@metamask/snaps-rpc-methods 3.1.0

package/dist/esm/utils.js

@@ -0,0 +1,124 @@
+import { SLIP10Node } from '@metamask/key-tree';
+import { add0x, assert, concatBytes, createDataView, stringToBytes } from '@metamask/utils';
+import { keccak_256 as keccak256 } from '@noble/hashes/sha3';
+const HARDENED_VALUE = 0x80000000;
+/**
+ * Returns the subset of the specified `hooks` that are included in the
+ * `hookNames` object. This is a Principle of Least Authority (POLA) measure
+ * to ensure that each RPC method implementation only has access to the
+ * API "hooks" it needs to do its job.
+ *
+ * @param hooks - The hooks to select from.
+ * @param hookNames - The names of the hooks to select.
+ * @returns The selected hooks.
+ * @template Hooks - The hooks to select from.
+ * @template HookName - The names of the hooks to select.
+ */ export function selectHooks(hooks, hookNames) {
+    if (hookNames) {
+        return Object.keys(hookNames).reduce((hookSubset, _hookName)=>{
+            const hookName = _hookName;
+            hookSubset[hookName] = hooks[hookName];
+            return hookSubset;
+        }, {});
+    }
+    return undefined;
+}
+/**
+ * Get a BIP-32 derivation path array from a hash, which is compatible with
+ * `@metamask/key-tree`. The hash is assumed to be 32 bytes long.
+ *
+ * @param hash - The hash to derive indices from.
+ * @returns The derived indices as a {@link HardenedBIP32Node} array.
+ */ function getDerivationPathArray(hash) {
+    const array = [];
+    const view = createDataView(hash);
+    for(let index = 0; index < 8; index++){
+        const uint32 = view.getUint32(index * 4);
+        // This is essentially `index | 0x80000000`. Because JavaScript numbers are
+        // signed, we use the bitwise unsigned right shift operator to ensure that
+        // the result is a positive number.
+        // eslint-disable-next-line no-bitwise
+        const pathIndex = (uint32 | HARDENED_VALUE) >>> 0;
+        array.push(`bip32:${pathIndex - HARDENED_VALUE}'`);
+    }
+    return array;
+}
+/**
+ * Derive entropy from the given mnemonic phrase and salt.
+ *
+ * This is based on the reference implementation of
+ * [SIP-6](https://metamask.github.io/SIPs/SIPS/sip-6).
+ *
+ * @param options - The options for entropy derivation.
+ * @param options.input - The input value to derive entropy from.
+ * @param options.salt - An optional salt to use when deriving entropy.
+ * @param options.mnemonicPhrase - The mnemonic phrase to use for entropy
+ * derivation.
+ * @param options.magic - A hardened BIP-32 index, which is used to derive the
+ * root key from the mnemonic phrase.
+ * @returns The derived entropy.
+ */ export async function deriveEntropy({ input, salt = '', mnemonicPhrase, magic }) {
+    const inputBytes = stringToBytes(input);
+    const saltBytes = stringToBytes(salt);
+    // Get the derivation path from the snap ID.
+    const hash = keccak256(concatBytes([
+        inputBytes,
+        keccak256(saltBytes)
+    ]));
+    const computedDerivationPath = getDerivationPathArray(hash);
+    // Derive the private key using BIP-32.
+    const { privateKey } = await SLIP10Node.fromDerivationPath({
+        derivationPath: [
+            mnemonicPhrase,
+            `bip32:${magic}`,
+            ...computedDerivationPath
+        ],
+        curve: 'secp256k1'
+    });
+    // This should never happen, but this keeps TypeScript happy.
+    assert(privateKey, 'Failed to derive the entropy.');
+    return add0x(privateKey);
+}
+/**
+ * Get the path prefix to use for key derivation in `key-tree`. This assumes the
+ * following:
+ *
+ * - The Secp256k1 curve always use the BIP-32 specification.
+ * - The Ed25519 curve always use the SLIP-10 specification.
+ *
+ * While this does not matter in most situations (no known case at the time of
+ * writing), `key-tree` requires a specific specification to be used.
+ *
+ * @param curve - The curve to get the path prefix for. The curve is NOT
+ * validated by this function.
+ * @returns The path prefix, i.e., `secp256k1` or `ed25519`.
+ */ export function getPathPrefix(curve) {
+    if (curve === 'secp256k1') {
+        return 'bip32';
+    }
+    return 'slip10';
+}
+/**
+ * Get a `key-tree`-compatible node.
+ *
+ * Note: This function assumes that all the parameters have been validated
+ * beforehand.
+ *
+ * @param options - The derivation options.
+ * @param options.curve - The curve to use for derivation.
+ * @param options.secretRecoveryPhrase - The secret recovery phrase to use for
+ * derivation.
+ * @param options.path - The derivation path to use as array, starting with an
+ * "m" as the first item.
+ */ export async function getNode({ curve, secretRecoveryPhrase, path }) {
+    const prefix = getPathPrefix(curve);
+    return await SLIP10Node.fromDerivationPath({
+        curve,
+        derivationPath: [
+            secretRecoveryPhrase,
+            ...path.slice(1).map((index)=>`${prefix}:${index}`)
+        ]
+    });
+}
+
+//# sourceMappingURL=utils.js.map

