@metamask/snaps-controllers 6.0.4 → 7.0.0

package/CHANGELOG.md

@@ -6,6 +6,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [7.0.0]
+### Changed
+- **BREAKING:** Refactor encryption to enable caching ([#2316](https://github.com/MetaMask/snaps/pull/2316))
+  - New required constructor arguments `encryptor` and `getMnemonic` have been added.
+- Include `initialConnections` in approval `requestState` ([#2322](https://github.com/MetaMask/snaps/pull/2322))
+
+### Fixed
+- Delete unencrypted state when uninstalling a Snap ([#2311](https://github.com/MetaMask/snaps/pull/2311))
+
 ## [6.0.4]
 ### Changed
 - Bump MetaMask dependencies ([#2270](https://github.com/MetaMask/snaps/pull/2270))
@@ -221,7 +230,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - The version of the package no longer needs to match the version of all other
     MetaMask Snaps packages.
 
-[Unreleased]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@6.0.4...HEAD
+[Unreleased]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@7.0.0...HEAD
+[7.0.0]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@6.0.4...@metamask/snaps-controllers@7.0.0
 [6.0.4]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@6.0.3...@metamask/snaps-controllers@6.0.4
 [6.0.3]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@6.0.2...@metamask/snaps-controllers@6.0.3
 [6.0.2]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@6.0.1...@metamask/snaps-controllers@6.0.2

package/dist/{chunk-B67RDBZ4.mjs → chunk-42ODFZSH.mjs}

@@ -1,9 +1,9 @@
-import {
-  NpmLocation
-} from "./chunk-WKQRCGUW.mjs";
 import {
   LocalLocation
 } from "./chunk-B3UTLNYS.mjs";
+import {
+  NpmLocation
+} from "./chunk-WKQRCGUW.mjs";
 import {
   HttpLocation
 } from "./chunk-6GMWL4JR.mjs";
@@ -37,4 +37,4 @@ function detectSnapLocation(location, opts) {
 export {
   detectSnapLocation
 };
-//# sourceMappingURL=chunk-B67RDBZ4.mjs.map
+//# sourceMappingURL=chunk-42ODFZSH.mjs.map

package/dist/chunk-HP6S5IOB.js

@@ -0,0 +1 @@
+"use strict";//# sourceMappingURL=chunk-HP6S5IOB.js.map

package/dist/chunk-HP6S5IOB.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":""}

package/dist/{chunk-APQVOL5T.js → chunk-MIYZN7HG.js}

@@ -1,6 +1,6 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true});
 
-var _chunk7WOG63YYjs = require('./chunk-7WOG63YY.js');
+var _chunkPT22IXNSjs = require('./chunk-PT22IXNS.js');
 
 
 var _chunkAP7CJ6DAjs = require('./chunk-AP7CJ6DA.js');
@@ -42,6 +42,7 @@ var _rpcerrors = require('@metamask/rpc-errors');
 
 
 
+
 var _snapsrpcmethods = require('@metamask/snaps-rpc-methods');
 var _snapssdk = require('@metamask/snaps-sdk');
 
@@ -65,6 +66,7 @@ var _snapssdk = require('@metamask/snaps-sdk');
 
 
 
+
 
 
 var _snapsutils = require('@metamask/snaps-utils');
@@ -81,6 +83,7 @@ var _snapsutils = require('@metamask/snaps-utils');
 
 
 
