@metamask/snaps-execution-environments 0.38.1-flask.1 → 0.38.2-flask.1

package/dist/cjs/common/BaseSnapExecutor.js

@@ -1,5 +1,5 @@
 // eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment
-/// <reference path="../../../../node_modules/ses/index.d.ts" />
+/// <reference path="../../../../node_modules/ses/types.d.ts" />
 "use strict";
 Object.defineProperty(exports, "__esModule", {
     value: true

package/dist/cjs/common/BaseSnapExecutor.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/common/BaseSnapExecutor.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../node_modules/ses/index.d.ts\" />\nimport { StreamProvider } from '@metamask/providers';\nimport type { RequestArguments } from '@metamask/providers/dist/BaseProvider';\nimport type { SnapsGlobalObject } from '@metamask/rpc-methods';\nimport type {\n  SnapExports,\n  HandlerType,\n  SnapExportsParameters,\n} from '@metamask/snaps-utils';\nimport {\n  SNAP_EXPORT_NAMES,\n  logError,\n  SNAP_EXPORTS,\n} from '@metamask/snaps-utils';\nimport type {\n  JsonRpcNotification,\n  JsonRpcId,\n  JsonRpcRequest,\n  Json,\n} from '@metamask/utils';\nimport {\n  isObject,\n  isValidJson,\n  assert,\n  isJsonRpcRequest,\n  hasProperty,\n  getSafeJson,\n} from '@metamask/utils';\nimport { errorCodes, ethErrors, serializeError } from 'eth-rpc-errors';\nimport { createIdRemapMiddleware } from 'json-rpc-engine';\nimport type { Duplex } from 'stream';\nimport { validate } from 'superstruct';\n\nimport { log } from '../logging';\nimport EEOpenRPCDocument from '../openrpc.json';\nimport type { CommandMethodsMapping } from './commands';\nimport { getCommandMethodImplementations } from './commands';\nimport { createEndowments } from './endowments';\nimport { addEventListener, removeEventListener } from './globalEvents';\nimport { sortParamKeys } from './sortParams';\nimport {\n  assertEthereumOutboundRequest,\n  assertSnapOutboundRequest,\n  constructError,\n  proxyStreamProvider,\n  withTeardown,\n} from './utils';\nimport {\n  ExecuteSnapRequestArgumentsStruct,\n  PingRequestArgumentsStruct,\n  SnapRpcRequestArgumentsStruct,\n  TerminateRequestArgumentsStruct,\n} from './validation';\n\ntype EvaluationData = {\n  stop: () => void;\n};\n\ntype SnapData = {\n  exports: SnapExports;\n  runningEvaluations: Set<EvaluationData>;\n  idleTeardown: () => Promise<void>;\n};\n\nconst fallbackError = {\n  code: errorCodes.rpc.internal,\n  message: 'Execution Environment Error',\n};\n\nexport type InvokeSnapArgs = Omit<SnapExportsParameters[0], 'chainId'>;\n\nexport type InvokeSnap = (\n  target: string,\n  handler: HandlerType,\n  args: InvokeSnapArgs | undefined,\n) => Promise<Json>;\n\n/**\n * The supported methods in the execution environment. The validator checks the\n * incoming JSON-RPC request, and the `params` property is used for sorting the\n * parameters, if they are an object.\n */\nconst EXECUTION_ENVIRONMENT_METHODS = {\n  ping: {\n    struct: PingRequestArgumentsStruct,\n    params: [],\n  },\n  executeSnap: {\n    struct: ExecuteSnapRequestArgumentsStruct,\n    params: ['snapId', 'sourceCode', 'endowments'],\n  },\n  terminate: {\n    struct: TerminateRequestArgumentsStruct,\n    params: [],\n  },\n  snapRpc: {\n    struct: SnapRpcRequestArgumentsStruct,\n    params: ['target', 'handler', 'origin', 'request'],\n  },\n};\n\ntype Methods = typeof EXECUTION_ENVIRONMENT_METHODS;\n\nexport class BaseSnapExecutor {\n  private readonly snapData: Map<string, SnapData>;\n\n  private readonly commandStream: Duplex;\n\n  private readonly rpcStream: Duplex;\n\n  private readonly methods: CommandMethodsMapping;\n\n  private snapErrorHandler?: (event: ErrorEvent) => void;\n\n  private snapPromiseErrorHandler?: (event: PromiseRejectionEvent) => void;\n\n  private lastTeardown = 0;\n\n  protected constructor(commandStream: Duplex, rpcStream: Duplex) {\n    this.snapData = new Map();\n    this.commandStream = commandStream;\n    this.commandStream.on('data', (data) => {\n      this.onCommandRequest(data).catch((error) => {\n        // TODO: Decide how to handle errors.\n        logError(error);\n      });\n    });\n    this.rpcStream = rpcStream;\n\n    this.methods = getCommandMethodImplementations(\n      this.startSnap.bind(this),\n      async (target, handlerType, args) => {\n        const data = this.snapData.get(target);\n        // We're capturing the handler in case someone modifies the data object\n        // before the call.\n        const handler = data?.exports[handlerType];\n        const { required } = SNAP_EXPORTS[handlerType];\n\n        assert(\n          !required || handler !== undefined,\n          `No ${handlerType} handler exported for snap \"${target}`,\n        );\n\n        // Certain handlers are not required. If they are not exported, we\n        // return null.\n        if (!handler) {\n          return null;\n        }\n\n        // TODO: fix handler args type cast\n        let result = await this.executeInSnapContext(target, () =>\n          handler(args as any),\n        );\n\n        // The handler might not return anything, but undefined is not valid JSON.\n        if (result === undefined) {\n          result = null;\n        }\n\n        // /!\\ Always return only sanitized JSON to prevent security flaws. /!\\\n        try {\n          return getSafeJson(result);\n        } catch (error) {\n          throw new TypeError(\n            `Received non-JSON-serializable value: ${error.message.replace(\n              /^Assertion failed: /u,\n              '',\n            )}`,\n          );\n        }\n      },\n      this.onTerminate.bind(this),\n    );\n  }\n\n  private errorHandler(error: unknown, data: Record<string, Json>) {\n    const constructedError = constructError(error);\n    const serializedError = serializeError(constructedError, {\n      fallbackError,\n      shouldIncludeStack: false,\n    });\n\n    // We're setting it this way to avoid sentData.stack = undefined\n    const sentData: Json = { ...data, stack: constructedError?.stack ?? null };\n\n    this.notify({\n      method: 'UnhandledError',\n      params: {\n        error: {\n          ...serializedError,\n          data: sentData,\n        },\n      },\n    });\n  }\n\n  private async onCommandRequest(message: JsonRpcRequest) {\n    if (!isJsonRpcRequest(message)) {\n      throw new Error('Command stream received a non-JSON-RPC request.');\n    }\n\n    const { id, method, params } = message;\n    if (method === 'rpc.discover') {\n      this.respond(id, {\n        result: EEOpenRPCDocument,\n      });\n      return;\n    }\n\n    if (!hasProperty(EXECUTION_ENVIRONMENT_METHODS, method)) {\n      this.respond(id, {\n        error: ethErrors.rpc\n          .methodNotFound({\n            data: {\n              method,\n            },\n          })\n          .serialize(),\n      });\n      return;\n    }\n\n    const methodObject = EXECUTION_ENVIRONMENT_METHODS[method as keyof Methods];\n\n    // support params by-name and by-position\n    const paramsAsArray = sortParamKeys(methodObject.params, params);\n\n    const [error] = validate<any, any>(paramsAsArray, methodObject.struct);\n    if (error) {\n      this.respond(id, {\n        error: ethErrors.rpc\n          .invalidParams({\n            message: `Invalid parameters for method \"${method}\": ${error.message}.`,\n            data: {\n              method,\n              params: paramsAsArray,\n            },\n          })\n          .serialize(),\n      });\n      return;\n    }\n\n    try {\n      const result = await (this.methods as any)[method](...paramsAsArray);\n      this.respond(id, { result });\n    } catch (rpcError) {\n      this.respond(id, {\n        error: serializeError(rpcError, {\n          fallbackError,\n        }),\n      });\n    }\n  }\n\n  protected notify(requestObject: Omit<JsonRpcNotification, 'jsonrpc'>) {\n    if (!isValidJson(requestObject) || !isObject(requestObject)) {\n      throw new Error(\n        'JSON-RPC notifications must be JSON serializable objects',\n      );\n    }\n\n    this.commandStream.write({\n      ...requestObject,\n      jsonrpc: '2.0',\n    });\n  }\n\n  protected respond(id: JsonRpcId, requestObject: Record<string, unknown>) {\n    if (!isValidJson(requestObject) || !isObject(requestObject)) {\n      throw new Error('JSON-RPC responses must be JSON serializable objects.');\n    }\n\n    this.commandStream.write({\n      ...requestObject,\n      id,\n      jsonrpc: '2.0',\n    });\n  }\n\n  /**\n   * Attempts to evaluate a snap in SES. Generates APIs for the snap. May throw\n   * on errors.\n   *\n   * @param snapId - The id of the snap.\n   * @param sourceCode - The source code of the snap, in IIFE format.\n   * @param _endowments - An array of the names of the endowments.\n   */\n  protected async startSnap(\n    snapId: string,\n    sourceCode: string,\n    _endowments?: string[],\n  ): Promise<void> {\n    log(`Starting snap '${snapId}' in worker.`);\n    if (this.snapPromiseErrorHandler) {\n      removeEventListener('unhandledrejection', this.snapPromiseErrorHandler);\n    }\n\n    if (this.snapErrorHandler) {\n      removeEventListener('error', this.snapErrorHandler);\n    }\n\n    this.snapErrorHandler = (error: ErrorEvent) => {\n      this.errorHandler(error.error, { snapId });\n    };\n\n    this.snapPromiseErrorHandler = (error: PromiseRejectionEvent) => {\n      this.errorHandler(error instanceof Error ? error : error.reason, {\n        snapId,\n      });\n    };\n\n    const provider = new StreamProvider(this.rpcStream, {\n      jsonRpcStreamName: 'metamask-provider',\n      rpcMiddleware: [createIdRemapMiddleware()],\n    });\n\n    await provider.initialize();\n\n    const snap = this.createSnapGlobal(provider);\n    const ethereum = this.createEIP1193Provider(provider);\n    // We specifically use any type because the Snap can modify the object any way they want\n    const snapModule: any = { exports: {} };\n\n    try {\n      const { endowments, teardown: endowmentTeardown } = createEndowments(\n        snap,\n        ethereum,\n        snapId,\n        _endowments,\n      );\n\n      // !!! Ensure that this is the only place the data is being set.\n      // Other methods access the object value and mutate its properties.\n      this.snapData.set(snapId, {\n        idleTeardown: endowmentTeardown,\n        runningEvaluations: new Set(),\n        exports: {},\n      });\n\n      addEventListener('unhandledRejection', this.snapPromiseErrorHandler);\n      addEventListener('error', this.snapErrorHandler);\n\n      const compartment = new Compartment({\n        ...endowments,\n        module: snapModule,\n        exports: snapModule.exports,\n      });\n      // All of those are JavaScript runtime specific and self referential,\n      // but we add them for compatibility sake with external libraries.\n      //\n      // We can't do that in the injected globals object above\n      // because SES creates its own globalThis\n      compartment.globalThis.self = compartment.globalThis;\n      compartment.globalThis.global = compartment.globalThis;\n      compartment.globalThis.window = compartment.globalThis;\n\n      await this.executeInSnapContext(snapId, () => {\n        compartment.evaluate(sourceCode);\n        this.registerSnapExports(snapId, snapModule);\n      });\n    } catch (error) {\n      this.removeSnap(snapId);\n      throw new Error(\n        `Error while running snap '${snapId}': ${(error as Error).message}`,\n      );\n    }\n  }\n\n  /**\n   * Cancels all running evaluations of all snaps and clears all snap data.\n   * NOTE:** Should only be called in response to the `terminate` RPC command.\n   */\n  protected onTerminate() {\n    // `stop()` tears down snap endowments.\n    // Teardown will also be run for each snap as soon as there are\n    // no more running evaluations for that snap.\n    this.snapData.forEach((data) =>\n      data.runningEvaluations.forEach((evaluation) => evaluation.stop()),\n    );\n    this.snapData.clear();\n  }\n\n  private registerSnapExports(snapId: string, snapModule: any) {\n    const data = this.snapData.get(snapId);\n    // Somebody deleted the snap before we could register.\n    if (!data) {\n      return;\n    }\n\n    data.exports = SNAP_EXPORT_NAMES.reduce((acc, exportName) => {\n      const snapExport = snapModule.exports[exportName];\n      const { validator } = SNAP_EXPORTS[exportName];\n      if (validator(snapExport)) {\n        return { ...acc, [exportName]: snapExport };\n      }\n      return acc;\n    }, {});\n  }\n\n  /**\n   * Instantiates a snap API object (i.e. `globalThis.snap`).\n   *\n   * @param provider - A StreamProvider connected to MetaMask.\n   * @returns The snap provider object.\n   */\n  private createSnapGlobal(provider: StreamProvider): SnapsGlobalObject {\n    const originalRequest = provider.request.bind(provider);\n\n    const request = async (args: RequestArguments) => {\n      assertSnapOutboundRequest(args);\n      const sanitizedArgs = getSafeJson(args);\n      this.notify({ method: 'OutboundRequest' });\n      try {\n        return await withTeardown(\n          originalRequest(sanitizedArgs as unknown as RequestArguments),\n          this as any,\n        );\n      } finally {\n        this.notify({ method: 'OutboundResponse' });\n      }\n    };\n\n    // Proxy target is intentionally set to be an empty object, to ensure\n    // that access to the prototype chain is not possible.\n    const snapGlobalProxy = new Proxy(\n      {},\n      {\n        has(_target: object, prop: string | symbol) {\n          return typeof prop === 'string' && ['request'].includes(prop);\n        },\n        get(_target, prop: keyof StreamProvider) {\n          if (prop === 'request') {\n            return request;\n          }\n\n          return undefined;\n        },\n      },\n    ) as SnapsGlobalObject;\n\n    return harden(snapGlobalProxy);\n  }\n\n  /**\n   * Instantiates an EIP-1193 Ethereum provider object (i.e. `globalThis.ethereum`).\n   *\n   * @param provider - A StreamProvider connected to MetaMask.\n   * @returns The EIP-1193 Ethereum provider object.\n   */\n  private createEIP1193Provider(provider: StreamProvider): StreamProvider {\n    const originalRequest = provider.request.bind(provider);\n\n    const request = async (args: RequestArguments) => {\n      assertEthereumOutboundRequest(args);\n      const sanitizedArgs = getSafeJson(args);\n      this.notify({ method: 'OutboundRequest' });\n      try {\n        return await withTeardown(\n          originalRequest(sanitizedArgs as unknown as RequestArguments),\n          this as any,\n        );\n      } finally {\n        this.notify({ method: 'OutboundResponse' });\n      }\n    };\n\n    const streamProviderProxy = proxyStreamProvider(provider, request);\n\n    return harden(streamProviderProxy);\n  }\n\n  /**\n   * Removes the snap with the given name.\n   *\n   * @param snapId - The id of the snap to remove.\n   */\n  private removeSnap(snapId: string): void {\n    this.snapData.delete(snapId);\n  }\n\n  /**\n   * Calls the specified executor function in the context of the specified snap.\n   * Essentially, this means that the operation performed by the executor is\n   * counted as an evaluation of the specified snap. When the count of running\n   * evaluations of a snap reaches zero, its endowments are torn down.\n   *\n   * @param snapId - The id of the snap whose context to execute in.\n   * @param executor - The function that will be executed in the snap's context.\n   * @returns The executor's return value.\n   * @template Result - The return value of the executor.\n   */\n  private async executeInSnapContext<Result>(\n    snapId: string,\n    executor: () => Promise<Result> | Result,\n  ): Promise<Result> {\n    const data = this.snapData.get(snapId);\n    if (data === undefined) {\n      throw new Error(\n        `Tried to execute in context of unknown snap: \"${snapId}\".`,\n      );\n    }\n\n    let stop: () => void;\n    const stopPromise = new Promise<never>(\n      (_, reject) =>\n        (stop = () =>\n          reject(\n            // TODO(rekmarks): Specify / standardize error code for this case.\n            ethErrors.rpc.internal(\n              `The snap \"${snapId}\" has been terminated during execution.`,\n            ),\n          )),\n    );\n\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    const evaluationData = { stop: stop! };\n\n    try {\n      data.runningEvaluations.add(evaluationData);\n      // Notice that we have to await this executor.