package/dist/esm/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/utils.ts"],"sourcesContent":["import type {\n  HardenedBIP32Node,\n  BIP32Node,\n  SLIP10PathNode,\n} from '@metamask/key-tree';\nimport { SLIP10Node } from '@metamask/key-tree';\nimport type { MagicValue } from '@metamask/snaps-utils';\nimport type { Hex } from '@metamask/utils';\nimport {\n  add0x,\n  assert,\n  concatBytes,\n  createDataView,\n  stringToBytes,\n} from '@metamask/utils';\nimport { keccak_256 as keccak256 } from '@noble/hashes/sha3';\n\nconst HARDENED_VALUE = 0x80000000;\n\n/**\n * Maps an interface with method hooks to an object, using the keys of the\n * interface, and `true` as value. This ensures that the `methodHooks` object\n * has the same values as the interface.\n */\nexport type MethodHooksObject<HooksType extends Record<string, unknown>> = {\n  [Key in keyof HooksType]: true;\n};\n\n/**\n * Returns the subset of the specified `hooks` that are included in the\n * `hookNames` object. This is a Principle of Least Authority (POLA) measure\n * to ensure that each RPC method implementation only has access to the\n * API \"hooks\" it needs to do its job.\n *\n * @param hooks - The hooks to select from.\n * @param hookNames - The names of the hooks to select.\n * @returns The selected hooks.\n * @template Hooks - The hooks to select from.\n * @template HookName - The names of the hooks to select.\n */\nexport function selectHooks<\n  Hooks extends Record<string, unknown>,\n  HookName extends keyof Hooks,\n>(\n  hooks: Hooks,\n  hookNames?: Record<HookName, boolean>,\n): Pick<Hooks, HookName> | undefined {\n  if (hookNames) {\n    return Object.keys(hookNames).reduce<Partial<Pick<Hooks, HookName>>>(\n      (hookSubset, _hookName) => {\n        const hookName = _hookName as HookName;\n        hookSubset[hookName] = hooks[hookName];\n        return hookSubset;\n      },\n      {},\n    ) as Pick<Hooks, HookName>;\n  }\n  return undefined;\n}\n\n/**\n * Get a BIP-32 derivation path array from a hash, which is compatible with\n * `@metamask/key-tree`. The hash is assumed to be 32 bytes long.\n *\n * @param hash - The hash to derive indices from.\n * @returns The derived indices as a {@link HardenedBIP32Node} array.\n */\nfunction getDerivationPathArray(hash: Uint8Array): HardenedBIP32Node[] {\n  const array: HardenedBIP32Node[] = [];\n  const view = createDataView(hash);\n\n  for (let index = 0; index < 8; index++) {\n    const uint32 = view.getUint32(index * 4);\n\n    // This is essentially `index | 0x80000000`. Because JavaScript numbers are\n    // signed, we use the bitwise unsigned right shift operator to ensure that\n    // the result is a positive number.\n    // eslint-disable-next-line no-bitwise\n    const pathIndex = (uint32 | HARDENED_VALUE) >>> 0;\n    array.push(`bip32:${pathIndex - HARDENED_VALUE}'` as const);\n  }\n\n  return array;\n}\n\ntype DeriveEntropyOptions = {\n  /**\n   * The input value to derive entropy from.\n   */\n  input: string;\n\n  /**\n   * An optional salt to use when deriving entropy.\n   */\n  salt?: string;\n\n  /**\n   * The mnemonic phrase to use for entropy derivation.\n   */\n  mnemonicPhrase: Uint8Array;\n\n  /**\n   * A hardened BIP-32 index, which is used to derive the root key from the\n   * mnemonic phrase.\n   */\n  magic: MagicValue;\n};\n\n/**\n * Derive entropy from the given mnemonic phrase and salt.\n *\n * This is based on the reference implementation of\n * [SIP-6](https://metamask.github.io/SIPs/SIPS/sip-6).\n *\n * @param options - The options for entropy derivation.\n * @param options.input - The input value to derive entropy from.\n * @param options.salt - An optional salt to use when deriving entropy.\n * @param options.mnemonicPhrase - The mnemonic phrase to use for entropy\n * derivation.\n * @param options.magic - A hardened BIP-32 index, which is used to derive the\n * root key from the mnemonic phrase.\n * @returns The derived entropy.\n */\nexport async function deriveEntropy({\n  input,\n  salt = '',\n  mnemonicPhrase,\n  magic,\n}: DeriveEntropyOptions): Promise<Hex> {\n  const inputBytes = stringToBytes(input);\n  const saltBytes = stringToBytes(salt);\n\n  // Get the derivation path from the snap ID.\n  const hash = keccak256(concatBytes([inputBytes, keccak256(saltBytes)]));\n  const computedDerivationPath = getDerivationPathArray(hash);\n\n  // Derive the private key using BIP-32.