npm - @metamask/snaps-controllers - Versions diffs - 9.7.0 → 9.9.0 - Mend

@metamask/snaps-controllers 9.7.0 → 9.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (90) hide show

package/CHANGELOG.md +142 -1
package/dist/cronjob/CronjobController.cjs +21 -34
package/dist/cronjob/CronjobController.cjs.map +1 -1
package/dist/cronjob/CronjobController.mjs +21 -34
package/dist/cronjob/CronjobController.mjs.map +1 -1
package/dist/insights/SnapInsightsController.cjs +194 -144
package/dist/insights/SnapInsightsController.cjs.map +1 -1
package/dist/insights/SnapInsightsController.mjs +193 -143
package/dist/insights/SnapInsightsController.mjs.map +1 -1
package/dist/interface/SnapInterfaceController.cjs +90 -65
package/dist/interface/SnapInterfaceController.cjs.map +1 -1
package/dist/interface/SnapInterfaceController.d.cts +2 -1
package/dist/interface/SnapInterfaceController.d.cts.map +1 -1
package/dist/interface/SnapInterfaceController.d.mts +2 -1
package/dist/interface/SnapInterfaceController.d.mts.map +1 -1
package/dist/interface/SnapInterfaceController.mjs +90 -65
package/dist/interface/SnapInterfaceController.mjs.map +1 -1
package/dist/services/AbstractExecutionService.cjs +71 -77
package/dist/services/AbstractExecutionService.cjs.map +1 -1
package/dist/services/AbstractExecutionService.mjs +71 -77
package/dist/services/AbstractExecutionService.mjs.map +1 -1
package/dist/services/ProxyPostMessageStream.cjs +19 -26
package/dist/services/ProxyPostMessageStream.cjs.map +1 -1
package/dist/services/ProxyPostMessageStream.mjs +19 -26
package/dist/services/ProxyPostMessageStream.mjs.map +1 -1
package/dist/services/iframe/IframeExecutionService.cjs +1 -0
package/dist/services/iframe/IframeExecutionService.cjs.map +1 -1
package/dist/services/iframe/IframeExecutionService.mjs +1 -0
package/dist/services/iframe/IframeExecutionService.mjs.map +1 -1
package/dist/services/offscreen/OffscreenExecutionService.cjs +3 -16
package/dist/services/offscreen/OffscreenExecutionService.cjs.map +1 -1
package/dist/services/offscreen/OffscreenExecutionService.mjs +3 -16
package/dist/services/offscreen/OffscreenExecutionService.mjs.map +1 -1
package/dist/services/proxy/ProxyExecutionService.cjs +4 -17
package/dist/services/proxy/ProxyExecutionService.cjs.map +1 -1
package/dist/services/proxy/ProxyExecutionService.mjs +4 -17
package/dist/services/proxy/ProxyExecutionService.mjs.map +1 -1
package/dist/services/webview/WebViewExecutionService.cjs +9 -23
package/dist/services/webview/WebViewExecutionService.cjs.map +1 -1
package/dist/services/webview/WebViewExecutionService.mjs +9 -23
package/dist/services/webview/WebViewExecutionService.mjs.map +1 -1
package/dist/services/webview/WebViewMessageStream.cjs +12 -25
package/dist/services/webview/WebViewMessageStream.cjs.map +1 -1
package/dist/services/webview/WebViewMessageStream.d.cts +1 -2
package/dist/services/webview/WebViewMessageStream.d.cts.map +1 -1
package/dist/services/webview/WebViewMessageStream.d.mts +1 -2
package/dist/services/webview/WebViewMessageStream.d.mts.map +1 -1
package/dist/services/webview/WebViewMessageStream.mjs +12 -25
package/dist/services/webview/WebViewMessageStream.mjs.map +1 -1
package/dist/services/webview/index.cjs +1 -0
package/dist/services/webview/index.cjs.map +1 -1
package/dist/services/webview/index.d.cts +1 -0
package/dist/services/webview/index.d.cts.map +1 -1
package/dist/services/webview/index.d.mts +1 -0
package/dist/services/webview/index.d.mts.map +1 -1
package/dist/services/webview/index.mjs +1 -0
package/dist/services/webview/index.mjs.map +1 -1
package/dist/services/webworker/WebWorkerExecutionService.cjs +10 -23
package/dist/services/webworker/WebWorkerExecutionService.cjs.map +1 -1
package/dist/services/webworker/WebWorkerExecutionService.mjs +10 -23
package/dist/services/webworker/WebWorkerExecutionService.mjs.map +1 -1
package/dist/snaps/RequestQueue.cjs +2 -0
package/dist/snaps/RequestQueue.cjs.map +1 -1
package/dist/snaps/RequestQueue.mjs +2 -0
package/dist/snaps/RequestQueue.mjs.map +1 -1
package/dist/snaps/SnapController.cjs +1141 -1001
package/dist/snaps/SnapController.cjs.map +1 -1
package/dist/snaps/SnapController.mjs +1140 -1000
package/dist/snaps/SnapController.mjs.map +1 -1
package/dist/snaps/Timer.cjs +1 -0
package/dist/snaps/Timer.cjs.map +1 -1
package/dist/snaps/Timer.mjs +1 -0
package/dist/snaps/Timer.mjs.map +1 -1
package/dist/snaps/location/http.cjs +11 -7
package/dist/snaps/location/http.cjs.map +1 -1
package/dist/snaps/location/http.mjs +11 -7
package/dist/snaps/location/http.mjs.map +1 -1
package/dist/snaps/location/local.cjs +4 -17
package/dist/snaps/location/local.cjs.map +1 -1
package/dist/snaps/location/local.mjs +4 -17
package/dist/snaps/location/local.mjs.map +1 -1
package/dist/snaps/location/npm.cjs +25 -37
package/dist/snaps/location/npm.cjs.map +1 -1
package/dist/snaps/location/npm.mjs +25 -37
package/dist/snaps/location/npm.mjs.map +1 -1
package/dist/snaps/registry/json.cjs +172 -173
package/dist/snaps/registry/json.cjs.map +1 -1
package/dist/snaps/registry/json.mjs +171 -172
package/dist/snaps/registry/json.mjs.map +1 -1
package/package.json +38 -23

package/dist/snaps/SnapController.mjs CHANGED Viewed

@@ -1,15 +1,3 @@
-var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
-    if (kind === "m") throw new TypeError("Private method is not writable");
-    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
-    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
-    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
-};
-var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
-    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
-    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
-    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
-};
-var _SnapController_instances, _SnapController_closeAllConnections, _SnapController_dynamicPermissions, _SnapController_environmentEndowmentPermissions, _SnapController_excludedPermissions, _SnapController_featureFlags, _SnapController_fetchFunction, _SnapController_idleTimeCheckInterval, _SnapController_maxIdleTime, _SnapController_encryptor, _SnapController_getMnemonic, _SnapController_getFeatureFlags, _SnapController_detectSnapLocation, _SnapController_snapsRuntimeData, _SnapController_rollbackSnapshots, _SnapController_timeoutForLastRequestStatus, _SnapController_statusMachine, _SnapController_preinstalledSnaps, _SnapController_initializeStateMachine, _SnapController_registerMessageHandlers, _SnapController_handlePreinstalledSnaps, _SnapController_pollForLastRequestStatus, _SnapController_blockSnap, _SnapController_unblockSnap, _SnapController_assertIsInstallAllowed, _SnapController_assertCanInstallSnaps, _SnapController_assertCanUsePlatform, _SnapController_stopSnapsLastRequestPastMax, _SnapController_transition, _SnapController_terminateSnap, _SnapController_getSnapEncryptionKey, _SnapController_decryptSnapState, _SnapController_encryptSnapState, _SnapController_handleInitialConnections, _SnapController_addSnapToSubject, _SnapController_removeSnapFromSubjects, _SnapController_revokeAllSnapPermissions, _SnapController_createApproval, _SnapController_updateApproval, _SnapController_resolveAllowlistVersion, _SnapController_add, _SnapController_startSnap, _SnapController_getEndowments, _SnapController_set, _SnapController_validateSnapPermissions, _SnapController_getExecutionTimeout, _SnapController_getRpcRequestHandler, _SnapController_createInterface, _SnapController_assertInterfaceExists, _SnapController_transformSnapRpcRequestResult, _SnapController_assertSnapRpcRequestResult, _SnapController_recordSnapRpcRequestStart, _SnapController_recordSnapRpcRequestFinish, _SnapController_getRollbackSnapshot, _SnapController_createRollbackSnapshot, _SnapController_rollbackSnap, _SnapController_rollbackSnaps, _SnapController_getRuntime, _SnapController_getRuntimeExpect, _SnapController_setupRuntime, _SnapController_calculatePermissionsChange, _SnapController_isSubjectConnectedToSnap, _SnapController_calculateConnectionsChange, _SnapController_updatePermissions, _SnapController_isValidUpdate, _SnapController_callLifecycleHook;
 import { BaseController } from "@metamask/base-controller";
 import { SubjectType } from "@metamask/permission-controller";
 import { rpcErrors } from "@metamask/rpc-errors";
@@ -68,6 +56,25 @@ const name = 'SnapController';
  * - Start: Initializes the snap in its SES realm with the authorized permissions.
  */
 export class SnapController extends BaseController {
+    #closeAllConnections;
+    #dynamicPermissions;
+    #environmentEndowmentPermissions;
+    #excludedPermissions;
+    #featureFlags;
+    #fetchFunction;
+    #idleTimeCheckInterval;
+    #maxIdleTime;
+    // This property cannot be hash private yet because of tests.
+    maxRequestTime;
+    #encryptor;
+    #getMnemonic;
+    #getFeatureFlags;
+    #detectSnapLocation;
+    #snapsRuntimeData;
+    #rollbackSnapshots;
+    #timeoutForLastRequestStatus;
+    #statusMachine;
+    #preinstalledSnaps;
     constructor({ closeAllConnections, messenger, state, dynamicPermissions = ['eth_accounts'], environmentEndowmentPermissions = [], excludedPermissions = {}, idleTimeCheckInterval = inMilliseconds(5, Duration.Second), maxIdleTime = inMilliseconds(30, Duration.Second), maxRequestTime = inMilliseconds(60, Duration.Second), fetchFunction = globalThis.fetch.bind(undefined), featureFlags = {}, detectSnapLocation: detectSnapLocationFunction = detectSnapLocation, preinstalledSnaps = null, encryptor, getMnemonic, getFeatureFlags = () => ({}), }) {
         super({
             messenger,
@@ -107,65 +114,202 @@ export class SnapController extends BaseController {
                 ...state,
             },
         });
-        _SnapController_instances.add(this);
-        _SnapController_closeAllConnections.set(this, void 0);
-        _SnapController_dynamicPermissions.set(this, void 0);
-        _SnapController_environmentEndowmentPermissions.set(this, void 0);
-        _SnapController_excludedPermissions.set(this, void 0);
-        _SnapController_featureFlags.set(this, void 0);
-        _SnapController_fetchFunction.set(this, void 0);
-        _SnapController_idleTimeCheckInterval.set(this, void 0);
-        _SnapController_maxIdleTime.set(this, void 0);
-        _SnapController_encryptor.set(this, void 0);
-        _SnapController_getMnemonic.set(this, void 0);
-        _SnapController_getFeatureFlags.set(this, void 0);
-        _SnapController_detectSnapLocation.set(this, void 0);
-        _SnapController_snapsRuntimeData.set(this, void 0);
-        _SnapController_rollbackSnapshots.set(this, void 0);
-        _SnapController_timeoutForLastRequestStatus.set(this, void 0);
-        _SnapController_statusMachine.set(this, void 0);
-        _SnapController_preinstalledSnaps.set(this, void 0);
-        __classPrivateFieldSet(this, _SnapController_closeAllConnections, closeAllConnections, "f");
-        __classPrivateFieldSet(this, _SnapController_dynamicPermissions, dynamicPermissions, "f");
-        __classPrivateFieldSet(this, _SnapController_environmentEndowmentPermissions, environmentEndowmentPermissions, "f");
-        __classPrivateFieldSet(this, _SnapController_excludedPermissions, excludedPermissions, "f");
-        __classPrivateFieldSet(this, _SnapController_featureFlags, featureFlags, "f");
-        __classPrivateFieldSet(this, _SnapController_fetchFunction, fetchFunction, "f");
-        __classPrivateFieldSet(this, _SnapController_idleTimeCheckInterval, idleTimeCheckInterval, "f");
-        __classPrivateFieldSet(this, _SnapController_maxIdleTime, maxIdleTime, "f");
+        this.#closeAllConnections = closeAllConnections;
+        this.#dynamicPermissions = dynamicPermissions;
+        this.#environmentEndowmentPermissions = environmentEndowmentPermissions;
+        this.#excludedPermissions = excludedPermissions;
+        this.#featureFlags = featureFlags;
+        this.#fetchFunction = fetchFunction;
+        this.#idleTimeCheckInterval = idleTimeCheckInterval;
+        this.#maxIdleTime = maxIdleTime;
         this.maxRequestTime = maxRequestTime;
-        __classPrivateFieldSet(this, _SnapController_detectSnapLocation, detectSnapLocationFunction, "f");
-        __classPrivateFieldSet(this, _SnapController_encryptor, encryptor, "f");
-        __classPrivateFieldSet(this, _SnapController_getMnemonic, getMnemonic, "f");
-        __classPrivateFieldSet(this, _SnapController_getFeatureFlags, getFeatureFlags, "f");
-        __classPrivateFieldSet(this, _SnapController_preinstalledSnaps, preinstalledSnaps, "f");
+        this.#detectSnapLocation = detectSnapLocationFunction;
+        this.#encryptor = encryptor;
+        this.#getMnemonic = getMnemonic;
+        this.#getFeatureFlags = getFeatureFlags;
+        this.#preinstalledSnaps = preinstalledSnaps;
         this._onUnhandledSnapError = this._onUnhandledSnapError.bind(this);
         this._onOutboundRequest = this._onOutboundRequest.bind(this);
         this._onOutboundResponse = this._onOutboundResponse.bind(this);
-        __classPrivateFieldSet(this, _SnapController_rollbackSnapshots, new Map(), "f");
-        __classPrivateFieldSet(this, _SnapController_snapsRuntimeData, new Map(), "f");
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_pollForLastRequestStatus).call(this);
+        this.#rollbackSnapshots = new Map();
+        this.#snapsRuntimeData = new Map();
+        this.#pollForLastRequestStatus();
         /* eslint-disable @typescript-eslint/unbound-method */
         this.messagingSystem.subscribe('ExecutionService:unhandledError', this._onUnhandledSnapError);
         this.messagingSystem.subscribe('ExecutionService:outboundRequest', this._onOutboundRequest);
         this.messagingSystem.subscribe('ExecutionService:outboundResponse', this._onOutboundResponse);
         /* eslint-enable @typescript-eslint/unbound-method */
         this.messagingSystem.subscribe('SnapController:snapInstalled', ({ id }, origin) => {
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_callLifecycleHook).call(this, origin, id, HandlerType.OnInstall).catch((error) => {
+            this.#callLifecycleHook(origin, id, HandlerType.OnInstall).catch((error) => {
                 logError(`Error when calling \`onInstall\` lifecycle hook for snap "${id}": ${getErrorMessage(error)}`);
             });
         });
         this.messagingSystem.subscribe('SnapController:snapUpdated', ({ id }, _oldVersion, origin) => {
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_callLifecycleHook).call(this, origin, id, HandlerType.OnUpdate).catch((error) => {
+            this.#callLifecycleHook(origin, id, HandlerType.OnUpdate).catch((error) => {
                 logError(`Error when calling \`onUpdate\` lifecycle hook for snap "${id}": ${getErrorMessage(error)}`);
             });
         });
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_initializeStateMachine).call(this);
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_registerMessageHandlers).call(this);
-        if (__classPrivateFieldGet(this, _SnapController_preinstalledSnaps, "f")) {
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_handlePreinstalledSnaps).call(this, __classPrivateFieldGet(this, _SnapController_preinstalledSnaps, "f"));
+        this.#initializeStateMachine();
+        this.#registerMessageHandlers();
+        if (this.#preinstalledSnaps) {
+            this.#handlePreinstalledSnaps(this.#preinstalledSnaps);
+        }
+        Object.values(this.state?.snaps ?? {}).forEach((snap) => this.#setupRuntime(snap.id));
+    }
+    /**
+     * We track status of a Snap using a finite-state-machine.
