@metamask/snaps-controllers 3.0.0 → 3.1.0

package/dist/cjs/snaps/SnapController.js

@@ -27,11 +27,11 @@ _export(exports, {
 });
 const _basecontroller = require("@metamask/base-controller");
 const _permissioncontroller = require("@metamask/permission-controller");
-const _rpcmethods = require("@metamask/rpc-methods");
+const _rpcerrors = require("@metamask/rpc-errors");
+const _snapsrpcmethods = require("@metamask/snaps-rpc-methods");
 const _snapsutils = require("@metamask/snaps-utils");
 const _utils = require("@metamask/utils");
 const _fsm = require("@xstate/fsm");
-const _ethrpcerrors = require("eth-rpc-errors");
 const _nanoid = require("nanoid");
 const _fsm1 = require("../fsm");
 const _logging = require("../logging");
@@ -119,7 +119,6 @@ const TRUNCATED_SNAP_PROPERTIES = new Set([
     'blocked'
 ]);
 const defaultState = {
-    snapErrors: {},
     snaps: {},
     snapStates: {}
 };
@@ -175,7 +174,7 @@ _initializeStateMachine = /*#__PURE__*/ new WeakSet(), /**
    * Safely revokes all permissions granted to a Snap.
    *
    * @param snapId - The snap ID.
-   */ _revokeAllSnapPermissions = /*#__PURE__*/ new WeakSet(), _createApproval = /*#__PURE__*/ new WeakSet(), _updateApproval = /*#__PURE__*/ new WeakSet(), _add = /*#__PURE__*/ new WeakSet(), _startSnap = /*#__PURE__*/ new WeakSet(), _getEndowments = /*#__PURE__*/ new WeakSet(), /**
+   */ _revokeAllSnapPermissions = /*#__PURE__*/ new WeakSet(), _createApproval = /*#__PURE__*/ new WeakSet(), _updateApproval = /*#__PURE__*/ new WeakSet(), _resolveAllowlistVersion = /*#__PURE__*/ new WeakSet(), _add = /*#__PURE__*/ new WeakSet(), _startSnap = /*#__PURE__*/ new WeakSet(), _getEndowments = /*#__PURE__*/ new WeakSet(), /**
    * Sets a snap in state. Called when a snap is installed or updated. Performs
    * various validation checks on the received arguments, and will throw if
    * validation fails.
@@ -241,8 +240,8 @@ class SnapController extends _basecontroller.BaseControllerV2 {
             return _class_private_method_get(this, _unblockSnap, unblockSnap).call(this, snapId);
         }));
     }
-    _onUnhandledSnapError(snapId, error) {
-        this.stopSnap(snapId, _snapsutils.SnapStatusEvents.Crash).then(()=>this.addSnapError(error)).catch((stopSnapError)=>{
+    _onUnhandledSnapError(snapId, _error) {
+        this.stopSnap(snapId, _snapsutils.SnapStatusEvents.Crash).catch((stopSnapError)=>{
             // TODO: Decide how to handle errors.
             (0, _snapsutils.logError)(stopSnapError);
         });
@@ -418,35 +417,6 @@ class SnapController extends _basecontroller.BaseControllerV2 {
         });
     }
     /**
-   * Adds error from a snap to the SnapController state.
-   *
-   * @param snapError - The error to store on the SnapController.
-   */ addSnapError(snapError) {
-        this.update((state)=>{
-            const id = (0, _nanoid.nanoid)();
-            state.snapErrors[id] = {
-                ...snapError,
-                internalID: id
-            };
-        });
-    }
-    /**
-   * Removes an error by internalID from the SnapControllers state.
-   *
-   * @param internalID - The internal error ID to remove on the SnapController.
-   */ removeSnapError(internalID) {
-        this.update((state)=>{
-            delete state.snapErrors[internalID];
-        });
-    }
-    /**
-   * Clears all errors from the SnapControllers state.
-   */ clearSnapErrors() {
-        this.update((state)=>{
-            state.snapErrors = {};
-        });
-    }
-    /**
    * Gets the own state of the snap with the given id.
