@metamask-previews/keyring-controller 25.2.0-preview-bce8c098b → 25.2.0-preview-54abb25

package/CHANGELOG.md

@@ -9,10 +9,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 
-- Add `accountSupports7702` method and `KeyringController:accountSupports7702` messenger action to check whether an account's keyring supports EIP-7702 authorization signing ([#8388](https://github.com/MetaMask/core/pull/8388))
+- Added `KeyringV2` support ([#8390](https://github.com/MetaMask/core/pull/8390))
+  - The controller now maintains a list of `KeyringV2` instance in memory alongside previous `Keyring` instance.
+  - This new keyring interface is more generic and will become the new standard to interact with keyring (creating accounts, executing logic that involves accounts like signing, etc...).
+  - For now, most `KeyringV2` are wrappers (read adapters) around existing `Keyring` instance.
+- Added `withKeyringV2Unsafe` method and `KeyringController:withKeyringV2Unsafe` messenger action for lock-free read-only access to `KeyringV2` adapters ([#8390](https://github.com/MetaMask/core/pull/8390))
+  - Mirrors `withKeyringUnsafe` semantics: no mutex acquired, no persistence or rollback.
+  - Caller is responsible for ensuring the operation is read-only and accesses only immutable keyring data.
+- Added `withKeyringV2` method and `KeyringController:withKeyringV2` messenger action for atomic operations using the `KeyringV2` API ([#8390](https://github.com/MetaMask/core/pull/8390))
+  - Accepts a `KeyringSelectorV2` (alias for `KeyringSelector`) to select keyrings by `type`, `address`, `id`, or `filter`.
+  - Ships with default V2 builders for HD (`HdKeyringV2`) and Simple (`SimpleKeyringV2`) keyrings; additional builders can be registered via the `keyringV2Builders` constructor option.
 
 ### Changed
 
+- Deprecated `withKeyring` in favor of `withKeyringV2`, which supports the `KeyringV2` API.
 - Bump `@metamask/messenger` from `^1.0.0` to `^1.1.1` ([#8364](https://github.com/MetaMask/core/pull/8364), [#8373](https://github.com/MetaMask/core/pull/8373))
 
 ## [25.2.0]

package/dist/KeyringController.cjs

@@ -33,17 +33,14 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-var _KeyringController_instances, _KeyringController_controllerOperationMutex, _KeyringController_vaultOperationMutex, _KeyringController_keyringBuilders, _KeyringController_encryptor, _KeyringController_keyrings, _KeyringController_unsupportedKeyrings, _KeyringController_encryptionKey, _KeyringController_getKeyringForAccount, _KeyringController_findKeyringIndexForAccount, _KeyringController_assertNoUnsafeDirectKeyringAccess, _KeyringController_registerMessageHandlers, _KeyringController_selectKeyring, _KeyringController_getKeyringById, _KeyringController_getKeyringByIdOrDefault, _KeyringController_getKeyringMetadata, _KeyringController_getKeyringBuilderForType, _KeyringController_createNewVaultWithKeyring, _KeyringController_deriveAndSetEncryptionKey, _KeyringController_setEncryptionKey, _KeyringController_verifySeedPhrase, _KeyringController_getUpdatedKeyrings, _KeyringController_getSerializedKeyrings, _KeyringController_getSessionState, _KeyringController_restoreSerializedKeyrings, _KeyringController_unlockKeyrings, _KeyringController_updateVault, _KeyringController_isNewEncryptionAvailable, _KeyringController_getAccountsFromKeyrings, _KeyringController_createKeyringWithFirstAccount, _KeyringController_newKeyring, _KeyringController_createKeyring, _KeyringController_clearKeyrings, _KeyringController_restoreKeyring, _KeyringController_destroyKeyring, _KeyringController_assertNoDuplicateAccounts, _KeyringController_setUnlocked, _KeyringController_assertIsUnlocked, _KeyringController_persistOrRollback, _KeyringController_withRollback, _KeyringController_assertControllerMutexIsLocked, _KeyringController_withControllerLock, _KeyringController_withVaultLock;
