@metamask/snaps-controllers 0.27.1 → 0.29.0

package/dist/services/iframe/IframeExecutionService.js

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.IframeExecutionService = void 0;
 const post_message_stream_1 = require("@metamask/post-message-stream");
+const snaps_utils_1 = require("@metamask/snaps-utils");
 const AbstractExecutionService_1 = require("../AbstractExecutionService");
 class IframeExecutionService extends AbstractExecutionService_1.AbstractExecutionService {
     constructor({ iframeUrl, messenger, setupSnapProvider, }) {
@@ -16,7 +17,7 @@ class IframeExecutionService extends AbstractExecutionService_1.AbstractExecutio
         (_a = document.getElementById(jobWrapper.id)) === null || _a === void 0 ? void 0 : _a.remove();
     }
     async initEnvStream(jobId) {
-        const iframeWindow = await this.createWindow(this.iframeUrl.toString(), jobId);
+        const iframeWindow = await (0, snaps_utils_1.createWindow)(this.iframeUrl.toString(), jobId);
         const stream = new post_message_stream_1.WindowPostMessageStream({
             name: 'parent',
             target: 'child',
@@ -25,58 +26,6 @@ class IframeExecutionService extends AbstractExecutionService_1.AbstractExecutio
         });
         return { worker: iframeWindow, stream };
     }
-    /**
-     * Creates the iframe to be used as the execution environment. This may run
-     * forever if the iframe never loads, but the promise should be wrapped in
-     * an initialization timeout in the SnapController.
-     *
-     * @param uri - The iframe URI.
-     * @param jobId - The job id.
-     * @returns A promise that resolves to the contentWindow of the iframe.
-     */
-    async createWindow(uri, jobId) {
-        return new Promise((resolve, reject) => {
-            const iframe = document.createElement('iframe');
-            // The order of operations appears to matter for everything except this
-            // attribute. We may as well set it here.
-            iframe.setAttribute('id', jobId);
-            // In the past, we've had problems that appear to be symptomatic of the
-            // iframe firing the `load` event before its scripts are actually loaded,
-            // which has prevented snaps from executing properly. Therefore, we set
-            // the `src` attribute and append the iframe to the DOM before attaching
-            // the `load` listener.
-            //
-            // `load` should only fire when "all dependent resources" have been
-            // loaded, which includes scripts.
-            //
-            // MDN article for `load` event: https://developer.mozilla.org/en-US/docs/Web/API/Window/load_event
-            // Re: `load` firing twice: https://stackoverflow.com/questions/10781880/dynamically-created-iframe-triggers-onload-event-twice/15880489#15880489
-            iframe.setAttribute('src', uri);
-            document.body.appendChild(iframe);
-            iframe.addEventListener('load', () => {
-                if (iframe.contentWindow) {
-                    resolve(iframe.contentWindow);
-                }
-                else {
-                    // We don't know of a case when this would happen, but better to fail
-                    // fast if it does.
-                    reject(new Error(`iframe.contentWindow not present on load for job "${jobId}".`));
-                }
-            });
-            // We need to set the sandbox attribute after appending the iframe to the
-            // DOM, otherwise errors in the iframe will not be propagated via `error`
-            // and `unhandledrejection` events, and we cannot catch and handle them.
-            // We wish we knew why this was the case.
-            //
-            // We set this property after adding the `load` listener because it
-            // appears to work dependably. ¯\_(ツ)_/¯
-            //
-            // We apply this property as a principle of least authority (POLA)
-            // measure.
-            // Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe#attr-sandbox
-            iframe.setAttribute('sandbox', 'allow-scripts');
-        });
-    }
 }
 exports.IframeExecutionService = IframeExecutionService;
 //# sourceMappingURL=IframeExecutionService.js.map