+     * It keeps track of whether the snap is started / stopped / etc.
+     *
+     * @see {@link SnapController.transition} for interacting with the machine.
+     */
+    // We initialize the machine in the instance because the status is currently tightly coupled
+    // with the SnapController - the guard checks for enabled status inside the SnapController state.
+    // In the future, side-effects could be added to the machine during transitions.
+    #initializeStateMachine() {
+        const disableGuard = ({ snapId }) => {
+            return this.getExpect(snapId).enabled;
+        };
+        const statusConfig = {
+            initial: SnapStatus.Installing,
+            states: {
+                [SnapStatus.Installing]: {
+                    on: {
+                        [SnapStatusEvents.Start]: {
+                            target: SnapStatus.Running,
+                            cond: disableGuard,
+                        },
+                    },
+                },
+                [SnapStatus.Updating]: {
+                    on: {
+                        [SnapStatusEvents.Start]: {
+                            target: SnapStatus.Running,
+                            cond: disableGuard,
+                        },
+                        [SnapStatusEvents.Stop]: SnapStatus.Stopped,
+                    },
+                },
+                [SnapStatus.Running]: {
+                    on: {
+                        [SnapStatusEvents.Stop]: SnapStatus.Stopped,
+                        [SnapStatusEvents.Crash]: SnapStatus.Crashed,
+                    },
+                },
+                [SnapStatus.Stopped]: {
+                    on: {
+                        [SnapStatusEvents.Start]: {
+                            target: SnapStatus.Running,
+                            cond: disableGuard,
+                        },
+                        [SnapStatusEvents.Update]: SnapStatus.Updating,
+                    },
+                },
+                [SnapStatus.Crashed]: {
+                    on: {
+                        [SnapStatusEvents.Start]: {
+                            target: SnapStatus.Running,
+                            cond: disableGuard,
+                        },
+                        [SnapStatusEvents.Update]: SnapStatus.Updating,
+                    },
+                },
+            },
+        };
+        this.#statusMachine = createMachine(statusConfig);
+        validateMachine(this.#statusMachine);
+    }
+    /**
+     * Constructor helper for registering the controller's messaging system
+     * actions.
+     */
+    #registerMessageHandlers() {
+        this.messagingSystem.registerActionHandler(`${controllerName}:clearSnapState`, (...args) => this.clearSnapState(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:get`, (...args) => this.get(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:getSnapState`, async (...args) => this.getSnapState(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:handleRequest`, async (...args) => this.handleRequest(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:has`, (...args) => this.has(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:updateBlockedSnaps`, async () => this.updateBlockedSnaps());
+        this.messagingSystem.registerActionHandler(`${controllerName}:updateSnapState`, async (...args) => this.updateSnapState(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:enable`, (...args) => this.enableSnap(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:disable`, async (...args) => this.disableSnap(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:remove`, async (...args) => this.removeSnap(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:getPermitted`, (...args) => this.getPermittedSnaps(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:install`, async (...args) => this.installSnaps(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:getAll`, (...args) => this.getAllSnaps(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:incrementActiveReferences`, (...args) => this.incrementActiveReferences(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:decrementActiveReferences`, (...args) => this.decrementActiveReferences(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:getRegistryMetadata`, async (...args) => this.getRegistryMetadata(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:disconnectOrigin`, (...args) => this.removeSnapFromSubject(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:revokeDynamicPermissions`, (...args) => this.revokeDynamicSnapPermissions(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:getFile`, async (...args) => this.getSnapFile(...args));
+        this.messagingSystem.registerActionHandler(`${controllerName}:stopAllSnaps`, async (...args) => this.stopAllSnaps(...args));
+    }
+    #handlePreinstalledSnaps(preinstalledSnaps) {
+        for (const { snapId, manifest, files, removable, hidden, hideSnapBranding, } of preinstalledSnaps) {
+            const existingSnap = this.get(snapId);
+            const isAlreadyInstalled = existingSnap !== undefined;
+            const isUpdate = isAlreadyInstalled && gtVersion(manifest.version, existingSnap.version);
+            // Disallow downgrades and overwriting non preinstalled snaps
+            if (isAlreadyInstalled &&
+                (!isUpdate || existingSnap.preinstalled !== true)) {
+                continue;
+            }
+            const manifestFile = new VirtualFile({
+                path: NpmSnapFileNames.Manifest,
+                value: JSON.stringify(manifest),
+                result: manifest,
+            });
+            const virtualFiles = files.map(({ path, value }) => new VirtualFile({ value, path }));
+            const { filePath, iconPath } = manifest.source.location.npm;
+            const sourceCode = virtualFiles.find((file) => file.path === filePath);
+            const svgIcon = iconPath
+                ? virtualFiles.find((file) => file.path === iconPath)
+                : undefined;
+            assert(sourceCode, 'Source code not provided for preinstalled snap.');
+            assert(!iconPath || (iconPath && svgIcon), 'Icon not provided for preinstalled snap.');
+            assert(manifest.source.files === undefined, 'Auxiliary files are not currently supported for preinstalled snaps.');
+            const localizationFiles = manifest.source.locales?.map((path) => virtualFiles.find((file) => file.path === path)) ?? [];
+            const validatedLocalizationFiles = getValidatedLocalizationFiles(localizationFiles.filter(Boolean));
+            assert(localizationFiles.length === validatedLocalizationFiles.length, 'Missing localization files for preinstalled snap.');
+            const filesObject = {
+                manifest: manifestFile,
+                sourceCode,
+                svgIcon,
+                auxiliaryFiles: [],
+                localizationFiles: validatedLocalizationFiles,
+            };
+            // Add snap to the SnapController state
+            this.#set({
+                id: snapId,
+                origin: 'metamask',
+                files: filesObject,
+                removable,
+                hidden,
+                hideSnapBranding,
+                preinstalled: true,
+            });
+            // Setup permissions
+            const processedPermissions = processSnapPermissions(manifest.initialPermissions);
+            this.#validateSnapPermissions(processedPermissions);
+            const { newPermissions, unusedPermissions } = this.#calculatePermissionsChange(snapId, processedPermissions);
+            this.#updatePermissions({ snapId, newPermissions, unusedPermissions });
+            if (manifest.initialConnections) {
+                this.#handleInitialConnections(snapId, existingSnap?.initialConnections ?? null, manifest.initialConnections);
+            }
+            // Set status
+            this.update((state) => {
+                state.snaps[snapId].status = SnapStatus.Stopped;
+            });
         }
-        Object.values(this.state?.snaps ?? {}).forEach((snap) => __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_setupRuntime).call(this, snap.id));
+    }
+    #pollForLastRequestStatus() {
+        this.#timeoutForLastRequestStatus = setTimeout(() => {
+            this.#stopSnapsLastRequestPastMax().catch((error) => {
+                // TODO: Decide how to handle errors.
+                logError(error);
+            });
+            this.#pollForLastRequestStatus();
+        }, this.#idleTimeCheckInterval);
     }
     /**
      * Checks all installed snaps against the block list and
@@ -173,7 +317,7 @@ export class SnapController extends BaseController {
      * for more information.
      */
     async updateBlockedSnaps() {
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertCanUsePlatform).call(this);
+        this.#assertCanUsePlatform();
         await this.messagingSystem.call('SnapsRegistry:update');
         const blockedSnaps = await this.messagingSystem.call('SnapsRegistry:get', Object.values(this.state.snaps).reduce((blockListArg, snap) => {
             blockListArg[snap.id] = {
@@ -184,11 +328,91 @@ export class SnapController extends BaseController {
         }, {}));
         await Promise.all(Object.entries(blockedSnaps).map(async ([snapId, { status, reason }]) => {
             if (status === SnapsRegistryStatus.Blocked) {
-                return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_blockSnap).call(this, snapId, reason);
+                return this.#blockSnap(snapId, reason);
             }
-            return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_unblockSnap).call(this, snapId);
+            return this.#unblockSnap(snapId);
         }));
     }
+    /**
+     * Blocks an installed snap and prevents it from being started again. Emits
+     * {@link SnapBlocked}. Does nothing if the snap is not installed.
+     *
+     * @param snapId - The snap to block.
+     * @param blockedSnapInfo - Information detailing why the snap is blocked.
+     */
+    async #blockSnap(snapId, blockedSnapInfo) {
+        if (!this.has(snapId)) {
+            return;
+        }
+        try {
+            this.update((state) => {
+                state.snaps[snapId].blocked = true;
+                state.snaps[snapId].blockInformation = blockedSnapInfo;
+            });
+            await this.disableSnap(snapId);
+        }
+        catch (error) {
+            logError(`Encountered error when stopping blocked snap "${snapId}".`, error);
+        }
+        this.messagingSystem.publish(`${controllerName}:snapBlocked`, snapId, blockedSnapInfo);
+    }
+    /**
+     * Unblocks a snap so that it can be enabled and started again. Emits
+     * {@link SnapUnblocked}. Does nothing if the snap is not installed or already
+     * unblocked.
+     *
+     * @param snapId - The id of the snap to unblock.
+     */
+    #unblockSnap(snapId) {
+        if (!this.has(snapId) || !this.state.snaps[snapId].blocked) {
+            return;
+        }
+        this.update((state) => {
+            state.snaps[snapId].blocked = false;
+            delete state.snaps[snapId].blockInformation;
+        });
+        this.messagingSystem.publish(`${controllerName}:snapUnblocked`, snapId);
+    }
+    async #assertIsInstallAllowed(snapId, snapInfo) {
+        const results = await this.messagingSystem.call('SnapsRegistry:get', {
+            [snapId]: snapInfo,
+        });
+        const result = results[snapId];
+        if (result.status === SnapsRegistryStatus.Blocked) {
+            throw new Error(`Cannot install version "${snapInfo.version}" of snap "${snapId}": The version is blocked. ${result.reason?.explanation ?? ''}`);
+        }
+        const isAllowlistingRequired = Object.keys(snapInfo.permissions).some((permission) => !ALLOWED_PERMISSIONS.includes(permission));
+        if (this.#featureFlags.requireAllowlist &&
+            isAllowlistingRequired &&
+            result.status !== SnapsRegistryStatus.Verified) {
+            throw new Error(`Cannot install version "${snapInfo.version}" of snap "${snapId}": ${result.status === SnapsRegistryStatus.Unavailable
+                ? 'The registry is temporarily unavailable.'
+                : 'The snap is not on the allowlist.'}`);
+        }
+    }
+    /**
+     * Asserts whether new Snaps are allowed to be installed.
+     */
+    #assertCanInstallSnaps() {
+        assert(this.#featureFlags.disableSnapInstallation !== true, 'Installing Snaps is currently disabled in this version of MetaMask.');
+    }
+    /**
+     * Asserts whether the Snaps platform is allowed to run.
+     */
+    #assertCanUsePlatform() {
+        const flags = this.#getFeatureFlags();
+        assert(flags.disableSnaps !== true, 'The Snaps platform requires basic functionality to be used. Enable basic functionality in the settings to use the Snaps platform.');
+    }
+    async #stopSnapsLastRequestPastMax() {
+        const entries = [...this.#snapsRuntimeData.entries()];
+        return Promise.all(entries
+            .filter(([_snapId, runtime]) => runtime.activeReferences === 0 &&
+            runtime.pendingInboundRequests.length === 0 &&
+            runtime.lastRequest &&
+            this.#maxIdleTime &&
+            timeSince(runtime.lastRequest) > this.#maxIdleTime)
+            .map(async ([snapId]) => this.stopSnap(snapId, SnapStatusEvents.Stop)));
+    }
     _onUnhandledSnapError(snapId, _error) {
         this.stopSnap(snapId, SnapStatusEvents.Crash).catch((stopSnapError) => {
             // TODO: Decide how to handle errors.
@@ -196,7 +420,7 @@ export class SnapController extends BaseController {
         });
     }
     _onOutboundRequest(snapId) {
-        const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
+        const runtime = this.#getRuntimeExpect(snapId);
         // Ideally we would only pause the pending request that is making the outbound request
         // but right now we don't have a way to know which request initiated the outbound request
         runtime.pendingInboundRequests
@@ -205,7 +429,7 @@ export class SnapController extends BaseController {
         runtime.pendingOutboundRequests += 1;
     }
     _onOutboundResponse(snapId) {
-        const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
+        const runtime = this.#getRuntimeExpect(snapId);
         runtime.pendingOutboundRequests -= 1;
         if (runtime.pendingOutboundRequests === 0) {
             runtime.pendingInboundRequests
@@ -213,6 +437,25 @@ export class SnapController extends BaseController {
                 .forEach((pendingRequest) => pendingRequest.timer.resume());
         }
     }
+    /**
+     * Transitions between states using `snapStatusStateMachineConfig` as the template to figure out
+     * the next state. This transition function uses a very minimal subset of XState conventions:
+     * - supports initial state
+     * - .on supports raw event target string
+     * - .on supports {target, cond} object
+     * - the arguments for `cond` is the `SerializedSnap` instead of Xstate convention of `(event,
+     * context) => boolean`
+     *
+     * @param snapId - The id of the snap to transition.
+     * @param event - The event enum to use to transition.
+     */
+    #transition(snapId, event) {
+        const { interpreter } = this.#getRuntimeExpect(snapId);
+        interpreter.send(event);
+        this.update((state) => {
+            state.snaps[snapId].status = interpreter.state.value;
+        });
+    }
     /**
      * Starts the given snap. Throws an error if no such snap exists
      * or if it is already running.
@@ -220,12 +463,12 @@ export class SnapController extends BaseController {
      * @param snapId - The id of the Snap to start.
      */
     async startSnap(snapId) {
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertCanUsePlatform).call(this);
+        this.#assertCanUsePlatform();
         const snap = this.state.snaps[snapId];
         if (snap.enabled === false) {
             throw new Error(`Snap "${snapId}" is disabled.`);
         }
-        await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_startSnap).call(this, {
+        await this.#startSnap({
             snapId,
             sourceCode: snap.sourceCode,
         });
@@ -273,7 +516,7 @@ export class SnapController extends BaseController {
      * stopped.
      */
     async stopSnap(snapId, statusEvent = SnapStatusEvents.Stop) {
-        const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntime).call(this, snapId);
+        const runtime = this.#getRuntime(snapId);
         if (!runtime) {
             throw new Error(`The snap "${snapId}" is not running.`);
         }
@@ -286,8 +529,8 @@ export class SnapController extends BaseController {
         runtime.stopping = true;
         try {
             if (this.isRunning(snapId)) {
-                __classPrivateFieldGet(this, _SnapController_closeAllConnections, "f")?.call(this, snapId);
-                await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_terminateSnap).call(this, snapId);
+                this.#closeAllConnections?.(snapId);
+                await this.#terminateSnap(snapId);
             }
         }
         finally {
@@ -297,7 +540,7 @@ export class SnapController extends BaseController {
             runtime.pendingOutboundRequests = 0;
             runtime.stopping = false;
             if (this.isRunning(snapId)) {
-                __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_transition).call(this, snapId, statusEvent);
+                this.#transition(snapId, statusEvent);
             }
         }
     }
@@ -313,6 +556,24 @@ export class SnapController extends BaseController {
         const promises = snaps.map(async (snap) => this.stopSnap(snap.id, statusEvent));
         await Promise.allSettled(promises);
     }
+    /**
+     * Terminates the specified snap and emits the `snapTerminated` event.
