@metamask/snaps-rpc-methods 4.1.0 → 6.0.0

package/dist/esm/endowments/network-access.js

@@ -0,0 +1,34 @@
+import { PermissionType, SubjectType } from '@metamask/permission-controller';
+import { SnapEndowments } from './enum';
+const permissionName = SnapEndowments.NetworkAccess;
+/**
+ * `endowment:network-access` returns the name of global browser API(s) that
+ * enable network access. This is intended to populate the endowments of the
+ * SES Compartment in which a Snap executes.
+ *
+ * @param _builderOptions - Optional specification builder options.
+ * @returns The specification for the network endowment.
+ */ const specificationBuilder = (_builderOptions)=>{
+    return {
+        permissionType: PermissionType.Endowment,
+        targetName: permissionName,
+        allowedCaveats: null,
+        endowmentGetter: (_getterOptions)=>{
+            return [
+                'fetch',
+                'Request',
+                'Headers',
+                'Response'
+            ];
+        },
+        subjectTypes: [
+            SubjectType.Snap
+        ]
+    };
+};
+export const networkAccessEndowmentBuilder = Object.freeze({
+    targetName: permissionName,
+    specificationBuilder
+});
+
+//# sourceMappingURL=network-access.js.map

package/dist/esm/endowments/network-access.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/endowments/network-access.ts"],"sourcesContent":["import type {\n  EndowmentGetterParams,\n  PermissionSpecificationBuilder,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.NetworkAccess;\n\ntype NetworkAccessEndowmentSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.Endowment;\n  targetName: typeof permissionName;\n  endowmentGetter: (\n    _options?: any,\n  ) => ['fetch', 'Request', 'Headers', 'Response'];\n  allowedCaveats: null;\n}>;\n\n/**\n * `endowment:network-access` returns the name of global browser API(s) that\n * enable network access. This is intended to populate the endowments of the\n * SES Compartment in which a Snap executes.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the network endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.Endowment,\n  any,\n  NetworkAccessEndowmentSpecification\n> = (_builderOptions?: any) => {\n  return {\n    permissionType: PermissionType.Endowment,\n    targetName: permissionName,\n    allowedCaveats: null,\n    endowmentGetter: (_getterOptions?: EndowmentGetterParams) => {\n      return ['fetch', 'Request', 'Headers', 'Response'];\n    },\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nexport const networkAccessEndowmentBuilder = Object.freeze({\n  targetName: permissionName,\n  specificationBuilder,\n} as const);\n"],"names":["PermissionType","SubjectType","SnapEndowments","permissionName","NetworkAccess","specificationBuilder","_builderOptions","permissionType","Endowment","targetName","allowedCaveats","endowmentGetter","_getterOptions","subjectTypes","Snap","networkAccessEndowmentBuilder","Object","freeze"],"mappings":"AAKA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAE9E,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,iBAAiBD,eAAeE,aAAa;AAWnD;;;;;;;CAOC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBP,eAAeQ,SAAS;QACxCC,YAAYN;QACZO,gBAAgB;QAChBC,iBAAiB,CAACC;YAChB,OAAO;gBAAC;gBAAS;gBAAW;gBAAW;aAAW;QACpD;QACAC,cAAc;YAACZ,YAAYa,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,gCAAgCC,OAAOC,MAAM,CAAC;IACzDR,YAAYN;IACZE;AACF,GAAY"}

package/dist/esm/endowments/rpc.js

@@ -0,0 +1,92 @@
+import { PermissionType, SubjectType } from '@metamask/permission-controller';
+import { rpcErrors } from '@metamask/rpc-errors';
+import { assertIsRpcOrigins, SnapCaveatType } from '@metamask/snaps-utils';
+import { hasProperty, isPlainObject, assert } from '@metamask/utils';
+import { createGenericPermissionValidator } from './caveats';
+import { SnapEndowments } from './enum';
+const targetName = SnapEndowments.Rpc;
+/**
+ * The specification builder for the JSON-RPC endowment permission.
+ *
+ * @param _builderOptions - Optional specification builder options.
+ * @returns The specification for the JSON-RPC endowment permission.
+ */ const specificationBuilder = (_builderOptions)=>{
+    return {
+        permissionType: PermissionType.Endowment,
+        targetName,
+        allowedCaveats: [
+            SnapCaveatType.RpcOrigin,
+            SnapCaveatType.MaxRequestTime
+        ],
+        endowmentGetter: (_getterOptions)=>undefined,
+        validator: createGenericPermissionValidator([
+            {
+                type: SnapCaveatType.RpcOrigin
+            },
+            {
+                type: SnapCaveatType.MaxRequestTime,
+                optional: true
+            }
+        ]),
+        subjectTypes: [
+            SubjectType.Snap
+        ]
+    };
+};
+export const rpcEndowmentBuilder = Object.freeze({
+    targetName,
+    specificationBuilder
+});
+/**
+ * Validate the value of a caveat. This does not validate the type of the
+ * caveat itself, only the value of the caveat.
+ *
+ * @param caveat - The caveat to validate.
+ * @throws If the caveat value is invalid.
+ */ function validateCaveatOrigins(caveat) {
+    if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {
+        throw rpcErrors.invalidParams({
+            message: 'Invalid JSON-RPC origins: Expected a plain object.'
+        });
+    }
+    const { value } = caveat;
+    assertIsRpcOrigins(value, rpcErrors.invalidParams);
+}
+/**
+ * Map a raw value from the `initialPermissions` to a caveat specification.
+ * Note that this function does not do any validation, that's handled by the
+ * PermissionsController when the permission is requested.
+ *
+ * @param value - The raw value from the `initialPermissions`.
+ * @returns The caveat specification.
+ */ export function getRpcCaveatMapper(value) {
+    return {
+        caveats: [
+            {
+                type: SnapCaveatType.RpcOrigin,
+                value
+            }
+        ]
+    };
+}
+/**
+ * Getter function to get the {@link RpcOrigins} caveat value from a permission.
+ *
+ * @param permission - The permission to get the caveat value from.
+ * @returns The caveat value.
+ * @throws If the permission does not have a valid {@link RpcOrigins} caveat.
+ */ export function getRpcCaveatOrigins(permission) {
+    const caveats = permission?.caveats?.filter((caveat)=>caveat.type === SnapCaveatType.RpcOrigin);
+    assert(caveats);
+    assert(caveats.length === 1);
+    const caveat = caveats[0];
+    return caveat.value;
+}
+export const rpcCaveatSpecifications = {
+    [SnapCaveatType.RpcOrigin]: Object.freeze({
+        type: SnapCaveatType.RpcOrigin,
+        validator: (caveat)=>validateCaveatOrigins(caveat)
+    })
+};
+
+//# sourceMappingURL=rpc.js.map