    * This is distinct from the state MetaMask uses to manage snaps.
    *
@@ -458,6 +428,22 @@ class SnapController extends _basecontroller.BaseControllerV2 {
         return state ?? null;
     }
     /**
+   * Gets a static auxiliary snap file in a chosen file encoding.
+   *
+   * @param snapId - The id of the Snap whose state to get.
+   * @param path - The path to the requested file.
+   * @param encoding - An optional requested file encoding.
+   * @returns The file requested in the chosen file encoding or null if the file is not found.
+   */ getSnapFile(snapId, path, encoding = _snapsutils.AuxiliaryFileEncoding.Base64) {
+        const snap = this.getExpect(snapId);
+        const normalizedPath = (0, _snapsutils.normalizeRelative)(path);
+        const value = snap.auxiliaryFiles?.find((file)=>file.path === normalizedPath)?.value;
+        if (!value) {
+            return null;
+        }
+        return (0, _snapsutils.encodeAuxiliaryFile)(value, encoding);
+    }
+    /**
    * Completely clear the controller's state: delete all associated data,
    * handlers, event listeners, and permissions; tear down all snap providers.
    */ async clearState() {
@@ -520,7 +506,7 @@ class SnapController extends _basecontroller.BaseControllerV2 {
    * @param snapId - The id of the snap to remove.
    */ removeSnapFromSubject(origin, snapId) {
         const subjectPermissions = this.messagingSystem.call('PermissionController:getPermissions', origin);
-        const snapIdsCaveat = subjectPermissions?.[_rpcmethods.WALLET_SNAP_PERMISSION_KEY]?.caveats?.find((caveat)=>caveat.type === _snapsutils.SnapCaveatType.SnapIds);
+        const snapIdsCaveat = subjectPermissions?.[_snapsrpcmethods.WALLET_SNAP_PERMISSION_KEY]?.caveats?.find((caveat)=>caveat.type === _snapsutils.SnapCaveatType.SnapIds);
         if (!snapIdsCaveat) {
             return;
         }
@@ -531,11 +517,11 @@ class SnapController extends _basecontroller.BaseControllerV2 {
             };
             delete newCaveatValue[snapId];
             if (Object.keys(newCaveatValue).length > 0) {
-                this.messagingSystem.call('PermissionController:updateCaveat', origin, _rpcmethods.WALLET_SNAP_PERMISSION_KEY, _snapsutils.SnapCaveatType.SnapIds, newCaveatValue);
+                this.messagingSystem.call('PermissionController:updateCaveat', origin, _snapsrpcmethods.WALLET_SNAP_PERMISSION_KEY, _snapsutils.SnapCaveatType.SnapIds, newCaveatValue);
             } else {
                 this.messagingSystem.call('PermissionController:revokePermissions', {
                     [origin]: [
-                        _rpcmethods.WALLET_SNAP_PERMISSION_KEY
+                        _snapsrpcmethods.WALLET_SNAP_PERMISSION_KEY
                     ]
                 });
             }
@@ -584,7 +570,7 @@ class SnapController extends _basecontroller.BaseControllerV2 {
    * @returns The serialized permitted snaps for the origin.
    */ getPermittedSnaps(origin) {
         const permissions = this.messagingSystem.call('PermissionController:getPermissions', origin) ?? {};
-        const snaps = permissions[_rpcmethods.WALLET_SNAP_PERMISSION_KEY]?.caveats?.find((caveat)=>caveat.type === _snapsutils.SnapCaveatType.SnapIds)?.value ?? {};
+        const snaps = permissions[_snapsrpcmethods.WALLET_SNAP_PERMISSION_KEY]?.caveats?.find((caveat)=>caveat.type === _snapsutils.SnapCaveatType.SnapIds)?.value ?? {};
         return Object.keys(snaps).reduce((permittedSnaps, snapId)=>{
             const snap = this.get(snapId);
             const truncatedSnap = this.getTruncated(snapId);
@@ -611,10 +597,12 @@ class SnapController extends _basecontroller.BaseControllerV2 {
         try {
             for (const [snapId, { version: rawVersion }] of Object.entries(requestedSnaps)){
                 (0, _snapsutils.assertIsValidSnapId)(snapId);
-                const [error, version] = (0, _snapsutils.resolveVersionRange)(rawVersion);
+                const [error, resolvedVersion] = (0, _snapsutils.resolveVersionRange)(rawVersion);
                 if (error) {
-                    throw _ethrpcerrors.ethErrors.rpc.invalidParams(`The "version" field must be a valid SemVer version range if specified. Received: "${rawVersion}".`);
+                    throw _rpcerrors.rpcErrors.invalidParams(`The "version" field must be a valid SemVer version range if specified. Received: "${rawVersion}".`);
                 }
+                // If we are running in allowlist mode, try to match the version with an allowlist version.