\n  const { privateKey } = await SLIP10Node.fromDerivationPath({\n    derivationPath: [\n      mnemonicPhrase,\n      `bip32:${magic}`,\n      ...computedDerivationPath,\n    ],\n    curve: 'secp256k1',\n  });\n\n  // This should never happen, but this keeps TypeScript happy.\n  assert(privateKey, 'Failed to derive the entropy.');\n\n  return add0x(privateKey);\n}\n\n/**\n * Get the path prefix to use for key derivation in `key-tree`. This assumes the\n * following:\n *\n * - The Secp256k1 curve always use the BIP-32 specification.\n * - The Ed25519 curve always use the SLIP-10 specification.\n *\n * While this does not matter in most situations (no known case at the time of\n * writing), `key-tree` requires a specific specification to be used.\n *\n * @param curve - The curve to get the path prefix for. The curve is NOT\n * validated by this function.\n * @returns The path prefix, i.e., `secp256k1` or `ed25519`.\n */\nexport function getPathPrefix(\n  curve: 'secp256k1' | 'ed25519',\n): 'bip32' | 'slip10' {\n  if (curve === 'secp256k1') {\n    return 'bip32';\n  }\n\n  return 'slip10';\n}\n\ntype GetNodeArgs = {\n  curve: 'secp256k1' | 'ed25519';\n  secretRecoveryPhrase: Uint8Array;\n  path: string[];\n};\n\n/**\n * Get a `key-tree`-compatible node.\n *\n * Note: This function assumes that all the parameters have been validated\n * beforehand.\n *\n * @param options - The derivation options.\n * @param options.curve - The curve to use for derivation.\n * @param options.secretRecoveryPhrase - The secret recovery phrase to use for\n * derivation.\n * @param options.path - The derivation path to use as array, starting with an\n * \"m\" as the first item.\n */\nexport async function getNode({\n  curve,\n  secretRecoveryPhrase,\n  path,\n}: GetNodeArgs) {\n  const prefix = getPathPrefix(curve);\n  return await SLIP10Node.fromDerivationPath({\n    curve,\n    derivationPath: [\n      secretRecoveryPhrase,\n      ...(path.slice(1).map((index) => `${prefix}:${index}`) as\n        | BIP32Node[]\n        | SLIP10PathNode[]),\n    ],\n  });\n}\n"],"names":["SLIP10Node","add0x","assert","concatBytes","createDataView","stringToBytes","keccak_256","keccak256","HARDENED_VALUE","selectHooks","hooks","hookNames","Object","keys","reduce","hookSubset","_hookName","hookName","undefined","getDerivationPathArray","hash","array","view","index","uint32","getUint32","pathIndex","push","deriveEntropy","input","salt","mnemonicPhrase","magic","inputBytes","saltBytes","computedDerivationPath","privateKey","fromDerivationPath","derivationPath","curve","getPathPrefix","getNode","secretRecoveryPhrase","path","prefix","slice","map"],"mappings":"AAKA,SAASA,UAAU,QAAQ,qBAAqB;AAGhD,SACEC,KAAK,EACLC,MAAM,EACNC,WAAW,EACXC,cAAc,EACdC,aAAa,QACR,kBAAkB;AACzB,SAASC,cAAcC,SAAS,QAAQ,qBAAqB;AAE7D,MAAMC,iBAAiB;AAWvB;;;;;;;;;;;CAWC,GACD,OAAO,SAASC,YAIdC,KAAY,EACZC,SAAqC;IAErC,IAAIA,WAAW;QACb,OAAOC,OAAOC,IAAI,CAACF,WAAWG,MAAM,CAClC,CAACC,YAAYC;YACX,MAAMC,WAAWD;YACjBD,UAAU,CAACE,SAAS,GAAGP,KAAK,CAACO,SAAS;YACtC,OAAOF;QACT,GACA,CAAC;IAEL;IACA,OAAOG;AACT;AAEA;;;;;;CAMC,GACD,SAASC,uBAAuBC,IAAgB;IAC9C,MAAMC,QAA6B,EAAE;IACrC,MAAMC,OAAOlB,eAAegB;IAE5B,IAAK,IAAIG,QAAQ,GAAGA,QAAQ,GAAGA,QAAS;QACtC,MAAMC,SAASF,KAAKG,SAAS,CAACF,QAAQ;QAEtC,2EAA2E;QAC3E,0EAA0E;QAC1E,mCAAmC;QACnC,sCAAsC;QACtC,MAAMG,YAAY,AAACF,CAAAA,SAAShB,cAAa,MAAO;QAChDa,MAAMM,IAAI,CAAC,CAAC,MAAM,EAAED,YAAYlB,eAAe,CAAC,CAAC;IACnD;IAEA,OAAOa;AACT;AAyBA;;;;;;;;;;;;;;CAcC,GACD,OAAO,eAAeO,cAAc,EAClCC,KAAK,EACLC,OAAO,EAAE,EACTC,cAAc,EACdC,KAAK,EACgB;IACrB,MAAMC,aAAa5B,cAAcwB;IACjC,MAAMK,YAAY7B,cAAcyB;IAEhC,4CAA4C;IAC5C,MAAMV,OAAOb,UAAUJ,YAAY;QAAC8B;QAAY1B,UAAU2B;KAAW;IACrE,MAAMC,yBAAyBhB,uBAAuBC;IAEtD,uCAAuC;IACvC,MAAM,EAAEgB,UAAU,EAAE,GAAG,MAAMpC,WAAWqC,kBAAkB,CAAC;QACzDC,gBAAgB;YACdP;YACA,CAAC,MAAM,EAAEC,MAAM,CAAC;eACbG;SACJ;QACDI,OAAO;IACT;IAEA,6DAA6D;IAC7DrC,OAAOkC,YAAY;IAEnB,OAAOnC,MAAMmC;AACf;AAEA;;;;;;;;;;;;;CAaC,GACD,OAAO,SAASI,cACdD,KAA8B;IAE9B,IAAIA,UAAU,aAAa;QACzB,OAAO;IACT;IAEA,OAAO;AACT;AAQA;;;;;;;;;;;;CAYC,GACD,OAAO,eAAeE,QAAQ,EAC5BF,KAAK,EACLG,oBAAoB,EACpBC,IAAI,EACQ;IACZ,MAAMC,SAASJ,cAAcD;IAC7B,OAAO,MAAMvC,WAAWqC,kBAAkB,CAAC;QACzCE;QACAD,gBAAgB;YACdI;eACIC,KAAKE,KAAK,CAAC,GAAGC,GAAG,CAAC,CAACvB,QAAU,CAAC,EAAEqB,OAAO,CAAC,EAAErB,MAAM,CAAC;SAGtD;IACH;AACF"}