package/dist/esm/endowments/rpc.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/endowments/rpc.ts"],"sourcesContent":["import type {\n  Caveat,\n  CaveatSpecificationConstraint,\n  EndowmentGetterParams,\n  PermissionConstraint,\n  PermissionSpecificationBuilder,\n  PermissionValidatorConstraint,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { RpcOrigins } from '@metamask/snaps-utils';\nimport { assertIsRpcOrigins, SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { hasProperty, isPlainObject, assert } from '@metamask/utils';\n\nimport { createGenericPermissionValidator } from './caveats';\nimport { SnapEndowments } from './enum';\n\nconst targetName = SnapEndowments.Rpc;\n\ntype RpcSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.Endowment;\n  targetName: typeof targetName;\n  endowmentGetter: (_options?: any) => undefined;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n  validator: PermissionValidatorConstraint;\n  subjectTypes: readonly SubjectType[];\n}>;\n\ntype RpcSpecificationBuilderOptions = {\n  // Empty for now.\n};\n\n/**\n * The specification builder for the JSON-RPC endowment permission.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the JSON-RPC endowment permission.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.Endowment,\n  RpcSpecificationBuilderOptions,\n  RpcSpecification\n> = (_builderOptions?: any): RpcSpecification => {\n  return {\n    permissionType: PermissionType.Endowment,\n    targetName,\n    allowedCaveats: [SnapCaveatType.RpcOrigin, SnapCaveatType.MaxRequestTime],\n    endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n    validator: createGenericPermissionValidator([\n      { type: SnapCaveatType.RpcOrigin },\n      { type: SnapCaveatType.MaxRequestTime, optional: true },\n    ]),\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nexport const rpcEndowmentBuilder = Object.freeze({\n  targetName,\n  specificationBuilder,\n} as const);\n\n/**\n * Validate the value of a caveat. This does not validate the type of the\n * caveat itself, only the value of the caveat.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveatOrigins(caveat: Caveat<string, any>) {\n  if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {\n    throw rpcErrors.invalidParams({\n      message: 'Invalid JSON-RPC origins: Expected a plain object.',\n    });\n  }\n\n  const { value } = caveat;\n  assertIsRpcOrigins(value, rpcErrors.invalidParams);\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getRpcCaveatMapper(\n  value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n  return {\n    caveats: [\n      {\n        type: SnapCaveatType.RpcOrigin,\n        value,\n      },\n    ],\n  };\n}\n\n/**\n * Getter function to get the {@link RpcOrigins} caveat value from a permission.\n *\n * @param permission - The permission to get the caveat value from.\n * @returns The caveat value.\n * @throws If the permission does not have a valid {@link RpcOrigins} caveat.\n */\nexport function getRpcCaveatOrigins(\n  permission?: PermissionConstraint,\n): RpcOrigins | null {\n  const caveats = permission?.caveats?.filter(\n    (caveat) => caveat.type === SnapCaveatType.RpcOrigin,\n  );\n  assert(caveats);\n  assert(caveats.length === 1);\n\n  const caveat = caveats[0] as Caveat<string, RpcOrigins>;\n  return caveat.value;\n}\n\nexport const rpcCaveatSpecifications: Record<\n  SnapCaveatType.RpcOrigin,\n  CaveatSpecificationConstraint\n> = {\n  [SnapCaveatType.RpcOrigin]: Object.freeze({\n    type: SnapCaveatType.RpcOrigin,\n    validator: (caveat: Caveat<string, any>) => validateCaveatOrigins(caveat),\n  }),\n};\n"],"names":["PermissionType","SubjectType","rpcErrors","assertIsRpcOrigins","SnapCaveatType","hasProperty","isPlainObject","assert","createGenericPermissionValidator","SnapEndowments","targetName","Rpc","specificationBuilder","_builderOptions","permissionType","Endowment","allowedCaveats","RpcOrigin","MaxRequestTime","endowmentGetter","_getterOptions","undefined","validator","type","optional","subjectTypes","Snap","rpcEndowmentBuilder","Object","freeze","validateCaveatOrigins","caveat","value","invalidParams","message","getRpcCaveatMapper","caveats","getRpcCaveatOrigins","permission","filter","length","rpcCaveatSpecifications"],"mappings":"AASA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAC9E,SAASC,SAAS,QAAQ,uBAAuB;AAEjD,SAASC,kBAAkB,EAAEC,cAAc,QAAQ,wBAAwB;AAE3E,SAASC,WAAW,EAAEC,aAAa,EAAEC,MAAM,QAAQ,kBAAkB;AAErE,SAASC,gCAAgC,QAAQ,YAAY;AAC7D,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,aAAaD,eAAeE,GAAG;AAerC;;;;;CAKC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBd,eAAee,SAAS;QACxCL;QACAM,gBAAgB;YAACZ,eAAea,SAAS;YAAEb,eAAec,cAAc;SAAC;QACzEC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAWd,iCAAiC;YAC1C;gBAAEe,MAAMnB,eAAea,SAAS;YAAC;YACjC;gBAAEM,MAAMnB,eAAec,cAAc;gBAAEM,UAAU;YAAK;SACvD;QACDC,cAAc;YAACxB,YAAYyB,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,sBAAsBC,OAAOC,MAAM,CAAC;IAC/CnB;IACAE;AACF,GAAY;AAEZ;;;;;;CAMC,GACD,SAASkB,sBAAsBC,MAA2B;IACxD,IAAI,CAAC1B,YAAY0B,QAAQ,YAAY,CAACzB,cAAcyB,OAAOC,KAAK,GAAG;QACjE,MAAM9B,UAAU+B,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEF,KAAK,EAAE,GAAGD;IAClB5B,mBAAmB6B,OAAO9B,UAAU+B,aAAa;AACnD;AAEA;;;;;;;CAOC,GACD,OAAO,SAASE,mBACdH,KAAW;IAEX,OAAO;QACLI,SAAS;YACP;gBACEb,MAAMnB,eAAea,SAAS;gBAC9Be;YACF;SACD;IACH;AACF;AAEA;;;;;;CAMC,GACD,OAAO,SAASK,oBACdC,UAAiC;IAEjC,MAAMF,UAAUE,YAAYF,SAASG,OACnC,CAACR,SAAWA,OAAOR,IAAI,KAAKnB,eAAea,SAAS;IAEtDV,OAAO6B;IACP7B,OAAO6B,QAAQI,MAAM,KAAK;IAE1B,MAAMT,SAASK,OAAO,CAAC,EAAE;IACzB,OAAOL,OAAOC,KAAK;AACrB;AAEA,OAAO,MAAMS,0BAGT;IACF,CAACrC,eAAea,SAAS,CAAC,EAAEW,OAAOC,MAAM,CAAC;QACxCN,MAAMnB,eAAea,SAAS;QAC9BK,WAAW,CAACS,SAAgCD,sBAAsBC;IACpE;AACF,EAAE"}