+     *
+     * @param snapId - The snap to terminate.
+     */
+    async #terminateSnap(snapId) {
+        await this.messagingSystem.call('ExecutionService:terminateSnap', snapId);
+        // Hack to give up execution for a bit to let gracefully terminating Snaps return.
+        await new Promise((resolve) => setTimeout(resolve, 1));
+        const runtime = this.#getRuntimeExpect(snapId);
+        // Unresponsive requests may still be timed, time them out.
+        runtime.pendingInboundRequests
+            .filter((pendingRequest) => pendingRequest.timer.status !== 'finished')
+            .forEach((pendingRequest) => pendingRequest.timer.finish());
+        // Hack to give up execution for a bit to let timed out requests return.
+        await new Promise((resolve) => setTimeout(resolve, 1));
+        this.messagingSystem.publish('SnapController:snapTerminated', this.getTruncatedExpect(snapId));
+    }
     /**
      * Returns whether the given snap is running.
      * Throws an error if the snap doesn't exist.
@@ -380,6 +641,86 @@ export class SnapController extends BaseController {
     getTruncatedExpect(snapId) {
         return truncateSnap(this.getExpect(snapId));
     }
+    /**
+     * Generate an encryption key to be used for state encryption for a given Snap.
+     *
+     * @param options - An options bag.
+     * @param options.snapId - The Snap ID.
+     * @param options.salt - A salt to be used for the encryption key.
+     * @param options.useCache - Whether to use caching or not.
+     * @param options.keyMetadata - Optional metadata about how to derive the encryption key.
+     * @returns An encryption key.
+     */
+    async #getSnapEncryptionKey({ snapId, salt: passedSalt, useCache, keyMetadata, }) {
+        const runtime = this.#getRuntimeExpect(snapId);
+        if (runtime.encryptionKey && runtime.encryptionSalt && useCache) {
+            return {
+                key: await this.#encryptor.importKey(runtime.encryptionKey),
+                salt: runtime.encryptionSalt,
+            };
+        }
+        const salt = passedSalt ?? this.#encryptor.generateSalt();
+        const mnemonicPhrase = await this.#getMnemonic();
+        const entropy = await getEncryptionEntropy({ snapId, mnemonicPhrase });
+        const encryptionKey = await this.#encryptor.keyFromPassword(entropy, salt, true, keyMetadata);
+        const exportedKey = await this.#encryptor.exportKey(encryptionKey);
+        // Cache exported encryption key in runtime
+        if (useCache) {
+            runtime.encryptionKey = exportedKey;
+            runtime.encryptionSalt = salt;
+        }
+        return { key: encryptionKey, salt };
+    }
+    /**
+     * Decrypt the encrypted state for a given Snap.
+     *
+     * @param snapId - The Snap ID.
+     * @param state - The encrypted state as a string.
+     * @returns A valid JSON object derived from the encrypted state.
+     * @throws If the decryption fails or the decrypted state is not valid JSON.
+     */
+    async #decryptSnapState(snapId, state) {
+        try {
+            const parsed = parseJson(state);
+            const { salt, keyMetadata } = parsed;
+            const useCache = this.#encryptor.isVaultUpdated(state);
+            const { key } = await this.#getSnapEncryptionKey({
+                snapId,
+                salt,
+                useCache,
+                // When decrypting state we expect key metadata to be present.
+                // If it isn't present, we assume that the Snap state we are decrypting is old enough to use the legacy encryption params.
+                keyMetadata: keyMetadata ?? LEGACY_ENCRYPTION_KEY_DERIVATION_OPTIONS,
+            });
+            const decryptedState = await this.#encryptor.decryptWithKey(key, parsed);
+            assert(isValidJson(decryptedState));
+            return decryptedState;
+        }
+        catch {
+            throw rpcErrors.internal({
+                message: 'Failed to decrypt snap state, the state must be corrupted.',
+            });
+        }
+    }
+    /**
+     * Encrypt a JSON state object for a given Snap.
+     *
+     * Note: This function does not assert the validity of the object,
+     * please ensure only valid JSON is passed to it.
+     *
+     * @param snapId - The Snap ID.
+     * @param state - The state object.
+     * @returns A string containing the encrypted JSON object.
+     */
+    async #encryptSnapState(snapId, state) {
+        const { key, salt } = await this.#getSnapEncryptionKey({
+            snapId,
+            useCache: true,
+        });
+        const encryptedState = await this.#encryptor.encryptWithKey(key, state);
+        encryptedState.salt = salt;
+        return JSON.stringify(encryptedState);
+    }
     /**
      * Updates the own state of the snap with the given id.
      * This is distinct from the state MetaMask uses to manage snaps.
@@ -390,7 +731,7 @@ export class SnapController extends BaseController {
      */
     async updateSnapState(snapId, newSnapState, encrypted) {
         if (encrypted) {
-            const encryptedState = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_encryptSnapState).call(this, snapId, newSnapState);
+            const encryptedState = await this.#encryptSnapState(snapId, newSnapState);
             this.update((state) => {
                 state.snapStates[snapId] = encryptedState;
             });
@@ -436,7 +777,7 @@ export class SnapController extends BaseController {
         if (!encrypted) {
             return parseJson(state);
         }
-        const decrypted = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_decryptSnapState).call(this, snapId, state);
+        const decrypted = await this.#decryptSnapState(snapId, state);
         return decrypted;
     }
     /**
@@ -464,22 +805,22 @@ export class SnapController extends BaseController {
      */
     async clearState() {
         const snapIds = Object.keys(this.state.snaps);
-        if (__classPrivateFieldGet(this, _SnapController_closeAllConnections, "f")) {
+        if (this.#closeAllConnections) {
             snapIds.forEach((snapId) => {
-                __classPrivateFieldGet(this, _SnapController_closeAllConnections, "f")?.call(this, snapId);
+                this.#closeAllConnections?.(snapId);
             });
         }
         await this.messagingSystem.call('ExecutionService:terminateAllSnaps');
-        snapIds.forEach((snapId) => __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_revokeAllSnapPermissions).call(this, snapId));
+        snapIds.forEach((snapId) => this.#revokeAllSnapPermissions(snapId));
         this.update((state) => {
             state.snaps = {};
             state.snapStates = {};
         });
-        __classPrivateFieldGet(this, _SnapController_snapsRuntimeData, "f").clear();
+        this.#snapsRuntimeData.clear();
         // We want to remove all snaps & permissions, except for preinstalled snaps
-        if (__classPrivateFieldGet(this, _SnapController_preinstalledSnaps, "f")) {
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_handlePreinstalledSnaps).call(this, __classPrivateFieldGet(this, _SnapController_preinstalledSnaps, "f"));
-            Object.values(this.state?.snaps).forEach((snap) => __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_setupRuntime).call(this, snap.id));
+        if (this.#preinstalledSnaps) {
+            this.#handlePreinstalledSnaps(this.#preinstalledSnaps);
+            Object.values(this.state?.snaps).forEach((snap) => this.#setupRuntime(snap.id));
         }
     }
     /**
@@ -513,9 +854,9 @@ export class SnapController extends BaseController {
             // it. This ensures that the snap will not be restarted or otherwise
             // affect the host environment while we are deleting it.
             await this.disableSnap(snapId);
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_revokeAllSnapPermissions).call(this, snapId);
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_removeSnapFromSubjects).call(this, snapId);
-            __classPrivateFieldGet(this, _SnapController_snapsRuntimeData, "f").delete(snapId);
+            this.#revokeAllSnapPermissions(snapId);
+            this.#removeSnapFromSubjects(snapId);
+            this.#snapsRuntimeData.delete(snapId);
             this.update((state) => {
                 delete state.snaps[snapId];
                 delete state.snapStates[snapId];
@@ -527,6 +868,47 @@ export class SnapController extends BaseController {
             }
         }));
     }
+    #handleInitialConnections(snapId, previousInitialConnections, initialConnections) {
+        if (previousInitialConnections) {
+            const revokedInitialConnections = setDiff(previousInitialConnections, initialConnections);
+            for (const origin of Object.keys(revokedInitialConnections)) {
+                this.removeSnapFromSubject(origin, snapId);
+            }
+        }
+        for (const origin of Object.keys(initialConnections)) {
+            this.#addSnapToSubject(origin, snapId);
+        }
+    }
+    #addSnapToSubject(origin, snapId) {
+        const subjectPermissions = this.messagingSystem.call('PermissionController:getPermissions', origin);
+        const existingCaveat = subjectPermissions?.[WALLET_SNAP_PERMISSION_KEY]?.caveats?.find((caveat) => caveat.type === SnapCaveatType.SnapIds);
+        const subjectHasSnap = Boolean(existingCaveat?.value?.[snapId]);
+        // If the subject is already connected to the snap, this is a no-op.
+        if (subjectHasSnap) {
+            return;
+        }
+        // If an existing caveat exists, we add the snap to that.
+        if (existingCaveat) {
+            this.messagingSystem.call('PermissionController:updateCaveat', origin, WALLET_SNAP_PERMISSION_KEY, SnapCaveatType.SnapIds, { ...existingCaveat.value, [snapId]: {} });
+            return;
+        }
+        const approvedPermissions = {
+            [WALLET_SNAP_PERMISSION_KEY]: {
+                caveats: [
+                    {
+                        type: SnapCaveatType.SnapIds,
+                        value: {
+                            [snapId]: {},
+                        },
+                    },
+                ],
+            },
+        };
+        this.messagingSystem.call('PermissionController:grantPermissions', {
+            approvedPermissions,
+            subject: { origin },
+        });
+    }
     /**
      * Removes a snap's permission (caveat) from the specified subject.
      *
@@ -563,18 +945,39 @@ export class SnapController extends BaseController {
      * @throws If non-dynamic permissions are passed.
      */
     revokeDynamicSnapPermissions(snapId, permissionNames) {
-        assert(permissionNames.every((permissionName) => __classPrivateFieldGet(this, _SnapController_dynamicPermissions, "f").includes(permissionName)), 'Non-dynamic permissions cannot be revoked');
+        assert(permissionNames.every((permissionName) => this.#dynamicPermissions.includes(permissionName)), 'Non-dynamic permissions cannot be revoked');
         this.messagingSystem.call('PermissionController:revokePermissions', {
             [snapId]: permissionNames,
         });
     }
+    /**
+     * Removes a snap's permission (caveat) from all subjects.
+     *
+     * @param snapId - The id of the Snap.
+     */
+    #removeSnapFromSubjects(snapId) {
+        const subjects = this.messagingSystem.call('PermissionController:getSubjectNames');
+        for (const subject of subjects) {
+            this.removeSnapFromSubject(subject, snapId);
+        }
+    }
+    /**
+     * Safely revokes all permissions granted to a Snap.
+     *
+     * @param snapId - The snap ID.
+     */
+    #revokeAllSnapPermissions(snapId) {
+        if (this.messagingSystem.call('PermissionController:hasPermissions', snapId)) {
+            this.messagingSystem.call('PermissionController:revokeAllPermissions', snapId);
+        }
+    }
     /**
      * Handles incrementing the activeReferences counter.
      *
      * @param snapId - The snap id of the snap that was referenced.
      */
     incrementActiveReferences(snapId) {
-        const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
+        const runtime = this.#getRuntimeExpect(snapId);
         runtime.activeReferences += 1;
     }
     /**
@@ -583,7 +986,7 @@ export class SnapController extends BaseController {
      * @param snapId - The snap id of the snap that was referenced..
      */
     decrementActiveReferences(snapId) {
-        const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
+        const runtime = this.#getRuntimeExpect(snapId);
         assert(runtime.activeReferences > 0, 'SnapController reference management is in an invalid state.');
         runtime.activeReferences -= 1;
     }
@@ -624,7 +1027,7 @@ export class SnapController extends BaseController {
      * snap couldn't be installed.
      */
     async installSnaps(origin, requestedSnaps) {
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertCanUsePlatform).call(this);
+        this.#assertCanUsePlatform();
         const result = {};
         const snapIds = Object.keys(requestedSnaps);
         const pendingUpdates = [];
@@ -636,23 +1039,23 @@ export class SnapController extends BaseController {
                 if (error) {
                     throw rpcErrors.invalidParams(`The "version" field must be a valid SemVer version range if specified. Received: "${rawVersion}".`);
                 }
-                const location = __classPrivateFieldGet(this, _SnapController_detectSnapLocation, "f").call(this, snapId, {
+                const location = this.#detectSnapLocation(snapId, {
                     versionRange: version,
-                    fetch: __classPrivateFieldGet(this, _SnapController_fetchFunction, "f"),
-                    allowLocal: __classPrivateFieldGet(this, _SnapController_featureFlags, "f").allowLocalSnaps,
-                    resolveVersion: async (range) => __classPrivateFieldGet(this, _SnapController_featureFlags, "f").requireAllowlist
-                        ? await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_resolveAllowlistVersion).call(this, snapId, range)
+                    fetch: this.#fetchFunction,
+                    allowLocal: this.#featureFlags.allowLocalSnaps,
+                    resolveVersion: async (range) => this.#featureFlags.requireAllowlist
+                        ? await this.#resolveAllowlistVersion(snapId, range)
                         : range,
                 });
                 // Existing snaps may need to be updated, unless they should be re-installed (e.g. local snaps)
                 // Everything else is treated as an install
                 const isUpdate = this.has(snapId) && !location.shouldAlwaysReload;
-                if (isUpdate && __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_isValidUpdate).call(this, snapId, version)) {
+                if (isUpdate && this.#isValidUpdate(snapId, version)) {
                     const existingSnap = this.getExpect(snapId);
                     pendingUpdates.push({ snapId, oldVersion: existingSnap.version });
-                    let rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRollbackSnapshot).call(this, snapId);
+                    let rollbackSnapshot = this.#getRollbackSnapshot(snapId);
                     if (rollbackSnapshot === undefined) {
-                        rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_createRollbackSnapshot).call(this, snapId);
+                        rollbackSnapshot = this.#createRollbackSnapshot(snapId);
                         rollbackSnapshot.newVersion = version;
                     }
                     else {
@@ -667,16 +1070,16 @@ export class SnapController extends BaseController {
             // Once we finish all installs / updates, emit events.
             pendingInstalls.forEach((snapId) => this.messagingSystem.publish(`SnapController:snapInstalled`, this.getTruncatedExpect(snapId), origin));
             pendingUpdates.forEach(({ snapId, oldVersion }) => this.messagingSystem.publish(`SnapController:snapUpdated`, this.getTruncatedExpect(snapId), oldVersion, origin));
-            snapIds.forEach((snapId) => __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").delete(snapId));
+            snapIds.forEach((snapId) => this.#rollbackSnapshots.delete(snapId));
         }
         catch (error) {
             const installed = pendingInstalls.filter((snapId) => this.has(snapId));
             await this.removeSnaps(installed);
-            const snapshottedSnaps = [...__classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").keys()];
+            const snapshottedSnaps = [...this.#rollbackSnapshots.keys()];
             const snapsToRollback = pendingUpdates
                 .map(({ snapId }) => snapId)
                 .filter((snapId) => snapshottedSnaps.includes(snapId));
-            await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_rollbackSnaps).call(this, snapsToRollback);
+            await this.#rollbackSnaps(snapsToRollback);
             throw error;
         }
         return result;
@@ -706,8 +1109,8 @@ export class SnapController extends BaseController {
             // and we don't want to emit events prematurely.
