@metamask/snaps-controllers 0.25.0 → 0.26.0

package/dist/snaps/SnapController.js

@@ -21,7 +21,7 @@ var __rest = (this && this.__rest) || function (s, e) {
         }
     return t;
 };
-var _SnapController_instances, _SnapController_closeAllConnections, _SnapController_environmentEndowmentPermissions, _SnapController_featureFlags, _SnapController_fetchFunction, _SnapController_idleTimeCheckInterval, _SnapController_checkSnapBlockList, _SnapController_maxIdleTime, _SnapController_npmRegistryUrl, _SnapController_getAppKey, _SnapController_timeoutForLastRequestStatus, _SnapController_statusMachine, _SnapController_initializeStateMachine, _SnapController_registerMessageHandlers, _SnapController_pollForLastRequestStatus, _SnapController_blockSnap, _SnapController_unblockSnap, _SnapController_assertIsUnblocked, _SnapController_stopSnapsLastRequestPastMax, _SnapController_transition, _SnapController_terminateSnap, _SnapController_getEncryptionKey, _SnapController_encryptSnapState, _SnapController_decryptSnapState, _SnapController_add, _SnapController_startSnap, _SnapController_getEndowments, _SnapController_set, _SnapController_fetchNpmSnap, _SnapController_fetchLocalSnap, _SnapController_processSnapPermissions, _SnapController_getRpcRequestHandler, _SnapController_executeWithTimeout, _SnapController_recordSnapRpcRequestStart, _SnapController_recordSnapRpcRequestFinish, _SnapController_getRuntime, _SnapController_getRuntimeExpect, _SnapController_setupRuntime, _SnapController_calculatePermissionsChange;
+var _SnapController_instances, _SnapController_closeAllConnections, _SnapController_environmentEndowmentPermissions, _SnapController_featureFlags, _SnapController_fetchFunction, _SnapController_idleTimeCheckInterval, _SnapController_checkSnapBlockList, _SnapController_maxIdleTime, _SnapController_npmRegistryUrl, _SnapController_detectSnapLocation, _SnapController_rollbackSnapshots, _SnapController_getAppKey, _SnapController_timeoutForLastRequestStatus, _SnapController_statusMachine, _SnapController_initializeStateMachine, _SnapController_registerMessageHandlers, _SnapController_pollForLastRequestStatus, _SnapController_blockSnap, _SnapController_unblockSnap, _SnapController_assertIsUnblocked, _SnapController_stopSnapsLastRequestPastMax, _SnapController_transition, _SnapController_terminateSnap, _SnapController_getEncryptionKey, _SnapController_encryptSnapState, _SnapController_decryptSnapState, _SnapController_add, _SnapController_startSnap, _SnapController_getEndowments, _SnapController_set, _SnapController_fetchSnap, _SnapController_processSnapPermissions, _SnapController_getRpcRequestHandler, _SnapController_executeWithTimeout, _SnapController_recordSnapRpcRequestStart, _SnapController_recordSnapRpcRequestFinish, _SnapController_getRollbackSnapshot, _SnapController_createRollbackSnapshot, _SnapController_rollbackSnap, _SnapController_rollbackSnaps, _SnapController_getRuntime, _SnapController_getRuntimeExpect, _SnapController_setupRuntime, _SnapController_calculatePermissionsChange, _SnapController_isValidUpdate;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SnapController = exports.AppKeyType = exports.SNAP_APPROVAL_UPDATE = exports.SNAP_APPROVAL_INSTALL = exports.controllerName = void 0;
 const base_controller_1 = require("@metamask/base-controller");
@@ -37,9 +37,9 @@ const fsm_2 = require("../fsm");
 const utils_2 = require("../utils");
 const endowments_1 = require("./endowments");
 const rpc_1 = require("./endowments/rpc");
+const location_1 = require("./location");
 const RequestQueue_1 = require("./RequestQueue");
 const Timer_1 = require("./Timer");
-const utils_3 = require("./utils");
 exports.controllerName = 'SnapController';
 // TODO: Figure out how to name these
 exports.SNAP_APPROVAL_INSTALL = 'wallet_installSnap';
@@ -85,7 +85,7 @@ const name = 'SnapController';
  * - Start: Initializes the snap in its SES realm with the authorized permissions.