package/dist/esm/endowments/signature-insight.js

@@ -0,0 +1,103 @@
+import { PermissionType, SubjectType } from '@metamask/permission-controller';
+import { rpcErrors } from '@metamask/rpc-errors';
+import { SnapCaveatType } from '@metamask/snaps-utils';
+import { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';
+import { createGenericPermissionValidator } from './caveats';
+import { SnapEndowments } from './enum';
+const permissionName = SnapEndowments.SignatureInsight;
+/**
+ * `endowment:signature-insight` returns nothing; it is intended to be used as a flag
+ * by the extension to detect whether the snap has the capability to show information on the signature confirmation screen.
+ *
+ * @param _builderOptions - Optional specification builder options.
+ * @returns The specification for the signature-insight endowment.
+ */ const specificationBuilder = (_builderOptions)=>{
+    return {
+        permissionType: PermissionType.Endowment,
+        targetName: permissionName,
+        allowedCaveats: [
+            SnapCaveatType.SignatureOrigin
+        ],
+        endowmentGetter: (_getterOptions)=>undefined,
+        validator: createGenericPermissionValidator([
+            {
+                type: SnapCaveatType.SignatureOrigin,
+                optional: true
+            },
+            {
+                type: SnapCaveatType.MaxRequestTime,
+                optional: true
+            }
+        ]),
+        subjectTypes: [
+            SubjectType.Snap
+        ]
+    };
+};
+export const signatureInsightEndowmentBuilder = Object.freeze({
+    targetName: permissionName,
+    specificationBuilder
+});
+/**
+ * Validates the type of the caveat value.
+ *
+ * @param caveat - The caveat to validate.
+ * @throws If the caveat value is invalid.
+ */ function validateCaveat(caveat) {
+    if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {
+        throw rpcErrors.invalidParams({
+            message: 'Expected a plain object.'
+        });
+    }
+    const { value } = caveat;
+    assert(typeof value === 'boolean', 'Expected caveat value to have type "boolean"');
+}
+/**
+ * Map a raw value from the `initialPermissions` to a caveat specification.
+ * Note that this function does not do any validation, that's handled by the
+ * PermissionController when the permission is requested.
+ *
+ * @param value - The raw value from the `initialPermissions`.
+ * @returns The caveat specification.
+ */ export function getSignatureInsightCaveatMapper(value) {
+    if (!value || !isObject(value) || isObject(value) && Object.keys(value).length === 0) {
+        return {
+            caveats: null
+        };
+    }
+    return {
+        caveats: [
+            {
+                type: SnapCaveatType.SignatureOrigin,
+                value: hasProperty(value, 'allowSignatureOrigin') && value.allowSignatureOrigin
+            }
+        ]
+    };
+}
+/**
+ * Getter function to get the signature origin caveat from a permission.
+ *
+ * This does basic validation of the caveat, but does not validate the type or
+ * value of the namespaces object itself, as this is handled by the
+ * `PermissionsController` when the permission is requested.
+ *
+ * @param permission - The permission to get the signature origin caveat from.
+ * @returns The signature origin, or `null` if the permission does not have a
+ * signature origin caveat.
+ */ export function getSignatureOriginCaveat(permission) {
+    if (!permission?.caveats) {
+        return null;
+    }
+    assert(permission.caveats.length === 1);
+    assert(permission.caveats[0].type === SnapCaveatType.SignatureOrigin);
+    const caveat = permission.caveats[0];
+    return caveat.value ?? null;
+}
+export const signatureInsightCaveatSpecifications = {
+    [SnapCaveatType.SignatureOrigin]: Object.freeze({
+        type: SnapCaveatType.SignatureOrigin,
+        validator: (caveat)=>validateCaveat(caveat)
+    })
+};
+
+//# sourceMappingURL=signature-insight.js.map

