@metamask/snaps-execution-environments 10.4.1 → 11.0.0

package/dist/common/BaseSnapExecutor.mjs

@@ -12,16 +12,15 @@ const ObjectMultiplex = $importDefault($ObjectMultiplex);
 import { errorCodes, rpcErrors, serializeError } from "@metamask/rpc-errors";
 import { getErrorData } from "@metamask/snaps-sdk";
 import { SNAP_EXPORT_NAMES, logError, SNAP_EXPORTS, WrappedSnapError, unwrapError, logInfo } from "@metamask/snaps-utils";
-import { validate, is } from "@metamask/superstruct";
-import { assert, isJsonRpcRequest, hasProperty, getSafeJson, JsonRpcIdStruct } from "@metamask/utils";
+import { is } from "@metamask/superstruct";
+import { assert, isJsonRpcRequest, hasProperty, getSafeJson, JsonRpcIdStruct, createDeferredPromise } from "@metamask/utils";
 import { pipeline } from "readable-stream";
-import { getCommandMethodImplementations } from "./commands.mjs";
+import { assertCommandParams, getHandlerArguments } from "./commands.mjs";
 import { createEndowments } from "./endowments/index.mjs";
 import { addEventListener, removeEventListener } from "./globalEvents.mjs";
 import { SnapProvider } from "./SnapProvider.mjs";
-import { sortParamKeys } from "./sortParams.mjs";
 import { assertEthereumOutboundRequest, assertSnapOutboundRequest, sanitizeRequestArguments, withTeardown, isValidResponse, isMultichainRequest, assertMultichainOutboundRequest } from "./utils.mjs";
-import { ExecuteSnapRequestArgumentsStruct, PingRequestArgumentsStruct, SnapRpcRequestArgumentsStruct, TerminateRequestArgumentsStruct } from "./validation.mjs";
+import { ExecuteSnapRequestArgumentsStruct, SnapRpcRequestArgumentsStruct } from "./validation.mjs";
 import { log } from "../logging.mjs";
 const fallbackError = {
     code: errorCodes.rpc.internal,
@@ -32,109 +31,31 @@ const unhandledError = rpcErrors
     message: 'Unhandled Snap Error',
 })
     .serialize();
-/**
- * The supported methods in the execution environment. The validator checks the
- * incoming JSON-RPC request, and the `params` property is used for sorting the
- * parameters, if they are an object.
- */
-const EXECUTION_ENVIRONMENT_METHODS = {
-    ping: {
-        struct: PingRequestArgumentsStruct,
-        params: [],
-    },
-    executeSnap: {
-        struct: ExecuteSnapRequestArgumentsStruct,
-        params: ['snapId', 'sourceCode', 'endowments'],
-    },
-    terminate: {
-        struct: TerminateRequestArgumentsStruct,
-        params: [],
-    },
-    snapRpc: {
-        struct: SnapRpcRequestArgumentsStruct,
-        params: ['target', 'handler', 'origin', 'request'],
-    },
-};
 export class BaseSnapExecutor {
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    snapData;
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    commandStream;
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    rpcStream;
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    methods;
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    snapErrorHandler;
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    snapPromiseErrorHandler;
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    lastTeardown = 0;
+    #snapData;
+    #commandStream;
+    #rpcStream;
+    #snapErrorHandler;
+    #snapPromiseErrorHandler;
+    #teardownRef = { lastTeardown: 0 };
     constructor(commandStream, rpcStream) {
-        this.snapData = new Map();
-        this.commandStream = commandStream;
-        this.commandStream.on('data', (data) => {
-            this.onCommandRequest(data).catch((error) => {
-                // TODO: Decide how to handle errors.
+        this.#snapData = new Map();
+        this.#commandStream = commandStream;
+        this.#commandStream.on('data', (data) => {
+            /* istanbul ignore next 2 */
+            this.#onCommandRequest(data).catch((error) => {
                 logError(error);
             });
         });
-        this.rpcStream = rpcStream;
-        this.methods = getCommandMethodImplementations(this.startSnap.bind(this), async (target, handlerType, args) => {
-            const data = this.snapData.get(target);
-            // We're capturing the handler in case someone modifies the data object
-            // before the call.
