@metamask/snaps-controllers 2.0.2 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/CHANGELOG.md +11 -1
  2. package/dist/cjs/fsm.js.map +1 -1
  3. package/dist/cjs/snaps/SnapController.js +7 -7
  4. package/dist/cjs/snaps/SnapController.js.map +1 -1
  5. package/dist/cjs/snaps/endowments/enum.js +1 -0
  6. package/dist/cjs/snaps/endowments/enum.js.map +1 -1
  7. package/dist/cjs/snaps/endowments/index.js +12 -4
  8. package/dist/cjs/snaps/endowments/index.js.map +1 -1
  9. package/dist/cjs/snaps/endowments/keyring.js +100 -0
  10. package/dist/cjs/snaps/endowments/keyring.js.map +1 -0
  11. package/dist/esm/fsm.js.map +1 -1
  12. package/dist/esm/snaps/SnapController.js +8 -8
  13. package/dist/esm/snaps/SnapController.js.map +1 -1
  14. package/dist/esm/snaps/endowments/enum.js +1 -0
  15. package/dist/esm/snaps/endowments/enum.js.map +1 -1
  16. package/dist/esm/snaps/endowments/index.js +10 -4
  17. package/dist/esm/snaps/endowments/index.js.map +1 -1
  18. package/dist/esm/snaps/endowments/keyring.js +91 -0
  19. package/dist/esm/snaps/endowments/keyring.js.map +1 -0
  20. package/dist/types/snaps/endowments/enum.d.ts +2 -1
  21. package/dist/types/snaps/endowments/index.d.ts +13 -0
  22. package/dist/types/snaps/endowments/keyring.d.ts +39 -0
  23. package/package.json +8 -8
package/CHANGELOG.md CHANGED
@@ -6,6 +6,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## [3.0.0]
10
+ ### Added
11
+ - Add keyring export and endowment ([#1787](https://github.com/MetaMask/snaps/pull/1787))
12
+ - Add optional `allowedOrigins` field to `endowment:rpc` ([#1822](https://github.com/MetaMask/snaps/pull/1822))
13
+ - This can be used to only accept certain origins in your Snap.
14
+
15
+ ### Changed
16
+ - **BREAKING:** Bump minimum Node.js version to `^18.16.0` ([#1741](https://github.com/MetaMask/snaps/pull/1741))
17
+
9
18
  ## [2.0.2]
10
19
  ### Added
11
20
  - Add `SnapController:snapUninstalled` event ([#1800](https://github.com/MetaMask/snaps/pull/1800))
@@ -63,7 +72,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
63
72
  - The version of the package no longer needs to match the version of all other
64
73
  MetaMask Snaps packages.
65
74
 
66
- [Unreleased]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@2.0.2...HEAD
75
+ [Unreleased]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@3.0.0...HEAD
76
+ [3.0.0]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@2.0.2...@metamask/snaps-controllers@3.0.0
67
77
  [2.0.2]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@2.0.1...@metamask/snaps-controllers@2.0.2
68
78
  [2.0.1]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@2.0.0...@metamask/snaps-controllers@2.0.1
69
79
  [2.0.0]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@0.39.0-flask.1...@metamask/snaps-controllers@2.0.0
package/dist/cjs/fsm.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/fsm.ts"],"sourcesContent":["import { assert } from '@metamask/utils';\nimport type { EventObject, StateMachine, Typestate } from '@xstate/fsm';\nimport { InterpreterStatus } from '@xstate/fsm';\n\n/**\n * Validates the set-up of a @xstate/fsm machine.\n *\n * 1. Ensures that all named actions in the config have a provided implementation.\n *\n * @param machine - The machine to validate.\n * @throws {@link AssertionError}. If the validation fails.\n */\nexport function validateMachine<\n TContext extends object,\n TEvent extends EventObject,\n TState extends Typestate<TContext>,\n>(machine: StateMachine.Machine<TContext, TEvent, TState>) {\n assert('_options' in machine, 'The machine is not an @xstate/fsm machine');\n const typed = machine as StateMachine.Machine<TContext, TEvent, TState> & {\n _options: { actions?: StateMachine.ActionMap<TContext, TEvent> };\n };\n\n // 1.