package/dist/esm/endowments/signature-insight.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/endowments/signature-insight.ts"],"sourcesContent":["import type {\n  PermissionSpecificationBuilder,\n  EndowmentGetterParams,\n  ValidPermissionSpecification,\n  PermissionValidatorConstraint,\n  PermissionConstraint,\n  CaveatSpecificationConstraint,\n  Caveat,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';\n\nimport { createGenericPermissionValidator } from './caveats';\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.SignatureInsight;\n\ntype SignatureInsightEndowmentSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.Endowment;\n  targetName: typeof permissionName;\n  endowmentGetter: (_options?: EndowmentGetterParams) => undefined;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n  validator: PermissionValidatorConstraint;\n}>;\n\n/**\n * `endowment:signature-insight` returns nothing; it is intended to be used as a flag\n * by the extension to detect whether the snap has the capability to show information on the signature confirmation screen.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the signature-insight endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.Endowment,\n  any,\n  SignatureInsightEndowmentSpecification\n> = (_builderOptions?: unknown) => {\n  return {\n    permissionType: PermissionType.Endowment,\n    targetName: permissionName,\n    allowedCaveats: [SnapCaveatType.SignatureOrigin],\n    endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n    validator: createGenericPermissionValidator([\n      { type: SnapCaveatType.SignatureOrigin, optional: true },\n      { type: SnapCaveatType.MaxRequestTime, optional: true },\n    ]),\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nexport const signatureInsightEndowmentBuilder = Object.freeze({\n  targetName: permissionName,\n  specificationBuilder,\n} as const);\n\n/**\n * Validates the type of the caveat value.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveat(caveat: Caveat<string, any>): void {\n  if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {\n    throw rpcErrors.invalidParams({\n      message: 'Expected a plain object.',\n    });\n  }\n\n  const { value } = caveat;\n\n  assert(\n    typeof value === 'boolean',\n    'Expected caveat value to have type \"boolean\"',\n  );\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getSignatureInsightCaveatMapper(\n  value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n  if (\n    !value ||\n    !isObject(value) ||\n    (isObject(value) && Object.keys(value).length === 0)\n  ) {\n    return { caveats: null };\n  }\n  return {\n    caveats: [\n      {\n        type: SnapCaveatType.SignatureOrigin,\n        value:\n          hasProperty(value, 'allowSignatureOrigin') &&\n          (value.allowSignatureOrigin as boolean),\n      },\n    ],\n  };\n}\n\n/**\n * Getter function to get the signature origin caveat from a permission.\n *\n * This does basic validation of the caveat, but does not validate the type or\n * value of the namespaces object itself, as this is handled by the\n * `PermissionsController` when the permission is requested.\n *\n * @param permission - The permission to get the signature origin caveat from.\n * @returns The signature origin, or `null` if the permission does not have a\n * signature origin caveat.\n */\nexport function getSignatureOriginCaveat(\n  permission?: PermissionConstraint,\n): boolean | null {\n  if (!permission?.caveats) {\n    return null;\n  }\n\n  assert(permission.caveats.length === 1);\n  assert(permission.caveats[0].type === SnapCaveatType.SignatureOrigin);\n\n  const caveat = permission.caveats[0] as Caveat<string, boolean>;\n\n  return caveat.value ?? null;\n}\n\nexport const signatureInsightCaveatSpecifications: Record<\n  SnapCaveatType.SignatureOrigin,\n  CaveatSpecificationConstraint\n> = {\n  [SnapCaveatType.SignatureOrigin]: Object.freeze({\n    type: SnapCaveatType.SignatureOrigin,\n    validator: (caveat: Caveat<string, any>) => validateCaveat(caveat),\n  }),\n};\n"],"names":["PermissionType","SubjectType","rpcErrors","SnapCaveatType","assert","hasProperty","isObject","isPlainObject","createGenericPermissionValidator","SnapEndowments","permissionName","SignatureInsight","specificationBuilder","_builderOptions","permissionType","Endowment","targetName","allowedCaveats","SignatureOrigin","endowmentGetter","_getterOptions","undefined","validator","type","optional","MaxRequestTime","subjectTypes","Snap","signatureInsightEndowmentBuilder","Object","freeze","validateCaveat","caveat","invalidParams","message","value","getSignatureInsightCaveatMapper","keys","length","caveats","allowSignatureOrigin","getSignatureOriginCaveat","permission","signatureInsightCaveatSpecifications"],"mappings":"AASA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAC9E,SAASC,SAAS,QAAQ,uBAAuB;AACjD,SAASC,cAAc,QAAQ,wBAAwB;AAEvD,SAASC,MAAM,EAAEC,WAAW,EAAEC,QAAQ,EAAEC,aAAa,QAAQ,kBAAkB;AAE/E,SAASC,gCAAgC,QAAQ,YAAY;AAC7D,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,iBAAiBD,eAAeE,gBAAgB;AAUtD;;;;;;CAMC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBd,eAAee,SAAS;QACxCC,YAAYN;QACZO,gBAAgB;YAACd,eAAee,eAAe;SAAC;QAChDC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAWd,iCAAiC;YAC1C;gBAAEe,MAAMpB,eAAee,eAAe;gBAAEM,UAAU;YAAK;YACvD;gBAAED,MAAMpB,eAAesB,cAAc;gBAAED,UAAU;YAAK;SACvD;QACDE,cAAc;YAACzB,YAAY0B,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,mCAAmCC,OAAOC,MAAM,CAAC;IAC5Dd,YAAYN;IACZE;AACF,GAAY;AAEZ;;;;;CAKC,GACD,SAASmB,eAAeC,MAA2B;IACjD,IAAI,CAAC3B,YAAY2B,QAAQ,YAAY,CAACzB,cAAcyB,SAAS;QAC3D,MAAM9B,UAAU+B,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEC,KAAK,EAAE,GAAGH;IAElB5B,OACE,OAAO+B,UAAU,WACjB;AAEJ;AAEA;;;;;;;CAOC,GACD,OAAO,SAASC,gCACdD,KAAW;IAEX,IACE,CAACA,SACD,CAAC7B,SAAS6B,UACT7B,SAAS6B,UAAUN,OAAOQ,IAAI,CAACF,OAAOG,MAAM,KAAK,GAClD;QACA,OAAO;YAAEC,SAAS;QAAK;IACzB;IACA,OAAO;QACLA,SAAS;YACP;gBACEhB,MAAMpB,eAAee,eAAe;gBACpCiB,OACE9B,YAAY8B,OAAO,2BAClBA,MAAMK,oBAAoB;YAC/B;SACD;IACH;AACF;AAEA;;;;;;;;;;CAUC,GACD,OAAO,SAASC,yBACdC,UAAiC;IAEjC,IAAI,CAACA,YAAYH,SAAS;QACxB,OAAO;IACT;IAEAnC,OAAOsC,WAAWH,OAAO,CAACD,MAAM,KAAK;IACrClC,OAAOsC,WAAWH,OAAO,CAAC,EAAE,CAAChB,IAAI,KAAKpB,eAAee,eAAe;IAEpE,MAAMc,SAASU,WAAWH,OAAO,CAAC,EAAE;IAEpC,OAAOP,OAAOG,KAAK,IAAI;AACzB;AAEA,OAAO,MAAMQ,uCAGT;IACF,CAACxC,eAAee,eAAe,CAAC,EAAEW,OAAOC,MAAM,CAAC;QAC9CP,MAAMpB,eAAee,eAAe;QACpCI,WAAW,CAACU,SAAgCD,eAAeC;IAC7D;AACF,EAAE"}