             false);
         }
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertCanInstallSnaps).call(this);
-        let pendingApproval = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_createApproval).call(this, {
+        this.#assertCanInstallSnaps();
+        let pendingApproval = this.#createApproval({
             origin,
             snapId,
             type: SNAP_APPROVAL_INSTALL,
@@ -719,27 +1122,27 @@ export class SnapController extends BaseController {
         }
         // Existing snaps that should be re-installed should not maintain their existing permissions
         if (existingSnap && location.shouldAlwaysReload) {
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_revokeAllSnapPermissions).call(this, snapId);
+            this.#revokeAllSnapPermissions(snapId);
         }
         try {
-            const { sourceCode } = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_add).call(this, {
+            const { sourceCode } = await this.#add({
                 origin,
                 id: snapId,
                 location,
                 versionRange,
             });
             await this.authorize(snapId, pendingApproval);
-            pendingApproval = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_createApproval).call(this, {
+            pendingApproval = this.#createApproval({
                 origin,
                 snapId,
                 type: SNAP_APPROVAL_RESULT,
             });
-            await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_startSnap).call(this, {
+            await this.#startSnap({
                 snapId,
                 sourceCode,
             });
             const truncated = this.getTruncatedExpect(snapId);
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updateApproval).call(this, pendingApproval.id, {
+            this.#updateApproval(pendingApproval.id, {
                 loading: false,
                 type: SNAP_APPROVAL_INSTALL,
             });
@@ -748,7 +1151,7 @@ export class SnapController extends BaseController {
         catch (error) {
             logError(`Error when adding ${snapId}.`, error);
             const errorString = error instanceof Error ? error.message : error.toString();
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updateApproval).call(this, pendingApproval.id, {
+            this.#updateApproval(pendingApproval.id, {
                 loading: false,
                 type: SNAP_APPROVAL_INSTALL,
                 error: errorString,
@@ -757,6 +1160,34 @@ export class SnapController extends BaseController {
             throw error;
         }
     }
+    #createApproval({ origin, snapId, type, }) {
+        const id = nanoid();
+        const promise = this.messagingSystem.call('ApprovalController:addRequest', {
+            origin,
+            id,
+            type,
+            requestData: {
+                // Mirror previous installation metadata
+                metadata: { id, origin: snapId, dappOrigin: origin },
+                snapId,
+            },
+            requestState: {
+                loading: true,
+            },
+        }, true);
+        return { id, promise };
+    }
+    #updateApproval(id, requestState) {
+        try {
+            this.messagingSystem.call('ApprovalController:updateRequestState', {
+                id,
+                requestState,
+            });
+        }
+        catch {
+            // Do nothing
+        }
+    }
     /**
      * Updates an installed snap. The flow is similar to
      * {@link SnapController.installSnaps}. The user will be asked if they want
@@ -777,12 +1208,12 @@ export class SnapController extends BaseController {
      * @returns The snap metadata if updated, `null` otherwise.
      */
     async updateSnap(origin, snapId, location, newVersionRange = DEFAULT_REQUESTED_SNAP_VERSION, emitEvent = true) {
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertCanInstallSnaps).call(this);
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertCanUsePlatform).call(this);
+        this.#assertCanInstallSnaps();
+        this.#assertCanUsePlatform();
         if (!isValidSemVerRange(newVersionRange)) {
             throw new Error(`Received invalid snap version range: "${newVersionRange}".`);
         }
-        let pendingApproval = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_createApproval).call(this, {
+        let pendingApproval = this.#createApproval({
             origin,
             snapId,
             type: SNAP_APPROVAL_UPDATE,
@@ -801,16 +1232,16 @@ export class SnapController extends BaseController {
             if (!satisfiesVersionRange(newVersion, newVersionRange)) {
                 throw new Error(`Version mismatch. Manifest for "${snapId}" specifies version "${newVersion}" which doesn't satisfy requested version range "${newVersionRange}".`);
             }
-            await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertIsInstallAllowed).call(this, snapId, {
+            await this.#assertIsInstallAllowed(snapId, {
                 version: newVersion,
                 checksum: manifest.source.shasum,
                 permissions: manifest.initialPermissions,
             });
             const processedPermissions = processSnapPermissions(manifest.initialPermissions);
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_validateSnapPermissions).call(this, processedPermissions);
-            const { newPermissions, unusedPermissions, approvedPermissions } = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_calculatePermissionsChange).call(this, snapId, processedPermissions);
-            const { newConnections, unusedConnections, approvedConnections } = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_calculateConnectionsChange).call(this, snapId, oldManifest.initialConnections ?? {}, manifest.initialConnections ?? {});
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updateApproval).call(this, pendingApproval.id, {
+            this.#validateSnapPermissions(processedPermissions);
+            const { newPermissions, unusedPermissions, approvedPermissions } = this.#calculatePermissionsChange(snapId, processedPermissions);
+            const { newConnections, unusedConnections, approvedConnections } = this.#calculateConnectionsChange(snapId, oldManifest.initialConnections ?? {}, manifest.initialConnections ?? {});
+            this.#updateApproval(pendingApproval.id, {
                 permissions: newPermissions,
                 newVersion: manifest.version,
                 newPermissions,
@@ -822,7 +1253,7 @@ export class SnapController extends BaseController {
                 loading: false,
             });
             const { permissions: approvedNewPermissions, ...requestData } = (await pendingApproval.promise);
-            pendingApproval = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_createApproval).call(this, {
+            pendingApproval = this.#createApproval({
                 origin,
                 snapId,
                 type: SNAP_APPROVAL_RESULT,
@@ -830,23 +1261,23 @@ export class SnapController extends BaseController {
             if (this.isRunning(snapId)) {
                 await this.stopSnap(snapId, SnapStatusEvents.Stop);
             }
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_transition).call(this, snapId, SnapStatusEvents.Update);
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_set).call(this, {
+            this.#transition(snapId, SnapStatusEvents.Update);
+            this.#set({
                 origin,
                 id: snapId,
                 files: newSnap,
                 isUpdate: true,
             });
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updatePermissions).call(this, {
+            this.#updatePermissions({
                 snapId,
                 unusedPermissions,
                 newPermissions: approvedNewPermissions,
                 requestData,
             });
             if (manifest.initialConnections) {
-                __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_handleInitialConnections).call(this, snapId, oldManifest.initialConnections ?? null, manifest.initialConnections);
+                this.#handleInitialConnections(snapId, oldManifest.initialConnections ?? null, manifest.initialConnections);
             }
-            const rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRollbackSnapshot).call(this, snapId);
+            const rollbackSnapshot = this.#getRollbackSnapshot(snapId);
             if (rollbackSnapshot !== undefined) {
                 rollbackSnapshot.permissions.revoked = unusedPermissions;
                 rollbackSnapshot.permissions.granted = approvedNewPermissions;
@@ -855,7 +1286,7 @@ export class SnapController extends BaseController {
             const sourceCode = sourceCodeFile.toString();
             assert(typeof sourceCode === 'string' && sourceCode.length > 0, `Invalid source code for snap "${snapId}".`);
             try {
-                await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_startSnap).call(this, { snapId, sourceCode });
+                await this.#startSnap({ snapId, sourceCode });
             }
             catch {
                 throw new Error(`Snap ${snapId} crashed with updated source code.`);
@@ -864,7 +1295,7 @@ export class SnapController extends BaseController {
             if (emitEvent) {
                 this.messagingSystem.publish('SnapController:snapUpdated', truncatedSnap, snap.version, origin);
             }
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updateApproval).call(this, pendingApproval.id, {
+            this.#updateApproval(pendingApproval.id, {
                 loading: false,
                 type: SNAP_APPROVAL_UPDATE,
             });
@@ -873,7 +1304,7 @@ export class SnapController extends BaseController {
         catch (error) {
             logError(`Error when updating ${snapId},`, error);
             const errorString = error instanceof Error ? error.message : error.toString();
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updateApproval).call(this, pendingApproval.id, {
+            this.#updateApproval(pendingApproval.id, {
                 loading: false,
                 error: errorString,
                 type: SNAP_APPROVAL_UPDATE,
@@ -882,6 +1313,9 @@ export class SnapController extends BaseController {
             throw error;
         }
     }
+    async #resolveAllowlistVersion(snapId, versionRange) {
+        return await this.messagingSystem.call('SnapsRegistry:resolveVersion', snapId, versionRange);
+    }
     /**
      * Get metadata for the given snap ID.
      *
@@ -890,9 +1324,215 @@ export class SnapController extends BaseController {
      * verified.
      */
     async getRegistryMetadata(snapId) {
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertCanUsePlatform).call(this);
+        this.#assertCanUsePlatform();
         return await this.messagingSystem.call('SnapsRegistry:getMetadata', snapId);
     }
+    /**
+     * Returns a promise representing the complete installation of the requested snap.
+     * If the snap is already being installed, the previously pending promise will be returned.
+     *
+     * @param args - Object containing the snap id and either the URL of the snap's manifest,
+     * or the snap's manifest and source code. The object may also optionally contain a target
+     * version.
+     * @returns The resulting snap object.
+     */
+    async #add(args) {
+        const { id: snapId, location, versionRange } = args;
+        this.#setupRuntime(snapId);
+        const runtime = this.#getRuntimeExpect(snapId);
+        if (!runtime.installPromise) {
+            log(`Adding snap: ${snapId}`);
+            // If fetching and setting the snap succeeds, this property will be set
+            // to null in the authorize() method.
+            runtime.installPromise = (async () => {
+                const fetchedSnap = await fetchSnap(snapId, location);
+                const manifest = fetchedSnap.manifest.result;
+                if (!satisfiesVersionRange(manifest.version, versionRange)) {
+                    throw new Error(`Version mismatch. Manifest for "${snapId}" specifies version "${manifest.version}" which doesn't satisfy requested version range "${versionRange}".`);
+                }
+                await this.#assertIsInstallAllowed(snapId, {
+                    version: manifest.version,
+                    checksum: manifest.source.shasum,
+                    permissions: manifest.initialPermissions,
+                });
+                return this.#set({
+                    ...args,
+                    files: fetchedSnap,
+                    id: snapId,
+                });
+            })();
+        }
+        try {
+            return await runtime.installPromise;
+        }
+        catch (error) {
+            // Reset promise so users can retry installation in case the problem is
+            // temporary.
+            runtime.installPromise = null;
+            throw error;
+        }
+    }
+    async #startSnap(snapData) {
+        const { snapId } = snapData;
+        if (this.isRunning(snapId)) {
+            throw new Error(`Snap "${snapId}" is already started.`);
+        }
+        try {
+            const runtime = this.#getRuntimeExpect(snapId);
+            const result = await this.messagingSystem.call('ExecutionService:executeSnap', {
+                ...snapData,
+                endowments: await this.#getEndowments(snapId),
+            });
+            this.#transition(snapId, SnapStatusEvents.Start);
+            // We treat the initialization of the snap as the first request, for idle timing purposes.
+            runtime.lastRequest = Date.now();
+            return result;
+        }
+        catch (error) {
+            await this.#terminateSnap(snapId);
+            throw error;
+        }
+    }
+    /**
+     * Gets the names of all endowments that will be added to the Snap's
+     * Compartment when it executes. These should be the names of global
+     * JavaScript APIs accessible in the root realm of the execution environment.
+     *
+     * Throws an error if the endowment getter for a permission returns a truthy
+     * value that is not an array of strings.
+     *
+     * @param snapId - The id of the snap whose SES endowments to get.
+     * @returns An array of the names of the endowments.
+     */
+    async #getEndowments(snapId) {
+        let allEndowments = [];
+        for (const permissionName of this.#environmentEndowmentPermissions) {
+            if (this.messagingSystem.call('PermissionController:hasPermission', snapId, permissionName)) {
+                const endowments = await this.messagingSystem.call('PermissionController:getEndowments', snapId, permissionName);
+                if (endowments) {
+                    // We don't have any guarantees about the type of the endowments
+                    // value, so we have to guard at runtime.
+                    if (!Array.isArray(endowments) ||
+                        endowments.some((value) => typeof value !== 'string')) {
+                        throw new Error('Expected an array of string endowment names.');
+                    }
+                    allEndowments = allEndowments.concat(endowments);
+                }
+            }
+        }
+        const dedupedEndowments = [
+            ...new Set([...DEFAULT_ENDOWMENTS, ...allEndowments]),
+        ];
+        if (dedupedEndowments.length <
+            // This is a bug in TypeScript: https://github.com/microsoft/TypeScript/issues/48313
+            // eslint-disable-next-line @typescript-eslint/restrict-plus-operands
+            DEFAULT_ENDOWMENTS.length + allEndowments.length) {
+            logError(`Duplicate endowments found for ${snapId}. Default endowments should not be requested.`, allEndowments);
+        }
+        return dedupedEndowments;
+    }
+    /**
+     * Sets a snap in state. Called when a snap is installed or updated. Performs
+     * various validation checks on the received arguments, and will throw if
+     * validation fails.
+     *
+     * The snap will be enabled and unblocked by the time this method returns,
+     * regardless of its previous state.
+     *
+     * See {@link SnapController.add} and {@link SnapController.updateSnap} for
+     * usage.
+     *
+     * @param args - The add snap args.
+     * @returns The resulting snap object.
+     */
+    #set(args) {
+        const { id: snapId, origin, files, isUpdate = false, removable, preinstalled, hidden, hideSnapBranding, } = args;
+        const { manifest, sourceCode: sourceCodeFile, svgIcon, auxiliaryFiles: rawAuxiliaryFiles, localizationFiles, } = files;
+        assertIsSnapManifest(manifest.result);
+        const { version } = manifest.result;
+        const sourceCode = sourceCodeFile.toString();
+        assert(typeof sourceCode === 'string' && sourceCode.length > 0, `Invalid source code for snap "${snapId}".`);
+        const auxiliaryFiles = rawAuxiliaryFiles.map((file) => {
+            assert(typeof file.data.base64 === 'string');
+            return {
+                path: file.path,
+                value: file.data.base64,
+            };
+        });
+        const snapsState = this.state.snaps;
+        const existingSnap = snapsState[snapId];
+        const previousVersionHistory = existingSnap?.versionHistory ?? [];
+        const versionHistory = [
+            ...previousVersionHistory,
+            {
+                version,
+                date: Date.now(),
+                origin,
+            },
+        ];
+        const localizedFiles = localizationFiles.map((file) => file.result);
+        const snap = {
+            // Restore relevant snap state if it exists
+            ...existingSnap,
+            // Note that the snap will be unblocked and enabled, regardless of its
+            // previous state.
+            blocked: false,
+            enabled: true,
+            removable,
+            preinstalled,
+            hidden,
+            hideSnapBranding,
+            id: snapId,
+            initialConnections: manifest.result.initialConnections,
+            initialPermissions: manifest.result.initialPermissions,
+            manifest: manifest.result,
+            status: this.#statusMachine.config.initial,
+            sourceCode,
+            version,
+            versionHistory,
+            auxiliaryFiles,
+            localizationFiles: localizedFiles,
+        };
+        // If the snap was blocked, it isn't any longer
+        delete snap.blockInformation;
+        // store the snap back in state
+        const { inversePatches } = this.update((state) => {
+            state.snaps[snapId] = snap;
+        });
+        // checking for isUpdate here as this function is also used in
+        // the install flow, we do not care to create snapshots for installs
+        if (isUpdate) {
+            const rollbackSnapshot = this.#getRollbackSnapshot(snapId);
+            if (rollbackSnapshot !== undefined) {
+                rollbackSnapshot.statePatches = inversePatches;
+            }
+        }
+        // In case the Snap uses a localized manifest, we need to get the
+        // proposed name from the localized manifest.