\n      // If we didn't, we would decrease the amount of running evaluations\n      // before the promise actually resolves\n      return await Promise.race([executor(), stopPromise]);\n    } finally {\n      data.runningEvaluations.delete(evaluationData);\n\n      if (data.runningEvaluations.size === 0) {\n        this.lastTeardown += 1;\n        await data.idleTeardown();\n      }\n    }\n  }\n}\n"],"names":["BaseSnapExecutor","fallbackError","code","errorCodes","rpc","internal","message","EXECUTION_ENVIRONMENT_METHODS","ping","struct","PingRequestArgumentsStruct","params","executeSnap","ExecuteSnapRequestArgumentsStruct","terminate","TerminateRequestArgumentsStruct","snapRpc","SnapRpcRequestArgumentsStruct","errorHandler","error","data","constructedError","constructError","serializedError","serializeError","shouldIncludeStack","sentData","stack","notify","method","onCommandRequest","isJsonRpcRequest","Error","id","respond","result","EEOpenRPCDocument","hasProperty","ethErrors","methodNotFound","serialize","methodObject","paramsAsArray","sortParamKeys","validate","invalidParams","methods","rpcError","requestObject","isValidJson","isObject","commandStream","write","jsonrpc","startSnap","snapId","sourceCode","_endowments","log","snapPromiseErrorHandler","removeEventListener","snapErrorHandler","reason","provider","StreamProvider","rpcStream","jsonRpcStreamName","rpcMiddleware","createIdRemapMiddleware","initialize","snap","createSnapGlobal","ethereum","createEIP1193Provider","snapModule","exports","endowments","teardown","endowmentTeardown","createEndowments","snapData","set","idleTeardown","runningEvaluations","Set","addEventListener","compartment","Compartment","module","globalThis","self","global","window","executeInSnapContext","evaluate","registerSnapExports","removeSnap","onTerminate","forEach","evaluation","stop","clear","get","SNAP_EXPORT_NAMES","reduce","acc","exportName","snapExport","validator","SNAP_EXPORTS","originalRequest","request","bind","args","assertSnapOutboundRequest","sanitizedArgs","getSafeJson","withTeardown","snapGlobalProxy","Proxy","has","_target","prop","includes","undefined","harden","assertEthereumOutboundRequest","streamProviderProxy","proxyStreamProvider","delete","executor","stopPromise","Promise","_","reject","evaluationData","add","race","size","lastTeardown","Map","on","catch","logError","getCommandMethodImplementations","target","handlerType","handler","required","assert","TypeError","replace"],"mappings":"AAAA,qFAAqF;AACrF,gEAAgE;;;;;+BAuGnDA;;;eAAAA;;;2BAtGkB;4BAYxB;uBAcA;8BAC+C;+BACd;6BAEf;yBAEL;oEACU;0BAEkB;4BACf;8BACqB;4BACxB;wBAOvB;4BAMA;;;;;;;;;;;;;;;;;;;AAYP,MAAMC,gBAAgB;IACpBC,MAAMC,wBAAU,CAACC,GAAG,CAACC,QAAQ;IAC7BC,SAAS;AACX;AAUA;;;;CAIC,GACD,MAAMC,gCAAgC;IACpCC,MAAM;QACJC,QAAQC,sCAA0B;QAClCC,QAAQ,EAAE;IACZ;IACAC,aAAa;QACXH,QAAQI,6CAAiC;QACzCF,QAAQ;YAAC;YAAU;YAAc;SAAa;IAChD;IACAG,WAAW;QACTL,QAAQM,2CAA+B;QACvCJ,QAAQ,EAAE;IACZ;IACAK,SAAS;QACPP,QAAQQ,yCAA6B;QACrCN,QAAQ;YAAC;YAAU;YAAW;YAAU;SAAU;IACpD;AACF;AAIO,MAAMX;IAwEHkB,aAAaC,KAAc,EAAEC,IAA0B,EAAE;QAC/D,MAAMC,mBAAmBC,IAAAA,sBAAc,EAACH;QACxC,MAAMI,kBAAkBC,IAAAA,4BAAc,EAACH,kBAAkB;YACvDpB;YACAwB,oBAAoB;QACtB;QAEA,gEAAgE;QAChE,MAAMC,WAAiB;YAAE,GAAGN,IAAI;YAAEO,OAAON,kBAAkBM,SAAS;QAAK;QAEzE,IAAI,CAACC,MAAM,CAAC;YACVC,QAAQ;YACRlB,QAAQ;gBACNQ,OAAO;oBACL,GAAGI,eAAe;oBAClBH,MAAMM;gBACR;YACF;QACF;IACF;IAEA,MAAcI,iBAAiBxB,OAAuB,EAAE;QACtD,IAAI,CAACyB,IAAAA,uBAAgB,EAACzB,UAAU;YAC9B,MAAM,IAAI0B,MAAM;QAClB;QAEA,MAAM,EAAEC,EAAE,EAAEJ,MAAM,EAAElB,MAAM,EAAE,GAAGL;QAC/B,IAAIuB,WAAW,gBAAgB;YAC7B,IAAI,CAACK,OAAO,CAACD,IAAI;gBACfE,QAAQC,oBAAiB;YAC3B;YACA;QACF;QAEA,IAAI,CAACC,IAAAA,kBAAW,EAAC9B,+BAA+BsB,SAAS;YACvD,IAAI,CAACK,OAAO,CAACD,IAAI;gBACfd,OAAOmB,uBAAS,CAAClC,GAAG,CACjBmC,cAAc,CAAC;oBACdnB,MAAM;wBACJS;oBACF;gBACF,GACCW,SAAS;YACd;YACA;QACF;QAEA,MAAMC,eAAelC,6BAA6B,CAACsB,OAAwB;QAE3E,yCAAyC;QACzC,MAAMa,gBAAgBC,IAAAA,yBAAa,EAACF,aAAa9B,MAAM,EAAEA;QAEzD,MAAM,CAACQ,MAAM,GAAGyB,IAAAA,qBAAQ,EAAWF,eAAeD,aAAahC,MAAM;QACrE,IAAIU,OAAO;YACT,IAAI,CAACe,OAAO,CAACD,IAAI;gBACfd,OAAOmB,uBAAS,CAAClC,GAAG,CACjByC,aAAa,CAAC;oBACbvC,SAAS,CAAC,+BAA+B,EAAEuB,OAAO,GAAG,EAAEV,MAAMb,OAAO,CAAC,CAAC,CAAC;oBACvEc,MAAM;wBACJS;wBACAlB,QAAQ+B;oBACV;gBACF,GACCF,SAAS;YACd;YACA;QACF;QAEA,IAAI;YACF,MAAML,SAAS,MAAM,AAAC,IAAI,CAACW,OAAO,AAAQ,CAACjB,OAAO,IAAIa;YACtD,IAAI,CAACR,OAAO,CAACD,IAAI;gBAAEE;YAAO;QAC5B,EAAE,OAAOY,UAAU;YACjB,IAAI,CAACb,OAAO,CAACD,IAAI;gBACfd,OAAOK,IAAAA,4BAAc,EAACuB,UAAU;oBAC9B9C;gBACF;YACF;QACF;IACF;IAEU2B,OAAOoB,aAAmD,EAAE;QACpE,IAAI,CAACC,IAAAA,kBAAW,EAACD,kBAAkB,CAACE,IAAAA,eAAQ,EAACF,gBAAgB;YAC3D,MAAM,IAAIhB,MACR;QAEJ;QAEA,IAAI,CAACmB,aAAa,CAACC,KAAK,CAAC;YACvB,GAAGJ,aAAa;YAChBK,SAAS;QACX;IACF;IAEUnB,QAAQD,EAAa,EAAEe,aAAsC,EAAE;QACvE,IAAI,CAACC,IAAAA,kBAAW,EAACD,kBAAkB,CAACE,IAAAA,eAAQ,EAACF,gBAAgB;YAC3D,MAAM,IAAIhB,MAAM;QAClB;QAEA,IAAI,CAACmB,aAAa,CAACC,KAAK,CAAC;YACvB,GAAGJ,aAAa;YAChBf;YACAoB,SAAS;QACX;IACF;IAEA;;;;;;;GAOC,GACD,MAAgBC,UACdC,MAAc,EACdC,UAAkB,EAClBC,YAAsB,EACP;QACfC,IAAAA,YAAG,EAAC,CAAC,eAAe,EAAEH,OAAO,YAAY,CAAC;QAC1C,IAAI,IAAI,CAACI,uBAAuB,EAAE;YAChCC,IAAAA,iCAAmB,EAAC,sBAAsB,IAAI,CAACD,uBAAuB;QACxE;QAEA,IAAI,IAAI,CAACE,gBAAgB,EAAE;YACzBD,IAAAA,iCAAmB,EAAC,SAAS,IAAI,CAACC,gBAAgB;QACpD;QAEA,IAAI,CAACA,gBAAgB,GAAG,CAAC1C;YACvB,IAAI,CAACD,YAAY,CAACC,MAAMA,KAAK,EAAE;gBAAEoC;YAAO;QAC1C;QAEA,IAAI,CAACI,uBAAuB,GAAG,CAACxC;YAC9B,IAAI,CAACD,YAAY,CAACC,iBAAiBa,QAAQb,QAAQA,MAAM2C,MAAM,EAAE;gBAC/DP;YACF;QACF;QAEA,MAAMQ,WAAW,IAAIC,yBAAc,CAAC,IAAI,CAACC,SAAS,EAAE;YAClDC,mBAAmB;YACnBC,eAAe;gBAACC,IAAAA,sCAAuB;aAAG;QAC5C;QAEA,MAAML,SAASM,UAAU;QAEzB,MAAMC,OAAO,IAAI,CAACC,gBAAgB,CAACR;QACnC,MAAMS,WAAW,IAAI,CAACC,qBAAqB,CAACV;QAC5C,wFAAwF;QACxF,MAAMW,aAAkB;YAAEC,SAAS,CAAC;QAAE;QAEtC,IAAI;YACF,MAAM,EAAEC,UAAU,EAAEC,UAAUC,iBAAiB,EAAE,GAAGC,IAAAA,4BAAgB,EAClET,MACAE,UACAjB,QACAE;YAGF,gEAAgE;YAChE,mEAAmE;YACnE,IAAI,CAACuB,QAAQ,CAACC,GAAG,CAAC1B,QAAQ;gBACxB2B,cAAcJ;gBACdK,oBAAoB,IAAIC;gBACxBT,SAAS,CAAC;YACZ;YAEAU,IAAAA,8BAAgB,EAAC,sBAAsB,IAAI,CAAC1B,uBAAuB;YACnE0B,IAAAA,8BAAgB,EAAC,SAAS,IAAI,CAACxB,gBAAgB;YAE/C,MAAMyB,cAAc,IAAIC,YAAY;gBAClC,GAAGX,UAAU;gBACbY,QAAQd;gBACRC,SAASD,WAAWC,OAAO;YAC7B;YACA,qEAAqE;YACrE,kEAAkE;YAClE,EAAE;YACF,wDAAwD;YACxD,yCAAyC;YACzCW,YAAYG,UAAU,CAACC,IAAI,GAAGJ,YAAYG,UAAU;YACpDH,YAAYG,UAAU,CAACE,MAAM,GAAGL,YAAYG,UAAU;YACtDH,YAAYG,UAAU,CAACG,MAAM,GAAGN,YAAYG,UAAU;YAEtD,MAAM,IAAI,CAACI,oBAAoB,CAACtC,QAAQ;gBACtC+B,YAAYQ,QAAQ,CAACtC;gBACrB,IAAI,CAACuC,mBAAmB,CAACxC,QAAQmB;YACnC;QACF,EAAE,OAAOvD,OAAO;YACd,IAAI,CAAC6E,UAAU,CAACzC;YAChB,MAAM,IAAIvB,MACR,CAAC,0BAA0B,EAAEuB,OAAO,GAAG,EAAE,AAACpC,MAAgBb,OAAO,CAAC,CAAC;QAEvE;IACF;IAEA;;;GAGC,GACD,AAAU2F,cAAc;QACtB,uCAAuC;QACvC,+DAA+D;QAC/D,6CAA6C;QAC7C,IAAI,CAACjB,QAAQ,CAACkB,OAAO,CAAC,CAAC9E,OACrBA,KAAK+D,kBAAkB,CAACe,OAAO,CAAC,CAACC,aAAeA,WAAWC,IAAI;QAEjE,IAAI,CAACpB,QAAQ,CAACqB,KAAK;IACrB;IAEQN,oBAAoBxC,MAAc,EAAEmB,UAAe,EAAE;QAC3D,MAAMtD,OAAO,IAAI,CAAC4D,QAAQ,CAACsB,GAAG,CAAC/C;QAC/B,sDAAsD;QACtD,IAAI,CAACnC,MAAM;YACT;QACF;QAEAA,KAAKuD,OAAO,GAAG4B,6BAAiB,CAACC,MAAM,CAAC,CAACC,KAAKC;YAC5C,MAAMC,aAAajC,WAAWC,OAAO,CAAC+B,WAAW;YACjD,MAAM,EAAEE,SAAS,EAAE,GAAGC,wBAAY,CAACH,WAAW;YAC9C,IAAIE,UAAUD,aAAa;gBACzB,OAAO;oBAAE,GAAGF,GAAG;oBAAE,CAACC,WAAW,EAAEC;gBAAW;YAC5C;YACA,OAAOF;QACT,GAAG,CAAC;IACN;IAEA;;;;;GAKC,GACD,AAAQlC,iBAAiBR,QAAwB,EAAqB;QACpE,MAAM+C,kBAAkB/C,SAASgD,OAAO,CAACC,IAAI,CAACjD;QAE9C,MAAMgD,UAAU,OAAOE;YACrBC,IAAAA,iCAAyB,EAACD;YAC1B,MAAME,gBAAgBC,IAAAA,kBAAW,EAACH;YAClC,IAAI,CAACrF,MAAM,CAAC;gBAAEC,QAAQ;YAAkB;YACxC,IAAI;gBACF,OAAO,MAAMwF,IAAAA,oBAAY,EACvBP,gBAAgBK,gBAChB,IAAI;YAER,SAAU;gBACR,IAAI,CAACvF,MAAM,CAAC;oBAAEC,QAAQ;gBAAmB;YAC3C;QACF;QAEA,qEAAqE;QACrE,sDAAsD;QACtD,MAAMyF,kBAAkB,IAAIC,MAC1B,CAAC,GACD;YACEC,KAAIC,OAAe,EAAEC,IAAqB;gBACxC,OAAO,OAAOA,SAAS,YAAY;oBAAC;iBAAU,CAACC,QAAQ,CAACD;YAC1D;YACApB,KAAImB,OAAO,EAAEC,IAA0B;gBACrC,IAAIA,SAAS,WAAW;oBACtB,OAAOX;gBACT;gBAEA,OAAOa;YACT;QACF;QAGF,OAAOC,OAAOP;IAChB;IAEA;;;;;GAKC,GACD,AAAQ7C,sBAAsBV,QAAwB,EAAkB;QACtE,MAAM+C,kBAAkB/C,SAASgD,OAAO,CAACC,IAAI,CAACjD;QAE9C,MAAMgD,UAAU,OAAOE;YACrBa,IAAAA,qCAA6B,EAACb;YAC9B,MAAME,gBAAgBC,IAAAA,kBAAW,EAACH;YAClC,IAAI,CAACrF,MAAM,CAAC;gBAAEC,QAAQ;YAAkB;YACxC,IAAI;gBACF,OAAO,MAAMwF,IAAAA,oBAAY,EACvBP,gBAAgBK,gBAChB,IAAI;YAER,SAAU;gBACR,IAAI,CAACvF,MAAM,CAAC;oBAAEC,QAAQ;gBAAmB;YAC3C;QACF;QAEA,MAAMkG,sBAAsBC,IAAAA,2BAAmB,EAACjE,UAAUgD;QAE1D,OAAOc,OAAOE;IAChB;IAEA;;;;GAIC,GACD,AAAQ/B,WAAWzC,MAAc,EAAQ;QACvC,IAAI,CAACyB,QAAQ,CAACiD,MAAM,CAAC1E;IACvB;IAEA;;;;;;;;;;GAUC,GACD,MAAcsC,qBACZtC,MAAc,EACd2E,QAAwC,EACvB;QACjB,MAAM9G,OAAO,IAAI,CAAC4D,QAAQ,CAACsB,GAAG,CAAC/C;QAC/B,IAAInC,SAASwG,WAAW;YACtB,MAAM,IAAI5F,MACR,CAAC,8CAA8C,EAAEuB,OAAO,EAAE,CAAC;QAE/D;QAEA,IAAI6C;QACJ,MAAM+B,cAAc,IAAIC,QACtB,CAACC,GAAGC,SACDlC,OAAO,IACNkC,OACE,kEAAkE;gBAClEhG,uBAAS,CAAClC,GAAG,CAACC,QAAQ,CACpB,CAAC,UAAU,EAAEkD,OAAO,uCAAuC,CAAC;QAKtE,oEAAoE;QACpE,MAAMgF,iBAAiB;YAAEnC,MAAMA;QAAM;QAErC,IAAI;YACFhF,KAAK+D,kBAAkB,CAACqD,GAAG,CAACD;YAC5B,8CAA8C;YAC9C,oEAAoE;YACpE,uCAAuC;YACvC,OAAO,MAAMH,QAAQK,IAAI,CAAC;gBAACP;gBAAYC;aAAY;QACrD,SAAU;YACR/G,KAAK+D,kBAAkB,CAAC8C,MAAM,CAACM;YAE/B,IAAInH,KAAK+D,kBAAkB,CAACuD,IAAI,KAAK,GAAG;gBACtC,IAAI,CAACC,YAAY,IAAI;gBACrB,MAAMvH,KAAK8D,YAAY;YACzB;QACF;IACF;IA9ZA,YAAsB/B,aAAqB,EAAEc,SAAiB,CAAE;QAdhE,uBAAiBe,YAAjB,KAAA;QAEA,uBAAiB7B,iBAAjB,KAAA;QAEA,uBAAiBc,aAAjB,KAAA;QAEA,uBAAiBnB,WAAjB,KAAA;QAEA,uBAAQe,oBAAR,KAAA;QAEA,uBAAQF,2BAAR,KAAA;QAEA,uBAAQgF,gBAAe;QAGrB,IAAI,CAAC3D,QAAQ,GAAG,IAAI4D;QACpB,IAAI,CAACzF,aAAa,GAAGA;QACrB,IAAI,CAACA,aAAa,CAAC0F,EAAE,CAAC,QAAQ,CAACzH;YAC7B,IAAI,CAACU,gBAAgB,CAACV,MAAM0H,KAAK,CAAC,CAAC3H;gBACjC,qCAAqC;gBACrC4H,IAAAA,oBAAQ,EAAC5H;YACX;QACF;QACA,IAAI,CAAC8C,SAAS,GAAGA;QAEjB,IAAI,CAACnB,OAAO,GAAGkG,IAAAA,yCAA+B,EAC5C,IAAI,CAAC1F,SAAS,CAAC0D,IAAI,CAAC,IAAI,GACxB,OAAOiC,QAAQC,aAAajC;YAC1B,MAAM7F,OAAO,IAAI,CAAC4D,QAAQ,CAACsB,GAAG,CAAC2C;YAC/B,uEAAuE;YACvE,mBAAmB;YACnB,MAAME,UAAU/H,MAAMuD,OAAO,CAACuE,YAAY;YAC1C,MAAM,EAAEE,QAAQ,EAAE,GAAGvC,wBAAY,CAACqC,YAAY;YAE9CG,IAAAA,aAAM,EACJ,CAACD,YAAYD,YAAYvB,WACzB,CAAC,GAAG,EAAEsB,YAAY,4BAA4B,EAAED,OAAO,CAAC;YAG1D,kEAAkE;YAClE,eAAe;YACf,IAAI,CAACE,SAAS;gBACZ,OAAO;YACT;YAEA,mCAAmC;YACnC,IAAIhH,SAAS,MAAM,IAAI,CAAC0D,oBAAoB,CAACoD,QAAQ,IACnDE,QAAQlC;YAGV,0EAA0E;YAC1E,IAAI9E,WAAWyF,WAAW;gBACxBzF,SAAS;YACX;YAEA,uEAAuE;YACvE,IAAI;gBACF,OAAOiF,IAAAA,kBAAW,EAACjF;YACrB,EAAE,OAAOhB,OAAO;gBACd,MAAM,IAAImI,UACR,CAAC,sCAAsC,EAAEnI,MAAMb,OAAO,CAACiJ,OAAO,CAC5D,wBACA,IACA,CAAC;YAEP;QACF,GACA,IAAI,CAACtD,WAAW,CAACe,IAAI,CAAC,IAAI;IAE9B;AAwWF"}
+{"version":3,"sources":["../../../src/common/BaseSnapExecutor.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../node_modules/ses/types.d.ts\" />\nimport { StreamProvider } from '@metamask/providers';\nimport type { RequestArguments } from '@metamask/providers/dist/BaseProvider';\nimport type { SnapsGlobalObject } from '@metamask/rpc-methods';\nimport type {\n  SnapExports,\n  HandlerType,\n  SnapExportsParameters,\n} from '@metamask/snaps-utils';\nimport {\n  SNAP_EXPORT_NAMES,\n  logError,\n  SNAP_EXPORTS,\n} from '@metamask/snaps-utils';\nimport type {\n  JsonRpcNotification,\n  JsonRpcId,\n  JsonRpcRequest,\n  Json,\n} from '@metamask/utils';\nimport {\n  isObject,\n  isValidJson,\n  assert,\n  isJsonRpcRequest,\n  hasProperty,\n  getSafeJson,\n} from '@metamask/utils';\nimport { errorCodes, ethErrors, serializeError } from 'eth-rpc-errors';\nimport { createIdRemapMiddleware } from 'json-rpc-engine';\nimport type { Duplex } from 'stream';\nimport { validate } from 'superstruct';\n\nimport { log } from '../logging';\nimport EEOpenRPCDocument from '../openrpc.json';\nimport type { CommandMethodsMapping } from './commands';\nimport { getCommandMethodImplementations } from './commands';\nimport { createEndowments } from './endowments';\nimport { addEventListener, removeEventListener } from './globalEvents';\nimport { sortParamKeys } from './sortParams';\nimport {\n  assertEthereumOutboundRequest,\n  assertSnapOutboundRequest,\n  constructError,\n  proxyStreamProvider,\n  withTeardown,\n} from './utils';\nimport {\n  ExecuteSnapRequestArgumentsStruct,\n  PingRequestArgumentsStruct,\n  SnapRpcRequestArgumentsStruct,\n  TerminateRequestArgumentsStruct,\n} from './validation';\n\ntype EvaluationData = {\n  stop: () => void;\n};\n\ntype SnapData = {\n  exports: SnapExports;\n  runningEvaluations: Set<EvaluationData>;\n  idleTeardown: () => Promise<void>;\n};\n\nconst fallbackError = {\n  code: errorCodes.rpc.internal,\n  message: 'Execution Environment Error',\n};\n\nexport type InvokeSnapArgs = Omit<SnapExportsParameters[0], 'chainId'>;\n\nexport type InvokeSnap = (\n  target: string,\n  handler: HandlerType,\n  args: InvokeSnapArgs | undefined,\n) => Promise<Json>;\n\n/**\n * The supported methods in the execution environment. The validator checks the\n * incoming JSON-RPC request, and the `params` property is used for sorting the\n * parameters, if they are an object.\n */\nconst EXECUTION_ENVIRONMENT_METHODS = {\n  ping: {\n    struct: PingRequestArgumentsStruct,\n    params: [],\n  },\n  executeSnap: {\n    struct: ExecuteSnapRequestArgumentsStruct,\n    params: ['snapId', 'sourceCode', 'endowments'],\n  },\n  terminate: {\n    struct: TerminateRequestArgumentsStruct,\n    params: [],\n  },\n  snapRpc: {\n    struct: SnapRpcRequestArgumentsStruct,\n    params: ['target', 'handler', 'origin', 'request'],\n  },\n};\n\ntype Methods = typeof EXECUTION_ENVIRONMENT_METHODS;\n\nexport class BaseSnapExecutor {\n  private readonly snapData: Map<string, SnapData>;\n\n  private readonly commandStream: Duplex;\n\n  private readonly rpcStream: Duplex;\n\n  private readonly methods: CommandMethodsMapping;\n\n  private snapErrorHandler?: (event: ErrorEvent) => void;\n\n  private snapPromiseErrorHandler?: (event: PromiseRejectionEvent) => void;\n\n  private lastTeardown = 0;\n\n  protected constructor(commandStream: Duplex, rpcStream: Duplex) {\n    this.snapData = new Map();\n    this.commandStream = commandStream;\n    this.commandStream.on('data', (data) => {\n      this.onCommandRequest(data).catch((error) => {\n        // TODO: Decide how to handle errors.\n        logError(error);\n      });\n    });\n    this.rpcStream = rpcStream;\n\n    this.methods = getCommandMethodImplementations(\n      this.startSnap.bind(this),\n      async (target, handlerType, args) => {\n        const data = this.snapData.get(target);\n        // We're capturing the handler in case someone modifies the data object\n        // before the call.\n        const handler = data?.exports[handlerType];\n        const { required } = SNAP_EXPORTS[handlerType];\n\n        assert(\n          !required || handler !== undefined,\n          `No ${handlerType} handler exported for snap \"${target}`,\n        );\n\n        // Certain handlers are not required. If they are not exported, we\n        // return null.\n        if (!handler) {\n          return null;\n        }\n\n        // TODO: fix handler args type cast\n        let result = await this.executeInSnapContext(target, () =>\n          handler(args as any),\n        );\n\n        // The handler might not return anything, but undefined is not valid JSON.\n        if (result === undefined) {\n          result = null;\n        }\n\n        // /!\\ Always return only sanitized JSON to prevent security flaws. /!\\\n        try {\n          return getSafeJson(result);\n        } catch (error) {\n          throw new TypeError(\n            `Received non-JSON-serializable value: ${error.message.replace(\n              /^Assertion failed: /u,\n              '',\n            )}`,\n          );\n        }\n      },\n      this.onTerminate.bind(this),\n    );\n  }\n\n  private errorHandler(error: unknown, data: Record<string, Json>) {\n    const constructedError = constructError(error);\n    const serializedError = serializeError(constructedError, {\n      fallbackError,\n      shouldIncludeStack: false,\n    });\n\n    // We're setting it this way to avoid sentData.stack = undefined\n    const sentData: Json = { ...data, stack: constructedError?.stack ?? null };\n\n    this.notify({\n      method: 'UnhandledError',\n      params: {\n        error: {\n          ...serializedError,\n          data: sentData,\n        },\n      },\n    });\n  }\n\n  private async onCommandRequest(message: JsonRpcRequest) {\n    if (!isJsonRpcRequest(message)) {\n      throw new Error('Command stream received a non-JSON-RPC request.');\n    }\n\n    const { id, method, params } = message;\n    if (method === 'rpc.discover') {\n      this.respond(id, {\n        result: EEOpenRPCDocument,\n      });\n      return;\n    }\n\n    if (!hasProperty(EXECUTION_ENVIRONMENT_METHODS, method)) {\n      this.respond(id, {\n        error: ethErrors.rpc\n          .methodNotFound({\n            data: {\n              method,\n            },\n          })\n          .serialize(),\n      });\n      return;\n    }\n\n    const methodObject = EXECUTION_ENVIRONMENT_METHODS[method as keyof Methods];\n\n    // support params by-name and by-position\n    const paramsAsArray = sortParamKeys(methodObject.params, params);\n\n    const [error] = validate<any, any>(paramsAsArray, methodObject.struct);\n    if (error) {\n      this.respond(id, {\n        error: ethErrors.rpc\n          .invalidParams({\n            message: `Invalid parameters for method \"${method}\": ${error.message}.`,\n            data: {\n              method,\n              params: paramsAsArray,\n            },\n          })\n          .serialize(),\n      });\n      return;\n    }\n\n    try {\n      const result = await (this.methods as any)[method](...paramsAsArray);\n      this.respond(id, { result });\n    } catch (rpcError) {\n      this.respond(id, {\n        error: serializeError(rpcError, {\n          fallbackError,\n        }),\n      });\n    }\n  }\n\n  protected notify(requestObject: Omit<JsonRpcNotification, 'jsonrpc'>) {\n    if (!isValidJson(requestObject) || !isObject(requestObject)) {\n      throw new Error(\n        'JSON-RPC notifications must be JSON serializable objects',\n      );\n    }\n\n    this.commandStream.write({\n      ...requestObject,\n      jsonrpc: '2.0',\n    });\n  }\n\n  protected respond(id: JsonRpcId, requestObject: Record<string, unknown>) {\n    if (!isValidJson(requestObject) || !isObject(requestObject)) {\n      throw new Error('JSON-RPC responses must be JSON serializable objects.');\n    }\n\n    this.commandStream.write({\n      ...requestObject,\n      id,\n      jsonrpc: '2.0',\n    });\n  }\n\n  /**\n   * Attempts to evaluate a snap in SES. Generates APIs for the snap. May throw\n   * on errors.\n   *\n   * @param snapId - The id of the snap.\n   * @param sourceCode - The source code of the snap, in IIFE format.\n   * @param _endowments - An array of the names of the endowments.\n   */\n  protected async startSnap(\n    snapId: string,\n    sourceCode: string,\n    _endowments?: string[],\n  ): Promise<void> {\n    log(`Starting snap '${snapId}' in worker.