@metamask/multichain-api-middleware 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/CHANGELOG.md +22 -1
  2. package/dist/handlers/wallet-createSession.cjs +27 -4
  3. package/dist/handlers/wallet-createSession.cjs.map +1 -1
  4. package/dist/handlers/wallet-createSession.d.cts.map +1 -1
  5. package/dist/handlers/wallet-createSession.d.mts.map +1 -1
  6. package/dist/handlers/wallet-createSession.mjs +28 -5
  7. package/dist/handlers/wallet-createSession.mjs.map +1 -1
  8. package/package.json +6 -6
package/CHANGELOG.md CHANGED
@@ -7,6 +7,25 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
 
8
8
  ## [Unreleased]
9
9
 
10
+ ## [0.4.0]
11
+
12
+ ### Added
13
+
14
+ - When `wallet_createSession` handler is called with `solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp` (solana mainnet) as a requested scope, but there are not currently any accounts in the wallet supporting this scope, we now add a `promptToCreateSolanaAccount` to a metadata object on the `requestPermissions` call forwarded to the `PermissionsController`.
15
+
16
+ ## [0.3.0]
17
+
18
+ ### Added
19
+
20
+ - Add more chain-agnostic-permission utility functions from sip-26 usage ([#5609](https://github.com/MetaMask/core/pull/5609))
21
+
22
+ ### Changed
23
+
24
+ - Bump `@metamask/chain-agnostic-permission` to `^0.7.0` ([#5715](https://github.com/MetaMask/core/pull/5715),[#5760](https://github.com/MetaMask/core/pull/5760), [#5818](https://github.com/MetaMask/core/pull/5818))
25
+ - Bump `@metamask/api-specs` to `^0.14.0` ([#5817](https://github.com/MetaMask/core/pull/5817))
26
+ - Bump `@metamask/controller-utils` to `^11.9.0` ([#5765](https://github.com/MetaMask/core/pull/5765), [#5812](https://github.com/MetaMask/core/pull/5812))
27
+ - Bump `@metamask/network-controller` to `^23.5.0` ([#5765](https://github.com/MetaMask/core/pull/5765), [#5812](https://github.com/MetaMask/core/pull/5812))
28
+
10
29
  ## [0.2.0]
11
30
 
12
31
  ### Added
@@ -36,7 +55,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
36
55
 
37
56
  - Initial release
38
57
 
39
- [Unreleased]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@0.2.0...HEAD
58
+ [Unreleased]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@0.4.0...HEAD
59
+ [0.4.0]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@0.3.0...@metamask/multichain-api-middleware@0.4.0
60
+ [0.3.0]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@0.2.0...@metamask/multichain-api-middleware@0.3.0
40
61
  [0.2.0]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@0.1.1...@metamask/multichain-api-middleware@0.2.0
41
62
  [0.1.1]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@0.1.0...@metamask/multichain-api-middleware@0.1.1
42
63
  [0.1.0]: https://github.com/MetaMask/core/releases/tag/@metamask/multichain-api-middleware@0.1.0
package/dist/handlers/wallet-createSession.cjs CHANGED
@@ -6,6 +6,7 @@ const controller_utils_1 = require("@metamask/controller-utils");
6
6
  const permission_controller_1 = require("@metamask/permission-controller");
7
7
  const rpc_errors_1 = require("@metamask/rpc-errors");
8
8
  const utils_1 = require("@metamask/utils");
9
+ const SOLANA_CAIP_CHAIN_ID = 'solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp';
9
10
  /**
10
11
  * Handler for the `wallet_createSession` RPC method which is responsible
11
12
  * for prompting for approval and granting a CAIP-25 permission.
@@ -57,6 +58,14 @@ async function walletCreateSessionHandler(req, res, _next, end, hooks) {
57
58
  return false;
58
59
  }
59
60
  };
61
+ // if solana is a requested scope but not supported, we add a promptToCreateSolanaAccount flag to request
62
+ const isSolanaRequested = (0, chain_agnostic_permission_1.isNamespaceInScopesObject)(requiredScopesWithSupportedMethodsAndNotifications, utils_1.KnownCaipNamespace.Solana) ||
63
+ (0, chain_agnostic_permission_1.isNamespaceInScopesObject)(optionalScopesWithSupportedMethodsAndNotifications, utils_1.KnownCaipNamespace.Solana);
64
+ let promptToCreateSolanaAccount = false;
65
+ if (isSolanaRequested) {
66
+ const supportedSolanaAccounts = hooks.getNonEvmAccountAddresses(SOLANA_CAIP_CHAIN_ID);
67
+ promptToCreateSolanaAccount = supportedSolanaAccounts.length === 0;
68
+ }
60
69
  const { supportedScopes: supportedRequiredScopes } = (0, chain_agnostic_permission_1.bucketScopes)(requiredScopesWithSupportedMethodsAndNotifications, {
61
70
  isEvmChainIdSupported: networkClientExistsForChainId,
62
71
  isEvmChainIdSupportable: () => false,
@@ -77,9 +86,6 @@ async function walletCreateSessionHandler(req, res, _next, end, hooks) {
77
86
  supportedRequiredScopes,
78
87
  supportedOptionalScopes,
79
88
  ]);
80
- if (allSupportedRequestedCaipChainIds.length === 0) {
81
- return end(new rpc_errors_1.JsonRpcError(5100, 'Requested scopes are not supported'));
82
- }
83
89
  const existingEvmAddresses = hooks
84
90
  .listAccounts()
85
91
  .map((account) => account.address);
@@ -103,7 +109,22 @@ async function walletCreateSessionHandler(req, res, _next, end, hooks) {
103
109
  isMultichainOrigin: true,
104
110
  sessionProperties: filteredSessionProperties,
105
111
  };
106
- const requestedCaip25CaveatValueWithSupportedAccounts = (0, chain_agnostic_permission_1.setPermittedAccounts)(requestedCaip25CaveatValue, supportedRequestedAccountAddresses);
112
+ const requestedCaip25CaveatValueWithSupportedAccounts = (0, chain_agnostic_permission_1.setNonSCACaipAccountIdsInCaip25CaveatValue)(requestedCaip25CaveatValue, supportedRequestedAccountAddresses);
113
+ // if `promptToCreateSolanaAccount` is true and there are no other valid scopes requested,
114
+ // we add a `wallet` scope to the request in order to get passed the CAIP-25 caveat validator.
115
+ // This is very hacky but is necessary because the solana opt-in flow breaks key assumptions
116
+ // of the CAIP-25 permission specification - namely that we can have valid requests with no scopes.
117
+ if (allSupportedRequestedCaipChainIds.length === 0) {
118
+ if (promptToCreateSolanaAccount) {
119
+ requestedCaip25CaveatValueWithSupportedAccounts.optionalScopes[utils_1.KnownCaipNamespace.Wallet] = {
120
+ accounts: [],
121
+ };
122
+ }
123
+ else {
124
+ // if solana is not requested and there are no supported scopes, we return an error
125
+ return end(new rpc_errors_1.JsonRpcError(5100, 'Requested scopes are not supported'));
126
+ }
127
+ }
107
128
  const [grantedPermissions] = await hooks.requestPermissionsForOrigin({
108
129
  [chain_agnostic_permission_1.Caip25EndowmentPermissionName]: {
109
130
  caveats: [
@@ -113,6 +134,8 @@ async function walletCreateSessionHandler(req, res, _next, end, hooks) {
113
134
  },
114
135
  ],
115
136
  },
137
+ }, {
138
+ metadata: { promptToCreateSolanaAccount },
116
139
  });
117
140
  const approvedCaip25Permission = grantedPermissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
118
141
  const approvedCaip25CaveatValue = approvedCaip25Permission?.caveats?.find((caveat) => caveat.type === chain_agnostic_permission_1.Caip25CaveatType)?.value;
package/dist/handlers/wallet-createSession.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"wallet-createSession.cjs","sourceRoot":"","sources":["../../src/handlers/wallet-createSession.ts"],"names":[],"mappings":";;;AAAA,mFAe6C;AAC7C,iEAAoE;AAMpE,2EAGyC;AACzC,qDAA+D;AAC/D,2CAUyB;AAIzB;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,KAAK,UAAU,0BAA0B,CACvC,GAA6D,EAC7D,GAGE,EACF,KAAgC,EAChC,GAA6B,EAC7B,KAaC;IAED,IAAI,CAAC,IAAA,qBAAa,EAAC,GAAG,CAAC,MAAM,CAAC,EAAE;QAC9B,OAAO,GAAG,CAAC,IAAA,qCAAa,EAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IACD,MAAM,EAAE,cAAc,EAAE,cAAc,EAAE,iBAAiB,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAEzE,IAAI,iBAAiB,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;QACpE,OAAO,GAAG,CAAC,IAAI,yBAAY,CAAC,IAAI,EAAE,qCAAqC,CAAC,CAAC,CAAC;KAC3E;IAED,MAAM,yBAAyB,GAAG,MAAM,CAAC,WAAW,CAClD,MAAM,CAAC,OAAO,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CACvD,IAAA,uDAA2B,EAAC,GAAG,CAAC,CACjC,CACF,CAAC;IAEF,IAAI;QACF,MAAM,EAAE,wBAAwB,EAAE,wBAAwB,EAAE,GAC1D,IAAA,sDAA0B,EAAC,cAAc,IAAI,EAAE,EAAE,cAAc,IAAI,EAAE,CAAC,CAAC;QAEzE,MAAM,kDAAkD,GACtD,IAAA,oDAAwB,EAAC,wBAAwB,EAAE;YACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QACL,MAAM,kDAAkD,GACtD,IAAA,oDAAwB,EAAC,wBAAwB,EAAE;YACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QAEL,MAAM,6BAA6B,GAAG,CAAC,OAAY,EAAE,EAAE;YACrD,IAAI;gBACF,KAAK,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC;gBAC5C,OAAO,IAAI,CAAC;aACb;YAAC,MAAM;gBACN,OAAO,KAAK,CAAC;aACd;QACH,CAAC,CAAC;QAEF,MAAM,EAAE,eAAe,EAAE,uBAAuB,EAAE,GAAG,IAAA,wCAAY,EAC/D,kDAAkD,EAClD;YACE,qBAAqB,EAAE,6BAA6B;YACpD,uBAAuB,EAAE,GAAG,EAAE,CAAC,KAAK;YACpC,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;YAC1D,sBAAsB,EAAE,KAAK,CAAC,sBAAsB;SACrD,CACF,CAAC;QAEF,MAAM,EAAE,eAAe,EAAE,uBAAuB,EAAE,GAAG,IAAA,wCAAY,EAC/D,kDAAkD,EAClD;YACE,qBAAqB,EAAE,6BAA6B;YACpD,uBAAuB,EAAE,GAAG,EAAE,CAAC,KAAK;YACpC,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;YAC1D,sBAAsB,EAAE,KAAK,CAAC,sBAAsB;SACrD,CACF,CAAC;QAEF,MAAM,4BAA4B,GAAG,IAAA,8DAAkC,EAAC;YACtE,uBAAuB;YACvB,uBAAuB;SACxB,CAAC,CAAC;QAEH,MAAM,iCAAiC,GAAG,IAAA,yDAA6B,EAAC;YACtE,uBAAuB;YACvB,uBAAuB;SACxB,CAAC,CAAC;QAEH,IAAI,iCAAiC,CAAC,MAAM,KAAK,CAAC,EAAE;YAClD,OAAO,GAAG,CAAC,IAAI,yBAAY,CAAC,IAAI,EAAE,oCAAoC,CAAC,CAAC,CAAC;SAC1E;QAED,MAAM,oBAAoB,GAAG,KAAK;aAC/B,YAAY,EAAE;aACd,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAErC,MAAM,kCAAkC,GACtC,4BAA4B,CAAC,MAAM,CACjC,CAAC,uBAAsC,EAAE,EAAE;YACzC,MAAM,EACJ,OAAO,EACP,KAAK,EAAE,EAAE,SAAS,EAAE,EACpB,OAAO,EAAE,WAAW,GACrB,GAAG,IAAA,0BAAkB,EAAC,uBAAuB,CAAC,CAAC;YAChD,IAAI,SAAS,KAAK,0BAAkB,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE;gBACtD,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC,kBAAkB,EAAE,EAAE;oBACtD,OAAO,IAAA,yCAAsB,EAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;gBAC7D,CAAC,CAAC,CAAC;aACJ;YAED,oEAAoE;YACpE,OAAO,KAAK;iBACT,yBAAyB,CAAC,WAAW,CAAC;iBACtC,IAAI,CAAC,CAAC,mBAAmB,EAAE,EAAE;gBAC5B,OAAO,uBAAuB,KAAK,mBAAmB,CAAC;YACzD,CAAC,CAAC,CAAC;QACP,CAAC,CACF,CAAC;QAEJ,MAAM,0BAA0B,GAAG;YACjC,cAAc,EAAE,IAAA,mDAAuB,EAAC,uBAAuB,CAAC;YAChE,cAAc,EAAE,IAAA,mDAAuB,EAAC,uBAAuB,CAAC;YAChE,kBAAkB,EAAE,IAAI;YACxB,iBAAiB,EAAE,yBAAyB;SAC7C,CAAC;QAEF,MAAM,+CAA+C,GACnD,IAAA,gDAAoB,EAClB,0BAA0B,EAC1B,kCAAkC,CACnC,CAAC;QAEJ,MAAM,CAAC,kBAAkB,CAAC,GAAG,MAAM,KAAK,CAAC,2BAA2B,CAAC;YACnE,CAAC,yDAA6B,CAAC,EAAE;gBAC/B,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,4CAAgB;wBACtB,KAAK,EAAE,+CAA+C;qBACvD;iBACF;aACF;SACF,CAAC,CAAC;QAEH,MAAM,wBAAwB,GAC5B,kBAAkB,CAAC,yDAA6B,CAAC,CAAC;QACpD,MAAM,yBAAyB,GAAG,wBAAwB,EAAE,OAAO,EAAE,IAAI,CACvE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,4CAAgB,CAC7C,EAAE,KAA0B,CAAC;QAC9B,IAAI,CAAC,yBAAyB,EAAE;YAC9B,MAAM,sBAAS,CAAC,QAAQ,EAAE,CAAC;SAC5B;QAED,MAAM,aAAa,GAAG,IAAA,4CAAgB,EAAC,yBAAyB,EAAE;YAChE,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QAEH,MAAM,EAAE,iBAAiB,EAAE,yBAAyB,GAAG,EAAE,EAAE,GACzD,yBAAyB,CAAC;QAE5B,KAAK,CAAC,wBAAwB,EAAE,CAAC,yBAAyB,CAAC,CAAC;QAE5D,GAAG,CAAC,MAAM,GAAG;YACX,aAAa;YACb,iBAAiB,EAAE,yBAAyB;SAC7C,CAAC;QACF,OAAO,GAAG,EAAE,CAAC;KACd;IAAC,OAAO,GAAG,EAAE;QACZ,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;KACjB;AACH,CAAC;AAEY,QAAA,mBAAmB,GAAG;IACjC,WAAW,EAAE,CAAC,sBAAsB,CAAC;IACrC,cAAc,EAAE,0BAA0B;IAC1C,SAAS,EAAE;QACT,4BAA4B,EAAE,IAAI;QAClC,YAAY,EAAE,IAAI;QAClB,2BAA2B,EAAE,IAAI;QACjC,yBAAyB,EAAE,IAAI;QAC/B,sBAAsB,EAAE,IAAI;QAC5B,yBAAyB,EAAE,IAAI;QAC/B,wBAAwB,EAAE,IAAI;KAC/B;CACF,CAAC","sourcesContent":["import {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n bucketScopes,\n validateAndNormalizeScopes,\n type Caip25Authorization,\n getInternalScopesObject,\n getSessionScopes,\n type NormalizedScopesObject,\n getSupportedScopeObjects,\n type Caip25CaveatValue,\n isKnownSessionPropertyValue,\n getCaipAccountIdsFromScopesObjects,\n getAllScopesFromScopesObjects,\n setPermittedAccounts,\n} from '@metamask/chain-agnostic-permission';\nimport { isEqualCaseInsensitive } from '@metamask/controller-utils';\nimport type {\n JsonRpcEngineEndCallback,\n JsonRpcEngineNextCallback,\n} from '@metamask/json-rpc-engine';\nimport type { NetworkController } from '@metamask/network-controller';\nimport {\n invalidParams,\n type RequestedPermissions,\n} from '@metamask/permission-controller';\nimport { JsonRpcError, rpcErrors } from '@metamask/rpc-errors';\nimport {\n type CaipAccountId,\n type CaipChainId,\n type Hex,\n isPlainObject,\n type Json,\n type JsonRpcRequest,\n type JsonRpcSuccess,\n KnownCaipNamespace,\n parseCaipAccountId,\n} from '@metamask/utils';\n\nimport type { GrantedPermissions } from './types';\n\n/**\n * Handler for the `wallet_createSession` RPC method which is responsible\n * for prompting for approval and granting a CAIP-25 permission.\n *\n * This implementation primarily deviates from the CAIP-25 handler\n * specification by treating all scopes as optional regardless of\n * if they were specified in `requiredScopes` or `optionalScopes`.\n * Additionally, provided scopes, methods, notifications, and\n * account values that are invalid/malformed are ignored rather than\n * causing an error to be returned.\n *\n * @param req - The request object.\n * @param res - The response object.\n * @param _next - The next middleware function.\n * @param end - The end function.\n * @param hooks - The hooks object.\n * @param hooks.listAccounts - The hook that returns an array of the wallet's evm accounts.\n * @param hooks.findNetworkClientIdByChainId - The hook that returns the networkClientId for a chainId.\n * @param hooks.requestPermissionsForOrigin - The hook that approves and grants requested permissions.\n * @param hooks.getNonEvmSupportedMethods - The hook that returns the supported methods for a non EVM scope.\n * @param hooks.isNonEvmScopeSupported - The hook that returns true if a non EVM scope is supported.\n * @param hooks.getNonEvmAccountAddresses - The hook that returns a list of CaipAccountIds that are supported for a CaipChainId.\n * @param hooks.trackSessionCreatedEvent - An optional hook for platform specific logic to run. Can be undefined.\n * @returns A promise with wallet_createSession handler\n */\nasync function walletCreateSessionHandler(\n req: JsonRpcRequest<Caip25Authorization> & { origin: string },\n res: JsonRpcSuccess<{\n sessionScopes: NormalizedScopesObject;\n sessionProperties?: Record<string, Json>;\n }>,\n _next: JsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n hooks: {\n listAccounts: () => { address: string }[];\n findNetworkClientIdByChainId: NetworkController['findNetworkClientIdByChainId'];\n requestPermissionsForOrigin: (\n requestedPermissions: RequestedPermissions,\n metadata?: Record<string, Json>,\n ) => Promise<[GrantedPermissions]>;\n getNonEvmSupportedMethods: (scope: CaipChainId) => string[];\n isNonEvmScopeSupported: (scope: CaipChainId) => boolean;\n getNonEvmAccountAddresses: (scope: CaipChainId) => CaipAccountId[];\n trackSessionCreatedEvent?: (\n approvedCaip25CaveatValue: Caip25CaveatValue,\n ) => void;\n },\n) {\n if (!isPlainObject(req.params)) {\n return end(invalidParams({ data: { request: req } }));\n }\n const { requiredScopes, optionalScopes, sessionProperties } = req.params;\n\n if (sessionProperties && Object.keys(sessionProperties).length === 0) {\n return end(new JsonRpcError(5302, 'Invalid sessionProperties requested'));\n }\n\n const filteredSessionProperties = Object.fromEntries(\n Object.entries(sessionProperties ?? {}).filter(([key]) =>\n isKnownSessionPropertyValue(key),\n ),\n );\n\n try {\n const { normalizedRequiredScopes, normalizedOptionalScopes } =\n validateAndNormalizeScopes(requiredScopes || {}, optionalScopes || {});\n\n const requiredScopesWithSupportedMethodsAndNotifications =\n getSupportedScopeObjects(normalizedRequiredScopes, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n const optionalScopesWithSupportedMethodsAndNotifications =\n getSupportedScopeObjects(normalizedOptionalScopes, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n\n const networkClientExistsForChainId = (chainId: Hex) => {\n try {\n hooks.findNetworkClientIdByChainId(chainId);\n return true;\n } catch {\n return false;\n }\n };\n\n const { supportedScopes: supportedRequiredScopes } = bucketScopes(\n requiredScopesWithSupportedMethodsAndNotifications,\n {\n isEvmChainIdSupported: networkClientExistsForChainId,\n isEvmChainIdSupportable: () => false, // intended for future usage with eip3085 scopedProperties\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n isNonEvmScopeSupported: hooks.isNonEvmScopeSupported,\n },\n );\n\n const { supportedScopes: supportedOptionalScopes } = bucketScopes(\n optionalScopesWithSupportedMethodsAndNotifications,\n {\n isEvmChainIdSupported: networkClientExistsForChainId,\n isEvmChainIdSupportable: () => false, // intended for future usage with eip3085 scopedProperties\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n isNonEvmScopeSupported: hooks.isNonEvmScopeSupported,\n },\n );\n\n const allRequestedAccountAddresses = getCaipAccountIdsFromScopesObjects([\n supportedRequiredScopes,\n supportedOptionalScopes,\n ]);\n\n const allSupportedRequestedCaipChainIds = getAllScopesFromScopesObjects([\n supportedRequiredScopes,\n supportedOptionalScopes,\n ]);\n\n if (allSupportedRequestedCaipChainIds.length === 0) {\n return end(new JsonRpcError(5100, 'Requested scopes are not supported'));\n }\n\n const existingEvmAddresses = hooks\n .listAccounts()\n .map((account) => account.address);\n\n const supportedRequestedAccountAddresses =\n allRequestedAccountAddresses.filter(\n (requestedAccountAddress: CaipAccountId) => {\n const {\n address,\n chain: { namespace },\n chainId: caipChainId,\n } = parseCaipAccountId(requestedAccountAddress);\n if (namespace === KnownCaipNamespace.Eip155.toString()) {\n return existingEvmAddresses.some((existingEvmAddress) => {\n return isEqualCaseInsensitive(address, existingEvmAddress);\n });\n }\n\n // If the namespace is not eip155 (EVM) we do a