+                const version = _class_private_field_get(this, _featureFlags).requireAllowlist ? await _class_private_method_get(this, _resolveAllowlistVersion, resolveAllowlistVersion).call(this, snapId, resolvedVersion) : resolvedVersion;
                 const location = _class_private_field_get(this, _detectSnapLocation).call(this, snapId, {
                     versionRange: version,
                     fetch: _class_private_field_get(this, _fetchFunction),
@@ -642,8 +630,8 @@ class SnapController extends _basecontroller.BaseControllerV2 {
                 result[snapId] = await this.processRequestedSnap(origin, snapId, location, version);
             }
             // Once we finish all installs / updates, emit events.
-            pendingInstalls.forEach((snapId)=>this.messagingSystem.publish(`SnapController:snapInstalled`, this.getTruncatedExpect(snapId)));
-            pendingUpdates.forEach(({ snapId, oldVersion })=>this.messagingSystem.publish(`SnapController:snapUpdated`, this.getTruncatedExpect(snapId), oldVersion));
+            pendingInstalls.forEach((snapId)=>this.messagingSystem.publish(`SnapController:snapInstalled`, this.getTruncatedExpect(snapId), origin));
+            pendingUpdates.forEach(({ snapId, oldVersion })=>this.messagingSystem.publish(`SnapController:snapUpdated`, this.getTruncatedExpect(snapId), oldVersion, origin));
             snapIds.forEach((snapId)=>_class_private_field_get(this, _rollbackSnapshots).delete(snapId));
         } catch (error) {
             const installed = pendingInstalls.filter((snapId)=>this.has(snapId));
@@ -676,7 +664,7 @@ class SnapController extends _basecontroller.BaseControllerV2 {
             return await this.updateSnap(origin, snapId, location, versionRange, // Since we are requesting an update from within processRequestedSnap,
             // we disable the emitting of the snapUpdated event and rely on the caller
             // to publish this event after the update is complete.
-            // This is necesary as installSnaps may be installing multiple snaps
+            // This is necessary as installSnaps may be installing multiple snaps
             // and we don't want to emit events prematurely.
             false);
         }
@@ -756,23 +744,25 @@ class SnapController extends _basecontroller.BaseControllerV2 {
         try {
             const snap = this.getExpect(snapId);
             const newSnap = await _class_private_method_get(this, _fetchSnap, fetchSnap).call(this, snapId, location);
-            const newVersion = newSnap.manifest.result.version;
+            const { sourceCode: sourceCodeFile, manifest: manifestFile } = newSnap.files;
+            const manifest = manifestFile.result;
+            const newVersion = manifest.version;
             if (!(0, _utils.gtVersion)(newVersion, snap.version)) {
-                throw _ethrpcerrors.ethErrors.rpc.invalidParams(`Snap "${snapId}@${snap.version}" is already installed. Couldn't update to a version inside requested "${newVersionRange}" range.`);
+                throw _rpcerrors.rpcErrors.invalidParams(`Snap "${snapId}@${snap.version}" is already installed. Couldn't update to a version inside requested "${newVersionRange}" range.`);
             }
             if (!(0, _utils.satisfiesVersionRange)(newVersion, newVersionRange)) {
                 throw new Error(`Version mismatch. Manifest for "${snapId}" specifies version "${newVersion}" which doesn't satisfy requested version range "${newVersionRange}".`);
             }
             await _class_private_method_get(this, _assertIsInstallAllowed, assertIsInstallAllowed).call(this, snapId, {
                 version: newVersion,
-                checksum: newSnap.manifest.result.source.shasum
+                checksum: manifest.source.shasum
             });
-            const processedPermissions = (0, _permissions.processSnapPermissions)(newSnap.manifest.result.initialPermissions);
+            const processedPermissions = (0, _permissions.processSnapPermissions)(manifest.initialPermissions);
             _class_private_method_get(this, _validateSnapPermissions, validateSnapPermissions).call(this, processedPermissions);