package/dist/types/__fixtures__/entropy.d.ts

@@ -0,0 +1,14 @@
+/**
+ * SIP-6 test vectors.
+ */
+export declare const ENTROPY_VECTORS: ({
+    snapId: string;
+    derivationPath: string;
+    entropy: string;
+    salt?: undefined;
+} | {
+    snapId: string;
+    salt: string;
+    derivationPath: string;
+    entropy: string;
+})[];

package/dist/types/__fixtures__/index.d.ts

@@ -0,0 +1 @@
+export * from './entropy';

package/dist/types/index.d.ts

@@ -0,0 +1,6 @@
+export type { PermittedRpcMethodHooks } from './permitted';
+export { handlers as permittedMethods, createSnapsMethodMiddleware, } from './permitted';
+export * from './restricted';
+export { SnapCaveatType } from '@metamask/snaps-utils';
+export { selectHooks } from './utils';
+export type { RequestFunction, SnapsGlobalObject } from './request';

package/dist/types/permitted/common/snapInstallation.d.ts

@@ -0,0 +1,16 @@
+import type { RequestedPermissions } from '@metamask/permission-controller';
+import type { InstallSnapsResult } from '@metamask/snaps-utils';
+export type { InstallSnapsResult } from '@metamask/snaps-utils';
+export declare type InstallSnapsHook = (requestedSnaps: RequestedPermissions) => Promise<InstallSnapsResult>;
+/**
+ * Typechecks the requested snaps and passes them to the permissions
+ * controller for installation.
+ *
+ * @param requestedSnaps - An object containing the requested snaps to be installed. The key of the
+ * object is the snap id and the value is potential extra data, i.e. version.
+ * @param installSnaps - A function that tries to install a given snap, prompting the user if
+ * necessary.
+ * @returns An object containing the installed snaps.
+ * @throws If the params are invalid or the snap installation fails.
+ */
+export declare function handleInstallSnaps(requestedSnaps: RequestedPermissions, installSnaps: InstallSnapsHook): Promise<InstallSnapsResult>;

package/dist/types/permitted/getFile.d.ts

@@ -0,0 +1,14 @@
+import type { PermittedHandlerExport } from '@metamask/permission-controller';
+import type { Infer } from 'superstruct';
+export declare const GetFileArgsStruct: import("superstruct").Struct<{
+    path: string;
+    encoding?: "base64" | "utf8" | "hex" | undefined;
+}, {
+    path: import("superstruct").Struct<string, null>;
+    encoding: import("superstruct").Struct<"base64" | "utf8" | "hex" | undefined, null>;
+}>;
+export declare type GetFileArgs = Infer<typeof GetFileArgsStruct>;
+export declare const getFileHandler: PermittedHandlerExport<GetFileHooks, GetFileArgs, string>;
+export declare type GetFileHooks = {
+    getSnapFile: (path: GetFileArgs['path'], encoding: GetFileArgs['encoding']) => Promise<string>;
+};