`);\n    if (this.snapPromiseErrorHandler) {\n      removeEventListener('unhandledrejection', this.snapPromiseErrorHandler);\n    }\n\n    if (this.snapErrorHandler) {\n      removeEventListener('error', this.snapErrorHandler);\n    }\n\n    this.snapErrorHandler = (error: ErrorEvent) => {\n      this.errorHandler(error.error, { snapId });\n    };\n\n    this.snapPromiseErrorHandler = (error: PromiseRejectionEvent) => {\n      this.errorHandler(error instanceof Error ? error : error.reason, {\n        snapId,\n      });\n    };\n\n    const provider = new StreamProvider(this.rpcStream, {\n      jsonRpcStreamName: 'metamask-provider',\n      rpcMiddleware: [createIdRemapMiddleware()],\n    });\n\n    await provider.initialize();\n\n    const snap = this.createSnapGlobal(provider);\n    const ethereum = this.createEIP1193Provider(provider);\n    // We specifically use any type because the Snap can modify the object any way they want\n    const snapModule: any = { exports: {} };\n\n    try {\n      const { endowments, teardown: endowmentTeardown } = createEndowments(\n        snap,\n        ethereum,\n        snapId,\n        _endowments,\n      );\n\n      // !!! Ensure that this is the only place the data is being set.\n      // Other methods access the object value and mutate its properties.\n      this.snapData.set(snapId, {\n        idleTeardown: endowmentTeardown,\n        runningEvaluations: new Set(),\n        exports: {},\n      });\n\n      addEventListener('unhandledRejection', this.snapPromiseErrorHandler);\n      addEventListener('error', this.snapErrorHandler);\n\n      const compartment = new Compartment({\n        ...endowments,\n        module: snapModule,\n        exports: snapModule.exports,\n      });\n      // All of those are JavaScript runtime specific and self referential,\n      // but we add them for compatibility sake with external libraries.\n      //\n      // We can't do that in the injected globals object above\n      // because SES creates its own globalThis\n      compartment.globalThis.self = compartment.globalThis;\n      compartment.globalThis.global = compartment.globalThis;\n      compartment.globalThis.window = compartment.globalThis;\n\n      await this.executeInSnapContext(snapId, () => {\n        compartment.evaluate(sourceCode);\n        this.registerSnapExports(snapId, snapModule);\n      });\n    } catch (error) {\n      this.removeSnap(snapId);\n      throw new Error(\n        `Error while running snap '${snapId}': ${(error as Error).message}`,\n      );\n    }\n  }\n\n  /**\n   * Cancels all running evaluations of all snaps and clears all snap data.\n   * NOTE:** Should only be called in response to the `terminate` RPC command.\n   */\n  protected onTerminate() {\n    // `stop()` tears down snap endowments.\n    // Teardown will also be run for each snap as soon as there are\n    // no more running evaluations for that snap.\n    this.snapData.forEach((data) =>\n      data.runningEvaluations.forEach((evaluation) => evaluation.stop()),\n    );\n    this.snapData.clear();\n  }\n\n  private registerSnapExports(snapId: string, snapModule: any) {\n    const data = this.snapData.get(snapId);\n    // Somebody deleted the snap before we could register.\n    if (!data) {\n      return;\n    }\n\n    data.exports = SNAP_EXPORT_NAMES.reduce((acc, exportName) => {\n      const snapExport = snapModule.exports[exportName];\n      const { validator } = SNAP_EXPORTS[exportName];\n      if (validator(snapExport)) {\n        return { ...acc, [exportName]: snapExport };\n      }\n      return acc;\n    }, {});\n  }\n\n  /**\n   * Instantiates a snap API object (i.e. `globalThis.snap`).\n   *\n   * @param provider - A StreamProvider connected to MetaMask.\n   * @returns The snap provider object.\n   */\n  private createSnapGlobal(provider: StreamProvider): SnapsGlobalObject {\n    const originalRequest = provider.request.bind(provider);\n\n    const request = async (args: RequestArguments) => {\n      assertSnapOutboundRequest(args);\n      const sanitizedArgs = getSafeJson(args);\n      this.notify({ method: 'OutboundRequest' });\n      try {\n        return await withTeardown(\n          originalRequest(sanitizedArgs as unknown as RequestArguments),\n          this as any,\n        );\n      } finally {\n        this.notify({ method: 'OutboundResponse' });\n      }\n    };\n\n    // Proxy target is intentionally set to be an empty object, to ensure\n    // that access to the prototype chain is not possible.\n    const snapGlobalProxy = new Proxy(\n      {},\n      {\n        has(_target: object, prop: string | symbol) {\n          return typeof prop === 'string' && ['request'].includes(prop);\n        },\n        get(_target, prop: keyof StreamProvider) {\n          if (prop === 'request') {\n            return request;\n          }\n\n          return undefined;\n        },\n      },\n    ) as SnapsGlobalObject;\n\n    return harden(snapGlobalProxy);\n  }\n\n  /**\n   * Instantiates an EIP-1193 Ethereum provider object (i.e. `globalThis.ethereum`).\n   *\n   * @param provider - A StreamProvider connected to MetaMask.\n   * @returns The EIP-1193 Ethereum provider object.\n   */\n  private createEIP1193Provider(provider: StreamProvider): StreamProvider {\n    const originalRequest = provider.request.bind(provider);\n\n    const request = async (args: RequestArguments) => {\n      assertEthereumOutboundRequest(args);\n      const sanitizedArgs = getSafeJson(args);\n      this.notify({ method: 'OutboundRequest' });\n      try {\n        return await withTeardown(\n          originalRequest(sanitizedArgs as unknown as RequestArguments),\n          this as any,\n        );\n      } finally {\n        this.notify({ method: 'OutboundResponse' });\n      }\n    };\n\n    const streamProviderProxy = proxyStreamProvider(provider, request);\n\n    return harden(streamProviderProxy);\n  }\n\n  /**\n   * Removes the snap with the given name.\n   *\n   * @param snapId - The id of the snap to remove.\n   */\n  private removeSnap(snapId: string): void {\n    this.snapData.delete(snapId);\n  }\n\n  /**\n   * Calls the specified executor function in the context of the specified snap.\n   * Essentially, this means that the operation performed by the executor is\n   * counted as an evaluation of the specified snap. When the count of running\n   * evaluations of a snap reaches zero, its endowments are torn down.\n   *\n   * @param snapId - The id of the snap whose context to execute in.\n   * @param executor - The function that will be executed in the snap's context.\n   * @returns The executor's return value.\n   * @template Result - The return value of the executor.\n   */\n  private async executeInSnapContext<Result>(\n    snapId: string,\n    executor: () => Promise<Result> | Result,\n  ): Promise<Result> {\n    const data = this.snapData.get(snapId);\n    if (data === undefined) {\n      throw new Error(\n        `Tried to execute in context of unknown snap: \"${snapId}\".`,\n      );\n    }\n\n    let stop: () => void;\n    const stopPromise = new Promise<never>(\n      (_, reject) =>\n        (stop = () =>\n          reject(\n            // TODO(rekmarks): Specify / standardize error code for this case.\n            ethErrors.rpc.internal(\n              `The snap \"${snapId}\" has been terminated during execution.`,\n            ),\n          )),\n    );\n\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    const evaluationData = { stop: stop! };\n\n    try {\n      data.runningEvaluations.add(evaluationData);\n      // Notice that we have to await this executor.\n      // If we didn't, we would decrease the amount of running evaluations\n      // before the promise actually resolves\n      return await Promise.race([executor(), stopPromise]);\n    } finally {\n      data.runningEvaluations.delete(evaluationData);\n\n      if (data.runningEvaluations.size === 0) {\n        this.lastTeardown += 1;\n        await data.idleTeardown();\n      }\n    }\n  }\n}\n"],"names":["BaseSnapExecutor","fallbackError","code","errorCodes","rpc","internal","message","EXECUTION_ENVIRONMENT_METHODS","ping","struct","PingRequestArgumentsStruct","params","executeSnap","ExecuteSnapRequestArgumentsStruct","terminate","TerminateRequestArgumentsStruct","snapRpc","SnapRpcRequestArgumentsStruct","errorHandler","error","data","constructedError","constructError","serializedError","serializeError","shouldIncludeStack","sentData","stack","notify","method","onCommandRequest","isJsonRpcRequest","Error","id","respond","result","EEOpenRPCDocument","hasProperty","ethErrors","methodNotFound","serialize","methodObject","paramsAsArray","sortParamKeys","validate","invalidParams","methods","rpcError","requestObject","isValidJson","isObject","commandStream","write","jsonrpc","startSnap","snapId","sourceCode","_endowments","log","snapPromiseErrorHandler","removeEventListener","snapErrorHandler","reason","provider","StreamProvider","rpcStream","jsonRpcStreamName","rpcMiddleware","createIdRemapMiddleware","initialize","snap","createSnapGlobal","ethereum","createEIP1193Provider","snapModule","exports","endowments","teardown","endowmentTeardown","createEndowments","snapData","set","idleTeardown","runningEvaluations","Set","addEventListener","compartment","Compartment","module","globalThis","self","global","window","executeInSnapContext","evaluate","registerSnapExports","removeSnap","onTerminate","forEach","evaluation","stop","clear","get","SNAP_EXPORT_NAMES","reduce","acc","exportName","snapExport","validator","SNAP_EXPORTS","originalRequest","request","bind","args","assertSnapOutboundRequest","sanitizedArgs","getSafeJson","withTeardown","snapGlobalProxy","Proxy","has","_target","prop","includes","undefined","harden","assertEthereumOutboundRequest","streamProviderProxy","proxyStreamProvider","delete","executor","stopPromise","Promise","_","reject","evaluationData","add","race","size","lastTeardown","Map","on","catch","logError","getCommandMethodImplementations","target","handlerType","handler","required","assert","TypeError","replace"],"mappings":"AAAA,qFAAqF;AACrF,gEAAgE;;;;;+BAuGnDA;;;eAAAA;;;2BAtGkB;4BAYxB;uBAcA;8BAC+C;+BACd;6BAEf;yBAEL;oEACU;0BAEkB;4BACf;8BACqB;4BACxB;wBAOvB;4BAMA;;;;;;;;;;;;;;;;;;;AAYP,MAAMC,gBAAgB;IACpBC,MAAMC,wBAAU,CAACC,GAAG,CAACC,QAAQ;IAC7BC,SAAS;AACX;AAUA;;;;CAIC,GACD,MAAMC,gCAAgC;IACpCC,MAAM;QACJC,QAAQC,sCAA0B;QAClCC,QAAQ,EAAE;IACZ;IACAC,aAAa;QACXH,QAAQI,6CAAiC;QACzCF,QAAQ;YAAC;YAAU;YAAc;SAAa;IAChD;IACAG,WAAW;QACTL,QAAQM,2CAA+B;QACvCJ,QAAQ,EAAE;IACZ;IACAK,SAAS;QACPP,QAAQQ,yCAA6B;QACrCN,QAAQ;YAAC;YAAU;YAAW;YAAU;SAAU;IACpD;AACF;AAIO,MAAMX;IAwEHkB,aAAaC,KAAc,EAAEC,IAA0B,EAAE;QAC/D,MAAMC,mBAAmBC,IAAAA,sBAAc,EAACH;QACxC,MAAMI,kBAAkBC,IAAAA,4BAAc,EAACH,kBAAkB;YACvDpB;YACAwB,oBAAoB;QACtB;QAEA,gEAAgE;QAChE,MAAMC,WAAiB;YAAE,GAAGN,IAAI;YAAEO,OAAON,kBAAkBM,SAAS;QAAK;QAEzE,IAAI,CAACC,MAAM,CAAC;YACVC,QAAQ;YACRlB,QAAQ;gBACNQ,OAAO;oBACL,GAAGI,eAAe;oBAClBH,MAAMM;gBACR;YACF;QACF;IACF;IAEA,MAAcI,iBAAiBxB,OAAuB,EAAE;QACtD,IAAI,CAACyB,IAAAA,uBAAgB,EAACzB,UAAU;YAC9B,MAAM,IAAI0B,MAAM;QAClB;QAEA,MAAM,EAAEC,EAAE,EAAEJ,MAAM,EAAElB,MAAM,EAAE,GAAGL;QAC/B,IAAIuB,WAAW,gBAAgB;YAC7B,IAAI,CAACK,OAAO,CAACD,IAAI;gBACfE,QAAQC,oBAAiB;YAC3B;YACA;QACF;QAEA,IAAI,CAACC,IAAAA,kBAAW,EAAC9B,+BAA+BsB,SAAS;YACvD,IAAI,CAACK,OAAO,CAACD,IAAI;gBACfd,OAAOmB,uBAAS,CAAClC,GAAG,CACjBmC,cAAc,CAAC;oBACdnB,MAAM;wBACJS;oBACF;gBACF,GACCW,SAAS;YACd;YACA;QACF;QAEA,MAAMC,eAAelC,6BAA6B,CAACsB,OAAwB;QAE3E,yCAAyC;QACzC,MAAMa,gBAAgBC,IAAAA,yBAAa,EAACF,aAAa9B,MAAM,EAAEA;QAEzD,MAAM,CAACQ,MAAM,GAAGyB,IAAAA,qBAAQ,EAAWF,eAAeD,aAAahC,MAAM;QACrE,IAAIU,OAAO;YACT,IAAI,CAACe,OAAO,CAACD,IAAI;gBACfd,OAAOmB,uBAAS,CAAClC,GAAG,CACjByC,aAAa,CAAC;oBACbvC,SAAS,CAAC,+BAA+B,EAAEuB,OAAO,GAAG,EAAEV,MAAMb,OAAO,CAAC,CAAC,CAAC;oBACvEc,MAAM;wBACJS;wBACAlB,QAAQ+B;oBACV;gBACF,GACCF,SAAS;YACd;YACA;QACF;QAEA,IAAI;YACF,MAAML,SAAS,MAAM,AAAC,IAAI,CAACW,OAAO,AAAQ,CAACjB,OAAO,IAAIa;YACtD,IAAI,CAACR,OAAO,CAACD,IAAI;gBAAEE;YAAO;QAC5B,EAAE,OAAOY,UAAU;YACjB,IAAI,CAACb,OAAO,CAACD,IAAI;gBACfd,OAAOK,IAAAA,4BAAc,EAACuB,UAAU;oBAC9B9C;gBACF;YACF;QACF;IACF;IAEU2B,OAAOoB,aAAmD,EAAE;QACpE,IAAI,CAACC,IAAAA,kBAAW,EAACD,kBAAkB,CAACE,IAAAA,eAAQ,EAACF,gBAAgB;YAC3D,MAAM,IAAIhB,MACR;QAEJ;QAEA,IAAI,CAACmB,aAAa,CAACC,KAAK,CAAC;YACvB,GAAGJ,aAAa;YAChBK,SAAS;QACX;IACF;IAEUnB,QAAQD,EAAa,EAAEe,aAAsC,EAAE;QACvE,IAAI,CAACC,IAAAA,kBAAW,EAACD,kBAAkB,CAACE,IAAAA,eAAQ,EAACF,gBAAgB;YAC3D,MAAM,IAAIhB,MAAM;QAClB;QAEA,IAAI,CAACmB,aAAa,CAACC,KAAK,CAAC;YACvB,GAAGJ,aAAa;YAChBf;YACAoB,SAAS;QACX;IACF;IAEA;;;;;;;GAOC,GACD,MAAgBC,UACdC,MAAc,EACdC,UAAkB,EAClBC,YAAsB,EACP;QACfC,IAAAA,YAAG,EAAC,CAAC,eAAe,EAAEH,OAAO,YAAY,CAAC;QAC1C,IAAI,IAAI,CAACI,uBAAuB,EAAE;YAChCC,IAAAA,iCAAmB,EAAC,sBAAsB,IAAI,CAACD,uBAAuB;QACxE;QAEA,IAAI,IAAI,CAACE,gBAAgB,EAAE;YACzBD,IAAAA,iCAAmB,EAAC,SAAS,IAAI,CAACC,gBAAgB;QACpD;QAEA,IAAI,CAACA,gBAAgB,GAAG,CAAC1C;YACvB,IAAI,CAACD,YAAY,CAACC,MAAMA,KAAK,EAAE;gBAAEoC;YAAO;QAC1C;QAEA,IAAI,CAACI,uBAAuB,GAAG,CAACxC;YAC9B,IAAI,CAACD,YAAY,CAACC,iBAAiBa,QAAQb,QAAQA,MAAM2C,MAAM,EAAE;gBAC/DP;YACF;QACF;QAEA,MAAMQ,WAAW,IAAIC,yBAAc,CAAC,IAAI,CAACC,SAAS,EAAE;YAClDC,mBAAmB;YACnBC,eAAe;gBAACC,IAAAA,sCAAuB;aAAG;QAC5C;QAEA,MAAML,SAASM,UAAU;QAEzB,MAAMC,OAAO,IAAI,CAACC,gBAAgB,CAACR;QACnC,MAAMS,WAAW,IAAI,CAACC,qBAAqB,CAACV;QAC5C,wFAAwF;QACxF,MAAMW,aAAkB;YAAEC,SAAS,CAAC;QAAE;QAEtC,IAAI;YACF,MAAM,EAAEC,UAAU,EAAEC,UAAUC,iBAAiB,EAAE,GAAGC,IAAAA,4BAAgB,EAClET,MACAE,UACAjB,QACAE;YAGF,gEAAgE;YAChE,mEAAmE;YACnE,IAAI,CAACuB,QAAQ,CAACC,GAAG,CAAC1B,QAAQ;gBACxB2B,cAAcJ;gBACdK,oBAAoB,IAAIC;gBACxBT,SAAS,CAAC;YACZ;YAEAU,IAAAA,8BAAgB,EAAC,sBAAsB,IAAI,CAAC1B,uBAAuB;YACnE0B,IAAAA,8BAAgB,EAAC,SAAS,IAAI,CAACxB,gBAAgB;YAE/C,MAAMyB,cAAc,IAAIC,YAAY;gBAClC,GAAGX,UAAU;gBACbY,QAAQd;gBACRC,SAASD,WAAWC,OAAO;YAC7B;YACA,qEAAqE;YACrE,kEAAkE;YAClE,EAAE;YACF,wDAAwD;YACxD,yCAAyC;YACzCW,YAAYG,UAAU,CAACC,IAAI,GAAGJ,YAAYG,UAAU;YACpDH,YAAYG,UAAU,CAACE,MAAM,GAAGL,YAAYG,UAAU;YACtDH,YAAYG,UAAU,CAACG,MAAM,GAAGN,YAAYG,UAAU;YAEtD,MAAM,IAAI,CAACI,oBAAoB,CAACtC,QAAQ;gBACtC+B,YAAYQ,QAAQ,CAACtC;gBACrB,IAAI,CAACuC,mBAAmB,CAACxC,QAAQmB;YACnC;QACF,EAAE,OAAOvD,OAAO;YACd,IAAI,CAAC6E,UAAU,CAACzC;YAChB,MAAM,IAAIvB,MACR,CAAC,0BAA0B,EAAEuB,OAAO,GAAG,EAAE,AAACpC,MAAgBb,OAAO,CAAC,CAAC;QAEvE;IACF;IAEA;;;GAGC,GACD,AAAU2F,cAAc;QACtB,uCAAuC;QACvC,+DAA+D;QAC/D,6CAA6C;QAC7C,IAAI,CAACjB,QAAQ,CAACkB,OAAO,CAAC,CAAC9E,OACrBA,KAAK+D,kBAAkB,CAACe,OAAO,CAAC,CAACC,aAAeA,WAAWC,IAAI;QAEjE,IAAI,CAACpB,QAAQ,CAACqB,KAAK;IACrB;IAEQN,oBAAoBxC,MAAc,EAAEmB,UAAe,EAAE;QAC3D,MAAMtD,OAAO,IAAI,CAAC4D,QAAQ,CAACsB,GAAG,CAAC/C;QAC/B,sDAAsD;QACtD,IAAI,CAACnC,MAAM;YACT;QACF;QAEAA,KAAKuD,OAAO,GAAG4B,6BAAiB,CAACC,MAAM,CAAC,CAACC,KAAKC;YAC5C,MAAMC,aAAajC,WAAWC,OAAO,CAAC+B,WAAW;YACjD,MAAM,EAAEE,SAAS,EAAE,GAAGC,wBAAY,CAACH,WAAW;YAC9C,IAAIE,UAAUD,aAAa;gBACzB,OAAO;oBAAE,GAAGF,GAAG;oBAAE,CAACC,WAAW,EAAEC;gBAAW;YAC5C;YACA,OAAOF;QACT,GAAG,CAAC;IACN;IAEA;;;;;GAKC,GACD,AAAQlC,iBAAiBR,QAAwB,EAAqB;QACpE,MAAM+C,kBAAkB/C,SAASgD,OAAO,CAACC,IAAI,CAACjD;QAE9C,MAAMgD,UAAU,OAAOE;YACrBC,IAAAA,iCAAyB,EAACD;YAC1B,MAAME,gBAAgBC,IAAAA,kBAAW,EAACH;YAClC,IAAI,CAACrF,MAAM,CAAC;gBAAEC,QAAQ;YAAkB;YACxC,IAAI;gBACF,OAAO,MAAMwF,IAAAA,oBAAY,EACvBP,gBAAgBK,gBAChB,IAAI;YAER,SAAU;gBACR,IAAI,CAACvF,MAAM,CAAC;oBAAEC,QAAQ;gBAAmB;YAC3C;QACF;QAEA,qEAAqE;QACrE,sDAAsD;QACtD,MAAMyF,kBAAkB,IAAIC,MAC1B,CAAC,GACD;YACEC,KAAIC,OAAe,EAAEC,IAAqB;gBACxC,OAAO,OAAOA,SAAS,YAAY;oBAAC;iBAAU,CAACC,QAAQ,CAACD;YAC1D;YACApB,KAAImB,OAAO,EAAEC,IAA0B;gBACrC,IAAIA,SAAS,WAAW;oBACtB,OAAOX;gBACT;gBAEA,OAAOa;YACT;QACF;QAGF,OAAOC,OAAOP;IAChB;IAEA;;;;;GAKC,GACD,AAAQ7C,sBAAsBV,QAAwB,EAAkB;QACtE,MAAM+C,kBAAkB/C,SAASgD,OAAO,CAACC,IAAI,CAACjD;QAE9C,MAAMgD,UAAU,OAAOE;YACrBa,IAAAA,qCAA6B,EAACb;YAC9B,MAAME,gBAAgBC,IAAAA,kBAAW,EAACH;YAClC,IAAI,CAACrF,MAAM,CAAC;gBAAEC,QAAQ;YAAkB;YACxC,IAAI;gBACF,OAAO,MAAMwF,IAAAA,oBAAY,EACvBP,gBAAgBK,gBAChB,IAAI;YAER,SAAU;gBACR,IAAI,CAACvF,MAAM,CAAC;oBAAEC,QAAQ;gBAAmB;YAC3C;QACF;QAEA,MAAMkG,sBAAsBC,IAAAA,2BAAmB,EAACjE,UAAUgD;QAE1D,OAAOc,OAAOE;IAChB;IAEA;;;;GAIC,GACD,AAAQ/B,WAAWzC,MAAc,EAAQ;QACvC,IAAI,CAACyB,QAAQ,CAACiD,MAAM,CAAC1E;IACvB;IAEA;;;;;;;;;;GAUC,GACD,MAAcsC,qBACZtC,MAAc,EACd2E,QAAwC,EACvB;QACjB,MAAM9G,OAAO,IAAI,CAAC4D,QAAQ,CAACsB,GAAG,CAAC/C;QAC/B,IAAInC,SAASwG,WAAW;YACtB,MAAM,IAAI5F,MACR,CAAC,8CAA8C,EAAEuB,OAAO,EAAE,CAAC;QAE/D;QAEA,IAAI6C;QACJ,MAAM+B,cAAc,IAAIC,QACtB,CAACC,GAAGC,SACDlC,OAAO,IACNkC,OACE,kEAAkE;gBAClEhG,uBAAS,CAAClC,GAAG,CAACC,QAAQ,CACpB,CAAC,UAAU,EAAEkD,OAAO,uCAAuC,CAAC;QAKtE,oEAAoE;QACpE,MAAMgF,iBAAiB;YAAEnC,MAAMA;QAAM;QAErC,IAAI;YACFhF,KAAK+D,kBAAkB,CAACqD,GAAG,CAACD;YAC5B,8CAA8C;YAC9C,oEAAoE;YACpE,uCAAuC;YACvC,OAAO,MAAMH,QAAQK,IAAI,CAAC;gBAACP;gBAAYC;aAAY;QACrD,SAAU;YACR/G,KAAK+D,kBAAkB,CAAC8C,MAAM,CAACM;YAE/B,IAAInH,KAAK+D,kBAAkB,CAACuD,IAAI,KAAK,GAAG;gBACtC,IAAI,CAACC,YAAY,IAAI;gBACrB,MAAMvH,KAAK8D,YAAY;YACzB;QACF;IACF;IA9ZA,YAAsB/B,aAAqB,EAAEc,SAAiB,CAAE;QAdhE,uBAAiBe,YAAjB,KAAA;QAEA,uBAAiB7B,iBAAjB,KAAA;QAEA,uBAAiBc,aAAjB,KAAA;QAEA,uBAAiBnB,WAAjB,KAAA;QAEA,uBAAQe,oBAAR,KAAA;QAEA,uBAAQF,2BAAR,KAAA;QAEA,uBAAQgF,gBAAe;QAGrB,IAAI,CAAC3D,QAAQ,GAAG,IAAI4D;QACpB,IAAI,CAACzF,aAAa,GAAGA;QACrB,IAAI,CAACA,aAAa,CAAC0F,EAAE,CAAC,QAAQ,CAACzH;YAC7B,IAAI,CAACU,gBAAgB,CAACV,MAAM0H,KAAK,CAAC,CAAC3H;gBACjC,qCAAqC;gBACrC4H,IAAAA,oBAAQ,EAAC5H;YACX;QACF;QACA,IAAI,CAAC8C,SAAS,GAAGA;QAEjB,IAAI,CAACnB,OAAO,GAAGkG,IAAAA,yCAA+B,EAC5C,IAAI,CAAC1F,SAAS,CAAC0D,IAAI,CAAC,IAAI,GACxB,OAAOiC,QAAQC,aAAajC;YAC1B,MAAM7F,OAAO,IAAI,CAAC4D,QAAQ,CAACsB,GAAG,CAAC2C;YAC/B,uEAAuE;YACvE,mBAAmB;YACnB,MAAME,UAAU/H,MAAMuD,OAAO,CAACuE,YAAY;YAC1C,MAAM,EAAEE,QAAQ,EAAE,GAAGvC,wBAAY,CAACqC,YAAY;YAE9CG,IAAAA,aAAM,EACJ,CAACD,YAAYD,YAAYvB,WACzB,CAAC,GAAG,EAAEsB,YAAY,4BAA4B,EAAED,OAAO,CAAC;YAG1D,kEAAkE;YAClE,eAAe;YACf,IAAI,CAACE,SAAS;gBACZ,OAAO;YACT;YAEA,mCAAmC;YACnC,IAAIhH,SAAS,MAAM,IAAI,CAAC0D,oBAAoB,CAACoD,QAAQ,IACnDE,QAAQlC;YAGV,0EAA0E;YAC1E,IAAI9E,WAAWyF,WAAW;gBACxBzF,SAAS;YACX;YAEA,uEAAuE;YACvE,IAAI;gBACF,OAAOiF,IAAAA,kBAAW,EAACjF;YACrB,EAAE,OAAOhB,OAAO;gBACd,MAAM,IAAImI,UACR,CAAC,sCAAsC,EAAEnI,MAAMb,OAAO,CAACiJ,OAAO,CAC5D,wBACA,IACA,CAAC;YAEP;QACF,GACA,IAAI,CAACtD,WAAW,CAACe,IAAI,CAAC,IAAI;IAE9B;AAwWF"}