package/dist/services/iframe/IframeExecutionService.js.map

@@ -1 +1 @@
-{"version":3,"file":"IframeExecutionService.js","sourceRoot":"","sources":["../../../src/services/iframe/IframeExecutionService.ts"],"names":[],"mappings":";;;AAAA,uEAGuC;AAEvC,0EAIqC;AAMrC,MAAa,sBAAuB,SAAQ,mDAAgC;IAG1E,YAAY,EACV,SAAS,EACT,SAAS,EACT,iBAAiB,GACqB;QACtC,KAAK,CAAC;YACJ,SAAS;YACT,iBAAiB;SAClB,CAAC,CAAC;QACH,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;IAES,YAAY,CAAC,UAAuB;;QAC5C,MAAA,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,EAAE,CAAC,0CAAE,MAAM,EAAE,CAAC;IACnD,CAAC;IAES,KAAK,CAAC,aAAa,CAAC,KAAa;QAIzC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,YAAY,CAC1C,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,EACzB,KAAK,CACN,CAAC;QACF,MAAM,MAAM,GAAG,IAAI,6CAAuB,CAAC;YACzC,IAAI,EAAE,QAAQ;YACd,MAAM,EAAE,OAAO;YACf,YAAY,EAAE,YAAY;YAC1B,YAAY,EAAE,GAAG;SAClB,CAAC,CAAC;QAEH,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IAC1C,CAAC;IAED;;;;;;;;OAQG;IACK,KAAK,CAAC,YAAY,CAAC,GAAW,EAAE,KAAa;QACnD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;YAChD,uEAAuE;YACvE,yCAAyC;YACzC,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAEjC,uEAAuE;YACvE,yEAAyE;YACzE,uEAAuE;YACvE,wEAAwE;YACxE,uBAAuB;YACvB,EAAE;YACF,mEAAmE;YACnE,kCAAkC;YAClC,EAAE;YACF,mGAAmG;YACnG,iJAAiJ;YACjJ,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YAElC,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,GAAG,EAAE;gBACnC,IAAI,MAAM,CAAC,aAAa,EAAE;oBACxB,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;iBAC/B;qBAAM;oBACL,qEAAqE;oBACrE,mBAAmB;oBACnB,MAAM,CACJ,IAAI,KAAK,CACP,qDAAqD,KAAK,IAAI,CAC/D,CACF,CAAC;iBACH;YACH,CAAC,CAAC,CAAC;YAEH,yEAAyE;YACzE,yEAAyE;YACzE,wEAAwE;YACxE,yCAAyC;YACzC,EAAE;YACF,mEAAmE;YACnE,wCAAwC;YACxC,EAAE;YACF,kEAAkE;YAClE,WAAW;YACX,qFAAqF;YACrF,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AA/FD,wDA+FC","sourcesContent":["import {\n  WindowPostMessageStream,\n  BasePostMessageStream,\n} from '@metamask/post-message-stream';\n\nimport {\n  Job,\n  AbstractExecutionService,\n  ExecutionServiceArgs,\n} from '../AbstractExecutionService';\n\ntype IframeExecutionEnvironmentServiceArgs = {\n  iframeUrl: URL;\n} & ExecutionServiceArgs;\n\nexport class IframeExecutionService extends AbstractExecutionService<Window> {\n  public iframeUrl: URL;\n\n  constructor({\n    iframeUrl,\n    messenger,\n    setupSnapProvider,\n  }: IframeExecutionEnvironmentServiceArgs) {\n    super({\n      messenger,\n      setupSnapProvider,\n    });\n    this.iframeUrl = iframeUrl;\n  }\n\n  protected terminateJob(jobWrapper: Job<Window>): void {\n    document.getElementById(jobWrapper.id)?.remove();\n  }\n\n  protected async initEnvStream(jobId: string): Promise<{\n    worker: Window;\n    stream: BasePostMessageStream;\n  }> {\n    const iframeWindow = await this.createWindow(\n      this.iframeUrl.toString(),\n      jobId,\n    );\n    const stream = new WindowPostMessageStream({\n      name: 'parent',\n      target: 'child',\n      targetWindow: iframeWindow,\n      targetOrigin: '*',\n    });\n\n    return { worker: iframeWindow, stream };\n  }\n\n  /**\n   * Creates the iframe to be used as the execution environment. This may run\n   * forever if the iframe never loads, but the promise should be wrapped in\n   * an initialization timeout in the SnapController.\n   *\n   * @param uri - The iframe URI.\n   * @param jobId - The job id.\n   * @returns A promise that resolves to the contentWindow of the iframe.\n   */\n  private async createWindow(uri: string, jobId: string): Promise<Window> {\n    return new Promise((resolve, reject) => {\n      const iframe = document.createElement('iframe');\n      // The order of operations appears to matter for everything except this\n      // attribute. We may as well set it here.\n      iframe.setAttribute('id', jobId);\n\n      // In the past, we've had problems that appear to be symptomatic of the\n      // iframe firing the `load` event before its scripts are actually loaded,\n      // which has prevented snaps from executing properly. Therefore, we set\n      // the `src` attribute and append the iframe to the DOM before attaching\n      // the `load` listener.\n      //\n      // `load` should only fire when \"all dependent resources\" have been\n      // loaded, which includes scripts.\n      //\n      // MDN article for `load` event: https://developer.mozilla.org/en-US/docs/Web/API/Window/load_event\n      // Re: `load` firing twice: https://stackoverflow.com/questions/10781880/dynamically-created-iframe-triggers-onload-event-twice/15880489#15880489\n      iframe.setAttribute('src', uri);\n      document.body.appendChild(iframe);\n\n      iframe.addEventListener('load', () => {\n        if (iframe.contentWindow) {\n          resolve(iframe.contentWindow);\n        } else {\n          // We don't know of a case when this would happen, but better to fail\n          // fast if it does.\n          reject(\n            new Error(\n              `iframe.contentWindow not present on load for job \"${jobId}\".`,\n            ),\n          );\n        }\n      });\n\n      // We need to set the sandbox attribute after appending the iframe to the\n      // DOM, otherwise errors in the iframe will not be propagated via `error`\n      // and `unhandledrejection` events, and we cannot catch and handle them.\n      // We wish we knew why this was the case.\n      //\n      // We set this property after adding the `load` listener because it\n      // appears to work dependably. ¯\\_(ツ)_/¯\n      //\n      // We apply this property as a principle of least authority (POLA)\n      // measure.\n      // Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe#attr-sandbox\n      iframe.setAttribute('sandbox', 'allow-scripts');\n    });\n  }\n}\n"]}
+{"version":3,"file":"IframeExecutionService.js","sourceRoot":"","sources":["../../../src/services/iframe/IframeExecutionService.ts"],"names":[],"mappings":";;;AAAA,uEAGuC;AACvC,uDAAqD;AAErD,0EAIqC;AAMrC,MAAa,sBAAuB,SAAQ,mDAAgC;IAG1E,YAAY,EACV,SAAS,EACT,SAAS,EACT,iBAAiB,GACqB;QACtC,KAAK,CAAC;YACJ,SAAS;YACT,iBAAiB;SAClB,CAAC,CAAC;QACH,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;IAES,YAAY,CAAC,UAAuB;;QAC5C,MAAA,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,EAAE,CAAC,0CAAE,MAAM,EAAE,CAAC;IACnD,CAAC;IAES,KAAK,CAAC,aAAa,CAAC,KAAa;QAIzC,MAAM,YAAY,GAAG,MAAM,IAAA,0BAAY,EAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC;QAE1E,MAAM,MAAM,GAAG,IAAI,6CAAuB,CAAC;YACzC,IAAI,EAAE,QAAQ;YACd,MAAM,EAAE,OAAO;YACf,YAAY,EAAE,YAAY;YAC1B,YAAY,EAAE,GAAG;SAClB,CAAC,CAAC;QAEH,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IAC1C,CAAC;CACF;AAlCD,wDAkCC","sourcesContent":["import {\n  WindowPostMessageStream,\n  BasePostMessageStream,\n} from '@metamask/post-message-stream';\nimport { createWindow } from '@metamask/snaps-utils';\n\nimport {\n  Job,\n  AbstractExecutionService,\n  ExecutionServiceArgs,\n} from '../AbstractExecutionService';\n\ntype IframeExecutionEnvironmentServiceArgs = {\n  iframeUrl: URL;\n} & ExecutionServiceArgs;\n\nexport class IframeExecutionService extends AbstractExecutionService<Window> {\n  public iframeUrl: URL;\n\n  constructor({\n    iframeUrl,\n    messenger,\n    setupSnapProvider,\n  }: IframeExecutionEnvironmentServiceArgs) {\n    super({\n      messenger,\n      setupSnapProvider,\n    });\n    this.iframeUrl = iframeUrl;\n  }\n\n  protected terminateJob(jobWrapper: Job<Window>): void {\n    document.getElementById(jobWrapper.id)?.remove();\n  }\n\n  protected async initEnvStream(jobId: string): Promise<{\n    worker: Window;\n    stream: BasePostMessageStream;\n  }> {\n    const iframeWindow = await createWindow(this.iframeUrl.toString(), jobId);\n\n    const stream = new WindowPostMessageStream({\n      name: 'parent',\n      target: 'child',\n      targetWindow: iframeWindow,\n      targetOrigin: '*',\n    });\n\n    return { worker: iframeWindow, stream };\n  }\n}\n"]}