case sensitive check\n return hooks\n .getNonEvmAccountAddresses(caipChainId)\n .some((existingCaipAddress) => {\n return requestedAccountAddress === existingCaipAddress;\n });\n },\n );\n\n const requestedCaip25CaveatValue = {\n requiredScopes: getInternalScopesObject(supportedRequiredScopes),\n optionalScopes: getInternalScopesObject(supportedOptionalScopes),\n isMultichainOrigin: true,\n sessionProperties: filteredSessionProperties,\n };\n\n const requestedCaip25CaveatValueWithSupportedAccounts =\n setPermittedAccounts(\n requestedCaip25CaveatValue,\n supportedRequestedAccountAddresses,\n );\n\n const [grantedPermissions] = await hooks.requestPermissionsForOrigin({\n [Caip25EndowmentPermissionName]: {\n caveats: [\n {\n type: Caip25CaveatType,\n value: requestedCaip25CaveatValueWithSupportedAccounts,\n },\n ],\n },\n });\n\n const approvedCaip25Permission =\n grantedPermissions[Caip25EndowmentPermissionName];\n const approvedCaip25CaveatValue = approvedCaip25Permission?.caveats?.find(\n (caveat) => caveat.type === Caip25CaveatType,\n )?.value as Caip25CaveatValue;\n if (!approvedCaip25CaveatValue) {\n throw rpcErrors.internal();\n }\n\n const sessionScopes = getSessionScopes(approvedCaip25CaveatValue, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n\n const { sessionProperties: approvedSessionProperties = {} } =\n approvedCaip25CaveatValue;\n\n hooks.trackSessionCreatedEvent?.(approvedCaip25CaveatValue);\n\n res.result = {\n sessionScopes,\n sessionProperties: approvedSessionProperties,\n };\n return end();\n } catch (err) {\n return end(err);\n }\n}\n\nexport const walletCreateSession = {\n methodNames: ['wallet_createSession'],\n implementation: walletCreateSessionHandler,\n hookNames: {\n findNetworkClientIdByChainId: true,\n listAccounts: true,\n requestPermissionsForOrigin: true,\n getNonEvmSupportedMethods: true,\n isNonEvmScopeSupported: true,\n getNonEvmAccountAddresses: true,\n trackSessionCreatedEvent: true,\n },\n};\n"]}
1
+ {"version":3,"file":"wallet-createSession.cjs","sourceRoot":"","sources":["../../src/handlers/wallet-createSession.ts"],"names":[],"mappings":";;;AAAA,mFAgB6C;AAC7C,iEAAoE;AAMpE,2EAGyC;AACzC,qDAA+D;AAC/D,2CAUyB;AAIzB,MAAM,oBAAoB,GAAG,yCAAyC,CAAC;AAEvE;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,KAAK,UAAU,0BAA0B,CACvC,GAA6D,EAC7D,GAGE,EACF,KAAgC,EAChC,GAA6B,EAC7B,KAaC;IAED,IAAI,CAAC,IAAA,qBAAa,EAAC,GAAG,CAAC,MAAM,CAAC,EAAE;QAC9B,OAAO,GAAG,CAAC,IAAA,qCAAa,EAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IACD,MAAM,EAAE,cAAc,EAAE,cAAc,EAAE,iBAAiB,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAEzE,IAAI,iBAAiB,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;QACpE,OAAO,GAAG,CAAC,IAAI,yBAAY,CAAC,IAAI,EAAE,qCAAqC,CAAC,CAAC,CAAC;KAC3E;IAED,MAAM,yBAAyB,GAAG,MAAM,CAAC,WAAW,CAClD,MAAM,CAAC,OAAO,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CACvD,IAAA,uDAA2B,EAAC,GAAG,CAAC,CACjC,CACF,CAAC;IAEF,IAAI;QACF,MAAM,EAAE,wBAAwB,EAAE,wBAAwB,EAAE,GAC1D,IAAA,sDAA0B,EAAC,cAAc,IAAI,EAAE,EAAE,cAAc,IAAI,EAAE,CAAC,CAAC;QAEzE,MAAM,kDAAkD,GACtD,IAAA,oDAAwB,EAAC,wBAAwB,EAAE;YACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QACL,MAAM,kDAAkD,GACtD,IAAA,oDAAwB,EAAC,wBAAwB,EAAE;YACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QAEL,MAAM,6BAA6B,GAAG,CAAC,OAAY,EAAE,EAAE;YACrD,IAAI;gBACF,KAAK,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC;gBAC5C,OAAO,IAAI,CAAC;aACb;YAAC,MAAM;gBACN,OAAO,KAAK,CAAC;aACd;QACH,CAAC,CAAC;QAEF,yGAAyG;QACzG,MAAM,iBAAiB,GACrB,IAAA,qDAAyB,EACvB,kDAAkD,EAClD,0BAAkB,CAAC,MAAM,CAC1B;YACD,IAAA,qDAAyB,EACvB,kDAAkD,EAClD,0BAAkB,CAAC,MAAM,CAC1B,CAAC;QAEJ,IAAI,2BAA2B,GAAG,KAAK,CAAC;QACxC,IAAI,iBAAiB,EAAE;YACrB,MAAM,uBAAuB,GAC3B,KAAK,CAAC,yBAAyB,CAAC,oBAAoB,CAAC,CAAC;YACxD,2BAA2B,GAAG,uBAAuB,CAAC,MAAM,KAAK,CAAC,CAAC;SACpE;QAED,MAAM,EAAE,eAAe,EAAE,uBAAuB,EAAE,GAAG,IAAA,wCAAY,EAC/D,kDAAkD,EAClD;YACE,qBAAqB,EAAE,6BAA6B;YACpD,uBAAuB,EAAE,GAAG,EAAE,CAAC,KAAK;YACpC,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;YAC1D,sBAAsB,EAAE,KAAK,CAAC,sBAAsB;SACrD,CACF,CAAC;QAEF,MAAM,EAAE,eAAe,EAAE,uBAAuB,EAAE,GAAG,IAAA,wCAAY,EAC/D,kDAAkD,EAClD;YACE,qBAAqB,EAAE,6BAA6B;YACpD,uBAAuB,EAAE,GAAG,EAAE,CAAC,KAAK;YACpC,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;YAC1D,sBAAsB,EAAE,KAAK,CAAC,sBAAsB;SACrD,CACF,CAAC;QAEF,MAAM,4BAA4B,GAAG,IAAA,8DAAkC,EAAC;YACtE,uBAAuB;YACvB,uBAAuB;SACxB,CAAC,CAAC;QAEH,MAAM,iCAAiC,GAAG,IAAA,yDAA6B,EAAC;YACtE,uBAAuB;YACvB,uBAAuB;SACxB,CAAC,CAAC;QAEH,MAAM,oBAAoB,GAAG,KAAK;aAC/B,YAAY,EAAE;aACd,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAErC,MAAM,kCAAkC,GACtC,4BAA4B,CAAC,MAAM,CACjC,CAAC,uBAAsC,EAAE,EAAE;YACzC,MAAM,EACJ,OAAO,EACP,KAAK,EAAE,EAAE,SAAS,EAAE,EACpB,OAAO,EAAE,WAAW,GACrB,GAAG,IAAA,0BAAkB,EAAC,uBAAuB,CAAC,CAAC;YAChD,IAAI,SAAS,KAAK,0BAAkB,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE;gBACtD,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC,kBAAkB,EAAE,EAAE;oBACtD,OAAO,IAAA,yCAAsB,EAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;gBAC7D,CAAC,CAAC,CAAC;aACJ;YAED,oEAAoE;YACpE,OAAO,KAAK;iBACT,yBAAyB,CAAC,WAAW,CAAC;iBACtC,IAAI,CAAC,CAAC,mBAAmB,EAAE,EAAE;gBAC5B,OAAO,uBAAuB,KAAK,mBAAmB,CAAC;YACzD,CAAC,CAAC,CAAC;QACP,CAAC,CACF,CAAC;QAEJ,MAAM,0BAA0B,GAAG;YACjC,cAAc,EAAE,IAAA,mDAAuB,EAAC,uBAAuB,CAAC;YAChE,cAAc,EAAE,IAAA,mDAAuB,EAAC,uBAAuB,CAAC;YAChE,kBAAkB,EAAE,IAAI;YACxB,iBAAiB,EAAE,yBAAyB;SAC7C,CAAC;QAEF,MAAM,+CAA+C,GACnD,IAAA,sEAA0C,EACxC,0BAA0B,EAC1B,kCAAkC,CACnC,CAAC;QAEJ,0FAA0F;QAC1F,8FAA8F;QAC9F,4FAA4F;QAC5F,oGAAoG;QACpG,IAAI,iCAAiC,CAAC,MAAM,KAAK,CAAC,EAAE;YAClD,IAAI,2BAA2B,EAAE;gBAC/B,+CAA+C,CAAC,cAAc,CAC5D,0BAAkB,CAAC,MAAM,CAC1B,GAAG;oBACF,QAAQ,EAAE,EAAE;iBACb,CAAC;aACH;iBAAM;gBACL,mFAAmF;gBACnF,OAAO,GAAG,CACR,IAAI,yBAAY,CAAC,IAAI,EAAE,oCAAoC,CAAC,CAC7D,CAAC;aACH;SACF;QAED,MAAM,CAAC,kBAAkB,CAAC,GAAG,MAAM,KAAK,CAAC,2BAA2B,CAClE;YACE,CAAC,yDAA6B,CAAC,EAAE;gBAC/B,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,4CAAgB;wBACtB,KAAK,EAAE,+CAA+C;qBACvD;iBACF;aACF;SACF,EACD;YACE,QAAQ,EAAE,EAAE,2BAA2B,EAAE;SAC1C,CACF,CAAC;QAEF,MAAM,wBAAwB,GAC5B,kBAAkB,CAAC,yDAA6B,CAAC,CAAC;QACpD,MAAM,yBAAyB,GAAG,wBAAwB,EAAE,OAAO,EAAE,IAAI,CACvE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,4CAAgB,CAC7C,EAAE,KAA0B,CAAC;QAC9B,IAAI,CAAC,yBAAyB,EAAE;YAC9B,MAAM,sBAAS,CAAC,QAAQ,EAAE,CAAC;SAC5B;QAED,MAAM,aAAa,GAAG,IAAA,4CAAgB,EAAC,yBAAyB,EAAE;YAChE,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QAEH,MAAM,EAAE,iBAAiB,EAAE,yBAAyB,GAAG,EAAE,EAAE,GACzD,yBAAyB,CAAC;QAE5B,KAAK,CAAC,wBAAwB,EAAE,CAAC,yBAAyB,CAAC,CAAC;QAE5D,GAAG,CAAC,MAAM,GAAG;YACX,aAAa;YACb,iBAAiB,EAAE,yBAAyB;SAC7C,CAAC;QACF,OAAO,GAAG,EAAE,CAAC;KACd;IAAC,OAAO,GAAG,EAAE;QACZ,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;KACjB;AACH,CAAC;AAEY,QAAA,mBAAmB,GAAG;IACjC,WAAW,EAAE,CAAC,sBAAsB,CAAC;IACrC,cAAc,EAAE,0BAA0B;IAC1C,SAAS,EAAE;QACT,4BAA4B,EAAE,IAAI;QAClC,YAAY,EAAE,IAAI;QAClB,2BAA2B,EAAE,IAAI;QACjC,yBAAyB,EAAE,IAAI;QAC/B,sBAAsB,EAAE,IAAI;QAC5B,yBAAyB,EAAE,IAAI;QAC/B,wBAAwB,EAAE,IAAI;KAC/B;CACF,CAAC","sourcesContent":["import {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n bucketScopes,\n validateAndNormalizeScopes,\n type Caip25Authorization,\n getInternalScopesObject,\n getSessionScopes,\n type NormalizedScopesObject,\n getSupportedScopeObjects,\n type Caip25CaveatValue,\n isKnownSessionPropertyValue,\n getCaipAccountIdsFromScopesObjects,\n getAllScopesFromScopesObjects,\n setNonSCACaipAccountIdsInCaip25CaveatValue,\n isNamespaceInScopesObject,\n} from '@metamask/chain-agnostic-permission';\nimport { isEqualCaseInsensitive } from '@metamask/controller-utils';\nimport type {\n JsonRpcEngineEndCallback,\n JsonRpcEngineNextCallback,\n} from '@metamask/json-rpc-engine';\nimport type { NetworkController } from '@metamask/network-controller';\nimport {\n invalidParams,\n type RequestedPermissions,\n} from '@metamask/permission-controller';\nimport { JsonRpcError, rpcErrors } from '@metamask/rpc-errors';\nimport {\n type CaipAccountId,\n type CaipChainId,\n type Hex,\n isPlainObject,\n type Json,\n type JsonRpcRequest,\n type JsonRpcSuccess,\n KnownCaipNamespace,\n parseCaipAccountId,\n} from '@metamask/utils';\n\nimport type { GrantedPermissions } from './types';\n\nconst SOLANA_CAIP_CHAIN_ID = 'solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp';\n\n/**\n * Handler for the `wallet_createSession` RPC method which is responsible\n * for prompting for approval and granting a CAIP-25 permission.\n *\n * This implementation primarily deviates from the CAIP-25 handler\n * specification by treating all scopes as optional regardless of\n * if they were specified in `requiredScopes` or `optionalScopes`.\n * Additionally, provided scopes, methods, notifications, and\n * account values that are invalid/malformed are ignored rather than\n * causing an error to be returned.\n *\n * @param req - The request object.\n * @param res - The response object.\n * @param _next - The next middleware function.\n * @param end - The end function.\n * @param hooks - The hooks object.\n * @param hooks.listAccounts - The hook that returns an array of the wallet's evm accounts.