package/dist/cjs/common/lockdown/lockdown-more.js

@@ -1,5 +1,5 @@
 // eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment
-/// <reference path="../../../../../node_modules/ses/index.d.ts" />
+/// <reference path="../../../../../node_modules/ses/types.d.ts" />
 "use strict";
 Object.defineProperty(exports, "__esModule", {
     value: true

package/dist/cjs/common/lockdown/lockdown-more.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/common/lockdown/lockdown-more.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../../node_modules/ses/index.d.ts\" />\n\nimport { logError } from '@metamask/snaps-utils';\n\n/**\n * The SES `lockdown` function only hardens the properties enumerated by the\n * universalPropertyNames constant specified in 'ses/src/whitelist'. This\n * function makes all function and object properties on the start compartment\n * global non-configurable and non-writable, unless they are already\n * non-configurable.\n *\n * It is critical that this function runs at the right time during\n * initialization, which should always be immediately after `lockdown` has been\n * called. At the time of writing, the modifications this function makes to the\n * runtime environment appear to be non-breaking, but that could change with\n * the addition of dependencies, or the order of our scripts in our HTML files.\n * Exercise caution.\n *\n * See inline comments for implementation details.\n *\n * We write this function in IIFE format to avoid polluting global scope.\n *\n * @throws If the lockdown failed.\n */\nexport function executeLockdownMore() {\n  // Make all \"object\" and \"function\" own properties of globalThis\n  // non-configurable and non-writable, when possible.\n  // We call a property that is non-configurable and non-writable,\n  // \"non-modifiable\".\n  try {\n    const namedIntrinsics = Reflect.ownKeys(new Compartment().globalThis);\n\n    // These named intrinsics are not automatically hardened by `lockdown`\n    const shouldHardenManually = new Set<symbol | string>(['eval', 'Function']);\n\n    const globalProperties = new Set([\n      // universalPropertyNames is a constant added by lockdown to global scope\n      // at the time of writing, it is initialized in 'ses/src/whitelist'.\n      // These properties tend to be non-enumerable.\n      ...namedIntrinsics,\n\n      // TODO: Also include the named platform globals\n      // This grabs every enumerable property on globalThis.\n      // ...Object.keys(globalThis),\n    ]);\n\n    globalProperties.forEach((propertyName) => {\n      const descriptor = Reflect.getOwnPropertyDescriptor(\n        globalThis,\n        propertyName,\n      );\n\n      if (descriptor) {\n        if (descriptor.configurable) {\n          // If the property on globalThis is configurable, make it\n          // non-configurable. If it has no accessor properties, also make it\n          // non-writable.\n          if (hasAccessor(descriptor)) {\n            Object.defineProperty(globalThis, propertyName, {\n              configurable: false,\n            });\n          } else {\n            Object.defineProperty(globalThis, propertyName, {\n              configurable: false,\n              writable: false,\n            });\n          }\n        }\n\n        if (shouldHardenManually.has(propertyName)) {\n          harden((globalThis as any)[propertyName]);\n        }\n      }\n    });\n  } catch (error) {\n    logError('Protecting intrinsics failed:', error);\n    throw error;\n  }\n}\n\n/**\n * Checks whether the given propertyName descriptor has any accessors, i.e. the\n * properties `get` or `set`.\n *\n * We want to make globals non-writable, and we can't set the `writable`\n * property and accessor properties at the same time.\n *\n * @param descriptor - The propertyName descriptor to check.\n * @returns Whether the propertyName descriptor has any accessors.\n */\nfunction hasAccessor(descriptor: any): boolean {\n  return 'set' in descriptor || 'get' in descriptor;\n}\n"],"names":["executeLockdownMore","namedIntrinsics","Reflect","ownKeys","Compartment","globalThis","shouldHardenManually","Set","globalProperties","forEach","propertyName","descriptor","getOwnPropertyDescriptor","configurable","hasAccessor","Object","defineProperty","writable","has","harden","error","logError"],"mappings":"AAAA,qFAAqF;AACrF,mEAAmE;;;;;+BAwBnDA;;;eAAAA;;;4BAtBS;AAsBlB,SAASA;IACd,gEAAgE;IAChE,oDAAoD;IACpD,gEAAgE;IAChE,oBAAoB;IACpB,IAAI;QACF,MAAMC,kBAAkBC,QAAQC,OAAO,CAAC,IAAIC,cAAcC,UAAU;QAEpE,sEAAsE;QACtE,MAAMC,uBAAuB,IAAIC,IAAqB;YAAC;YAAQ;SAAW;QAE1E,MAAMC,mBAAmB,IAAID,IAAI;YAC/B,yEAAyE;YACzE,oEAAoE;YACpE,8CAA8C;eAC3CN;SAKJ;QAEDO,iBAAiBC,OAAO,CAAC,CAACC;YACxB,MAAMC,aAAaT,QAAQU,wBAAwB,CACjDP,YACAK;YAGF,IAAIC,YAAY;gBACd,IAAIA,WAAWE,YAAY,EAAE;oBAC3B,yDAAyD;oBACzD,mEAAmE;oBACnE,gBAAgB;oBAChB,IAAIC,YAAYH,aAAa;wBAC3BI,OAAOC,cAAc,CAACX,YAAYK,cAAc;4BAC9CG,cAAc;wBAChB;oBACF,OAAO;wBACLE,OAAOC,cAAc,CAACX,YAAYK,cAAc;4BAC9CG,cAAc;4BACdI,UAAU;wBACZ;oBACF;gBACF;gBAEA,IAAIX,qBAAqBY,GAAG,CAACR,eAAe;oBAC1CS,OAAO,AAACd,UAAkB,CAACK,aAAa;gBAC1C;YACF;QACF;IACF,EAAE,OAAOU,OAAO;QACdC,IAAAA,oBAAQ,EAAC,iCAAiCD;QAC1C,MAAMA;IACR;AACF;AAEA;;;;;;;;;CASC,GACD,SAASN,YAAYH,UAAe;IAClC,OAAO,SAASA,cAAc,SAASA;AACzC"}
+{"version":3,"sources":["../../../../src/common/lockdown/lockdown-more.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../../node_modules/ses/types.d.ts\" />\n\nimport { logError } from '@metamask/snaps-utils';\n\n/**\n * The SES `lockdown` function only hardens the properties enumerated by the\n * universalPropertyNames constant specified in 'ses/src/whitelist'. This\n * function makes all function and object properties on the start compartment\n * global non-configurable and non-writable, unless they are already\n * non-configurable.\n *\n * It is critical that this function runs at the right time during\n * initialization, which should always be immediately after `lockdown` has been\n * called. At the time of writing, the modifications this function makes to the\n * runtime environment appear to be non-breaking, but that could change with\n * the addition of dependencies, or the order of our scripts in our HTML files.\n * Exercise caution.\n *\n * See inline comments for implementation details.\n *\n * We write this function in IIFE format to avoid polluting global scope.\n *\n * @throws If the lockdown failed.\n */\nexport function executeLockdownMore() {\n  // Make all \"object\" and \"function\" own properties of globalThis\n  // non-configurable and non-writable, when possible.\n  // We call a property that is non-configurable and non-writable,\n  // \"non-modifiable\".\n  try {\n    const namedIntrinsics = Reflect.ownKeys(new Compartment().globalThis);\n\n    // These named intrinsics are not automatically hardened by `lockdown`\n    const shouldHardenManually = new Set<symbol | string>(['eval', 'Function']);\n\n    const globalProperties = new Set([\n      // universalPropertyNames is a constant added by lockdown to global scope\n      // at the time of writing, it is initialized in 'ses/src/whitelist'.\n      // These properties tend to be non-enumerable.\n      ...namedIntrinsics,\n\n      // TODO: Also include the named platform globals\n      // This grabs every enumerable property on globalThis.\n      // ...Object.keys(globalThis),\n    ]);\n\n    globalProperties.forEach((propertyName) => {\n      const descriptor = Reflect.getOwnPropertyDescriptor(\n        globalThis,\n        propertyName,\n      );\n\n      if (descriptor) {\n        if (descriptor.configurable) {\n          // If the property on globalThis is configurable, make it\n          // non-configurable. If it has no accessor properties, also make it\n          // non-writable.\n          if (hasAccessor(descriptor)) {\n            Object.defineProperty(globalThis, propertyName, {\n              configurable: false,\n            });\n          } else {\n            Object.defineProperty(globalThis, propertyName, {\n              configurable: false,\n              writable: false,\n            });\n          }\n        }\n\n        if (shouldHardenManually.has(propertyName)) {\n          harden((globalThis as any)[propertyName]);\n        }\n      }\n    });\n  } catch (error) {\n    logError('Protecting intrinsics failed:', error);\n    throw error;\n  }\n}\n\n/**\n * Checks whether the given propertyName descriptor has any accessors, i.e. the\n * properties `get` or `set`.\n *\n * We want to make globals non-writable, and we can't set the `writable`\n * property and accessor properties at the same time.\n *\n * @param descriptor - The propertyName descriptor to check.\n * @returns Whether the propertyName descriptor has any accessors.\n */\nfunction hasAccessor(descriptor: any): boolean {\n  return 'set' in descriptor || 'get' in descriptor;\n}\n"],"names":["executeLockdownMore","namedIntrinsics","Reflect","ownKeys","Compartment","globalThis","shouldHardenManually","Set","globalProperties","forEach","propertyName","descriptor","getOwnPropertyDescriptor","configurable","hasAccessor","Object","defineProperty","writable","has","harden","error","logError"],"mappings":"AAAA,qFAAqF;AACrF,mEAAmE;;;;;+BAwBnDA;;;eAAAA;;;4BAtBS;AAsBlB,SAASA;IACd,gEAAgE;IAChE,oDAAoD;IACpD,gEAAgE;IAChE,oBAAoB;IACpB,IAAI;QACF,MAAMC,kBAAkBC,QAAQC,OAAO,CAAC,IAAIC,cAAcC,UAAU;QAEpE,sEAAsE;QACtE,MAAMC,uBAAuB,IAAIC,IAAqB;YAAC;YAAQ;SAAW;QAE1E,MAAMC,mBAAmB,IAAID,IAAI;YAC/B,yEAAyE;YACzE,oEAAoE;YACpE,8CAA8C;eAC3CN;SAKJ;QAEDO,iBAAiBC,OAAO,CAAC,CAACC;YACxB,MAAMC,aAAaT,QAAQU,wBAAwB,CACjDP,YACAK;YAGF,IAAIC,YAAY;gBACd,IAAIA,WAAWE,YAAY,EAAE;oBAC3B,yDAAyD;oBACzD,mEAAmE;oBACnE,gBAAgB;oBAChB,IAAIC,YAAYH,aAAa;wBAC3BI,OAAOC,cAAc,CAACX,YAAYK,cAAc;4BAC9CG,cAAc;wBAChB;oBACF,OAAO;wBACLE,OAAOC,cAAc,CAACX,YAAYK,cAAc;4BAC9CG,cAAc;4BACdI,UAAU;wBACZ;oBACF;gBACF;gBAEA,IAAIX,qBAAqBY,GAAG,CAACR,eAAe;oBAC1CS,OAAO,AAACd,UAAkB,CAACK,aAAa;gBAC1C;YACF;QACF;IACF,EAAE,OAAOU,OAAO;QACdC,IAAAA,oBAAQ,EAAC,iCAAiCD;QAC1C,MAAMA;IACR;AACF;AAEA;;;;;;;;;CASC,GACD,SAASN,YAAYH,UAAe;IAClC,OAAO,SAASA,cAAc,SAASA;AACzC"}

package/dist/cjs/common/lockdown/lockdown.js

@@ -1,5 +1,5 @@
 // eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment
-/// <reference path="../../../../../node_modules/ses/index.d.ts" />
+/// <reference path="../../../../../node_modules/ses/types.d.ts" />
 "use strict";
 Object.defineProperty(exports, "__esModule", {
     value: true

package/dist/cjs/common/lockdown/lockdown.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/common/lockdown/lockdown.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../../node_modules/ses/index.d.ts\" />\n\nimport { logError } from '@metamask/snaps-utils';\n\n/**\n * Execute SES lockdown in the current context, i.e., the current iframe.\n *\n * @throws If the SES lockdown failed.\n */\nexport function executeLockdown() {\n  try {\n    lockdown({\n      consoleTaming: 'unsafe',\n      errorTaming: 'unsafe',\n      mathTaming: 'unsafe',\n      dateTaming: 'unsafe',\n      overrideTaming: 'severe',\n    });\n  } catch (error) {\n    // If the `lockdown` call throws an exception, it should not be able to continue\n    logError('Lockdown failed:', error);\n    throw error;\n  }\n}\n"],"names":["executeLockdown","lockdown","consoleTaming","errorTaming","mathTaming","dateTaming","overrideTaming","error","logError"],"mappings":"AAAA,qFAAqF;AACrF,mEAAmE;;;;;+BASnDA;;;eAAAA;;;4BAPS;AAOlB,SAASA;IACd,IAAI;QACFC,SAAS;YACPC,eAAe;YACfC,aAAa;YACbC,YAAY;YACZC,YAAY;YACZC,gBAAgB;QAClB;IACF,EAAE,OAAOC,OAAO;QACd,gFAAgF;QAChFC,IAAAA,oBAAQ,EAAC,oBAAoBD;QAC7B,MAAMA;IACR;AACF"}
+{"version":3,"sources":["../../../../src/common/lockdown/lockdown.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../../node_modules/ses/types.d.ts\" />\n\nimport { logError } from '@metamask/snaps-utils';\n\n/**\n * Execute SES lockdown in the current context, i.e., the current iframe.\n *\n * @throws If the SES lockdown failed.\n */\nexport function executeLockdown() {\n  try {\n    lockdown({\n      consoleTaming: 'unsafe',\n      errorTaming: 'unsafe',\n      mathTaming: 'unsafe',\n      dateTaming: 'unsafe',\n      overrideTaming: 'severe',\n    });\n  } catch (error) {\n    // If the `lockdown` call throws an exception, it should not be able to continue\n    logError('Lockdown failed:', error);\n    throw error;\n  }\n}\n"],"names":["executeLockdown","lockdown","consoleTaming","errorTaming","mathTaming","dateTaming","overrideTaming","error","logError"],"mappings":"AAAA,qFAAqF;AACrF,mEAAmE;;;;;+BASnDA;;;eAAAA;;;4BAPS;AAOlB,SAASA;IACd,IAAI;QACFC,SAAS;YACPC,eAAe;YACfC,aAAa;YACbC,YAAY;YACZC,YAAY;YACZC,gBAAgB;QAClB;IACF,EAAE,OAAOC,OAAO;QACd,gFAAgF;QAChFC,IAAAA,oBAAQ,EAAC,oBAAoBD;QAC7B,MAAMA;IACR;AACF"}

package/dist/esm/common/BaseSnapExecutor.js

@@ -1,5 +1,5 @@
 // eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment
-/// <reference path="../../../../node_modules/ses/index.d.ts" />
+/// <reference path="../../../../node_modules/ses/types.d.ts" />
 function _define_property(obj, key, value) {
     if (key in obj) {
         Object.defineProperty(obj, key, {

