@metamask/snaps-rpc-methods 15.1.0 → 16.0.0

package/dist/permitted/sendWebSocketMessage.mjs

@@ -2,11 +2,6 @@ import { providerErrors, rpcErrors } from "@metamask/rpc-errors";
 import { union } from "@metamask/snaps-sdk";
 import { create, object, number, string, array, StructError } from "@metamask/superstruct";
 import { SnapEndowments } from "../endowments/index.mjs";
-const methodName = 'snap_sendWebSocketMessage';
-const hookNames = {
-    hasPermission: true,
-    sendWebSocketMessage: true,
-};
 const SendWebSocketMessageParametersStruct = object({
     id: string(),
     message: union([string(), array(number())]),
@@ -36,9 +31,11 @@ const SendWebSocketMessageParametersStruct = object({
  * ```
  */
 export const sendWebSocketMessageHandler = {
-    methodNames: [methodName],
     implementation: sendWebSocketMessageImplementation,
-    hookNames,
+    actionNames: [
+        'PermissionController:hasPermission',
+        'WebSocketService:sendMessage',
+    ],
 };
 /**
  * The `snap_sendWebSocketMessage` method implementation.
@@ -47,19 +44,18 @@ export const sendWebSocketMessageHandler = {
  * @param res - The JSON-RPC response object.
  * @param _next - The `json-rpc-engine` "next" callback. Not used by this function.
  * @param end - The `json-rpc-engine` "end" callback.
- * @param hooks - The RPC method hooks.
- * @param hooks.hasPermission - The function to check if a snap has the `endowment:network-access` permission.
- * @param hooks.sendWebSocketMessage - The function to send a WebSocket message.
+ * @param _hooks - The RPC method hooks. Not used by this function.
+ * @param messenger - The messenger used to call controller actions.
  * @returns Nothing.
  */
-async function sendWebSocketMessageImplementation(req, res, _next, end, { hasPermission, sendWebSocketMessage }) {
-    if (!hasPermission(SnapEndowments.NetworkAccess)) {
+async function sendWebSocketMessageImplementation(req, res, _next, end, _hooks, messenger) {
+    const { params, origin } = req;
+    if (!messenger.call('PermissionController:hasPermission', origin, SnapEndowments.NetworkAccess)) {
         return end(providerErrors.unauthorized());
     }
-    const { params } = req;
     try {
         const { id, message } = getValidatedParams(params);
-        await sendWebSocketMessage(id, message);
+        await messenger.call('WebSocketService:sendMessage', origin, id, message);
         res.result = null;
     }
     catch (error) {

package/dist/permitted/sendWebSocketMessage.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"sendWebSocketMessage.mjs","sourceRoot":"","sources":["../../src/permitted/sendWebSocketMessage.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,6BAA6B;AAMjE,OAAO,EAAE,KAAK,EAAE,4BAA4B;AAE5C,OAAO,EACL,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,KAAK,EACL,WAAW,EACZ,8BAA8B;AAG/B,OAAO,EAAE,cAAc,EAAE,gCAAsB;AAG/C,MAAM,UAAU,GAAG,2BAA2B,CAAC;AAE/C,MAAM,SAAS,GAAuD;IACpE,aAAa,EAAE,IAAI;IACnB,oBAAoB,EAAE,IAAI;CAC3B,CAAC;AAOF,MAAM,oCAAoC,GAAG,MAAM,CAAC;IAClD,EAAE,EAAE,MAAM,EAAE;IACZ,OAAO,EAAE,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;CAC5C,CAAC,CAAC;AAOH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG;IACzC,WAAW,EAAE,CAAC,UAAU,CAAU;IAClC,cAAc,EAAE,kCAAkC;IAClD,SAAS;CAKV,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,KAAK,UAAU,kCAAkC,CAC/C,GAAmD,EACnD,GAAuD,EACvD,KAAc,EACd,GAA6B,EAC7B,EAAE,aAAa,EAAE,oBAAoB,EAAmC;IAExE,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,CAAC;QACjD,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,IAAI,CAAC;QACH,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACnD,MAAM,oBAAoB,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QACxC,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;IACpB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC;IACpB,CAAC;IAED,OAAO,GAAG,EAAE,CAAC;AACf,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,MAAe;IACzC,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,MAAM,EAAE,oCAAoC,CAAC,CAAC;IAC9D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,WAAW,EAAE,CAAC;YACjC,MAAM,SAAS,CAAC,aAAa,CAAC;gBAC5B,OAAO,EAAE,mBAAmB,KAAK,CAAC,OAAO,GAAG;aAC7C,CAAC,CAAC;QACL,CAAC;QACD,0BAA0B;QAC1B,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC;IAC7B,CAAC;AACH,CAAC","sourcesContent":["import type { JsonRpcEngineEndCallback } from '@metamask/json-rpc-engine';\nimport type { PermittedHandlerExport } from '@metamask/permission-controller';\nimport { providerErrors, rpcErrors } from '@metamask/rpc-errors';\nimport type {\n  JsonRpcRequest,\n  SendWebSocketMessageParams,\n  SendWebSocketMessageResult,\n} from '@metamask/snaps-sdk';\nimport { union } from '@metamask/snaps-sdk';\nimport type { InferMatching } from '@metamask/snaps-utils';\nimport {\n  create,\n  object,\n  number,\n  string,\n  array,\n  StructError,\n} from '@metamask/superstruct';\nimport type { PendingJsonRpcResponse } from '@metamask/utils';\n\nimport { SnapEndowments } from '../endowments';\nimport type { MethodHooksObject } from '../utils';\n\nconst methodName = 'snap_sendWebSocketMessage';\n\nconst hookNames: MethodHooksObject<SendWebSocketMessageMethodHooks> = {\n  hasPermission: true,\n  sendWebSocketMessage: true,\n};\n\nexport type SendWebSocketMessageMethodHooks = {\n  hasPermission: (permissionName: string) => boolean;\n  sendWebSocketMessage: (id: string, data: string | number[]) => Promise<void>;\n};\n\nconst SendWebSocketMessageParametersStruct = object({\n  id: string(),\n  message: union([string(), array(number())]),\n});\n\nexport type SendWebSocketMessageParameters = InferMatching<\n  typeof SendWebSocketMessageParametersStruct,\n  SendWebSocketMessageParams\n>;\n\n/**\n * Send a message to an open WebSocket connection. The message will be sent to\n * the WebSocket connection with the specified ID, which must have been\n * previously opened by the Snap using the [`snap_openWebSocket`](https://docs.metamask.io/snaps/reference/snaps-api/snap_openwebsocket/)\n * method.\n *\n * @example\n * ```json name=\"Manifest\"\n * {\n *   \"initialPermissions\": {\n *     \"endowment:network-access\": {}\n *   }\n * }\n * ```\n * ```ts name=\"Usage\"\n * await wallet.request({\n *   method: 'snap_sendWebSocketMessage',\n *   params: {\n *     id: 'websocket-connection-id',\n *     message: 'Hello, WebSocket!', // or message: [1, 2, 3] for binary data\n *   },\n * });\n * ```\n */\nexport const sendWebSocketMessageHandler = {\n  methodNames: [methodName] as const,\n  implementation: sendWebSocketMessageImplementation,\n  hookNames,\n} satisfies PermittedHandlerExport<\n  SendWebSocketMessageMethodHooks,\n  SendWebSocketMessageParams,\n  SendWebSocketMessageResult\n>;\n\n/**\n * The `snap_sendWebSocketMessage` method implementation.\n *\n * @param req - The JSON-RPC request object.\n * @param res - The JSON-RPC response object.\n * @param _next - The `json-rpc-engine` \"next\" callback. Not used by this function.\n * @param end - The `json-rpc-engine` \"end\" callback.\n * @param hooks - The RPC method hooks.\n * @param hooks.hasPermission - The function to check if a snap has the `endowment:network-access` permission.\n * @param hooks.sendWebSocketMessage - The function to send a WebSocket message.\n * @returns Nothing.\n */\nasync function sendWebSocketMessageImplementation(\n  req: JsonRpcRequest<SendWebSocketMessageParameters>,\n  res: PendingJsonRpcResponse<SendWebSocketMessageResult>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  { hasPermission, sendWebSocketMessage }: SendWebSocketMessageMethodHooks,\n): Promise<void> {\n  if (!hasPermission(SnapEndowments.NetworkAccess)) {\n    return end(providerErrors.unauthorized());\n  }\n\n  const { params } = req;\n\n  try {\n    const { id, message } = getValidatedParams(params);\n    await sendWebSocketMessage(id, message);\n    res.result = null;\n  } catch (error) {\n    return end(error);\n  }\n\n  return end();\n}\n\n/**\n * Validates the parameters for the snap_sendWebSocketMessage method.\n *\n * @param params - Parameters to validate.\n * @returns Validated parameters.\n * @throws Throws RPC error if validation fails.\n */\nfunction getValidatedParams(params: unknown): SendWebSocketMessageParameters {\n  try {\n    return create(params, SendWebSocketMessageParametersStruct);\n  } catch (error) {\n    if (error instanceof StructError) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid params: ${error.message}.`,\n      });\n    }\n    /* istanbul ignore next */\n    throw rpcErrors.internal();\n  }\n}\n"]}