  */
 class SnapController extends base_controller_1.BaseControllerV2 {
-    constructor({ closeAllConnections, messenger, state, getAppKey, environmentEndowmentPermissions = [], npmRegistryUrl, idleTimeCheckInterval = (0, utils_1.inMilliseconds)(5, utils_1.Duration.Second), checkBlockList, maxIdleTime = (0, utils_1.inMilliseconds)(30, utils_1.Duration.Second), maxRequestTime = (0, utils_1.inMilliseconds)(60, utils_1.Duration.Second), fetchFunction = globalThis.fetch.bind(globalThis), featureFlags = {}, }) {
+    constructor({ closeAllConnections, messenger, state, getAppKey, environmentEndowmentPermissions = [], npmRegistryUrl, idleTimeCheckInterval = (0, utils_1.inMilliseconds)(5, utils_1.Duration.Second), checkBlockList, maxIdleTime = (0, utils_1.inMilliseconds)(30, utils_1.Duration.Second), maxRequestTime = (0, utils_1.inMilliseconds)(60, utils_1.Duration.Second), fetchFunction = globalThis.fetch.bind(globalThis), featureFlags = {}, detectSnapLocation: detectSnapLocationFunction = location_1.detectSnapLocation, }) {
         var _a, _b;
         super({
             messenger,
@@ -136,6 +136,8 @@ class SnapController extends base_controller_1.BaseControllerV2 {
         _SnapController_checkSnapBlockList.set(this, void 0);
         _SnapController_maxIdleTime.set(this, void 0);
         _SnapController_npmRegistryUrl.set(this, void 0);
+        _SnapController_detectSnapLocation.set(this, void 0);
+        _SnapController_rollbackSnapshots.set(this, void 0);
         _SnapController_getAppKey.set(this, void 0);
         _SnapController_timeoutForLastRequestStatus.set(this, void 0);
         _SnapController_statusMachine.set(this, void 0);
@@ -149,9 +151,11 @@ class SnapController extends base_controller_1.BaseControllerV2 {
         __classPrivateFieldSet(this, _SnapController_maxIdleTime, maxIdleTime, "f");
         this.maxRequestTime = maxRequestTime;
         __classPrivateFieldSet(this, _SnapController_npmRegistryUrl, npmRegistryUrl, "f");
+        __classPrivateFieldSet(this, _SnapController_detectSnapLocation, detectSnapLocationFunction, "f");
         this._onUnhandledSnapError = this._onUnhandledSnapError.bind(this);
         this._onOutboundRequest = this._onOutboundRequest.bind(this);
         this._onOutboundResponse = this._onOutboundResponse.bind(this);
+        __classPrivateFieldSet(this, _SnapController_rollbackSnapshots, new Map(), "f");
         this.snapsRuntimeData = new Map();
         __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_pollForLastRequestStatus).call(this);
         /* eslint-disable @typescript-eslint/unbound-method */
@@ -561,27 +565,46 @@ class SnapController extends base_controller_1.BaseControllerV2 {
      */
     async installSnaps(origin, requestedSnaps) {
         const result = {};
-        await Promise.all(Object.entries(requestedSnaps).map(async ([snapId, { version: rawVersion }]) => {
-            const [error, version] = (0, snaps_utils_1.resolveVersionRange)(rawVersion);
-            if (error) {
-                result[snapId] = {
-                    error: eth_rpc_errors_1.ethErrors.rpc.invalidParams(`The "version" field must be a valid SemVer version range if specified. Received: "${version}".`),
-                };
-                return;
-            }
-            const permissionName = (0, snaps_utils_1.getSnapPermissionName)(snapId);
-            if (this.messagingSystem.call('PermissionController:hasPermission', origin, permissionName)) {
-                // Attempt to install and run the snap, storing any errors that
-                // occur during the process.