+        const { proposedName } = getLocalizedSnapManifest(manifest.result, 'en', localizedFiles);
+        this.messagingSystem.call('SubjectMetadataController:addSubjectMetadata', {
+            subjectType: SubjectType.Snap,
+            name: proposedName,
+            origin: snap.id,
+            version,
+            svgIcon: svgIcon?.toString() ?? null,
+        });
+        return { ...snap, sourceCode };
+    }
+    #validateSnapPermissions(processedPermissions) {
+        const permissionKeys = Object.keys(processedPermissions);
+        const handlerPermissions = Array.from(new Set(Object.values(handlerEndowments)));
+        assert(permissionKeys.some((key) => handlerPermissions.includes(key)), `A snap must request at least one of the following permissions: ${handlerPermissions
+            .filter((handler) => handler !== null)
+            .join(', ')}.`);
+        const excludedPermissionErrors = permissionKeys.reduce((errors, permission) => {
+            if (hasProperty(this.#excludedPermissions, permission)) {
+                errors.push(this.#excludedPermissions[permission]);
+            }
+            return errors;
+        }, []);
+        assert(excludedPermissionErrors.length === 0, `One or more permissions are not allowed:\n${excludedPermissionErrors.join('\n')}`);
+    }
     /**
      * Initiates a request for the given snap's initial permissions.
      * Must be called in order. See processRequestedSnap.
@@ -910,31 +1550,31 @@ export class SnapController extends BaseController {
         const { initialPermissions, initialConnections } = snap;
         try {
             const processedPermissions = processSnapPermissions(initialPermissions);
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_validateSnapPermissions).call(this, processedPermissions);
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updateApproval).call(this, pendingApproval.id, {
+            this.#validateSnapPermissions(processedPermissions);
+            this.#updateApproval(pendingApproval.id, {
                 loading: false,
                 connections: initialConnections ?? {},
                 permissions: processedPermissions,
             });
             const { permissions: approvedPermissions, ...requestData } = (await pendingApproval.promise);
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updatePermissions).call(this, {
+            this.#updatePermissions({
                 snapId,
                 newPermissions: approvedPermissions,
                 requestData,
             });
             if (snap.manifest.initialConnections) {
-                __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_handleInitialConnections).call(this, snapId, null, snap.manifest.initialConnections);
+                this.#handleInitialConnections(snapId, null, snap.manifest.initialConnections);
             }
         }
         finally {
-            const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
+            const runtime = this.#getRuntimeExpect(snapId);
             runtime.installPromise = null;
         }
     }
     destroy() {
         super.destroy();
-        if (__classPrivateFieldGet(this, _SnapController_timeoutForLastRequestStatus, "f")) {
-            clearTimeout(__classPrivateFieldGet(this, _SnapController_timeoutForLastRequestStatus, "f"));
+        if (this.#timeoutForLastRequestStatus) {
+            clearTimeout(this.#timeoutForLastRequestStatus);
         }
         /* eslint-disable @typescript-eslint/unbound-method */
         this.messagingSystem.unsubscribe('ExecutionService:unhandledError', this._onUnhandledSnapError);
@@ -955,7 +1595,7 @@ export class SnapController extends BaseController {
      * @returns The result of the JSON-RPC request.
      */
     async handleRequest({ snapId, origin, handler: handlerType, request: rawRequest, }) {
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertCanUsePlatform).call(this);
+        this.#assertCanUsePlatform();
         const request = {
             jsonrpc: '2.0',
             id: nanoid(),
@@ -985,910 +1625,410 @@ export class SnapController extends BaseController {
                 throw new Error(`Snap "${snapId}" is not permitted to handle requests from "${origin}".`);
             }
         }
-        const handler = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRpcRequestHandler).call(this, snapId);
+        const handler = this.#getRpcRequestHandler(snapId);
         if (!handler) {
             throw new Error(`Snap RPC message handler not found for snap "${snapId}".`);
         }
-        const timeout = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getExecutionTimeout).call(this, handlerPermissions);
+        const timeout = this.#getExecutionTimeout(handlerPermissions);
         return handler({ origin, handler: handlerType, request, timeout });
     }
-}
-_SnapController_closeAllConnections = new WeakMap(), _SnapController_dynamicPermissions = new WeakMap(), _SnapController_environmentEndowmentPermissions = new WeakMap(), _SnapController_excludedPermissions = new WeakMap(), _SnapController_featureFlags = new WeakMap(), _SnapController_fetchFunction = new WeakMap(), _SnapController_idleTimeCheckInterval = new WeakMap(), _SnapController_maxIdleTime = new WeakMap(), _SnapController_encryptor = new WeakMap(), _SnapController_getMnemonic = new WeakMap(), _SnapController_getFeatureFlags = new WeakMap(), _SnapController_detectSnapLocation = new WeakMap(), _SnapController_snapsRuntimeData = new WeakMap(), _SnapController_rollbackSnapshots = new WeakMap(), _SnapController_timeoutForLastRequestStatus = new WeakMap(), _SnapController_statusMachine = new WeakMap(), _SnapController_preinstalledSnaps = new WeakMap(), _SnapController_instances = new WeakSet(), _SnapController_initializeStateMachine = function _SnapController_initializeStateMachine() {
-    const disableGuard = ({ snapId }) => {
-        return this.getExpect(snapId).enabled;
-    };
-    const statusConfig = {
-        initial: SnapStatus.Installing,
-        states: {
-            [SnapStatus.Installing]: {
-                on: {
-                    [SnapStatusEvents.Start]: {
-                        target: SnapStatus.Running,
-                        cond: disableGuard,
-                    },
-                },
-            },
-            [SnapStatus.Updating]: {
-                on: {
-                    [SnapStatusEvents.Start]: {
-                        target: SnapStatus.Running,
-                        cond: disableGuard,
-                    },
-                    [SnapStatusEvents.Stop]: SnapStatus.Stopped,
-                },
-            },
-            [SnapStatus.Running]: {
-                on: {
-                    [SnapStatusEvents.Stop]: SnapStatus.Stopped,
-                    [SnapStatusEvents.Crash]: SnapStatus.Crashed,
-                },
-            },
-            [SnapStatus.Stopped]: {
-                on: {
-                    [SnapStatusEvents.Start]: {
-                        target: SnapStatus.Running,
-                        cond: disableGuard,
-                    },
-                    [SnapStatusEvents.Update]: SnapStatus.Updating,
-                },
-            },
-            [SnapStatus.Crashed]: {
-                on: {
-                    [SnapStatusEvents.Start]: {
-                        target: SnapStatus.Running,
-                        cond: disableGuard,
-                    },
-                    [SnapStatusEvents.Update]: SnapStatus.Updating,
-                },
-            },
-        },
-    };
-    __classPrivateFieldSet(this, _SnapController_statusMachine, createMachine(statusConfig), "f");
-    validateMachine(__classPrivateFieldGet(this, _SnapController_statusMachine, "f"));
-}, _SnapController_registerMessageHandlers = function _SnapController_registerMessageHandlers() {
-    this.messagingSystem.registerActionHandler(`${controllerName}:clearSnapState`, (...args) => this.clearSnapState(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:get`, (...args) => this.get(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:getSnapState`, async (...args) => this.getSnapState(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:handleRequest`, async (...args) => this.handleRequest(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:has`, (...args) => this.has(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:updateBlockedSnaps`, async () => this.updateBlockedSnaps());
-    this.messagingSystem.registerActionHandler(`${controllerName}:updateSnapState`, async (...args) => this.updateSnapState(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:enable`, (...args) => this.enableSnap(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:disable`, async (...args) => this.disableSnap(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:remove`, async (...args) => this.removeSnap(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:getPermitted`, (...args) => this.getPermittedSnaps(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:install`, async (...args) => this.installSnaps(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:getAll`, (...args) => this.getAllSnaps(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:incrementActiveReferences`, (...args) => this.incrementActiveReferences(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:decrementActiveReferences`, (...args) => this.decrementActiveReferences(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:getRegistryMetadata`, async (...args) => this.getRegistryMetadata(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:disconnectOrigin`, (...args) => this.removeSnapFromSubject(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:revokeDynamicPermissions`, (...args) => this.revokeDynamicSnapPermissions(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:getFile`, async (...args) => this.getSnapFile(...args));
-    this.messagingSystem.registerActionHandler(`${controllerName}:stopAllSnaps`, async (...args) => this.stopAllSnaps(...args));
-}, _SnapController_handlePreinstalledSnaps = function _SnapController_handlePreinstalledSnaps(preinstalledSnaps) {
-    for (const { snapId, manifest, files, removable, hidden, hideSnapBranding, } of preinstalledSnaps) {
-        const existingSnap = this.get(snapId);
-        const isAlreadyInstalled = existingSnap !== undefined;
-        const isUpdate = isAlreadyInstalled && gtVersion(manifest.version, existingSnap.version);
-        // Disallow downgrades and overwriting non preinstalled snaps
-        if (isAlreadyInstalled &&
-            (!isUpdate || existingSnap.preinstalled !== true)) {
-            continue;
-        }
-        const manifestFile = new VirtualFile({
-            path: NpmSnapFileNames.Manifest,
-            value: JSON.stringify(manifest),
-            result: manifest,
-        });
-        const virtualFiles = files.map(({ path, value }) => new VirtualFile({ value, path }));
-        const { filePath, iconPath } = manifest.source.location.npm;
-        const sourceCode = virtualFiles.find((file) => file.path === filePath);
-        const svgIcon = iconPath
-            ? virtualFiles.find((file) => file.path === iconPath)
-            : undefined;
-        assert(sourceCode, 'Source code not provided for preinstalled snap.');
-        assert(!iconPath || (iconPath && svgIcon), 'Icon not provided for preinstalled snap.');
-        assert(manifest.source.files === undefined, 'Auxiliary files are not currently supported for preinstalled snaps.');
-        const localizationFiles = manifest.source.locales?.map((path) => virtualFiles.find((file) => file.path === path)) ?? [];
-        const validatedLocalizationFiles = getValidatedLocalizationFiles(localizationFiles.filter(Boolean));
-        assert(localizationFiles.length === validatedLocalizationFiles.length, 'Missing localization files for preinstalled snap.');
-        const filesObject = {
-            manifest: manifestFile,
-            sourceCode,
-            svgIcon,
-            auxiliaryFiles: [],
-            localizationFiles: validatedLocalizationFiles,
-        };
-        // Add snap to the SnapController state
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_set).call(this, {
-            id: snapId,
-            origin: 'metamask',
-            files: filesObject,
-            removable,
-            hidden,
-            hideSnapBranding,
-            preinstalled: true,
-        });
-        // Setup permissions
-        const processedPermissions = processSnapPermissions(manifest.initialPermissions);
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_validateSnapPermissions).call(this, processedPermissions);
-        const { newPermissions, unusedPermissions } = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_calculatePermissionsChange).call(this, snapId, processedPermissions);
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updatePermissions).call(this, { snapId, newPermissions, unusedPermissions });
-        if (manifest.initialConnections) {
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_handleInitialConnections).call(this, snapId, existingSnap?.initialConnections ?? null, manifest.initialConnections);
-        }
-        // Set status
-        this.update((state) => {
-            state.snaps[snapId].status = SnapStatus.Stopped;
-        });
-    }
-}, _SnapController_pollForLastRequestStatus = function _SnapController_pollForLastRequestStatus() {
-    __classPrivateFieldSet(this, _SnapController_timeoutForLastRequestStatus, setTimeout(() => {
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_stopSnapsLastRequestPastMax).call(this).catch((error) => {
-            // TODO: Decide how to handle errors.
-            logError(error);
-        });
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_pollForLastRequestStatus).call(this);
-    }, __classPrivateFieldGet(this, _SnapController_idleTimeCheckInterval, "f")), "f");
-}, _SnapController_blockSnap =
-/**
- * Blocks an installed snap and prevents it from being started again. Emits
- * {@link SnapBlocked}. Does nothing if the snap is not installed.
- *
- * @param snapId - The snap to block.
- * @param blockedSnapInfo - Information detailing why the snap is blocked.
- */
-async function _SnapController_blockSnap(snapId, blockedSnapInfo) {
-    if (!this.has(snapId)) {
-        return;
+    /**
+     * Determine the execution timeout for a given handler permission.
+     *
+     * If no permission is specified or the permission itself has no execution timeout defined
+     * the constructor argument `maxRequestTime` will be used.
+     *
+     * @param permission - An optional permission constraint for the handler being called.
+     * @returns The execution timeout for the given handler.
+     */
+    #getExecutionTimeout(permission) {
+        return getMaxRequestTimeCaveat(permission) ?? this.maxRequestTime;
     }
-    try {
-        this.update((state) => {
-            state.snaps[snapId].blocked = true;
-            state.snaps[snapId].blockInformation = blockedSnapInfo;
-        });
-        await this.disableSnap(snapId);
-    }
-    catch (error) {
-        logError(`Encountered error when stopping blocked snap "${snapId}".`, error);
-    }
-    this.messagingSystem.publish(`${controllerName}:snapBlocked`, snapId, blockedSnapInfo);
-}, _SnapController_unblockSnap = function _SnapController_unblockSnap(snapId) {
-    if (!this.has(snapId) || !this.state.snaps[snapId].blocked) {
-        return;
-    }
-    this.update((state) => {
-        state.snaps[snapId].blocked = false;
-        delete state.snaps[snapId].blockInformation;
-    });
-    this.messagingSystem.publish(`${controllerName}:snapUnblocked`, snapId);
-}, _SnapController_assertIsInstallAllowed = async function _SnapController_assertIsInstallAllowed(snapId, snapInfo) {
-    const results = await this.messagingSystem.call('SnapsRegistry:get', {
-        [snapId]: snapInfo,
-    });
-    const result = results[snapId];
-    if (result.status === SnapsRegistryStatus.Blocked) {
-        throw new Error(`Cannot install version "${snapInfo.version}" of snap "${snapId}": The version is blocked. ${result.reason?.explanation ?? ''}`);
-    }
-    const isAllowlistingRequired = Object.keys(snapInfo.permissions).some((permission) => !ALLOWED_PERMISSIONS.includes(permission));
-    if (__classPrivateFieldGet(this, _SnapController_featureFlags, "f").requireAllowlist &&
-        isAllowlistingRequired &&
-        result.status !== SnapsRegistryStatus.Verified) {
-        throw new Error(`Cannot install version "${snapInfo.version}" of snap "${snapId}": ${result.status === SnapsRegistryStatus.Unavailable
-            ? 'The registry is temporarily unavailable.'
-            : 'The snap is not on the allowlist.'}`);
-    }
-}, _SnapController_assertCanInstallSnaps = function _SnapController_assertCanInstallSnaps() {
-    assert(__classPrivateFieldGet(this, _SnapController_featureFlags, "f").disableSnapInstallation !== true, 'Installing Snaps is currently disabled in this version of MetaMask.');
-}, _SnapController_assertCanUsePlatform = function _SnapController_assertCanUsePlatform() {
-    const flags = __classPrivateFieldGet(this, _SnapController_getFeatureFlags, "f").call(this);
-    assert(flags.disableSnaps !== true, 'The Snaps platform requires basic functionality to be used. Enable basic functionality in the settings to use the Snaps platform.');
-}, _SnapController_stopSnapsLastRequestPastMax = async function _SnapController_stopSnapsLastRequestPastMax() {
-    const entries = [...__classPrivateFieldGet(this, _SnapController_snapsRuntimeData, "f").entries()];
-    return Promise.all(entries
-        .filter(([_snapId, runtime]) => runtime.activeReferences === 0 &&
-        runtime.pendingInboundRequests.length === 0 &&
-        runtime.lastRequest &&
-        __classPrivateFieldGet(this, _SnapController_maxIdleTime, "f") &&
-        timeSince(runtime.lastRequest) > __classPrivateFieldGet(this, _SnapController_maxIdleTime, "f"))
-        .map(async ([snapId]) => this.stopSnap(snapId, SnapStatusEvents.Stop)));
-}, _SnapController_transition = function _SnapController_transition(snapId, event) {
-    const { interpreter } = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
-    interpreter.send(event);
-    this.update((state) => {
-        state.snaps[snapId].status = interpreter.state.value;
-    });
-}, _SnapController_terminateSnap =
-/**
- * Terminates the specified snap and emits the `snapTerminated` event.