+{"version":3,"file":"sendWebSocketMessage.mjs","sourceRoot":"","sources":["../../src/permitted/sendWebSocketMessage.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,6BAA6B;AAKjE,OAAO,EAAE,KAAK,EAAE,4BAA4B;AAE5C,OAAO,EACL,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,KAAK,EACL,WAAW,EACZ,8BAA8B;AAG/B,OAAO,EAAE,cAAc,EAAE,gCAAsB;AAU/C,MAAM,oCAAoC,GAAG,MAAM,CAAC;IAClD,EAAE,EAAE,MAAM,EAAE;IACZ,OAAO,EAAE,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;CAC5C,CAAC,CAAC;AAOH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG;IACzC,cAAc,EAAE,kCAAkC;IAClD,WAAW,EAAE;QACX,oCAAoC;QACpC,8BAA8B;KAC/B;CAOF,CAAC;AAEF;;;;;;;;;;GAUG;AACH,KAAK,UAAU,kCAAkC,CAC/C,GAA6D,EAC7D,GAAuD,EACvD,KAAc,EACd,GAA6B,EAC7B,MAAa,EACb,SAA+D;IAE/D,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAE/B,IACE,CAAC,SAAS,CAAC,IAAI,CACb,oCAAoC,EACpC,MAAM,EACN,cAAc,CAAC,aAAa,CAC7B,EACD,CAAC;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACnD,MAAM,SAAS,CAAC,IAAI,CAAC,8BAA8B,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,CAAC,CAAC;QAC1E,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;IACpB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC;IACpB,CAAC;IAED,OAAO,GAAG,EAAE,CAAC;AACf,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,MAAe;IACzC,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,MAAM,EAAE,oCAAoC,CAAC,CAAC;IAC9D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,WAAW,EAAE,CAAC;YACjC,MAAM,SAAS,CAAC,aAAa,CAAC;gBAC5B,OAAO,EAAE,mBAAmB,KAAK,CAAC,OAAO,GAAG;aAC7C,CAAC,CAAC;QACL,CAAC;QACD,0BAA0B;QAC1B,MAAM,SAAS,CAAC,QAAQ,EAAE,CAAC;IAC7B,CAAC;AACH,CAAC","sourcesContent":["import type {\n  JsonRpcEngineEndCallback,\n  MethodHandler,\n} from '@metamask/json-rpc-engine';\nimport type { Messenger } from '@metamask/messenger';\nimport type { PermissionControllerHasPermissionAction } from '@metamask/permission-controller';\nimport { providerErrors, rpcErrors } from '@metamask/rpc-errors';\nimport type {\n  SendWebSocketMessageParams,\n  SendWebSocketMessageResult,\n} from '@metamask/snaps-sdk';\nimport { union } from '@metamask/snaps-sdk';\nimport type { InferMatching } from '@metamask/snaps-utils';\nimport {\n  create,\n  object,\n  number,\n  string,\n  array,\n  StructError,\n} from '@metamask/superstruct';\nimport type { PendingJsonRpcResponse } from '@metamask/utils';\n\nimport { SnapEndowments } from '../endowments';\nimport type {\n  JsonRpcRequestWithOrigin,\n  WebSocketServiceSendMessageAction,\n} from '../types';\n\nexport type SendWebSocketMessageMethodActions =\n  | PermissionControllerHasPermissionAction\n  | WebSocketServiceSendMessageAction;\n\nconst SendWebSocketMessageParametersStruct = object({\n  id: string(),\n  message: union([string(), array(number())]),\n});\n\nexport type SendWebSocketMessageParameters = InferMatching<\n  typeof SendWebSocketMessageParametersStruct,\n  SendWebSocketMessageParams\n>;\n\n/**\n * Send a message to an open WebSocket connection. The message will be sent to\n * the WebSocket connection with the specified ID, which must have been\n * previously opened by the Snap using the [`snap_openWebSocket`](https://docs.metamask.io/snaps/reference/snaps-api/snap_openwebsocket/)\n * method.\n *\n * @example\n * ```json name=\"Manifest\"\n * {\n *   \"initialPermissions\": {\n *     \"endowment:network-access\": {}\n *   }\n * }\n * ```\n * ```ts name=\"Usage\"\n * await wallet.request({\n *   method: 'snap_sendWebSocketMessage',\n *   params: {\n *     id: 'websocket-connection-id',\n *     message: 'Hello, WebSocket!', // or message: [1, 2, 3] for binary data\n *   },\n * });\n * ```\n */\nexport const sendWebSocketMessageHandler = {\n  implementation: sendWebSocketMessageImplementation,\n  actionNames: [\n    'PermissionController:hasPermission',\n    'WebSocketService:sendMessage',\n  ],\n} satisfies MethodHandler<\n  never,\n  SendWebSocketMessageMethodActions,\n  SendWebSocketMessageParams,\n  SendWebSocketMessageResult,\n  { origin: string }\n>;\n\n/**\n * The `snap_sendWebSocketMessage` method implementation.\n *\n * @param req - The JSON-RPC request object.\n * @param res - The JSON-RPC response object.\n * @param _next - The `json-rpc-engine` \"next\" callback. Not used by this function.\n * @param end - The `json-rpc-engine` \"end\" callback.\n * @param _hooks - The RPC method hooks. Not used by this function.\n * @param messenger - The messenger used to call controller actions.\n * @returns Nothing.\n */\nasync function sendWebSocketMessageImplementation(\n  req: JsonRpcRequestWithOrigin<SendWebSocketMessageParameters>,\n  res: PendingJsonRpcResponse<SendWebSocketMessageResult>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  _hooks: never,\n  messenger: Messenger<string, SendWebSocketMessageMethodActions>,\n): Promise<void> {\n  const { params, origin } = req;\n\n  if (\n    !messenger.call(\n      'PermissionController:hasPermission',\n      origin,\n      SnapEndowments.NetworkAccess,\n    )\n  ) {\n    return end(providerErrors.unauthorized());\n  }\n\n  try {\n    const { id, message } = getValidatedParams(params);\n    await messenger.call('WebSocketService:sendMessage', origin, id, message);\n    res.result = null;\n  } catch (error) {\n    return end(error);\n  }\n\n  return end();\n}\n\n/**\n * Validates the parameters for the snap_sendWebSocketMessage method.\n *\n * @param params - Parameters to validate.\n * @returns Validated parameters.\n * @throws Throws RPC error if validation fails.\n */\nfunction getValidatedParams(params: unknown): SendWebSocketMessageParameters {\n  try {\n    return create(params, SendWebSocketMessageParametersStruct);\n  } catch (error) {\n    if (error instanceof StructError) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid params: ${error.message}.`,\n      });\n    }\n    /* istanbul ignore next */\n    throw rpcErrors.internal();\n  }\n}\n"]}

package/dist/permitted/setState.cjs

@@ -8,13 +8,8 @@ const utils_1 = require("@metamask/utils");
 const async_mutex_1 = require("async-mutex");
 const manageState_1 = require("../restricted/manageState.cjs");
 const utils_2 = require("../utils.cjs");
-const methodName = 'snap_setState';
 const hookNames = {
-    hasPermission: true,
-    getSnapState: true,
     getUnlockPromise: true,
-    updateSnapState: true,
-    getSnap: true,
 };
 /**
  * Allow the Snap to persist up to 64 MB of data to disk and retrieve it at
@@ -65,9 +60,14 @@ const hookNames = {
  * ```
  */
 exports.setStateHandler = {
-    methodNames: [methodName],
     implementation: setStateImplementation,
     hookNames,
+    actionNames: [
+        'PermissionController:hasPermission',
+        'SnapController:getSnapState',
+        'SnapController:updateSnapState',
+        'SnapController:getSnap',
+    ],
 };
 const mutexes = new Map();
 /**
@@ -96,17 +96,13 @@ const SetStateParametersStruct = (0, superstruct_1.object)({
  * function.
  * @param end - The `json-rpc-engine` "end" callback.
  * @param hooks - The RPC method hooks.
- * @param hooks.hasPermission - Check whether a given origin has a given
- * permission.
- * @param hooks.getSnapState - Get the state of the requesting Snap.
  * @param hooks.getUnlockPromise - Wait for the extension to be unlocked.
- * @param hooks.updateSnapState - Update the state of the requesting Snap.
- * @param hooks.getSnap - The hook function to get Snap metadata.
+ * @param messenger - The messenger used to call controller actions.
  * @returns Nothing.
  */
-async function setStateImplementation(request, response, _next, end, { hasPermission, getSnapState, getUnlockPromise, updateSnapState, getSnap, }) {
-    const { params } = request;
-    if (!hasPermission(manageState_1.manageStateBuilder.targetName)) {
+async function setStateImplementation(request, response, _next, end, { getUnlockPromise }, messenger) {
+    const { params, origin } = request;
+    if (!messenger.call('PermissionController:hasPermission', origin, manageState_1.manageStateBuilder.targetName)) {
         return end(rpc_errors_1.providerErrors.unauthorized());
     }
     try {
@@ -118,14 +114,14 @@ async function setStateImplementation(request, response, _next, end, { hasPermis
         if (encrypted) {
             await getUnlockPromise(true);
         }
-        const snapId = request.origin;
+        const snapId = origin;
         const mutex = getMutex(snapId);
         // The expectation when using `snap_setState` is for the operation to safe
         // to do in parallel. The mutex ensures that and prevents a bug that was
         // mostly prevalent on mobile and caused data loss.
         await mutex.runExclusive(async () => {
-            const newState = await getNewState(key, value, encrypted, getSnapState);
-            const snap = getSnap(snapId);
+            const newState = await getNewState(snapId, key, value, encrypted, messenger);
+            const snap = messenger.call('SnapController:getSnap', origin);
             if (!snap?.preinstalled) {
                 // We know that the state is valid JSON as per previous validation.
                 const size = (0, snaps_utils_1.getJsonSizeUnsafe)(newState, true);
@@ -135,7 +131,7 @@ async function setStateImplementation(request, response, _next, end, { hasPermis
                     });
                 }
             }
-            await updateSnapState(newState, encrypted);
+            await messenger.call('SnapController:updateSnapState', origin, newState, encrypted);
             response.result = null;
         });
     }
@@ -174,18 +170,19 @@ function getValidatedParams(params) {
  * the key does not exist, it is created (and any missing intermediate keys are
  * created as well).