package/dist/types/permitted/getSnaps.d.ts

@@ -0,0 +1,13 @@
+import type { PermittedHandlerExport } from '@metamask/permission-controller';
+import type { InstallSnapsResult } from '@metamask/snaps-utils';
+import type { JsonRpcParams } from '@metamask/utils';
+/**
+ * `wallet_getSnaps` gets the requester's permitted and installed Snaps.
+ */
+export declare const getSnapsHandler: PermittedHandlerExport<GetSnapsHooks, JsonRpcParams, InstallSnapsResult>;
+export declare type GetSnapsHooks = {
+    /**
+     * @returns The permitted and installed snaps for the requesting origin.
+     */
+    getSnaps: () => Promise<InstallSnapsResult>;
+};

package/dist/types/permitted/handlers.d.ts

@@ -0,0 +1,14 @@
+export declare const methodHandlers: {
+    wallet_getSnaps: import("@metamask/permission-controller").PermittedHandlerExport<import("./getSnaps").GetSnapsHooks, import("@metamask/utils").JsonRpcParams, import("@metamask/snaps-utils").InstallSnapsResult>;
+    wallet_requestSnaps: import("@metamask/permission-controller").PermittedHandlerExport<import("./requestSnaps").RequestSnapsHooks, import("@metamask/permission-controller").RequestedPermissions, import("@metamask/snaps-utils").InstallSnapsResult>;
+    wallet_invokeSnap: import("@metamask/permission-controller").PermittedHandlerExport<void, import("./invokeSnapSugar").InvokeSnapSugarArgs, import("@metamask/utils").Json>;
+    wallet_invokeKeyring: import("@metamask/permission-controller").PermittedHandlerExport<import("./invokeKeyring").InvokeKeyringHooks, import("@metamask/utils").JsonRpcRequest<import("@metamask/utils").JsonRpcParams>, import("@metamask/utils").Json>;
+    snap_getFile: import("@metamask/permission-controller").PermittedHandlerExport<import("./getFile").GetFileHooks, {
+        path: string;
+        encoding?: "base64" | "utf8" | "hex" | undefined;
+    }, string>;
+};
+export declare const handlers: (import("@metamask/permission-controller").PermittedHandlerExport<import("./getSnaps").GetSnapsHooks, import("@metamask/utils").JsonRpcParams, import("@metamask/snaps-utils").InstallSnapsResult> | import("@metamask/permission-controller").PermittedHandlerExport<import("./requestSnaps").RequestSnapsHooks, import("@metamask/permission-controller").RequestedPermissions, import("@metamask/snaps-utils").InstallSnapsResult> | import("@metamask/permission-controller").PermittedHandlerExport<import("./getFile").GetFileHooks, {
+    path: string;
+    encoding?: "base64" | "utf8" | "hex" | undefined;
+}, string> | import("@metamask/permission-controller").PermittedHandlerExport<void, import("./invokeSnapSugar").InvokeSnapSugarArgs, import("@metamask/utils").Json> | import("@metamask/permission-controller").PermittedHandlerExport<import("./invokeKeyring").InvokeKeyringHooks, import("@metamask/utils").JsonRpcRequest<import("@metamask/utils").JsonRpcParams>, import("@metamask/utils").Json>)[];

package/dist/types/permitted/index.d.ts

@@ -0,0 +1,5 @@
+import type { GetSnapsHooks } from './getSnaps';
+import type { RequestSnapsHooks } from './requestSnaps';
+export declare type PermittedRpcMethodHooks = GetSnapsHooks & RequestSnapsHooks;
+export * from './handlers';
+export * from './middleware';

package/dist/types/permitted/invokeKeyring.d.ts

@@ -0,0 +1,17 @@
+import type { PermittedHandlerExport } from '@metamask/permission-controller';
+import type { Snap } from '@metamask/snaps-utils';
+import { type SnapId, type SnapRpcHookArgs } from '@metamask/snaps-utils';
+import type { JsonRpcRequest } from '@metamask/utils';
+import { type Json } from '@metamask/utils';
+/**
+ * `wallet_invokeKeyring` gets the requester's permitted and installed Snaps.
+ */
+export declare const invokeKeyringHandler: PermittedHandlerExport<InvokeKeyringHooks, JsonRpcRequest, Json>;
+export declare type InvokeKeyringHooks = {
+    hasPermission: (origin: string, permissionName: string) => boolean;
+    handleSnapRpcRequest: ({ snapId, origin, handler, request, }: SnapRpcHookArgs & {
+        snapId: SnapId;
+    }) => Promise<unknown>;
+    getSnap: (snapId: SnapId) => Snap | undefined;
+    getAllowedKeyringMethods: (origin: string) => string[];
+};