package/dist/esm/common/BaseSnapExecutor.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/common/BaseSnapExecutor.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../node_modules/ses/index.d.ts\" />\nimport { StreamProvider } from '@metamask/providers';\nimport type { RequestArguments } from '@metamask/providers/dist/BaseProvider';\nimport type { SnapsGlobalObject } from '@metamask/rpc-methods';\nimport type {\n  SnapExports,\n  HandlerType,\n  SnapExportsParameters,\n} from '@metamask/snaps-utils';\nimport {\n  SNAP_EXPORT_NAMES,\n  logError,\n  SNAP_EXPORTS,\n} from '@metamask/snaps-utils';\nimport type {\n  JsonRpcNotification,\n  JsonRpcId,\n  JsonRpcRequest,\n  Json,\n} from '@metamask/utils';\nimport {\n  isObject,\n  isValidJson,\n  assert,\n  isJsonRpcRequest,\n  hasProperty,\n  getSafeJson,\n} from '@metamask/utils';\nimport { errorCodes, ethErrors, serializeError } from 'eth-rpc-errors';\nimport { createIdRemapMiddleware } from 'json-rpc-engine';\nimport type { Duplex } from 'stream';\nimport { validate } from 'superstruct';\n\nimport { log } from '../logging';\nimport EEOpenRPCDocument from '../openrpc.json';\nimport type { CommandMethodsMapping } from './commands';\nimport { getCommandMethodImplementations } from './commands';\nimport { createEndowments } from './endowments';\nimport { addEventListener, removeEventListener } from './globalEvents';\nimport { sortParamKeys } from './sortParams';\nimport {\n  assertEthereumOutboundRequest,\n  assertSnapOutboundRequest,\n  constructError,\n  proxyStreamProvider,\n  withTeardown,\n} from './utils';\nimport {\n  ExecuteSnapRequestArgumentsStruct,\n  PingRequestArgumentsStruct,\n  SnapRpcRequestArgumentsStruct,\n  TerminateRequestArgumentsStruct,\n} from './validation';\n\ntype EvaluationData = {\n  stop: () => void;\n};\n\ntype SnapData = {\n  exports: SnapExports;\n  runningEvaluations: Set<EvaluationData>;\n  idleTeardown: () => Promise<void>;\n};\n\nconst fallbackError = {\n  code: errorCodes.rpc.internal,\n  message: 'Execution Environment Error',\n};\n\nexport type InvokeSnapArgs = Omit<SnapExportsParameters[0], 'chainId'>;\n\nexport type InvokeSnap = (\n  target: string,\n  handler: HandlerType,\n  args: InvokeSnapArgs | undefined,\n) => Promise<Json>;\n\n/**\n * The supported methods in the execution environment. The validator checks the\n * incoming JSON-RPC request, and the `params` property is used for sorting the\n * parameters, if they are an object.\n */\nconst EXECUTION_ENVIRONMENT_METHODS = {\n  ping: {\n    struct: PingRequestArgumentsStruct,\n    params: [],\n  },\n  executeSnap: {\n    struct: ExecuteSnapRequestArgumentsStruct,\n    params: ['snapId', 'sourceCode', 'endowments'],\n  },\n  terminate: {\n    struct: TerminateRequestArgumentsStruct,\n    params: [],\n  },\n  snapRpc: {\n    struct: SnapRpcRequestArgumentsStruct,\n    params: ['target', 'handler', 'origin', 'request'],\n  },\n};\n\ntype Methods = typeof EXECUTION_ENVIRONMENT_METHODS;\n\nexport class BaseSnapExecutor {\n  private readonly snapData: Map<string, SnapData>;\n\n  private readonly commandStream: Duplex;\n\n  private readonly rpcStream: Duplex;\n\n  private readonly methods: CommandMethodsMapping;\n\n  private snapErrorHandler?: (event: ErrorEvent) => void;\n\n  private snapPromiseErrorHandler?: (event: PromiseRejectionEvent) => void;\n\n  private lastTeardown = 0;\n\n  protected constructor(commandStream: Duplex, rpcStream: Duplex) {\n    this.snapData = new Map();\n    this.commandStream = commandStream;\n    this.commandStream.on('data', (data) => {\n      this.onCommandRequest(data).catch((error) => {\n        // TODO: Decide how to handle errors.\n        logError(error);\n      });\n    });\n    this.rpcStream = rpcStream;\n\n    this.methods = getCommandMethodImplementations(\n      this.startSnap.bind(this),\n      async (target, handlerType, args) => {\n        const data = this.snapData.get(target);\n        // We're capturing the handler in case someone modifies the data object\n        // before the call.\n        const handler = data?.exports[handlerType];\n        const { required } = SNAP_EXPORTS[handlerType];\n\n        assert(\n          !required || handler !== undefined,\n          `No ${handlerType} handler exported for snap \"${target}`,\n        );\n\n        // Certain handlers are not required. If they are not exported, we\n        // return null.\n        if (!handler) {\n          return null;\n        }\n\n        // TODO: fix handler args type cast\n        let result = await this.executeInSnapContext(target, () =>\n          handler(args as any),\n        );\n\n        // The handler might not return anything, but undefined is not valid JSON.\n        if (result === undefined) {\n          result = null;\n        }\n\n        // /!\\ Always return only sanitized JSON to prevent security flaws. /!\\\n        try {\n          return getSafeJson(result);\n        } catch (error) {\n          throw new TypeError(\n            `Received non-JSON-serializable value: ${error.message.replace(\n              /^Assertion failed: /u,\n              '',\n            )}`,\n          );\n        }\n      },\n      this.onTerminate.bind(this),\n    );\n  }\n\n  private errorHandler(error: unknown, data: Record<string, Json>) {\n    const constructedError = constructError(error);\n    const serializedError = serializeError(constructedError, {\n      fallbackError,\n      shouldIncludeStack: false,\n    });\n\n    // We're setting it this way to avoid sentData.stack = undefined\n    const sentData: Json = { ...data, stack: constructedError?.stack ?? null };\n\n    this.notify({\n      method: 'UnhandledError',\n      params: {\n        error: {\n          ...serializedError,\n          data: sentData,\n        },\n      },\n    });\n  }\n\n  private async onCommandRequest(message: JsonRpcRequest) {\n    if (!isJsonRpcRequest(message)) {\n      throw new Error('Command stream received a non-JSON-RPC request.');\n    }\n\n    const { id, method, params } = message;\n    if (method === 'rpc.discover') {\n      this.respond(id, {\n        result: EEOpenRPCDocument,\n      });\n      return;\n    }\n\n    if (!hasProperty(EXECUTION_ENVIRONMENT_METHODS, method)) {\n      this.respond(id, {\n        error: ethErrors.rpc\n          .methodNotFound({\n            data: {\n              method,\n            },\n          })\n          .serialize(),\n      });\n      return;\n    }\n\n    const methodObject = EXECUTION_ENVIRONMENT_METHODS[method as keyof Methods];\n\n    // support params by-name and by-position\n    const paramsAsArray = sortParamKeys(methodObject.params, params);\n\n    const [error] = validate<any, any>(paramsAsArray, methodObject.struct);\n    if (error) {\n      this.respond(id, {\n        error: ethErrors.rpc\n          .invalidParams({\n            message: `Invalid parameters for method \"${method}\": ${error.message}.`,\n            data: {\n              method,\n              params: paramsAsArray,\n            },\n          })\n          .serialize(),\n      });\n      return;\n    }\n\n    try {\n      const result = await (this.methods as any)[method](...paramsAsArray);\n      this.respond(id, { result });\n    } catch (rpcError) {\n      this.respond(id, {\n        error: serializeError(rpcError, {\n          fallbackError,\n        }),\n      });\n    }\n  }\n\n  protected notify(requestObject: Omit<JsonRpcNotification, 'jsonrpc'>) {\n    if (!isValidJson(requestObject) || !isObject(requestObject)) {\n      throw new Error(\n        'JSON-RPC notifications must be JSON serializable objects',\n      );\n    }\n\n    this.commandStream.write({\n      ...requestObject,\n      jsonrpc: '2.0',\n    });\n  }\n\n  protected respond(id: JsonRpcId, requestObject: Record<string, unknown>) {\n    if (!isValidJson(requestObject) || !isObject(requestObject)) {\n      throw new Error('JSON-RPC responses must be JSON serializable objects.');\n    }\n\n    this.commandStream.write({\n      ...requestObject,\n      id,\n      jsonrpc: '2.0',\n    });\n  }\n\n  /**\n   * Attempts to evaluate a snap in SES. Generates APIs for the snap. May throw\n   * on errors.\n   *\n   * @param snapId - The id of the snap.\n   * @param sourceCode - The source code of the snap, in IIFE format.\n   * @param _endowments - An array of the names of the endowments.\n   */\n  protected async startSnap(\n    snapId: string,\n    sourceCode: string,\n    _endowments?: string[],\n  ): Promise<void> {\n    log(`Starting snap '${snapId}' in worker.`);\n    if (this.snapPromiseErrorHandler) {\n      removeEventListener('unhandledrejection', this.snapPromiseErrorHandler);\n    }\n\n    if (this.snapErrorHandler) {\n      removeEventListener('error', this.snapErrorHandler);\n    }\n\n    this.snapErrorHandler = (error: ErrorEvent) => {\n      this.errorHandler(error.error, { snapId });\n    };\n\n    this.snapPromiseErrorHandler = (error: PromiseRejectionEvent) => {\n      this.errorHandler(error instanceof Error ? error : error.reason, {\n        snapId,\n      });\n    };\n\n    const provider = new StreamProvider(this.rpcStream, {\n      jsonRpcStreamName: 'metamask-provider',\n      rpcMiddleware: [createIdRemapMiddleware()],\n    });\n\n    await provider.initialize();\n\n    const snap = this.createSnapGlobal(provider);\n    const ethereum = this.createEIP1193Provider(provider);\n    // We specifically use any type because the Snap can modify the object any way they want\n    const snapModule: any = { exports: {} };\n\n    try {\n      const { endowments, teardown: endowmentTeardown } = createEndowments(\n        snap,\n        ethereum,\n        snapId,\n        _endowments,\n      );\n\n      // !!! Ensure that this is the only place the data is being set.\n      // Other methods access the object value and mutate its properties.\n      this.snapData.set(snapId, {\n        idleTeardown: endowmentTeardown,\n        runningEvaluations: new Set(),\n        exports: {},\n      });\n\n      addEventListener('unhandledRejection', this.snapPromiseErrorHandler);\n      addEventListener('error', this.snapErrorHandler);\n\n      const compartment = new Compartment({\n        ...endowments,\n        module: snapModule,\n        exports: snapModule.exports,\n      });\n      // All of those are JavaScript runtime specific and self referential,\n      // but we add them for compatibility sake with external libraries.\n      //\n      // We can't do that in the injected globals object above\n      // because SES creates its own globalThis\n      compartment.globalThis.self = compartment.globalThis;\n      compartment.globalThis.global = compartment.globalThis;\n      compartment.globalThis.window = compartment.globalThis;\n\n      await this.executeInSnapContext(snapId, () => {\n        compartment.evaluate(sourceCode);\n        this.registerSnapExports(snapId, snapModule);\n      });\n    } catch (error) {\n      this.removeSnap(snapId);\n      throw new Error(\n        `Error while running snap '${snapId}': ${(error as Error).message}`,\n      );\n    }\n  }\n\n  /**\n   * Cancels all running evaluations of all snaps and clears all snap data.\n   * NOTE:** Should only be called in response to the `terminate` RPC command.\n   */\n  protected onTerminate() {\n    // `stop()` tears down snap endowments.\n    // Teardown will also be run for each snap as soon as there are\n    // no more running evaluations for that snap.\n    this.snapData.forEach((data) =>\n      data.runningEvaluations.forEach((evaluation) => evaluation.stop()),\n    );\n    this.snapData.clear();\n  }\n\n  private registerSnapExports(snapId: string, snapModule: any) {\n    const data = this.snapData.get(snapId);\n    // Somebody deleted the snap before we could register.\n    if (!data) {\n      return;\n    }\n\n    data.exports = SNAP_EXPORT_NAMES.reduce((acc, exportName) => {\n      const snapExport = snapModule.exports[exportName];\n      const { validator } = SNAP_EXPORTS[exportName];\n      if (validator(snapExport)) {\n        return { ...acc, [exportName]: snapExport };\n      }\n      return acc;\n    }, {});\n  }\n\n  /**\n   * Instantiates a snap API object (i.e. `globalThis.snap`).\n   *\n   * @param provider - A StreamProvider connected to MetaMask.\n   * @returns The snap provider object.\n   */\n  private createSnapGlobal(provider: StreamProvider): SnapsGlobalObject {\n    const originalRequest = provider.request.bind(provider);\n\n    const request = async (args: RequestArguments) => {\n      assertSnapOutboundRequest(args);\n      const sanitizedArgs = getSafeJson(args);\n      this.notify({ method: 'OutboundRequest' });\n      try {\n        return await withTeardown(\n          originalRequest(sanitizedArgs as unknown as RequestArguments),\n          this as any,\n        );\n      } finally {\n        this.notify({ method: 'OutboundResponse' });\n      }\n    };\n\n    // Proxy target is intentionally set to be an empty object, to ensure\n    // that access to the prototype chain is not possible.\n    const snapGlobalProxy = new Proxy(\n      {},\n      {\n        has(_target: object, prop: string | symbol) {\n          return typeof prop === 'string' && ['request'].includes(prop);\n        },\n        get(_target, prop: keyof StreamProvider) {\n          if (prop === 'request') {\n            return request;\n          }\n\n          return undefined;\n        },\n      },\n    ) as SnapsGlobalObject;\n\n    return harden(snapGlobalProxy);\n  }\n\n  /**\n   * Instantiates an EIP-1193 Ethereum provider object (i.e. `globalThis.ethereum`).\n   *\n   * @param provider - A StreamProvider connected to MetaMask.\n   * @returns The EIP-1193 Ethereum provider object.\n   */\n  private createEIP1193Provider(provider: StreamProvider): StreamProvider {\n    const originalRequest = provider.request.bind(provider);\n\n    const request = async (args: RequestArguments) => {\n      assertEthereumOutboundRequest(args);\n      const sanitizedArgs = getSafeJson(args);\n      this.notify({ method: 'OutboundRequest' });\n      try {\n        return await withTeardown(\n          originalRequest(sanitizedArgs as unknown as RequestArguments),\n          this as any,\n        );\n      } finally {\n        this.notify({ method: 'OutboundResponse' });\n      }\n    };\n\n    const streamProviderProxy = proxyStreamProvider(provider, request);\n\n    return harden(streamProviderProxy);\n  }\n\n  /**\n   * Removes the snap with the given name.\n   *\n   * @param snapId - The id of the snap to remove.\n   */\n  private removeSnap(snapId: string): void {\n    this.snapData.delete(snapId);\n  }\n\n  /**\n   * Calls the specified executor function in the context of the specified snap.\n   * Essentially, this means that the operation performed by the executor is\n   * counted as an evaluation of the specified snap. When the count of running\n   * evaluations of a snap reaches zero, its endowments are torn down.\n   *\n   * @param snapId - The id of the snap whose context to execute in.\n   * @param executor - The function that will be executed in the snap's context.\n   * @returns The executor's return value.\n   * @template Result - The return value of the executor.\n   */\n  private async executeInSnapContext<Result>(\n    snapId: string,\n    executor: () => Promise<Result> | Result,\n  ): Promise<Result> {\n    const data = this.snapData.get(snapId);\n    if (data === undefined) {\n      throw new Error(\n        `Tried to execute in context of unknown snap: \"${snapId}\".`,\n      );\n    }\n\n    let stop: () => void;\n    const stopPromise = new Promise<never>(\n      (_, reject) =>\n        (stop = () =>\n          reject(\n            // TODO(rekmarks): Specify / standardize error code for this case.\n            ethErrors.rpc.internal(\n              `The snap \"${snapId}\" has been terminated during execution.`,\n            ),\n          )),\n    );\n\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    const evaluationData = { stop: stop! };\n\n    try {\n      data.runningEvaluations.add(evaluationData);\n      // Notice that we have to await this executor.