package/dist/esm/endowments/transaction-insight.js

@@ -0,0 +1,104 @@
+import { PermissionType, SubjectType } from '@metamask/permission-controller';
+import { rpcErrors } from '@metamask/rpc-errors';
+import { SnapCaveatType } from '@metamask/snaps-utils';
+import { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';
+import { createGenericPermissionValidator } from './caveats';
+import { SnapEndowments } from './enum';
+const permissionName = SnapEndowments.TransactionInsight;
+/**
+ * `endowment:transaction-insight` returns nothing; it is intended to be used as a flag
+ * by the extension to detect whether the snap has the capability to show information on the transaction confirmation screen.
+ *
+ * @param _builderOptions - Optional specification builder options.
+ * @returns The specification for the transaction-insight endowment.
+ */ const specificationBuilder = (_builderOptions)=>{
+    return {
+        permissionType: PermissionType.Endowment,
+        targetName: permissionName,
+        allowedCaveats: [
+            SnapCaveatType.TransactionOrigin,
+            SnapCaveatType.MaxRequestTime
+        ],
+        endowmentGetter: (_getterOptions)=>undefined,
+        validator: createGenericPermissionValidator([
+            {
+                type: SnapCaveatType.TransactionOrigin,
+                optional: true
+            },
+            {
+                type: SnapCaveatType.MaxRequestTime,
+                optional: true
+            }
+        ]),
+        subjectTypes: [
+            SubjectType.Snap
+        ]
+    };
+};
+export const transactionInsightEndowmentBuilder = Object.freeze({
+    targetName: permissionName,
+    specificationBuilder
+});
+/**
+ * Validates the type of the caveat value.
+ *
+ * @param caveat - The caveat to validate.
+ * @throws If the caveat value is invalid.
+ */ function validateCaveat(caveat) {
+    if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {
+        throw rpcErrors.invalidParams({
+            message: 'Expected a plain object.'
+        });
+    }
+    const { value } = caveat;
+    assert(typeof value === 'boolean', 'Expected caveat value to have type "boolean"');
+}
+/**
+ * Map a raw value from the `initialPermissions` to a caveat specification.
+ * Note that this function does not do any validation, that's handled by the
+ * PermissionsController when the permission is requested.
+ *
+ * @param value - The raw value from the `initialPermissions`.
+ * @returns The caveat specification.
+ */ export function getTransactionInsightCaveatMapper(value) {
+    if (!value || !isObject(value) || isObject(value) && Object.keys(value).length === 0) {
+        return {
+            caveats: null
+        };
+    }
+    return {
+        caveats: [
+            {
+                type: SnapCaveatType.TransactionOrigin,
+                value: hasProperty(value, 'allowTransactionOrigin') && value.allowTransactionOrigin
+            }
+        ]
+    };
+}
+/**
+ * Getter function to get the transaction origin caveat from a permission.
+ *
+ * This does basic validation of the caveat, but does not validate the type or
+ * value of the namespaces object itself, as this is handled by the
+ * `PermissionsController` when the permission is requested.
+ *
+ * @param permission - The permission to get the transaction origin caveat from.
+ * @returns The transaction origin, or `null` if the permission does not have a
+ * transaction origin caveat.
+ */ export function getTransactionOriginCaveat(permission) {
+    if (!permission?.caveats) {
+        return null;
+    }
+    assert(permission.caveats.length === 1);
+    assert(permission.caveats[0].type === SnapCaveatType.TransactionOrigin);
+    const caveat = permission.caveats[0];
+    return caveat.value ?? null;
+}
+export const transactionInsightCaveatSpecifications = {
+    [SnapCaveatType.TransactionOrigin]: Object.freeze({
+        type: SnapCaveatType.TransactionOrigin,
+        validator: (caveat)=>validateCaveat(caveat)
+    })
+};
+
+//# sourceMappingURL=transaction-insight.js.map