\n const toArray = <Type>(obj: Type | Type[]): Type[] => {\n if (Array.isArray(obj)) {\n return obj;\n } else if (obj === undefined || obj === null) {\n return [];\n }\n return [obj];\n };\n\n const allActions = new Set<string>();\n const addActions = (actions: any) =>\n toArray(actions)\n .flatMap((action) => {\n if (typeof action === 'string') {\n return [action];\n }\n assert(typeof action === 'function');\n return [];\n })\n .forEach(allActions.add.bind(allActions));\n\n for (const state of Object.values<typeof typed.config.states[string]>(\n typed.config.states,\n )) {\n addActions(state.entry);\n addActions(state.exit);\n for (const transition of Object.values<any>(state.on ?? {})) {\n addActions(transition.actions);\n }\n }\n\n allActions.forEach((action) =>\n assert(\n typed._options.actions !== undefined && action in typed._options.actions,\n `Action \"${action}\" doesn't have an implementation`,\n ),\n );\n}\n\n/**\n * Ensure that the interpreter is strict.\n * Strict means that the transition must occur.\n * The event must exist in .on {} state config and it's guard must succeed.\n *\n * The error will be thrown when an invalid `interpreter.send()` is called\n * and will be bubbled there.\n *\n * TODO(ritave): Doesn't support self transitions.\n *\n * @param interpreter - The interpreter that will be force into strict mode.\n * @throws {@link Error} Thrown when the transition is invalid.\n */\nexport function forceStrict(interpreter: StateMachine.Service<any, any, any>) {\n // As soon as a listener subscribes, it is called. It might be called in\n // an initial state which doesn't have the .changed property\n let onInitialCalled = false;\n interpreter.subscribe((state) => {\n assert(!onInitialCalled || state.changed, 'Invalid state transition');\n onInitialCalled = true;\n });\n\n const ogSend = interpreter.send.bind(interpreter);\n interpreter.send = (...args) => {\n assert(\n interpreter.status === InterpreterStatus.Running,\n 'Interpreter is stopped',\n );\n return ogSend(...args);\n };\n}\n"],"names":["validateMachine","forceStrict","machine","assert","typed","toArray","obj","Array","isArray","undefined","allActions","Set","addActions","actions","flatMap","action","forEach","add","bind","state","Object","values","config","states","entry","exit","transition","on","_options","interpreter","onInitialCalled","subscribe","changed","ogSend","send","args","status","InterpreterStatus","Running"],"mappings":";;;;;;;;;;;IAYgBA,eAAe;eAAfA;;IA+DAC,WAAW;eAAXA;;;uBA3EO;qBAEW;AAU3B,SAASD,gBAIdE,OAAuD;IACvDC,IAAAA,aAAM,EAAC,cAAcD,SAAS;IAC9B,MAAME,QAAQF;IAId,KAAK;IACL,MAAMG,UAAU,CAAOC;QACrB,IAAIC,MAAMC,OAAO,CAACF,MAAM;YACtB,OAAOA;QACT,OAAO,IAAIA,QAAQG,aAAaH,QAAQ,MAAM;YAC5C,OAAO,EAAE;QACX;QACA,OAAO;YAACA;SAAI;IACd;IAEA,MAAMI,aAAa,IAAIC;IACvB,MAAMC,aAAa,CAACC,UAClBR,QAAQQ,SACLC,OAAO,CAAC,CAACC;YACR,IAAI,OAAOA,WAAW,UAAU;gBAC9B,OAAO;oBAACA;iBAAO;YACjB;YACAZ,IAAAA,aAAM,EAAC,OAAOY,WAAW;YACzB,OAAO,EAAE;QACX,GACCC,OAAO,CAACN,WAAWO,GAAG,CAACC,IAAI,CAACR;IAEjC,KAAK,MAAMS,SAASC,OAAOC,MAAM,CAC/BjB,MAAMkB,MAAM,CAACC,MAAM,EAClB;QACDX,WAAWO,MAAMK,KAAK;QACtBZ,WAAWO,MAAMM,IAAI;QACrB,KAAK,MAAMC,cAAcN,OAAOC,MAAM,CAAMF,MAAMQ,EAAE,IAAI,CAAC,GAAI;YAC3Df,WAAWc,WAAWb,OAAO;QAC/B;IACF;IAEAH,WAAWM,OAAO,CAAC,CAACD,SAClBZ,IAAAA,aAAM,EACJC,MAAMwB,QAAQ,CAACf,OAAO,KAAKJ,aAAaM,UAAUX,MAAMwB,QAAQ,CAACf,OAAO,EACxE,CAAC,QAAQ,EAAEE,OAAO,gCAAgC,CAAC;AAGzD;AAeO,SAASd,YAAY4B,WAAgD;IAC1E,wEAAwE;IACxE,4DAA4D;IAC5D,IAAIC,kBAAkB;IACtBD,YAAYE,SAAS,CAAC,CAACZ;QACrBhB,IAAAA,aAAM,EAAC,CAAC2B,mBAAmBX,MAAMa,OAAO,EAAE;QAC1CF,kBAAkB;IACpB;IAEA,MAAMG,SAASJ,YAAYK,IAAI,CAAChB,IAAI,CAACW;IACrCA,YAAYK,IAAI,GAAG,CAAC,GAAGC;QACrBhC,IAAAA,aAAM,EACJ0B,YAAYO,MAAM,KAAKC,sBAAiB,CAACC,OAAO,EAChD;QAEF,OAAOL,UAAUE;IACnB;AACF"}