\n      // If we didn't, we would decrease the amount of running evaluations\n      // before the promise actually resolves\n      return await Promise.race([executor(), stopPromise]);\n    } finally {\n      data.runningEvaluations.delete(evaluationData);\n\n      if (data.runningEvaluations.size === 0) {\n        this.lastTeardown += 1;\n        await data.idleTeardown();\n      }\n    }\n  }\n}\n"],"names":["StreamProvider","SNAP_EXPORT_NAMES","logError","SNAP_EXPORTS","isObject","isValidJson","assert","isJsonRpcRequest","hasProperty","getSafeJson","errorCodes","ethErrors","serializeError","createIdRemapMiddleware","validate","log","EEOpenRPCDocument","getCommandMethodImplementations","createEndowments","addEventListener","removeEventListener","sortParamKeys","assertEthereumOutboundRequest","assertSnapOutboundRequest","constructError","proxyStreamProvider","withTeardown","ExecuteSnapRequestArgumentsStruct","PingRequestArgumentsStruct","SnapRpcRequestArgumentsStruct","TerminateRequestArgumentsStruct","fallbackError","code","rpc","internal","message","EXECUTION_ENVIRONMENT_METHODS","ping","struct","params","executeSnap","terminate","snapRpc","BaseSnapExecutor","errorHandler","error","data","constructedError","serializedError","shouldIncludeStack","sentData","stack","notify","method","onCommandRequest","Error","id","respond","result","methodNotFound","serialize","methodObject","paramsAsArray","invalidParams","methods","rpcError","requestObject","commandStream","write","jsonrpc","startSnap","snapId","sourceCode","_endowments","snapPromiseErrorHandler","snapErrorHandler","reason","provider","rpcStream","jsonRpcStreamName","rpcMiddleware","initialize","snap","createSnapGlobal","ethereum","createEIP1193Provider","snapModule","exports","endowments","teardown","endowmentTeardown","snapData","set","idleTeardown","runningEvaluations","Set","compartment","Compartment","module","globalThis","self","global","window","executeInSnapContext","evaluate","registerSnapExports","removeSnap","onTerminate","forEach","evaluation","stop","clear","get","reduce","acc","exportName","snapExport","validator","originalRequest","request","bind","args","sanitizedArgs","snapGlobalProxy","Proxy","has","_target","prop","includes","undefined","harden","streamProviderProxy","delete","executor","stopPromise","Promise","_","reject","evaluationData","add","race","size","lastTeardown","Map","on","catch","target","handlerType","handler","required","TypeError","replace"],"mappings":"AAAA,qFAAqF;AACrF,gEAAgE;;;;;;;;;;;;;;AAChE,SAASA,cAAc,QAAQ,sBAAsB;AAQrD,SACEC,iBAAiB,EACjBC,QAAQ,EACRC,YAAY,QACP,wBAAwB;AAO/B,SACEC,QAAQ,EACRC,WAAW,EACXC,MAAM,EACNC,gBAAgB,EAChBC,WAAW,EACXC,WAAW,QACN,kBAAkB;AACzB,SAASC,UAAU,EAAEC,SAAS,EAAEC,cAAc,QAAQ,iBAAiB;AACvE,SAASC,uBAAuB,QAAQ,kBAAkB;AAE1D,SAASC,QAAQ,QAAQ,cAAc;AAEvC,SAASC,GAAG,QAAQ,aAAa;AACjC,OAAOC,uBAAuB,kBAAkB;AAEhD,SAASC,+BAA+B,QAAQ,aAAa;AAC7D,SAASC,gBAAgB,QAAQ,eAAe;AAChD,SAASC,gBAAgB,EAAEC,mBAAmB,QAAQ,iBAAiB;AACvE,SAASC,aAAa,QAAQ,eAAe;AAC7C,SACEC,6BAA6B,EAC7BC,yBAAyB,EACzBC,cAAc,EACdC,mBAAmB,EACnBC,YAAY,QACP,UAAU;AACjB,SACEC,iCAAiC,EACjCC,0BAA0B,EAC1BC,6BAA6B,EAC7BC,+BAA+B,QAC1B,eAAe;AAYtB,MAAMC,gBAAgB;IACpBC,MAAMtB,WAAWuB,GAAG,CAACC,QAAQ;IAC7BC,SAAS;AACX;AAUA;;;;CAIC,GACD,MAAMC,gCAAgC;IACpCC,MAAM;QACJC,QAAQV;QACRW,QAAQ,EAAE;IACZ;IACAC,aAAa;QACXF,QAAQX;QACRY,QAAQ;YAAC;YAAU;YAAc;SAAa;IAChD;IACAE,WAAW;QACTH,QAAQR;QACRS,QAAQ,EAAE;IACZ;IACAG,SAAS;QACPJ,QAAQT;QACRU,QAAQ;YAAC;YAAU;YAAW;YAAU;SAAU;IACpD;AACF;AAIA,OAAO,MAAMI;IAwEHC,aAAaC,KAAc,EAAEC,IAA0B,EAAE;QAC/D,MAAMC,mBAAmBvB,eAAeqB;QACxC,MAAMG,kBAAkBpC,eAAemC,kBAAkB;YACvDhB;YACAkB,oBAAoB;QACtB;QAEA,gEAAgE;QAChE,MAAMC,WAAiB;YAAE,GAAGJ,IAAI;YAAEK,OAAOJ,kBAAkBI,SAAS;QAAK;QAEzE,IAAI,CAACC,MAAM,CAAC;YACVC,QAAQ;YACRd,QAAQ;gBACNM,OAAO;oBACL,GAAGG,eAAe;oBAClBF,MAAMI;gBACR;YACF;QACF;IACF;IAEA,MAAcI,iBAAiBnB,OAAuB,EAAE;QACtD,IAAI,CAAC5B,iBAAiB4B,UAAU;YAC9B,MAAM,IAAIoB,MAAM;QAClB;QAEA,MAAM,EAAEC,EAAE,EAAEH,MAAM,EAAEd,MAAM,EAAE,GAAGJ;QAC/B,IAAIkB,WAAW,gBAAgB;YAC7B,IAAI,CAACI,OAAO,CAACD,IAAI;gBACfE,QAAQ1C;YACV;YACA;QACF;QAEA,IAAI,CAACR,YAAY4B,+BAA+BiB,SAAS;YACvD,IAAI,CAACI,OAAO,CAACD,IAAI;gBACfX,OAAOlC,UAAUsB,GAAG,CACjB0B,cAAc,CAAC;oBACdb,MAAM;wBACJO;oBACF;gBACF,GACCO,SAAS;YACd;YACA;QACF;QAEA,MAAMC,eAAezB,6BAA6B,CAACiB,OAAwB;QAE3E,yCAAyC;QACzC,MAAMS,gBAAgBzC,cAAcwC,aAAatB,MAAM,EAAEA;QAEzD,MAAM,CAACM,MAAM,GAAG/B,SAAmBgD,eAAeD,aAAavB,MAAM;QACrE,IAAIO,OAAO;YACT,IAAI,CAACY,OAAO,CAACD,IAAI;gBACfX,OAAOlC,UAAUsB,GAAG,CACjB8B,aAAa,CAAC;oBACb5B,SAAS,CAAC,+BAA+B,EAAEkB,OAAO,GAAG,EAAER,MAAMV,OAAO,CAAC,CAAC,CAAC;oBACvEW,MAAM;wBACJO;wBACAd,QAAQuB;oBACV;gBACF,GACCF,SAAS;YACd;YACA;QACF;QAEA,IAAI;YACF,MAAMF,SAAS,MAAM,AAAC,IAAI,CAACM,OAAO,AAAQ,CAACX,OAAO,IAAIS;YACtD,IAAI,CAACL,OAAO,CAACD,IAAI;gBAAEE;YAAO;QAC5B,EAAE,OAAOO,UAAU;YACjB,IAAI,CAACR,OAAO,CAACD,IAAI;gBACfX,OAAOjC,eAAeqD,UAAU;oBAC9BlC;gBACF;YACF;QACF;IACF;IAEUqB,OAAOc,aAAmD,EAAE;QACpE,IAAI,CAAC7D,YAAY6D,kBAAkB,CAAC9D,SAAS8D,gBAAgB;YAC3D,MAAM,IAAIX,MACR;QAEJ;QAEA,IAAI,CAACY,aAAa,CAACC,KAAK,CAAC;YACvB,GAAGF,aAAa;YAChBG,SAAS;QACX;IACF;IAEUZ,QAAQD,EAAa,EAAEU,aAAsC,EAAE;QACvE,IAAI,CAAC7D,YAAY6D,kBAAkB,CAAC9D,SAAS8D,gBAAgB;YAC3D,MAAM,IAAIX,MAAM;QAClB;QAEA,IAAI,CAACY,aAAa,CAACC,KAAK,CAAC;YACvB,GAAGF,aAAa;YAChBV;YACAa,SAAS;QACX;IACF;IAEA;;;;;;;GAOC,GACD,MAAgBC,UACdC,MAAc,EACdC,UAAkB,EAClBC,WAAsB,EACP;QACf1D,IAAI,CAAC,eAAe,EAAEwD,OAAO,YAAY,CAAC;QAC1C,IAAI,IAAI,CAACG,uBAAuB,EAAE;YAChCtD,oBAAoB,sBAAsB,IAAI,CAACsD,uBAAuB;QACxE;QAEA,IAAI,IAAI,CAACC,gBAAgB,EAAE;YACzBvD,oBAAoB,SAAS,IAAI,CAACuD,gBAAgB;QACpD;QAEA,IAAI,CAACA,gBAAgB,GAAG,CAAC9B;YACvB,IAAI,CAACD,YAAY,CAACC,MAAMA,KAAK,EAAE;gBAAE0B;YAAO;QAC1C;QAEA,IAAI,CAACG,uBAAuB,GAAG,CAAC7B;YAC9B,IAAI,CAACD,YAAY,CAACC,iBAAiBU,QAAQV,QAAQA,MAAM+B,MAAM,EAAE;gBAC/DL;YACF;QACF;QAEA,MAAMM,WAAW,IAAI7E,eAAe,IAAI,CAAC8E,SAAS,EAAE;YAClDC,mBAAmB;YACnBC,eAAe;gBAACnE;aAA0B;QAC5C;QAEA,MAAMgE,SAASI,UAAU;QAEzB,MAAMC,OAAO,IAAI,CAACC,gBAAgB,CAACN;QACnC,MAAMO,WAAW,IAAI,CAACC,qBAAqB,CAACR;QAC5C,wFAAwF;QACxF,MAAMS,aAAkB;YAAEC,SAAS,CAAC;QAAE;QAEtC,IAAI;YACF,MAAM,EAAEC,UAAU,EAAEC,UAAUC,iBAAiB,EAAE,GAAGxE,iBAClDgE,MACAE,UACAb,QACAE;YAGF,gEAAgE;YAChE,mEAAmE;YACnE,IAAI,CAACkB,QAAQ,CAACC,GAAG,CAACrB,QAAQ;gBACxBsB,cAAcH;gBACdI,oBAAoB,IAAIC;gBACxBR,SAAS,CAAC;YACZ;YAEApE,iBAAiB,sBAAsB,IAAI,CAACuD,uBAAuB;YACnEvD,iBAAiB,SAAS,IAAI,CAACwD,gBAAgB;YAE/C,MAAMqB,cAAc,IAAIC,YAAY;gBAClC,GAAGT,UAAU;gBACbU,QAAQZ;gBACRC,SAASD,WAAWC,OAAO;YAC7B;YACA,qEAAqE;YACrE,kEAAkE;YAClE,EAAE;YACF,wDAAwD;YACxD,yCAAyC;YACzCS,YAAYG,UAAU,CAACC,IAAI,GAAGJ,YAAYG,UAAU;YACpDH,YAAYG,UAAU,CAACE,MAAM,GAAGL,YAAYG,UAAU;YACtDH,YAAYG,UAAU,CAACG,MAAM,GAAGN,YAAYG,UAAU;YAEtD,MAAM,IAAI,CAACI,oBAAoB,CAAChC,QAAQ;gBACtCyB,YAAYQ,QAAQ,CAAChC;gBACrB,IAAI,CAACiC,mBAAmB,CAAClC,QAAQe;YACnC;QACF,EAAE,OAAOzC,OAAO;YACd,IAAI,CAAC6D,UAAU,CAACnC;YAChB,MAAM,IAAIhB,MACR,CAAC,0BAA0B,EAAEgB,OAAO,GAAG,EAAE,AAAC1B,MAAgBV,OAAO,CAAC,CAAC;QAEvE;IACF;IAEA;;;GAGC,GACD,AAAUwE,cAAc;QACtB,uCAAuC;QACvC,+DAA+D;QAC/D,6CAA6C;QAC7C,IAAI,CAAChB,QAAQ,CAACiB,OAAO,CAAC,CAAC9D,OACrBA,KAAKgD,kBAAkB,CAACc,OAAO,CAAC,CAACC,aAAeA,WAAWC,IAAI;QAEjE,IAAI,CAACnB,QAAQ,CAACoB,KAAK;IACrB;IAEQN,oBAAoBlC,MAAc,EAAEe,UAAe,EAAE;QAC3D,MAAMxC,OAAO,IAAI,CAAC6C,QAAQ,CAACqB,GAAG,CAACzC;QAC/B,sDAAsD;QACtD,IAAI,CAACzB,MAAM;YACT;QACF;QAEAA,KAAKyC,OAAO,GAAGtF,kBAAkBgH,MAAM,CAAC,CAACC,KAAKC;YAC5C,MAAMC,aAAa9B,WAAWC,OAAO,CAAC4B,WAAW;YACjD,MAAM,EAAEE,SAAS,EAAE,GAAGlH,YAAY,CAACgH,WAAW;YAC9C,IAAIE,UAAUD,aAAa;gBACzB,OAAO;oBAAE,GAAGF,GAAG;oBAAE,CAACC,WAAW,EAAEC;gBAAW;YAC5C;YACA,OAAOF;QACT,GAAG,CAAC;IACN;IAEA;;;;;GAKC,GACD,AAAQ/B,iBAAiBN,QAAwB,EAAqB;QACpE,MAAMyC,kBAAkBzC,SAAS0C,OAAO,CAACC,IAAI,CAAC3C;QAE9C,MAAM0C,UAAU,OAAOE;YACrBlG,0BAA0BkG;YAC1B,MAAMC,gBAAgBjH,YAAYgH;YAClC,IAAI,CAACrE,MAAM,CAAC;gBAAEC,QAAQ;YAAkB;YACxC,IAAI;gBACF,OAAO,MAAM3B,aACX4F,gBAAgBI,gBAChB,IAAI;YAER,SAAU;gBACR,IAAI,CAACtE,MAAM,CAAC;oBAAEC,QAAQ;gBAAmB;YAC3C;QACF;QAEA,qEAAqE;QACrE,sDAAsD;QACtD,MAAMsE,kBAAkB,IAAIC,MAC1B,CAAC,GACD;YACEC,KAAIC,OAAe,EAAEC,IAAqB;gBACxC,OAAO,OAAOA,SAAS,YAAY;oBAAC;iBAAU,CAACC,QAAQ,CAACD;YAC1D;YACAf,KAAIc,OAAO,EAAEC,IAA0B;gBACrC,IAAIA,SAAS,WAAW;oBACtB,OAAOR;gBACT;gBAEA,OAAOU;YACT;QACF;QAGF,OAAOC,OAAOP;IAChB;IAEA;;;;;GAKC,GACD,AAAQtC,sBAAsBR,QAAwB,EAAkB;QACtE,MAAMyC,kBAAkBzC,SAAS0C,OAAO,CAACC,IAAI,CAAC3C;QAE9C,MAAM0C,UAAU,OAAOE;YACrBnG,8BAA8BmG;YAC9B,MAAMC,gBAAgBjH,YAAYgH;YAClC,IAAI,CAACrE,MAAM,CAAC;gBAAEC,QAAQ;YAAkB;YACxC,IAAI;gBACF,OAAO,MAAM3B,aACX4F,gBAAgBI,gBAChB,IAAI;YAER,SAAU;gBACR,IAAI,CAACtE,MAAM,CAAC;oBAAEC,QAAQ;gBAAmB;YAC3C;QACF;QAEA,MAAM8E,sBAAsB1G,oBAAoBoD,UAAU0C;QAE1D,OAAOW,OAAOC;IAChB;IAEA;;;;GAIC,GACD,AAAQzB,WAAWnC,MAAc,EAAQ;QACvC,IAAI,CAACoB,QAAQ,CAACyC,MAAM,CAAC7D;IACvB;IAEA;;;;;;;;;;GAUC,GACD,MAAcgC,qBACZhC,MAAc,EACd8D,QAAwC,EACvB;QACjB,MAAMvF,OAAO,IAAI,CAAC6C,QAAQ,CAACqB,GAAG,CAACzC;QAC/B,IAAIzB,SAASmF,WAAW;YACtB,MAAM,IAAI1E,MACR,CAAC,8CAA8C,EAAEgB,OAAO,EAAE,CAAC;QAE/D;QAEA,IAAIuC;QACJ,MAAMwB,cAAc,IAAIC,QACtB,CAACC,GAAGC,SACD3B,OAAO,IACN2B,OACE,kEAAkE;gBAClE9H,UAAUsB,GAAG,CAACC,QAAQ,CACpB,CAAC,UAAU,EAAEqC,OAAO,uCAAuC,CAAC;QAKtE,oEAAoE;QACpE,MAAMmE,iBAAiB;YAAE5B,MAAMA;QAAM;QAErC,IAAI;YACFhE,KAAKgD,kBAAkB,CAAC6C,GAAG,CAACD;YAC5B,8CAA8C;YAC9C,oEAAoE;YACpE,uCAAuC;YACvC,OAAO,MAAMH,QAAQK,IAAI,CAAC;gBAACP;gBAAYC;aAAY;QACrD,SAAU;YACRxF,KAAKgD,kBAAkB,CAACsC,MAAM,CAACM;YAE/B,IAAI5F,KAAKgD,kBAAkB,CAAC+C,IAAI,KAAK,GAAG;gBACtC,IAAI,CAACC,YAAY,IAAI;gBACrB,MAAMhG,KAAK+C,YAAY;YACzB;QACF;IACF;IA9ZA,YAAsB1B,aAAqB,EAAEW,SAAiB,CAAE;QAdhE,uBAAiBa,YAAjB,KAAA;QAEA,uBAAiBxB,iBAAjB,KAAA;QAEA,uBAAiBW,aAAjB,KAAA;QAEA,uBAAiBd,WAAjB,KAAA;QAEA,uBAAQW,oBAAR,KAAA;QAEA,uBAAQD,2BAAR,KAAA;QAEA,uBAAQoE,gBAAe;QAGrB,IAAI,CAACnD,QAAQ,GAAG,IAAIoD;QACpB,IAAI,CAAC5E,aAAa,GAAGA;QACrB,IAAI,CAACA,aAAa,CAAC6E,EAAE,CAAC,QAAQ,CAAClG;YAC7B,IAAI,CAACQ,gBAAgB,CAACR,MAAMmG,KAAK,CAAC,CAACpG;gBACjC,qCAAqC;gBACrC3C,SAAS2C;YACX;QACF;QACA,IAAI,CAACiC,SAAS,GAAGA;QAEjB,IAAI,CAACd,OAAO,GAAG/C,gCACb,IAAI,CAACqD,SAAS,CAACkD,IAAI,CAAC,IAAI,GACxB,OAAO0B,QAAQC,aAAa1B;YAC1B,MAAM3E,OAAO,IAAI,CAAC6C,QAAQ,CAACqB,GAAG,CAACkC;YAC/B,uEAAuE;YACvE,mBAAmB;YACnB,MAAME,UAAUtG,MAAMyC,OAAO,CAAC4D,YAAY;YAC1C,MAAM,EAAEE,QAAQ,EAAE,GAAGlJ,YAAY,CAACgJ,YAAY;YAE9C7I,OACE,CAAC+I,YAAYD,YAAYnB,WACzB,CAAC,GAAG,EAAEkB,YAAY,4BAA4B,EAAED,OAAO,CAAC;YAG1D,kEAAkE;YAClE,eAAe;YACf,IAAI,CAACE,SAAS;gBACZ,OAAO;YACT;YAEA,mCAAmC;YACnC,IAAI1F,SAAS,MAAM,IAAI,CAAC6C,oBAAoB,CAAC2C,QAAQ,IACnDE,QAAQ3B;YAGV,0EAA0E;YAC1E,IAAI/D,WAAWuE,WAAW;gBACxBvE,SAAS;YACX;YAEA,uEAAuE;YACvE,IAAI;gBACF,OAAOjD,YAAYiD;YACrB,EAAE,OAAOb,OAAO;gBACd,MAAM,IAAIyG,UACR,CAAC,sCAAsC,EAAEzG,MAAMV,OAAO,CAACoH,OAAO,CAC5D,wBACA,IACA,CAAC;YAEP;QACF,GACA,IAAI,CAAC5C,WAAW,CAACa,IAAI,CAAC,IAAI;IAE9B;AAwWF"}
+{"version":3,"sources":["../../../src/common/BaseSnapExecutor.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../node_modules/ses/types.d.ts\" />\nimport { StreamProvider } from '@metamask/providers';\nimport type { RequestArguments } from '@metamask/providers/dist/BaseProvider';\nimport type { SnapsGlobalObject } from '@metamask/rpc-methods';\nimport type {\n  SnapExports,\n  HandlerType,\n  SnapExportsParameters,\n} from '@metamask/snaps-utils';\nimport {\n  SNAP_EXPORT_NAMES,\n  logError,\n  SNAP_EXPORTS,\n} from '@metamask/snaps-utils';\nimport type {\n  JsonRpcNotification,\n  JsonRpcId,\n  JsonRpcRequest,\n  Json,\n} from '@metamask/utils';\nimport {\n  isObject,\n  isValidJson,\n  assert,\n  isJsonRpcRequest,\n  hasProperty,\n  getSafeJson,\n} from '@metamask/utils';\nimport { errorCodes, ethErrors, serializeError } from 'eth-rpc-errors';\nimport { createIdRemapMiddleware } from 'json-rpc-engine';\nimport type { Duplex } from 'stream';\nimport { validate } from 'superstruct';\n\nimport { log } from '../logging';\nimport EEOpenRPCDocument from '../openrpc.json';\nimport type { CommandMethodsMapping } from './commands';\nimport { getCommandMethodImplementations } from './commands';\nimport { createEndowments } from './endowments';\nimport { addEventListener, removeEventListener } from './globalEvents';\nimport { sortParamKeys } from './sortParams';\nimport {\n  assertEthereumOutboundRequest,\n  assertSnapOutboundRequest,\n  constructError,\n  proxyStreamProvider,\n  withTeardown,\n} from './utils';\nimport {\n  ExecuteSnapRequestArgumentsStruct,\n  PingRequestArgumentsStruct,\n  SnapRpcRequestArgumentsStruct,\n  TerminateRequestArgumentsStruct,\n} from './validation';\n\ntype EvaluationData = {\n  stop: () => void;\n};\n\ntype SnapData = {\n  exports: SnapExports;\n  runningEvaluations: Set<EvaluationData>;\n  idleTeardown: () => Promise<void>;\n};\n\nconst fallbackError = {\n  code: errorCodes.rpc.internal,\n  message: 'Execution Environment Error',\n};\n\nexport type InvokeSnapArgs = Omit<SnapExportsParameters[0], 'chainId'>;\n\nexport type InvokeSnap = (\n  target: string,\n  handler: HandlerType,\n  args: InvokeSnapArgs | undefined,\n) => Promise<Json>;\n\n/**\n * The supported methods in the execution environment. The validator checks the\n * incoming JSON-RPC request, and the `params` property is used for sorting the\n * parameters, if they are an object.\n */\nconst EXECUTION_ENVIRONMENT_METHODS = {\n  ping: {\n    struct: PingRequestArgumentsStruct,\n    params: [],\n  },\n  executeSnap: {\n    struct: ExecuteSnapRequestArgumentsStruct,\n    params: ['snapId', 'sourceCode', 'endowments'],\n  },\n  terminate: {\n    struct: TerminateRequestArgumentsStruct,\n    params: [],\n  },\n  snapRpc: {\n    struct: SnapRpcRequestArgumentsStruct,\n    params: ['target', 'handler', 'origin', 'request'],\n  },\n};\n\ntype Methods = typeof EXECUTION_ENVIRONMENT_METHODS;\n\nexport class BaseSnapExecutor {\n  private readonly snapData: Map<string, SnapData>;\n\n  private readonly commandStream: Duplex;\n\n  private readonly rpcStream: Duplex;\n\n  private readonly methods: CommandMethodsMapping;\n\n  private snapErrorHandler?: (event: ErrorEvent) => void;\n\n  private snapPromiseErrorHandler?: (event: PromiseRejectionEvent) => void;\n\n  private lastTeardown = 0;\n\n  protected constructor(commandStream: Duplex, rpcStream: Duplex) {\n    this.snapData = new Map();\n    this.commandStream = commandStream;\n    this.commandStream.on('data', (data) => {\n      this.onCommandRequest(data).catch((error) => {\n        // TODO: Decide how to handle errors.\n        logError(error);\n      });\n    });\n    this.rpcStream = rpcStream;\n\n    this.methods = getCommandMethodImplementations(\n      this.startSnap.bind(this),\n      async (target, handlerType, args) => {\n        const data = this.snapData.get(target);\n        // We're capturing the handler in case someone modifies the data object\n        // before the call.\n        const handler = data?.exports[handlerType];\n        const { required } = SNAP_EXPORTS[handlerType];\n\n        assert(\n          !required || handler !== undefined,\n          `No ${handlerType} handler exported for snap \"${target}`,\n        );\n\n        // Certain handlers are not required. If they are not exported, we\n        // return null.\n        if (!handler) {\n          return null;\n        }\n\n        // TODO: fix handler args type cast\n        let result = await this.executeInSnapContext(target, () =>\n          handler(args as any),\n        );\n\n        // The handler might not return anything, but undefined is not valid JSON.\n        if (result === undefined) {\n          result = null;\n        }\n\n        // /!\\ Always return only sanitized JSON to prevent security flaws. /!\\\n        try {\n          return getSafeJson(result);\n        } catch (error) {\n          throw new TypeError(\n            `Received non-JSON-serializable value: ${error.message.replace(\n              /^Assertion failed: /u,\n              '',\n            )}`,\n          );\n        }\n      },\n      this.onTerminate.bind(this),\n    );\n  }\n\n  private errorHandler(error: unknown, data: Record<string, Json>) {\n    const constructedError = constructError(error);\n    const serializedError = serializeError(constructedError, {\n      fallbackError,\n      shouldIncludeStack: false,\n    });\n\n    // We're setting it this way to avoid sentData.stack = undefined\n    const sentData: Json = { ...data, stack: constructedError?.stack ?? null };\n\n    this.notify({\n      method: 'UnhandledError',\n      params: {\n        error: {\n          ...serializedError,\n          data: sentData,\n        },\n      },\n    });\n  }\n\n  private async onCommandRequest(message: JsonRpcRequest) {\n    if (!isJsonRpcRequest(message)) {\n      throw new Error('Command stream received a non-JSON-RPC request.');\n    }\n\n    const { id, method, params } = message;\n    if (method === 'rpc.discover') {\n      this.respond(id, {\n        result: EEOpenRPCDocument,\n      });\n      return;\n    }\n\n    if (!hasProperty(EXECUTION_ENVIRONMENT_METHODS, method)) {\n      this.respond(id, {\n        error: ethErrors.rpc\n          .methodNotFound({\n            data: {\n              method,\n            },\n          })\n          .serialize(),\n      });\n      return;\n    }\n\n    const methodObject = EXECUTION_ENVIRONMENT_METHODS[method as keyof Methods];\n\n    // support params by-name and by-position\n    const paramsAsArray = sortParamKeys(methodObject.params, params);\n\n    const [error] = validate<any, any>(paramsAsArray, methodObject.struct);\n    if (error) {\n      this.respond(id, {\n        error: ethErrors.rpc\n          .invalidParams({\n            message: `Invalid parameters for method \"${method}\": ${error.message}.`,\n            data: {\n              method,\n              params: paramsAsArray,\n            },\n          })\n          .serialize(),\n      });\n      return;\n    }\n\n    try {\n      const result = await (this.methods as any)[method](...paramsAsArray);\n      this.respond(id, { result });\n    } catch (rpcError) {\n      this.respond(id, {\n        error: serializeError(rpcError, {\n          fallbackError,\n        }),\n      });\n    }\n  }\n\n  protected notify(requestObject: Omit<JsonRpcNotification, 'jsonrpc'>) {\n    if (!isValidJson(requestObject) || !isObject(requestObject)) {\n      throw new Error(\n        'JSON-RPC notifications must be JSON serializable objects',\n      );\n    }\n\n    this.commandStream.write({\n      ...requestObject,\n      jsonrpc: '2.0',\n    });\n  }\n\n  protected respond(id: JsonRpcId, requestObject: Record<string, unknown>) {\n    if (!isValidJson(requestObject) || !isObject(requestObject)) {\n      throw new Error('JSON-RPC responses must be JSON serializable objects.');\n    }\n\n    this.commandStream.write({\n      ...requestObject,\n      id,\n      jsonrpc: '2.0',\n    });\n  }\n\n  /**\n   * Attempts to evaluate a snap in SES. Generates APIs for the snap. May throw\n   * on errors.\n   *\n   * @param snapId - The id of the snap.\n   * @param sourceCode - The source code of the snap, in IIFE format.\n   * @param _endowments - An array of the names of the endowments.\n   */\n  protected async startSnap(\n    snapId: string,\n    sourceCode: string,\n    _endowments?: string[],\n  ): Promise<void> {\n    log(`Starting snap '${snapId}' in worker.