package/dist/esm/endowments/transaction-insight.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/endowments/transaction-insight.ts"],"sourcesContent":["import type {\n  PermissionSpecificationBuilder,\n  EndowmentGetterParams,\n  ValidPermissionSpecification,\n  PermissionValidatorConstraint,\n  PermissionConstraint,\n  CaveatSpecificationConstraint,\n  Caveat,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';\n\nimport { createGenericPermissionValidator } from './caveats';\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.TransactionInsight;\n\ntype TransactionInsightEndowmentSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.Endowment;\n  targetName: typeof permissionName;\n  endowmentGetter: (_options?: EndowmentGetterParams) => undefined;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n  validator: PermissionValidatorConstraint;\n}>;\n\n/**\n * `endowment:transaction-insight` returns nothing; it is intended to be used as a flag\n * by the extension to detect whether the snap has the capability to show information on the transaction confirmation screen.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the transaction-insight endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.Endowment,\n  any,\n  TransactionInsightEndowmentSpecification\n> = (_builderOptions?: unknown) => {\n  return {\n    permissionType: PermissionType.Endowment,\n    targetName: permissionName,\n    allowedCaveats: [\n      SnapCaveatType.TransactionOrigin,\n      SnapCaveatType.MaxRequestTime,\n    ],\n    endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n    validator: createGenericPermissionValidator([\n      { type: SnapCaveatType.TransactionOrigin, optional: true },\n      { type: SnapCaveatType.MaxRequestTime, optional: true },\n    ]),\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nexport const transactionInsightEndowmentBuilder = Object.freeze({\n  targetName: permissionName,\n  specificationBuilder,\n} as const);\n\n/**\n * Validates the type of the caveat value.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveat(caveat: Caveat<string, any>): void {\n  if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {\n    throw rpcErrors.invalidParams({\n      message: 'Expected a plain object.',\n    });\n  }\n\n  const { value } = caveat;\n\n  assert(\n    typeof value === 'boolean',\n    'Expected caveat value to have type \"boolean\"',\n  );\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getTransactionInsightCaveatMapper(\n  value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n  if (\n    !value ||\n    !isObject(value) ||\n    (isObject(value) && Object.keys(value).length === 0)\n  ) {\n    return { caveats: null };\n  }\n  return {\n    caveats: [\n      {\n        type: SnapCaveatType.TransactionOrigin,\n        value:\n          hasProperty(value, 'allowTransactionOrigin') &&\n          (value.allowTransactionOrigin as boolean),\n      },\n    ],\n  };\n}\n\n/**\n * Getter function to get the transaction origin caveat from a permission.\n *\n * This does basic validation of the caveat, but does not validate the type or\n * value of the namespaces object itself, as this is handled by the\n * `PermissionsController` when the permission is requested.\n *\n * @param permission - The permission to get the transaction origin caveat from.\n * @returns The transaction origin, or `null` if the permission does not have a\n * transaction origin caveat.\n */\nexport function getTransactionOriginCaveat(\n  permission?: PermissionConstraint,\n): boolean | null {\n  if (!permission?.caveats) {\n    return null;\n  }\n\n  assert(permission.caveats.length === 1);\n  assert(permission.caveats[0].type === SnapCaveatType.TransactionOrigin);\n\n  const caveat = permission.caveats[0] as Caveat<string, boolean>;\n\n  return caveat.value ?? null;\n}\n\nexport const transactionInsightCaveatSpecifications: Record<\n  SnapCaveatType.TransactionOrigin,\n  CaveatSpecificationConstraint\n> = {\n  [SnapCaveatType.TransactionOrigin]: Object.freeze({\n    type: SnapCaveatType.TransactionOrigin,\n    validator: (caveat: Caveat<string, any>) => validateCaveat(caveat),\n  }),\n};\n"],"names":["PermissionType","SubjectType","rpcErrors","SnapCaveatType","assert","hasProperty","isObject","isPlainObject","createGenericPermissionValidator","SnapEndowments","permissionName","TransactionInsight","specificationBuilder","_builderOptions","permissionType","Endowment","targetName","allowedCaveats","TransactionOrigin","MaxRequestTime","endowmentGetter","_getterOptions","undefined","validator","type","optional","subjectTypes","Snap","transactionInsightEndowmentBuilder","Object","freeze","validateCaveat","caveat","invalidParams","message","value","getTransactionInsightCaveatMapper","keys","length","caveats","allowTransactionOrigin","getTransactionOriginCaveat","permission","transactionInsightCaveatSpecifications"],"mappings":"AASA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAC9E,SAASC,SAAS,QAAQ,uBAAuB;AACjD,SAASC,cAAc,QAAQ,wBAAwB;AAEvD,SAASC,MAAM,EAAEC,WAAW,EAAEC,QAAQ,EAAEC,aAAa,QAAQ,kBAAkB;AAE/E,SAASC,gCAAgC,QAAQ,YAAY;AAC7D,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,iBAAiBD,eAAeE,kBAAkB;AAUxD;;;;;;CAMC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBd,eAAee,SAAS;QACxCC,YAAYN;QACZO,gBAAgB;YACdd,eAAee,iBAAiB;YAChCf,eAAegB,cAAc;SAC9B;QACDC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAWf,iCAAiC;YAC1C;gBAAEgB,MAAMrB,eAAee,iBAAiB;gBAAEO,UAAU;YAAK;YACzD;gBAAED,MAAMrB,eAAegB,cAAc;gBAAEM,UAAU;YAAK;SACvD;QACDC,cAAc;YAACzB,YAAY0B,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,qCAAqCC,OAAOC,MAAM,CAAC;IAC9Dd,YAAYN;IACZE;AACF,GAAY;AAEZ;;;;;CAKC,GACD,SAASmB,eAAeC,MAA2B;IACjD,IAAI,CAAC3B,YAAY2B,QAAQ,YAAY,CAACzB,cAAcyB,SAAS;QAC3D,MAAM9B,UAAU+B,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEC,KAAK,EAAE,GAAGH;IAElB5B,OACE,OAAO+B,UAAU,WACjB;AAEJ;AAEA;;;;;;;CAOC,GACD,OAAO,SAASC,kCACdD,KAAW;IAEX,IACE,CAACA,SACD,CAAC7B,SAAS6B,UACT7B,SAAS6B,UAAUN,OAAOQ,IAAI,CAACF,OAAOG,MAAM,KAAK,GAClD;QACA,OAAO;YAAEC,SAAS;QAAK;IACzB;IACA,OAAO;QACLA,SAAS;YACP;gBACEf,MAAMrB,eAAee,iBAAiB;gBACtCiB,OACE9B,YAAY8B,OAAO,6BAClBA,MAAMK,sBAAsB;YACjC;SACD;IACH;AACF;AAEA;;;;;;;;;;CAUC,GACD,OAAO,SAASC,2BACdC,UAAiC;IAEjC,IAAI,CAACA,YAAYH,SAAS;QACxB,OAAO;IACT;IAEAnC,OAAOsC,WAAWH,OAAO,CAACD,MAAM,KAAK;IACrClC,OAAOsC,WAAWH,OAAO,CAAC,EAAE,CAACf,IAAI,KAAKrB,eAAee,iBAAiB;IAEtE,MAAMc,SAASU,WAAWH,OAAO,CAAC,EAAE;IAEpC,OAAOP,OAAOG,KAAK,IAAI;AACzB;AAEA,OAAO,MAAMQ,yCAGT;IACF,CAACxC,eAAee,iBAAiB,CAAC,EAAEW,OAAOC,MAAM,CAAC;QAChDN,MAAMrB,eAAee,iBAAiB;QACtCK,WAAW,CAACS,SAAgCD,eAAeC;IAC7D;AACF,EAAE"}