-                result[snapId] = Object.assign({}, (await this.processRequestedSnap(origin, snapId, version)));
-            }
-            else {
-                // only allow the installation of permitted snaps
-                result[snapId] = {
-                    error: eth_rpc_errors_1.ethErrors.provider.unauthorized(`Not authorized to install snap "${snapId}". Request the permission for the snap before attempting to install it.`),
-                };
+        const snapIds = Object.keys(requestedSnaps);
+        // Existing snaps may need to be updated
+        const pendingUpdates = snapIds.filter((snapId) => this.has(snapId));
+        // Non-existing snaps will need to be installed
+        const pendingInstalls = snapIds.filter((snapId) => !pendingUpdates.includes(snapId));
+        try {
+            for (const [snapId, { version: rawVersion }] of Object.entries(requestedSnaps)) {
+                const [error, version] = (0, snaps_utils_1.resolveVersionRange)(rawVersion);
+                if (error) {
+                    throw eth_rpc_errors_1.ethErrors.rpc.invalidParams(`The "version" field must be a valid SemVer version range if specified. Received: "${rawVersion}".`);
+                }
+                const permissionName = (0, snaps_utils_1.getSnapPermissionName)(snapId);
+                if (!this.messagingSystem.call('PermissionController:hasPermission', origin, permissionName)) {
+                    throw eth_rpc_errors_1.ethErrors.provider.unauthorized(`Not authorized to install snap "${snapId}". Request the permission for the snap before attempting to install it.`);
+                }
+                const isUpdate = pendingUpdates.includes(snapId);
+                if (isUpdate && __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_isValidUpdate).call(this, snapId, version)) {
+                    let rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRollbackSnapshot).call(this, snapId);
+                    if (rollbackSnapshot === undefined) {
+                        const prevSourceCode = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId).sourceCode;
+                        rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_createRollbackSnapshot).call(this, snapId);
+                        rollbackSnapshot.sourceCode = prevSourceCode;
+                        rollbackSnapshot.newVersion = version;
+                    }
+                    else {
+                        throw new Error('This snap is already being updated.');
+                    }
+                }
+                result[snapId] = await this.processRequestedSnap(origin, snapId, version);
             }
-        }));
+            snapIds.forEach((snapId) => __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").delete(snapId));
+        }
+        catch (error) {
+            const installed = pendingInstalls.filter((snapId) => this.has(snapId));
+            await this.removeSnaps(installed);
+            const snapshottedSnaps = [...__classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").keys()];
+            const snapsToRollback = pendingUpdates.filter((snapId) => snapshottedSnaps.includes(snapId));
+            await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_rollbackSnaps).call(this, snapsToRollback);
+            throw error;
+        }
         return result;
     }
     /**
@@ -594,39 +617,22 @@ class SnapController extends base_controller_1.BaseControllerV2 {
      * @returns The resulting snap object, or an error if something went wrong.
      */
     async processRequestedSnap(origin, snapId, versionRange) {
-        try {
-            (0, snaps_utils_1.validateSnapId)(snapId);
-        }
-        catch (error) {
-            return {
-                error: eth_rpc_errors_1.ethErrors.rpc.invalidParams(`"${snapId}" is not a valid snap id.`),
-            };
-        }
+        (0, snaps_utils_1.validateSnapId)(snapId);
+        const location = __classPrivateFieldGet(this, _SnapController_detectSnapLocation, "f").call(this, snapId, { versionRange });
         const existingSnap = this.getTruncated(snapId);
         // For devX we always re-install local snaps.
-        if (existingSnap && (0, snaps_utils_1.getSnapPrefix)(snapId) !== snaps_utils_1.SnapIdPrefixes.local) {
+        if (existingSnap && !location.shouldAlwaysReload) {
             if ((0, snaps_utils_1.satisfiesVersionRange)(existingSnap.version, versionRange)) {
                 return existingSnap;
             }
             if (__classPrivateFieldGet(this, _SnapController_featureFlags, "f").dappsCanUpdateSnaps === true) {
-                try {
-                    const updateResult = await this.updateSnap(origin, snapId, versionRange);
-                    if (updateResult === null) {
-                        return {
-                            error: eth_rpc_errors_1.ethErrors.rpc.invalidParams(`Snap "${snapId}@${existingSnap.version}" is already installed, couldn't update to a version inside requested "${versionRange}" range.`),
-                        };
-                    }
-                    return updateResult;
-                }
-                catch (error) {
-                    return { error: (0, eth_rpc_errors_1.serializeError)(error) };
+                const updateResult = await this.updateSnap(origin, snapId, versionRange, location);
+                if (updateResult === null) {
+                    throw eth_rpc_errors_1.ethErrors.rpc.invalidParams(`Snap "${snapId}@${existingSnap.version}" is already installed. Couldn't update to a version inside requested "${versionRange}" range.`);
                 }
+                return updateResult;
             }
-            else {
-                return {
-                    error: eth_rpc_errors_1.ethErrors.rpc.invalidParams(`Version mismatch with already installed snap. ${snapId}@${existingSnap.version} doesn't satisfy requested version ${versionRange}`),
-                };
-            }
+            throw eth_rpc_errors_1.ethErrors.rpc.invalidParams(`Version mismatch with already installed snap. ${snapId}@${existingSnap.version} doesn't satisfy requested version ${versionRange}.`);
         }
         // Existing snaps must be stopped before overwriting
         if (existingSnap && this.isRunning(snapId)) {
@@ -636,7 +642,7 @@ class SnapController extends base_controller_1.BaseControllerV2 {
             const { sourceCode } = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_add).call(this, {
                 origin,
                 id: snapId,
-                versionRange,
+                location,
             });
             await this.authorize(origin, snapId);
             await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_startSnap).call(this, {
@@ -649,10 +655,7 @@ class SnapController extends base_controller_1.BaseControllerV2 {
         }
         catch (error) {
             console.error(`Error when adding snap.`, error);
-            if (this.has(snapId)) {
-                await this.removeSnap(snapId);
-            }
-            return { error: (0, eth_rpc_errors_1.serializeError)(error) };
+            throw error;
         }
     }
     /**
@@ -670,27 +673,29 @@ class SnapController extends base_controller_1.BaseControllerV2 {
      * @param origin - The origin requesting the snap update.