\n * @param hooks.findNetworkClientIdByChainId - The hook that returns the networkClientId for a chainId.\n * @param hooks.requestPermissionsForOrigin - The hook that approves and grants requested permissions.\n * @param hooks.getNonEvmSupportedMethods - The hook that returns the supported methods for a non EVM scope.\n * @param hooks.isNonEvmScopeSupported - The hook that returns true if a non EVM scope is supported.\n * @param hooks.getNonEvmAccountAddresses - The hook that returns a list of CaipAccountIds that are supported for a CaipChainId.\n * @param hooks.trackSessionCreatedEvent - An optional hook for platform specific logic to run. Can be undefined.\n * @returns A promise with wallet_createSession handler\n */\nasync function walletCreateSessionHandler(\n req: JsonRpcRequest<Caip25Authorization> & { origin: string },\n res: JsonRpcSuccess<{\n sessionScopes: NormalizedScopesObject;\n sessionProperties?: Record<string, Json>;\n }>,\n _next: JsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n hooks: {\n listAccounts: () => { address: string }[];\n findNetworkClientIdByChainId: NetworkController['findNetworkClientIdByChainId'];\n requestPermissionsForOrigin: (\n requestedPermissions: RequestedPermissions,\n metadata?: Record<string, Json>,\n ) => Promise<[GrantedPermissions]>;\n getNonEvmSupportedMethods: (scope: CaipChainId) => string[];\n isNonEvmScopeSupported: (scope: CaipChainId) => boolean;\n getNonEvmAccountAddresses: (scope: CaipChainId) => CaipAccountId[];\n trackSessionCreatedEvent?: (\n approvedCaip25CaveatValue: Caip25CaveatValue,\n ) => void;\n },\n) {\n if (!isPlainObject(req.params)) {\n return end(invalidParams({ data: { request: req } }));\n }\n const { requiredScopes, optionalScopes, sessionProperties } = req.params;\n\n if (sessionProperties && Object.keys(sessionProperties).length === 0) {\n return end(new JsonRpcError(5302, 'Invalid sessionProperties requested'));\n }\n\n const filteredSessionProperties = Object.fromEntries(\n Object.entries(sessionProperties ?? {}).filter(([key]) =>\n isKnownSessionPropertyValue(key),\n ),\n );\n\n try {\n const { normalizedRequiredScopes, normalizedOptionalScopes } =\n validateAndNormalizeScopes(requiredScopes || {}, optionalScopes || {});\n\n const requiredScopesWithSupportedMethodsAndNotifications =\n getSupportedScopeObjects(normalizedRequiredScopes, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n const optionalScopesWithSupportedMethodsAndNotifications =\n getSupportedScopeObjects(normalizedOptionalScopes, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n\n const networkClientExistsForChainId = (chainId: Hex) => {\n try {\n hooks.findNetworkClientIdByChainId(chainId);\n return true;\n } catch {\n return false;\n }\n };\n\n // if solana is a requested scope but not supported, we add a promptToCreateSolanaAccount flag to request\n const isSolanaRequested =\n isNamespaceInScopesObject(\n requiredScopesWithSupportedMethodsAndNotifications,\n KnownCaipNamespace.Solana,\n ) ||\n isNamespaceInScopesObject(\n optionalScopesWithSupportedMethodsAndNotifications,\n KnownCaipNamespace.Solana,\n );\n\n let promptToCreateSolanaAccount = false;\n if (isSolanaRequested) {\n const supportedSolanaAccounts =\n hooks.getNonEvmAccountAddresses(SOLANA_CAIP_CHAIN_ID);\n promptToCreateSolanaAccount = supportedSolanaAccounts.length === 0;\n }\n\n const { supportedScopes: supportedRequiredScopes } = bucketScopes(\n requiredScopesWithSupportedMethodsAndNotifications,\n {\n isEvmChainIdSupported: networkClientExistsForChainId,\n isEvmChainIdSupportable: () => false, // intended for future usage with eip3085 scopedProperties\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n isNonEvmScopeSupported: hooks.isNonEvmScopeSupported,\n },\n );\n\n const { supportedScopes: supportedOptionalScopes } = bucketScopes(\n optionalScopesWithSupportedMethodsAndNotifications,\n {\n isEvmChainIdSupported: networkClientExistsForChainId,\n isEvmChainIdSupportable: () => false, // intended for future usage with eip3085 scopedProperties\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n isNonEvmScopeSupported: hooks.isNonEvmScopeSupported,\n },\n );\n\n const allRequestedAccountAddresses = getCaipAccountIdsFromScopesObjects([\n supportedRequiredScopes,\n supportedOptionalScopes,\n ]);\n\n const allSupportedRequestedCaipChainIds = getAllScopesFromScopesObjects([\n supportedRequiredScopes,\n supportedOptionalScopes,\n ]);\n\n const existingEvmAddresses = hooks\n .listAccounts()\n .map((account) => account.address);\n\n const supportedRequestedAccountAddresses =\n allRequestedAccountAddresses.filter(\n (requestedAccountAddress: CaipAccountId) => {\n const {\n address,\n chain: { namespace },\n chainId: caipChainId,\n } = parseCaipAccountId(requestedAccountAddress);\n if (namespace === KnownCaipNamespace.Eip155.toString()) {\n return existingEvmAddresses.some((existingEvmAddress) => {\n return isEqualCaseInsensitive(address, existingEvmAddress);\n });\n }\n\n // If the namespace is not eip155 (EVM) we do a case sensitive check\n return hooks\n .getNonEvmAccountAddresses(caipChainId)\n .some((existingCaipAddress) => {\n return requestedAccountAddress === existingCaipAddress;\n });\n },\n );\n\n const requestedCaip25CaveatValue = {\n requiredScopes: getInternalScopesObject(supportedRequiredScopes),\n optionalScopes: getInternalScopesObject(supportedOptionalScopes),\n isMultichainOrigin: true,\n sessionProperties: filteredSessionProperties,\n };\n\n const requestedCaip25CaveatValueWithSupportedAccounts =\n setNonSCACaipAccountIdsInCaip25CaveatValue(\n requestedCaip25CaveatValue,\n supportedRequestedAccountAddresses,\n );\n\n // if `promptToCreateSolanaAccount` is true and there are no other valid scopes requested,\n // we add a `wallet` scope to the request in order to get passed the CAIP-25 caveat validator.\n // This is very hacky but is necessary because the solana opt-in flow breaks key assumptions\n // of the CAIP-25 permission specification - namely that we can have valid requests with no scopes.\n if (allSupportedRequestedCaipChainIds.length === 0) {\n if (promptToCreateSolanaAccount) {\n requestedCaip25CaveatValueWithSupportedAccounts.optionalScopes[\n KnownCaipNamespace.Wallet\n ] = {\n accounts: [],\n };\n } else {\n // if solana is not requested and there are no supported scopes, we return an error\n return end(\n new JsonRpcError(5100, 'Requested scopes are not supported'),\n );\n }\n }\n\n const [grantedPermissions] = await hooks.requestPermissionsForOrigin(\n {\n [Caip25EndowmentPermissionName]: {\n caveats: [\n {\n type: Caip25CaveatType,\n value: requestedCaip25CaveatValueWithSupportedAccounts,\n },\n ],\n },\n },\n {\n metadata: { promptToCreateSolanaAccount },\n },\n );\n\n const approvedCaip25Permission =\n grantedPermissions[Caip25EndowmentPermissionName];\n const approvedCaip25CaveatValue = approvedCaip25Permission?.caveats?.find(\n (caveat) => caveat.type === Caip25CaveatType,\n )?.value as Caip25CaveatValue;\n if (!approvedCaip25CaveatValue) {\n throw rpcErrors.internal();\n }\n\n const sessionScopes = getSessionScopes(approvedCaip25CaveatValue, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n\n const { sessionProperties: approvedSessionProperties = {} } =\n approvedCaip25CaveatValue;\n\n hooks.trackSessionCreatedEvent?.(approvedCaip25CaveatValue);\n\n res.result = {\n sessionScopes,\n sessionProperties: approvedSessionProperties,\n };\n return end();\n } catch (err) {\n return end(err);\n }\n}\n\nexport const walletCreateSession = {\n methodNames: ['wallet_createSession'],\n implementation: walletCreateSessionHandler,\n hookNames: {\n findNetworkClientIdByChainId: true,\n listAccounts: true,\n requestPermissionsForOrigin: true,\n getNonEvmSupportedMethods: true,\n isNonEvmScopeSupported: true,\n getNonEvmAccountAddresses: true,\n trackSessionCreatedEvent: true,\n },\n};\n"]}
package/dist/handlers/wallet-createSession.d.cts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"wallet-createSession.d.cts","sourceRoot":"","sources":["../../src/handlers/wallet-createSession.ts"],"names":[],"mappings":"AAAA,OAAO,EAKL,KAAK,mBAAmB,EAGxB,KAAK,sBAAsB,EAE3B,KAAK,iBAAiB,EAKvB,4CAA4C;AAE7C,OAAO,KAAK,EACV,wBAAwB,EACxB,yBAAyB,EAC1B,kCAAkC;AACnC,OAAO,KAAK,EAAE,iBAAiB,EAAE,qCAAqC;AACtE,OAAO,EAEL,KAAK,oBAAoB,EAC1B,wCAAwC;AAEzC,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,WAAW,EAGhB,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,cAAc,EAGpB,wBAAwB;AAEzB,OAAO,KAAK,EAAE,kBAAkB,EAAE,oBAAgB;AAElD;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,iBAAe,0BAA0B,CACvC,GAAG,EAAE,cAAc,CAAC,mBAAmB,CAAC,GAAG;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,EAC7D,GAAG,EAAE,cAAc,CAAC;IAClB,aAAa,EAAE,sBAAsB,CAAC;IACtC,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;CAC1C,CAAC,EACF,KAAK,EAAE,yBAAyB,EAChC,GAAG,EAAE,wBAAwB,EAC7B,KAAK,EAAE;IACL,YAAY,EAAE,MAAM;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC1C,4BAA4B,EAAE,iBAAiB,CAAC,8BAA8B,CAAC,CAAC;IAChF,2BAA2B,EAAE,CAC3B,oBAAoB,EAAE,oBAAoB,EAC1C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,KAC5B,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACnC,yBAAyB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,MAAM,EAAE,CAAC;IAC5D,sBAAsB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC;IACxD,yBAAyB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,aAAa,EAAE,CAAC;IACnE,wBAAwB,CAAC,EAAE,CACzB,yBAAyB,EAAE,iBAAiB,KACzC,IAAI,CAAC;CACX,iBAsJF;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;CAY/B,CAAC"}