package/dist/esm/endowments/web-assembly.js

@@ -0,0 +1,32 @@
+import { PermissionType, SubjectType } from '@metamask/permission-controller';
+import { SnapEndowments } from './enum';
+const permissionName = SnapEndowments.WebAssemblyAccess;
+/**
+ * `endowment:webassembly` returns the name of global browser API(s) that
+ * enable access to the WebAssembly API.
+ * This is intended to populate the endowments of the SES Compartment
+ * in which a Snap executes.
+ *
+ * @param _builderOptions - Optional specification builder options.
+ * @returns The specification for the WebAssembly endowment.
+ */ const specificationBuilder = (_builderOptions)=>{
+    return {
+        permissionType: PermissionType.Endowment,
+        targetName: permissionName,
+        allowedCaveats: null,
+        endowmentGetter: (_getterOptions)=>{
+            return [
+                'WebAssembly'
+            ];
+        },
+        subjectTypes: [
+            SubjectType.Snap
+        ]
+    };
+};
+export const webAssemblyEndowmentBuilder = Object.freeze({
+    targetName: permissionName,
+    specificationBuilder
+});
+
+//# sourceMappingURL=web-assembly.js.map

package/dist/esm/endowments/web-assembly.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/endowments/web-assembly.ts"],"sourcesContent":["import type {\n  EndowmentGetterParams,\n  PermissionSpecificationBuilder,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.WebAssemblyAccess;\n\ntype WebAssemblyEndowmentSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.Endowment;\n  targetName: typeof permissionName;\n  endowmentGetter: (_options?: any) => ['WebAssembly'];\n  allowedCaveats: null;\n}>;\n\n/**\n * `endowment:webassembly` returns the name of global browser API(s) that\n * enable access to the WebAssembly API.\n * This is intended to populate the endowments of the SES Compartment\n * in which a Snap executes.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the WebAssembly endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.Endowment,\n  any,\n  WebAssemblyEndowmentSpecification\n> = (_builderOptions?: any) => {\n  return {\n    permissionType: PermissionType.Endowment,\n    targetName: permissionName,\n    allowedCaveats: null,\n    endowmentGetter: (_getterOptions?: EndowmentGetterParams) => {\n      return ['WebAssembly'];\n    },\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nexport const webAssemblyEndowmentBuilder = Object.freeze({\n  targetName: permissionName,\n  specificationBuilder,\n} as const);\n"],"names":["PermissionType","SubjectType","SnapEndowments","permissionName","WebAssemblyAccess","specificationBuilder","_builderOptions","permissionType","Endowment","targetName","allowedCaveats","endowmentGetter","_getterOptions","subjectTypes","Snap","webAssemblyEndowmentBuilder","Object","freeze"],"mappings":"AAKA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAE9E,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,iBAAiBD,eAAeE,iBAAiB;AASvD;;;;;;;;CAQC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBP,eAAeQ,SAAS;QACxCC,YAAYN;QACZO,gBAAgB;QAChBC,iBAAiB,CAACC;YAChB,OAAO;gBAAC;aAAc;QACxB;QACAC,cAAc;YAACZ,YAAYa,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,8BAA8BC,OAAOC,MAAM,CAAC;IACvDR,YAAYN;IACZE;AACF,GAAY"}

package/dist/esm/index.js

@@ -1,6 +1,8 @@
 export { handlers as permittedMethods, createSnapsMethodMiddleware } from './permitted';
-export * from './restricted';
 export { SnapCaveatType } from '@metamask/snaps-utils';
 export { selectHooks } from './utils';
+export * from './endowments';
+export * from './permissions';
+export * from './restricted';
 
 //# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/index.ts"],"sourcesContent":["export type { PermittedRpcMethodHooks } from './permitted';\nexport {\n  handlers as permittedMethods,\n  createSnapsMethodMiddleware,\n} from './permitted';\nexport * from './restricted';\nexport { SnapCaveatType } from '@metamask/snaps-utils';\nexport { selectHooks } from './utils';\n"],"names":["handlers","permittedMethods","createSnapsMethodMiddleware","SnapCaveatType","selectHooks"],"mappings":"AACA,SACEA,YAAYC,gBAAgB,EAC5BC,2BAA2B,QACtB,cAAc;AACrB,cAAc,eAAe;AAC7B,SAASC,cAAc,QAAQ,wBAAwB;AACvD,SAASC,WAAW,QAAQ,UAAU"}
+{"version":3,"sources":["../../src/index.ts"],"sourcesContent":["export {\n  handlers as permittedMethods,\n  createSnapsMethodMiddleware,\n} from './permitted';\nexport type { PermittedRpcMethodHooks } from './permitted';\nexport { SnapCaveatType } from '@metamask/snaps-utils';\nexport { selectHooks } from './utils';\nexport * from './endowments';\nexport * from './permissions';\nexport * from './restricted';\n"],"names":["handlers","permittedMethods","createSnapsMethodMiddleware","SnapCaveatType","selectHooks"],"mappings":"AAAA,SACEA,YAAYC,gBAAgB,EAC5BC,2BAA2B,QACtB,cAAc;AAErB,SAASC,cAAc,QAAQ,wBAAwB;AACvD,SAASC,WAAW,QAAQ,UAAU;AACtC,cAAc,eAAe;AAC7B,cAAc,gBAAgB;AAC9B,cAAc,eAAe"}