  *
+ * @param snapId - The Snap ID.
  * @param key - The key to set.
  * @param value - The value to set the key to.
  * @param encrypted - Whether the state is encrypted.
- * @param getSnapState - The `getSnapState` hook.
+ * @param messenger - The messenger used to call controller actions.
  * @returns The new state of the Snap.
  */
-async function getNewState(key, value, encrypted, getSnapState) {
+async function getNewState(snapId, key, value, encrypted, messenger) {
     if (key === undefined) {
         (0, utils_1.assert)((0, utils_1.isObject)(value));
         return value;
     }
-    const state = await getSnapState(encrypted);
+    const state = await messenger.call('SnapController:getSnapState', snapId, encrypted);
     return set(state, key, value);
 }
 /**

package/dist/permitted/setState.cjs.map

@@ -1 +1 @@
-{"version":3,"file":"setState.cjs","sourceRoot":"","sources":["../../src/permitted/setState.ts"],"names":[],"mappings":";;;AAEA,qDAAiE;AAOjE,uDAI+B;AAC/B,uDAM+B;AAM/B,2CAA4E;AAC5E,6CAAoC;AAEpC,+DAGmC;AAEnC,wCAA0D;AAE1D,MAAM,UAAU,GAAG,eAAe,CAAC;AAEnC,MAAM,SAAS,GAAqC;IAClD,aAAa,EAAE,IAAI;IACnB,YAAY,EAAE,IAAI;IAClB,gBAAgB,EAAE,IAAI;IACtB,eAAe,EAAE,IAAI;IACrB,OAAO,EAAE,IAAI;CACd,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+CG;AACU,QAAA,eAAe,GAAG;IAC7B,WAAW,EAAE,CAAC,UAAU,CAAU;IAClC,cAAc,EAAE,sBAAsB;IACtC,SAAS;CAKV,CAAC;AA6CF,MAAM,OAAO,GAAG,IAAI,GAAG,EAAE,CAAC;AAE1B;;;;;GAKG;AACH,SAAS,QAAQ,CAAC,MAAc;IAC9B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,mBAAK,EAAE,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,wBAAwB,GAAG,IAAA,oBAAY,EAAC;IAC5C,GAAG,EAAE,IAAA,sBAAQ,EAAC,sBAAc,CAAC;IAC7B,KAAK,EAAE,kBAAU;IACjB,SAAS,EAAE,IAAA,sBAAQ,EAAC,IAAA,qBAAO,GAAE,CAAC;CAC/B,CAAC,CAAC;AAOH;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,UAAU,sBAAsB,CACnC,OAA2C,EAC3C,QAAgD,EAChD,KAAc,EACd,GAA6B,EAC7B,EACE,aAAa,EACb,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,OAAO,GACO;IAEhB,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAE3B,IAAI,CAAC,aAAa,CAAC,gCAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;QAClD,OAAO,GAAG,CAAC,2BAAc,CAAC,YAAY,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACnD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,GAAG,IAAI,EAAE,GAAG,eAAe,CAAC;QAEzD,IAAI,GAAG,KAAK,SAAS,IAAI,CAAC,IAAA,gBAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC1C,OAAO,GAAG,CACR,sBAAS,CAAC,aAAa,CACrB,iEAAiE,CAClE,CACF,CAAC;QACJ,CAAC;QAED,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC;QAED,MAAM,MAAM,GACV,OACD,CAAC,MAAgB,CAAC;QAEnB,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAE/B,0EAA0E;QAC1E,wEAAwE;QACxE,mDAAmD;QACnD,MAAM,KAAK,CAAC,YAAY,CAAC,KAAK,IAAI,EAAE;YAClC,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,YAAY,CAAC,CAAC;YAExE,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;YAE7B,IAAI,CAAC,IAAI,EAAE,YAAY,EAAE,CAAC;gBACxB,mEAAmE;gBACnE,MAAM,IAAI,GAAG,IAAA,+BAAiB,EAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;gBAC/C,IAAI,IAAI,GAAG,gCAAkB,EAAE,CAAC;oBAC9B,MAAM,sBAAS,CAAC,aAAa,CAAC;wBAC5B,OAAO,EAAE,iDACP,gCAAkB,GAAG,OACvB,cAAc;qBACf,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,MAAM,eAAe,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YAC3C,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC;QACzB,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC;IACpB,CAAC;IAED,OAAO,GAAG,EAAE,CAAC;AACf,CAAC;AAED;;;;;GAKG;AACH,SAAS,kBAAkB,CAAC,MAAgB;IAC1C,IAAI,CAAC;QACH,OAAO,IAAA,oBAAM,EAAC,MAAM,EAAE,wBAAwB,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,yBAAW,EAAE,CAAC;YACjC,MAAM,sBAAS,CAAC,aAAa,CAAC;gBAC5B,OAAO,EAAE,mBAAmB,KAAK,CAAC,OAAO,GAAG;aAC7C,CAAC,CAAC;QACL,CAAC;QAED,0BAA0B;QAC1B,MAAM,sBAAS,CAAC,QAAQ,EAAE,CAAC;IAC7B,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,KAAK,UAAU,WAAW,CACxB,GAAuB,EACvB,KAAW,EACX,SAAkB,EAClB,YAA2C;IAE3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,IAAA,cAAM,EAAC,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC,CAAC;QACxB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,CAAC;IAC5C,OAAO,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,SAAgB,GAAG,CACjB,MAAmC,EACnC,GAAW,EACX,KAAW;IAEX,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,cAAc,GAAG,MAAM,IAAI,EAAE,CAAC;IACpC,IAAI,aAAa,GAAyB,cAAc,CAAC;IAEzD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3B,IAAI,sBAAc,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACxC,MAAM,sBAAS,CAAC,aAAa,CAC3B,oDAAoD,CACrD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,aAAa,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC;YAClC,OAAO,cAAc,CAAC;QACxB,CAAC;QAED,IACE,CAAC,IAAA,mBAAW,EAAC,aAAa,EAAE,UAAU,CAAC;YACvC,aAAa,CAAC,UAAU,CAAC,KAAK,IAAI,EAClC,CAAC;YACD,aAAa,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC;QACjC,CAAC;aAAM,IAAI,CAAC,IAAA,gBAAQ,EAAC,aAAa,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YAChD,MAAM,sBAAS,CAAC,aAAa,CAC3B,oDAAoD,CACrD,CAAC;QACJ,CAAC;QAED,aAAa,GAAG,aAAa,CAAC,UAAU,CAAyB,CAAC;IACpE,CAAC;IAED,gCAAgC;IAChC,0BAA0B;IAC1B,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;AAC/D,CAAC;AAvCD,kBAuCC","sourcesContent":["import type { JsonRpcEngineEndCallback } from '@metamask/json-rpc-engine';\nimport type { PermittedHandlerExport } from '@metamask/permission-controller';\nimport { providerErrors, rpcErrors } from '@metamask/rpc-errors';\nimport type {\n  SetStateParams,\n  SetStateResult,\n  SnapId,\n} from '@metamask/snaps-sdk';\nimport type { JsonObject } from '@metamask/snaps-sdk/jsx';\nimport {\n  getJsonSizeUnsafe,\n  type InferMatching,\n  type Snap,\n} from '@metamask/snaps-utils';\nimport {\n  boolean,\n  create,\n  object as objectStruct,\n  optional,\n  StructError,\n} from '@metamask/superstruct';\nimport type {\n  PendingJsonRpcResponse,\n  Json,\n  JsonRpcRequest,\n} from '@metamask/utils';\nimport { hasProperty, isObject, assert, JsonStruct } from '@metamask/utils';\nimport { Mutex } from 'async-mutex';\n\nimport {\n  manageStateBuilder,\n  STORAGE_SIZE_LIMIT,\n} from '../restricted/manageState';\nimport type { MethodHooksObject } from '../utils';\nimport { FORBIDDEN_KEYS, StateKeyStruct } from '../utils';\n\nconst methodName = 'snap_setState';\n\nconst hookNames: MethodHooksObject<SetStateHooks> = {\n  hasPermission: true,\n  getSnapState: true,\n  getUnlockPromise: true,\n  updateSnapState: true,\n  getSnap: true,\n};\n\n/**\n * Allow the Snap to persist up to 64 MB of data to disk and retrieve it at\n * will. By default, the data is automatically encrypted using a Snap-specific\n * key and automatically decrypted when retrieved. You can set `encrypted` to\n * `false` to use unencrypted storage (available when the client is locked).\n *\n * If the key is `undefined`, the value is expected to be an object. In this\n * case, the value is set as the new root state.\n *\n * If the key is not `undefined`, the value is set in the state at the key. If\n * the key does not exist, it is created (and any missing intermediate keys are\n * created as well).\n *\n * @example\n * ```json name=\"Manifest\"\n * {\n *   \"initialPermissions\": {\n *     \"snap_manageState\": {}\n *   }\n * }\n * ```\n * ```ts name=\"Usage\"\n * // Set the entire state:\n * await snap.request({\n *   method: 'snap_setState',\n *   params: {\n *     value: {\n *       some: {\n *         nested: {\n *           value: 'Hello, world!',\n *         },\n *       },\n *     },\n *     encrypted: true, // Optional, defaults to `true`\n *   },\n * });\n *\n * // Set a specific value within the state:\n * await snap.request({\n *   method: 'snap_setState',\n *   params: {\n *     key: 'some.nested.value',\n *     value: 'Hello, world!',\n *     encrypted: true, // Optional, defaults to `true`\n *   },\n * });\n * ```\n */\nexport const setStateHandler = {\n  methodNames: [methodName] as const,\n  implementation: setStateImplementation,\n  hookNames,\n} satisfies PermittedHandlerExport<\n  SetStateHooks,\n  SetStateParameters,\n  SetStateResult\n>;\n\nexport type SetStateHooks = {\n  /**\n   * Check if the requesting origin has a given permission.\n   *\n   * @param permissionName - The name of the permission to check.\n   * @returns Whether the origin has the permission.\n   */\n  hasPermission: (permissionName: string) => boolean;\n\n  /**\n   * Get the state of the requesting Snap.\n   *\n   * @param encrypted - Whether the state is encrypted.\n   * @returns The current state of the Snap.\n   */\n  getSnapState: (encrypted: boolean) => Promise<Record<string, Json>>;\n\n  /**\n   * Wait for the extension to be unlocked.