package/dist/services/iframe/test/fixJSDOMPostMessageEventSource.js

@@ -2,46 +2,6 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 // Fix for JSDOM not setting `event.origin` or `event.source`: https://github.com/jsdom/jsdom/issues/2745
 const fixJSDOMPostMessageEventSource = (iframeExecutionService) => {
-    const oldCreateWindow = iframeExecutionService.createWindow;
-    iframeExecutionService.createWindow = async (uri, envId, timeout) => {
-        const result = await oldCreateWindow(uri, envId, timeout);
-        const scriptElement = result.document.createElement('script');
-        if (!scriptElement) {
-            return result;
-        }
-        // fix the inside window
-        scriptElement.textContent = `
-    window.addEventListener('message', (postMessageEvent) => {
-      if (postMessageEvent.source === null && !postMessageEvent.origin) {
-        let source;
-        let postMessageEventOrigin;
-        if (postMessageEvent.data.target === 'child') {
-          source = window.parent;
-          postMessageEventOrigin = '*';
-        } else if (postMessageEvent.data.target === 'parent') {
-          source = window;
-          postMessageEventOrigin = window.location.origin;
-        }
-        if (postMessageEvent.data.target) {
-          postMessageEvent.stopImmediatePropagation();
-          const args = Object.assign({
-            ...postMessageEvent,
-            data: postMessageEvent.data,
-            source,
-            origin: postMessageEventOrigin,
-          });
-          const postMessageEventWithOrigin = new MessageEvent(
-            'message',
-            args,
-          );
-          window.dispatchEvent(postMessageEventWithOrigin);
-        }
-      }
-    });
-  `;
-        result.document.body.appendChild(scriptElement);
-        return result;
-    };
     const listener = (event) => {
         if (event.source === null && !event.origin) {
             let source;

package/dist/services/iframe/test/fixJSDOMPostMessageEventSource.js.map

@@ -1 +1 @@
-{"version":3,"file":"fixJSDOMPostMessageEventSource.js","sourceRoot":"","sources":["../../../../src/services/iframe/test/fixJSDOMPostMessageEventSource.ts"],"names":[],"mappings":";;AAEA,yGAAyG;AACzG,MAAM,8BAA8B,GAAG,CACrC,sBAA8C,EAC9C,EAAE;IACF,MAAM,eAAe,GAAI,sBAA8B,CAAC,YAAY,CAAC;IACpE,sBAA8B,CAAC,YAAY,GAAG,KAAK,EAClD,GAAW,EACX,KAAa,EACb,OAAe,EACf,EAAE;QACF,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;QAE1D,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QAE9D,IAAI,CAAC,aAAa,EAAE;YAClB,OAAO,MAAM,CAAC;SACf;QAED,wBAAwB;QACxB,aAAa,CAAC,WAAW,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4B7B,CAAC;QACA,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;QAEhD,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IAEF,MAAM,QAAQ,GAAG,CAAC,KAAmB,EAAE,EAAE;QACvC,IAAI,KAAK,CAAC,MAAM,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YAC1C,IAAI,MAAM,CAAC;YACX,IAAI,MAAM,CAAC;YACX,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE;gBACjC,MAAM,GAAG,MAAM,CAAC;gBAChB,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;aACjC;iBAAM,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,KAAK,QAAQ,EAAE;gBACzC,8CAA8C;gBAC9C,MAAM,EAAE,MAAM,EAAE,GAAG,sBAAsB,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;gBACrE,MAAM,GAAG,MAAM,CAAC;gBAChB,MAAM,GAAG,sBAAsB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;aACtD;YAED,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE;gBACrB,KAAK,CAAC,wBAAwB,EAAE,CAAC;gBACjC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,iCACrB,KAAK,KACR,IAAI,EAAE,KAAK,CAAC,IAAI,EAChB,MAAM;oBACN,MAAM,IACN,CAAC;gBACH,MAAM,eAAe,GAAiB,IAAI,YAAY,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;gBACxE,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;aACvC;SACF;IACH,CAAC,CAAC;IAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAE7C,OAAO,GAAG,EAAE;QACV,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAClD,CAAC,CAAC;AACJ,CAAC,CAAC;AAEF,kBAAe,8BAA8B,CAAC","sourcesContent":["import { IframeExecutionService } from '../IframeExecutionService';\n\n// Fix for JSDOM not setting `event.origin` or `event.source`: https://github.com/jsdom/jsdom/issues/2745\nconst fixJSDOMPostMessageEventSource = (\n  iframeExecutionService: IframeExecutionService,\n) => {\n  const oldCreateWindow = (iframeExecutionService as any).createWindow;\n  (iframeExecutionService as any).createWindow = async (\n    uri: string,\n    envId: string,\n    timeout: number,\n  ) => {\n    const result = await oldCreateWindow(uri, envId, timeout);\n\n    const scriptElement = result.document.createElement('script');\n\n    if (!scriptElement) {\n      return result;\n    }\n\n    // fix the inside window\n    scriptElement.textContent = `\n    window.addEventListener('message', (postMessageEvent) => {\n      if (postMessageEvent.source === null && !postMessageEvent.origin) {\n        let source;\n        let postMessageEventOrigin;\n        if (postMessageEvent.data.target === 'child') {\n          source = window.parent;\n          postMessageEventOrigin = '*';\n        } else if (postMessageEvent.data.target === 'parent') {\n          source = window;\n          postMessageEventOrigin = window.location.origin;\n        }\n        if (postMessageEvent.data.target) {\n          postMessageEvent.stopImmediatePropagation();\n          const args = Object.assign({\n            ...postMessageEvent,\n            data: postMessageEvent.data,\n            source,\n            origin: postMessageEventOrigin,\n          });\n          const postMessageEventWithOrigin = new MessageEvent(\n            'message',\n            args,\n          );\n          window.dispatchEvent(postMessageEventWithOrigin);\n        }\n      }\n    });\n  `;\n    result.document.body.appendChild(scriptElement);\n\n    return result;\n  };\n\n  const listener = (event: MessageEvent) => {\n    if (event.source === null && !event.origin) {\n      let source;\n      let origin;\n      if (event.data.target === 'child') {\n        source = window;\n        origin = window.location.origin;\n      } else if (event.data.target === 'parent') {\n        // @ts-expect-error Accessing private property\n        const { worker } = iframeExecutionService.jobs.values().next().value;\n        source = worker;\n        origin = iframeExecutionService.iframeUrl.toString();\n      }\n\n      if (event.data.target) {\n        event.stopImmediatePropagation();\n        const args = Object.assign({\n          ...event,\n          data: event.data,\n          source,\n          origin,\n        });\n        const eventWithOrigin: MessageEvent = new MessageEvent('message', args);\n        window.dispatchEvent(eventWithOrigin);\n      }\n    }\n  };\n\n  window.addEventListener('message', listener);\n\n  return () => {\n    window.removeEventListener('message', listener);\n  };\n};\n\nexport default fixJSDOMPostMessageEventSource;\n"]}
+{"version":3,"file":"fixJSDOMPostMessageEventSource.js","sourceRoot":"","sources":["../../../../src/services/iframe/test/fixJSDOMPostMessageEventSource.ts"],"names":[],"mappings":";;AAEA,yGAAyG;AACzG,MAAM,8BAA8B,GAAG,CACrC,sBAA8C,EAC9C,EAAE;IACF,MAAM,QAAQ,GAAG,CAAC,KAAmB,EAAE,EAAE;QACvC,IAAI,KAAK,CAAC,MAAM,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YAC1C,IAAI,MAAM,CAAC;YACX,IAAI,MAAM,CAAC;YACX,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE;gBACjC,MAAM,GAAG,MAAM,CAAC;gBAChB,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;aACjC;iBAAM,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,KAAK,QAAQ,EAAE;gBACzC,8CAA8C;gBAC9C,MAAM,EAAE,MAAM,EAAE,GAAG,sBAAsB,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;gBACrE,MAAM,GAAG,MAAM,CAAC;gBAChB,MAAM,GAAG,sBAAsB,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;aACtD;YAED,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE;gBACrB,KAAK,CAAC,wBAAwB,EAAE,CAAC;gBACjC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,iCACrB,KAAK,KACR,IAAI,EAAE,KAAK,CAAC,IAAI,EAChB,MAAM;oBACN,MAAM,IACN,CAAC;gBACH,MAAM,eAAe,GAAiB,IAAI,YAAY,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;gBACxE,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;aACvC;SACF;IACH,CAAC,CAAC;IAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAE7C,OAAO,GAAG,EAAE;QACV,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAClD,CAAC,CAAC;AACJ,CAAC,CAAC;AAEF,kBAAe,8BAA8B,CAAC","sourcesContent":["import { IframeExecutionService } from '../IframeExecutionService';\n\n// Fix for JSDOM not setting `event.origin` or `event.source`: https://github.com/jsdom/jsdom/issues/2745\nconst fixJSDOMPostMessageEventSource = (\n  iframeExecutionService: IframeExecutionService,\n) => {\n  const listener = (event: MessageEvent) => {\n    if (event.source === null && !event.origin) {\n      let source;\n      let origin;\n      if (event.data.target === 'child') {\n        source = window;\n        origin = window.location.origin;\n      } else if (event.data.target === 'parent') {\n        // @ts-expect-error Accessing private property\n        const { worker } = iframeExecutionService.jobs.values().next().value;\n        source = worker;\n        origin = iframeExecutionService.iframeUrl.toString();\n      }\n\n      if (event.data.target) {\n        event.stopImmediatePropagation();\n        const args = Object.assign({\n          ...event,\n          data: event.data,\n          source,\n          origin,\n        });\n        const eventWithOrigin: MessageEvent = new MessageEvent('message', args);\n        window.dispatchEvent(eventWithOrigin);\n      }\n    }\n  };\n\n  window.addEventListener('message', listener);\n\n  return () => {\n    window.removeEventListener('message', listener);\n  };\n};\n\nexport default fixJSDOMPostMessageEventSource;\n"]}