      * @param snapId - The id of the Snap to be updated.
      * @param newVersionRange - A semver version range in which the maximum version will be chosen.
+     * @param location - Optional location that was already used during installation flow.
      * @returns The snap metadata if updated, `null` otherwise.
      */
-    async updateSnap(origin, snapId, newVersionRange = snaps_utils_1.DEFAULT_REQUESTED_SNAP_VERSION) {
+    async updateSnap(origin, snapId, newVersionRange = snaps_utils_1.DEFAULT_REQUESTED_SNAP_VERSION, location) {
+        var _a;
         const snap = this.getExpect(snapId);
         if (!(0, snaps_utils_1.isValidSemVerRange)(newVersionRange)) {
             throw new Error(`Received invalid snap version range: "${newVersionRange}".`);
         }
-        const newSnap = await this.fetchSnap(snapId, newVersionRange);
-        const newVersion = newSnap.manifest.version;
+        const newSnap = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_fetchSnap).call(this, snapId, location !== null && location !== void 0 ? location : __classPrivateFieldGet(this, _SnapController_detectSnapLocation, "f").call(this, snapId, { versionRange: newVersionRange }));
+        const newVersion = newSnap.manifest.result.version;
         if (!(0, snaps_utils_1.gtVersion)(newVersion, snap.version)) {
             console.warn(`Tried updating snap "${snapId}" within "${newVersionRange}" version range, but newer version "${snap.version}" is already installed`);
             return null;
         }
         await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertIsUnblocked).call(this, snapId, {
             version: newVersion,
-            shasum: newSnap.manifest.source.shasum,
+            shasum: newSnap.manifest.result.source.shasum,
         });
-        const processedPermissions = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_processSnapPermissions).call(this, newSnap.manifest.initialPermissions);
+        const processedPermissions = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_processSnapPermissions).call(this, newSnap.manifest.result.initialPermissions);
         const { newPermissions, unusedPermissions, approvedPermissions } = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_calculatePermissionsChange).call(this, snapId, processedPermissions);
         const id = (0, nanoid_1.nanoid)();
-        const _a = (await this.messagingSystem.call('ApprovalController:addRequest', {
+        const _b = (await this.messagingSystem.call('ApprovalController:addRequest', {
             origin,
             id,
             type: exports.SNAP_APPROVAL_UPDATE,
@@ -699,12 +704,12 @@ class SnapController extends base_controller_1.BaseControllerV2 {
                 metadata: { id, origin: snapId, dappOrigin: origin },
                 permissions: newPermissions,
                 snapId,
-                newVersion: newSnap.manifest.version,
+                newVersion: newSnap.manifest.result.version,
                 newPermissions,
                 approvedPermissions,
                 unusedPermissions,
             },
-        }, true)), { permissions: approvedNewPermissions } = _a, requestData = __rest(_a, ["permissions"]);
+        }, true)), { permissions: approvedNewPermissions } = _b, requestData = __rest(_b, ["permissions"]);
         if (this.isRunning(snapId)) {
             await this.stopSnap(snapId, snaps_utils_1.SnapStatusEvents.Stop);
         }
@@ -713,8 +718,9 @@ class SnapController extends base_controller_1.BaseControllerV2 {
             origin,
             id: snapId,
             manifest: newSnap.manifest,
-            sourceCode: newSnap.sourceCode,
+            files: newSnap.files,
             versionRange: newVersionRange,
+            isUpdate: true,
         });
         const unusedPermissionsKeys = Object.keys(unusedPermissions);
         if ((0, utils_1.isNonEmptyArray)(unusedPermissionsKeys)) {
@@ -729,37 +735,24 @@ class SnapController extends base_controller_1.BaseControllerV2 {
                 requestData,
             });
         }
-        await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_startSnap).call(this, { snapId, sourceCode: newSnap.sourceCode });
-        const truncatedSnap = this.getTruncatedExpect(snapId);
-        this.messagingSystem.publish('SnapController:snapUpdated', truncatedSnap, snap.version);
-        return truncatedSnap;
-    }
-    /**
-     * Fetches the manifest and source code of a snap.
-     *
-     * This function is not hash private yet because of tests.
-     *
-     * @param snapId - The id of the Snap.
-     * @param versionRange - The SemVer version of the Snap to fetch.
-     * @returns A tuple of the Snap manifest object and the Snap source code.