-            const handler = data?.exports[handlerType];
-            const { required } = SNAP_EXPORTS[handlerType];
-            assert(!required || handler !== undefined, `No ${handlerType} handler exported for snap "${target}".`, rpcErrors.methodNotSupported);
-            // Certain handlers are not required. If they are not exported, we
-            // return null.
-            if (!handler) {
-                return null;
-            }
-            const result = await this.executeInSnapContext(target, async () => 
-            // TODO: fix handler args type cast
-            handler(args));
-            // The handler might not return anything, but undefined is not valid JSON.
-            if (result === undefined || result === null) {
-                return null;
-            }
-            // /!\ Always return only sanitized JSON to prevent security flaws. /!\
-            try {
-                return getSafeJson(result);
-            }
-            catch (error) {
-                throw rpcErrors.internal(`Received non-JSON-serializable value: ${error.message.replace(/^Assertion failed: /u, '')}`);
-            }
-        }, this.onTerminate.bind(this));
+        this.#rpcStream = rpcStream;
     }
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    errorHandler(error, data) {
+    #errorHandler(error, data) {
         const serializedError = serializeError(error, {
             fallbackError: unhandledError,
             shouldIncludeStack: false,
             shouldPreserveMessage: false,
         });
         const errorData = getErrorData(serializedError);
-        // TODO: Either fix this lint violation or explain why it's necessary to
-        //  ignore.
-        // eslint-disable-next-line promise/no-promise-in-callback
         this.#notify({
             method: 'UnhandledError',
             params: {
@@ -150,19 +71,14 @@ export class BaseSnapExecutor {
             logError(notifyError);
         });
     }
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    async onCommandRequest(message) {
+    async #onCommandRequest(message) {
         if (!isJsonRpcRequest(message)) {
             if (hasProperty(message, 'id') &&
                 is(message.id, JsonRpcIdStruct)) {
                 // Instead of throwing, we directly respond with an error.
                 // We can only do this if the message ID is still valid.
-                await this.#write({
+                await this.#respond(message.id, {
                     error: serializeError(rpcErrors.internal('JSON-RPC requests must be JSON serializable objects.')),
-                    id: message.id,
-                    jsonrpc: '2.0',
                 });
             }
             else {
@@ -171,38 +87,8 @@ export class BaseSnapExecutor {
             return;
         }
         const { id, method, params } = message;
-        if (!hasProperty(EXECUTION_ENVIRONMENT_METHODS, method)) {
-            await this.#respond(id, {
-                error: rpcErrors
-                    .methodNotFound({
-                    data: {
-                        method,
-                    },
-                })
-                    .serialize(),
-            });
-            return;
-        }
-        const methodObject = EXECUTION_ENVIRONMENT_METHODS[method];
-        // support params by-name and by-position
-        const paramsAsArray = sortParamKeys(methodObject.params, params);
-        const [error] = validate(paramsAsArray, methodObject.struct);
-        if (error) {
-            await this.#respond(id, {
-                error: rpcErrors
-                    .invalidParams({
-                    message: `Invalid parameters for method "${method}": ${error.message}.`,
-                    data: {
-                        method,
-                        params: paramsAsArray,
-                    },
-                })
-                    .serialize(),
-            });
-            return;
-        }
         try {
-            const result = await this.methods[method](...paramsAsArray);
+            const result = await this.#handleCommand(method, params);
             await this.#respond(id, { result });
         }
         catch (rpcError) {
@@ -214,12 +100,83 @@ export class BaseSnapExecutor {
             });
         }
     }
+    /**
+     * Handle an incoming JSON-RPC command request.
+     *
+     * @param method - The JSON-RPC method name.
+     * @param params - The optional JSON-RPC parameters.
+     * @returns The response based on the JSON-RPC method invoked.