package/dist/services/index.d.ts

@@ -2,3 +2,4 @@ export * from './AbstractExecutionService';
 export * from './ExecutionService';
 export * from './iframe';
 export * from './node';
+export * from './offscreen';

package/dist/services/index.js

@@ -18,4 +18,5 @@ __exportStar(require("./AbstractExecutionService"), exports);
 __exportStar(require("./ExecutionService"), exports);
 __exportStar(require("./iframe"), exports);
 __exportStar(require("./node"), exports);
+__exportStar(require("./offscreen"), exports);
 //# sourceMappingURL=index.js.map

package/dist/services/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,6DAA2C;AAC3C,qDAAmC;AACnC,2CAAyB;AACzB,yCAAuB","sourcesContent":["export * from './AbstractExecutionService';\nexport * from './ExecutionService';\nexport * from './iframe';\nexport * from './node';\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,6DAA2C;AAC3C,qDAAmC;AACnC,2CAAyB;AACzB,yCAAuB;AACvB,8CAA4B","sourcesContent":["export * from './AbstractExecutionService';\nexport * from './ExecutionService';\nexport * from './iframe';\nexport * from './node';\nexport * from './offscreen';\n"]}

package/dist/services/offscreen/OffscreenExecutionService.d.ts

@@ -0,0 +1,49 @@
+import { AbstractExecutionService, ExecutionServiceArgs, Job } from '../AbstractExecutionService';
+import { OffscreenPostMessageStream } from './OffscreenPostMessageStream';
+declare type OffscreenExecutionEnvironmentServiceArgs = {
+    documentUrl: URL;
+    frameUrl: URL;
+} & ExecutionServiceArgs;
+export declare class OffscreenExecutionService extends AbstractExecutionService<string> {
+    #private;
+    readonly documentUrl: URL;
+    readonly frameUrl: URL;
+    /**
+     * Create a new offscreen execution service.
+     *
+     * @param args - The constructor arguments.
+     * @param args.documentUrl - The URL of the offscreen document to use as the
+     * execution environment. This must be a URL relative to the location where
+     * this is called. This cannot be a public (http(s)) URL.
+     * @param args.frameUrl - The URL of the iframe to load inside the offscreen
+     * document.
+     * @param args.messenger - The messenger to use for communication with the
+     * `SnapController`.
+     * @param args.setupSnapProvider - The function to use to set up the snap
+     * provider.
+     */
+    constructor({ documentUrl, frameUrl, messenger, setupSnapProvider, }: OffscreenExecutionEnvironmentServiceArgs);
+    /**
+     * Send a termination command to the offscreen document.
+     *
+     * @param job - The job to terminate.
+     */
+    protected terminateJob(job: Job<string>): Promise<void>;
+    /**
+     * Create a new stream for the specified job. This wraps the runtime stream
+     * in a stream specific to the job.
+     *
+     * @param jobId - The job ID.
+     */
+    protected initEnvStream(jobId: string): Promise<{
+        worker: string;
+        stream: OffscreenPostMessageStream;
+    }>;
+    /**
+     * Creates the offscreen document to be used as the execution environment.
+     *
+     * If the document already exists, this does nothing.
+     */
+    private createDocument;
+}
+export {};