`);\n    if (this.snapPromiseErrorHandler) {\n      removeEventListener('unhandledrejection', this.snapPromiseErrorHandler);\n    }\n\n    if (this.snapErrorHandler) {\n      removeEventListener('error', this.snapErrorHandler);\n    }\n\n    this.snapErrorHandler = (error: ErrorEvent) => {\n      this.errorHandler(error.error, { snapId });\n    };\n\n    this.snapPromiseErrorHandler = (error: PromiseRejectionEvent) => {\n      this.errorHandler(error instanceof Error ? error : error.reason, {\n        snapId,\n      });\n    };\n\n    const provider = new StreamProvider(this.rpcStream, {\n      jsonRpcStreamName: 'metamask-provider',\n      rpcMiddleware: [createIdRemapMiddleware()],\n    });\n\n    await provider.initialize();\n\n    const snap = this.createSnapGlobal(provider);\n    const ethereum = this.createEIP1193Provider(provider);\n    // We specifically use any type because the Snap can modify the object any way they want\n    const snapModule: any = { exports: {} };\n\n    try {\n      const { endowments, teardown: endowmentTeardown } = createEndowments(\n        snap,\n        ethereum,\n        snapId,\n        _endowments,\n      );\n\n      // !!! Ensure that this is the only place the data is being set.\n      // Other methods access the object value and mutate its properties.\n      this.snapData.set(snapId, {\n        idleTeardown: endowmentTeardown,\n        runningEvaluations: new Set(),\n        exports: {},\n      });\n\n      addEventListener('unhandledRejection', this.snapPromiseErrorHandler);\n      addEventListener('error', this.snapErrorHandler);\n\n      const compartment = new Compartment({\n        ...endowments,\n        module: snapModule,\n        exports: snapModule.exports,\n      });\n      // All of those are JavaScript runtime specific and self referential,\n      // but we add them for compatibility sake with external libraries.\n      //\n      // We can't do that in the injected globals object above\n      // because SES creates its own globalThis\n      compartment.globalThis.self = compartment.globalThis;\n      compartment.globalThis.global = compartment.globalThis;\n      compartment.globalThis.window = compartment.globalThis;\n\n      await this.executeInSnapContext(snapId, () => {\n        compartment.evaluate(sourceCode);\n        this.registerSnapExports(snapId, snapModule);\n      });\n    } catch (error) {\n      this.removeSnap(snapId);\n      throw new Error(\n        `Error while running snap '${snapId}': ${(error as Error).message}`,\n      );\n    }\n  }\n\n  /**\n   * Cancels all running evaluations of all snaps and clears all snap data.\n   * NOTE:** Should only be called in response to the `terminate` RPC command.\n   */\n  protected onTerminate() {\n    // `stop()` tears down snap endowments.\n    // Teardown will also be run for each snap as soon as there are\n    // no more running evaluations for that snap.\n    this.snapData.forEach((data) =>\n      data.runningEvaluations.forEach((evaluation) => evaluation.stop()),\n    );\n    this.snapData.clear();\n  }\n\n  private registerSnapExports(snapId: string, snapModule: any) {\n    const data = this.snapData.get(snapId);\n    // Somebody deleted the snap before we could register.\n    if (!data) {\n      return;\n    }\n\n    data.exports = SNAP_EXPORT_NAMES.reduce((acc, exportName) => {\n      const snapExport = snapModule.exports[exportName];\n      const { validator } = SNAP_EXPORTS[exportName];\n      if (validator(snapExport)) {\n        return { ...acc, [exportName]: snapExport };\n      }\n      return acc;\n    }, {});\n  }\n\n  /**\n   * Instantiates a snap API object (i.e. `globalThis.snap`).\n   *\n   * @param provider - A StreamProvider connected to MetaMask.\n   * @returns The snap provider object.\n   */\n  private createSnapGlobal(provider: StreamProvider): SnapsGlobalObject {\n    const originalRequest = provider.request.bind(provider);\n\n    const request = async (args: RequestArguments) => {\n      assertSnapOutboundRequest(args);\n      const sanitizedArgs = getSafeJson(args);\n      this.notify({ method: 'OutboundRequest' });\n      try {\n        return await withTeardown(\n          originalRequest(sanitizedArgs as unknown as RequestArguments),\n          this as any,\n        );\n      } finally {\n        this.notify({ method: 'OutboundResponse' });\n      }\n    };\n\n    // Proxy target is intentionally set to be an empty object, to ensure\n    // that access to the prototype chain is not possible.\n    const snapGlobalProxy = new Proxy(\n      {},\n      {\n        has(_target: object, prop: string | symbol) {\n          return typeof prop === 'string' && ['request'].includes(prop);\n        },\n        get(_target, prop: keyof StreamProvider) {\n          if (prop === 'request') {\n            return request;\n          }\n\n          return undefined;\n        },\n      },\n    ) as SnapsGlobalObject;\n\n    return harden(snapGlobalProxy);\n  }\n\n  /**\n   * Instantiates an EIP-1193 Ethereum provider object (i.e. `globalThis.ethereum`).\n   *\n   * @param provider - A StreamProvider connected to MetaMask.\n   * @returns The EIP-1193 Ethereum provider object.\n   */\n  private createEIP1193Provider(provider: StreamProvider): StreamProvider {\n    const originalRequest = provider.request.bind(provider);\n\n    const request = async (args: RequestArguments) => {\n      assertEthereumOutboundRequest(args);\n      const sanitizedArgs = getSafeJson(args);\n      this.notify({ method: 'OutboundRequest' });\n      try {\n        return await withTeardown(\n          originalRequest(sanitizedArgs as unknown as RequestArguments),\n          this as any,\n        );\n      } finally {\n        this.notify({ method: 'OutboundResponse' });\n      }\n    };\n\n    const streamProviderProxy = proxyStreamProvider(provider, request);\n\n    return harden(streamProviderProxy);\n  }\n\n  /**\n   * Removes the snap with the given name.\n   *\n   * @param snapId - The id of the snap to remove.\n   */\n  private removeSnap(snapId: string): void {\n    this.snapData.delete(snapId);\n  }\n\n  /**\n   * Calls the specified executor function in the context of the specified snap.\n   * Essentially, this means that the operation performed by the executor is\n   * counted as an evaluation of the specified snap. When the count of running\n   * evaluations of a snap reaches zero, its endowments are torn down.\n   *\n   * @param snapId - The id of the snap whose context to execute in.\n   * @param executor - The function that will be executed in the snap's context.\n   * @returns The executor's return value.\n   * @template Result - The return value of the executor.\n   */\n  private async executeInSnapContext<Result>(\n    snapId: string,\n    executor: () => Promise<Result> | Result,\n  ): Promise<Result> {\n    const data = this.snapData.get(snapId);\n    if (data === undefined) {\n      throw new Error(\n        `Tried to execute in context of unknown snap: \"${snapId}\".`,\n      );\n    }\n\n    let stop: () => void;\n    const stopPromise = new Promise<never>(\n      (_, reject) =>\n        (stop = () =>\n          reject(\n            // TODO(rekmarks): Specify / standardize error code for this case.\n            ethErrors.rpc.internal(\n              `The snap \"${snapId}\" has been terminated during execution.`,\n            ),\n          )),\n    );\n\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    const evaluationData = { stop: stop! };\n\n    try {\n      data.runningEvaluations.add(evaluationData);\n      // Notice that we have to await this executor.\n      // If we didn't, we would decrease the amount of running evaluations\n      // before the promise actually resolves\n      return await Promise.race([executor(), stopPromise]);\n    } finally {\n      data.runningEvaluations.delete(evaluationData);\n\n      if (data.runningEvaluations.size === 0) {\n        this.lastTeardown += 1;\n        await data.idleTeardown();\n      }\n    }\n  }\n}\n"],"names":["StreamProvider","SNAP_EXPORT_NAMES","logError","SNAP_EXPORTS","isObject","isValidJson","assert","isJsonRpcRequest","hasProperty","getSafeJson","errorCodes","ethErrors","serializeError","createIdRemapMiddleware","validate","log","EEOpenRPCDocument","getCommandMethodImplementations","createEndowments","addEventListener","removeEventListener","sortParamKeys","assertEthereumOutboundRequest","assertSnapOutboundRequest","constructError","proxyStreamProvider","withTeardown","ExecuteSnapRequestArgumentsStruct","PingRequestArgumentsStruct","SnapRpcRequestArgumentsStruct","TerminateRequestArgumentsStruct","fallbackError","code","rpc","internal","message","EXECUTION_ENVIRONMENT_METHODS","ping","struct","params","executeSnap","terminate","snapRpc","BaseSnapExecutor","errorHandler","error","data","constructedError","serializedError","shouldIncludeStack","sentData","stack","notify","method","onCommandRequest","Error","id","respond","result","methodNotFound","serialize","methodObject","paramsAsArray","invalidParams","methods","rpcError","requestObject","commandStream","write","jsonrpc","startSnap","snapId","sourceCode","_endowments","snapPromiseErrorHandler","snapErrorHandler","reason","provider","rpcStream","jsonRpcStreamName","rpcMiddleware","initialize","snap","createSnapGlobal","ethereum","createEIP1193Provider","snapModule","exports","endowments","teardown","endowmentTeardown","snapData","set","idleTeardown","runningEvaluations","Set","compartment","Compartment","module","globalThis","self","global","window","executeInSnapContext","evaluate","registerSnapExports","removeSnap","onTerminate","forEach","evaluation","stop","clear","get","reduce","acc","exportName","snapExport","validator","originalRequest","request","bind","args","sanitizedArgs","snapGlobalProxy","Proxy","has","_target","prop","includes","undefined","harden","streamProviderProxy","delete","executor","stopPromise","Promise","_","reject","evaluationData","add","race","size","lastTeardown","Map","on","catch","target","handlerType","handler","required","TypeError","replace"],"mappings":"AAAA,qFAAqF;AACrF,gEAAgE;;;;;;;;;;;;;;AAChE,SAASA,cAAc,QAAQ,sBAAsB;AAQrD,SACEC,iBAAiB,EACjBC,QAAQ,EACRC,YAAY,QACP,wBAAwB;AAO/B,SACEC,QAAQ,EACRC,WAAW,EACXC,MAAM,EACNC,gBAAgB,EAChBC,WAAW,EACXC,WAAW,QACN,kBAAkB;AACzB,SAASC,UAAU,EAAEC,SAAS,EAAEC,cAAc,QAAQ,iBAAiB;AACvE,SAASC,uBAAuB,QAAQ,kBAAkB;AAE1D,SAASC,QAAQ,QAAQ,cAAc;AAEvC,SAASC,GAAG,QAAQ,aAAa;AACjC,OAAOC,uBAAuB,kBAAkB;AAEhD,SAASC,+BAA+B,QAAQ,aAAa;AAC7D,SAASC,gBAAgB,QAAQ,eAAe;AAChD,SAASC,gBAAgB,EAAEC,mBAAmB,QAAQ,iBAAiB;AACvE,SAASC,aAAa,QAAQ,eAAe;AAC7C,SACEC,6BAA6B,EAC7BC,yBAAyB,EACzBC,cAAc,EACdC,mBAAmB,EACnBC,YAAY,QACP,UAAU;AACjB,SACEC,iCAAiC,EACjCC,0BAA0B,EAC1BC,6BAA6B,EAC7BC,+BAA+B,QAC1B,eAAe;AAYtB,MAAMC,gBAAgB;IACpBC,MAAMtB,WAAWuB,GAAG,CAACC,QAAQ;IAC7BC,SAAS;AACX;AAUA;;;;CAIC,GACD,MAAMC,gCAAgC;IACpCC,MAAM;QACJC,QAAQV;QACRW,QAAQ,EAAE;IACZ;IACAC,aAAa;QACXF,QAAQX;QACRY,QAAQ;YAAC;YAAU;YAAc;SAAa;IAChD;IACAE,WAAW;QACTH,QAAQR;QACRS,QAAQ,EAAE;IACZ;IACAG,SAAS;QACPJ,QAAQT;QACRU,QAAQ;YAAC;YAAU;YAAW;YAAU;SAAU;IACpD;AACF;AAIA,OAAO,MAAMI;IAwEHC,aAAaC,KAAc,EAAEC,IAA0B,EAAE;QAC/D,MAAMC,mBAAmBvB,eAAeqB;QACxC,MAAMG,kBAAkBpC,eAAemC,kBAAkB;YACvDhB;YACAkB,oBAAoB;QACtB;QAEA,gEAAgE;QAChE,MAAMC,WAAiB;YAAE,GAAGJ,IAAI;YAAEK,OAAOJ,kBAAkBI,SAAS;QAAK;QAEzE,IAAI,CAACC,MAAM,CAAC;YACVC,QAAQ;YACRd,QAAQ;gBACNM,OAAO;oBACL,GAAGG,eAAe;oBAClBF,MAAMI;gBACR;YACF;QACF;IACF;IAEA,MAAcI,iBAAiBnB,OAAuB,EAAE;QACtD,IAAI,CAAC5B,iBAAiB4B,UAAU;YAC9B,MAAM,IAAIoB,MAAM;QAClB;QAEA,MAAM,EAAEC,EAAE,EAAEH,MAAM,EAAEd,MAAM,EAAE,GAAGJ;QAC/B,IAAIkB,WAAW,gBAAgB;YAC7B,IAAI,CAACI,OAAO,CAACD,IAAI;gBACfE,QAAQ1C;YACV;YACA;QACF;QAEA,IAAI,CAACR,YAAY4B,+BAA+BiB,SAAS;YACvD,IAAI,CAACI,OAAO,CAACD,IAAI;gBACfX,OAAOlC,UAAUsB,GAAG,CACjB0B,cAAc,CAAC;oBACdb,MAAM;wBACJO;oBACF;gBACF,GACCO,SAAS;YACd;YACA;QACF;QAEA,MAAMC,eAAezB,6BAA6B,CAACiB,OAAwB;QAE3E,yCAAyC;QACzC,MAAMS,gBAAgBzC,cAAcwC,aAAatB,MAAM,EAAEA;QAEzD,MAAM,CAACM,MAAM,GAAG/B,SAAmBgD,eAAeD,aAAavB,MAAM;QACrE,IAAIO,OAAO;YACT,IAAI,CAACY,OAAO,CAACD,IAAI;gBACfX,OAAOlC,UAAUsB,GAAG,CACjB8B,aAAa,CAAC;oBACb5B,SAAS,CAAC,+BAA+B,EAAEkB,OAAO,GAAG,EAAER,MAAMV,OAAO,CAAC,CAAC,CAAC;oBACvEW,MAAM;wBACJO;wBACAd,QAAQuB;oBACV;gBACF,GACCF,SAAS;YACd;YACA;QACF;QAEA,IAAI;YACF,MAAMF,SAAS,MAAM,AAAC,IAAI,CAACM,OAAO,AAAQ,CAACX,OAAO,IAAIS;YACtD,IAAI,CAACL,OAAO,CAACD,IAAI;gBAAEE;YAAO;QAC5B,EAAE,OAAOO,UAAU;YACjB,IAAI,CAACR,OAAO,CAACD,IAAI;gBACfX,OAAOjC,eAAeqD,UAAU;oBAC9BlC;gBACF;YACF;QACF;IACF;IAEUqB,OAAOc,aAAmD,EAAE;QACpE,IAAI,CAAC7D,YAAY6D,kBAAkB,CAAC9D,SAAS8D,gBAAgB;YAC3D,MAAM,IAAIX,MACR;QAEJ;QAEA,IAAI,CAACY,aAAa,CAACC,KAAK,CAAC;YACvB,GAAGF,aAAa;YAChBG,SAAS;QACX;IACF;IAEUZ,QAAQD,EAAa,EAAEU,aAAsC,EAAE;QACvE,IAAI,CAAC7D,YAAY6D,kBAAkB,CAAC9D,SAAS8D,gBAAgB;YAC3D,MAAM,IAAIX,MAAM;QAClB;QAEA,IAAI,CAACY,aAAa,CAACC,KAAK,CAAC;YACvB,GAAGF,aAAa;YAChBV;YACAa,SAAS;QACX;IACF;IAEA;;;;;;;GAOC,GACD,MAAgBC,UACdC,MAAc,EACdC,UAAkB,EAClBC,WAAsB,EACP;QACf1D,IAAI,CAAC,eAAe,EAAEwD,OAAO,YAAY,CAAC;QAC1C,IAAI,IAAI,CAACG,uBAAuB,EAAE;YAChCtD,oBAAoB,sBAAsB,IAAI,CAACsD,uBAAuB;QACxE;QAEA,IAAI,IAAI,CAACC,gBAAgB,EAAE;YACzBvD,oBAAoB,SAAS,IAAI,CAACuD,gBAAgB;QACpD;QAEA,IAAI,CAACA,gBAAgB,GAAG,CAAC9B;YACvB,IAAI,CAACD,YAAY,CAACC,MAAMA,KAAK,EAAE;gBAAE0B;YAAO;QAC1C;QAEA,IAAI,CAACG,uBAAuB,GAAG,CAAC7B;YAC9B,IAAI,CAACD,YAAY,CAACC,iBAAiBU,QAAQV,QAAQA,MAAM+B,MAAM,EAAE;gBAC/DL;YACF;QACF;QAEA,MAAMM,WAAW,IAAI7E,eAAe,IAAI,CAAC8E,SAAS,EAAE;YAClDC,mBAAmB;YACnBC,eAAe;gBAACnE;aAA0B;QAC5C;QAEA,MAAMgE,SAASI,UAAU;QAEzB,MAAMC,OAAO,IAAI,CAACC,gBAAgB,CAACN;QACnC,MAAMO,WAAW,IAAI,CAACC,qBAAqB,CAACR;QAC5C,wFAAwF;QACxF,MAAMS,aAAkB;YAAEC,SAAS,CAAC;QAAE;QAEtC,IAAI;YACF,MAAM,EAAEC,UAAU,EAAEC,UAAUC,iBAAiB,EAAE,GAAGxE,iBAClDgE,MACAE,UACAb,QACAE;YAGF,gEAAgE;YAChE,mEAAmE;YACnE,IAAI,CAACkB,QAAQ,CAACC,GAAG,CAACrB,QAAQ;gBACxBsB,cAAcH;gBACdI,oBAAoB,IAAIC;gBACxBR,SAAS,CAAC;YACZ;YAEApE,iBAAiB,sBAAsB,IAAI,CAACuD,uBAAuB;YACnEvD,iBAAiB,SAAS,IAAI,CAACwD,gBAAgB;YAE/C,MAAMqB,cAAc,IAAIC,YAAY;gBAClC,GAAGT,UAAU;gBACbU,QAAQZ;gBACRC,SAASD,WAAWC,OAAO;YAC7B;YACA,qEAAqE;YACrE,kEAAkE;YAClE,EAAE;YACF,wDAAwD;YACxD,yCAAyC;YACzCS,YAAYG,UAAU,CAACC,IAAI,GAAGJ,YAAYG,UAAU;YACpDH,YAAYG,UAAU,CAACE,MAAM,GAAGL,YAAYG,UAAU;YACtDH,YAAYG,UAAU,CAACG,MAAM,GAAGN,YAAYG,UAAU;YAEtD,MAAM,IAAI,CAACI,oBAAoB,CAAChC,QAAQ;gBACtCyB,YAAYQ,QAAQ,CAAChC;gBACrB,IAAI,CAACiC,mBAAmB,CAAClC,QAAQe;YACnC;QACF,EAAE,OAAOzC,OAAO;YACd,IAAI,CAAC6D,UAAU,CAACnC;YAChB,MAAM,IAAIhB,MACR,CAAC,0BAA0B,EAAEgB,OAAO,GAAG,EAAE,AAAC1B,MAAgBV,OAAO,CAAC,CAAC;QAEvE;IACF;IAEA;;;GAGC,GACD,AAAUwE,cAAc;QACtB,uCAAuC;QACvC,+DAA+D;QAC/D,6CAA6C;QAC7C,IAAI,CAAChB,QAAQ,CAACiB,OAAO,CAAC,CAAC9D,OACrBA,KAAKgD,kBAAkB,CAACc,OAAO,CAAC,CAACC,aAAeA,WAAWC,IAAI;QAEjE,IAAI,CAACnB,QAAQ,CAACoB,KAAK;IACrB;IAEQN,oBAAoBlC,MAAc,EAAEe,UAAe,EAAE;QAC3D,MAAMxC,OAAO,IAAI,CAAC6C,QAAQ,CAACqB,GAAG,CAACzC;QAC/B,sDAAsD;QACtD,IAAI,CAACzB,MAAM;YACT;QACF;QAEAA,KAAKyC,OAAO,GAAGtF,kBAAkBgH,MAAM,CAAC,CAACC,KAAKC;YAC5C,MAAMC,aAAa9B,WAAWC,OAAO,CAAC4B,WAAW;YACjD,MAAM,EAAEE,SAAS,EAAE,GAAGlH,YAAY,CAACgH,WAAW;YAC9C,IAAIE,UAAUD,aAAa;gBACzB,OAAO;oBAAE,GAAGF,GAAG;oBAAE,CAACC,WAAW,EAAEC;gBAAW;YAC5C;YACA,OAAOF;QACT,GAAG,CAAC;IACN;IAEA;;;;;GAKC,GACD,AAAQ/B,iBAAiBN,QAAwB,EAAqB;QACpE,MAAMyC,kBAAkBzC,SAAS0C,OAAO,CAACC,IAAI,CAAC3C;QAE9C,MAAM0C,UAAU,OAAOE;YACrBlG,0BAA0BkG;YAC1B,MAAMC,gBAAgBjH,YAAYgH;YAClC,IAAI,CAACrE,MAAM,CAAC;gBAAEC,QAAQ;YAAkB;YACxC,IAAI;gBACF,OAAO,MAAM3B,aACX4F,gBAAgBI,gBAChB,IAAI;YAER,SAAU;gBACR,IAAI,CAACtE,MAAM,CAAC;oBAAEC,QAAQ;gBAAmB;YAC3C;QACF;QAEA,qEAAqE;QACrE,sDAAsD;QACtD,MAAMsE,kBAAkB,IAAIC,MAC1B,CAAC,GACD;YACEC,KAAIC,OAAe,EAAEC,IAAqB;gBACxC,OAAO,OAAOA,SAAS,YAAY;oBAAC;iBAAU,CAACC,QAAQ,CAACD;YAC1D;YACAf,KAAIc,OAAO,EAAEC,IAA0B;gBACrC,IAAIA,SAAS,WAAW;oBACtB,OAAOR;gBACT;gBAEA,OAAOU;YACT;QACF;QAGF,OAAOC,OAAOP;IAChB;IAEA;;;;;GAKC,GACD,AAAQtC,sBAAsBR,QAAwB,EAAkB;QACtE,MAAMyC,kBAAkBzC,SAAS0C,OAAO,CAACC,IAAI,CAAC3C;QAE9C,MAAM0C,UAAU,OAAOE;YACrBnG,8BAA8BmG;YAC9B,MAAMC,gBAAgBjH,YAAYgH;YAClC,IAAI,CAACrE,MAAM,CAAC;gBAAEC,QAAQ;YAAkB;YACxC,IAAI;gBACF,OAAO,MAAM3B,aACX4F,gBAAgBI,gBAChB,IAAI;YAER,SAAU;gBACR,IAAI,CAACtE,MAAM,CAAC;oBAAEC,QAAQ;gBAAmB;YAC3C;QACF;QAEA,MAAM8E,sBAAsB1G,oBAAoBoD,UAAU0C;QAE1D,OAAOW,OAAOC;IAChB;IAEA;;;;GAIC,GACD,AAAQzB,WAAWnC,MAAc,EAAQ;QACvC,IAAI,CAACoB,QAAQ,CAACyC,MAAM,CAAC7D;IACvB;IAEA;;;;;;;;;;GAUC,GACD,MAAcgC,qBACZhC,MAAc,EACd8D,QAAwC,EACvB;QACjB,MAAMvF,OAAO,IAAI,CAAC6C,QAAQ,CAACqB,GAAG,CAACzC;QAC/B,IAAIzB,SAASmF,WAAW;YACtB,MAAM,IAAI1E,MACR,CAAC,8CAA8C,EAAEgB,OAAO,EAAE,CAAC;QAE/D;QAEA,IAAIuC;QACJ,MAAMwB,cAAc,IAAIC,QACtB,CAACC,GAAGC,SACD3B,OAAO,IACN2B,OACE,kEAAkE;gBAClE9H,UAAUsB,GAAG,CAACC,QAAQ,CACpB,CAAC,UAAU,EAAEqC,OAAO,uCAAuC,CAAC;QAKtE,oEAAoE;QACpE,MAAMmE,iBAAiB;YAAE5B,MAAMA;QAAM;QAErC,IAAI;YACFhE,KAAKgD,kBAAkB,CAAC6C,GAAG,CAACD;YAC5B,8CAA8C;YAC9C,oEAAoE;YACpE,uCAAuC;YACvC,OAAO,MAAMH,QAAQK,IAAI,CAAC;gBAACP;gBAAYC;aAAY;QACrD,SAAU;YACRxF,KAAKgD,kBAAkB,CAACsC,MAAM,CAACM;YAE/B,IAAI5F,KAAKgD,kBAAkB,CAAC+C,IAAI,KAAK,GAAG;gBACtC,IAAI,CAACC,YAAY,IAAI;gBACrB,MAAMhG,KAAK+C,YAAY;YACzB;QACF;IACF;IA9ZA,YAAsB1B,aAAqB,EAAEW,SAAiB,CAAE;QAdhE,uBAAiBa,YAAjB,KAAA;QAEA,uBAAiBxB,iBAAjB,KAAA;QAEA,uBAAiBW,aAAjB,KAAA;QAEA,uBAAiBd,WAAjB,KAAA;QAEA,uBAAQW,oBAAR,KAAA;QAEA,uBAAQD,2BAAR,KAAA;QAEA,uBAAQoE,gBAAe;QAGrB,IAAI,CAACnD,QAAQ,GAAG,IAAIoD;QACpB,IAAI,CAAC5E,aAAa,GAAGA;QACrB,IAAI,CAACA,aAAa,CAAC6E,EAAE,CAAC,QAAQ,CAAClG;YAC7B,IAAI,CAACQ,gBAAgB,CAACR,MAAMmG,KAAK,CAAC,CAACpG;gBACjC,qCAAqC;gBACrC3C,SAAS2C;YACX;QACF;QACA,IAAI,CAACiC,SAAS,GAAGA;QAEjB,IAAI,CAACd,OAAO,GAAG/C,gCACb,IAAI,CAACqD,SAAS,CAACkD,IAAI,CAAC,IAAI,GACxB,OAAO0B,QAAQC,aAAa1B;YAC1B,MAAM3E,OAAO,IAAI,CAAC6C,QAAQ,CAACqB,GAAG,CAACkC;YAC/B,uEAAuE;YACvE,mBAAmB;YACnB,MAAME,UAAUtG,MAAMyC,OAAO,CAAC4D,YAAY;YAC1C,MAAM,EAAEE,QAAQ,EAAE,GAAGlJ,YAAY,CAACgJ,YAAY;YAE9C7I,OACE,CAAC+I,YAAYD,YAAYnB,WACzB,CAAC,GAAG,EAAEkB,YAAY,4BAA4B,EAAED,OAAO,CAAC;YAG1D,kEAAkE;YAClE,eAAe;YACf,IAAI,CAACE,SAAS;gBACZ,OAAO;YACT;YAEA,mCAAmC;YACnC,IAAI1F,SAAS,MAAM,IAAI,CAAC6C,oBAAoB,CAAC2C,QAAQ,IACnDE,QAAQ3B;YAGV,0EAA0E;YAC1E,IAAI/D,WAAWuE,WAAW;gBACxBvE,SAAS;YACX;YAEA,uEAAuE;YACvE,IAAI;gBACF,OAAOjD,YAAYiD;YACrB,EAAE,OAAOb,OAAO;gBACd,MAAM,IAAIyG,UACR,CAAC,sCAAsC,EAAEzG,MAAMV,OAAO,CAACoH,OAAO,CAC5D,wBACA,IACA,CAAC;YAEP;QACF,GACA,IAAI,CAAC5C,WAAW,CAACa,IAAI,CAAC,IAAI;IAE9B;AAwWF"}