+
 var _utils = require('@metamask/utils');
 var _fsm = require('@xstate/fsm');
 var _nanoid = require('nanoid');
@@ -113,7 +116,7 @@ function truncateSnap(snap) {
   return truncatedSnap;
 }
 var name = "SnapController";
-var _closeAllConnections, _dynamicPermissions, _environmentEndowmentPermissions, _excludedPermissions, _featureFlags, _fetchFunction, _idleTimeCheckInterval, _maxIdleTime, _maxInitTime, _detectSnapLocation, _snapsRuntimeData, _rollbackSnapshots, _timeoutForLastRequestStatus, _statusMachine, _initializeStateMachine, initializeStateMachine_fn, _registerMessageHandlers, registerMessageHandlers_fn, _handlePreinstalledSnaps, handlePreinstalledSnaps_fn, _pollForLastRequestStatus, pollForLastRequestStatus_fn, _blockSnap, blockSnap_fn, _unblockSnap, unblockSnap_fn, _assertIsInstallAllowed, assertIsInstallAllowed_fn, _stopSnapsLastRequestPastMax, stopSnapsLastRequestPastMax_fn, _transition, transition_fn, _terminateSnap, terminateSnap_fn, _handleInitialConnections, handleInitialConnections_fn, _addSnapToSubject, addSnapToSubject_fn, _removeSnapFromSubjects, removeSnapFromSubjects_fn, _revokeAllSnapPermissions, revokeAllSnapPermissions_fn, _createApproval, createApproval_fn, _updateApproval, updateApproval_fn, _resolveAllowlistVersion, resolveAllowlistVersion_fn, _add, add_fn, _startSnap, startSnap_fn, _getEndowments, getEndowments_fn, _set, set_fn, _validateSnapPermissions, validateSnapPermissions_fn, _getExecutionTimeout, getExecutionTimeout_fn, _getRpcRequestHandler, getRpcRequestHandler_fn, _createInterface, createInterface_fn, _assertInterfaceExists, assertInterfaceExists_fn, _transformSnapRpcRequestResult, transformSnapRpcRequestResult_fn, _assertSnapRpcRequestResult, assertSnapRpcRequestResult_fn, _recordSnapRpcRequestStart, recordSnapRpcRequestStart_fn, _recordSnapRpcRequestFinish, recordSnapRpcRequestFinish_fn, _getRollbackSnapshot, getRollbackSnapshot_fn, _createRollbackSnapshot, createRollbackSnapshot_fn, _rollbackSnap, rollbackSnap_fn, _rollbackSnaps, rollbackSnaps_fn, _getRuntime, getRuntime_fn, _getRuntimeExpect, getRuntimeExpect_fn, _setupRuntime, setupRuntime_fn, _calculatePermissionsChange, calculatePermissionsChange_fn, _updatePermissions, updatePermissions_fn, _isValidUpdate, isValidUpdate_fn, _callLifecycleHook, callLifecycleHook_fn;
+var _closeAllConnections, _dynamicPermissions, _environmentEndowmentPermissions, _excludedPermissions, _featureFlags, _fetchFunction, _idleTimeCheckInterval, _maxIdleTime, _maxInitTime, _encryptor, _getMnemonic, _detectSnapLocation, _snapsRuntimeData, _rollbackSnapshots, _timeoutForLastRequestStatus, _statusMachine, _initializeStateMachine, initializeStateMachine_fn, _registerMessageHandlers, registerMessageHandlers_fn, _handlePreinstalledSnaps, handlePreinstalledSnaps_fn, _pollForLastRequestStatus, pollForLastRequestStatus_fn, _blockSnap, blockSnap_fn, _unblockSnap, unblockSnap_fn, _assertIsInstallAllowed, assertIsInstallAllowed_fn, _stopSnapsLastRequestPastMax, stopSnapsLastRequestPastMax_fn, _transition, transition_fn, _terminateSnap, terminateSnap_fn, _getSnapEncryptionKey, getSnapEncryptionKey_fn, _decryptSnapState, decryptSnapState_fn, _encryptSnapState, encryptSnapState_fn, _handleInitialConnections, handleInitialConnections_fn, _addSnapToSubject, addSnapToSubject_fn, _removeSnapFromSubjects, removeSnapFromSubjects_fn, _revokeAllSnapPermissions, revokeAllSnapPermissions_fn, _createApproval, createApproval_fn, _updateApproval, updateApproval_fn, _resolveAllowlistVersion, resolveAllowlistVersion_fn, _add, add_fn, _startSnap, startSnap_fn, _getEndowments, getEndowments_fn, _set, set_fn, _validateSnapPermissions, validateSnapPermissions_fn, _getExecutionTimeout, getExecutionTimeout_fn, _getRpcRequestHandler, getRpcRequestHandler_fn, _createInterface, createInterface_fn, _assertInterfaceExists, assertInterfaceExists_fn, _transformSnapRpcRequestResult, transformSnapRpcRequestResult_fn, _assertSnapRpcRequestResult, assertSnapRpcRequestResult_fn, _recordSnapRpcRequestStart, recordSnapRpcRequestStart_fn, _recordSnapRpcRequestFinish, recordSnapRpcRequestFinish_fn, _getRollbackSnapshot, getRollbackSnapshot_fn, _createRollbackSnapshot, createRollbackSnapshot_fn, _rollbackSnap, rollbackSnap_fn, _rollbackSnaps, rollbackSnaps_fn, _getRuntime, getRuntime_fn, _getRuntimeExpect, getRuntimeExpect_fn, _setupRuntime, setupRuntime_fn, _calculatePermissionsChange, calculatePermissionsChange_fn, _updatePermissions, updatePermissions_fn, _isValidUpdate, isValidUpdate_fn, _callLifecycleHook, callLifecycleHook_fn;