\n   *\n   * @returns A promise that resolves once the extension is unlocked.\n   */\n  getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;\n\n  /**\n   * Update the state of the requesting Snap.\n   *\n   * @param newState - The new state of the Snap.\n   * @param encrypted - Whether the state should be encrypted.\n   */\n  updateSnapState: (\n    newState: Record<string, Json>,\n    encrypted: boolean,\n  ) => Promise<void>;\n\n  /**\n   * Get Snap metadata.\n   *\n   * @param snapId - The ID of a Snap.\n   */\n  getSnap: (snapId: string) => Snap | undefined;\n};\n\nconst mutexes = new Map();\n\n/**\n * Get the corresponding state modification mutex for a given Snap ID.\n *\n * @param snapId - The Snap ID.\n * @returns A mutex for that specific Snap.\n */\nfunction getMutex(snapId: SnapId) {\n  if (!mutexes.has(snapId)) {\n    mutexes.set(snapId, new Mutex());\n  }\n  return mutexes.get(snapId);\n}\n\nconst SetStateParametersStruct = objectStruct({\n  key: optional(StateKeyStruct),\n  value: JsonStruct,\n  encrypted: optional(boolean()),\n});\n\nexport type SetStateParameters = InferMatching<\n  typeof SetStateParametersStruct,\n  SetStateParams\n>;\n\n/**\n * The `snap_setState` method implementation.\n *\n * @param request - The JSON-RPC request object.\n * @param response - The JSON-RPC response object.\n * @param _next - The `json-rpc-engine` \"next\" callback. Not used by this\n * function.\n * @param end - The `json-rpc-engine` \"end\" callback.\n * @param hooks - The RPC method hooks.\n * @param hooks.hasPermission - Check whether a given origin has a given\n * permission.\n * @param hooks.getSnapState - Get the state of the requesting Snap.\n * @param hooks.getUnlockPromise - Wait for the extension to be unlocked.\n * @param hooks.updateSnapState - Update the state of the requesting Snap.\n * @param hooks.getSnap - The hook function to get Snap metadata.\n * @returns Nothing.\n */\nasync function setStateImplementation(\n  request: JsonRpcRequest<SetStateParameters>,\n  response: PendingJsonRpcResponse<SetStateResult>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  {\n    hasPermission,\n    getSnapState,\n    getUnlockPromise,\n    updateSnapState,\n    getSnap,\n  }: SetStateHooks,\n): Promise<void> {\n  const { params } = request;\n\n  if (!hasPermission(manageStateBuilder.targetName)) {\n    return end(providerErrors.unauthorized());\n  }\n\n  try {\n    const validatedParams = getValidatedParams(params);\n    const { key, value, encrypted = true } = validatedParams;\n\n    if (key === undefined && !isObject(value)) {\n      return end(\n        rpcErrors.invalidParams(\n          'Invalid params: Value must be an object if key is not provided.',\n        ),\n      );\n    }\n\n    if (encrypted) {\n      await getUnlockPromise(true);\n    }\n\n    const snapId = (\n      request as JsonRpcRequest<SetStateParams> & { origin: string }\n    ).origin as SnapId;\n\n    const mutex = getMutex(snapId);\n\n    // The expectation when using `snap_setState` is for the operation to safe\n    // to do in parallel. The mutex ensures that and prevents a bug that was\n    // mostly prevalent on mobile and caused data loss.\n    await mutex.runExclusive(async () => {\n      const newState = await getNewState(key, value, encrypted, getSnapState);\n\n      const snap = getSnap(snapId);\n\n      if (!snap?.preinstalled) {\n        // We know that the state is valid JSON as per previous validation.\n        const size = getJsonSizeUnsafe(newState, true);\n        if (size > STORAGE_SIZE_LIMIT) {\n          throw rpcErrors.invalidParams({\n            message: `Invalid params: The new state must not exceed ${\n              STORAGE_SIZE_LIMIT / 1_000_000\n            } MB in size.`,\n          });\n        }\n      }\n\n      await updateSnapState(newState, encrypted);\n      response.result = null;\n    });\n  } catch (error) {\n    return end(error);\n  }\n\n  return end();\n}\n\n/**\n * Validate the parameters of the `snap_setState` method.\n *\n * @param params - The parameters to validate.\n * @returns The validated parameters.\n */\nfunction getValidatedParams(params?: unknown) {\n  try {\n    return create(params, SetStateParametersStruct);\n  } catch (error) {\n    if (error instanceof StructError) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid params: ${error.message}.`,\n      });\n    }\n\n    /* istanbul ignore next */\n    throw rpcErrors.internal();\n  }\n}\n\n/**\n * Get the new state of the Snap.\n *\n * If the key is `undefined`, the value is expected to be an object. In this\n * case, the value is returned as the new state.\n *\n * If the key is not `undefined`, the value is set in the state at the key. If\n * the key does not exist, it is created (and any missing intermediate keys are\n * created as well).\n *\n * @param key - The key to set.\n * @param value - The value to set the key to.\n * @param encrypted - Whether the state is encrypted.\n * @param getSnapState - The `getSnapState` hook.\n * @returns The new state of the Snap.\n */\nasync function getNewState(\n  key: string | undefined,\n  value: Json,\n  encrypted: boolean,\n  getSnapState: SetStateHooks['getSnapState'],\n) {\n  if (key === undefined) {\n    assert(isObject(value));\n    return value;\n  }\n\n  const state = await getSnapState(encrypted);\n  return set(state, key, value);\n}\n\n/**\n * Set the value of a key in an object. The key may contain Lodash-style path\n * syntax, e.g., `a.b.c` (with the exception of array syntax). If the key does\n * not exist, it is created (and any missing intermediate keys are created as\n * well).\n *\n * This is a simplified version of Lodash's `set` function, but Lodash doesn't\n * seem to be maintained anymore, so we're using our own implementation.\n *\n * @param object - The object to get the key from.\n * @param key - The key to set.\n * @param value - The value to set the key to.\n * @returns The new object with the key set to the value.\n */\nexport function set(\n  object: Record<string, Json> | null,\n  key: string,\n  value: Json,\n): JsonObject {\n  const keys = key.split('.');\n  const requiredObject = object ?? {};\n  let currentObject: Record<string, Json> = requiredObject;\n\n  for (let i = 0; i < keys.length; i++) {\n    const currentKey = keys[i];\n    if (FORBIDDEN_KEYS.includes(currentKey)) {\n      throw rpcErrors.invalidParams(\n        'Invalid params: Key contains forbidden characters.',\n      );\n    }\n\n    if (i === keys.length - 1) {\n      currentObject[currentKey] = value;\n      return requiredObject;\n    }\n\n    if (\n      !hasProperty(currentObject, currentKey) ||\n      currentObject[currentKey] === null\n    ) {\n      currentObject[currentKey] = {};\n    } else if (!isObject(currentObject[currentKey])) {\n      throw rpcErrors.invalidParams(\n        'Invalid params: Cannot overwrite non-object value.',\n      );\n    }\n\n    currentObject = currentObject[currentKey] as Record<string, Json>;\n  }\n\n  // This should never be reached.\n  /* istanbul ignore next */\n  throw new Error('Unexpected error while setting the state.');\n}\n"]}
+{"version":3,"file":"setState.cjs","sourceRoot":"","sources":["../../src/permitted/setState.ts"],"names":[],"mappings":";;;AAMA,qDAAiE;AAOjE,uDAA8E;AAC9E,uDAM+B;AAE/B,2CAA4E;AAC5E,6CAAoC;AAEpC,+DAGmC;AAQnC,wCAA0D;AAE1D,MAAM,SAAS,GAA2C;IACxD,gBAAgB,EAAE,IAAI;CACvB,CAAC;AAiBF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+CG;AACU,QAAA,eAAe,GAAG;IAC7B,cAAc,EAAE,sBAAsB;IACtC,SAAS;IACT,WAAW,EAAE;QACX,oCAAoC;QACpC,6BAA6B;QAC7B,gCAAgC;QAChC,wBAAwB;KACzB;CAOF,CAAC;AAEF,MAAM,OAAO,GAAG,IAAI,GAAG,EAAE,CAAC;AAE1B;;;;;GAKG;AACH,SAAS,QAAQ,CAAC,MAAc;IAC9B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,mBAAK,EAAE,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,wBAAwB,GAAG,IAAA,oBAAY,EAAC;IAC5C,GAAG,EAAE,IAAA,sBAAQ,EAAC,sBAAc,CAAC;IAC7B,KAAK,EAAE,kBAAU;IACjB,SAAS,EAAE,IAAA,sBAAQ,EAAC,IAAA,qBAAO,GAAE,CAAC;CAC/B,CAAC,CAAC;AAOH;;;;;;;;;;;;GAYG;AACH,KAAK,UAAU,sBAAsB,CACnC,OAAqD,EACrD,QAAgD,EAChD,KAAc,EACd,GAA6B,EAC7B,EAAE,gBAAgB,EAAuB,EACzC,SAAmD;IAEnD,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAEnC,IACE,CAAC,SAAS,CAAC,IAAI,CACb,oCAAoC,EACpC,MAAM,EACN,gCAAkB,CAAC,UAAU,CAC9B,EACD,CAAC;QACD,OAAO,GAAG,CAAC,2BAAc,CAAC,YAAY,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACnD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,GAAG,IAAI,EAAE,GAAG,eAAe,CAAC;QAEzD,IAAI,GAAG,KAAK,SAAS,IAAI,CAAC,IAAA,gBAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC1C,OAAO,GAAG,CACR,sBAAS,CAAC,aAAa,CACrB,iEAAiE,CAClE,CACF,CAAC;QACJ,CAAC;QAED,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC;QAED,MAAM,MAAM,GAAG,MAAgB,CAAC;QAEhC,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAE/B,0EAA0E;QAC1E,wEAAwE;QACxE,mDAAmD;QACnD,MAAM,KAAK,CAAC,YAAY,CAAC,KAAK,IAAI,EAAE;YAClC,MAAM,QAAQ,GAAG,MAAM,WAAW,CAChC,MAAM,EACN,GAAG,EACH,KAAK,EACL,SAAS,EACT,SAAS,CACV,CAAC;YAEF,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,wBAAwB,EAAE,MAAM,CAAC,CAAC;YAE9D,IAAI,CAAC,IAAI,EAAE,YAAY,EAAE,CAAC;gBACxB,mEAAmE;gBACnE,MAAM,IAAI,GAAG,IAAA,+BAAiB,EAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;gBAC/C,IAAI,IAAI,GAAG,gCAAkB,EAAE,CAAC;oBAC9B,MAAM,sBAAS,CAAC,aAAa,CAAC;wBAC5B,OAAO,EAAE,iDACP,gCAAkB,GAAG,OACvB,cAAc;qBACf,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,MAAM,SAAS,CAAC,IAAI,CAClB,gCAAgC,EAChC,MAAM,EACN,QAAQ,EACR,SAAS,CACV,CAAC;YACF,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC;QACzB,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC;IACpB,CAAC;IAED,OAAO,GAAG,EAAE,CAAC;AACf,CAAC;AAED;;;;;GAKG;AACH,SAAS,kBAAkB,CAAC,MAAgB;IAC1C,IAAI,CAAC;QACH,OAAO,IAAA,oBAAM,EAAC,MAAM,EAAE,wBAAwB,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,yBAAW,EAAE,CAAC;YACjC,MAAM,sBAAS,CAAC,aAAa,CAAC;gBAC5B,OAAO,EAAE,mBAAmB,KAAK,CAAC,OAAO,GAAG;aAC7C,CAAC,CAAC;QACL,CAAC;QAED,0BAA0B;QAC1B,MAAM,sBAAS,CAAC,QAAQ,EAAE,CAAC;IAC7B,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,UAAU,WAAW,CACxB,MAAc,EACd,GAAuB,EACvB,KAAW,EACX,SAAkB,EAClB,SAAmD;IAEnD,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,IAAA,cAAM,EAAC,IAAA,gBAAQ,EAAC,KAAK,CAAC,CAAC,CAAC;QACxB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,IAAI,CAChC,6BAA6B,EAC7B,MAAM,EACN,SAAS,CACV,CAAC;IACF,OAAO,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,SAAgB,GAAG,CACjB,MAAmC,EACnC,GAAW,EACX,KAAW;IAEX,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,cAAc,GAAG,MAAM,IAAI,EAAE,CAAC;IACpC,IAAI,aAAa,GAAyB,cAAc,CAAC;IAEzD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3B,IAAI,sBAAc,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACxC,MAAM,sBAAS,CAAC,aAAa,CAC3B,oDAAoD,CACrD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,aAAa,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC;YAClC,OAAO,cAAc,CAAC;QACxB,CAAC;QAED,IACE,CAAC,IAAA,mBAAW,EAAC,aAAa,EAAE,UAAU,CAAC;YACvC,aAAa,CAAC,UAAU,CAAC,KAAK,IAAI,EAClC,CAAC;YACD,aAAa,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC;QACjC,CAAC;aAAM,IAAI,CAAC,IAAA,gBAAQ,EAAC,aAAa,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YAChD,MAAM,sBAAS,CAAC,aAAa,CAC3B,oDAAoD,CACrD,CAAC;QACJ,CAAC;QAED,aAAa,GAAG,aAAa,CAAC,UAAU,CAAyB,CAAC;IACpE,CAAC;IAED,gCAAgC;IAChC,0BAA0B;IAC1B,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;AAC/D,CAAC;AAvCD,kBAuCC","sourcesContent":["import type {\n  JsonRpcEngineEndCallback,\n  MethodHandler,\n} from '@metamask/json-rpc-engine';\nimport type { Messenger } from '@metamask/messenger';\nimport type { PermissionControllerHasPermissionAction } from '@metamask/permission-controller';\nimport { providerErrors, rpcErrors } from '@metamask/rpc-errors';\nimport type {\n  SetStateParams,\n  SetStateResult,\n  SnapId,\n} from '@metamask/snaps-sdk';\nimport type { JsonObject } from '@metamask/snaps-sdk/jsx';\nimport { getJsonSizeUnsafe, type InferMatching } from '@metamask/snaps-utils';\nimport {\n  boolean,\n  create,\n  object as objectStruct,\n  optional,\n  StructError,\n} from '@metamask/superstruct';\nimport type { PendingJsonRpcResponse, Json } from '@metamask/utils';\nimport { hasProperty, isObject, assert, JsonStruct } from '@metamask/utils';\nimport { Mutex } from 'async-mutex';\n\nimport {\n  manageStateBuilder,\n  STORAGE_SIZE_LIMIT,\n} from '../restricted/manageState';\nimport type {\n  JsonRpcRequestWithOrigin,\n  SnapControllerGetSnapAction,\n  SnapControllerGetSnapStateAction,\n  SnapControllerUpdateSnapStateAction,\n} from '../types';\nimport type { MethodHooksObject } from '../utils';\nimport { FORBIDDEN_KEYS, StateKeyStruct } from '../utils';\n\nconst hookNames: MethodHooksObject<SetStateMethodHooks> = {\n  getUnlockPromise: true,\n};\n\nexport type SetStateMethodHooks = {\n  /**\n   * Wait for the extension to be unlocked.\n   *\n   * @returns A promise that resolves once the extension is unlocked.\n   */\n  getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;\n};\n\nexport type SetStateMethodActions =\n  | PermissionControllerHasPermissionAction\n  | SnapControllerGetSnapStateAction\n  | SnapControllerUpdateSnapStateAction\n  | SnapControllerGetSnapAction;\n\n/**\n * Allow the Snap to persist up to 64 MB of data to disk and retrieve it at\n * will. By default, the data is automatically encrypted using a Snap-specific\n * key and automatically decrypted when retrieved. You can set `encrypted` to\n * `false` to use unencrypted storage (available when the client is locked).\n *\n * If the key is `undefined`, the value is expected to be an object. In this\n * case, the value is set as the new root state.\n *\n * If the key is not `undefined`, the value is set in the state at the key. If\n * the key does not exist, it is created (and any missing intermediate keys are\n * created as well).\n *\n * @example\n * ```json name=\"Manifest\"\n * {\n *   \"initialPermissions\": {\n *     \"snap_manageState\": {}\n *   }\n * }\n * ```\n * ```ts name=\"Usage\"\n * // Set the entire state:\n * await snap.request({\n *   method: 'snap_setState',\n *   params: {\n *     value: {\n *       some: {\n *         nested: {\n *           value: 'Hello, world!',\n *         },\n *       },\n *     },\n *     encrypted: true, // Optional, defaults to `true`\n *   },\n * });\n *\n * // Set a specific value within the state:\n * await snap.request({\n *   method: 'snap_setState',\n *   params: {\n *     key: 'some.nested.value',\n *     value: 'Hello, world!',\n *     encrypted: true, // Optional, defaults to `true`\n *   },\n * });\n * ```\n */\nexport const setStateHandler = {\n  implementation: setStateImplementation,\n  hookNames,\n  actionNames: [\n    'PermissionController:hasPermission',\n    'SnapController:getSnapState',\n    'SnapController:updateSnapState',\n    'SnapController:getSnap',\n  ],\n} satisfies MethodHandler<\n  SetStateMethodHooks,\n  SetStateMethodActions,\n  SetStateParameters,\n  SetStateResult,\n  { origin: SnapId }\n>;\n\nconst mutexes = new Map();\n\n/**\n * Get the corresponding state modification mutex for a given Snap ID.\n *\n * @param snapId - The Snap ID.\n * @returns A mutex for that specific Snap.\n */\nfunction getMutex(snapId: SnapId) {\n  if (!mutexes.has(snapId)) {\n    mutexes.set(snapId, new Mutex());\n  }\n  return mutexes.get(snapId);\n}\n\nconst SetStateParametersStruct = objectStruct({\n  key: optional(StateKeyStruct),\n  value: JsonStruct,\n  encrypted: optional(boolean()),\n});\n\nexport type SetStateParameters = InferMatching<\n  typeof SetStateParametersStruct,\n  SetStateParams\n>;\n\n/**\n * The `snap_setState` method implementation.\n *\n * @param request - The JSON-RPC request object.\n * @param response - The JSON-RPC response object.\n * @param _next - The `json-rpc-engine` \"next\" callback. Not used by this\n * function.\n * @param end - The `json-rpc-engine` \"end\" callback.\n * @param hooks - The RPC method hooks.\n * @param hooks.getUnlockPromise - Wait for the extension to be unlocked.\n * @param messenger - The messenger used to call controller actions.\n * @returns Nothing.\n */\nasync function setStateImplementation(\n  request: JsonRpcRequestWithOrigin<SetStateParameters>,\n  response: PendingJsonRpcResponse<SetStateResult>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  { getUnlockPromise }: SetStateMethodHooks,\n  messenger: Messenger<string, SetStateMethodActions>,\n): Promise<void> {\n  const { params, origin } = request;\n\n  if (\n    !messenger.call(\n      'PermissionController:hasPermission',\n      origin,\n      manageStateBuilder.targetName,\n    )\n  ) {\n    return end(providerErrors.unauthorized());\n  }\n\n  try {\n    const validatedParams = getValidatedParams(params);\n    const { key, value, encrypted = true } = validatedParams;\n\n    if (key === undefined && !isObject(value)) {\n      return end(\n        rpcErrors.invalidParams(\n          'Invalid params: Value must be an object if key is not provided.',\n        ),\n      );\n    }\n\n    if (encrypted) {\n      await getUnlockPromise(true);\n    }\n\n    const snapId = origin as SnapId;\n\n    const mutex = getMutex(snapId);\n\n    // The expectation when using `snap_setState` is for the operation to safe\n    // to do in parallel. The mutex ensures that and prevents a bug that was\n    // mostly prevalent on mobile and caused data loss.