-     */
-    async fetchSnap(snapId, versionRange = snaps_utils_1.DEFAULT_REQUESTED_SNAP_VERSION) {
+        const rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRollbackSnapshot).call(this, snapId);
+        if (rollbackSnapshot !== undefined) {
+            rollbackSnapshot.permissions.revoked = unusedPermissions;
+            rollbackSnapshot.permissions.granted = Object.keys(approvedNewPermissions);
+            rollbackSnapshot.permissions.requestData = requestData;
+        }
+        const sourceCode = (_a = newSnap.files
+            .find((file) => file.path === newSnap.manifest.result.source.location.npm.filePath)) === null || _a === void 0 ? void 0 : _a.toString();
+        (0, utils_1.assert)(sourceCode !== undefined);
         try {
-            const snapPrefix = (0, snaps_utils_1.getSnapPrefix)(snapId);
-            switch (snapPrefix) {
-                case snaps_utils_1.SnapIdPrefixes.local:
-                    return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_fetchLocalSnap).call(this, snapId.replace(snaps_utils_1.SnapIdPrefixes.local, ''));
-                case snaps_utils_1.SnapIdPrefixes.npm:
-                    return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_fetchNpmSnap).call(this, snapId.replace(snaps_utils_1.SnapIdPrefixes.npm, ''), versionRange);
-                /* istanbul ignore next */
-                default:
-                    // This whill fail to compile if the above switch is not fully exhaustive
-                    return (0, utils_1.assertExhaustive)(snapPrefix);
-            }
+            await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_startSnap).call(this, { snapId, sourceCode });
         }
-        catch (error) {
-            throw new Error(`Failed to fetch Snap "${snapId}": ${error.message}`);
+        catch (_c) {
+            throw new Error(`Snap ${snapId} crashed with updated source code.`);
         }
+        const truncatedSnap = this.getTruncatedExpect(snapId);
+        this.messagingSystem.publish('SnapController:snapUpdated', truncatedSnap, snap.version);
+        return truncatedSnap;
     }
     /**
      * Initiates a request for the given snap's initial permissions.
@@ -850,7 +843,7 @@ class SnapController extends base_controller_1.BaseControllerV2 {
     }
 }
 exports.SnapController = SnapController;
-_SnapController_closeAllConnections = new WeakMap(), _SnapController_environmentEndowmentPermissions = new WeakMap(), _SnapController_featureFlags = new WeakMap(), _SnapController_fetchFunction = new WeakMap(), _SnapController_idleTimeCheckInterval = new WeakMap(), _SnapController_checkSnapBlockList = new WeakMap(), _SnapController_maxIdleTime = new WeakMap(), _SnapController_npmRegistryUrl = new WeakMap(), _SnapController_getAppKey = new WeakMap(), _SnapController_timeoutForLastRequestStatus = new WeakMap(), _SnapController_statusMachine = new WeakMap(), _SnapController_instances = new WeakSet(), _SnapController_initializeStateMachine = function _SnapController_initializeStateMachine() {
+_SnapController_closeAllConnections = new WeakMap(), _SnapController_environmentEndowmentPermissions = new WeakMap(), _SnapController_featureFlags = new WeakMap(), _SnapController_fetchFunction = new WeakMap(), _SnapController_idleTimeCheckInterval = new WeakMap(), _SnapController_checkSnapBlockList = new WeakMap(), _SnapController_maxIdleTime = new WeakMap(), _SnapController_npmRegistryUrl = new WeakMap(), _SnapController_detectSnapLocation = new WeakMap(), _SnapController_rollbackSnapshots = new WeakMap(), _SnapController_getAppKey = new WeakMap(), _SnapController_timeoutForLastRequestStatus = new WeakMap(), _SnapController_statusMachine = new WeakMap(), _SnapController_instances = new WeakSet(), _SnapController_initializeStateMachine = function _SnapController_initializeStateMachine() {
     const disableGuard = ({ snapId }) => {
         return this.getExpect(snapId).enabled;
     };
@@ -1020,15 +1013,8 @@ async function _SnapController_terminateSnap(snapId) {
  * @returns The resulting snap object.