package/dist/types/permitted/invokeSnapSugar.d.ts

@@ -0,0 +1,32 @@
+import type { JsonRpcEngineEndCallback, JsonRpcEngineNextCallback } from '@metamask/json-rpc-engine';
+import type { PermittedHandlerExport } from '@metamask/permission-controller';
+import type { Json, JsonRpcRequest } from '@metamask/utils';
+export declare type InvokeSnapSugarArgs = {
+    snapId: string;
+    request: Record<string, Json>;
+};
+/**
+ * `wallet_invokeSnap` attempts to invoke an RPC method of the specified Snap.
+ */
+export declare const invokeSnapSugarHandler: PermittedHandlerExport<void, InvokeSnapSugarArgs, Json>;
+/**
+ * The `wallet_invokeSnap` method implementation.
+ * Reroutes incoming JSON-RPC requests that are targeting snaps, by modifying the method and params.
+ *
+ * @param req - The JSON-RPC request object.
+ * @param _res - The JSON-RPC response object. Not used by this
+ * function.
+ * @param next - The `json-rpc-engine` "next" callback.
+ * @param end - The `json-rpc-engine` "end" callback.
+ * @returns Nothing.
+ * @throws If the params are invalid.
+ */
+export declare function invokeSnapSugar(req: JsonRpcRequest<InvokeSnapSugarArgs>, _res: unknown, next: JsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback): void;
+/**
+ * Validates the wallet_invokeSnap method `params` and returns them cast to the correct
+ * type. Throws if validation fails.
+ *
+ * @param params - The unvalidated params object from the method request.
+ * @returns The validated method parameter object.
+ */
+export declare function getValidatedParams(params: unknown): InvokeSnapSugarArgs;

package/dist/types/permitted/middleware.d.ts

@@ -0,0 +1,10 @@
+import type { JsonRpcMiddleware } from '@metamask/json-rpc-engine';
+import type { Json, JsonRpcParams } from '@metamask/utils';
+/**
+ * Creates a middleware that handles permitted snap RPC methods.
+ *
+ * @param isSnap - A flag that should indicate whether the requesting origin is a snap or not.
+ * @param hooks - An object containing the hooks made available to the permitted RPC methods.
+ * @returns The middleware.
+ */
+export declare function createSnapsMethodMiddleware(isSnap: boolean, hooks: Record<string, unknown>): JsonRpcMiddleware<JsonRpcParams, Json>;

package/dist/types/permitted/requestSnaps.d.ts

@@ -0,0 +1,50 @@
+import type { PermissionConstraint, RequestedPermissions, PermittedHandlerExport } from '@metamask/permission-controller';
+import type { SnapsPermissionRequest } from '@metamask/snaps-utils';
+import type { InstallSnapsHook, InstallSnapsResult } from './common/snapInstallation';
+/**
+ * `wallet_requestSnaps` installs the requested Snaps and requests permission to use them if necessary.
+ */
+export declare const requestSnapsHandler: PermittedHandlerExport<RequestSnapsHooks, RequestedPermissions, InstallSnapsResult>;
+export declare type RequestSnapsHooks = {
+    /**
+     * Installs the requested snaps if they are permitted.
+     */
+    installSnaps: InstallSnapsHook;
+    /**
+     * Initiates a permission request for the requesting origin.
+     *
+     * @returns The result of the permissions request.
+     */
+    requestPermissions: (permissions: RequestedPermissions) => Promise<[
+        Record<string, PermissionConstraint>,
+        {
+            data: Record<string, unknown>;
+            id: string;
+            origin: string;
+        }
+    ]>;
+    /**
+     * Gets the current permissions for the requesting origin.
+     *
+     * @returns The current permissions of the requesting origin.
+     */
+    getPermissions: () => Promise<Record<string, PermissionConstraint> | undefined>;
+};
+/**
+ * Checks whether an origin has existing `wallet_snap` permission and
+ * whether or not it has the requested snapIds caveat.
+ *
+ * @param existingPermissions - The existing permissions for the origin.
+ * @param requestedSnaps - The requested snaps.
+ * @returns True if the existing permissions satisfy the requested snaps, otherwise false.
+ */
+export declare function hasRequestedSnaps(existingPermissions: Record<string, PermissionConstraint>, requestedSnaps: Record<string, unknown>): boolean;
+/**
+ * Constructs a valid permission request with merged caveats based on existing permissions
+ * and the requested snaps.
+ *
+ * @param existingPermissions - The existing permissions for the origin.
+ * @param requestedPermissions - The permission request passed into `requestPermissions`.
+ * @returns `requestedPermissions`.
+ */
+export declare function getSnapPermissionsRequest(existingPermissions: Record<string, PermissionConstraint>, requestedPermissions: unknown): SnapsPermissionRequest;