1
+ {"version":3,"sources":["../../src/fsm.ts"],"sourcesContent":["import { assert } from '@metamask/utils';\nimport type { EventObject, StateMachine, Typestate } from '@xstate/fsm';\nimport { InterpreterStatus } from '@xstate/fsm';\n\n/**\n * Validates the set-up of a @xstate/fsm machine.\n *\n * 1. Ensures that all named actions in the config have a provided implementation.\n *\n * @param machine - The machine to validate.\n * @throws {@link AssertionError}. If the validation fails.\n */\nexport function validateMachine<\n TContext extends object,\n TEvent extends EventObject,\n TState extends Typestate<TContext>,\n>(machine: StateMachine.Machine<TContext, TEvent, TState>) {\n assert('_options' in machine, 'The machine is not an @xstate/fsm machine');\n const typed = machine as StateMachine.Machine<TContext, TEvent, TState> & {\n _options: { actions?: StateMachine.ActionMap<TContext, TEvent> };\n };\n\n // 1.\n const toArray = <Type>(obj: Type | Type[]): Type[] => {\n if (Array.isArray(obj)) {\n return obj;\n } else if (obj === undefined || obj === null) {\n return [];\n }\n return [obj];\n };\n\n const allActions = new Set<string>();\n const addActions = (actions: any) =>\n toArray(actions)\n .flatMap((action) => {\n if (typeof action === 'string') {\n return [action];\n }\n assert(typeof action === 'function');\n return [];\n })\n .forEach(allActions.add.bind(allActions));\n\n for (const state of Object.values<(typeof typed.config.states)[string]>(\n typed.config.states,\n )) {\n addActions(state.entry);\n addActions(state.exit);\n for (const transition of Object.values<any>(state.on ?? {})) {\n addActions(transition.actions);\n }\n }\n\n allActions.forEach((action) =>\n assert(\n typed._options.actions !== undefined && action in typed._options.actions,\n `Action \"${action}\" doesn't have an implementation`,\n ),\n );\n}\n\n/**\n * Ensure that the interpreter is strict.\n * Strict means that the transition must occur.\n * The event must exist in .on {} state config and it's guard must succeed.\n *\n * The error will be thrown when an invalid `interpreter.send()` is called\n * and will be bubbled there.\n *\n * TODO(ritave): Doesn't support self transitions.\n *\n * @param interpreter - The interpreter that will be force into strict mode.\n * @throws {@link Error} Thrown when the transition is invalid.\n */\nexport function forceStrict(interpreter: StateMachine.Service<any, any, any>) {\n // As soon as a listener subscribes, it is called. It might be called in\n // an initial state which doesn't have the .changed property\n let onInitialCalled = false;\n interpreter.subscribe((state) => {\n assert(!onInitialCalled || state.changed, 'Invalid state transition');\n onInitialCalled = true;\n });\n\n const ogSend = interpreter.send.bind(interpreter);\n interpreter.send = (...args) => {\n assert(\n interpreter.status === InterpreterStatus.Running,\n 'Interpreter is stopped',\n );\n return ogSend(...args);\n };\n}\n"],"names":["validateMachine","forceStrict","machine","assert","typed","toArray","obj","Array","isArray","undefined","allActions","Set","addActions","actions","flatMap","action","forEach","add","bind","state","Object","values","config","states","entry","exit","transition","on","_options","interpreter","onInitialCalled","subscribe","changed","ogSend","send","args","status","InterpreterStatus","Running"],"mappings":";;;;;;;;;;;IAYgBA,eAAe;eAAfA;;IA+DAC,WAAW;eAAXA;;;uBA3EO;qBAEW;AAU3B,SAASD,gBAIdE,OAAuD;IACvDC,IAAAA,aAAM,EAAC,cAAcD,SAAS;IAC9B,MAAME,QAAQF;IAId,KAAK;IACL,MAAMG,UAAU,CAAOC;QACrB,IAAIC,MAAMC,OAAO,CAACF,MAAM;YACtB,OAAOA;QACT,OAAO,IAAIA,QAAQG,aAAaH,QAAQ,MAAM;YAC5C,OAAO,EAAE;QACX;QACA,OAAO;YAACA;SAAI;IACd;IAEA,MAAMI,aAAa,IAAIC;IACvB,MAAMC,aAAa,CAACC,UAClBR,QAAQQ,SACLC,OAAO,CAAC,CAACC;YACR,IAAI,OAAOA,WAAW,UAAU;gBAC9B,OAAO;oBAACA;iBAAO;YACjB;YACAZ,IAAAA,aAAM,EAAC,OAAOY,WAAW;YACzB,OAAO,EAAE;QACX,GACCC,OAAO,CAACN,WAAWO,GAAG,CAACC,IAAI,CAACR;IAEjC,KAAK,MAAMS,SAASC,OAAOC,MAAM,CAC/BjB,MAAMkB,MAAM,CAACC,MAAM,EAClB;QACDX,WAAWO,MAAMK,KAAK;QACtBZ,WAAWO,MAAMM,IAAI;QACrB,KAAK,MAAMC,cAAcN,OAAOC,MAAM,CAAMF,MAAMQ,EAAE,IAAI,CAAC,GAAI;YAC3Df,WAAWc,WAAWb,OAAO;QAC/B;IACF;IAEAH,WAAWM,OAAO,CAAC,CAACD,SAClBZ,IAAAA,aAAM,EACJC,MAAMwB,QAAQ,CAACf,OAAO,KAAKJ,aAAaM,UAAUX,MAAMwB,QAAQ,CAACf,OAAO,EACxE,CAAC,QAAQ,EAAEE,OAAO,gCAAgC,CAAC;AAGzD;AAeO,SAASd,YAAY4B,WAAgD;IAC1E,wEAAwE;IACxE,4DAA4D;IAC5D,IAAIC,kBAAkB;IACtBD,YAAYE,SAAS,CAAC,CAACZ;QACrBhB,IAAAA,aAAM,EAAC,CAAC2B,mBAAmBX,MAAMa,OAAO,EAAE;QAC1CF,kBAAkB;IACpB;IAEA,MAAMG,SAASJ,YAAYK,IAAI,CAAChB,IAAI,CAACW;IACrCA,YAAYK,IAAI,GAAG,CAAC,GAAGC;QACrBhC,IAAAA,aAAM,EACJ0B,YAAYO,MAAM,KAAKC,sBAAiB,CAACC,OAAO,EAChD;QAEF,OAAOL,UAAUE;IACnB;AACF"}
package/dist/cjs/snaps/SnapController.js CHANGED
@@ -37,6 +37,7 @@ const _fsm1 = require("../fsm");
37
37
  const _logging = require("../logging");
38
38
  const _utils1 = require("../utils");
39
39
  const _endowments = require("./endowments");
40
+ const _keyring = require("./endowments/keyring");
40
41
  const _rpc = require("./endowments/rpc");
41
42
  const _location = require("./location");
42
43
  const _permissions = require("./permissions");
@@ -920,16 +921,15 @@ class SnapController extends _basecontroller.BaseControllerV2 {
920
921
  if (!hasPermission) {
921
922
  throw new Error(`Snap "${snapId}" is not permitted to use "${permissionName}".`);
922
923
  }
923
- if (permissionName === _endowments.SnapEndowments.Rpc) {
924
+ if (permissionName === _endowments.SnapEndowments.Rpc || permissionName === _endowments.SnapEndowments.Keyring) {
924
925
  const subject = this.messagingSystem.call('SubjectMetadataController:getSubjectMetadata', origin);
925
- const isSnap = subject?.subjectType === _permissioncontroller.SubjectType.Snap;
926
926
  const permissions = this.messagingSystem.call('PermissionController:getPermissions', snapId);
927
- const rpcPermission = permissions?.[_endowments.SnapEndowments.Rpc];
928
- (0, _utils.assert)(rpcPermission);
929
- const origins = (0, _rpc.getRpcCaveatOrigins)(rpcPermission);
927
+ const handlerPermissions = permissions?.[permissionName];
928
+ (0, _utils.assert)(handlerPermissions);
929
+ const origins = permissionName === _endowments.SnapEndowments.Rpc ? (0, _rpc.getRpcCaveatOrigins)(handlerPermissions) : (0, _keyring.getKeyringCaveatOrigins)(handlerPermissions);
930
930
  (0, _utils.assert)(origins);
931
- if (isSnap && !origins.snaps || !isSnap && !origins.dapps) {
932
- throw new Error(`Snap "${snapId}" is not permitted to handle JSON-RPC requests from "${origin}".`);
931
+ if (!(0, _snapsutils.isOriginAllowed)(origins, subject?.subjectType ?? _permissioncontroller.SubjectType.Website, origin)) {
932
+ throw new Error(`Snap "${snapId}" is not permitted to handle requests from "${origin}".`);
933
933
  }
934
934
  }
935
935
  const handler = await _class_private_method_get(this, _getRpcRequestHandler, getRpcRequestHandler).call(this, snapId);