  */
 async function _SnapController_add(args) {
-    const { id: snapId } = args;
+    const { id: snapId, location } = args;
     (0, snaps_utils_1.validateSnapId)(snapId);
-    if (!args ||
-        !('origin' in args) ||
-        !('id' in args) ||
-        (!('manifest' in args) && 'sourceCode' in args) ||
-        ('manifest' in args && !('sourceCode' in args))) {
-        throw new Error(`Invalid add snap args for snap "${snapId}".`);
-    }
     __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_setupRuntime).call(this, snapId, { sourceCode: null, state: null });
     const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
     if (!runtime.installPromise) {
@@ -1036,13 +1022,10 @@ async function _SnapController_add(args) {
         // If fetching and setting the snap succeeds, this property will be set
         // to null in the authorize() method.
         runtime.installPromise = (async () => {
-            if ('manifest' in args && 'sourceCode' in args) {
-                return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_set).call(this, Object.assign(Object.assign({}, args), { id: snapId }));
-            }
-            const fetchedSnap = await this.fetchSnap(snapId, args.versionRange);
+            const fetchedSnap = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_fetchSnap).call(this, snapId, location);
             await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertIsUnblocked).call(this, snapId, {
-                version: fetchedSnap.manifest.version,
-                shasum: fetchedSnap.manifest.source.shasum,
+                version: fetchedSnap.manifest.result.version,
+                shasum: fetchedSnap.manifest.result.source.shasum,
             });
             return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_set).call(this, Object.assign(Object.assign(Object.assign({}, args), fetchedSnap), { id: snapId }));
         })();
@@ -1109,25 +1092,23 @@ async function _SnapController_getEndowments(snapId) {
     }
     return dedupedEndowments;
 }, _SnapController_set = function _SnapController_set(args) {
-    var _a;
-    const { id: snapId, origin, manifest, sourceCode, svgIcon, versionRange = snaps_utils_1.DEFAULT_REQUESTED_SNAP_VERSION, } = args;
-    (0, snaps_utils_1.assertIsSnapManifest)(manifest);
-    const { version } = manifest;
+    var _a, _b;
+    const { id: snapId, origin, manifest, files, versionRange = snaps_utils_1.DEFAULT_REQUESTED_SNAP_VERSION, isUpdate = false, } = args;
+    (0, snaps_utils_1.assertIsSnapManifest)(manifest.result);
+    const { version } = manifest.result;
     if (!(0, snaps_utils_1.satisfiesVersionRange)(version, versionRange)) {
         throw new Error(`Version mismatch. Manifest for "${snapId}" specifies version "${version}" which doesn't satisfy requested version range "${versionRange}"`);
     }
+    const sourceCode = (_a = files
+        .find((file) => file.path === manifest.result.source.location.npm.filePath)) === null || _a === void 0 ? void 0 : _a.toString();
+    const svgIcon = files.find((file) => file.path === manifest.result.source.location.npm.iconPath);
+    (0, utils_1.assert)(sourceCode !== undefined);
     if (typeof sourceCode !== 'string' || sourceCode.length === 0) {
         throw new Error(`Invalid source code for snap "${snapId}".`);
     }
-    const initialPermissions = manifest === null || manifest === void 0 ? void 0 : manifest.initialPermissions;
-    if (!initialPermissions ||
-        typeof initialPermissions !== 'object' ||
-        Array.isArray(initialPermissions)) {
-        throw new Error(`Invalid initial permissions for snap "${snapId}".`);
-    }
     const snapsState = this.state.snaps;
     const existingSnap = snapsState[snapId];
-    const previousVersionHistory = (_a = existingSnap === null || existingSnap === void 0 ? void 0 : existingSnap.versionHistory) !== null && _a !== void 0 ? _a : [];
+    const previousVersionHistory = (_b = existingSnap === null || existingSnap === void 0 ? void 0 : existingSnap.versionHistory) !== null && _b !== void 0 ? _b : [];
     const versionHistory = [
         ...previousVersionHistory,
         {
@@ -1141,52 +1122,54 @@ async function _SnapController_getEndowments(snapId) {
         // previous state.
         blocked: false, enabled: true, 
         // So we can easily correlate the snap with its permission
-        permissionName: (0, snaps_utils_1.getSnapPermissionName)(snapId), id: snapId, initialPermissions,
-        manifest, status: __classPrivateFieldGet(this, _SnapController_statusMachine, "f").config.initial, version,
+        permissionName: (0, snaps_utils_1.getSnapPermissionName)(snapId), id: snapId, initialPermissions: manifest.result.initialPermissions, manifest: manifest.result, status: __classPrivateFieldGet(this, _SnapController_statusMachine, "f").config.initial, version,
         versionHistory });
     // If the snap was blocked, it isn't any longer
     delete snap.blockInformation;
     // store the snap back in state
-    this.update((state) => {
+    const { inversePatches } = this.update((state) => {
         state.snaps[snapId] = snap;
     });
+    // checking for isUpdate here as this function is also used in
+    // the install flow, we do not care to create snapshots for installs
+    if (isUpdate) {
+        const rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRollbackSnapshot).call(this, snapId);
+        if (rollbackSnapshot !== undefined) {
+            rollbackSnapshot.statePatches = inversePatches;
+        }
+    }
     const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
     runtime.sourceCode = sourceCode;
-    this.messagingSystem.publish(`SnapController:snapAdded`, snap, svgIcon);
+    this.messagingSystem.publish(`SnapController:snapAdded`, snap, svgIcon === null || svgIcon === void 0 ? void 0 : svgIcon.toString());
     return Object.assign(Object.assign({}, snap), { sourceCode });
-}, _SnapController_fetchNpmSnap = async function _SnapController_fetchNpmSnap(packageName, versionRange) {
-    if (!(0, snaps_utils_1.isValidSemVerRange)(versionRange)) {
-        throw new Error(`Received invalid Snap version range: "${versionRange}".`);
-    }
-    const { manifest, sourceCode, svgIcon } = await (0, utils_3.fetchNpmSnap)(packageName, versionRange, __classPrivateFieldGet(this, _SnapController_npmRegistryUrl, "f"), __classPrivateFieldGet(this, _SnapController_fetchFunction, "f"));
-    return { manifest, sourceCode, svgIcon };
-}, _SnapController_fetchLocalSnap = 
+}, _SnapController_fetchSnap = 
 /**
- * Fetches the manifest and source code of a local snap.