- *
- * @param snapId - The snap to terminate.
- */
-async function _SnapController_terminateSnap(snapId) {
-    await this.messagingSystem.call('ExecutionService:terminateSnap', snapId);
-    // Hack to give up execution for a bit to let gracefully terminating Snaps return.
-    await new Promise((resolve) => setTimeout(resolve, 1));
-    const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
-    // Unresponsive requests may still be timed, time them out.
-    runtime.pendingInboundRequests
-        .filter((pendingRequest) => pendingRequest.timer.status !== 'finished')
-        .forEach((pendingRequest) => pendingRequest.timer.finish());
-    // Hack to give up execution for a bit to let timed out requests return.
-    await new Promise((resolve) => setTimeout(resolve, 1));
-    this.messagingSystem.publish('SnapController:snapTerminated', this.getTruncatedExpect(snapId));
-}, _SnapController_getSnapEncryptionKey =
-/**
- * Generate an encryption key to be used for state encryption for a given Snap.
- *
- * @param options - An options bag.
- * @param options.snapId - The Snap ID.
- * @param options.salt - A salt to be used for the encryption key.
- * @param options.useCache - Whether to use caching or not.
- * @param options.keyMetadata - Optional metadata about how to derive the encryption key.
- * @returns An encryption key.
- */
-async function _SnapController_getSnapEncryptionKey({ snapId, salt: passedSalt, useCache, keyMetadata, }) {
-    const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
-    if (runtime.encryptionKey && runtime.encryptionSalt && useCache) {
-        return {
-            key: await __classPrivateFieldGet(this, _SnapController_encryptor, "f").importKey(runtime.encryptionKey),
-            salt: runtime.encryptionSalt,
+    /**
+     * Gets the RPC message handler for the given snap.
+     *
+     * @param snapId - The id of the Snap whose message handler to get.
+     * @returns The RPC handler for the given snap.
+     */
+    #getRpcRequestHandler(snapId) {
+        const runtime = this.#getRuntimeExpect(snapId);
+        const existingHandler = runtime.rpcHandler;
+        if (existingHandler) {
+            return existingHandler;
+        }
+        const requestQueue = new RequestQueue(5);
+        // We need to set up this promise map to map snapIds to their respective startPromises,
+        // because otherwise we would lose context on the correct startPromise.
+        const startPromises = new Map();
+        const rpcHandler = async ({ origin, handler: handlerType, request, timeout, }) => {
+            if (this.state.snaps[snapId].enabled === false) {
+                throw new Error(`Snap "${snapId}" is disabled.`);
+            }
+            if (this.state.snaps[snapId].status === SnapStatus.Installing) {
+                throw new Error(`Snap "${snapId}" is currently being installed. Please try again later.`);
+            }
+            if (!this.isRunning(snapId)) {
+                let localStartPromise = startPromises.get(snapId);
+                if (!localStartPromise) {
+                    localStartPromise = this.startSnap(snapId);
+                    startPromises.set(snapId, localStartPromise);
+                }
+                else if (requestQueue.get(origin) >= requestQueue.maxQueueSize) {
+                    throw new Error('Exceeds maximum number of requests waiting to be resolved, please try again.');
+                }
+                requestQueue.increment(origin);
+                try {
+                    await localStartPromise;
+                }
+                finally {
+                    requestQueue.decrement(origin);
+                    // Only delete startPromise for a snap if its value hasn't changed
+                    if (startPromises.get(snapId) === localStartPromise) {
+                        startPromises.delete(snapId);
+                    }
+                }
+            }
+            const timer = new Timer(timeout);
+            this.#recordSnapRpcRequestStart(snapId, request.id, timer);
+            const handleRpcRequestPromise = this.messagingSystem.call('ExecutionService:handleRpcRequest', snapId, { origin, handler: handlerType, request });
+            // This will either get the result or reject due to the timeout.
+            try {
+                const result = await withTimeout(handleRpcRequestPromise, timer);
+                if (result === hasTimedOut) {
+                    throw new Error(`${snapId} failed to respond to the request in time.`);
+                }
+                await this.#assertSnapRpcRequestResult(snapId, handlerType, result);
+                const transformedResult = await this.#transformSnapRpcRequestResult(snapId, handlerType, result);
+                this.#recordSnapRpcRequestFinish(snapId, request.id);
+                return transformedResult;
+            }
+            catch (error) {
+                // We flag the RPC request as finished early since termination may affect pending requests
+                this.#recordSnapRpcRequestFinish(snapId, request.id);
+                const [jsonRpcError, handled] = unwrapError(error);
+                if (!handled) {
+                    await this.stopSnap(snapId, SnapStatusEvents.Crash);
+                }
+                throw jsonRpcError;
+            }
         };
+        runtime.rpcHandler = rpcHandler;
+        return rpcHandler;
     }
-    const salt = passedSalt ?? __classPrivateFieldGet(this, _SnapController_encryptor, "f").generateSalt();
-    const mnemonicPhrase = await __classPrivateFieldGet(this, _SnapController_getMnemonic, "f").call(this);
-    const entropy = await getEncryptionEntropy({ snapId, mnemonicPhrase });
-    const encryptionKey = await __classPrivateFieldGet(this, _SnapController_encryptor, "f").keyFromPassword(entropy, salt, true, keyMetadata);
-    const exportedKey = await __classPrivateFieldGet(this, _SnapController_encryptor, "f").exportKey(encryptionKey);
-    // Cache exported encryption key in runtime
-    if (useCache) {
-        runtime.encryptionKey = exportedKey;
-        runtime.encryptionSalt = salt;
-    }
-    return { key: encryptionKey, salt };
-}, _SnapController_decryptSnapState =
-/**
- * Decrypt the encrypted state for a given Snap.
- *
- * @param snapId - The Snap ID.
- * @param state - The encrypted state as a string.
- * @returns A valid JSON object derived from the encrypted state.
- * @throws If the decryption fails or the decrypted state is not valid JSON.
- */
-async function _SnapController_decryptSnapState(snapId, state) {
-    try {
-        const parsed = parseJson(state);
-        const { salt, keyMetadata } = parsed;
-        const useCache = __classPrivateFieldGet(this, _SnapController_encryptor, "f").isVaultUpdated(state);
-        const { key } = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getSnapEncryptionKey).call(this, {
-            snapId,
-            salt,
-            useCache,
-            // When decrypting state we expect key metadata to be present.
-            // If it isn't present, we assume that the Snap state we are decrypting is old enough to use the legacy encryption params.
-            keyMetadata: keyMetadata ?? LEGACY_ENCRYPTION_KEY_DERIVATION_OPTIONS,
-        });
-        const decryptedState = await __classPrivateFieldGet(this, _SnapController_encryptor, "f").decryptWithKey(key, parsed);
-        assert(isValidJson(decryptedState));
-        return decryptedState;
-    }
-    catch {
-        throw rpcErrors.internal({
-            message: 'Failed to decrypt snap state, the state must be corrupted.',
-        });
-    }
-}, _SnapController_encryptSnapState =
-/**
- * Encrypt a JSON state object for a given Snap.
- *
- * Note: This function does not assert the validity of the object,
- * please ensure only valid JSON is passed to it.
- *
- * @param snapId - The Snap ID.
- * @param state - The state object.
- * @returns A string containing the encrypted JSON object.
- */
-async function _SnapController_encryptSnapState(snapId, state) {
-    const { key, salt } = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getSnapEncryptionKey).call(this, {
-        snapId,
-        useCache: true,
-    });
-    const encryptedState = await __classPrivateFieldGet(this, _SnapController_encryptor, "f").encryptWithKey(key, state);
-    encryptedState.salt = salt;
-    return JSON.stringify(encryptedState);
-}, _SnapController_handleInitialConnections = function _SnapController_handleInitialConnections(snapId, previousInitialConnections, initialConnections) {
-    if (previousInitialConnections) {
-        const revokedInitialConnections = setDiff(previousInitialConnections, initialConnections);
-        for (const origin of Object.keys(revokedInitialConnections)) {
-            this.removeSnapFromSubject(origin, snapId);
-        }
-    }
-    for (const origin of Object.keys(initialConnections)) {
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_addSnapToSubject).call(this, origin, snapId);
-    }
-}, _SnapController_addSnapToSubject = function _SnapController_addSnapToSubject(origin, snapId) {
-    const subjectPermissions = this.messagingSystem.call('PermissionController:getPermissions', origin);
-    const existingCaveat = subjectPermissions?.[WALLET_SNAP_PERMISSION_KEY]?.caveats?.find((caveat) => caveat.type === SnapCaveatType.SnapIds);
-    const subjectHasSnap = Boolean(existingCaveat?.value?.[snapId]);
-    // If the subject is already connected to the snap, this is a no-op.
-    if (subjectHasSnap) {
-        return;
-    }
-    // If an existing caveat exists, we add the snap to that.
-    if (existingCaveat) {
-        this.messagingSystem.call('PermissionController:updateCaveat', origin, WALLET_SNAP_PERMISSION_KEY, SnapCaveatType.SnapIds, { ...existingCaveat.value, [snapId]: {} });
-        return;
-    }
-    const approvedPermissions = {
-        [WALLET_SNAP_PERMISSION_KEY]: {
-            caveats: [
-                {
-                    type: SnapCaveatType.SnapIds,
-                    value: {
-                        [snapId]: {},
-                    },
-                },
-            ],
-        },
-    };
-    this.messagingSystem.call('PermissionController:grantPermissions', {
-        approvedPermissions,
-        subject: { origin },
-    });
-}, _SnapController_removeSnapFromSubjects = function _SnapController_removeSnapFromSubjects(snapId) {
-    const subjects = this.messagingSystem.call('PermissionController:getSubjectNames');
-    for (const subject of subjects) {
-        this.removeSnapFromSubject(subject, snapId);
-    }
-}, _SnapController_revokeAllSnapPermissions = function _SnapController_revokeAllSnapPermissions(snapId) {
-    if (this.messagingSystem.call('PermissionController:hasPermissions', snapId)) {
-        this.messagingSystem.call('PermissionController:revokeAllPermissions', snapId);
-    }
-}, _SnapController_createApproval = function _SnapController_createApproval({ origin, snapId, type, }) {
-    const id = nanoid();
-    const promise = this.messagingSystem.call('ApprovalController:addRequest', {
-        origin,
-        id,
-        type,
-        requestData: {
-            // Mirror previous installation metadata
-            metadata: { id, origin: snapId, dappOrigin: origin },
-            snapId,
-        },
-        requestState: {
-            loading: true,
-        },
-    }, true);
-    return { id, promise };
-}, _SnapController_updateApproval = function _SnapController_updateApproval(id, requestState) {
-    try {
-        this.messagingSystem.call('ApprovalController:updateRequestState', {
-            id,
-            requestState,
-        });
-    }
-    catch {
-        // Do nothing
-    }
-}, _SnapController_resolveAllowlistVersion = async function _SnapController_resolveAllowlistVersion(snapId, versionRange) {
-    return await this.messagingSystem.call('SnapsRegistry:resolveVersion', snapId, versionRange);
-}, _SnapController_add =
-/**
- * Returns a promise representing the complete installation of the requested snap.
- * If the snap is already being installed, the previously pending promise will be returned.
- *
- * @param args - Object containing the snap id and either the URL of the snap's manifest,
- * or the snap's manifest and source code. The object may also optionally contain a target
- * version.
- * @returns The resulting snap object.
- */
-async function _SnapController_add(args) {
-    const { id: snapId, location, versionRange } = args;
-    __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_setupRuntime).call(this, snapId);
-    const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
-    if (!runtime.installPromise) {
-        log(`Adding snap: ${snapId}`);
-        // If fetching and setting the snap succeeds, this property will be set
-        // to null in the authorize() method.
-        runtime.installPromise = (async () => {
-            const fetchedSnap = await fetchSnap(snapId, location);
-            const manifest = fetchedSnap.manifest.result;
-            if (!satisfiesVersionRange(manifest.version, versionRange)) {
-                throw new Error(`Version mismatch. Manifest for "${snapId}" specifies version "${manifest.version}" which doesn't satisfy requested version range "${versionRange}".`);
-            }
-            await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertIsInstallAllowed).call(this, snapId, {
-                version: manifest.version,
-                checksum: manifest.source.shasum,
-                permissions: manifest.initialPermissions,
-            });
-            return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_set).call(this, {
-                ...args,
-                files: fetchedSnap,
-                id: snapId,
-            });
-        })();
-    }
-    try {
-        return await runtime.installPromise;
-    }
-    catch (error) {
-        // Reset promise so users can retry installation in case the problem is
-        // temporary.
-        runtime.installPromise = null;
-        throw error;
-    }
-}, _SnapController_startSnap = async function _SnapController_startSnap(snapData) {
-    const { snapId } = snapData;
-    if (this.isRunning(snapId)) {
-        throw new Error(`Snap "${snapId}" is already started.`);
-    }
-    try {
-        const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
-        const result = await this.messagingSystem.call('ExecutionService:executeSnap', {
-            ...snapData,
-            endowments: await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getEndowments).call(this, snapId),
-        });
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_transition).call(this, snapId, SnapStatusEvents.Start);
-        // We treat the initialization of the snap as the first request, for idle timing purposes.
-        runtime.lastRequest = Date.now();
-        return result;
+    /**
+     * Create a dynamic interface in the SnapInterfaceController.
+     *
+     * @param snapId - The snap ID.
+     * @param content - The initial interface content.
+     * @returns An identifier that can be used to identify the interface.
+     */
+    async #createInterface(snapId, content) {
+        return this.messagingSystem.call('SnapInterfaceController:createInterface', snapId, content);
     }
-    catch (error) {
-        await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_terminateSnap).call(this, snapId);
-        throw error;
+    #assertInterfaceExists(snapId, id) {
+        // This will throw if the interface isn't accessible, but we assert nevertheless.
+        assert(this.messagingSystem.call('SnapInterfaceController:getInterface', snapId, id));
     }
-}, _SnapController_getEndowments =
-/**
- * Gets the names of all endowments that will be added to the Snap's
- * Compartment when it executes. These should be the names of global
- * JavaScript APIs accessible in the root realm of the execution environment.
- *
- * Throws an error if the endowment getter for a permission returns a truthy
- * value that is not an array of strings.
- *
- * @param snapId - The id of the snap whose SES endowments to get.
- * @returns An array of the names of the endowments.
- */
-async function _SnapController_getEndowments(snapId) {
-    let allEndowments = [];
-    for (const permissionName of __classPrivateFieldGet(this, _SnapController_environmentEndowmentPermissions, "f")) {
-        if (this.messagingSystem.call('PermissionController:hasPermission', snapId, permissionName)) {
-            const endowments = await this.messagingSystem.call('PermissionController:getEndowments', snapId, permissionName);
-            if (endowments) {
-                // We don't have any guarantees about the type of the endowments
-                // value, so we have to guard at runtime.
-                if (!Array.isArray(endowments) ||
-                    endowments.some((value) => typeof value !== 'string')) {
-                    throw new Error('Expected an array of string endowment names.');
+    /**
+     * Transform a RPC request result if necessary.
+     *
+     * @param snapId - The snap ID of the snap that produced the result.
+     * @param handlerType - The handler type that produced the result.
+     * @param result - The result.
+     * @returns The transformed result if applicable, otherwise the original result.