+var _KeyringController_instances, _KeyringController_controllerOperationMutex, _KeyringController_vaultOperationMutex, _KeyringController_keyringBuilders, _KeyringController_keyringV2Builders, _KeyringController_encryptor, _KeyringController_keyrings, _KeyringController_unsupportedKeyrings, _KeyringController_encryptionKey, _KeyringController_getKeyringForAccount, _KeyringController_getKeyringEntryForAccount, _KeyringController_findKeyringIndexForAccount, _KeyringController_getKeyringEntriesByType, _KeyringController_assertNoUnsafeDirectKeyringAccess, _KeyringController_registerMessageHandlers, _KeyringController_selectKeyringEntry, _KeyringController_selectKeyring, _KeyringController_getKeyringById, _KeyringController_getKeyringEntryById, _KeyringController_getKeyringByIdOrDefault, _KeyringController_getKeyringMetadata, _KeyringController_getKeyringBuilderForType, _KeyringController_getKeyringV2BuilderForType, _KeyringController_createNewVaultWithKeyring, _KeyringController_deriveAndSetEncryptionKey, _KeyringController_setEncryptionKey, _KeyringController_verifySeedPhrase, _KeyringController_getUpdatedKeyrings, _KeyringController_getSerializedKeyrings, _KeyringController_getSessionState, _KeyringController_restoreSerializedKeyrings, _KeyringController_unlockKeyrings, _KeyringController_updateVault, _KeyringController_isNewEncryptionAvailable, _KeyringController_getAccountsFromKeyrings, _KeyringController_createKeyringWithFirstAccount, _KeyringController_newKeyring, _KeyringController_createKeyring, _KeyringController_clearKeyrings, _KeyringController_restoreKeyring, _KeyringController_destroyKeyring, _KeyringController_assertNoDuplicateAccounts, _KeyringController_setUnlocked, _KeyringController_assertIsUnlocked, _KeyringController_persistOrRollback, _KeyringController_withRollback, _KeyringController_assertControllerMutexIsLocked, _KeyringController_withControllerLock, _KeyringController_withVaultLock;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.KeyringController = exports.getDefaultKeyringState = exports.keyringBuilderFactory = exports.SignTypedDataVersion = exports.AccountImportStrategy = exports.isCustodyKeyring = exports.KeyringTypes = void 0;
 const util_1 = require("@ethereumjs/util");
 const base_controller_1 = require("@metamask/base-controller");
 const eth_hd_keyring_1 = require("@metamask/eth-hd-keyring");
 const eth_sig_util_1 = require("@metamask/eth-sig-util");
-const eth_simple_keyring_1 = __importDefault(require("@metamask/eth-simple-keyring"));
+const eth_simple_keyring_1 = __importStar(require("@metamask/eth-simple-keyring"));
 const utils_1 = require("@metamask/utils");
 const async_mutex_1 = require("async-mutex");
 const ethereumjs_wallet_1 = __importStar(require("ethereumjs-wallet"));
@@ -126,6 +123,17 @@ const defaultKeyringBuilders = [
     keyringBuilderFactory(eth_simple_keyring_1.default),
     keyringBuilderFactory(eth_hd_keyring_1.HdKeyring),
 ];
+const hdKeyringV2Builder = Object.assign((keyring, metadata) => new eth_hd_keyring_1.HdKeyringV2({
+    legacyKeyring: keyring,
+    entropySource: metadata.id,
+}), { type: KeyringTypes.hd });
+const simpleKeyringV2Builder = Object.assign((keyring) => new eth_simple_keyring_1.SimpleKeyringV2({
+    legacyKeyring: keyring,
+}), { type: KeyringTypes.simple });
+const defaultKeyringV2Builders = [
+    simpleKeyringV2Builder,
+    hdKeyringV2Builder,
+];
 const getDefaultKeyringState = () => {
     return {
         isUnlocked: false,
@@ -251,7 +259,7 @@ class KeyringController extends base_controller_1.BaseController {
      * @param options.state - Initial state to set on this controller.