+ * Fetches the manifest and source code of a snap.
+ *
+ * This function is not hash private yet because of tests.
  *
- * @param localhostUrl - The localhost URL to download from.
- * @returns The validated manifest and the source code.
+ * @param snapId - The id of the Snap.
+ * @param location - Source from which snap will be fetched.
+ * @returns A tuple of the Snap manifest object and the Snap source code.
  */
-async function _SnapController_fetchLocalSnap(localhostUrl) {
-    // Local snaps are mostly used for development purposes. Fetches were cached in the browser and were not requested
-    // afterwards which lead to confusing development where old versions of snaps were installed.
-    // Thus we disable caching
-    const fetchOptions = { cache: 'no-cache' };
-    const manifestUrl = new URL(snaps_utils_1.NpmSnapFileNames.Manifest, localhostUrl);
-    if (!snaps_utils_1.LOCALHOST_HOSTNAMES.has(manifestUrl.hostname)) {
-        throw new Error(`Invalid URL: Locally hosted Snaps must be hosted on localhost. Received URL: "${manifestUrl.toString()}"`);
-    }
-    const manifest = await (await __classPrivateFieldGet(this, _SnapController_fetchFunction, "f").call(this, manifestUrl.toString(), fetchOptions)).json();
-    (0, snaps_utils_1.assertIsSnapManifest)(manifest);
-    const { source: { location: { npm: { filePath, iconPath }, }, }, } = manifest;
-    const [sourceCode, svgIcon] = await Promise.all([
-        (await __classPrivateFieldGet(this, _SnapController_fetchFunction, "f").call(this, new URL(filePath, localhostUrl).toString(), fetchOptions)).text(),
-        iconPath
-            ? (await __classPrivateFieldGet(this, _SnapController_fetchFunction, "f").call(this, new URL(iconPath, localhostUrl).toString(), fetchOptions)).text()
-            : undefined,
-    ]);
-    (0, snaps_utils_1.validateSnapShasum)(manifest, sourceCode);
-    return { manifest, sourceCode, svgIcon };
+async function _SnapController_fetchSnap(snapId, location) {
+    try {
+        const manifest = await location.manifest();
+        const sourceCode = await location.fetch(manifest.result.source.location.npm.filePath);
+        (0, snaps_utils_1.validateSnapShasum)(manifest.result, sourceCode.toString());
+        const { iconPath } = manifest.result.source.location.npm;
+        const files = [sourceCode];
+        if (iconPath) {
+            files.push(await location.fetch(iconPath));
+        }
+        return { manifest, files, location };
+    }
+    catch (error) {
+        // TODO(ritave): Export `getErrorMessage()` from @metamask/utils and use it here
+        //               https://github.com/MetaMask/utils/blob/62d022ef83c91fa4d150e51913be4441508a0ab1/src/assert.ts
+        const message = error instanceof Error ? error.message : error.toString();
+        throw new Error(`Failed to fetch Snap "${snapId}": ${message}.`);
+    }
 }, _SnapController_processSnapPermissions = function _SnapController_processSnapPermissions(initialPermissions) {
     return (0, snaps_utils_1.fromEntries)(Object.entries(initialPermissions).map(([initialPermission, value]) => {
         if ((0, utils_1.hasProperty)(rpc_methods_1.caveatMappers, initialPermission)) {
@@ -1198,8 +1181,11 @@ async function _SnapController_fetchLocalSnap(localhostUrl) {
                 endowments_1.endowmentCaveatMappers[initialPermission](value),
             ];
         }
-        (0, utils_1.assert)(Object.keys(value).length === 0);
-        return [initialPermission, {}];
+        // If we have no mapping, this may be a non-snap permission, return as-is
+        return [
+            initialPermission,
+            value,
+        ];
     }));
 }, _SnapController_getRpcRequestHandler = function _SnapController_getRpcRequestHandler(snapId) {
     const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
@@ -1297,6 +1283,72 @@ async function _SnapController_executeWithTimeout(snapId, promise, timer) {
     if (runtime.pendingInboundRequests.length === 0) {
         runtime.lastRequest = Date.now();
     }
+}, _SnapController_getRollbackSnapshot = function _SnapController_getRollbackSnapshot(snapId) {