+     * @throws If the passed method is not available.
+     */
+    async #handleCommand(method, params) {
+        switch (method) {
+            case 'ping':
+                return 'OK';
+            case 'terminate': {
+                this.#handleTerminate();
+                return 'OK';
+            }
+            case 'executeSnap': {
+                assertCommandParams(method, params, ExecuteSnapRequestArgumentsStruct);
+                await this.#startSnap(params);
+                return 'OK';
+            }
+            case 'snapRpc': {
+                assertCommandParams(method, params, SnapRpcRequestArgumentsStruct);
+                return await this.#invokeSnap(params);
+            }
+            default:
+                throw rpcErrors.methodNotFound({
+                    data: {
+                        method,
+                    },
+                });
+        }
+    }
+    /**
+     * Invoke an exported handler on a running Snap.
+     *
+     * @param options - An options bag.
+     * @param options.snapId - The Snap ID.
+     * @param options.handler - The handler to invoke.
+     * @param options.origin - The origin invoking the handler.
+     * @param options.request - The JSON-RPC request to invoke the handler with.
+     * @returns The result of invoking the handler on the Snap.
+     */
+    async #invokeSnap({ snapId, handler: handlerType, origin, request, }) {
+        const args = getHandlerArguments(origin, handlerType, request);
+        const data = this.#snapData.get(snapId);
+        // We're capturing the handler in case someone modifies the data object
+        // before the call.
+        const handler = data?.exports[handlerType];
+        const { required } = SNAP_EXPORTS[handlerType];
+        assert(!required || handler !== undefined, `No ${handlerType} handler exported for Snap "${snapId}".`, rpcErrors.methodNotSupported);
+        // Certain handlers are not required. If they are not exported, we
+        // return null.
+        if (!handler) {
+            return null;
+        }
+        const result = await this.#executeInSnapContext(snapId, async () => 
+        // TODO: fix handler args type cast
+        handler(args));
+        // The handler might not return anything, but undefined is not valid JSON.
+        if (result === undefined || result === null) {
+            return null;
+        }
+        // /!\ Always return only sanitized JSON to prevent security flaws. /!\
+        try {
+            return getSafeJson(result);
+        }
+        catch (error) {
+            throw rpcErrors.internal(`Received non-JSON-serializable value: ${error.message.replace(/^Assertion failed: /u, '')}`);
+        }
+    }
     // Awaitable function that writes back to the command stream
     // To prevent snap execution from blocking writing we wrap in a promise
     // and await it before continuing execution
     async #write(chunk) {
         return new Promise((resolve, reject) => {
-            this.commandStream.write(chunk, (error) => {
+            this.#commandStream.write(chunk, (error) => {
                 if (error) {
                     reject(error);
                     return;
@@ -258,28 +215,29 @@ export class BaseSnapExecutor {
      * Attempts to evaluate a snap in SES. Generates APIs for the snap. May throw
      * on errors.
      *
-     * @param snapId - The id of the snap.
-     * @param sourceCode - The source code of the snap, in IIFE format.
-     * @param _endowments - An array of the names of the endowments.
+     * @param params - The parameters.
+     * @param params.snapId - The id of the snap.
+     * @param params.sourceCode - The source code of the snap, in IIFE format.
+     * @param params.endowments - An array of the names of the endowments.