             const { newPermissions, unusedPermissions, approvedPermissions } = _class_private_method_get(this, _calculatePermissionsChange, calculatePermissionsChange).call(this, snapId, processedPermissions);
             _class_private_method_get(this, _updateApproval, updateApproval).call(this, pendingApproval.id, {
                 permissions: newPermissions,
-                newVersion: newSnap.manifest.result.version,
+                newVersion: manifest.version,
                 newPermissions,
                 approvedPermissions,
                 unusedPermissions,
@@ -791,7 +781,6 @@ class SnapController extends _basecontroller.BaseControllerV2 {
             _class_private_method_get(this, _set, set).call(this, {
                 origin,
                 id: snapId,
-                manifest: newSnap.manifest,
                 files: newSnap.files,
                 isUpdate: true
             });
@@ -816,8 +805,7 @@ class SnapController extends _basecontroller.BaseControllerV2 {
                 rollbackSnapshot.permissions.granted = Object.keys(approvedNewPermissions);
                 rollbackSnapshot.permissions.requestData = requestData;
             }
-            const normalizedSourcePath = (0, _snapsutils.normalizeRelative)(newSnap.manifest.result.source.location.npm.filePath);
-            const sourceCode = newSnap.files.find((file)=>file.path === normalizedSourcePath)?.toString();
+            const sourceCode = sourceCodeFile.toString();
             (0, _utils.assert)(typeof sourceCode === 'string' && sourceCode.length > 0, `Invalid source code for snap "${snapId}".`);
             try {
                 await _class_private_method_get(this, _startSnap, startSnap).call(this, {
@@ -829,7 +817,7 @@ class SnapController extends _basecontroller.BaseControllerV2 {
             }
             const truncatedSnap = this.getTruncatedExpect(snapId);
             if (emitEvent) {
-                this.messagingSystem.publish('SnapController:snapUpdated', truncatedSnap, snap.version);
+                this.messagingSystem.publish('SnapController:snapUpdated', truncatedSnap, snap.version, origin);
             }
             _class_private_method_get(this, _updateApproval, updateApproval).call(this, pendingApproval.id, {
                 loading: false,
@@ -899,6 +887,8 @@ class SnapController extends _basecontroller.BaseControllerV2 {
         /* eslint-disable @typescript-eslint/unbound-method */ this.messagingSystem.unsubscribe('ExecutionService:unhandledError', this._onUnhandledSnapError);
         this.messagingSystem.unsubscribe('ExecutionService:outboundRequest', this._onOutboundRequest);
         this.messagingSystem.unsubscribe('ExecutionService:outboundResponse', this._onOutboundResponse);
+        this.messagingSystem.clearEventSubscriptions('SnapController:snapInstalled');
+        this.messagingSystem.clearEventSubscriptions('SnapController:snapUpdated');
     /* eslint-enable @typescript-eslint/unbound-method */ }
     /**
    * Passes a JSON-RPC request object to the RPC handler function of a snap.
@@ -948,17 +938,15 @@ class SnapController extends _basecontroller.BaseControllerV2 {
         super({
             messenger,
             metadata: {
-                snapErrors: {
-                    persist: false,
-                    anonymous: false
-                },
                 snapStates: {
                     persist: true,
                     anonymous: false
                 },
                 snaps: {
                     persist: (snaps)=>{
-                        return Object.values(snaps).map((snap)=>{
+                        return Object.values(snaps)// We should not persist snaps that are in the installing state,
+                        // since they haven't completed installation and would be unusable
+                        .filter((snap)=>snap.status !== _snapsutils.SnapStatus.Installing).map((snap)=>{
                             return {
                                 ...snap,
                                 // At the time state is rehydrated, no snap will be running.