+     */
+    async #transformSnapRpcRequestResult(snapId, handlerType, result) {
+        switch (handlerType) {
+            case HandlerType.OnTransaction:
+            case HandlerType.OnSignature:
+            case HandlerType.OnHomePage: {
+                // Since this type has been asserted earlier we can cast
+                const castResult = result;
+                // If a handler returns static content, we turn it into a dynamic UI
+                if (castResult && hasProperty(castResult, 'content')) {
+                    const { content, ...rest } = castResult;
+                    const id = await this.#createInterface(snapId, content);
+                    return { ...rest, id };
                 }
-                allEndowments = allEndowments.concat(endowments);
+                return result;
             }
+            default:
+                return result;
         }
     }
-    const dedupedEndowments = [
-        ...new Set([...DEFAULT_ENDOWMENTS, ...allEndowments]),
-    ];
-    if (dedupedEndowments.length <
-        // This is a bug in TypeScript: https://github.com/microsoft/TypeScript/issues/48313
-        // eslint-disable-next-line @typescript-eslint/restrict-plus-operands
-        DEFAULT_ENDOWMENTS.length + allEndowments.length) {
-        logError(`Duplicate endowments found for ${snapId}. Default endowments should not be requested.`, allEndowments);
-    }
-    return dedupedEndowments;
-}, _SnapController_set = function _SnapController_set(args) {
-    const { id: snapId, origin, files, isUpdate = false, removable, preinstalled, hidden, hideSnapBranding, } = args;
-    const { manifest, sourceCode: sourceCodeFile, svgIcon, auxiliaryFiles: rawAuxiliaryFiles, localizationFiles, } = files;
-    assertIsSnapManifest(manifest.result);
-    const { version } = manifest.result;
-    const sourceCode = sourceCodeFile.toString();
-    assert(typeof sourceCode === 'string' && sourceCode.length > 0, `Invalid source code for snap "${snapId}".`);
-    const auxiliaryFiles = rawAuxiliaryFiles.map((file) => {
-        assert(typeof file.data.base64 === 'string');
-        return {
-            path: file.path,
-            value: file.data.base64,
-        };
-    });
-    const snapsState = this.state.snaps;
-    const existingSnap = snapsState[snapId];
-    const previousVersionHistory = existingSnap?.versionHistory ?? [];
-    const versionHistory = [
-        ...previousVersionHistory,
-        {
-            version,
-            date: Date.now(),
-            origin,
-        },
-    ];
-    const localizedFiles = localizationFiles.map((file) => file.result);
-    const snap = {
-        // Restore relevant snap state if it exists
-        ...existingSnap,
-        // Note that the snap will be unblocked and enabled, regardless of its
-        // previous state.
-        blocked: false,
-        enabled: true,
-        removable,
-        preinstalled,
-        hidden,
-        hideSnapBranding,
-        id: snapId,
-        initialConnections: manifest.result.initialConnections,
-        initialPermissions: manifest.result.initialPermissions,
-        manifest: manifest.result,
-        status: __classPrivateFieldGet(this, _SnapController_statusMachine, "f").config.initial,
-        sourceCode,
-        version,
-        versionHistory,
-        auxiliaryFiles,
-        localizationFiles: localizedFiles,
-    };
-    // If the snap was blocked, it isn't any longer
-    delete snap.blockInformation;
-    // store the snap back in state
-    const { inversePatches } = this.update((state) => {
-        state.snaps[snapId] = snap;
-    });
-    // checking for isUpdate here as this function is also used in
-    // the install flow, we do not care to create snapshots for installs
-    if (isUpdate) {
-        const rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRollbackSnapshot).call(this, snapId);
-        if (rollbackSnapshot !== undefined) {
-            rollbackSnapshot.statePatches = inversePatches;
-        }
-    }
-    // In case the Snap uses a localized manifest, we need to get the
-    // proposed name from the localized manifest.
-    const { proposedName } = getLocalizedSnapManifest(manifest.result, 'en', localizedFiles);
-    this.messagingSystem.call('SubjectMetadataController:addSubjectMetadata', {
-        subjectType: SubjectType.Snap,
-        name: proposedName,
-        origin: snap.id,
-        version,
-        svgIcon: svgIcon?.toString() ?? null,
-    });
-    return { ...snap, sourceCode };
-}, _SnapController_validateSnapPermissions = function _SnapController_validateSnapPermissions(processedPermissions) {
-    const permissionKeys = Object.keys(processedPermissions);
-    const handlerPermissions = Array.from(new Set(Object.values(handlerEndowments)));
-    assert(permissionKeys.some((key) => handlerPermissions.includes(key)), `A snap must request at least one of the following permissions: ${handlerPermissions
-        .filter((handler) => handler !== null)
-        .join(', ')}.`);
-    const excludedPermissionErrors = permissionKeys.reduce((errors, permission) => {
-        if (hasProperty(__classPrivateFieldGet(this, _SnapController_excludedPermissions, "f"), permission)) {
-            errors.push(__classPrivateFieldGet(this, _SnapController_excludedPermissions, "f")[permission]);
-        }
-        return errors;
-    }, []);
-    assert(excludedPermissionErrors.length === 0, `One or more permissions are not allowed:\n${excludedPermissionErrors.join('\n')}`);
-}, _SnapController_getExecutionTimeout = function _SnapController_getExecutionTimeout(permission) {
-    return getMaxRequestTimeCaveat(permission) ?? this.maxRequestTime;
-}, _SnapController_getRpcRequestHandler = function _SnapController_getRpcRequestHandler(snapId) {
-    const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
-    const existingHandler = runtime.rpcHandler;
-    if (existingHandler) {
-        return existingHandler;
-    }
-    const requestQueue = new RequestQueue(5);
-    // We need to set up this promise map to map snapIds to their respective startPromises,
-    // because otherwise we would lose context on the correct startPromise.
-    const startPromises = new Map();
-    const rpcHandler = async ({ origin, handler: handlerType, request, timeout, }) => {
-        if (this.state.snaps[snapId].enabled === false) {
-            throw new Error(`Snap "${snapId}" is disabled.`);
-        }
-        if (this.state.snaps[snapId].status === SnapStatus.Installing) {
-            throw new Error(`Snap "${snapId}" is currently being installed. Please try again later.`);
-        }
-        if (!this.isRunning(snapId)) {
-            let localStartPromise = startPromises.get(snapId);
-            if (!localStartPromise) {
-                localStartPromise = this.startSnap(snapId);
-                startPromises.set(snapId, localStartPromise);
-            }
-            else if (requestQueue.get(origin) >= requestQueue.maxQueueSize) {
-                throw new Error('Exceeds maximum number of requests waiting to be resolved, please try again.');
+    /**
+     * Assert that the returned result of a Snap RPC call is the expected shape.
+     *
+     * @param snapId - The snap ID.
+     * @param handlerType - The handler type of the RPC Request.
+     * @param result - The result of the RPC request.
+     */
+    async #assertSnapRpcRequestResult(snapId, handlerType, result) {
+        switch (handlerType) {
+            case HandlerType.OnTransaction: {
+                assertStruct(result, OnTransactionResponseStruct);
+                if (result && hasProperty(result, 'id')) {
+                    this.#assertInterfaceExists(snapId, result.id);
+                }
+                break;
             }
-            requestQueue.increment(origin);
-            try {
-                await localStartPromise;
+            case HandlerType.OnSignature: {
+                assertStruct(result, OnSignatureResponseStruct);
+                if (result && hasProperty(result, 'id')) {
+                    this.#assertInterfaceExists(snapId, result.id);
+                }
+                break;
             }
-            finally {
-                requestQueue.decrement(origin);
-                // Only delete startPromise for a snap if its value hasn't changed
-                if (startPromises.get(snapId) === localStartPromise) {
-                    startPromises.delete(snapId);
+            case HandlerType.OnHomePage: {
+                assertStruct(result, OnHomePageResponseStruct);
+                if (result && hasProperty(result, 'id')) {
+                    this.#assertInterfaceExists(snapId, result.id);
                 }
+                break;
             }
+            case HandlerType.OnNameLookup:
+                assertStruct(result, OnNameLookupResponseStruct);
+                break;
+            default:
+                break;
         }
-        const timer = new Timer(timeout);
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_recordSnapRpcRequestStart).call(this, snapId, request.id, timer);
-        const handleRpcRequestPromise = this.messagingSystem.call('ExecutionService:handleRpcRequest', snapId, { origin, handler: handlerType, request });
-        // This will either get the result or reject due to the timeout.
-        try {
-            const result = await withTimeout(handleRpcRequestPromise, timer);
-            if (result === hasTimedOut) {
-                throw new Error(`${snapId} failed to respond to the request in time.`);
-            }
-            await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertSnapRpcRequestResult).call(this, snapId, handlerType, result);
-            const transformedResult = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_transformSnapRpcRequestResult).call(this, snapId, handlerType, result);
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_recordSnapRpcRequestFinish).call(this, snapId, request.id);
-            return transformedResult;
+    }
+    #recordSnapRpcRequestStart(snapId, requestId, timer) {
+        const runtime = this.#getRuntimeExpect(snapId);
+        runtime.pendingInboundRequests.push({ requestId, timer });
+        runtime.lastRequest = null;
+    }
+    #recordSnapRpcRequestFinish(snapId, requestId) {
+        const runtime = this.#getRuntimeExpect(snapId);
+        runtime.pendingInboundRequests = runtime.pendingInboundRequests.filter((request) => request.requestId !== requestId);
+        if (runtime.pendingInboundRequests.length === 0) {
+            runtime.lastRequest = Date.now();
         }
-        catch (error) {
-            // We flag the RPC request as finished early since termination may affect pending requests
-            __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_recordSnapRpcRequestFinish).call(this, snapId, request.id);
-            const [jsonRpcError, handled] = unwrapError(error);
-            if (!handled) {
-                await this.stopSnap(snapId, SnapStatusEvents.Crash);
-            }
-            throw jsonRpcError;
+    }
+    /**
+     * Retrieves the rollback snapshot of a snap.
+     *
+     * @param snapId - The snap id.
+     * @returns A `RollbackSnapshot` or `undefined` if one doesn't exist.
+     */
+    #getRollbackSnapshot(snapId) {
+        return this.#rollbackSnapshots.get(snapId);
+    }
+    /**
+     * Creates a `RollbackSnapshot` that is used to help ensure
+     * atomicity in multiple snap updates.
+     *
+     * @param snapId - The snap id.
+     * @throws {@link Error}. If the snap exists before creation or if creation fails.
+     * @returns A `RollbackSnapshot`.
+     */
+    #createRollbackSnapshot(snapId) {
+        assert(this.#rollbackSnapshots.get(snapId) === undefined, new Error(`Snap "${snapId}" rollback snapshot already exists.`));
+        this.#rollbackSnapshots.set(snapId, {
+            statePatches: [],
+            permissions: {},
+            newVersion: '',
+        });
+        const newRollbackSnapshot = this.#rollbackSnapshots.get(snapId);
+        assert(newRollbackSnapshot !== undefined, new Error(`Snapshot creation failed for ${snapId}.`));
+        return newRollbackSnapshot;
+    }
+    /**
+     * Rolls back a snap to its previous state, permissions
+     * and source code based on the `RollbackSnapshot` that
+     * is captured during the update process. After rolling back,
+     * the function also emits an event indicating that the
+     * snap has been rolled back and it clears the snapshot
+     * for that snap.
+     *
+     * @param snapId - The snap id.
+     * @throws {@link Error}. If a snapshot does not exist.
+     */
+    async #rollbackSnap(snapId) {
+        const rollbackSnapshot = this.#getRollbackSnapshot(snapId);
+        if (!rollbackSnapshot) {
+            throw new Error('A snapshot does not exist for this snap.');
         }
-    };
-    runtime.rpcHandler = rpcHandler;
-    return rpcHandler;
-}, _SnapController_createInterface =
-/**
- * Create a dynamic interface in the SnapInterfaceController.
- *
- * @param snapId - The snap ID.
- * @param content - The initial interface content.
- * @returns An identifier that can be used to identify the interface.
- */
-async function _SnapController_createInterface(snapId, content) {
-    return this.messagingSystem.call('SnapInterfaceController:createInterface', snapId, content);
-}, _SnapController_assertInterfaceExists = function _SnapController_assertInterfaceExists(snapId, id) {
-    // This will throw if the interface isn't accessible, but we assert nevertheless.
-    assert(this.messagingSystem.call('SnapInterfaceController:getInterface', snapId, id));
-}, _SnapController_transformSnapRpcRequestResult =
-/**
- * Transform a RPC request result if necessary.
- *
- * @param snapId - The snap ID of the snap that produced the result.
- * @param handlerType - The handler type that produced the result.
- * @param result - The result.
- * @returns The transformed result if applicable, otherwise the original result.
- */
-async function _SnapController_transformSnapRpcRequestResult(snapId, handlerType, result) {
-    switch (handlerType) {
-        case HandlerType.OnTransaction:
-        case HandlerType.OnSignature:
-        case HandlerType.OnHomePage: {
-            // Since this type has been asserted earlier we can cast
-            const castResult = result;
-            // If a handler returns static content, we turn it into a dynamic UI
-            if (castResult && hasProperty(castResult, 'content')) {
-                const { content, ...rest } = castResult;
-                const id = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_createInterface).call(this, snapId, content);
-                return { ...rest, id };
-            }
-            return result;
+        await this.stopSnap(snapId, SnapStatusEvents.Stop);
+        // Always set to stopped even if it wasn't running initially
+        if (this.get(snapId)?.status !== SnapStatus.Stopped) {
+            this.#transition(snapId, SnapStatusEvents.Stop);
         }
-        default:
-            return result;
-    }
-}, _SnapController_assertSnapRpcRequestResult =
-/**
- * Assert that the returned result of a Snap RPC call is the expected shape.
- *
- * @param snapId - The snap ID.
- * @param handlerType - The handler type of the RPC Request.
- * @param result - The result of the RPC request.
- */
-async function _SnapController_assertSnapRpcRequestResult(snapId, handlerType, result) {
-    switch (handlerType) {
-        case HandlerType.OnTransaction: {
-            assertStruct(result, OnTransactionResponseStruct);
-            if (result && hasProperty(result, 'id')) {
-                __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertInterfaceExists).call(this, snapId, result.id);
-            }
-            break;
+        const { statePatches, permissions } = rollbackSnapshot;
+        if (statePatches?.length) {
+            this.applyPatches(statePatches);
         }
-        case HandlerType.OnSignature: {
-            assertStruct(result, OnSignatureResponseStruct);
-            if (result && hasProperty(result, 'id')) {
-                __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertInterfaceExists).call(this, snapId, result.id);
-            }
-            break;
+        // Reset snap status, as we may have been in another state when we stored state patches
+        // But now we are 100% in a stopped state
+        if (this.get(snapId)?.status !== SnapStatus.Stopped) {
+            this.update((state) => {
+                state.snaps[snapId].status = SnapStatus.Stopped;
+            });
         }
-        case HandlerType.OnHomePage: {
-            assertStruct(result, OnHomePageResponseStruct);
-            if (result && hasProperty(result, 'id')) {
-                __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertInterfaceExists).call(this, snapId, result.id);
-            }
-            break;
-        }
-        case HandlerType.OnNameLookup:
-            assertStruct(result, OnNameLookupResponseStruct);
-            break;
-        default:
-            break;
-    }
-}, _SnapController_recordSnapRpcRequestStart = function _SnapController_recordSnapRpcRequestStart(snapId, requestId, timer) {
-    const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
-    runtime.pendingInboundRequests.push({ requestId, timer });
-    runtime.lastRequest = null;
-}, _SnapController_recordSnapRpcRequestFinish = function _SnapController_recordSnapRpcRequestFinish(snapId, requestId) {
-    const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntimeExpect).call(this, snapId);
-    runtime.pendingInboundRequests = runtime.pendingInboundRequests.filter((request) => request.requestId !== requestId);
-    if (runtime.pendingInboundRequests.length === 0) {
-        runtime.lastRequest = Date.now();
-    }
-}, _SnapController_getRollbackSnapshot = function _SnapController_getRollbackSnapshot(snapId) {
-    return __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").get(snapId);
-}, _SnapController_createRollbackSnapshot = function _SnapController_createRollbackSnapshot(snapId) {
-    assert(__classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").get(snapId) === undefined, new Error(`Snap "${snapId}" rollback snapshot already exists.`));
-    __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").set(snapId, {
-        statePatches: [],
-        permissions: {},
-        newVersion: '',
-    });
-    const newRollbackSnapshot = __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").get(snapId);
-    assert(newRollbackSnapshot !== undefined, new Error(`Snapshot creation failed for ${snapId}.`));
-    return newRollbackSnapshot;
-}, _SnapController_rollbackSnap =
-/**
- * Rolls back a snap to its previous state, permissions
- * and source code based on the `RollbackSnapshot` that
- * is captured during the update process. After rolling back,
- * the function also emits an event indicating that the
- * snap has been rolled back and it clears the snapshot
- * for that snap.