      */
     constructor(options) {
-        const { encryptor, keyringBuilders, messenger, state } = options;
+        const { encryptor, keyringBuilders, keyringV2Builders, messenger, state } = options;
         super({
             name,
             metadata: {
@@ -296,6 +304,7 @@ class KeyringController extends base_controller_1.BaseController {
         _KeyringController_controllerOperationMutex.set(this, new async_mutex_1.Mutex());
         _KeyringController_vaultOperationMutex.set(this, new async_mutex_1.Mutex());
         _KeyringController_keyringBuilders.set(this, void 0);
+        _KeyringController_keyringV2Builders.set(this, void 0);
         _KeyringController_encryptor.set(this, void 0);
         _KeyringController_keyrings.set(this, void 0);
         _KeyringController_unsupportedKeyrings.set(this, void 0);
@@ -303,6 +312,9 @@ class KeyringController extends base_controller_1.BaseController {
         __classPrivateFieldSet(this, _KeyringController_keyringBuilders, keyringBuilders
             ? keyringBuilders.concat(defaultKeyringBuilders)
             : defaultKeyringBuilders, "f");
+        __classPrivateFieldSet(this, _KeyringController_keyringV2Builders, keyringV2Builders
+            ? keyringV2Builders.concat(defaultKeyringV2Builders)
+            : defaultKeyringV2Builders, "f");
         __classPrivateFieldSet(this, _KeyringController_encryptor, encryptor, "f");
         __classPrivateFieldSet(this, _KeyringController_keyrings, [], "f");
         __classPrivateFieldSet(this, _KeyringController_unsupportedKeyrings, [], "f");
@@ -547,9 +559,7 @@ class KeyringController extends base_controller_1.BaseController {
      */
     getKeyringsByType(type) {
         __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
-        return __classPrivateFieldGet(this, _KeyringController_keyrings, "f")
-            .filter(({ keyring }) => keyring.type === type)
-            .map(({ keyring }) => keyring);
+        return __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringEntriesByType).call(this, type).map(({ keyring }) => keyring);
     }
     /**
      * Persist all serialized keyrings in the vault.
@@ -638,7 +648,7 @@ class KeyringController extends base_controller_1.BaseController {
             if (keyringIndex === -1) {
                 throw new errors_1.KeyringControllerError(constants_1.KeyringControllerErrorMessage.NoKeyring);
             }
-            const { keyring } = __classPrivateFieldGet(this, _KeyringController_keyrings, "f")[keyringIndex];
+            const { keyring, keyringV2 } = __classPrivateFieldGet(this, _KeyringController_keyrings, "f")[keyringIndex];
             const isPrimaryKeyring = keyringIndex === 0;
             const shouldRemoveKeyring = (await keyring.getAccounts()).length === 1;
             // Primary keyring should never be removed, so we need to keep at least one account in it
@@ -659,7 +669,7 @@ class KeyringController extends base_controller_1.BaseController {
             await keyring.removeAccount(address);
             if (shouldRemoveKeyring) {
                 __classPrivateFieldGet(this, _KeyringController_keyrings, "f").splice(keyringIndex, 1);
-                await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_destroyKeyring).call(this, keyring);
+                await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_destroyKeyring).call(this, keyring, keyringV2);
             }
         });
         this.messenger.publish(`${name}:accountRemoved`, address);
@@ -1017,23 +1027,125 @@ class KeyringController extends base_controller_1.BaseController {
             metadata: __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringMetadata).call(this, keyring),
         }), keyring);
     }
+    /**
+     * Select a keyring, wrap it in a `KeyringV2` adapter, and execute
+     * the given operation with the wrapped keyring as a mutually
+     * exclusive atomic operation.
+     *
+     * We re-wrap the keyring in a `KeyringV2` adapter on each invocation,
+     * since V2 wrappers are ephemeral adapters created on-the-fly, and cheap to create.
+     *
+     * The method automatically persists changes at the end of the
+     * function execution, or rolls back the changes if an error
+     * is thrown.
+     *
+     * A `KeyringV2Builder` for the selected keyring's type must exist
+     * (either as a default or registered via the `keyringV2Builders`
+     * constructor option); otherwise an error is thrown.
+     *
+     * Selection is performed against the V1 keyrings in `#keyrings`, since
+     * V2 wrappers are ephemeral adapters created on-the-fly.
+     *
+     * @param selector - Keyring selector object.
+     * @param operation - Function to execute with the wrapped V2 keyring.
+     * @returns Promise resolving to the result of the function execution.
+     * @template CallbackResult - The type of the value resolved by the callback function.