@@ -1001,6 +989,7 @@ class SnapController extends _basecontroller.BaseControllerV2 {
         _class_private_method_init(this, _revokeAllSnapPermissions);
         _class_private_method_init(this, _createApproval);
         _class_private_method_init(this, _updateApproval);
+        _class_private_method_init(this, _resolveAllowlistVersion);
         /**
    * Returns a promise representing the complete installation of the requested snap.
    * If the snap is already being installed, the previously pending promise will be returned.
@@ -1026,8 +1015,6 @@ class SnapController extends _basecontroller.BaseControllerV2 {
         /**
    * Fetches the manifest and source code of a snap.
    *
-   * This function is not hash private yet because of tests.
-   *
    * @param snapId - The id of the Snap.
    * @param location - Source from which snap will be fetched.
    * @returns A tuple of the Snap manifest object and the Snap source code.
@@ -1236,13 +1223,13 @@ function registerMessageHandlers() {
     this.messagingSystem.registerActionHandler(`${controllerName}:remove`, async (...args)=>this.removeSnap(...args));
     this.messagingSystem.registerActionHandler(`${controllerName}:getPermitted`, (...args)=>this.getPermittedSnaps(...args));
     this.messagingSystem.registerActionHandler(`${controllerName}:install`, async (...args)=>this.installSnaps(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:removeSnapError`, (...args)=>this.removeSnapError(...args));
     this.messagingSystem.registerActionHandler(`${controllerName}:getAll`, (...args)=>this.getAllSnaps(...args));
     this.messagingSystem.registerActionHandler(`${controllerName}:incrementActiveReferences`, (...args)=>this.incrementActiveReferences(...args));
     this.messagingSystem.registerActionHandler(`${controllerName}:decrementActiveReferences`, (...args)=>this.decrementActiveReferences(...args));
     this.messagingSystem.registerActionHandler(`${controllerName}:getRegistryMetadata`, async (...args)=>this.getRegistryMetadata(...args));
     this.messagingSystem.registerActionHandler(`${controllerName}:disconnectOrigin`, (...args)=>this.removeSnapFromSubject(...args));
     this.messagingSystem.registerActionHandler(`${controllerName}:revokeDynamicPermissions`, (...args)=>this.revokeDynamicSnapPermissions(...args));
+    this.messagingSystem.registerActionHandler(`${controllerName}:getFile`, (...args)=>this.getSnapFile(...args));
 }
 function pollForLastRequestStatus() {
     _class_private_field_set(this, _timeoutForLastRequestStatus, setTimeout(()=>{
@@ -1286,7 +1273,7 @@ async function assertIsInstallAllowed(snapId, snapInfo) {
     if (result.status === _registry.SnapsRegistryStatus.Blocked) {
         throw new Error(`Cannot install version "${snapInfo.version}" of snap "${snapId}": The version is blocked. ${result.reason?.explanation ?? ''}`);
     } else if (_class_private_field_get(this, _featureFlags).requireAllowlist && result.status !== _registry.SnapsRegistryStatus.Verified) {
-        throw new Error(`Cannot install version "${snapInfo.version}" of snap "${snapId}": The snap is not on the allow list.`);
+        throw new Error(`Cannot install version "${snapInfo.version}" of snap "${snapId}": The snap is not on the allowlist.`);
     }
 }
 async function stopSnapsLastRequestPastMax() {
@@ -1352,6 +1339,9 @@ function updateApproval(id, requestState) {
     // Do nothing
     }
 }
+async function resolveAllowlistVersion(snapId, versionRange) {
+    return await this.messagingSystem.call('SnapsRegistry:resolveVersion', snapId, versionRange);
+}
 async function add(args) {
     const { id: snapId, location, versionRange } = args;
     _class_private_method_get(this, _setupRuntime, setupRuntime).call(this, snapId, {
@@ -1365,7 +1355,7 @@ async function add(args) {
         // to null in the authorize() method.