package/dist/services/offscreen/OffscreenExecutionService.js

@@ -0,0 +1,100 @@
+"use strict";
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _OffscreenExecutionService_runtimeStream;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OffscreenExecutionService = void 0;
+const post_message_stream_1 = require("@metamask/post-message-stream");
+const nanoid_1 = require("nanoid");
+const AbstractExecutionService_1 = require("../AbstractExecutionService");
+const OffscreenPostMessageStream_1 = require("./OffscreenPostMessageStream");
+class OffscreenExecutionService extends AbstractExecutionService_1.AbstractExecutionService {
+    /**
+     * Create a new offscreen execution service.
+     *
+     * @param args - The constructor arguments.
+     * @param args.documentUrl - The URL of the offscreen document to use as the
+     * execution environment. This must be a URL relative to the location where
+     * this is called. This cannot be a public (http(s)) URL.
+     * @param args.frameUrl - The URL of the iframe to load inside the offscreen
+     * document.
+     * @param args.messenger - The messenger to use for communication with the
+     * `SnapController`.
+     * @param args.setupSnapProvider - The function to use to set up the snap
+     * provider.
+     */
+    constructor({ documentUrl, frameUrl, messenger, setupSnapProvider, }) {
+        super({
+            messenger,
+            setupSnapProvider,
+        });
+        _OffscreenExecutionService_runtimeStream.set(this, void 0);
+        this.documentUrl = documentUrl;
+        this.frameUrl = frameUrl;
+        __classPrivateFieldSet(this, _OffscreenExecutionService_runtimeStream, new post_message_stream_1.BrowserRuntimePostMessageStream({
+            name: 'parent',
+            target: 'child',
+        }), "f");
+    }
+    /**
+     * Send a termination command to the offscreen document.
+     *
+     * @param job - The job to terminate.
+     */
+    async terminateJob(job) {
+        // The `AbstractExecutionService` will have already closed the job stream,
+        // so we write to the runtime stream directly.
+        __classPrivateFieldGet(this, _OffscreenExecutionService_runtimeStream, "f").write({
+            jobId: job.id,
+            data: {
+                jsonrpc: '2.0',
+                method: 'terminateJob',
+                id: (0, nanoid_1.nanoid)(),
+            },
+        });
+    }
+    /**
+     * Create a new stream for the specified job. This wraps the runtime stream
+     * in a stream specific to the job.
+     *
+     * @param jobId - The job ID.
+     */
+    async initEnvStream(jobId) {
+        // Lazily create the offscreen document.
+        await this.createDocument();
+        const stream = new OffscreenPostMessageStream_1.OffscreenPostMessageStream({
+            stream: __classPrivateFieldGet(this, _OffscreenExecutionService_runtimeStream, "f"),
+            frameUrl: this.frameUrl.toString(),
+            jobId,
+        });
+        return { worker: jobId, stream };
+    }
+    /**
+     * Creates the offscreen document to be used as the execution environment.
+     *
+     * If the document already exists, this does nothing.
+     */
+    async createDocument() {
+        // Extensions can only have a single offscreen document.
+        if (await chrome.offscreen.hasDocument()) {
+            return;
+        }
+        await chrome.offscreen.createDocument({
+            justification: 'MetaMask Snaps Execution Environment',
+            reasons: ['IFRAME_SCRIPTING'],
+            url: this.documentUrl.toString(),
+        });
+    }
+}
+exports.OffscreenExecutionService = OffscreenExecutionService;
+_OffscreenExecutionService_runtimeStream = new WeakMap();
+//# sourceMappingURL=OffscreenExecutionService.js.map

package/dist/services/offscreen/OffscreenExecutionService.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"OffscreenExecutionService.js","sourceRoot":"","sources":["../../../src/services/offscreen/OffscreenExecutionService.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,uEAAgF;AAChF,mCAAgC;AAEhC,0EAIqC;AACrC,6EAA0E;AAO1E,MAAa,yBAA0B,SAAQ,mDAAgC;IAO7E;;;;;;;;;;;;;OAaG;IACH,YAAY,EACV,WAAW,EACX,QAAQ,EACR,SAAS,EACT,iBAAiB,GACwB;QACzC,KAAK,CAAC;YACJ,SAAS;YACT,iBAAiB;SAClB,CAAC,CAAC;QAzBL,2DAAyD;QA2BvD,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,uBAAA,IAAI,4CAAkB,IAAI,qDAA+B,CAAC;YACxD,IAAI,EAAE,QAAQ;YACd,MAAM,EAAE,OAAO;SAChB,CAAC,MAAA,CAAC;IACL,CAAC;IAED;;;;OAIG;IACO,KAAK,CAAC,YAAY,CAAC,GAAgB;QAC3C,0EAA0E;QAC1E,8CAA8C;QAC9C,uBAAA,IAAI,gDAAe,CAAC,KAAK,CAAC;YACxB,KAAK,EAAE,GAAG,CAAC,EAAE;YACb,IAAI,EAAE;gBACJ,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,cAAc;gBACtB,EAAE,EAAE,IAAA,eAAM,GAAE;aACb;SACF,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACO,KAAK,CAAC,aAAa,CAAC,KAAa;QACzC,wCAAwC;QACxC,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE5B,MAAM,MAAM,GAAG,IAAI,uDAA0B,CAAC;YAC5C,MAAM,EAAE,uBAAA,IAAI,gDAAe;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE;YAClC,KAAK;SACN,CAAC,CAAC;QAEH,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IACnC,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,cAAc;QAC1B,wDAAwD;QACxD,IAAI,MAAM,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE,EAAE;YACxC,OAAO;SACR;QAED,MAAM,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC;YACpC,aAAa,EAAE,sCAAsC;YACrD,OAAO,EAAE,CAAC,kBAAkB,CAAC;YAC7B,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE;SACjC,CAAC,CAAC;IACL,CAAC;CACF;AA9FD,8DA8FC","sourcesContent":["import { BrowserRuntimePostMessageStream } from '@metamask/post-message-stream';\nimport { nanoid } from 'nanoid';\n\nimport {\n  AbstractExecutionService,\n  ExecutionServiceArgs,\n  Job,\n} from '../AbstractExecutionService';\nimport { OffscreenPostMessageStream } from './OffscreenPostMessageStream';\n\ntype OffscreenExecutionEnvironmentServiceArgs = {\n  documentUrl: URL;\n  frameUrl: URL;\n} & ExecutionServiceArgs;\n\nexport class OffscreenExecutionService extends AbstractExecutionService<string> {\n  public readonly documentUrl: URL;\n\n  public readonly frameUrl: URL;\n\n  readonly #runtimeStream: BrowserRuntimePostMessageStream;\n\n  /**\n   * Create a new offscreen execution service.\n   *\n   * @param args - The constructor arguments.\n   * @param args.documentUrl - The URL of the offscreen document to use as the\n   * execution environment. This must be a URL relative to the location where\n   * this is called. This cannot be a public (http(s)) URL.\n   * @param args.frameUrl - The URL of the iframe to load inside the offscreen\n   * document.\n   * @param args.messenger - The messenger to use for communication with the\n   * `SnapController`.\n   * @param args.setupSnapProvider - The function to use to set up the snap\n   * provider.\n   */\n  constructor({\n    documentUrl,\n    frameUrl,\n    messenger,\n    setupSnapProvider,\n  }: OffscreenExecutionEnvironmentServiceArgs) {\n    super({\n      messenger,\n      setupSnapProvider,\n    });\n\n    this.documentUrl = documentUrl;\n    this.frameUrl = frameUrl;\n    this.#runtimeStream = new BrowserRuntimePostMessageStream({\n      name: 'parent',\n      target: 'child',\n    });\n  }\n\n  /**\n   * Send a termination command to the offscreen document.\n   *\n   * @param job - The job to terminate.\n   */\n  protected async terminateJob(job: Job<string>) {\n    // The `AbstractExecutionService` will have already closed the job stream,\n    // so we write to the runtime stream directly.\n    this.#runtimeStream.write({\n      jobId: job.id,\n      data: {\n        jsonrpc: '2.0',\n        method: 'terminateJob',\n        id: nanoid(),\n      },\n    });\n  }\n\n  /**\n   * Create a new stream for the specified job. This wraps the runtime stream\n   * in a stream specific to the job.\n   *\n   * @param jobId - The job ID.\n   */\n  protected async initEnvStream(jobId: string) {\n    // Lazily create the offscreen document.\n    await this.createDocument();\n\n    const stream = new OffscreenPostMessageStream({\n      stream: this.#runtimeStream,\n      frameUrl: this.frameUrl.toString(),\n      jobId,\n    });\n\n    return { worker: jobId, stream };\n  }\n\n  /**\n   * Creates the offscreen document to be used as the execution environment.\n   *\n   * If the document already exists, this does nothing.\n   */\n  private async createDocument() {\n    // Extensions can only have a single offscreen document.\n    if (await chrome.offscreen.hasDocument()) {\n      return;\n    }\n\n    await chrome.offscreen.createDocument({\n      justification: 'MetaMask Snaps Execution Environment',\n      reasons: ['IFRAME_SCRIPTING'],\n      url: this.documentUrl.toString(),\n    });\n  }\n}\n"]}