1
+ {"version":3,"file":"wallet-createSession.d.cts","sourceRoot":"","sources":["../../src/handlers/wallet-createSession.ts"],"names":[],"mappings":"AAAA,OAAO,EAKL,KAAK,mBAAmB,EAGxB,KAAK,sBAAsB,EAE3B,KAAK,iBAAiB,EAMvB,4CAA4C;AAE7C,OAAO,KAAK,EACV,wBAAwB,EACxB,yBAAyB,EAC1B,kCAAkC;AACnC,OAAO,KAAK,EAAE,iBAAiB,EAAE,qCAAqC;AACtE,OAAO,EAEL,KAAK,oBAAoB,EAC1B,wCAAwC;AAEzC,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,WAAW,EAGhB,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,cAAc,EAGpB,wBAAwB;AAEzB,OAAO,KAAK,EAAE,kBAAkB,EAAE,oBAAgB;AAIlD;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,iBAAe,0BAA0B,CACvC,GAAG,EAAE,cAAc,CAAC,mBAAmB,CAAC,GAAG;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,EAC7D,GAAG,EAAE,cAAc,CAAC;IAClB,aAAa,EAAE,sBAAsB,CAAC;IACtC,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;CAC1C,CAAC,EACF,KAAK,EAAE,yBAAyB,EAChC,GAAG,EAAE,wBAAwB,EAC7B,KAAK,EAAE;IACL,YAAY,EAAE,MAAM;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC1C,4BAA4B,EAAE,iBAAiB,CAAC,8BAA8B,CAAC,CAAC;IAChF,2BAA2B,EAAE,CAC3B,oBAAoB,EAAE,oBAAoB,EAC1C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,KAC5B,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACnC,yBAAyB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,MAAM,EAAE,CAAC;IAC5D,sBAAsB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC;IACxD,yBAAyB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,aAAa,EAAE,CAAC;IACnE,wBAAwB,CAAC,EAAE,CACzB,yBAAyB,EAAE,iBAAiB,KACzC,IAAI,CAAC;CACX,iBA4LF;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;CAY/B,CAAC"}
package/dist/handlers/wallet-createSession.d.mts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"wallet-createSession.d.mts","sourceRoot":"","sources":["../../src/handlers/wallet-createSession.ts"],"names":[],"mappings":"AAAA,OAAO,EAKL,KAAK,mBAAmB,EAGxB,KAAK,sBAAsB,EAE3B,KAAK,iBAAiB,EAKvB,4CAA4C;AAE7C,OAAO,KAAK,EACV,wBAAwB,EACxB,yBAAyB,EAC1B,kCAAkC;AACnC,OAAO,KAAK,EAAE,iBAAiB,EAAE,qCAAqC;AACtE,OAAO,EAEL,KAAK,oBAAoB,EAC1B,wCAAwC;AAEzC,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,WAAW,EAGhB,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,cAAc,EAGpB,wBAAwB;AAEzB,OAAO,KAAK,EAAE,kBAAkB,EAAE,oBAAgB;AAElD;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,iBAAe,0BAA0B,CACvC,GAAG,EAAE,cAAc,CAAC,mBAAmB,CAAC,GAAG;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,EAC7D,GAAG,EAAE,cAAc,CAAC;IAClB,aAAa,EAAE,sBAAsB,CAAC;IACtC,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;CAC1C,CAAC,EACF,KAAK,EAAE,yBAAyB,EAChC,GAAG,EAAE,wBAAwB,EAC7B,KAAK,EAAE;IACL,YAAY,EAAE,MAAM;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC1C,4BAA4B,EAAE,iBAAiB,CAAC,8BAA8B,CAAC,CAAC;IAChF,2BAA2B,EAAE,CAC3B,oBAAoB,EAAE,oBAAoB,EAC1C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,KAC5B,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACnC,yBAAyB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,MAAM,EAAE,CAAC;IAC5D,sBAAsB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC;IACxD,yBAAyB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,aAAa,EAAE,CAAC;IACnE,wBAAwB,CAAC,EAAE,CACzB,yBAAyB,EAAE,iBAAiB,KACzC,IAAI,CAAC;CACX,iBAsJF;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;CAY/B,CAAC"}
1
+ {"version":3,"file":"wallet-createSession.d.mts","sourceRoot":"","sources":["../../src/handlers/wallet-createSession.ts"],"names":[],"mappings":"AAAA,OAAO,EAKL,KAAK,mBAAmB,EAGxB,KAAK,sBAAsB,EAE3B,KAAK,iBAAiB,EAMvB,4CAA4C;AAE7C,OAAO,KAAK,EACV,wBAAwB,EACxB,yBAAyB,EAC1B,kCAAkC;AACnC,OAAO,KAAK,EAAE,iBAAiB,EAAE,qCAAqC;AACtE,OAAO,EAEL,KAAK,oBAAoB,EAC1B,wCAAwC;AAEzC,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,WAAW,EAGhB,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,cAAc,EAGpB,wBAAwB;AAEzB,OAAO,KAAK,EAAE,kBAAkB,EAAE,oBAAgB;AAIlD;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,iBAAe,0BAA0B,CACvC,GAAG,EAAE,cAAc,CAAC,mBAAmB,CAAC,GAAG;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,EAC7D,GAAG,EAAE,cAAc,CAAC;IAClB,aAAa,EAAE,sBAAsB,CAAC;IACtC,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;CAC1C,CAAC,EACF,KAAK,EAAE,yBAAyB,EAChC,GAAG,EAAE,wBAAwB,EAC7B,KAAK,EAAE;IACL,YAAY,EAAE,MAAM;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC1C,4BAA4B,EAAE,iBAAiB,CAAC,8BAA8B,CAAC,CAAC;IAChF,2BAA2B,EAAE,CAC3B,oBAAoB,EAAE,oBAAoB,EAC1C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,KAC5B,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACnC,yBAAyB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,MAAM,EAAE,CAAC;IAC5D,sBAAsB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC;IACxD,yBAAyB,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,aAAa,EAAE,CAAC;IACnE,wBAAwB,CAAC,EAAE,CACzB,yBAAyB,EAAE,iBAAiB,KACzC,IAAI,CAAC;CACX,iBA4LF;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;CAY/B,CAAC"}
package/dist/handlers/wallet-createSession.mjs CHANGED
@@ -1,8 +1,9 @@
1
- import { Caip25CaveatType, Caip25EndowmentPermissionName, bucketScopes, validateAndNormalizeScopes, getInternalScopesObject, getSessionScopes, getSupportedScopeObjects, isKnownSessionPropertyValue, getCaipAccountIdsFromScopesObjects, getAllScopesFromScopesObjects, setPermittedAccounts } from "@metamask/chain-agnostic-permission";
1
+ import { Caip25CaveatType, Caip25EndowmentPermissionName, bucketScopes, validateAndNormalizeScopes, getInternalScopesObject, getSessionScopes, getSupportedScopeObjects, isKnownSessionPropertyValue, getCaipAccountIdsFromScopesObjects, getAllScopesFromScopesObjects, setNonSCACaipAccountIdsInCaip25CaveatValue, isNamespaceInScopesObject } from "@metamask/chain-agnostic-permission";
2
2
  import { isEqualCaseInsensitive } from "@metamask/controller-utils";
3
3
  import { invalidParams } from "@metamask/permission-controller";
4
4
  import { JsonRpcError, rpcErrors } from "@metamask/rpc-errors";
5
5
  import { isPlainObject, KnownCaipNamespace, parseCaipAccountId } from "@metamask/utils";
6
+ const SOLANA_CAIP_CHAIN_ID = 'solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp';
6
7
  /**
7
8
  * Handler for the `wallet_createSession` RPC method which is responsible
8
9
  * for prompting for approval and granting a CAIP-25 permission.
@@ -54,6 +55,14 @@ async function walletCreateSessionHandler(req, res, _next, end, hooks) {
54
55
  return false;
55
56
  }
56
57
  };
58
+ // if solana is a requested scope but not supported, we add a promptToCreateSolanaAccount flag to request
59
+ const isSolanaRequested = isNamespaceInScopesObject(requiredScopesWithSupportedMethodsAndNotifications, KnownCaipNamespace.Solana) ||
60
+ isNamespaceInScopesObject(optionalScopesWithSupportedMethodsAndNotifications, KnownCaipNamespace.Solana);
61
+ let promptToCreateSolanaAccount = false;
62
+ if (isSolanaRequested) {
63
+ const supportedSolanaAccounts = hooks.getNonEvmAccountAddresses(SOLANA_CAIP_CHAIN_ID);
64
+ promptToCreateSolanaAccount = supportedSolanaAccounts.length === 0;
65
+ }
57
66
  const { supportedScopes: supportedRequiredScopes } = bucketScopes(requiredScopesWithSupportedMethodsAndNotifications, {
58
67
  isEvmChainIdSupported: networkClientExistsForChainId,
59
68
  isEvmChainIdSupportable: () => false,
@@ -74,9 +83,6 @@ async function walletCreateSessionHandler(req, res, _next, end, hooks) {
74
83
  supportedRequiredScopes,
75
84
  supportedOptionalScopes,
76
85
  ]);
77
- if (allSupportedRequestedCaipChainIds.length === 0) {
78
- return end(new JsonRpcError(5100, 'Requested scopes are not supported'));
79
- }
80
86
  const existingEvmAddresses = hooks
81
87
  .listAccounts()
82
88
  .map((account) => account.address);
@@ -100,7 +106,22 @@ async function walletCreateSessionHandler(req, res, _next, end, hooks) {
100
106
  isMultichainOrigin: true,
101
107
  sessionProperties: filteredSessionProperties,
102
108
  };
103
- const requestedCaip25CaveatValueWithSupportedAccounts = setPermittedAccounts(requestedCaip25CaveatValue, supportedRequestedAccountAddresses);
109
+ const requestedCaip25CaveatValueWithSupportedAccounts = setNonSCACaipAccountIdsInCaip25CaveatValue(requestedCaip25CaveatValue, supportedRequestedAccountAddresses);
110
+ // if `promptToCreateSolanaAccount` is true and there are no other valid scopes requested,
111
+ // we add a `wallet` scope to the request in order to get passed the CAIP-25 caveat validator.
112
+ // This is very hacky but is necessary because the solana opt-in flow breaks key assumptions
113
+ // of the CAIP-25 permission specification - namely that we can have valid requests with no scopes.