package/dist/esm/common/lockdown/lockdown-more.js

@@ -1,5 +1,5 @@
 // eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment
-/// <reference path="../../../../../node_modules/ses/index.d.ts" />
+/// <reference path="../../../../../node_modules/ses/types.d.ts" />
 import { logError } from '@metamask/snaps-utils';
 /**
  * The SES `lockdown` function only hardens the properties enumerated by the

package/dist/esm/common/lockdown/lockdown-more.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/common/lockdown/lockdown-more.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../../node_modules/ses/index.d.ts\" />\n\nimport { logError } from '@metamask/snaps-utils';\n\n/**\n * The SES `lockdown` function only hardens the properties enumerated by the\n * universalPropertyNames constant specified in 'ses/src/whitelist'. This\n * function makes all function and object properties on the start compartment\n * global non-configurable and non-writable, unless they are already\n * non-configurable.\n *\n * It is critical that this function runs at the right time during\n * initialization, which should always be immediately after `lockdown` has been\n * called. At the time of writing, the modifications this function makes to the\n * runtime environment appear to be non-breaking, but that could change with\n * the addition of dependencies, or the order of our scripts in our HTML files.\n * Exercise caution.\n *\n * See inline comments for implementation details.\n *\n * We write this function in IIFE format to avoid polluting global scope.\n *\n * @throws If the lockdown failed.\n */\nexport function executeLockdownMore() {\n  // Make all \"object\" and \"function\" own properties of globalThis\n  // non-configurable and non-writable, when possible.\n  // We call a property that is non-configurable and non-writable,\n  // \"non-modifiable\".\n  try {\n    const namedIntrinsics = Reflect.ownKeys(new Compartment().globalThis);\n\n    // These named intrinsics are not automatically hardened by `lockdown`\n    const shouldHardenManually = new Set<symbol | string>(['eval', 'Function']);\n\n    const globalProperties = new Set([\n      // universalPropertyNames is a constant added by lockdown to global scope\n      // at the time of writing, it is initialized in 'ses/src/whitelist'.\n      // These properties tend to be non-enumerable.\n      ...namedIntrinsics,\n\n      // TODO: Also include the named platform globals\n      // This grabs every enumerable property on globalThis.\n      // ...Object.keys(globalThis),\n    ]);\n\n    globalProperties.forEach((propertyName) => {\n      const descriptor = Reflect.getOwnPropertyDescriptor(\n        globalThis,\n        propertyName,\n      );\n\n      if (descriptor) {\n        if (descriptor.configurable) {\n          // If the property on globalThis is configurable, make it\n          // non-configurable. If it has no accessor properties, also make it\n          // non-writable.\n          if (hasAccessor(descriptor)) {\n            Object.defineProperty(globalThis, propertyName, {\n              configurable: false,\n            });\n          } else {\n            Object.defineProperty(globalThis, propertyName, {\n              configurable: false,\n              writable: false,\n            });\n          }\n        }\n\n        if (shouldHardenManually.has(propertyName)) {\n          harden((globalThis as any)[propertyName]);\n        }\n      }\n    });\n  } catch (error) {\n    logError('Protecting intrinsics failed:', error);\n    throw error;\n  }\n}\n\n/**\n * Checks whether the given propertyName descriptor has any accessors, i.e. the\n * properties `get` or `set`.\n *\n * We want to make globals non-writable, and we can't set the `writable`\n * property and accessor properties at the same time.\n *\n * @param descriptor - The propertyName descriptor to check.\n * @returns Whether the propertyName descriptor has any accessors.\n */\nfunction hasAccessor(descriptor: any): boolean {\n  return 'set' in descriptor || 'get' in descriptor;\n}\n"],"names":["logError","executeLockdownMore","namedIntrinsics","Reflect","ownKeys","Compartment","globalThis","shouldHardenManually","Set","globalProperties","forEach","propertyName","descriptor","getOwnPropertyDescriptor","configurable","hasAccessor","Object","defineProperty","writable","has","harden","error"],"mappings":"AAAA,qFAAqF;AACrF,mEAAmE;AAEnE,SAASA,QAAQ,QAAQ,wBAAwB;AAEjD;;;;;;;;;;;;;;;;;;;CAmBC,GACD,OAAO,SAASC;IACd,gEAAgE;IAChE,oDAAoD;IACpD,gEAAgE;IAChE,oBAAoB;IACpB,IAAI;QACF,MAAMC,kBAAkBC,QAAQC,OAAO,CAAC,IAAIC,cAAcC,UAAU;QAEpE,sEAAsE;QACtE,MAAMC,uBAAuB,IAAIC,IAAqB;YAAC;YAAQ;SAAW;QAE1E,MAAMC,mBAAmB,IAAID,IAAI;YAC/B,yEAAyE;YACzE,oEAAoE;YACpE,8CAA8C;eAC3CN;SAKJ;QAEDO,iBAAiBC,OAAO,CAAC,CAACC;YACxB,MAAMC,aAAaT,QAAQU,wBAAwB,CACjDP,YACAK;YAGF,IAAIC,YAAY;gBACd,IAAIA,WAAWE,YAAY,EAAE;oBAC3B,yDAAyD;oBACzD,mEAAmE;oBACnE,gBAAgB;oBAChB,IAAIC,YAAYH,aAAa;wBAC3BI,OAAOC,cAAc,CAACX,YAAYK,cAAc;4BAC9CG,cAAc;wBAChB;oBACF,OAAO;wBACLE,OAAOC,cAAc,CAACX,YAAYK,cAAc;4BAC9CG,cAAc;4BACdI,UAAU;wBACZ;oBACF;gBACF;gBAEA,IAAIX,qBAAqBY,GAAG,CAACR,eAAe;oBAC1CS,OAAO,AAACd,UAAkB,CAACK,aAAa;gBAC1C;YACF;QACF;IACF,EAAE,OAAOU,OAAO;QACdrB,SAAS,iCAAiCqB;QAC1C,MAAMA;IACR;AACF;AAEA;;;;;;;;;CASC,GACD,SAASN,YAAYH,UAAe;IAClC,OAAO,SAASA,cAAc,SAASA;AACzC"}
+{"version":3,"sources":["../../../../src/common/lockdown/lockdown-more.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../../node_modules/ses/types.d.ts\" />\n\nimport { logError } from '@metamask/snaps-utils';\n\n/**\n * The SES `lockdown` function only hardens the properties enumerated by the\n * universalPropertyNames constant specified in 'ses/src/whitelist'. This\n * function makes all function and object properties on the start compartment\n * global non-configurable and non-writable, unless they are already\n * non-configurable.\n *\n * It is critical that this function runs at the right time during\n * initialization, which should always be immediately after `lockdown` has been\n * called. At the time of writing, the modifications this function makes to the\n * runtime environment appear to be non-breaking, but that could change with\n * the addition of dependencies, or the order of our scripts in our HTML files.\n * Exercise caution.\n *\n * See inline comments for implementation details.\n *\n * We write this function in IIFE format to avoid polluting global scope.\n *\n * @throws If the lockdown failed.\n */\nexport function executeLockdownMore() {\n  // Make all \"object\" and \"function\" own properties of globalThis\n  // non-configurable and non-writable, when possible.\n  // We call a property that is non-configurable and non-writable,\n  // \"non-modifiable\".\n  try {\n    const namedIntrinsics = Reflect.ownKeys(new Compartment().globalThis);\n\n    // These named intrinsics are not automatically hardened by `lockdown`\n    const shouldHardenManually = new Set<symbol | string>(['eval', 'Function']);\n\n    const globalProperties = new Set([\n      // universalPropertyNames is a constant added by lockdown to global scope\n      // at the time of writing, it is initialized in 'ses/src/whitelist'.\n      // These properties tend to be non-enumerable.\n      ...namedIntrinsics,\n\n      // TODO: Also include the named platform globals\n      // This grabs every enumerable property on globalThis.\n      // ...Object.keys(globalThis),\n    ]);\n\n    globalProperties.forEach((propertyName) => {\n      const descriptor = Reflect.getOwnPropertyDescriptor(\n        globalThis,\n        propertyName,\n      );\n\n      if (descriptor) {\n        if (descriptor.configurable) {\n          // If the property on globalThis is configurable, make it\n          // non-configurable. If it has no accessor properties, also make it\n          // non-writable.\n          if (hasAccessor(descriptor)) {\n            Object.defineProperty(globalThis, propertyName, {\n              configurable: false,\n            });\n          } else {\n            Object.defineProperty(globalThis, propertyName, {\n              configurable: false,\n              writable: false,\n            });\n          }\n        }\n\n        if (shouldHardenManually.has(propertyName)) {\n          harden((globalThis as any)[propertyName]);\n        }\n      }\n    });\n  } catch (error) {\n    logError('Protecting intrinsics failed:', error);\n    throw error;\n  }\n}\n\n/**\n * Checks whether the given propertyName descriptor has any accessors, i.e. the\n * properties `get` or `set`.\n *\n * We want to make globals non-writable, and we can't set the `writable`\n * property and accessor properties at the same time.\n *\n * @param descriptor - The propertyName descriptor to check.\n * @returns Whether the propertyName descriptor has any accessors.\n */\nfunction hasAccessor(descriptor: any): boolean {\n  return 'set' in descriptor || 'get' in descriptor;\n}\n"],"names":["logError","executeLockdownMore","namedIntrinsics","Reflect","ownKeys","Compartment","globalThis","shouldHardenManually","Set","globalProperties","forEach","propertyName","descriptor","getOwnPropertyDescriptor","configurable","hasAccessor","Object","defineProperty","writable","has","harden","error"],"mappings":"AAAA,qFAAqF;AACrF,mEAAmE;AAEnE,SAASA,QAAQ,QAAQ,wBAAwB;AAEjD;;;;;;;;;;;;;;;;;;;CAmBC,GACD,OAAO,SAASC;IACd,gEAAgE;IAChE,oDAAoD;IACpD,gEAAgE;IAChE,oBAAoB;IACpB,IAAI;QACF,MAAMC,kBAAkBC,QAAQC,OAAO,CAAC,IAAIC,cAAcC,UAAU;QAEpE,sEAAsE;QACtE,MAAMC,uBAAuB,IAAIC,IAAqB;YAAC;YAAQ;SAAW;QAE1E,MAAMC,mBAAmB,IAAID,IAAI;YAC/B,yEAAyE;YACzE,oEAAoE;YACpE,8CAA8C;eAC3CN;SAKJ;QAEDO,iBAAiBC,OAAO,CAAC,CAACC;YACxB,MAAMC,aAAaT,QAAQU,wBAAwB,CACjDP,YACAK;YAGF,IAAIC,YAAY;gBACd,IAAIA,WAAWE,YAAY,EAAE;oBAC3B,yDAAyD;oBACzD,mEAAmE;oBACnE,gBAAgB;oBAChB,IAAIC,YAAYH,aAAa;wBAC3BI,OAAOC,cAAc,CAACX,YAAYK,cAAc;4BAC9CG,cAAc;wBAChB;oBACF,OAAO;wBACLE,OAAOC,cAAc,CAACX,YAAYK,cAAc;4BAC9CG,cAAc;4BACdI,UAAU;wBACZ;oBACF;gBACF;gBAEA,IAAIX,qBAAqBY,GAAG,CAACR,eAAe;oBAC1CS,OAAO,AAACd,UAAkB,CAACK,aAAa;gBAC1C;YACF;QACF;IACF,EAAE,OAAOU,OAAO;QACdrB,SAAS,iCAAiCqB;QAC1C,MAAMA;IACR;AACF;AAEA;;;;;;;;;CASC,GACD,SAASN,YAAYH,UAAe;IAClC,OAAO,SAASA,cAAc,SAASA;AACzC"}

package/dist/esm/common/lockdown/lockdown.js

@@ -1,5 +1,5 @@
 // eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment
-/// <reference path="../../../../../node_modules/ses/index.d.ts" />
+/// <reference path="../../../../../node_modules/ses/types.d.ts" />
 import { logError } from '@metamask/snaps-utils';
 /**
  * Execute SES lockdown in the current context, i.e., the current iframe.

package/dist/esm/common/lockdown/lockdown.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/common/lockdown/lockdown.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../../node_modules/ses/index.d.ts\" />\n\nimport { logError } from '@metamask/snaps-utils';\n\n/**\n * Execute SES lockdown in the current context, i.e., the current iframe.\n *\n * @throws If the SES lockdown failed.\n */\nexport function executeLockdown() {\n  try {\n    lockdown({\n      consoleTaming: 'unsafe',\n      errorTaming: 'unsafe',\n      mathTaming: 'unsafe',\n      dateTaming: 'unsafe',\n      overrideTaming: 'severe',\n    });\n  } catch (error) {\n    // If the `lockdown` call throws an exception, it should not be able to continue\n    logError('Lockdown failed:', error);\n    throw error;\n  }\n}\n"],"names":["logError","executeLockdown","lockdown","consoleTaming","errorTaming","mathTaming","dateTaming","overrideTaming","error"],"mappings":"AAAA,qFAAqF;AACrF,mEAAmE;AAEnE,SAASA,QAAQ,QAAQ,wBAAwB;AAEjD;;;;CAIC,GACD,OAAO,SAASC;IACd,IAAI;QACFC,SAAS;YACPC,eAAe;YACfC,aAAa;YACbC,YAAY;YACZC,YAAY;YACZC,gBAAgB;QAClB;IACF,EAAE,OAAOC,OAAO;QACd,gFAAgF;QAChFR,SAAS,oBAAoBQ;QAC7B,MAAMA;IACR;AACF"}
+{"version":3,"sources":["../../../../src/common/lockdown/lockdown.ts"],"sourcesContent":["// eslint-disable-next-line @typescript-eslint/triple-slash-reference, spaced-comment\n/// <reference path=\"../../../../../node_modules/ses/types.d.ts\" />\n\nimport { logError } from '@metamask/snaps-utils';\n\n/**\n * Execute SES lockdown in the current context, i.e., the current iframe.\n *\n * @throws If the SES lockdown failed.\n */\nexport function executeLockdown() {\n  try {\n    lockdown({\n      consoleTaming: 'unsafe',\n      errorTaming: 'unsafe',\n      mathTaming: 'unsafe',\n      dateTaming: 'unsafe',\n      overrideTaming: 'severe',\n    });\n  } catch (error) {\n    // If the `lockdown` call throws an exception, it should not be able to continue\n    logError('Lockdown failed:', error);\n    throw error;\n  }\n}\n"],"names":["logError","executeLockdown","lockdown","consoleTaming","errorTaming","mathTaming","dateTaming","overrideTaming","error"],"mappings":"AAAA,qFAAqF;AACrF,mEAAmE;AAEnE,SAASA,QAAQ,QAAQ,wBAAwB;AAEjD;;;;CAIC,GACD,OAAO,SAASC;IACd,IAAI;QACFC,SAAS;YACPC,eAAe;YACfC,aAAa;YACbC,YAAY;YACZC,YAAY;YACZC,gBAAgB;QAClB;IACF,EAAE,OAAOC,OAAO;QACd,gFAAgF;QAChFR,SAAS,oBAAoBQ;QAC7B,MAAMA;IACR;AACF"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@metamask/snaps-execution-environments",
-  "version": "0.38.1-flask.1",
+  "version": "0.38.2-flask.1",
   "description": "Snap sandbox environments for executing SES javascript",
   "repository": {
     "type": "git",
@@ -26,7 +26,7 @@
     "lint:misc": "prettier --no-error-on-unmatched-pattern --loglevel warn \"**/*.json\" \"**/*.md\" \"**/*.html\" \"!CHANGELOG.md\" --ignore-path ./.prettierignore",
     "lint:fix": "yarn lint:eslint --fix && yarn lint:misc --write",
     "lint:changelog": "../../scripts/validate-changelog.sh @metamask/snaps-execution-environments",
-    "lint": "yarn lint:eslint && yarn lint:misc --check && yarn lint:changelog",
+    "lint": "yarn lint:eslint && yarn lint:misc --check && yarn lint:changelog && yarn lint:dependencies",
     "clean": "rimraf '*.tsbuildinfo' 'dist' 'src/__GENERATED__/' 'coverage/*' '__test__/*'",
     "build": "yarn build:source && yarn build:types",
     "build:source": "yarn build:esm && yarn build:cjs",
@@ -41,20 +41,20 @@
     "prepare-manifest:preview": "../../scripts/prepare-preview-manifest.sh",
     "publish:preview": "yarn npm publish --tag preview",
     "lint:ci": "yarn lint",
-    "start": "node scripts/start.js"
+    "start": "node scripts/start.js",
+    "lint:dependencies": "depcheck"
   },
   "dependencies": {
     "@metamask/object-multiplex": "^1.2.0",
     "@metamask/post-message-stream": "^6.1.2",
-    "@metamask/providers": "^11.0.0",
-    "@metamask/rpc-methods": "^0.37.2-flask.1",
-    "@metamask/snaps-utils": "^0.38.0-flask.1",
+    "@metamask/providers": "^11.1.1",
+    "@metamask/rpc-methods": "^0.38.1-flask.1",
+    "@metamask/snaps-utils": "^0.38.2-flask.1",
     "@metamask/utils": "^6.0.1",
     "eth-rpc-errors": "^4.0.3",
     "json-rpc-engine": "^6.1.0",
     "nanoid": "^3.1.31",
     "pump": "^3.0.0",
-    "stream-browserify": "^3.0.0",
     "superstruct": "^1.0.3"
   },
   "devDependencies": {
@@ -72,7 +72,7 @@
     "@metamask/eslint-config-nodejs": "^12.1.0",
     "@metamask/eslint-config-typescript": "^12.1.0",
     "@swc/cli": "^0.1.62",
-    "@swc/core": "^1.3.66",
+    "@swc/core": "1.3.78",
     "@swc/jest": "^0.2.26",
     "@types/express": "^4.17.17",
     "@types/jest": "^27.5.1",
@@ -88,8 +88,8 @@
     "babel-plugin-tsconfig-paths-module-resolver": "^1.0.4",
     "babelify": "^10.0.0",
     "browserify": "^17.0.0",
-    "buffer": "^6.0.3",
     "deepmerge": "^4.2.2",
+    "depcheck": "^1.4.5",
     "esbuild": "^0.17.15",
     "eslint": "^8.27.0",
     "eslint-config-prettier": "^8.5.0",
@@ -100,23 +100,22 @@
     "eslint-plugin-prettier": "^4.2.1",
     "eslint-plugin-promise": "^6.1.1",
     "expect-webdriverio": "^4.1.2",
+    "express": "^4.18.2",
     "istanbul-lib-coverage": "^3.2.0",
     "istanbul-lib-report": "^3.0.0",
     "istanbul-reports": "^3.1.5",
     "jest": "^29.0.2",
+    "jest-environment-node": "^29.5.0",
     "jest-fetch-mock": "^3.0.3",
     "lavamoat": "^7.0.0",
     "lavamoat-browserify": "^15.7.1",
-    "memfs": "^3.4.13",
     "prettier": "^2.7.1",
     "prettier-plugin-packagejson": "^2.2.11",
-    "process": "^0.11.10",
     "rimraf": "^4.1.2",
     "serve-handler": "^6.1.5",
-    "ses": "^0.18.1",
+    "ses": "^0.18.7",
     "terser": "^5.17.7",
     "ts-node": "^10.9.1",
-    "tsconfig-paths": "^4.2.0",
     "typescript": "~4.8.4",
     "vite": "^4.3.9",
     "vite-tsconfig-paths": "^4.0.5",