package/dist/types/request.d.ts

@@ -0,0 +1,99 @@
+import type { PermissionSpecificationBuilder, PermissionType, RestrictedMethodOptions, PermittedHandlerExport } from '@metamask/permission-controller';
+import type { JsonRpcParams } from '@metamask/utils';
+import type { methodHandlers } from './permitted';
+import type { restrictedMethodPermissionBuilders } from './restricted';
+/**
+ * Get the method implementation from a {@link PermittedHandlerExport}.
+ *
+ * @template Handler - A permitted handler export.
+ */
+declare type PermittedMethodImplementation<Handler> = Handler extends PermittedHandlerExport<any, infer Args, infer Result> ? (args: Args) => Promise<Result> : never;
+/**
+ * Get a JSON-RPC method type from a {@link PermittedHandlerExport} and a method
+ * name.
+ *
+ * @template MethodName - The name of the method.
+ * @template Handler - A permitted handler export.
+ */
+declare type PermittedMethod<MethodName extends string, Handler> = PermittedMethodImplementation<Handler> extends (args: infer Args) => infer Return ? (args: {
+    method: MethodName;
+    params?: Args;
+}) => Return : never;
+/**
+ * Get a restricted method implementation from a
+ * {@link PermissionSpecificationBuilder}.
+ *
+ * @template Builder - A permission specification builder.
+ */
+declare type RestrictedMethodImplementation<Builder> = Builder extends {
+    specificationBuilder: PermissionSpecificationBuilder<PermissionType.RestrictedMethod, any, infer Specification>;
+} ? Specification['methodImplementation'] : never;
+/**
+ * Get a JSON-RPC method type from a {@link PermissionSpecificationBuilder}.
+ *
+ * @template Builder - A permission specification builder.
+ */
+declare type RestrictedMethod<Builder extends {
+    targetName: string;
+}> = RestrictedMethodImplementation<Builder> extends (args: infer Args) => infer Return ? Args extends RestrictedMethodOptions<infer Params> ? (args: {
+    method: Builder['targetName'];
+    params?: Params;
+}) => Return : never : never;
+/**
+ * A type containing all permitted JSON-RPC methods as functions.
+ */
+declare type PermittedMethodFunction = {
+    [MethodName in keyof typeof methodHandlers]: PermittedMethod<MethodName, (typeof methodHandlers)[MethodName]>;
+};
+/**
+ * A type containing all restricted JSON-RPC methods as functions.
+ */
+declare type RestrictedMethodFunction = {
+    [Builder in keyof typeof restrictedMethodPermissionBuilders]: RestrictedMethod<(typeof restrictedMethodPermissionBuilders)[Builder]>;
+};
+/**
+ * A type containing all supported JSON-RPC methods as functions.
+ */
+declare type MethodFunction = RestrictedMethodFunction & PermittedMethodFunction;
+/**
+ * Fallback method name. `wallet_*` is supported by Snaps, but these functions
+ * are not implemented in `@metamask/snaps-rpc-methods`, so we don't have a type for
+ * them.
+ */
+declare type WalletMethodName = `wallet_${string}`;
+/**
+ * Get a typed function if the method is defined in {@link MethodFunction}, or
+ * a generic function if the method name extends {@link WalletMethodName}.
+ * Otherwise, this returns `never`.
+ */
+declare type MethodFunctionFallback<MethodName> = MethodName extends keyof MethodFunction ? MethodFunction[MethodName] : MethodName extends WalletMethodName ? (args: {
+    method: MethodName;
+    params?: JsonRpcParams;
+}) => Promise<unknown> : never;
+/**
+ * Get the JSON-RPC object from a method name.
+ *
+ * @template MethodName - The name of the method. In most cases this is inferred
+ * from the args.
+ */
+export declare type ObjectFromMethodName<MethodName extends keyof MethodFunction | WalletMethodName> = {
+    method: MethodName;
+    params?: Parameters<MethodFunctionFallback<MethodName>>[0] extends {
+        params?: infer Params;
+    } ? Params : never;
+};
+export declare type MethodReturnType<MethodName extends keyof MethodFunction | WalletMethodName> = ReturnType<MethodFunctionFallback<MethodName>>;
+/**
+ * A function that takes a JSON-RPC request and returns a JSON-RPC response.
+ *
+ * @template MethodName - The name of the method. In most cases this is inferred
+ * from the args.
+ */
+export declare type RequestFunction = <MethodName extends keyof MethodFunction | WalletMethodName>(args: ObjectFromMethodName<MethodName>) => MethodReturnType<MethodName>;
+/**
+ * The global `snap` object. This is injected into the global scope of a snap.
+ */
+export declare type SnapsGlobalObject = {
+    request: RequestFunction;
+};
+export {};

package/dist/types/restricted/caveats/index.d.ts

@@ -0,0 +1,8 @@
+import type { PermissionConstraint } from '@metamask/permission-controller';
+import type { Json } from '@metamask/utils';
+export declare const caveatSpecifications: {
+    readonly snapIds: import("@metamask/permission-controller").RestrictedMethodCaveatSpecificationConstraint;
+    readonly permittedCoinTypes: import("@metamask/permission-controller").RestrictedMethodCaveatSpecificationConstraint;
+    readonly permittedDerivationPaths: import("@metamask/permission-controller").RestrictedMethodCaveatSpecificationConstraint;
+};
+export declare const caveatMappers: Record<string, (value: Json) => Pick<PermissionConstraint, 'caveats'>>;