+     */
+    async withKeyringV2(selector, operation) {
+        __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
+        return __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_persistOrRollback).call(this, async () => {
+            const entry = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_selectKeyringEntry).call(this, {
+                v2: true,
+                selector,
+            });
+            if (!entry) {
+                throw new errors_1.KeyringControllerError(constants_1.KeyringControllerErrorMessage.KeyringNotFound);
+            }
+            if (!entry.keyringV2) {
+                throw new errors_1.KeyringControllerError(constants_1.KeyringControllerErrorMessage.KeyringV2NotSupported);
+            }
+            const { metadata } = entry;
+            const keyring = entry.keyringV2;
+            const result = await operation({
+                keyring,
+                metadata,
+            });
+            if (Object.is(result, keyring)) {
+                throw new errors_1.KeyringControllerError(constants_1.KeyringControllerErrorMessage.UnsafeDirectKeyringAccess);
+            }
+            return result;
+        });
+    }
+    /**
+     * Select a keyring, wrap it in a `KeyringV2` adapter, and execute
+     * the given read-only operation **without** acquiring the controller's
+     * mutual exclusion lock.
+     *
+     * ## When to use this method
+     *
+     * This method is an escape hatch for read-only access to keyring data that
+     * is immutable once the keyring is initialized. A typical safe use case is
+     * reading immutable fields from a `KeyringV2` adapter: data that is set
+     * during initialization and never mutated afterwards.
+     *
+     * ## Why it is "unsafe"
+     *
+     * The "unsafe" designation mirrors the semantics of `unsafe { }` blocks in
+     * Rust: the method itself does not enforce thread-safety guarantees. By
+     * calling this method the **caller** explicitly takes responsibility for
+     * ensuring that:
+     *
+     * - The operation is **read-only** — no state is mutated.
+     * - The data being read is **immutable** after the keyring is initialized,
+     *   so concurrent locked operations cannot alter it while this callback
+     *   runs.
+     *
+     * Do **not** use this method to:
+     * - Mutate keyring state (add accounts, sign, etc.) — use `withKeyringV2`.
+     * - Read mutable fields that could change during concurrent operations.
+     *
+     * @param selector - Keyring selector object.
+     * @param operation - Read-only function to execute with the wrapped V2 keyring.
+     * @returns Promise resolving to the result of the function execution.
+     * @template SelectedKeyring - The type of the selected V2 keyring.
+     * @template CallbackResult - The type of the value resolved by the callback function.
+     */
+    async withKeyringV2Unsafe(selector, operation) {
+        __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
+        const entry = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_selectKeyringEntry).call(this, {
+            v2: true,
+            selector,
+        });
+        if (!entry) {
+            throw new errors_1.KeyringControllerError(constants_1.KeyringControllerErrorMessage.KeyringNotFound);
+        }
+        if (!entry.keyringV2) {
+            throw new errors_1.KeyringControllerError(constants_1.KeyringControllerErrorMessage.KeyringV2NotSupported);
+        }
+        const { metadata } = entry;
+        const keyring = entry.keyringV2;
+        const result = await operation({ keyring, metadata });
+        if (Object.is(result, keyring)) {
+            throw new errors_1.KeyringControllerError(constants_1.KeyringControllerErrorMessage.UnsafeDirectKeyringAccess);
+        }
+        return result;
+    }
     async getAccountKeyringType(account) {
         __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
         const keyring = (await this.getKeyringForAccount(account));
         return keyring.type;
     }
-    async accountSupports7702(account) {
-        const keyringType = await this.getAccountKeyringType(account);
-        return (keyringType === KeyringTypes.hd ||
-            keyringType === KeyringTypes.simple);
-    }
 }
 exports.KeyringController = KeyringController;
-_KeyringController_controllerOperationMutex = new WeakMap(), _KeyringController_vaultOperationMutex = new WeakMap(), _KeyringController_keyringBuilders = new WeakMap(), _KeyringController_encryptor = new WeakMap(), _KeyringController_keyrings = new WeakMap(), _KeyringController_unsupportedKeyrings = new WeakMap(), _KeyringController_encryptionKey = new WeakMap(), _KeyringController_instances = new WeakSet(), _KeyringController_getKeyringForAccount = async function _KeyringController_getKeyringForAccount(account) {