 var SnapController = class extends _basecontroller.BaseController {
   constructor({
     closeAllConnections,
@@ -128,8 +131,10 @@ var SnapController = class extends _basecontroller.BaseController {
     maxInitTime = _utils.inMilliseconds.call(void 0, 60, _utils.Duration.Second),
     fetchFunction = globalThis.fetch.bind(globalThis),
     featureFlags = {},
-    detectSnapLocation: detectSnapLocationFunction = _chunk7WOG63YYjs.detectSnapLocation,
-    preinstalledSnaps
+    detectSnapLocation: detectSnapLocationFunction = _chunkPT22IXNSjs.detectSnapLocation,
+    preinstalledSnaps,
+    encryptor,
+    getMnemonic
   }) {
     super({
       messenger,
@@ -218,6 +223,37 @@ var SnapController = class extends _basecontroller.BaseController {
      * @param snapId - The snap to terminate.
      */
     _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _terminateSnap);
+    /**
+     * Generate an encryption key to be used for state encryption for a given Snap.
+     *
+     * @param options - An options bag.
+     * @param options.snapId - The Snap ID.
+     * @param options.salt - A salt to be used for the encryption key.
+     * @param options.useCache - Whether to use caching or not.
+     * @param options.keyMetadata - Optional metadata about how to derive the encryption key.
+     * @returns An encryption key.
+     */
+    _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _getSnapEncryptionKey);
+    /**
+     * Decrypt the encrypted state for a given Snap.
+     *
+     * @param snapId - The Snap ID.
+     * @param state - The encrypted state as a string.
+     * @returns A valid JSON object derived from the encrypted state.
+     * @throws If the decryption fails or the decrypted state is not valid JSON.
+     */
+    _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _decryptSnapState);
+    /**
+     * Encrypt a JSON state object for a given Snap.
+     *
+     * Note: This function does not assert the validity of the object,
+     * please ensure only valid JSON is passed to it.
+     *
+     * @param snapId - The Snap ID.
+     * @param state - The state object.
+     * @returns A string containing the encrypted JSON object.
+     */
+    _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _encryptSnapState);
     _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _handleInitialConnections);
     _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _addSnapToSubject);
     /**
@@ -406,6 +442,8 @@ var SnapController = class extends _basecontroller.BaseController {
     _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _idleTimeCheckInterval, void 0);
     _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _maxIdleTime, void 0);
     _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _maxInitTime, void 0);
+    _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _encryptor, void 0);
+    _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _getMnemonic, void 0);
     _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _detectSnapLocation, void 0);
     _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _snapsRuntimeData, void 0);
     _chunkEXN2TFDJjs.__privateAdd.call(void 0, this, _rollbackSnapshots, void 0);
@@ -422,6 +460,8 @@ var SnapController = class extends _basecontroller.BaseController {
     this.maxRequestTime = maxRequestTime;
     _chunkEXN2TFDJjs.__privateSet.call(void 0, this, _maxInitTime, maxInitTime);
     _chunkEXN2TFDJjs.__privateSet.call(void 0, this, _detectSnapLocation, detectSnapLocationFunction);
+    _chunkEXN2TFDJjs.__privateSet.call(void 0, this, _encryptor, encryptor);
+    _chunkEXN2TFDJjs.__privateSet.call(void 0, this, _getMnemonic, getMnemonic);
     this._onUnhandledSnapError = this._onUnhandledSnapError.bind(this);
     this._onOutboundRequest = this._onOutboundRequest.bind(this);
     this._onOutboundResponse = this._onOutboundResponse.bind(this);
@@ -674,14 +714,17 @@ var SnapController = class extends _basecontroller.BaseController {
    * @param newSnapState - The new state of the snap.
    * @param encrypted - A flag to indicate whether to use encrypted storage or not.