+    return __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").get(snapId);
+}, _SnapController_createRollbackSnapshot = function _SnapController_createRollbackSnapshot(snapId) {
+    (0, utils_1.assert)(__classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").get(snapId) === undefined, new Error(`Snap "${snapId}" rollback snapshot already exists.`));
+    __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").set(snapId, {
+        statePatches: [],
+        sourceCode: '',
+        permissions: { revoked: null, granted: [], requestData: null },
+        newVersion: '',
+    });
+    const newRollbackSnapshot = __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").get(snapId);
+    (0, utils_1.assert)(newRollbackSnapshot !== undefined, new Error(`Snapshot creation failed for ${snapId}.`));
+    return newRollbackSnapshot;
+}, _SnapController_rollbackSnap = 
+/**
+ * Rolls back a snap to its previous state, permissions
+ * and source code based on the `RollbackSnapshot` that
+ * is captured during the update process. After rolling back,
+ * the function also emits an event indicating that the
+ * snap has been rolled back and it clears the snapshot
+ * for that snap.
+ *
+ * @param snapId - The snap id.
+ * @throws {@link Error}. If a snapshot does not exist.
+ */
+async function _SnapController_rollbackSnap(snapId) {
+    var _a;
+    const rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRollbackSnapshot).call(this, snapId);
+    if (!rollbackSnapshot) {
+        throw new Error('A snapshot does not exist for this snap.');
+    }
+    await this.stopSnap(snapId, snaps_utils_1.SnapStatusEvents.Stop);
+    const { statePatches, sourceCode, permissions } = rollbackSnapshot;
+    if (statePatches === null || statePatches === void 0 ? void 0 : statePatches.length) {
+        this.applyPatches(statePatches);
+    }
+    if (sourceCode) {
+        const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
+        runtime.sourceCode = sourceCode;
+    }
+    if (permissions.revoked && Object.keys(permissions.revoked).length) {
+        this.messagingSystem.call('PermissionController:grantPermissions', {
+            approvedPermissions: permissions.revoked,
+            subject: { origin: snapId },
+            requestData: permissions.requestData,
+        });
+    }
+    if ((_a = permissions.granted) === null || _a === void 0 ? void 0 : _a.length) {
+        this.messagingSystem.call('PermissionController:revokePermissions', {
+            [snapId]: permissions.granted,
+        });
+    }
+    const truncatedSnap = this.getTruncatedExpect(snapId);
+    this.messagingSystem.publish('SnapController:snapRolledback', truncatedSnap, rollbackSnapshot.newVersion);
+    __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").delete(snapId);
+}, _SnapController_rollbackSnaps = 
+/**
+ * Iterates through an array of snap ids
+ * and calls `rollbackSnap` on them.
+ *
+ * @param snapIds - An array of snap ids.
+ */
+async function _SnapController_rollbackSnaps(snapIds) {
+    for (const snapId of snapIds) {
+        await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_rollbackSnap).call(this, snapId);
+    }
 }, _SnapController_getRuntime = function _SnapController_getRuntime(snapId) {
     return this.snapsRuntimeData.get(snapId);
 }, _SnapController_getRuntimeExpect = function _SnapController_getRuntimeExpect(snapId) {
@@ -1327,5 +1379,14 @@ async function _SnapController_executeWithTimeout(snapId, promise, timer) {
     // oldPermissions ∖ (oldPermissions ∖ desiredPermissionsSet) ⟺ oldPermissions ∩ desiredPermissionsSet
     const approvedPermissions = (0, utils_2.setDiff)(oldPermissions, unusedPermissions);
     return { newPermissions, unusedPermissions, approvedPermissions };
+}, _SnapController_isValidUpdate = function _SnapController_isValidUpdate(snapId, newVersionRange) {
+    const existingSnap = this.getExpect(snapId);
+    if ((0, snaps_utils_1.satisfiesVersionRange)(existingSnap.version, newVersionRange)) {
+        return false;
+    }
+    if ((0, snaps_utils_1.gtRange)(existingSnap.version, newVersionRange)) {
+        return false;
+    }
+    return true;
 };
 //# sourceMappingURL=SnapController.js.map