      */
-    async startSnap(snapId, sourceCode, _endowments) {
+    async #startSnap({ snapId, sourceCode, endowments: endowmentKeys, }) {
         log(`Starting snap '${snapId}' in worker.`);
-        if (this.snapPromiseErrorHandler) {
-            removeEventListener('unhandledrejection', this.snapPromiseErrorHandler);
+        if (this.#snapPromiseErrorHandler) {
+            removeEventListener('unhandledrejection', this.#snapPromiseErrorHandler);
         }
-        if (this.snapErrorHandler) {
-            removeEventListener('error', this.snapErrorHandler);
+        if (this.#snapErrorHandler) {
+            removeEventListener('error', this.#snapErrorHandler);
         }
-        this.snapErrorHandler = (error) => {
-            this.errorHandler(error.error, { snapId });
+        this.#snapErrorHandler = (error) => {
+            this.#errorHandler(error.error, { snapId });
         };
-        this.snapPromiseErrorHandler = (error) => {
-            this.errorHandler(error instanceof Error ? error : error.reason, {
+        this.#snapPromiseErrorHandler = (error) => {
+            this.#errorHandler(error instanceof Error ? error : error.reason, {
                 snapId,
             });
         };
         const multiplex = new ObjectMultiplex();
-        pipeline(this.rpcStream, multiplex, this.rpcStream, (error) => {
+        pipeline(this.#rpcStream, multiplex, this.#rpcStream, (error) => {
             if (error && !error.message?.match('Premature close')) {
                 logError(`Provider stream failure.`, error);
             }
@@ -292,8 +250,8 @@ export class BaseSnapExecutor {
             rpcMiddleware: [createIdRemapMiddleware()],
         });
         multichainProvider.initializeSync();
-        const snap = this.createSnapGlobal(provider, multichainProvider);
-        const ethereum = this.createEIP1193Provider(provider);
+        const snap = this.#createSnapGlobal(provider, multichainProvider);
+        const ethereum = this.#createEIP1193Provider(provider);
         // We specifically use any type because the Snap can modify the object any way they want
         const snapModule = { exports: {} };
         try {
@@ -301,18 +259,18 @@ export class BaseSnapExecutor {
                 snap,
                 ethereum,
                 snapId,
-                endowments: _endowments,
+                endowments: endowmentKeys,
                 notify: this.#notify.bind(this),
             });
             // !!! Ensure that this is the only place the data is being set.
             // Other methods access the object value and mutate its properties.
-            this.snapData.set(snapId, {
+            this.#snapData.set(snapId, {
                 idleTeardown: endowmentTeardown,
                 runningEvaluations: new Set(),
                 exports: {},
             });
-            addEventListener('unhandledRejection', this.snapPromiseErrorHandler);
-            addEventListener('error', this.snapErrorHandler);
+            addEventListener('unhandledRejection', this.#snapPromiseErrorHandler);
+            addEventListener('error', this.#snapErrorHandler);
             const compartment = new Compartment({
                 ...endowments,
                 module: snapModule,
@@ -326,13 +284,13 @@ export class BaseSnapExecutor {
             compartment.globalThis.self = compartment.globalThis;
             compartment.globalThis.global = compartment.globalThis;
             compartment.globalThis.window = compartment.globalThis;
-            await this.executeInSnapContext(snapId, async () => {
+            await this.#executeInSnapContext(snapId, async () => {
                 compartment.evaluate(sourceCode);
-                await this.registerSnapExports(snapId, snapModule);
+                await this.#registerSnapExports(snapId, snapModule);
             });
         }
         catch (error) {
-            this.removeSnap(snapId);
+            this.#removeSnap(snapId);
             const [cause] = unwrapError(error);
             throw rpcErrors.internal({
                 message: `Error while running snap '${snapId}': ${cause.message}`,
@@ -346,18 +304,15 @@ export class BaseSnapExecutor {
      * Cancels all running evaluations of all snaps and clears all snap data.
      * NOTE:** Should only be called in response to the `terminate` RPC command.
      */
-    onTerminate() {
+    #handleTerminate() {
         // `stop()` tears down snap endowments.
         // Teardown will also be run for each snap as soon as there are
         // no more running evaluations for that snap.
-        this.snapData.forEach((data) => data.runningEvaluations.forEach((evaluation) => evaluation.stop()));
-        this.snapData.clear();
+        this.#snapData.forEach((data) => data.runningEvaluations.forEach((evaluation) => evaluation.stop()));
+        this.#snapData.clear();
     }
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    async registerSnapExports(snapId, snapModule) {
-        const data = this.snapData.get(snapId);
+    async #registerSnapExports(snapId, snapModule) {
+        const data = this.#snapData.get(snapId);
         // Somebody deleted the snap before we could register.
         if (!data) {
             return;
@@ -382,10 +337,7 @@ export class BaseSnapExecutor {
      * @param multichainProvider - A StreamProvider connected to the CAIP-27 client stream.
