destroyKeyring(keyring) {
 async function _KeyringController_removeEmptyKeyrings() {
     __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertControllerMutexIsLocked).call(this);
     const validKeyrings = [];
+    const validKeyringMetadata = [];
     // Since getAccounts returns a Promise
     // We need to wait to hear back form each keyring
     // in order to decide which ones are now valid (accounts.length > 0)
-    await Promise.all(__classPrivateFieldGet(this, _KeyringController_keyrings, "f").map(async (keyring) => {
+    await Promise.all(__classPrivateFieldGet(this, _KeyringController_keyrings, "f").map(async (keyring, index) => {
         const accounts = await keyring.getAccounts();
         if (accounts.length > 0) {
             validKeyrings.push(keyring);
+            validKeyringMetadata.push(__classPrivateFieldGet(this, _KeyringController_keyringsMetadata, "f")[index]);
         }
         else {
             await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_destroyKeyring).call(this, keyring);
         }
     }));
     __classPrivateFieldSet(this, _KeyringController_keyrings, validKeyrings, "f");
+    __classPrivateFieldSet(this, _KeyringController_keyringsMetadata, validKeyringMetadata, "f");
 }, _KeyringController_checkForDuplicate = 
 /**
  * Checks for duplicate keypairs, using the the first account in the given
@@ -1549,6 +1651,7 @@ async function _KeyringController_withRollback(callback) {
     return __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_withControllerLock).call(this, async ({ releaseLock }) => {
         const currentSerializedKeyrings = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getSerializedKeyrings).call(this);
         const currentPassword = __classPrivateFieldGet(this, _KeyringController_password, "f");
+        const currentKeyringsMetadata = __classPrivateFieldGet(this, _KeyringController_keyringsMetadata, "f").slice();
         try {
             return await callback({ releaseLock });
         }
@@ -1556,6 +1659,7 @@ async function _KeyringController_withRollback(callback) {
             // Keyrings and password are restored to their previous state
             await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_restoreSerializedKeyrings).call(this, currentSerializedKeyrings);
             __classPrivateFieldSet(this, _KeyringController_password, currentPassword, "f");
+            __classPrivateFieldSet(this, _KeyringController_keyringsMetadata, currentKeyringsMetadata, "f");
             throw e;
         }
     });
@@ -1612,5 +1716,13 @@ async function withLock(mutex, callback) {
         releaseLock();
     }
 }
+/**
+ * Generate a new keyring metadata object.
+ *
+ * @returns Keyring metadata.
+ */
+function getDefaultKeyringMetadata() {
+    return { id: (0, ulid_1.ulid)(), name: '' };
+}
 exports.default = KeyringController;
 //# sourceMappingURL=KeyringController.cjs.map