+_KeyringController_controllerOperationMutex = new WeakMap(), _KeyringController_vaultOperationMutex = new WeakMap(), _KeyringController_keyringBuilders = new WeakMap(), _KeyringController_keyringV2Builders = new WeakMap(), _KeyringController_encryptor = new WeakMap(), _KeyringController_keyrings = new WeakMap(), _KeyringController_unsupportedKeyrings = new WeakMap(), _KeyringController_encryptionKey = new WeakMap(), _KeyringController_instances = new WeakSet(), _KeyringController_getKeyringForAccount = async function _KeyringController_getKeyringForAccount(account) {
+    __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
+    const entry = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringEntryForAccount).call(this, account);
+    return entry?.keyring;
+}, _KeyringController_getKeyringEntryForAccount = async function _KeyringController_getKeyringEntryForAccount(account) {
     __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
     const keyringIndex = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_findKeyringIndexForAccount).call(this, account);
     if (keyringIndex > -1) {
-        return __classPrivateFieldGet(this, _KeyringController_keyrings, "f")[keyringIndex].keyring;
+        return __classPrivateFieldGet(this, _KeyringController_keyrings, "f")[keyringIndex];
     }
     return undefined;
 }, _KeyringController_findKeyringIndexForAccount = async function _KeyringController_findKeyringIndexForAccount(account) {
@@ -1041,6 +1153,9 @@ _KeyringController_controllerOperationMutex = new WeakMap(), _KeyringController_
     const address = account.toLowerCase();
     const accountsPerKeyring = await Promise.all(__classPrivateFieldGet(this, _KeyringController_keyrings, "f").map(({ keyring }) => keyring.getAccounts()));
     return accountsPerKeyring.findIndex((accounts) => accounts.map((a) => a.toLowerCase()).includes(address));
+}, _KeyringController_getKeyringEntriesByType = function _KeyringController_getKeyringEntriesByType(type) {
+    __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
+    return __classPrivateFieldGet(this, _KeyringController_keyrings, "f").filter(({ keyring }) => keyring.type === type);
 }, _KeyringController_assertNoUnsafeDirectKeyringAccess = function _KeyringController_assertNoUnsafeDirectKeyringAccess(value, keyring) {
     if (Object.is(value, keyring)) {
         // Access to a keyring instance outside of controller safeguards
@@ -1067,37 +1182,66 @@ _KeyringController_controllerOperationMutex = new WeakMap(), _KeyringController_
     this.messenger.registerActionHandler(`${name}:addNewAccount`, this.addNewAccount.bind(this));
     this.messenger.registerActionHandler(`${name}:withKeyring`, this.withKeyring.bind(this));
     this.messenger.registerActionHandler(`${name}:withKeyringUnsafe`, this.withKeyringUnsafe.bind(this));
+    this.messenger.registerActionHandler(`${name}:withKeyringV2`, this.withKeyringV2.bind(this));
+    this.messenger.registerActionHandler(`${name}:withKeyringV2Unsafe`, this.withKeyringV2Unsafe.bind(this));
     this.messenger.registerActionHandler(`${name}:addNewKeyring`, this.addNewKeyring.bind(this));
     this.messenger.registerActionHandler(`${name}:createNewVaultAndKeychain`, this.createNewVaultAndKeychain.bind(this));
     this.messenger.registerActionHandler(`${name}:createNewVaultAndRestore`, this.createNewVaultAndRestore.bind(this));
     this.messenger.registerActionHandler(`${name}:removeAccount`, this.removeAccount.bind(this));
-    this.messenger.registerActionHandler(`${name}:accountSupports7702`, this.accountSupports7702.bind(this));
-}, _KeyringController_selectKeyring = 
+}, _KeyringController_selectKeyringEntry = 
 /**
- * Select a keyring using a selector without acquiring the controller lock.
+ * Select a keyring entry using a selector without acquiring the controller lock.
  *
- * @param selector - Keyring selector object.
- * @returns The selected keyring, or `undefined` if no match is found.
+ * @param options - Selection options.
+ * @param options.v2 - Tag to indicate whether the selector is for a V2 keyring.
+ * @param options.selector - Keyring selector object.
+ * @returns The selected keyring entry, or `undefined` if no match is found.
  * @template SelectedKeyring - The expected type of the selected keyring.
+ * @template SelectedKeyringV2 - The expected type of the selected keyring (v2).