\n    await mutex.runExclusive(async () => {\n      const newState = await getNewState(\n        snapId,\n        key,\n        value,\n        encrypted,\n        messenger,\n      );\n\n      const snap = messenger.call('SnapController:getSnap', origin);\n\n      if (!snap?.preinstalled) {\n        // We know that the state is valid JSON as per previous validation.\n        const size = getJsonSizeUnsafe(newState, true);\n        if (size > STORAGE_SIZE_LIMIT) {\n          throw rpcErrors.invalidParams({\n            message: `Invalid params: The new state must not exceed ${\n              STORAGE_SIZE_LIMIT / 1_000_000\n            } MB in size.`,\n          });\n        }\n      }\n\n      await messenger.call(\n        'SnapController:updateSnapState',\n        origin,\n        newState,\n        encrypted,\n      );\n      response.result = null;\n    });\n  } catch (error) {\n    return end(error);\n  }\n\n  return end();\n}\n\n/**\n * Validate the parameters of the `snap_setState` method.\n *\n * @param params - The parameters to validate.\n * @returns The validated parameters.\n */\nfunction getValidatedParams(params?: unknown) {\n  try {\n    return create(params, SetStateParametersStruct);\n  } catch (error) {\n    if (error instanceof StructError) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid params: ${error.message}.`,\n      });\n    }\n\n    /* istanbul ignore next */\n    throw rpcErrors.internal();\n  }\n}\n\n/**\n * Get the new state of the Snap.\n *\n * If the key is `undefined`, the value is expected to be an object. In this\n * case, the value is returned as the new state.\n *\n * If the key is not `undefined`, the value is set in the state at the key. If\n * the key does not exist, it is created (and any missing intermediate keys are\n * created as well).\n *\n * @param snapId - The Snap ID.\n * @param key - The key to set.\n * @param value - The value to set the key to.\n * @param encrypted - Whether the state is encrypted.\n * @param messenger - The messenger used to call controller actions.\n * @returns The new state of the Snap.\n */\nasync function getNewState(\n  snapId: SnapId,\n  key: string | undefined,\n  value: Json,\n  encrypted: boolean,\n  messenger: Messenger<string, SetStateMethodActions>,\n): Promise<Record<string, Json>> {\n  if (key === undefined) {\n    assert(isObject(value));\n    return value;\n  }\n\n  const state = await messenger.call(\n    'SnapController:getSnapState',\n    snapId,\n    encrypted,\n  );\n  return set(state, key, value);\n}\n\n/**\n * Set the value of a key in an object. The key may contain Lodash-style path\n * syntax, e.g., `a.b.c` (with the exception of array syntax). If the key does\n * not exist, it is created (and any missing intermediate keys are created as\n * well).\n *\n * This is a simplified version of Lodash's `set` function, but Lodash doesn't\n * seem to be maintained anymore, so we're using our own implementation.\n *\n * @param object - The object to get the key from.\n * @param key - The key to set.\n * @param value - The value to set the key to.\n * @returns The new object with the key set to the value.\n */\nexport function set(\n  object: Record<string, Json> | null,\n  key: string,\n  value: Json,\n): JsonObject {\n  const keys = key.split('.');\n  const requiredObject = object ?? {};\n  let currentObject: Record<string, Json> = requiredObject;\n\n  for (let i = 0; i < keys.length; i++) {\n    const currentKey = keys[i];\n    if (FORBIDDEN_KEYS.includes(currentKey)) {\n      throw rpcErrors.invalidParams(\n        'Invalid params: Key contains forbidden characters.',\n      );\n    }\n\n    if (i === keys.length - 1) {\n      currentObject[currentKey] = value;\n      return requiredObject;\n    }\n\n    if (\n      !hasProperty(currentObject, currentKey) ||\n      currentObject[currentKey] === null\n    ) {\n      currentObject[currentKey] = {};\n    } else if (!isObject(currentObject[currentKey])) {\n      throw rpcErrors.invalidParams(\n        'Invalid params: Cannot overwrite non-object value.',\n      );\n    }\n\n    currentObject = currentObject[currentKey] as Record<string, Json>;\n  }\n\n  // This should never be reached.\n  /* istanbul ignore next */\n  throw new Error('Unexpected error while setting the state.');\n}\n"]}

package/dist/permitted/setState.d.cts

@@ -1,9 +1,21 @@
 import type { JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
+import type { Messenger } from "@metamask/messenger";
+import type { PermissionControllerHasPermissionAction } from "@metamask/permission-controller";
 import type { SetStateParams, SetStateResult } from "@metamask/snaps-sdk";
 import type { JsonObject } from "@metamask/snaps-sdk/jsx";
-import { type InferMatching, type Snap } from "@metamask/snaps-utils";
-import type { PendingJsonRpcResponse, Json, JsonRpcRequest } from "@metamask/utils";
+import { type InferMatching } from "@metamask/snaps-utils";
+import type { PendingJsonRpcResponse, Json } from "@metamask/utils";
+import type { JsonRpcRequestWithOrigin, SnapControllerGetSnapAction, SnapControllerGetSnapStateAction, SnapControllerUpdateSnapStateAction } from "../types.cjs";
 import type { MethodHooksObject } from "../utils.cjs";
+export type SetStateMethodHooks = {
+    /**
+     * Wait for the extension to be unlocked.
+     *
+     * @returns A promise that resolves once the extension is unlocked.
+     */
+    getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;
+};
+export type SetStateMethodActions = PermissionControllerHasPermissionAction | SnapControllerGetSnapStateAction | SnapControllerUpdateSnapStateAction | SnapControllerGetSnapAction;
 /**
  * Allow the Snap to persist up to 64 MB of data to disk and retrieve it at
  * will. By default, the data is automatically encrypted using a Snap-specific
@@ -53,44 +65,9 @@ import type { MethodHooksObject } from "../utils.cjs";
  * ```
  */
 export declare const setStateHandler: {
-    methodNames: ["snap_setState"];
     implementation: typeof setStateImplementation;
-    hookNames: MethodHooksObject<SetStateHooks>;
-};
-export type SetStateHooks = {
-    /**
-     * Check if the requesting origin has a given permission.
-     *
-     * @param permissionName - The name of the permission to check.
-     * @returns Whether the origin has the permission.
-     */
-    hasPermission: (permissionName: string) => boolean;
-    /**
-     * Get the state of the requesting Snap.
-     *
-     * @param encrypted - Whether the state is encrypted.
-     * @returns The current state of the Snap.
-     */
-    getSnapState: (encrypted: boolean) => Promise<Record<string, Json>>;
-    /**
-     * Wait for the extension to be unlocked.
-     *
-     * @returns A promise that resolves once the extension is unlocked.
-     */
-    getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;
-    /**
-     * Update the state of the requesting Snap.
-     *
-     * @param newState - The new state of the Snap.
-     * @param encrypted - Whether the state should be encrypted.
-     */
-    updateSnapState: (newState: Record<string, Json>, encrypted: boolean) => Promise<void>;
-    /**
-     * Get Snap metadata.
-     *
-     * @param snapId - The ID of a Snap.
-     */
-    getSnap: (snapId: string) => Snap | undefined;
+    hookNames: MethodHooksObject<SetStateMethodHooks>;
+    actionNames: ("SnapController:getSnap" | "SnapController:getSnapState" | "SnapController:updateSnapState" | "PermissionController:hasPermission")[];
 };
 declare const SetStateParametersStruct: import("@metamask/superstruct").Struct<{
     value: Json;
@@ -111,15 +88,11 @@ export type SetStateParameters = InferMatching<typeof SetStateParametersStruct,
  * function.
  * @param end - The `json-rpc-engine` "end" callback.
  * @param hooks - The RPC method hooks.
- * @param hooks.hasPermission - Check whether a given origin has a given
- * permission.
- * @param hooks.getSnapState - Get the state of the requesting Snap.
  * @param hooks.getUnlockPromise - Wait for the extension to be unlocked.
- * @param hooks.updateSnapState - Update the state of the requesting Snap.
- * @param hooks.getSnap - The hook function to get Snap metadata.
+ * @param messenger - The messenger used to call controller actions.
  * @returns Nothing.