114
+ if (allSupportedRequestedCaipChainIds.length === 0) {
115
+ if (promptToCreateSolanaAccount) {
116
+ requestedCaip25CaveatValueWithSupportedAccounts.optionalScopes[KnownCaipNamespace.Wallet] = {
117
+ accounts: [],
118
+ };
119
+ }
120
+ else {
121
+ // if solana is not requested and there are no supported scopes, we return an error
122
+ return end(new JsonRpcError(5100, 'Requested scopes are not supported'));
123
+ }
124
+ }
104
125
  const [grantedPermissions] = await hooks.requestPermissionsForOrigin({
105
126
  [Caip25EndowmentPermissionName]: {
106
127
  caveats: [
@@ -110,6 +131,8 @@ async function walletCreateSessionHandler(req, res, _next, end, hooks) {
110
131
  },
111
132
  ],
112
133
  },
134
+ }, {
135
+ metadata: { promptToCreateSolanaAccount },
113
136
  });
114
137
  const approvedCaip25Permission = grantedPermissions[Caip25EndowmentPermissionName];
115
138
  const approvedCaip25CaveatValue = approvedCaip25Permission?.caveats?.find((caveat) => caveat.type === Caip25CaveatType)?.value;
package/dist/handlers/wallet-createSession.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"wallet-createSession.mjs","sourceRoot":"","sources":["../../src/handlers/wallet-createSession.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,6BAA6B,EAC7B,YAAY,EACZ,0BAA0B,EAE1B,uBAAuB,EACvB,gBAAgB,EAEhB,wBAAwB,EAExB,2BAA2B,EAC3B,kCAAkC,EAClC,6BAA6B,EAC7B,oBAAoB,EACrB,4CAA4C;AAC7C,OAAO,EAAE,sBAAsB,EAAE,mCAAmC;AAMpE,OAAO,EACL,aAAa,EAEd,wCAAwC;AACzC,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,6BAA6B;AAC/D,OAAO,EAIL,aAAa,EAIb,kBAAkB,EAClB,kBAAkB,EACnB,wBAAwB;AAIzB;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,KAAK,UAAU,0BAA0B,CACvC,GAA6D,EAC7D,GAGE,EACF,KAAgC,EAChC,GAA6B,EAC7B,KAaC;IAED,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE;QAC9B,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IACD,MAAM,EAAE,cAAc,EAAE,cAAc,EAAE,iBAAiB,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAEzE,IAAI,iBAAiB,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;QACpE,OAAO,GAAG,CAAC,IAAI,YAAY,CAAC,IAAI,EAAE,qCAAqC,CAAC,CAAC,CAAC;KAC3E;IAED,MAAM,yBAAyB,GAAG,MAAM,CAAC,WAAW,CAClD,MAAM,CAAC,OAAO,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CACvD,2BAA2B,CAAC,GAAG,CAAC,CACjC,CACF,CAAC;IAEF,IAAI;QACF,MAAM,EAAE,wBAAwB,EAAE,wBAAwB,EAAE,GAC1D,0BAA0B,CAAC,cAAc,IAAI,EAAE,EAAE,cAAc,IAAI,EAAE,CAAC,CAAC;QAEzE,MAAM,kDAAkD,GACtD,wBAAwB,CAAC,wBAAwB,EAAE;YACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QACL,MAAM,kDAAkD,GACtD,wBAAwB,CAAC,wBAAwB,EAAE;YACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QAEL,MAAM,6BAA6B,GAAG,CAAC,OAAY,EAAE,EAAE;YACrD,IAAI;gBACF,KAAK,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC;gBAC5C,OAAO,IAAI,CAAC;aACb;YAAC,MAAM;gBACN,OAAO,KAAK,CAAC;aACd;QACH,CAAC,CAAC;QAEF,MAAM,EAAE,eAAe,EAAE,uBAAuB,EAAE,GAAG,YAAY,CAC/D,kDAAkD,EAClD;YACE,qBAAqB,EAAE,6BAA6B;YACpD,uBAAuB,EAAE,GAAG,EAAE,CAAC,KAAK;YACpC,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;YAC1D,sBAAsB,EAAE,KAAK,CAAC,sBAAsB;SACrD,CACF,CAAC;QAEF,MAAM,EAAE,eAAe,EAAE,uBAAuB,EAAE,GAAG,YAAY,CAC/D,kDAAkD,EAClD;YACE,qBAAqB,EAAE,6BAA6B;YACpD,uBAAuB,EAAE,GAAG,EAAE,CAAC,KAAK;YACpC,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;YAC1D,sBAAsB,EAAE,KAAK,CAAC,sBAAsB;SACrD,CACF,CAAC;QAEF,MAAM,4BAA4B,GAAG,kCAAkC,CAAC;YACtE,uBAAuB;YACvB,uBAAuB;SACxB,CAAC,CAAC;QAEH,MAAM,iCAAiC,GAAG,6BAA6B,CAAC;YACtE,uBAAuB;YACvB,uBAAuB;SACxB,CAAC,CAAC;QAEH,IAAI,iCAAiC,CAAC,MAAM,KAAK,CAAC,EAAE;YAClD,OAAO,GAAG,CAAC,IAAI,YAAY,CAAC,IAAI,EAAE,oCAAoC,CAAC,CAAC,CAAC;SAC1E;QAED,MAAM,oBAAoB,GAAG,KAAK;aAC/B,YAAY,EAAE;aACd,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAErC,MAAM,kCAAkC,GACtC,4BAA4B,CAAC,MAAM,CACjC,CAAC,uBAAsC,EAAE,EAAE;YACzC,MAAM,EACJ,OAAO,EACP,KAAK,EAAE,EAAE,SAAS,EAAE,EACpB,OAAO,EAAE,WAAW,GACrB,GAAG,kBAAkB,CAAC,uBAAuB,CAAC,CAAC;YAChD,IAAI,SAAS,KAAK,kBAAkB,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE;gBACtD,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC,kBAAkB,EAAE,EAAE;oBACtD,OAAO,sBAAsB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;gBAC7D,CAAC,CAAC,CAAC;aACJ;YAED,oEAAoE;YACpE,OAAO,KAAK;iBACT,yBAAyB,CAAC,WAAW,CAAC;iBACtC,IAAI,CAAC,CAAC,mBAAmB,EAAE,EAAE;gBAC5B,OAAO,uBAAuB,KAAK,mBAAmB,CAAC;YACzD,CAAC,CAAC,CAAC;QACP,CAAC,CACF,CAAC;QAEJ,MAAM,0BAA0B,GAAG;YACjC,cAAc,EAAE,uBAAuB,CAAC,uBAAuB,CAAC;YAChE,cAAc,EAAE,uBAAuB,CAAC,uBAAuB,CAAC;YAChE,kBAAkB,EAAE,IAAI;YACxB,iBAAiB,EAAE,yBAAyB;SAC7C,CAAC;QAEF,MAAM,+CAA+C,GACnD,oBAAoB,CAClB,0BAA0B,EAC1B,kCAAkC,CACnC,CAAC;QAEJ,MAAM,CAAC,kBAAkB,CAAC,GAAG,MAAM,KAAK,CAAC,2BAA2B,CAAC;YACnE,CAAC,6BAA6B,CAAC,EAAE;gBAC/B,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,gBAAgB;wBACtB,KAAK,EAAE,+CAA+C;qBACvD;iBACF;aACF;SACF,CAAC,CAAC;QAEH,MAAM,wBAAwB,GAC5B,kBAAkB,CAAC,6BAA6B,CAAC,CAAC;QACpD,MAAM,yBAAyB,GAAG,wBAAwB,EAAE,OAAO,EAAE,IAAI,CACvE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,gBAAgB,CAC7C,EAAE,KAA0B,CAAC;QAC9B,IAAI,CAAC,yBAAyB,EAAE;YAC9B,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC;SAC5B;QAED,MAAM,aAAa,GAAG,gBAAgB,CAAC,yBAAyB,EAAE;YAChE,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QAEH,MAAM,EAAE,iBAAiB,EAAE,yBAAyB,GAAG,EAAE,EAAE,GACzD,yBAAyB,CAAC;QAE5B,KAAK,CAAC,wBAAwB,EAAE,CAAC,yBAAyB,CAAC,CAAC;QAE5D,GAAG,CAAC,MAAM,GAAG;YACX,aAAa;YACb,iBAAiB,EAAE,yBAAyB;SAC7C,CAAC;QACF,OAAO,GAAG,EAAE,CAAC;KACd;IAAC,OAAO,GAAG,EAAE;QACZ,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;KACjB;AACH,CAAC;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,WAAW,EAAE,CAAC,sBAAsB,CAAC;IACrC,cAAc,EAAE,0BAA0B;IAC1C,SAAS,EAAE;QACT,4BAA4B,EAAE,IAAI;QAClC,YAAY,EAAE,IAAI;QAClB,2BAA2B,EAAE,IAAI;QACjC,yBAAyB,EAAE,IAAI;QAC/B,sBAAsB,EAAE,IAAI;QAC5B,yBAAyB,EAAE,IAAI;QAC/B,wBAAwB,EAAE,IAAI;KAC/B;CACF,CAAC","sourcesContent":["import {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n bucketScopes,\n validateAndNormalizeScopes,\n type Caip25Authorization,\n getInternalScopesObject,\n getSessionScopes,\n type NormalizedScopesObject,\n getSupportedScopeObjects,\n type Caip25CaveatValue,\n isKnownSessionPropertyValue,\n getCaipAccountIdsFromScopesObjects,\n getAllScopesFromScopesObjects,\n setPermittedAccounts,\n} from '@metamask/chain-agnostic-permission';\nimport { isEqualCaseInsensitive } from '@metamask/controller-utils';\nimport type {\n JsonRpcEngineEndCallback,\n JsonRpcEngineNextCallback,\n} from '@metamask/json-rpc-engine';\nimport type { NetworkController } from '@metamask/network-controller';\nimport {\n invalidParams,\n type RequestedPermissions,\n} from '@metamask/permission-controller';\nimport { JsonRpcError, rpcErrors } from '@metamask/rpc-errors';\nimport {\n type CaipAccountId,\n type CaipChainId,\n type Hex,\n isPlainObject,\n type Json,\n type JsonRpcRequest,\n type JsonRpcSuccess,\n KnownCaipNamespace,\n parseCaipAccountId,\n} from '@metamask/utils';\n\nimport type { GrantedPermissions } from './types';\n\n/**\n * Handler for the `wallet_createSession` RPC method which is responsible\n * for prompting for approval and granting a CAIP-25 permission.\n *\n * This implementation primarily deviates from the CAIP-25 handler\n * specification by treating all scopes as optional regardless of\n * if they were specified in `requiredScopes` or `optionalScopes`.\n * Additionally, provided scopes, methods, notifications, and\n * account values that are invalid/malformed are ignored rather than\n * causing an error to be returned.\n *\n * @param req - The request object.\n * @param res - The response object.\n * @param _next - The next middleware function.\n * @param end - The end function.\n * @param hooks - The hooks object.\n * @param hooks.listAccounts - The hook that returns an array of the wallet's evm accounts.\n * @param hooks.findNetworkClientIdByChainId - The hook that returns the networkClientId for a chainId.\n * @param hooks.requestPermissionsForOrigin - The hook that approves and grants requested permissions.\n * @param hooks.getNonEvmSupportedMethods - The hook that returns the supported methods for a non EVM scope.\n * @param hooks.isNonEvmScopeSupported - The hook that returns true if a non EVM scope is supported.\n * @param hooks.getNonEvmAccountAddresses - The hook that returns a list of CaipAccountIds that are supported for a CaipChainId.\n * @param hooks.trackSessionCreatedEvent - An optional hook for platform specific logic to run. Can be undefined.\n * @returns A promise with wallet_createSession handler\n */\nasync function walletCreateSessionHandler(\n req: JsonRpcRequest<Caip25Authorization> & { origin: string },\n res: JsonRpcSuccess<{\n sessionScopes: NormalizedScopesObject;\n sessionProperties?: Record<string, Json>;\n }>,\n _next: JsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n hooks: {\n listAccounts: () => { address: string }[];\n findNetworkClientIdByChainId: NetworkController['findNetworkClientIdByChainId'];\n requestPermissionsForOrigin: (\n requestedPermissions: RequestedPermissions,\n metadata?: Record<string, Json>,\n ) => Promise<[GrantedPermissions]>;\n getNonEvmSupportedMethods: (scope: CaipChainId) => string[];\n isNonEvmScopeSupported: (scope: CaipChainId) => boolean;\n getNonEvmAccountAddresses: (scope: CaipChainId) => CaipAccountId[];\n trackSessionCreatedEvent?: (\n approvedCaip25CaveatValue: Caip25CaveatValue,\n ) => void;\n },\n) {\n if (!isPlainObject(req.params)) {\n return end(invalidParams({ data: { request: req } }));\n }\n const { requiredScopes, optionalScopes, sessionProperties } = req.params;\n\n if (sessionProperties && Object.keys(sessionProperties).length === 0) {\n return end(new JsonRpcError(5302, 'Invalid sessionProperties requested'));\n }\n\n const filteredSessionProperties = Object.fromEntries(\n Object.entries(sessionProperties ?? {}).filter(([key]) =>\n isKnownSessionPropertyValue(key),\n ),\n );\n\n try {\n const { normalizedRequiredScopes, normalizedOptionalScopes } =\n validateAndNormalizeScopes(requiredScopes || {}, optionalScopes || {});\n\n const requiredScopesWithSupportedMethodsAndNotifications =\n getSupportedScopeObjects(normalizedRequiredScopes, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n const optionalScopesWithSupportedMethodsAndNotifications =\n getSupportedScopeObjects(normalizedOptionalScopes, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n\n const networkClientExistsForChainId = (chainId: Hex) => {\n try {\n hooks.findNetworkClientIdByChainId(chainId);\n return true;\n } catch {\n return false;\n }\n };\n\n const { supportedScopes: supportedRequiredScopes } = bucketScopes(\n requiredScopesWithSupportedMethodsAndNotifications,\n {\n isEvmChainIdSupported: networkClientExistsForChainId,\n isEvmChainIdSupportable: () => false, // intended for future usage with eip3085 scopedProperties\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n isNonEvmScopeSupported: hooks.isNonEvmScopeSupported,\n },\n );\n\n const { supportedScopes: supportedOptionalScopes } = bucketScopes(\n optionalScopesWithSupportedMethodsAndNotifications,\n {\n isEvmChainIdSupported: networkClientExistsForChainId,\n isEvmChainIdSupportable: () => false, // intended for future usage with eip3085 scopedProperties\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n isNonEvmScopeSupported: hooks.isNonEvmScopeSupported,\n },\n );\n\n const allRequestedAccountAddresses = getCaipAccountIdsFromScopesObjects([\n supportedRequiredScopes,\n supportedOptionalScopes,\n ]);\n\n const allSupportedRequestedCaipChainIds = getAllScopesFromScopesObjects([\n supportedRequiredScopes,\n supportedOptionalScopes,\n ]);\n\n if (allSupportedRequestedCaipChainIds.length === 0) {\n return end(new JsonRpcError(5100, 'Requested scopes are not supported'));\n }\n\n const existingEvmAddresses = hooks\n .listAccounts()\n .map((account) => account.address);\n\n const supportedRequestedAccountAddresses =\n allRequestedAccountAddresses.filter(\n (requestedAccountAddress: CaipAccountId) => {\n const {\n address,\n chain: { namespace },\n chainId: caipChainId,\n } = parseCaipAccountId(requestedAccountAddress);\n if (namespace === KnownCaipNamespace.Eip155.toString()) {\n return existingEvmAddresses.some((existingEvmAddress) => {\n return isEqualCaseInsensitive(address, existingEvmAddress);\n });\n }\n\n // If the namespace is not eip155 (EVM) we do a case sensitive check\n return hooks\n .getNonEvmAccountAddresses(caipChainId)\n .some((existingCaipAddress) => {\n return requestedAccountAddress === existingCaipAddress;\n });\n },\n );\n\n const requestedCaip25CaveatValue = {\n requiredScopes: getInternalScopesObject(supportedRequiredScopes),\n optionalScopes: getInternalScopesObject(supportedOptionalScopes),\n isMultichainOrigin: true,\n sessionProperties: filteredSessionProperties,\n };\n\n const requestedCaip25CaveatValueWithSupportedAccounts =\n setPermittedAccounts(\n requestedCaip25CaveatValue,\n supportedRequestedAccountAddresses,\n );\n\n const [grantedPermissions] = await hooks.requestPermissionsForOrigin({\n [Caip25EndowmentPermissionName]: {\n caveats: [\n {\n type: Caip25CaveatType,\n value: requestedCaip25CaveatValueWithSupportedAccounts,\n },\n ],\n },\n });\n\n const approvedCaip25Permission =\n grantedPermissions[Caip25EndowmentPermissionName];\n const approvedCaip25CaveatValue = approvedCaip25Permission?.caveats?.find(\n (caveat) => caveat.type === Caip25CaveatType,\n )?.value as Caip25CaveatValue;\n if (!approvedCaip25CaveatValue) {\n throw rpcErrors.internal();\n }\n\n const sessionScopes = getSessionScopes(approvedCaip25CaveatValue, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n\n const { sessionProperties: approvedSessionProperties = {} } =\n approvedCaip25CaveatValue;\n\n hooks.trackSessionCreatedEvent?.(approvedCaip25CaveatValue);\n\n res.result = {\n sessionScopes,\n sessionProperties: approvedSessionProperties,\n };\n return end();\n } catch (err) {\n return end(err);\n }\n}\n\nexport const walletCreateSession = {\n methodNames: ['wallet_createSession'],\n implementation: walletCreateSessionHandler,\n hookNames: {\n findNetworkClientIdByChainId: true,\n listAccounts: true,\n requestPermissionsForOrigin: true,\n getNonEvmSupportedMethods: true,\n isNonEvmScopeSupported: true,\n getNonEvmAccountAddresses: true,\n trackSessionCreatedEvent: true,\n },\n};\n"]}
1
+ {"version":3,"file":"wallet-createSession.mjs","sourceRoot":"","sources":["../../src/handlers/wallet-createSession.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,6BAA6B,EAC7B,YAAY,EACZ,0BAA0B,EAE1B,uBAAuB,EACvB,gBAAgB,EAEhB,wBAAwB,EAExB,2BAA2B,EAC3B,kCAAkC,EAClC,6BAA6B,EAC7B,0CAA0C,EAC1C,yBAAyB,EAC1B,4CAA4C;AAC7C,OAAO,EAAE,sBAAsB,EAAE,mCAAmC;AAMpE,OAAO,EACL,aAAa,EAEd,wCAAwC;AACzC,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,6BAA6B;AAC/D,OAAO,EAIL,aAAa,EAIb,kBAAkB,EAClB,kBAAkB,EACnB,wBAAwB;AAIzB,MAAM,oBAAoB,GAAG,yCAAyC,CAAC;AAEvE;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,KAAK,UAAU,0BAA0B,CACvC,GAA6D,EAC7D,GAGE,EACF,KAAgC,EAChC,GAA6B,EAC7B,KAaC;IAED,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE;QAC9B,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IACD,MAAM,EAAE,cAAc,EAAE,cAAc,EAAE,iBAAiB,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAEzE,IAAI,iBAAiB,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;QACpE,OAAO,GAAG,CAAC,IAAI,YAAY,CAAC,IAAI,EAAE,qCAAqC,CAAC,CAAC,CAAC;KAC3E;IAED,MAAM,yBAAyB,GAAG,MAAM,CAAC,WAAW,CAClD,MAAM,CAAC,OAAO,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CACvD,2BAA2B,CAAC,GAAG,CAAC,CACjC,CACF,CAAC;IAEF,IAAI;QACF,MAAM,EAAE,wBAAwB,EAAE,wBAAwB,EAAE,GAC1D,0BAA0B,CAAC,cAAc,IAAI,EAAE,EAAE,cAAc,IAAI,EAAE,CAAC,CAAC;QAEzE,MAAM,kDAAkD,GACtD,wBAAwB,CAAC,wBAAwB,EAAE;YACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QACL,MAAM,kDAAkD,GACtD,wBAAwB,CAAC,wBAAwB,EAAE;YACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QAEL,MAAM,6BAA6B,GAAG,CAAC,OAAY,EAAE,EAAE;YACrD,IAAI;gBACF,KAAK,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC;gBAC5C,OAAO,IAAI,CAAC;aACb;YAAC,MAAM;gBACN,OAAO,KAAK,CAAC;aACd;QACH,CAAC,CAAC;QAEF,yGAAyG;QACzG,MAAM,iBAAiB,GACrB,yBAAyB,CACvB,kDAAkD,EAClD,kBAAkB,CAAC,MAAM,CAC1B;YACD,yBAAyB,CACvB,kDAAkD,EAClD,kBAAkB,CAAC,MAAM,CAC1B,CAAC;QAEJ,IAAI,2BAA2B,GAAG,KAAK,CAAC;QACxC,IAAI,iBAAiB,EAAE;YACrB,MAAM,uBAAuB,GAC3B,KAAK,CAAC,yBAAyB,CAAC,oBAAoB,CAAC,CAAC;YACxD,2BAA2B,GAAG,uBAAuB,CAAC,MAAM,KAAK,CAAC,CAAC;SACpE;QAED,MAAM,EAAE,eAAe,EAAE,uBAAuB,EAAE,GAAG,YAAY,CAC/D,kDAAkD,EAClD;YACE,qBAAqB,EAAE,6BAA6B;YACpD,uBAAuB,EAAE,GAAG,EAAE,CAAC,KAAK;YACpC,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;YAC1D,sBAAsB,EAAE,KAAK,CAAC,sBAAsB;SACrD,CACF,CAAC;QAEF,MAAM,EAAE,eAAe,EAAE,uBAAuB,EAAE,GAAG,YAAY,CAC/D,kDAAkD,EAClD;YACE,qBAAqB,EAAE,6BAA6B;YACpD,uBAAuB,EAAE,GAAG,EAAE,CAAC,KAAK;YACpC,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;YAC1D,sBAAsB,EAAE,KAAK,CAAC,sBAAsB;SACrD,CACF,CAAC;QAEF,MAAM,4BAA4B,GAAG,kCAAkC,CAAC;YACtE,uBAAuB;YACvB,uBAAuB;SACxB,CAAC,CAAC;QAEH,MAAM,iCAAiC,GAAG,6BAA6B,CAAC;YACtE,uBAAuB;YACvB,uBAAuB;SACxB,CAAC,CAAC;QAEH,MAAM,oBAAoB,GAAG,KAAK;aAC/B,YAAY,EAAE;aACd,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAErC,MAAM,kCAAkC,GACtC,4BAA4B,CAAC,MAAM,CACjC,CAAC,uBAAsC,EAAE,EAAE;YACzC,MAAM,EACJ,OAAO,EACP,KAAK,EAAE,EAAE,SAAS,EAAE,EACpB,OAAO,EAAE,WAAW,GACrB,GAAG,kBAAkB,CAAC,uBAAuB,CAAC,CAAC;YAChD,IAAI,SAAS,KAAK,kBAAkB,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE;gBACtD,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC,kBAAkB,EAAE,EAAE;oBACtD,OAAO,sBAAsB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;gBAC7D,CAAC,CAAC,CAAC;aACJ;YAED,oEAAoE;YACpE,OAAO,KAAK;iBACT,yBAAyB,CAAC,WAAW,CAAC;iBACtC,IAAI,CAAC,CAAC,mBAAmB,EAAE,EAAE;gBAC5B,OAAO,uBAAuB,KAAK,mBAAmB,CAAC;YACzD,CAAC,CAAC,CAAC;QACP,CAAC,CACF,CAAC;QAEJ,MAAM,0BAA0B,GAAG;YACjC,cAAc,EAAE,uBAAuB,CAAC,uBAAuB,CAAC;YAChE,cAAc,EAAE,uBAAuB,CAAC,uBAAuB,CAAC;YAChE,kBAAkB,EAAE,IAAI;YACxB,iBAAiB,EAAE,yBAAyB;SAC7C,CAAC;QAEF,MAAM,+CAA+C,GACnD,0CAA0C,CACxC,0BAA0B,EAC1B,kCAAkC,CACnC,CAAC;QAEJ,0FAA0F;QAC1F,8FAA8F;QAC9F,4FAA4F;QAC5F,oGAAoG;QACpG,IAAI,iCAAiC,CAAC,MAAM,KAAK,CAAC,EAAE;YAClD,IAAI,2BAA2B,EAAE;gBAC/B,+CAA+C,CAAC,cAAc,CAC5D,kBAAkB,CAAC,MAAM,CAC1B,GAAG;oBACF,QAAQ,EAAE,EAAE;iBACb,CAAC;aACH;iBAAM;gBACL,mFAAmF;gBACnF,OAAO,GAAG,CACR,IAAI,YAAY,CAAC,IAAI,EAAE,oCAAoC,CAAC,CAC7D,CAAC;aACH;SACF;QAED,MAAM,CAAC,kBAAkB,CAAC,GAAG,MAAM,KAAK,CAAC,2BAA2B,CAClE;YACE,CAAC,6BAA6B,CAAC,EAAE;gBAC/B,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,gBAAgB;wBACtB,KAAK,EAAE,+CAA+C;qBACvD;iBACF;aACF;SACF,EACD;YACE,QAAQ,EAAE,EAAE,2BAA2B,EAAE;SAC1C,CACF,CAAC;QAEF,MAAM,wBAAwB,GAC5B,kBAAkB,CAAC,6BAA6B,CAAC,CAAC;QACpD,MAAM,yBAAyB,GAAG,wBAAwB,EAAE,OAAO,EAAE,IAAI,CACvE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,gBAAgB,CAC7C,EAAE,KAA0B,CAAC;QAC9B,IAAI,CAAC,yBAAyB,EAAE;YAC9B,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC;SAC5B;QAED,MAAM,aAAa,GAAG,gBAAgB,CAAC,yBAAyB,EAAE;YAChE,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;SAC3D,CAAC,CAAC;QAEH,MAAM,EAAE,iBAAiB,EAAE,yBAAyB,GAAG,EAAE,EAAE,GACzD,yBAAyB,CAAC;QAE5B,KAAK,CAAC,wBAAwB,EAAE,CAAC,yBAAyB,CAAC,CAAC;QAE5D,GAAG,CAAC,MAAM,GAAG;YACX,aAAa;YACb,iBAAiB,EAAE,yBAAyB;SAC7C,CAAC;QACF,OAAO,GAAG,EAAE,CAAC;KACd;IAAC,OAAO,GAAG,EAAE;QACZ,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;KACjB;AACH,CAAC;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,WAAW,EAAE,CAAC,sBAAsB,CAAC;IACrC,cAAc,EAAE,0BAA0B;IAC1C,SAAS,EAAE;QACT,4BAA4B,EAAE,IAAI;QAClC,YAAY,EAAE,IAAI;QAClB,2BAA2B,EAAE,IAAI;QACjC,yBAAyB,EAAE,IAAI;QAC/B,sBAAsB,EAAE,IAAI;QAC5B,yBAAyB,EAAE,IAAI;QAC/B,wBAAwB,EAAE,IAAI;KAC/B;CACF,CAAC","sourcesContent":["import {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n bucketScopes,\n validateAndNormalizeScopes,\n type Caip25Authorization,\n getInternalScopesObject,\n getSessionScopes,\n type NormalizedScopesObject,\n getSupportedScopeObjects,\n type Caip25CaveatValue,\n isKnownSessionPropertyValue,\n getCaipAccountIdsFromScopesObjects,\n getAllScopesFromScopesObjects,\n setNonSCACaipAccountIdsInCaip25CaveatValue,\n isNamespaceInScopesObject,\n} from '@metamask/chain-agnostic-permission';\nimport { isEqualCaseInsensitive } from '@metamask/controller-utils';\nimport type {\n JsonRpcEngineEndCallback,\n JsonRpcEngineNextCallback,\n} from '@metamask/json-rpc-engine';\nimport type { NetworkController } from '@metamask/network-controller';\nimport {\n invalidParams,\n type RequestedPermissions,\n} from '@metamask/permission-controller';\nimport { JsonRpcError, rpcErrors } from '@metamask/rpc-errors';\nimport {\n type CaipAccountId,\n type CaipChainId,\n type Hex,\n isPlainObject,\n type Json,\n type JsonRpcRequest,\n type JsonRpcSuccess,\n KnownCaipNamespace,\n parseCaipAccountId,\n} from '@metamask/utils';\n\nimport type { GrantedPermissions } from './types';\n\nconst SOLANA_CAIP_CHAIN_ID = 'solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp';\n\n/**\n * Handler for the `wallet_createSession` RPC method which is responsible\n * for prompting for approval and granting a CAIP-25 permission.