  */
-async function _KeyringController_selectKeyring(selector) {
-    let keyring;
+async function _KeyringController_selectKeyringEntry({ v2, selector, }) {
+    let entry;
     if ('address' in selector) {
-        keyring = (await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringForAccount).call(this, selector.address));
+        entry = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringEntryForAccount).call(this, selector.address);
     }
     else if ('type' in selector) {
-        keyring = this.getKeyringsByType(selector.type)[selector.index ?? 0];
+        entry = __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringEntriesByType).call(this, selector.type)[selector.index ?? 0];
     }
     else if ('id' in selector) {
-        keyring = __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringById).call(this, selector.id);
+        entry = __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringEntryById).call(this, selector.id);
     }
     else if ('filter' in selector) {
-        keyring = __classPrivateFieldGet(this, _KeyringController_keyrings, "f").find(({ keyring: filteredKeyring, metadata }) => selector.filter(filteredKeyring, metadata))?.keyring;
+        entry = __classPrivateFieldGet(this, _KeyringController_keyrings, "f").find(({ keyring, keyringV2, metadata }) => {
+            // If v2, then we'll use the v2 selector which expects a `KeyringV2` instance.
+            if (v2) {
+                // However, some keyrings do not have a v2 wrapper, so we just skip them.
+                if (!keyringV2) {
+                    return false;
+                }
+                return selector.filter(keyringV2, metadata);
+            }
+            return selector.filter(keyring, metadata);
+        });
     }
-    return keyring;
+    return entry;
+}, _KeyringController_selectKeyring = 
+/**
+ * Select a keyring using a selector without acquiring the controller lock.
+ *
+ * @param selector - Keyring selector object.
+ * @returns The selected keyring, or `undefined` if no match is found.
+ * @template SelectedKeyring - The expected type of the selected keyring.
+ */
+async function _KeyringController_selectKeyring(selector) {
+    const entry = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_selectKeyringEntry).call(this, {
+        v2: false,
+        selector,
+    });
+    return entry?.keyring;
 }, _KeyringController_getKeyringById = function _KeyringController_getKeyringById(keyringId) {
-    return __classPrivateFieldGet(this, _KeyringController_keyrings, "f").find(({ metadata }) => metadata.id === keyringId)
-        ?.keyring;
+    return __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringEntryById).call(this, keyringId)?.keyring;
+}, _KeyringController_getKeyringEntryById = function _KeyringController_getKeyringEntryById(keyringId) {
+    return __classPrivateFieldGet(this, _KeyringController_keyrings, "f").find(({ metadata }) => metadata.id === keyringId);
 }, _KeyringController_getKeyringByIdOrDefault = function _KeyringController_getKeyringByIdOrDefault(keyringId) {
     if (!keyringId) {
         return __classPrivateFieldGet(this, _KeyringController_keyrings, "f")[0]?.keyring;
@@ -1111,6 +1255,8 @@ async function _KeyringController_selectKeyring(selector) {
     return keyringWithMetadata.metadata;
 }, _KeyringController_getKeyringBuilderForType = function _KeyringController_getKeyringBuilderForType(type) {
     return __classPrivateFieldGet(this, _KeyringController_keyringBuilders, "f").find((keyringBuilder) => keyringBuilder.type === type);
+}, _KeyringController_getKeyringV2BuilderForType = function _KeyringController_getKeyringV2BuilderForType(type) {
+    return __classPrivateFieldGet(this, _KeyringController_keyringV2Builders, "f").find((builder) => builder.type === type);
 }, _KeyringController_createNewVaultWithKeyring = 
 /**
  * Create new vault with an initial keyring
@@ -1434,8 +1580,8 @@ async function _KeyringController_createKeyringWithFirstAccount(type, opts) {
  * @throws If the keyring includes duplicated accounts.
  */
 async function _KeyringController_newKeyring(type, data) {
-    const keyring = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_createKeyring).call(this, type, data);
-    __classPrivateFieldGet(this, _KeyringController_keyrings, "f").push({ keyring, metadata: getDefaultKeyringMetadata() });
+    const { keyring, keyringV2, metadata } = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_createKeyring).call(this, type, data);
+    __classPrivateFieldGet(this, _KeyringController_keyrings, "f").push({ keyring, keyringV2, metadata });
     return keyring;
 }, _KeyringController_createKeyring = 
 /**
@@ -1452,11 +1598,13 @@ async function _KeyringController_newKeyring(type, data) {
  *
  * @param type - The type of keyring to add.