package/dist/services/offscreen/OffscreenPostMessageStream.d.ts

@@ -0,0 +1,35 @@
+import { BasePostMessageStream } from '@metamask/post-message-stream';
+import { JsonRpcRequest } from '@metamask/utils';
+export declare type OffscreenPostMessageStreamArgs = {
+    stream: BasePostMessageStream;
+    jobId: string;
+    frameUrl: string;
+};
+export declare type OffscreenPostMessage = {
+    jobId: string;
+    data: JsonRpcRequest;
+};
+/**
+ * A post message stream that wraps messages in a job ID, before sending them
+ * over the underlying stream.
+ */
+export declare class OffscreenPostMessageStream extends BasePostMessageStream {
+    #private;
+    /**
+     * Initializes a new `OffscreenPostMessageStream` instance.
+     *
+     * @param args - The constructor arguments.
+     * @param args.stream - The underlying stream to use for communication.
+     * @param args.jobId - The ID of the job this stream is associated with.
+     * @param args.frameUrl - The URL of the frame to load inside the offscreen
+     * document.
+     */
+    constructor({ stream, jobId, frameUrl }: OffscreenPostMessageStreamArgs);
+    /**
+     * Write data to the underlying stream. This wraps the data in an object with
+     * the job ID.
+     *
+     * @param data - The data to write.
+     */
+    _postMessage(data: OffscreenPostMessage): void;
+}

package/dist/services/offscreen/OffscreenPostMessageStream.js

@@ -0,0 +1,66 @@
+"use strict";
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _OffscreenPostMessageStream_instances, _OffscreenPostMessageStream_stream, _OffscreenPostMessageStream_jobId, _OffscreenPostMessageStream_frameUrl, _OffscreenPostMessageStream_onData;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OffscreenPostMessageStream = void 0;
+const post_message_stream_1 = require("@metamask/post-message-stream");
+/**
+ * A post message stream that wraps messages in a job ID, before sending them
+ * over the underlying stream.
+ */
+class OffscreenPostMessageStream extends post_message_stream_1.BasePostMessageStream {
+    /**
+     * Initializes a new `OffscreenPostMessageStream` instance.
+     *
+     * @param args - The constructor arguments.
+     * @param args.stream - The underlying stream to use for communication.
+     * @param args.jobId - The ID of the job this stream is associated with.
+     * @param args.frameUrl - The URL of the frame to load inside the offscreen
+     * document.
+     */
+    constructor({ stream, jobId, frameUrl }) {
+        super();
+        _OffscreenPostMessageStream_instances.add(this);
+        _OffscreenPostMessageStream_stream.set(this, void 0);
+        _OffscreenPostMessageStream_jobId.set(this, void 0);
+        _OffscreenPostMessageStream_frameUrl.set(this, void 0);
+        __classPrivateFieldSet(this, _OffscreenPostMessageStream_stream, stream, "f");
+        __classPrivateFieldSet(this, _OffscreenPostMessageStream_jobId, jobId, "f");
+        __classPrivateFieldSet(this, _OffscreenPostMessageStream_frameUrl, frameUrl, "f");
+        __classPrivateFieldGet(this, _OffscreenPostMessageStream_stream, "f").on('data', __classPrivateFieldGet(this, _OffscreenPostMessageStream_instances, "m", _OffscreenPostMessageStream_onData).bind(this));
+    }
+    /**
+     * Write data to the underlying stream. This wraps the data in an object with
+     * the job ID.
+     *
+     * @param data - The data to write.
+     */
+    _postMessage(data) {
+        __classPrivateFieldGet(this, _OffscreenPostMessageStream_stream, "f").write({
+            jobId: __classPrivateFieldGet(this, _OffscreenPostMessageStream_jobId, "f"),
+            // TODO: Rather than injecting the frame URL here, we should come up with
+            // a better way to do this. The frame URL is needed to avoid hard coding
+            // it in the offscreen execution environment.
+            frameUrl: __classPrivateFieldGet(this, _OffscreenPostMessageStream_frameUrl, "f"),
+            data,
+        });
+    }
+}
+exports.OffscreenPostMessageStream = OffscreenPostMessageStream;
+_OffscreenPostMessageStream_stream = new WeakMap(), _OffscreenPostMessageStream_jobId = new WeakMap(), _OffscreenPostMessageStream_frameUrl = new WeakMap(), _OffscreenPostMessageStream_instances = new WeakSet(), _OffscreenPostMessageStream_onData = function _OffscreenPostMessageStream_onData(data) {
+    if (data.jobId !== __classPrivateFieldGet(this, _OffscreenPostMessageStream_jobId, "f")) {
+        return;
+    }
+    this.push(data.data);
+};
+//# sourceMappingURL=OffscreenPostMessageStream.js.map