\n *\n * This implementation primarily deviates from the CAIP-25 handler\n * specification by treating all scopes as optional regardless of\n * if they were specified in `requiredScopes` or `optionalScopes`.\n * Additionally, provided scopes, methods, notifications, and\n * account values that are invalid/malformed are ignored rather than\n * causing an error to be returned.\n *\n * @param req - The request object.\n * @param res - The response object.\n * @param _next - The next middleware function.\n * @param end - The end function.\n * @param hooks - The hooks object.\n * @param hooks.listAccounts - The hook that returns an array of the wallet's evm accounts.\n * @param hooks.findNetworkClientIdByChainId - The hook that returns the networkClientId for a chainId.\n * @param hooks.requestPermissionsForOrigin - The hook that approves and grants requested permissions.\n * @param hooks.getNonEvmSupportedMethods - The hook that returns the supported methods for a non EVM scope.\n * @param hooks.isNonEvmScopeSupported - The hook that returns true if a non EVM scope is supported.\n * @param hooks.getNonEvmAccountAddresses - The hook that returns a list of CaipAccountIds that are supported for a CaipChainId.\n * @param hooks.trackSessionCreatedEvent - An optional hook for platform specific logic to run. Can be undefined.\n * @returns A promise with wallet_createSession handler\n */\nasync function walletCreateSessionHandler(\n req: JsonRpcRequest<Caip25Authorization> & { origin: string },\n res: JsonRpcSuccess<{\n sessionScopes: NormalizedScopesObject;\n sessionProperties?: Record<string, Json>;\n }>,\n _next: JsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n hooks: {\n listAccounts: () => { address: string }[];\n findNetworkClientIdByChainId: NetworkController['findNetworkClientIdByChainId'];\n requestPermissionsForOrigin: (\n requestedPermissions: RequestedPermissions,\n metadata?: Record<string, Json>,\n ) => Promise<[GrantedPermissions]>;\n getNonEvmSupportedMethods: (scope: CaipChainId) => string[];\n isNonEvmScopeSupported: (scope: CaipChainId) => boolean;\n getNonEvmAccountAddresses: (scope: CaipChainId) => CaipAccountId[];\n trackSessionCreatedEvent?: (\n approvedCaip25CaveatValue: Caip25CaveatValue,\n ) => void;\n },\n) {\n if (!isPlainObject(req.params)) {\n return end(invalidParams({ data: { request: req } }));\n }\n const { requiredScopes, optionalScopes, sessionProperties } = req.params;\n\n if (sessionProperties && Object.keys(sessionProperties).length === 0) {\n return end(new JsonRpcError(5302, 'Invalid sessionProperties requested'));\n }\n\n const filteredSessionProperties = Object.fromEntries(\n Object.entries(sessionProperties ?? {}).filter(([key]) =>\n isKnownSessionPropertyValue(key),\n ),\n );\n\n try {\n const { normalizedRequiredScopes, normalizedOptionalScopes } =\n validateAndNormalizeScopes(requiredScopes || {}, optionalScopes || {});\n\n const requiredScopesWithSupportedMethodsAndNotifications =\n getSupportedScopeObjects(normalizedRequiredScopes, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n const optionalScopesWithSupportedMethodsAndNotifications =\n getSupportedScopeObjects(normalizedOptionalScopes, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n\n const networkClientExistsForChainId = (chainId: Hex) => {\n try {\n hooks.findNetworkClientIdByChainId(chainId);\n return true;\n } catch {\n return false;\n }\n };\n\n // if solana is a requested scope but not supported, we add a promptToCreateSolanaAccount flag to request\n const isSolanaRequested =\n isNamespaceInScopesObject(\n requiredScopesWithSupportedMethodsAndNotifications,\n KnownCaipNamespace.Solana,\n ) ||\n isNamespaceInScopesObject(\n optionalScopesWithSupportedMethodsAndNotifications,\n KnownCaipNamespace.Solana,\n );\n\n let promptToCreateSolanaAccount = false;\n if (isSolanaRequested) {\n const supportedSolanaAccounts =\n hooks.getNonEvmAccountAddresses(SOLANA_CAIP_CHAIN_ID);\n promptToCreateSolanaAccount = supportedSolanaAccounts.length === 0;\n }\n\n const { supportedScopes: supportedRequiredScopes } = bucketScopes(\n requiredScopesWithSupportedMethodsAndNotifications,\n {\n isEvmChainIdSupported: networkClientExistsForChainId,\n isEvmChainIdSupportable: () => false, // intended for future usage with eip3085 scopedProperties\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n isNonEvmScopeSupported: hooks.isNonEvmScopeSupported,\n },\n );\n\n const { supportedScopes: supportedOptionalScopes } = bucketScopes(\n optionalScopesWithSupportedMethodsAndNotifications,\n {\n isEvmChainIdSupported: networkClientExistsForChainId,\n isEvmChainIdSupportable: () => false, // intended for future usage with eip3085 scopedProperties\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n isNonEvmScopeSupported: hooks.isNonEvmScopeSupported,\n },\n );\n\n const allRequestedAccountAddresses = getCaipAccountIdsFromScopesObjects([\n supportedRequiredScopes,\n supportedOptionalScopes,\n ]);\n\n const allSupportedRequestedCaipChainIds = getAllScopesFromScopesObjects([\n supportedRequiredScopes,\n supportedOptionalScopes,\n ]);\n\n const existingEvmAddresses = hooks\n .listAccounts()\n .map((account) => account.address);\n\n const supportedRequestedAccountAddresses =\n allRequestedAccountAddresses.filter(\n (requestedAccountAddress: CaipAccountId) => {\n const {\n address,\n chain: { namespace },\n chainId: caipChainId,\n } = parseCaipAccountId(requestedAccountAddress);\n if (namespace === KnownCaipNamespace.Eip155.toString()) {\n return existingEvmAddresses.some((existingEvmAddress) => {\n return isEqualCaseInsensitive(address, existingEvmAddress);\n });\n }\n\n // If the namespace is not eip155 (EVM) we do a case sensitive check\n return hooks\n .getNonEvmAccountAddresses(caipChainId)\n .some((existingCaipAddress) => {\n return requestedAccountAddress === existingCaipAddress;\n });\n },\n );\n\n const requestedCaip25CaveatValue = {\n requiredScopes: getInternalScopesObject(supportedRequiredScopes),\n optionalScopes: getInternalScopesObject(supportedOptionalScopes),\n isMultichainOrigin: true,\n sessionProperties: filteredSessionProperties,\n };\n\n const requestedCaip25CaveatValueWithSupportedAccounts =\n setNonSCACaipAccountIdsInCaip25CaveatValue(\n requestedCaip25CaveatValue,\n supportedRequestedAccountAddresses,\n );\n\n // if `promptToCreateSolanaAccount` is true and there are no other valid scopes requested,\n // we add a `wallet` scope to the request in order to get passed the CAIP-25 caveat validator.\n // This is very hacky but is necessary because the solana opt-in flow breaks key assumptions\n // of the CAIP-25 permission specification - namely that we can have valid requests with no scopes.\n if (allSupportedRequestedCaipChainIds.length === 0) {\n if (promptToCreateSolanaAccount) {\n requestedCaip25CaveatValueWithSupportedAccounts.optionalScopes[\n KnownCaipNamespace.Wallet\n ] = {\n accounts: [],\n };\n } else {\n // if solana is not requested and there are no supported scopes, we return an error\n return end(\n new JsonRpcError(5100, 'Requested scopes are not supported'),\n );\n }\n }\n\n const [grantedPermissions] = await hooks.requestPermissionsForOrigin(\n {\n [Caip25EndowmentPermissionName]: {\n caveats: [\n {\n type: Caip25CaveatType,\n value: requestedCaip25CaveatValueWithSupportedAccounts,\n },\n ],\n },\n },\n {\n metadata: { promptToCreateSolanaAccount },\n },\n );\n\n const approvedCaip25Permission =\n grantedPermissions[Caip25EndowmentPermissionName];\n const approvedCaip25CaveatValue = approvedCaip25Permission?.caveats?.find(\n (caveat) => caveat.type === Caip25CaveatType,\n )?.value as Caip25CaveatValue;\n if (!approvedCaip25CaveatValue) {\n throw rpcErrors.internal();\n }\n\n const sessionScopes = getSessionScopes(approvedCaip25CaveatValue, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n });\n\n const { sessionProperties: approvedSessionProperties = {} } =\n approvedCaip25CaveatValue;\n\n hooks.trackSessionCreatedEvent?.(approvedCaip25CaveatValue);\n\n res.result = {\n sessionScopes,\n sessionProperties: approvedSessionProperties,\n };\n return end();\n } catch (err) {\n return end(err);\n }\n}\n\nexport const walletCreateSession = {\n methodNames: ['wallet_createSession'],\n implementation: walletCreateSessionHandler,\n hookNames: {\n findNetworkClientIdByChainId: true,\n listAccounts: true,\n requestPermissionsForOrigin: true,\n getNonEvmSupportedMethods: true,\n isNonEvmScopeSupported: true,\n getNonEvmAccountAddresses: true,\n trackSessionCreatedEvent: true,\n },\n};\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@metamask/multichain-api-middleware",
3
- "version": "0.2.0",
3
+ "version": "0.4.0",
4
4
  "description": "JSON-RPC methods and middleware to support the MetaMask Multichain API",
5
5
  "keywords": [
6
6
  "MetaMask",
@@ -47,11 +47,11 @@
47
47
  "test:watch": "NODE_OPTIONS=--experimental-vm-modules jest --watch"
48
48
  },
49
49
  "dependencies": {
50
- "@metamask/api-specs": "^0.10.12",
51
- "@metamask/chain-agnostic-permission": "^0.4.0",
52
- "@metamask/controller-utils": "^11.7.0",
50
+ "@metamask/api-specs": "^0.14.0",
51
+ "@metamask/chain-agnostic-permission": "^0.7.0",
52
+ "@metamask/controller-utils": "^11.9.0",
53
53
  "@metamask/json-rpc-engine": "^10.0.3",
54
- "@metamask/network-controller": "^23.2.0",
54
+ "@metamask/network-controller": "^23.5.0",
55
55
  "@metamask/permission-controller": "^11.0.6",
56
56
  "@metamask/rpc-errors": "^7.0.2",
57
57
  "@metamask/utils": "^11.2.0",
@@ -62,7 +62,7 @@
62
62
  "devDependencies": {
63
63
  "@metamask/auto-changelog": "^3.4.4",
64
64
  "@metamask/eth-json-rpc-filters": "^9.0.0",
65
- "@metamask/multichain-transactions-controller": "^0.9.0",
65
+ "@metamask/multichain-transactions-controller": "^1.0.0",
66
66
  "@metamask/safe-event-emitter": "^3.0.0",
67
67
  "@types/jest": "^27.4.1",
68
68
  "deepmerge": "^4.2.2",