      * @returns The snap provider object.
      */
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    createSnapGlobal(provider, multichainProvider) {
+    #createSnapGlobal(provider, multichainProvider) {
         const originalRequest = provider.request.bind(provider);
         const originalMultichainRequest = multichainProvider.request.bind(multichainProvider);
         const request = async (args) => {
@@ -394,9 +346,9 @@ export class BaseSnapExecutor {
             assertSnapOutboundRequest(sanitizedArgs);
             if (isMultichainRequest(sanitizedArgs)) {
                 assertMultichainOutboundRequest(sanitizedArgs);
-                return await withTeardown(originalMultichainRequest(sanitizedArgs), this);
+                return await withTeardown(originalMultichainRequest(sanitizedArgs), this.#teardownRef);
             }
-            return await withTeardown(originalRequest(sanitizedArgs), this);
+            return await withTeardown(originalRequest(sanitizedArgs), this.#teardownRef);
         };
         const snapsProvider = { request };
         return harden(snapsProvider);
@@ -407,16 +359,13 @@ export class BaseSnapExecutor {
      * @param provider - A StreamProvider connected to MetaMask.
      * @returns The EIP-1193 Ethereum provider object.
      */
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    createEIP1193Provider(provider) {
+    #createEIP1193Provider(provider) {
         const originalRequest = provider.request.bind(provider);
         const request = async (args) => {
             // As part of the sanitization, we validate that the args are valid JSON.
             const sanitizedArgs = sanitizeRequestArguments(args);
             assertEthereumOutboundRequest(sanitizedArgs);
-            return await withTeardown(originalRequest(sanitizedArgs), this);
+            return await withTeardown(originalRequest(sanitizedArgs), this.#teardownRef);
         };
         const ethereumProvider = { request };
         return harden(ethereumProvider);
@@ -426,11 +375,8 @@ export class BaseSnapExecutor {
      *
      * @param snapId - The id of the snap to remove.
      */
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    removeSnap(snapId) {
-        this.snapData.delete(snapId);
+    #removeSnap(snapId) {
+        this.#snapData.delete(snapId);
     }
     /**
      * Calls the specified executor function in the context of the specified snap.
@@ -443,20 +389,14 @@ export class BaseSnapExecutor {
      * @returns The executor's return value.
      * @template Result - The return value of the executor.
      */
-    // TODO: Either fix this lint violation or explain why it's necessary to
-    //  ignore.
-    // eslint-disable-next-line no-restricted-syntax
-    async executeInSnapContext(snapId, executor) {
-        const data = this.snapData.get(snapId);
+    async #executeInSnapContext(snapId, executor) {
+        const data = this.#snapData.get(snapId);
         if (data === undefined) {
             throw rpcErrors.internal(`Tried to execute in context of unknown snap: "${snapId}".`);
         }
-        let stop;
-        const stopPromise = new Promise((_resolve, reject) => (stop = () => reject(
-        // TODO(rekmarks): Specify / standardize error code for this case.
-        rpcErrors.internal(`The snap "${snapId}" has been terminated during execution.`))));
-        // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-        const evaluationData = { stop: stop };
+        const { promise: stopPromise, reject } = createDeferredPromise();
+        const stop = () => reject(rpcErrors.internal(`The Snap "${snapId}" has been terminated during execution.`));
+        const evaluationData = { stop };
         try {
             data.runningEvaluations.add(evaluationData);
             // Notice that we have to await this executor.
@@ -470,7 +410,7 @@ export class BaseSnapExecutor {
         finally {
             data.runningEvaluations.delete(evaluationData);
             if (data.runningEvaluations.size === 0) {
-                this.lastTeardown += 1;
+                this.#teardownRef.lastTeardown += 1;
                 await data.idleTeardown();
             }
         }