package/dist/services/offscreen/OffscreenPostMessageStream.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"OffscreenPostMessageStream.js","sourceRoot":"","sources":["../../../src/services/offscreen/OffscreenPostMessageStream.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,uEAAsE;AActE;;;GAGG;AACH,MAAa,0BAA2B,SAAQ,2CAAqB;IAOnE;;;;;;;;OAQG;IACH,YAAY,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAkC;QACrE,KAAK,EAAE,CAAC;;QAhBV,qDAAwC;QAExC,oDAAwB;QAExB,uDAA2B;QAczB,uBAAA,IAAI,sCAAW,MAAM,MAAA,CAAC;QACtB,uBAAA,IAAI,qCAAU,KAAK,MAAA,CAAC;QACpB,uBAAA,IAAI,wCAAa,QAAQ,MAAA,CAAC;QAE1B,uBAAA,IAAI,0CAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,uBAAA,IAAI,iFAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACnD,CAAC;IAgBD;;;;;OAKG;IACH,YAAY,CAAC,IAA0B;QACrC,uBAAA,IAAI,0CAAQ,CAAC,KAAK,CAAC;YACjB,KAAK,EAAE,uBAAA,IAAI,yCAAO;YAClB,yEAAyE;YACzE,wEAAwE;YACxE,6CAA6C;YAC7C,QAAQ,EAAE,uBAAA,IAAI,4CAAU;YACxB,IAAI;SACL,CAAC,CAAC;IACL,CAAC;CACF;AAxDD,gEAwDC;qSAxBS,IAA0B;IAChC,IAAI,IAAI,CAAC,KAAK,KAAK,uBAAA,IAAI,yCAAO,EAAE;QAC9B,OAAO;KACR;IAED,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACvB,CAAC","sourcesContent":["import { BasePostMessageStream } from '@metamask/post-message-stream';\nimport { JsonRpcRequest } from '@metamask/utils';\n\nexport type OffscreenPostMessageStreamArgs = {\n  stream: BasePostMessageStream;\n  jobId: string;\n  frameUrl: string;\n};\n\nexport type OffscreenPostMessage = {\n  jobId: string;\n  data: JsonRpcRequest;\n};\n\n/**\n * A post message stream that wraps messages in a job ID, before sending them\n * over the underlying stream.\n */\nexport class OffscreenPostMessageStream extends BasePostMessageStream {\n  readonly #stream: BasePostMessageStream;\n\n  readonly #jobId: string;\n\n  readonly #frameUrl: string;\n\n  /**\n   * Initializes a new `OffscreenPostMessageStream` instance.\n   *\n   * @param args - The constructor arguments.\n   * @param args.stream - The underlying stream to use for communication.\n   * @param args.jobId - The ID of the job this stream is associated with.\n   * @param args.frameUrl - The URL of the frame to load inside the offscreen\n   * document.\n   */\n  constructor({ stream, jobId, frameUrl }: OffscreenPostMessageStreamArgs) {\n    super();\n\n    this.#stream = stream;\n    this.#jobId = jobId;\n    this.#frameUrl = frameUrl;\n\n    this.#stream.on('data', this.#onData.bind(this));\n  }\n\n  /**\n   * Handle incoming data from the underlying stream. This checks that the job\n   * ID matches the expected job ID, and pushes the data to the stream if so.\n   *\n   * @param data - The data to handle.\n   */\n  #onData(data: OffscreenPostMessage) {\n    if (data.jobId !== this.#jobId) {\n      return;\n    }\n\n    this.push(data.data);\n  }\n\n  /**\n   * Write data to the underlying stream. This wraps the data in an object with\n   * the job ID.\n   *\n   * @param data - The data to write.\n   */\n  _postMessage(data: OffscreenPostMessage) {\n    this.#stream.write({\n      jobId: this.#jobId,\n      // TODO: Rather than injecting the frame URL here, we should come up with\n      // a better way to do this. The frame URL is needed to avoid hard coding\n      // it in the offscreen execution environment.\n      frameUrl: this.#frameUrl,\n      data,\n    });\n  }\n}\n"]}

package/dist/services/offscreen/index.d.ts

@@ -0,0 +1,2 @@
+export * from './OffscreenExecutionService';
+export * from './OffscreenPostMessageStream';

package/dist/services/offscreen/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./OffscreenExecutionService"), exports);
+__exportStar(require("./OffscreenPostMessageStream"), exports);
+//# sourceMappingURL=index.js.map

package/dist/services/offscreen/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/services/offscreen/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,8DAA4C;AAC5C,+DAA6C","sourcesContent":["export * from './OffscreenExecutionService';\nexport * from './OffscreenPostMessageStream';\n"]}