         runtime.installPromise = (async ()=>{
             const fetchedSnap = await _class_private_method_get(this, _fetchSnap, fetchSnap).call(this, snapId, location);
-            const manifest = fetchedSnap.manifest.result;
+            const manifest = fetchedSnap.files.manifest.result;
             if (!(0, _utils.satisfiesVersionRange)(manifest.version, versionRange)) {
                 throw new Error(`Version mismatch. Manifest for "${snapId}" specifies version "${manifest.version}" which doesn't satisfy requested version range "${versionRange}".`);
             }
@@ -1435,15 +1425,16 @@ async function getEndowments(snapId) {
     return dedupedEndowments;
 }
 function set(args) {
-    const { id: snapId, origin, manifest, files, isUpdate = false } = args;
+    const { id: snapId, origin, files, isUpdate = false } = args;
+    const { manifest, sourceCode: sourceCodeFile, svgIcon, auxiliaryFiles: rawAuxiliaryFiles } = files;
     (0, _snapsutils.assertIsSnapManifest)(manifest.result);
     const { version } = manifest.result;
-    const normalizedSourcePath = (0, _snapsutils.normalizeRelative)(manifest.result.source.location.npm.filePath);
-    const { iconPath } = manifest.result.source.location.npm;
-    const normalizedIconPath = iconPath && (0, _snapsutils.normalizeRelative)(iconPath);
-    const sourceCode = files.find((file)=>file.path === normalizedSourcePath)?.toString();
-    const svgIcon = normalizedIconPath ? files.find((file)=>file.path === normalizedIconPath) : undefined;
+    const sourceCode = sourceCodeFile.toString();
     (0, _utils.assert)(typeof sourceCode === 'string' && sourceCode.length > 0, `Invalid source code for snap "${snapId}".`);
+    const auxiliaryFiles = rawAuxiliaryFiles.map((file)=>({
+            path: file.path,
+            value: file.toString('base64')
+        }));
     const snapsState = this.state.snaps;
     const existingSnap = snapsState[snapId];
     const previousVersionHistory = existingSnap?.versionHistory ?? [];
@@ -1468,7 +1459,8 @@ function set(args) {
         status: _class_private_field_get(this, _statusMachine).config.initial,
         sourceCode,
         version,
-        versionHistory
+        versionHistory,
+        auxiliaryFiles
     };
     // If the snap was blocked, it isn't any longer
     delete snap.blockInformation;
@@ -1496,19 +1488,15 @@ async function fetchSnap(snapId, location) {
         const sourceCode = await location.fetch(manifest.result.source.location.npm.filePath);
         const { iconPath } = manifest.result.source.location.npm;
         const svgIcon = iconPath ? await location.fetch(iconPath) : undefined;
-        const files = [
-            sourceCode
-        ];
-        if (svgIcon) {
-            files.push(svgIcon);
-        }
-        (0, _snapsutils.validateFetchedSnap)({
+        const auxiliaryFiles = manifest.result.source.files ? await Promise.all(manifest.result.source.files.map(async (filePath)=>location.fetch(filePath))) : [];
+        const files = {
             manifest,
             sourceCode,
-            svgIcon
-        });
+            svgIcon,
+            auxiliaryFiles
+        };
+        (0, _snapsutils.validateFetchedSnap)(files);
         return {
-            manifest,
             files,
             location
         };
@@ -1577,8 +1565,11 @@ function getRpcRequestHandler(snapId) {
             _class_private_method_get(this, _recordSnapRpcRequestFinish, recordSnapRpcRequestFinish).call(this, snapId, request.id);
             return result;
         } catch (error) {
-            await this.stopSnap(snapId, _snapsutils.SnapStatusEvents.Crash);
-            throw error;
+            const [jsonRpcError, handled] = (0, _snapsutils.unwrapError)(error);
+            if (!handled) {
+                await this.stopSnap(snapId, _snapsutils.SnapStatusEvents.Crash);
+            }
+            throw jsonRpcError;
         }
     };
     runtime.rpcHandler = rpcHandler;