  */
-declare function setStateImplementation(request: JsonRpcRequest<SetStateParameters>, response: PendingJsonRpcResponse<SetStateResult>, _next: unknown, end: JsonRpcEngineEndCallback, { hasPermission, getSnapState, getUnlockPromise, updateSnapState, getSnap, }: SetStateHooks): Promise<void>;
+declare function setStateImplementation(request: JsonRpcRequestWithOrigin<SetStateParameters>, response: PendingJsonRpcResponse<SetStateResult>, _next: unknown, end: JsonRpcEngineEndCallback, { getUnlockPromise }: SetStateMethodHooks, messenger: Messenger<string, SetStateMethodActions>): Promise<void>;
 /**
  * Set the value of a key in an object. The key may contain Lodash-style path
  * syntax, e.g., `a.b.c` (with the exception of array syntax). If the key does

package/dist/permitted/setState.d.cts.map

@@ -1 +1 @@
-{"version":3,"file":"setState.d.cts","sourceRoot":"","sources":["../../src/permitted/setState.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,wBAAwB,EAAE,kCAAkC;AAG1E,OAAO,KAAK,EACV,cAAc,EACd,cAAc,EAEf,4BAA4B;AAC7B,OAAO,KAAK,EAAE,UAAU,EAAE,gCAAgC;AAC1D,OAAO,EAEL,KAAK,aAAa,EAClB,KAAK,IAAI,EACV,8BAA8B;AAQ/B,OAAO,KAAK,EACV,sBAAsB,EACtB,IAAI,EACJ,cAAc,EACf,wBAAwB;AAQzB,OAAO,KAAK,EAAE,iBAAiB,EAAE,qBAAiB;AAalD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+CG;AACH,eAAO,MAAM,eAAe;;;;CAQ3B,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B;;;;;OAKG;IACH,aAAa,EAAE,CAAC,cAAc,EAAE,MAAM,KAAK,OAAO,CAAC;IAEnD;;;;;OAKG;IACH,YAAY,EAAE,CAAC,SAAS,EAAE,OAAO,KAAK,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;IAEpE;;;;OAIG;IACH,gBAAgB,EAAE,CAAC,uBAAuB,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtE;;;;;OAKG;IACH,eAAe,EAAE,CACf,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,EAC9B,SAAS,EAAE,OAAO,KACf,OAAO,CAAC,IAAI,CAAC,CAAC;IAEnB;;;;OAIG;IACH,OAAO,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,GAAG,SAAS,CAAC;CAC/C,CAAC;AAiBF,QAAA,MAAM,wBAAwB;;;;;;;;EAI5B,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,aAAa,CAC5C,OAAO,wBAAwB,EAC/B,cAAc,CACf,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,iBAAe,sBAAsB,CACnC,OAAO,EAAE,cAAc,CAAC,kBAAkB,CAAC,EAC3C,QAAQ,EAAE,sBAAsB,CAAC,cAAc,CAAC,EAChD,KAAK,EAAE,OAAO,EACd,GAAG,EAAE,wBAAwB,EAC7B,EACE,aAAa,EACb,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,OAAO,GACR,EAAE,aAAa,GACf,OAAO,CAAC,IAAI,CAAC,CAyDf;AAsDD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,GAAG,CACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,IAAI,EACnC,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,IAAI,GACV,UAAU,CAmCZ"}
+{"version":3,"file":"setState.d.cts","sourceRoot":"","sources":["../../src/permitted/setState.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,wBAAwB,EAEzB,kCAAkC;AACnC,OAAO,KAAK,EAAE,SAAS,EAAE,4BAA4B;AACrD,OAAO,KAAK,EAAE,uCAAuC,EAAE,wCAAwC;AAE/F,OAAO,KAAK,EACV,cAAc,EACd,cAAc,EAEf,4BAA4B;AAC7B,OAAO,KAAK,EAAE,UAAU,EAAE,gCAAgC;AAC1D,OAAO,EAAqB,KAAK,aAAa,EAAE,8BAA8B;AAQ9E,OAAO,KAAK,EAAE,sBAAsB,EAAE,IAAI,EAAE,wBAAwB;AAQpE,OAAO,KAAK,EACV,wBAAwB,EACxB,2BAA2B,EAC3B,gCAAgC,EAChC,mCAAmC,EACpC,qBAAiB;AAClB,OAAO,KAAK,EAAE,iBAAiB,EAAE,qBAAiB;AAOlD,MAAM,MAAM,mBAAmB,GAAG;IAChC;;;;OAIG;IACH,gBAAgB,EAAE,CAAC,uBAAuB,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACvE,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAC7B,uCAAuC,GACvC,gCAAgC,GAChC,mCAAmC,GACnC,2BAA2B,CAAC;AAEhC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+CG;AACH,eAAO,MAAM,eAAe;;;;CAe3B,CAAC;AAiBF,QAAA,MAAM,wBAAwB;;;;;;;;EAI5B,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,aAAa,CAC5C,OAAO,wBAAwB,EAC/B,cAAc,CACf,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,iBAAe,sBAAsB,CACnC,OAAO,EAAE,wBAAwB,CAAC,kBAAkB,CAAC,EACrD,QAAQ,EAAE,sBAAsB,CAAC,cAAc,CAAC,EAChD,KAAK,EAAE,OAAO,EACd,GAAG,EAAE,wBAAwB,EAC7B,EAAE,gBAAgB,EAAE,EAAE,mBAAmB,EACzC,SAAS,EAAE,SAAS,CAAC,MAAM,EAAE,qBAAqB,CAAC,GAClD,OAAO,CAAC,IAAI,CAAC,CAwEf;AA4DD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,GAAG,CACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,IAAI,EACnC,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,IAAI,GACV,UAAU,CAmCZ"}

package/dist/permitted/setState.d.mts

@@ -1,9 +1,21 @@
 import type { JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
+import type { Messenger } from "@metamask/messenger";
+import type { PermissionControllerHasPermissionAction } from "@metamask/permission-controller";
 import type { SetStateParams, SetStateResult } from "@metamask/snaps-sdk";
 import type { JsonObject } from "@metamask/snaps-sdk/jsx";
-import { type InferMatching, type Snap } from "@metamask/snaps-utils";
-import type { PendingJsonRpcResponse, Json, JsonRpcRequest } from "@metamask/utils";
+import { type InferMatching } from "@metamask/snaps-utils";
+import type { PendingJsonRpcResponse, Json } from "@metamask/utils";
+import type { JsonRpcRequestWithOrigin, SnapControllerGetSnapAction, SnapControllerGetSnapStateAction, SnapControllerUpdateSnapStateAction } from "../types.mjs";
 import type { MethodHooksObject } from "../utils.mjs";
+export type SetStateMethodHooks = {
+    /**
+     * Wait for the extension to be unlocked.
+     *
+     * @returns A promise that resolves once the extension is unlocked.
+     */
+    getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;
+};
+export type SetStateMethodActions = PermissionControllerHasPermissionAction | SnapControllerGetSnapStateAction | SnapControllerUpdateSnapStateAction | SnapControllerGetSnapAction;
 /**
  * Allow the Snap to persist up to 64 MB of data to disk and retrieve it at
  * will. By default, the data is automatically encrypted using a Snap-specific
@@ -53,44 +65,9 @@ import type { MethodHooksObject } from "../utils.mjs";
  * ```
  */
 export declare const setStateHandler: {
-    methodNames: ["snap_setState"];
     implementation: typeof setStateImplementation;
-    hookNames: MethodHooksObject<SetStateHooks>;
-};
-export type SetStateHooks = {
-    /**
-     * Check if the requesting origin has a given permission.
-     *
-     * @param permissionName - The name of the permission to check.
-     * @returns Whether the origin has the permission.
-     */
-    hasPermission: (permissionName: string) => boolean;
-    /**
-     * Get the state of the requesting Snap.
-     *
-     * @param encrypted - Whether the state is encrypted.
-     * @returns The current state of the Snap.
-     */
-    getSnapState: (encrypted: boolean) => Promise<Record<string, Json>>;
-    /**
-     * Wait for the extension to be unlocked.
-     *
-     * @returns A promise that resolves once the extension is unlocked.
-     */
-    getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;
-    /**
-     * Update the state of the requesting Snap.
-     *
-     * @param newState - The new state of the Snap.
-     * @param encrypted - Whether the state should be encrypted.
-     */
-    updateSnapState: (newState: Record<string, Json>, encrypted: boolean) => Promise<void>;
-    /**
-     * Get Snap metadata.
-     *
-     * @param snapId - The ID of a Snap.
-     */
-    getSnap: (snapId: string) => Snap | undefined;
+    hookNames: MethodHooksObject<SetStateMethodHooks>;
+    actionNames: ("SnapController:getSnap" | "SnapController:getSnapState" | "SnapController:updateSnapState" | "PermissionController:hasPermission")[];
 };
 declare const SetStateParametersStruct: import("@metamask/superstruct").Struct<{
     value: Json;
@@ -111,15 +88,11 @@ export type SetStateParameters = InferMatching<typeof SetStateParametersStruct,
  * function.
  * @param end - The `json-rpc-engine` "end" callback.
  * @param hooks - The RPC method hooks.
- * @param hooks.hasPermission - Check whether a given origin has a given
- * permission.
- * @param hooks.getSnapState - Get the state of the requesting Snap.
  * @param hooks.getUnlockPromise - Wait for the extension to be unlocked.
- * @param hooks.updateSnapState - Update the state of the requesting Snap.
- * @param hooks.getSnap - The hook function to get Snap metadata.
+ * @param messenger - The messenger used to call controller actions.
  * @returns Nothing.