package/dist/snaps/SnapController.d.ts

@@ -1,13 +1,15 @@
 import { AddApprovalRequest } from '@metamask/approval-controller';
 import { BaseControllerV2 as BaseController, RestrictedControllerMessenger } from '@metamask/base-controller';
-import { GetEndowments, GetPermissions, GrantPermissions, HasPermission, HasPermissions, RevokeAllPermissions, RevokePermissionForAllSubjects, RevokePermissions } from '@metamask/permission-controller';
-import { BlockedSnapInfo, InstallSnapsResult, PersistedSnap, RequestedSnapPermissions, Snap, SnapId, SnapRpcHook, SnapRpcHookArgs, SnapStatusEvents, StatusContext, StatusEvents, StatusStates, TruncatedSnap, ValidatedSnapId } from '@metamask/snaps-utils';
+import { GetEndowments, GetPermissions, GetSubjects, GrantPermissions, HasPermission, HasPermissions, RevokeAllPermissions, RevokePermissionForAllSubjects, RevokePermissions, UpdateCaveat } from '@metamask/permission-controller';
+import { BlockReason } from '@metamask/snaps-registry';
+import { InstallSnapsResult, PersistedSnap, RequestedSnapPermissions, Snap, SnapId, SnapRpcHook, SnapRpcHookArgs, SnapStatusEvents, StatusContext, StatusEvents, StatusStates, TruncatedSnap, ValidatedSnapId } from '@metamask/snaps-utils';
 import { GetSubjectMetadata } from '@metamask/subject-metadata-controller';
 import { Json } from '@metamask/utils';
 import { StateMachine } from '@xstate/fsm';
 import type { Patch } from 'immer';
 import { ExecuteSnapAction, ExecutionServiceEvents, HandleRpcRequestAction, SnapErrorJson, TerminateAllSnapsAction, TerminateSnapAction } from '../services';
 import { detectSnapLocation, SnapLocation } from './location';
+import { SnapsRegistry, SnapsRegistryMetadata } from './registry';
 import { Timer } from './Timer';
 export declare const controllerName = "SnapController";
 export declare const SNAP_APPROVAL_INSTALL = "wallet_installSnap";
@@ -168,7 +170,11 @@ export declare type RemoveSnapError = {
     type: `${typeof controllerName}:removeSnapError`;
     handler: SnapController['removeSnapError'];
 };
-export declare type SnapControllerActions = ClearSnapState | GetSnap | GetSnapState | HandleSnapRequest | HasSnap | UpdateBlockedSnaps | UpdateSnapState | EnableSnap | DisableSnap | RemoveSnap | GetPermittedSnaps | InstallSnaps | RemoveSnapError | GetAllSnaps | IncrementActiveReferences | DecrementActiveReferences;
+export declare type GetRegistryMetadata = {
+    type: `${typeof controllerName}:getRegistryMetadata`;
+    handler: SnapController['getRegistryMetadata'];
+};
+export declare type SnapControllerActions = ClearSnapState | GetSnap | GetSnapState | HandleSnapRequest | HasSnap | UpdateBlockedSnaps | UpdateSnapState | EnableSnap | DisableSnap | RemoveSnap | GetPermittedSnaps | InstallSnaps | RemoveSnapError | GetAllSnaps | IncrementActiveReferences | DecrementActiveReferences | GetRegistryMetadata;
 export declare type SnapStateChange = {
     type: `${typeof controllerName}:stateChange`;
     payload: [SnapControllerState, Patch[]];
@@ -185,7 +191,7 @@ export declare type SnapAdded = {
  */
 export declare type SnapBlocked = {
     type: `${typeof controllerName}:snapBlocked`;
-    payload: [snapId: string, blockedSnapInfo: BlockedSnapInfo];
+    payload: [snapId: string, blockedSnapInfo?: BlockReason];
 };
 /**
  * Emitted when a snap has been started after being added and authorized during
@@ -232,7 +238,7 @@ export declare type SnapTerminated = {
     payload: [snap: TruncatedSnap];
 };
 export declare type SnapControllerEvents = SnapAdded | SnapBlocked | SnapInstalled | SnapRemoved | SnapStateChange | SnapUnblocked | SnapUpdated | SnapRolledback | SnapTerminated;
-export declare type AllowedActions = GetEndowments | GetPermissions | GetSubjectMetadata | HasPermission | HasPermissions | RevokePermissions | RevokeAllPermissions | RevokePermissionForAllSubjects | GrantPermissions | AddApprovalRequest | HandleRpcRequestAction | ExecuteSnapAction | TerminateAllSnapsAction | TerminateSnapAction;
+export declare type AllowedActions = GetEndowments | GetPermissions | GetSubjects | GetSubjectMetadata | HasPermission | HasPermissions | RevokePermissions | RevokeAllPermissions | RevokePermissionForAllSubjects | GrantPermissions | AddApprovalRequest | HandleRpcRequestAction | ExecuteSnapAction | TerminateAllSnapsAction | TerminateSnapAction | UpdateCaveat;
 export declare type AllowedEvents = ExecutionServiceEvents;
 declare type SnapControllerMessenger = RestrictedControllerMessenger<typeof controllerName, SnapControllerActions | AllowedActions, SnapControllerEvents | AllowedEvents, AllowedActions['type'], AllowedEvents['type']>;
 declare type FeatureFlags = {
@@ -244,24 +250,9 @@ declare type FeatureFlags = {
      * @see {SnapController.processRequestedSnap}
      */
     dappsCanUpdateSnaps?: true;
+    requireAllowlist?: true;
+    allowLocalSnaps?: true;
 };
-declare type SemVerVersion = string;
-declare type SnapInfo = {
-    version: SemVerVersion;
-    shasum: string;
-};
-export declare type CheckSnapBlockListArg = Record<SnapId, SnapInfo>;
-export declare type CheckSnapBlockListResult = Record<SnapId, {
-    blocked: true;
-    reason?: string;
-    infoUrl?: string;
-} | {
-    blocked: false;
-}>;
-/**
- * Checks whether a version of a snap is blocked.
- */
-export declare type CheckSnapBlockList = (snapsToCheck: CheckSnapBlockListArg) => Promise<CheckSnapBlockListResult>;
 declare type SnapControllerArgs = {
     /**
      * A teardown function that allows the host to clean up its instrumentation
@@ -273,6 +264,10 @@ declare type SnapControllerArgs = {
      * APIs that will be added to the snap execution environment at runtime.
      */
     environmentEndowmentPermissions: string[];
+    /**
+     * Excluded permissions with its associated error message used to forbid certain permssions.
+     */
+    excludedPermissions: Record<string, string>;
     /**
      * The function that will be used by the controller fo make network requests.
      * Should be compatible with {@link fetch}.
@@ -288,9 +283,9 @@ declare type SnapControllerArgs = {
      */
     idleTimeCheckInterval?: number;
     /**
-     * A function that checks whether the specified snap and version is blocked.
+     * A registry implementation used for checking for verified and blocked snaps.
      */
-    checkBlockList: CheckSnapBlockList;
+    registry: SnapsRegistry;
     /**
      * The maximum amount of time that a snap may be idle.
      */
@@ -323,21 +318,13 @@ export declare class SnapController extends BaseController<string, SnapControlle
     #private;
     private readonly maxRequestTime;
     private readonly snapsRuntimeData;
-    constructor({ closeAllConnections, messenger, state, environmentEndowmentPermissions, idleTimeCheckInterval, checkBlockList, maxIdleTime, maxRequestTime, fetchFunction, featureFlags, detectSnapLocation: detectSnapLocationFunction, }: SnapControllerArgs);
+    constructor({ closeAllConnections, messenger, state, environmentEndowmentPermissions, excludedPermissions, idleTimeCheckInterval, registry, maxIdleTime, maxRequestTime, fetchFunction, featureFlags, detectSnapLocation: detectSnapLocationFunction, }: SnapControllerArgs);
     /**
      * Checks all installed snaps against the block list and
      * blocks/unblocks snaps as appropriate. See {@link SnapController.blockSnap}
      * for more information.
      */
     updateBlockedSnaps(): Promise<void>;
-    /**
-     * Checks the block list to determine whether a version of a snap is blocked.
-     *
-     * @param snapId - The snap id to check.
-     * @param snapInfo - Snap information containing version and shasum.
-     * @returns Whether the version of the snap is blocked or not.
-     */
-    isBlocked(snapId: ValidatedSnapId, snapInfo: SnapInfo): Promise<boolean>;
     _onUnhandledSnapError(snapId: SnapId, error: SnapErrorJson): void;
     _onOutboundRequest(snapId: SnapId): void;
     _onOutboundResponse(snapId: SnapId): void;
@@ -548,11 +535,19 @@ export declare class SnapController extends BaseController<string, SnapControlle
      *
      * @param origin - The origin requesting the snap update.
      * @param snapId - The id of the Snap to be updated.
-     * @param newVersionRange - A semver version range in which the maximum version will be chosen.
      * @param location - Optional location that was already used during installation flow.
+     * @param newVersionRange - A semver version range in which the maximum version will be chosen.
      * @returns The snap metadata if updated, `null` otherwise.
      */
-    updateSnap(origin: string, snapId: ValidatedSnapId, newVersionRange?: string, location?: SnapLocation): Promise<TruncatedSnap | null>;
+    updateSnap(origin: string, snapId: ValidatedSnapId, location: SnapLocation, newVersionRange?: string): Promise<TruncatedSnap | null>;
+    /**
+     * Get metadata for the given snap ID.
+     *
+     * @param snapId - The ID of the snap to get metadata for.
+     * @returns The metadata for the given snap ID, or `null` if the snap is not
+     * verified.
+     */
+    getRegistryMetadata(snapId: SnapId): Promise<SnapsRegistryMetadata | null>;
     /**
      * Initiates a request for the given snap's initial permissions.
      * Must be called in order. See processRequestedSnap.