    */
-  updateSnapState(snapId, newSnapState, encrypted) {
-    this.update((state) => {
-      if (encrypted) {
-        state.snapStates[snapId] = newSnapState;
-      } else {
-        state.unencryptedSnapStates[snapId] = newSnapState;
-      }
-    });
+  async updateSnapState(snapId, newSnapState, encrypted) {
+    if (encrypted) {
+      const encryptedState = await _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _encryptSnapState, encryptSnapState_fn).call(this, snapId, newSnapState);
+      this.update((state) => {
+        state.snapStates[snapId] = encryptedState;
+      });
+    } else {
+      this.update((state) => {
+        state.unencryptedSnapStates[snapId] = JSON.stringify(newSnapState);
+      });
+    }
   }
   /**
    * Clears the state of the snap with the given id.
@@ -707,9 +750,16 @@ var SnapController = class extends _basecontroller.BaseController {
    * @param encrypted - A flag to indicate whether to use encrypted storage or not.
    * @returns The requested snap state or null if no state exists.
    */
-  getSnapState(snapId, encrypted) {
+  async getSnapState(snapId, encrypted) {
     const state = encrypted ? this.state.snapStates[snapId] : this.state.unencryptedSnapStates[snapId];
-    return state ?? null;
+    if (state === null) {
+      return state;
+    }
+    if (!encrypted) {
+      return _snapsutils.parseJson.call(void 0, state);
+    }
+    const decrypted = await _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _decryptSnapState, decryptSnapState_fn).call(this, snapId, state);
+    return decrypted;
   }
   /**
    * Gets a static auxiliary snap file in a chosen file encoding.
@@ -784,6 +834,7 @@ var SnapController = class extends _basecontroller.BaseController {
         this.update((state) => {
           delete state.snaps[snapId];
           delete state.snapStates[snapId];
+          delete state.unencryptedSnapStates[snapId];
         });
         if (snap.status !== _snapsutils.SnapStatus.Installing) {
           this.messagingSystem.publish(
@@ -1136,6 +1187,7 @@ var SnapController = class extends _basecontroller.BaseController {
       _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _validateSnapPermissions, validateSnapPermissions_fn).call(this, processedPermissions);
       const { newPermissions, unusedPermissions, approvedPermissions } = _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _calculatePermissionsChange, calculatePermissionsChange_fn).call(this, snapId, processedPermissions);
       _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _updateApproval, updateApproval_fn).call(this, pendingApproval.id, {
+        connections: manifest.initialConnections ?? {},
         permissions: newPermissions,
         newVersion: manifest.version,
         newPermissions,
@@ -1240,12 +1292,13 @@ var SnapController = class extends _basecontroller.BaseController {
     _chunkNXZVKBSVjs.log.call(void 0, `Authorizing snap: ${snapId}`);
     const snapsState = this.state.snaps;
     const snap = snapsState[snapId];
-    const { initialPermissions } = snap;
+    const { initialPermissions, initialConnections } = snap;
     try {
       const processedPermissions = _snapsrpcmethods.processSnapPermissions.call(void 0, initialPermissions);
       _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _validateSnapPermissions, validateSnapPermissions_fn).call(this, processedPermissions);
       _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _updateApproval, updateApproval_fn).call(this, pendingApproval.id, {
         loading: false,
+        connections: initialConnections ?? {},
         permissions: processedPermissions
       });
       const { permissions: approvedPermissions, ...requestData } = await pendingApproval.promise;
@@ -1358,6 +1411,8 @@ _fetchFunction = new WeakMap();
 _idleTimeCheckInterval = new WeakMap();
 _maxIdleTime = new WeakMap();
 _maxInitTime = new WeakMap();
+_encryptor = new WeakMap();
+_getMnemonic = new WeakMap();
 _detectSnapLocation = new WeakMap();
 _snapsRuntimeData = new WeakMap();
 _rollbackSnapshots = new WeakMap();
@@ -1429,7 +1484,7 @@ registerMessageHandlers_fn = function() {
   );
   this.messagingSystem.registerActionHandler(
     `${controllerName}:getSnapState`,
-    (...args) => this.getSnapState(...args)
+    async (...args) => this.getSnapState(...args)