  * @param data - Keyring initialization options.
+ * @param metadata - Keyring metadata if available.
  * @returns The new keyring.
  * @throws If the keyring includes duplicated accounts.
  */
-async function _KeyringController_createKeyring(type, data) {
+async function _KeyringController_createKeyring(type, data, metadata) {
     __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertControllerMutexIsLocked).call(this);
+    const keyringMetadata = metadata ?? getDefaultKeyringMetadata();
     const keyringBuilder = __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringBuilderForType).call(this, type);
     if (!keyringBuilder) {
         throw new errors_1.KeyringControllerError(`${constants_1.KeyringControllerErrorMessage.NoKeyringBuilder}. Keyring type: ${type}`);
@@ -1480,7 +1628,13 @@ async function _KeyringController_createKeyring(type, data) {
         await keyring.generateRandomMnemonic();
         await keyring.addAccounts(1);
     }
-    return keyring;
+    // We now create the keyring V2 wrappers and store them in memory.
+    const keyringBuilderV2 = __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_getKeyringV2BuilderForType).call(this, type);
+    let keyringV2;
+    if (keyringBuilderV2) {
+        keyringV2 = keyringBuilderV2(keyring, keyringMetadata);
+    }
+    return { keyring, keyringV2, metadata: keyringMetadata };
 }, _KeyringController_clearKeyrings = 
 /**
  * Remove all managed keyrings, destroying all their
@@ -1488,8 +1642,8 @@ async function _KeyringController_createKeyring(type, data) {
  */
 async function _KeyringController_clearKeyrings() {
     __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertControllerMutexIsLocked).call(this);
-    for (const { keyring } of __classPrivateFieldGet(this, _KeyringController_keyrings, "f")) {
-        await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_destroyKeyring).call(this, keyring);
+    for (const { keyring, keyringV2 } of __classPrivateFieldGet(this, _KeyringController_keyrings, "f")) {
+        await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_destroyKeyring).call(this, keyring, keyringV2);
     }
     __classPrivateFieldSet(this, _KeyringController_keyrings, [], "f");
     __classPrivateFieldSet(this, _KeyringController_unsupportedKeyrings, [], "f");
@@ -1507,21 +1661,22 @@ async function _KeyringController_restoreKeyring(serialized) {
         const { type, data, metadata: serializedMetadata } = serialized;
         let newMetadata = false;
         let metadata = serializedMetadata;
-        const keyring = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_createKeyring).call(this, type, data);
-        await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertNoDuplicateAccounts).call(this, [keyring]);
         // If metadata is missing, assume the data is from an installation before
         // we had keyring metadata.
         if (!metadata) {
             newMetadata = true;
             metadata = getDefaultKeyringMetadata();
         }
+        const { keyring, keyringV2 } = await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_createKeyring).call(this, type, data, metadata);
+        await __classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertNoDuplicateAccounts).call(this, [keyring]);
         // The keyring is added to the keyrings array only if it's successfully restored
         // and the metadata is successfully added to the controller
         __classPrivateFieldGet(this, _KeyringController_keyrings, "f").push({
             keyring,
+            keyringV2,
             metadata,
         });
-        return { keyring, metadata, newMetadata };
+        return { keyring, keyringV2, metadata, newMetadata };
     }
     catch (error) {
         console.error(error);
@@ -1537,9 +1692,13 @@ async function _KeyringController_restoreKeyring(serialized) {
  * clears the keyring bridge iframe from the DOM.
  *
  * @param keyring - The keyring to destroy.
+ * @param keyringV2 - The keyring v2 to destroy (if any).
  */
-async function _KeyringController_destroyKeyring(keyring) {
+async function _KeyringController_destroyKeyring(keyring, keyringV2) {
     await keyring.destroy?.();
+    if (keyringV2) {
+        await keyringV2.destroy?.();
+    }
 }, _KeyringController_assertNoDuplicateAccounts = 
 /**
  * Assert that there are no duplicate accounts in the keyrings.