- *
- * @param snapId - The snap id.
- * @throws {@link Error}. If a snapshot does not exist.
- */
-async function _SnapController_rollbackSnap(snapId) {
-    const rollbackSnapshot = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRollbackSnapshot).call(this, snapId);
-    if (!rollbackSnapshot) {
-        throw new Error('A snapshot does not exist for this snap.');
-    }
-    await this.stopSnap(snapId, SnapStatusEvents.Stop);
-    // Always set to stopped even if it wasn't running initially
-    if (this.get(snapId)?.status !== SnapStatus.Stopped) {
-        __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_transition).call(this, snapId, SnapStatusEvents.Stop);
-    }
-    const { statePatches, permissions } = rollbackSnapshot;
-    if (statePatches?.length) {
-        this.applyPatches(statePatches);
-    }
-    // Reset snap status, as we may have been in another state when we stored state patches
-    // But now we are 100% in a stopped state
-    if (this.get(snapId)?.status !== SnapStatus.Stopped) {
-        this.update((state) => {
-            state.snaps[snapId].status = SnapStatus.Stopped;
+        this.#updatePermissions({
+            snapId,
+            unusedPermissions: permissions.granted,
+            newPermissions: permissions.revoked,
+            requestData: permissions.requestData,
         });
+        const truncatedSnap = this.getTruncatedExpect(snapId);
+        this.messagingSystem.publish('SnapController:snapRolledback', truncatedSnap, rollbackSnapshot.newVersion);
+        this.#rollbackSnapshots.delete(snapId);
     }
-    __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_updatePermissions).call(this, {
-        snapId,
-        unusedPermissions: permissions.granted,
-        newPermissions: permissions.revoked,
-        requestData: permissions.requestData,
-    });
-    const truncatedSnap = this.getTruncatedExpect(snapId);
-    this.messagingSystem.publish('SnapController:snapRolledback', truncatedSnap, rollbackSnapshot.newVersion);
-    __classPrivateFieldGet(this, _SnapController_rollbackSnapshots, "f").delete(snapId);
-}, _SnapController_rollbackSnaps =
-/**
- * Iterates through an array of snap ids
- * and calls `rollbackSnap` on them.
- *
- * @param snapIds - An array of snap ids.
- */
-async function _SnapController_rollbackSnaps(snapIds) {
-    for (const snapId of snapIds) {
-        await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_rollbackSnap).call(this, snapId);
-    }
-}, _SnapController_getRuntime = function _SnapController_getRuntime(snapId) {
-    return __classPrivateFieldGet(this, _SnapController_snapsRuntimeData, "f").get(snapId);
-}, _SnapController_getRuntimeExpect = function _SnapController_getRuntimeExpect(snapId) {
-    const runtime = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_getRuntime).call(this, snapId);
-    assert(runtime !== undefined, new Error(`Snap "${snapId}" runtime data not found`));
-    return runtime;
-}, _SnapController_setupRuntime = function _SnapController_setupRuntime(snapId) {
-    if (__classPrivateFieldGet(this, _SnapController_snapsRuntimeData, "f").has(snapId)) {
-        return;
-    }
-    const snap = this.get(snapId);
-    const interpreter = interpret(__classPrivateFieldGet(this, _SnapController_statusMachine, "f"));
-    interpreter.start({
-        context: { snapId },
-        value: snap?.status ??
-            __classPrivateFieldGet(this, _SnapController_statusMachine, "f").config.initial,
-    });
-    forceStrict(interpreter);
-    __classPrivateFieldGet(this, _SnapController_snapsRuntimeData, "f").set(snapId, {
-        lastRequest: null,
-        rpcHandler: null,
-        installPromise: null,
-        encryptionKey: null,
-        encryptionSalt: null,
-        activeReferences: 0,
-        pendingInboundRequests: [],
-        pendingOutboundRequests: 0,
-        interpreter,
-        stopping: false,
-    });
-}, _SnapController_calculatePermissionsChange = function _SnapController_calculatePermissionsChange(snapId, desiredPermissionsSet) {
-    const oldPermissions = this.messagingSystem.call('PermissionController:getPermissions', snapId) ?? {};
-    const newPermissions = permissionsDiff(desiredPermissionsSet, oldPermissions);
-    // TODO(ritave): The assumption that these are unused only holds so long as we do not
-    //               permit dynamic permission requests.
-    const unusedPermissions = permissionsDiff(oldPermissions, desiredPermissionsSet);
-    // It's a Set Intersection of oldPermissions and desiredPermissionsSet
-    // oldPermissions ∖ (oldPermissions ∖ desiredPermissionsSet) ⟺ oldPermissions ∩ desiredPermissionsSet
-    const approvedPermissions = permissionsDiff(oldPermissions, unusedPermissions);
-    return { newPermissions, unusedPermissions, approvedPermissions };
-}, _SnapController_isSubjectConnectedToSnap = function _SnapController_isSubjectConnectedToSnap(snapId, origin) {
-    const subjectPermissions = this.messagingSystem.call('PermissionController:getPermissions', origin);
-    const existingCaveat = subjectPermissions?.[WALLET_SNAP_PERMISSION_KEY]?.caveats?.find((caveat) => caveat.type === SnapCaveatType.SnapIds);
-    return Boolean(existingCaveat?.value?.[snapId]);
-}, _SnapController_calculateConnectionsChange = function _SnapController_calculateConnectionsChange(snapId, oldConnectionsSet, desiredConnectionsSet) {
-    // Filter out any origins that have been revoked since last install/update.
-    // That way they will be represented as new.
-    const filteredOldConnections = Object.keys(oldConnectionsSet)
-        .filter((origin) => __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_isSubjectConnectedToSnap).call(this, snapId, origin))
-        .reduce((accumulator, origin) => {
-        accumulator[origin] = oldConnectionsSet[origin];
-        return accumulator;
-    }, {});
-    const newConnections = setDiff(desiredConnectionsSet, filteredOldConnections);
-    const unusedConnections = setDiff(filteredOldConnections, desiredConnectionsSet);
-    // It's a Set Intersection of oldConnections and desiredConnectionsSet
-    // oldConnections ∖ (oldConnections ∖ desiredConnectionsSet) ⟺ oldConnections ∩ desiredConnectionsSet
-    const approvedConnections = setDiff(filteredOldConnections, unusedConnections);
-    return { newConnections, unusedConnections, approvedConnections };
-}, _SnapController_updatePermissions = function _SnapController_updatePermissions({ snapId, unusedPermissions = {}, newPermissions = {}, requestData, }) {
-    const unusedPermissionsKeys = Object.keys(unusedPermissions);
-    if (isNonEmptyArray(unusedPermissionsKeys)) {
-        this.messagingSystem.call('PermissionController:revokePermissions', {
-            [snapId]: unusedPermissionsKeys,
-        });
+    /**
+     * Iterates through an array of snap ids
+     * and calls `rollbackSnap` on them.
+     *
+     * @param snapIds - An array of snap ids.
+     */
+    async #rollbackSnaps(snapIds) {
+        for (const snapId of snapIds) {
+            await this.#rollbackSnap(snapId);
+        }
     }
-    if (isNonEmptyArray(Object.keys(newPermissions))) {
-        this.messagingSystem.call('PermissionController:grantPermissions', {
-            approvedPermissions: newPermissions,
-            subject: { origin: snapId },
-            requestData,
+    #getRuntime(snapId) {
+        return this.#snapsRuntimeData.get(snapId);
+    }
+    #getRuntimeExpect(snapId) {
+        const runtime = this.#getRuntime(snapId);
+        assert(runtime !== undefined, new Error(`Snap "${snapId}" runtime data not found`));
+        return runtime;
+    }
+    #setupRuntime(snapId) {
+        if (this.#snapsRuntimeData.has(snapId)) {
+            return;
+        }
+        const snap = this.get(snapId);
+        const interpreter = interpret(this.#statusMachine);
+        interpreter.start({
+            context: { snapId },
+            value: snap?.status ??
+                this.#statusMachine.config.initial,
+        });
+        forceStrict(interpreter);
+        this.#snapsRuntimeData.set(snapId, {
+            lastRequest: null,
+            rpcHandler: null,
+            installPromise: null,
+            encryptionKey: null,
+            encryptionSalt: null,
+            activeReferences: 0,
+            pendingInboundRequests: [],
+            pendingOutboundRequests: 0,
+            interpreter,
+            stopping: false,
         });
     }
-}, _SnapController_isValidUpdate = function _SnapController_isValidUpdate(snapId, newVersionRange) {
-    const existingSnap = this.getExpect(snapId);
-    if (satisfiesVersionRange(existingSnap.version, newVersionRange)) {
-        return false;
+    #calculatePermissionsChange(snapId, desiredPermissionsSet) {
+        const oldPermissions = this.messagingSystem.call('PermissionController:getPermissions', snapId) ?? {};
+        const newPermissions = permissionsDiff(desiredPermissionsSet, oldPermissions);
+        // TODO(ritave): The assumption that these are unused only holds so long as we do not
+        //               permit dynamic permission requests.
+        const unusedPermissions = permissionsDiff(oldPermissions, desiredPermissionsSet);
+        // It's a Set Intersection of oldPermissions and desiredPermissionsSet
+        // oldPermissions ∖ (oldPermissions ∖ desiredPermissionsSet) ⟺ oldPermissions ∩ desiredPermissionsSet
+        const approvedPermissions = permissionsDiff(oldPermissions, unusedPermissions);
+        return { newPermissions, unusedPermissions, approvedPermissions };
+    }
+    #isSubjectConnectedToSnap(snapId, origin) {
+        const subjectPermissions = this.messagingSystem.call('PermissionController:getPermissions', origin);
+        const existingCaveat = subjectPermissions?.[WALLET_SNAP_PERMISSION_KEY]?.caveats?.find((caveat) => caveat.type === SnapCaveatType.SnapIds);
+        return Boolean(existingCaveat?.value?.[snapId]);
+    }
+    #calculateConnectionsChange(snapId, oldConnectionsSet, desiredConnectionsSet) {
+        // Filter out any origins that have been revoked since last install/update.
+        // That way they will be represented as new.
+        const filteredOldConnections = Object.keys(oldConnectionsSet)
+            .filter((origin) => this.#isSubjectConnectedToSnap(snapId, origin))
+            .reduce((accumulator, origin) => {
+            accumulator[origin] = oldConnectionsSet[origin];
+            return accumulator;
+        }, {});
+        const newConnections = setDiff(desiredConnectionsSet, filteredOldConnections);
+        const unusedConnections = setDiff(filteredOldConnections, desiredConnectionsSet);
+        // It's a Set Intersection of oldConnections and desiredConnectionsSet
+        // oldConnections ∖ (oldConnections ∖ desiredConnectionsSet) ⟺ oldConnections ∩ desiredConnectionsSet
+        const approvedConnections = setDiff(filteredOldConnections, unusedConnections);
+        return { newConnections, unusedConnections, approvedConnections };
     }
-    if (gtRange(existingSnap.version, newVersionRange)) {
-        return false;
+    /**
+     * Updates the permissions for a snap following an install, update or rollback.
+     *
+     * Grants newly requested permissions and revokes unused/revoked permissions.
+     *
+     * @param args - An options bag.
+     * @param args.snapId - The snap ID.
+     * @param args.newPermissions - New permissions to be granted.
+     * @param args.unusedPermissions - Unused permissions to be revoked.
+     * @param args.requestData - Optional request data from an approval.
+     */
+    #updatePermissions({ snapId, unusedPermissions = {}, newPermissions = {}, requestData, }) {
+        const unusedPermissionsKeys = Object.keys(unusedPermissions);
+        if (isNonEmptyArray(unusedPermissionsKeys)) {
+            this.messagingSystem.call('PermissionController:revokePermissions', {
+                [snapId]: unusedPermissionsKeys,
+            });
+        }
+        if (isNonEmptyArray(Object.keys(newPermissions))) {
+            this.messagingSystem.call('PermissionController:grantPermissions', {
+                approvedPermissions: newPermissions,
+                subject: { origin: snapId },
+                requestData,
+            });
+        }
     }
-    return true;
-}, _SnapController_callLifecycleHook =
-/**
- * Call a lifecycle hook on a snap, if the snap has the
- * `endowment:lifecycle-hooks` permission. If the snap does not have the
- * permission, nothing happens.
- *
- * @param origin - The origin.
- * @param snapId - The snap ID.
- * @param handler - The lifecycle hook to call. This should be one of the
- * supported lifecycle hooks.
- * @private
- */
-async function _SnapController_callLifecycleHook(origin, snapId, handler) {
-    const permissionName = handlerEndowments[handler];
-    assert(permissionName, 'Lifecycle hook must have an endowment.');
-    const hasPermission = this.messagingSystem.call('PermissionController:hasPermission', snapId, permissionName);
-    if (!hasPermission) {
-        return;
-    }
-    await this.handleRequest({
-        snapId,
-        handler,
-        origin,
-        request: {
-            jsonrpc: '2.0',
-            method: handler,
-        },
-    });
-};
+    /**
+     * Checks if a snap will pass version validation checks
+     * with the new version range that is requested. The first
+     * check that is done is to check if the existing snap version
+     * falls inside the requested range. If it does, we want to return
+     * false because we do not care to create a rollback snapshot in
+     * that scenario. The second check is to ensure that the current
+     * snap version is not greater than all possible versions in
+     * the requested version range. If it is, then we also want
+     * to return false in that scenario.
+     *
+     * @param snapId - The snap id.
+     * @param newVersionRange - The new version range being requested.
+     * @returns `true` if validation checks pass and `false` if they do not.
+     */
+    #isValidUpdate(snapId, newVersionRange) {
+        const existingSnap = this.getExpect(snapId);
+        if (satisfiesVersionRange(existingSnap.version, newVersionRange)) {
+            return false;
+        }
+        if (gtRange(existingSnap.version, newVersionRange)) {
+            return false;
+        }
+        return true;
+    }
+    /**
+     * Call a lifecycle hook on a snap, if the snap has the
+     * `endowment:lifecycle-hooks` permission. If the snap does not have the
+     * permission, nothing happens.
+     *
+     * @param origin - The origin.
+     * @param snapId - The snap ID.
+     * @param handler - The lifecycle hook to call. This should be one of the
+     * supported lifecycle hooks.
+     * @private
+     */
+    async #callLifecycleHook(origin, snapId, handler) {
+        const permissionName = handlerEndowments[handler];
+        assert(permissionName, 'Lifecycle hook must have an endowment.');
+        const hasPermission = this.messagingSystem.call('PermissionController:hasPermission', snapId, permissionName);
+        if (!hasPermission) {
+            return;
+        }
+        await this.handleRequest({
+            snapId,
+            handler,
+            origin,
+            request: {
+                jsonrpc: '2.0',
+                method: handler,
+            },
+        });
+    }
+}
 //# sourceMappingURL=SnapController.mjs.map