   );
   this.messagingSystem.registerActionHandler(
     `${controllerName}:handleRequest`,
@@ -1445,7 +1500,7 @@ registerMessageHandlers_fn = function() {
   );
   this.messagingSystem.registerActionHandler(
     `${controllerName}:updateSnapState`,
-    (...args) => this.updateSnapState(...args)
+    async (...args) => this.updateSnapState(...args)
   );
   this.messagingSystem.registerActionHandler(
     `${controllerName}:enable`,
@@ -1648,6 +1703,70 @@ terminateSnap_fn = async function(snapId) {
     this.getTruncatedExpect(snapId)
   );
 };
+_getSnapEncryptionKey = new WeakSet();
+getSnapEncryptionKey_fn = async function({
+  snapId,
+  salt,
+  useCache,
+  keyMetadata
+}) {
+  const runtime = _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _getRuntimeExpect, getRuntimeExpect_fn).call(this, snapId);
+  if (runtime.encryptionKey && useCache) {
+    return _chunkEXN2TFDJjs.__privateGet.call(void 0, this, _encryptor).importKey(runtime.encryptionKey);
+  }
+  const mnemonicPhrase = await _chunkEXN2TFDJjs.__privateGet.call(void 0, this, _getMnemonic).call(this);
+  const entropy = await _snapsrpcmethods.getEncryptionEntropy.call(void 0, { snapId, mnemonicPhrase });
+  const encryptionKey = await _chunkEXN2TFDJjs.__privateGet.call(void 0, this, _encryptor).keyFromPassword(
+    entropy,
+    salt,
+    true,
+    keyMetadata
+  );
+  const exportedKey = await _chunkEXN2TFDJjs.__privateGet.call(void 0, this, _encryptor).exportKey(encryptionKey);
+  if (useCache) {
+    runtime.encryptionKey = exportedKey;
+  }
+  return encryptionKey;
+};
+_decryptSnapState = new WeakSet();
+decryptSnapState_fn = async function(snapId, state) {
+  try {
+    const parsed = _snapsutils.parseJson.call(void 0, state);
+    const { salt, keyMetadata } = parsed;
+    const useCache = _chunkEXN2TFDJjs.__privateGet.call(void 0, this, _encryptor).isVaultUpdated(state);
+    const encryptionKey = await _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _getSnapEncryptionKey, getSnapEncryptionKey_fn).call(this, {
+      snapId,
+      salt,
+      useCache,
+      keyMetadata
+    });
+    const decryptedState = await _chunkEXN2TFDJjs.__privateGet.call(void 0, this, _encryptor).decryptWithKey(
+      encryptionKey,
+      parsed
+    );
+    _utils.assert.call(void 0, _utils.isValidJson.call(void 0, decryptedState));
+    return decryptedState;
+  } catch {
+    throw _rpcerrors.rpcErrors.internal({
+      message: "Failed to decrypt snap state, the state must be corrupted."
+    });
+  }
+};
+_encryptSnapState = new WeakSet();
+encryptSnapState_fn = async function(snapId, state) {
+  const salt = _chunkEXN2TFDJjs.__privateGet.call(void 0, this, _encryptor).generateSalt();
+  const encryptionKey = await _chunkEXN2TFDJjs.__privateMethod.call(void 0, this, _getSnapEncryptionKey, getSnapEncryptionKey_fn).call(this, {
+    snapId,
+    salt,
+    useCache: true
+  });
+  const encryptedState = await _chunkEXN2TFDJjs.__privateGet.call(void 0, this, _encryptor).encryptWithKey(
+    encryptionKey,
+    state
+  );
+  encryptedState.salt = salt;
+  return JSON.stringify(encryptedState);
+};
 _handleInitialConnections = new WeakSet();
 handleInitialConnections_fn = function(snapId, previousInitialConnections, initialConnections) {
   if (previousInitialConnections) {
@@ -1913,6 +2032,7 @@ set_fn = function(args) {
     removable,
     preinstalled,
     id: snapId,
+    initialConnections: manifest.result.initialConnections,
     initialPermissions: manifest.result.initialPermissions,
     manifest: manifest.result,
     status: _chunkEXN2TFDJjs.__privateGet.call(void 0, this, _statusMachine).config.initial,
@@ -2222,6 +2342,7 @@ setupRuntime_fn = function(snapId) {
     lastRequest: null,
     rpcHandler: null,
     installPromise: null,
+    encryptionKey: null,
     activeReferences: 0,
     pendingInboundRequests: [],
     pendingOutboundRequests: 0,
@@ -2301,4 +2422,4 @@ callLifecycleHook_fn = async function(snapId, handler) {
 
 
 exports.controllerName = controllerName; exports.SNAP_APPROVAL_INSTALL = SNAP_APPROVAL_INSTALL; exports.SNAP_APPROVAL_UPDATE = SNAP_APPROVAL_UPDATE; exports.SNAP_APPROVAL_RESULT = SNAP_APPROVAL_RESULT; exports.SnapController = SnapController;
-//# sourceMappingURL=chunk-APQVOL5T.js.map
+//# sourceMappingURL=chunk-MIYZN7HG.js.map