  */
-declare function setStateImplementation(request: JsonRpcRequest<SetStateParameters>, response: PendingJsonRpcResponse<SetStateResult>, _next: unknown, end: JsonRpcEngineEndCallback, { hasPermission, getSnapState, getUnlockPromise, updateSnapState, getSnap, }: SetStateHooks): Promise<void>;
+declare function setStateImplementation(request: JsonRpcRequestWithOrigin<SetStateParameters>, response: PendingJsonRpcResponse<SetStateResult>, _next: unknown, end: JsonRpcEngineEndCallback, { getUnlockPromise }: SetStateMethodHooks, messenger: Messenger<string, SetStateMethodActions>): Promise<void>;
 /**
  * Set the value of a key in an object. The key may contain Lodash-style path
  * syntax, e.g., `a.b.c` (with the exception of array syntax). If the key does

package/dist/permitted/setState.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"setState.d.mts","sourceRoot":"","sources":["../../src/permitted/setState.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,wBAAwB,EAAE,kCAAkC;AAG1E,OAAO,KAAK,EACV,cAAc,EACd,cAAc,EAEf,4BAA4B;AAC7B,OAAO,KAAK,EAAE,UAAU,EAAE,gCAAgC;AAC1D,OAAO,EAEL,KAAK,aAAa,EAClB,KAAK,IAAI,EACV,8BAA8B;AAQ/B,OAAO,KAAK,EACV,sBAAsB,EACtB,IAAI,EACJ,cAAc,EACf,wBAAwB;AAQzB,OAAO,KAAK,EAAE,iBAAiB,EAAE,qBAAiB;AAalD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+CG;AACH,eAAO,MAAM,eAAe;;;;CAQ3B,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B;;;;;OAKG;IACH,aAAa,EAAE,CAAC,cAAc,EAAE,MAAM,KAAK,OAAO,CAAC;IAEnD;;;;;OAKG;IACH,YAAY,EAAE,CAAC,SAAS,EAAE,OAAO,KAAK,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;IAEpE;;;;OAIG;IACH,gBAAgB,EAAE,CAAC,uBAAuB,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtE;;;;;OAKG;IACH,eAAe,EAAE,CACf,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,EAC9B,SAAS,EAAE,OAAO,KACf,OAAO,CAAC,IAAI,CAAC,CAAC;IAEnB;;;;OAIG;IACH,OAAO,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,GAAG,SAAS,CAAC;CAC/C,CAAC;AAiBF,QAAA,MAAM,wBAAwB;;;;;;;;EAI5B,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,aAAa,CAC5C,OAAO,wBAAwB,EAC/B,cAAc,CACf,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,iBAAe,sBAAsB,CACnC,OAAO,EAAE,cAAc,CAAC,kBAAkB,CAAC,EAC3C,QAAQ,EAAE,sBAAsB,CAAC,cAAc,CAAC,EAChD,KAAK,EAAE,OAAO,EACd,GAAG,EAAE,wBAAwB,EAC7B,EACE,aAAa,EACb,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,OAAO,GACR,EAAE,aAAa,GACf,OAAO,CAAC,IAAI,CAAC,CAyDf;AAsDD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,GAAG,CACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,IAAI,EACnC,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,IAAI,GACV,UAAU,CAmCZ"}
+{"version":3,"file":"setState.d.mts","sourceRoot":"","sources":["../../src/permitted/setState.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,wBAAwB,EAEzB,kCAAkC;AACnC,OAAO,KAAK,EAAE,SAAS,EAAE,4BAA4B;AACrD,OAAO,KAAK,EAAE,uCAAuC,EAAE,wCAAwC;AAE/F,OAAO,KAAK,EACV,cAAc,EACd,cAAc,EAEf,4BAA4B;AAC7B,OAAO,KAAK,EAAE,UAAU,EAAE,gCAAgC;AAC1D,OAAO,EAAqB,KAAK,aAAa,EAAE,8BAA8B;AAQ9E,OAAO,KAAK,EAAE,sBAAsB,EAAE,IAAI,EAAE,wBAAwB;AAQpE,OAAO,KAAK,EACV,wBAAwB,EACxB,2BAA2B,EAC3B,gCAAgC,EAChC,mCAAmC,EACpC,qBAAiB;AAClB,OAAO,KAAK,EAAE,iBAAiB,EAAE,qBAAiB;AAOlD,MAAM,MAAM,mBAAmB,GAAG;IAChC;;;;OAIG;IACH,gBAAgB,EAAE,CAAC,uBAAuB,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACvE,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAC7B,uCAAuC,GACvC,gCAAgC,GAChC,mCAAmC,GACnC,2BAA2B,CAAC;AAEhC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+CG;AACH,eAAO,MAAM,eAAe;;;;CAe3B,CAAC;AAiBF,QAAA,MAAM,wBAAwB;;;;;;;;EAI5B,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,aAAa,CAC5C,OAAO,wBAAwB,EAC/B,cAAc,CACf,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,iBAAe,sBAAsB,CACnC,OAAO,EAAE,wBAAwB,CAAC,kBAAkB,CAAC,EACrD,QAAQ,EAAE,sBAAsB,CAAC,cAAc,CAAC,EAChD,KAAK,EAAE,OAAO,EACd,GAAG,EAAE,wBAAwB,EAC7B,EAAE,gBAAgB,EAAE,EAAE,mBAAmB,EACzC,SAAS,EAAE,SAAS,CAAC,MAAM,EAAE,qBAAqB,CAAC,GAClD,OAAO,CAAC,IAAI,CAAC,CAwEf;AA4DD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,GAAG,CACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,IAAI,EACnC,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,IAAI,GACV,UAAU,CAmCZ"}

package/dist/permitted/setState.mjs

@@ -5,13 +5,8 @@ import { hasProperty, isObject, assert, JsonStruct } from "@metamask/utils";
 import { Mutex } from "async-mutex";
 import { manageStateBuilder, STORAGE_SIZE_LIMIT } from "../restricted/manageState.mjs";
 import { FORBIDDEN_KEYS, StateKeyStruct } from "../utils.mjs";
-const methodName = 'snap_setState';
 const hookNames = {
-    hasPermission: true,
-    getSnapState: true,
     getUnlockPromise: true,
-    updateSnapState: true,
-    getSnap: true,
 };
 /**
  * Allow the Snap to persist up to 64 MB of data to disk and retrieve it at
@@ -62,9 +57,14 @@ const hookNames = {
  * ```
  */
 export const setStateHandler = {
-    methodNames: [methodName],
     implementation: setStateImplementation,
     hookNames,
+    actionNames: [
+        'PermissionController:hasPermission',
+        'SnapController:getSnapState',
+        'SnapController:updateSnapState',
+        'SnapController:getSnap',
+    ],
 };
 const mutexes = new Map();
 /**
@@ -93,17 +93,13 @@ const SetStateParametersStruct = objectStruct({
  * function.
  * @param end - The `json-rpc-engine` "end" callback.
  * @param hooks - The RPC method hooks.
- * @param hooks.hasPermission - Check whether a given origin has a given
- * permission.
- * @param hooks.getSnapState - Get the state of the requesting Snap.
  * @param hooks.getUnlockPromise - Wait for the extension to be unlocked.
- * @param hooks.updateSnapState - Update the state of the requesting Snap.
- * @param hooks.getSnap - The hook function to get Snap metadata.
+ * @param messenger - The messenger used to call controller actions.
  * @returns Nothing.
  */
-async function setStateImplementation(request, response, _next, end, { hasPermission, getSnapState, getUnlockPromise, updateSnapState, getSnap, }) {
-    const { params } = request;
-    if (!hasPermission(manageStateBuilder.targetName)) {
+async function setStateImplementation(request, response, _next, end, { getUnlockPromise }, messenger) {
+    const { params, origin } = request;
+    if (!messenger.call('PermissionController:hasPermission', origin, manageStateBuilder.targetName)) {
         return end(providerErrors.unauthorized());
     }
     try {
@@ -115,14 +111,14 @@ async function setStateImplementation(request, response, _next, end, { hasPermis
         if (encrypted) {
             await getUnlockPromise(true);
         }
-        const snapId = request.origin;
+        const snapId = origin;
         const mutex = getMutex(snapId);
         // The expectation when using `snap_setState` is for the operation to safe
         // to do in parallel. The mutex ensures that and prevents a bug that was
         // mostly prevalent on mobile and caused data loss.
         await mutex.runExclusive(async () => {
-            const newState = await getNewState(key, value, encrypted, getSnapState);
-            const snap = getSnap(snapId);
+            const newState = await getNewState(snapId, key, value, encrypted, messenger);
+            const snap = messenger.call('SnapController:getSnap', origin);
             if (!snap?.preinstalled) {
                 // We know that the state is valid JSON as per previous validation.
                 const size = getJsonSizeUnsafe(newState, true);
@@ -132,7 +128,7 @@ async function setStateImplementation(request, response, _next, end, { hasPermis
                     });
                 }
             }
-            await updateSnapState(newState, encrypted);
+            await messenger.call('SnapController:updateSnapState', origin, newState, encrypted);
             response.result = null;
         });
     }
@@ -171,18 +167,19 @@ function getValidatedParams(params) {
  * the key does not exist, it is created (and any missing intermediate keys are
  * created as well).
  *
+ * @param snapId - The Snap ID.
  * @param key - The key to set.
  * @param value - The value to set the key to.
  * @param encrypted - Whether the state is encrypted.
- * @param getSnapState - The `getSnapState` hook.
+ * @param messenger - The messenger used to call controller actions.
  * @returns The new state of the Snap.
  */
-async function getNewState(key, value, encrypted, getSnapState) {
+async function getNewState(snapId, key, value, encrypted, messenger) {
     if (key === undefined) {
         assert(isObject(value));
         return value;
     }
-    const state = await getSnapState(encrypted);
+    const state = await messenger.call('SnapController:getSnapState', snapId, encrypted);
     return set(state, key, value);
 }
 /**