package/dist/types/restricted/caveats/permittedCoinTypes.d.ts

@@ -0,0 +1,29 @@
+import type { PermissionConstraint, RestrictedMethodCaveatSpecificationConstraint, Caveat } from '@metamask/permission-controller';
+import { SnapCaveatType } from '@metamask/snaps-utils';
+import type { Json } from '@metamask/utils';
+import type { GetBip44EntropyParams } from '../getBip44Entropy';
+/**
+ * Map a raw value from the `initialPermissions` to a caveat specification.
+ * Note that this function does not do any validation, that's handled by the
+ * PermissionsController when the permission is requested.
+ *
+ * @param value - The raw value from the `initialPermissions`.
+ * @returns The caveat specification.
+ */
+export declare function permittedCoinTypesCaveatMapper(value: Json): Pick<PermissionConstraint, 'caveats'>;
+/**
+ * Validate the params for `snap_getBip44Entropy`.
+ *
+ * @param value - The params to validate.
+ * @throws If the params are invalid.
+ */
+export declare function validateBIP44Params(value: unknown): asserts value is GetBip44EntropyParams;
+/**
+ * Validate the coin types values associated with a caveat. This checks if the
+ * values are non-negative integers (>= 0).
+ *
+ * @param caveat - The caveat to validate.
+ * @throws If the caveat is invalid.
+ */
+export declare function validateBIP44Caveat(caveat: Caveat<string, any>): void;
+export declare const PermittedCoinTypesCaveatSpecification: Record<SnapCaveatType.PermittedCoinTypes, RestrictedMethodCaveatSpecificationConstraint>;

package/dist/types/restricted/caveats/permittedDerivationPaths.d.ts

@@ -0,0 +1,32 @@
+import type { Caveat, PermissionConstraint, RestrictedMethodCaveatSpecificationConstraint } from '@metamask/permission-controller';
+import type { Bip32Entropy } from '@metamask/snaps-utils';
+import { SnapCaveatType } from '@metamask/snaps-utils';
+import type { Json } from '@metamask/utils';
+/**
+ * Map a raw value from the `initialPermissions` to a caveat specification.
+ * Note that this function does not do any validation, that's handled by the
+ * PermissionsController when the permission is requested.
+ *
+ * @param value - The raw value from the `initialPermissions`.
+ * @returns The caveat specification.
+ */
+export declare function permittedDerivationPathsCaveatMapper(value: Json): Pick<PermissionConstraint, 'caveats'>;
+/**
+ * Validate a caveat path object. The object must consist of a `path` array and
+ * a `curve` string. Paths must start with `m`, and must contain at
+ * least two indices. If `ed25519` is used, this checks if all the path indices
+ * are hardened.
+ *
+ * @param value - The value to validate.
+ * @throws If the value is invalid.
+ */
+export declare function validateBIP32Path(value: unknown): asserts value is Bip32Entropy;
+/**
+ * Validate the path values associated with a caveat. This validates that the
+ * value is a non-empty array with valid derivation paths and curves.
+ *
+ * @param caveat - The caveat to validate.
+ * @throws If the value is invalid.
+ */
+export declare function validateBIP32CaveatPaths(caveat: Caveat<string, any>): asserts caveat is Caveat<string, Bip32Entropy[]>;
+export declare const PermittedDerivationPathsCaveatSpecification: Record<SnapCaveatType.PermittedDerivationPaths, RestrictedMethodCaveatSpecificationConstraint>;

package/dist/types/restricted/caveats/snapIds.d.ts

@@ -0,0 +1,21 @@
+import type { Caveat, RestrictedMethodCaveatSpecificationConstraint, PermissionConstraint } from '@metamask/permission-controller';
+import type { SnapIds } from '@metamask/snaps-utils';
+import { SnapCaveatType } from '@metamask/snaps-utils';
+import type { Json } from '@metamask/utils';
+/**
+ * Map a raw value from the `initialPermissions` to a caveat specification.
+ * Note that this function does not do any validation, that's handled by the
+ * PermissionsController when the permission is requested.
+ *
+ * @param value - The raw value from the `initialPermissions`.
+ * @returns The caveat specification.
+ */
+export declare function snapIdsCaveatMapper(value: Json): Pick<PermissionConstraint, 'caveats'>;
+/**
+ * Validates that the caveat value exists and is a non-empty object.
+ *
+ * @param caveat - The caveat to validate.
+ * @throws If the caveat is invalid.
+ */
+export declare function validateSnapIdsCaveat(caveat: Caveat<string, any>): asserts caveat is Caveat<string, SnapIds>;
+export declare const SnapIdsCaveatSpecification: Record<SnapCaveatType.SnapIds, RestrictedMethodCaveatSpecificationConstraint>;