package/dist/esm/permissions.js

@@ -0,0 +1,51 @@
+import { hasProperty } from '@metamask/utils';
+import { endowmentCaveatMappers, endowmentPermissionBuilders } from './endowments';
+import { caveatMappers, restrictedMethodPermissionBuilders } from './restricted';
+import { selectHooks } from './utils';
+/**
+ * Map initial permissions as defined in a Snap manifest to something that can
+ * be processed by the PermissionsController. Each caveat mapping function
+ * should return a valid permission caveat value.
+ *
+ * This function does not validate the caveat values, since that is done by
+ * the PermissionsController itself, upon requesting the permissions.
+ *
+ * @param initialPermissions - The initial permissions to process.
+ * @returns The processed permissions.
+ */ export function processSnapPermissions(initialPermissions) {
+    return Object.fromEntries(Object.entries(initialPermissions).map(([initialPermission, value])=>{
+        if (hasProperty(caveatMappers, initialPermission)) {
+            return [
+                initialPermission,
+                caveatMappers[initialPermission](value)
+            ];
+        } else if (hasProperty(endowmentCaveatMappers, initialPermission)) {
+            return [
+                initialPermission,
+                endowmentCaveatMappers[initialPermission](value)
+            ];
+        }
+        // If we have no mapping, this may be a non-snap permission, return as-is
+        return [
+            initialPermission,
+            value
+        ];
+    }));
+}
+export const buildSnapEndowmentSpecifications = (excludedEndowments)=>Object.values(endowmentPermissionBuilders).reduce((allSpecifications, { targetName, specificationBuilder })=>{
+        if (!excludedEndowments.includes(targetName)) {
+            allSpecifications[targetName] = specificationBuilder({});
+        }
+        return allSpecifications;
+    }, {});
+export const buildSnapRestrictedMethodSpecifications = (excludedPermissions, hooks)=>Object.values(restrictedMethodPermissionBuilders).reduce((specifications, { targetName, specificationBuilder, methodHooks })=>{
+        if (!excludedPermissions.includes(targetName)) {
+            specifications[targetName] = specificationBuilder({
+                // @ts-expect-error The selectHooks type is wonky
+                methodHooks: selectHooks(hooks, methodHooks)
+            });
+        }
+        return specifications;
+    }, {});
+
+//# sourceMappingURL=permissions.js.map

package/dist/esm/permissions.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/permissions.ts"],"sourcesContent":["import type {\n  PermissionConstraint,\n  PermissionSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport type { SnapPermissions } from '@metamask/snaps-utils';\nimport { hasProperty } from '@metamask/utils';\n\nimport {\n  endowmentCaveatMappers,\n  endowmentPermissionBuilders,\n} from './endowments';\nimport {\n  caveatMappers,\n  restrictedMethodPermissionBuilders,\n} from './restricted';\nimport { selectHooks } from './utils';\n\n/**\n * Map initial permissions as defined in a Snap manifest to something that can\n * be processed by the PermissionsController. Each caveat mapping function\n * should return a valid permission caveat value.\n *\n * This function does not validate the caveat values, since that is done by\n * the PermissionsController itself, upon requesting the permissions.\n *\n * @param initialPermissions - The initial permissions to process.\n * @returns The processed permissions.\n */\nexport function processSnapPermissions(\n  initialPermissions: SnapPermissions,\n): Record<string, Pick<PermissionConstraint, 'caveats'>> {\n  return Object.fromEntries(\n    Object.entries(initialPermissions).map(([initialPermission, value]) => {\n      if (hasProperty(caveatMappers, initialPermission)) {\n        return [initialPermission, caveatMappers[initialPermission](value)];\n      } else if (hasProperty(endowmentCaveatMappers, initialPermission)) {\n        return [\n          initialPermission,\n          endowmentCaveatMappers[initialPermission](value),\n        ];\n      }\n\n      // If we have no mapping, this may be a non-snap permission, return as-is\n      return [\n        initialPermission,\n        value as Pick<PermissionConstraint, 'caveats'>,\n      ];\n    }),\n  );\n}\n\nexport const buildSnapEndowmentSpecifications = (\n  excludedEndowments: string[],\n) =>\n  Object.values(endowmentPermissionBuilders).reduce<\n    Record<string, PermissionSpecificationConstraint>\n  >((allSpecifications, { targetName, specificationBuilder }) => {\n    if (!excludedEndowments.includes(targetName)) {\n      allSpecifications[targetName] = specificationBuilder({});\n    }\n    return allSpecifications;\n  }, {});\n\nexport const buildSnapRestrictedMethodSpecifications = (\n  excludedPermissions: string[],\n  hooks: Record<string, unknown>,\n) =>\n  Object.values(restrictedMethodPermissionBuilders).reduce<\n    Record<string, PermissionSpecificationConstraint>\n  >((specifications, { targetName, specificationBuilder, methodHooks }) => {\n    if (!excludedPermissions.includes(targetName)) {\n      specifications[targetName] = specificationBuilder({\n        // @ts-expect-error The selectHooks type is wonky\n        methodHooks: selectHooks<typeof hooks, keyof typeof methodHooks>(\n          hooks,\n          methodHooks,\n        ) as Pick<typeof hooks, keyof typeof methodHooks>,\n      });\n    }\n    return specifications;\n  }, {});\n"],"names":["hasProperty","endowmentCaveatMappers","endowmentPermissionBuilders","caveatMappers","restrictedMethodPermissionBuilders","selectHooks","processSnapPermissions","initialPermissions","Object","fromEntries","entries","map","initialPermission","value","buildSnapEndowmentSpecifications","excludedEndowments","values","reduce","allSpecifications","targetName","specificationBuilder","includes","buildSnapRestrictedMethodSpecifications","excludedPermissions","hooks","specifications","methodHooks"],"mappings":"AAKA,SAASA,WAAW,QAAQ,kBAAkB;AAE9C,SACEC,sBAAsB,EACtBC,2BAA2B,QACtB,eAAe;AACtB,SACEC,aAAa,EACbC,kCAAkC,QAC7B,eAAe;AACtB,SAASC,WAAW,QAAQ,UAAU;AAEtC;;;;;;;;;;CAUC,GACD,OAAO,SAASC,uBACdC,kBAAmC;IAEnC,OAAOC,OAAOC,WAAW,CACvBD,OAAOE,OAAO,CAACH,oBAAoBI,GAAG,CAAC,CAAC,CAACC,mBAAmBC,MAAM;QAChE,IAAIb,YAAYG,eAAeS,oBAAoB;YACjD,OAAO;gBAACA;gBAAmBT,aAAa,CAACS,kBAAkB,CAACC;aAAO;QACrE,OAAO,IAAIb,YAAYC,wBAAwBW,oBAAoB;YACjE,OAAO;gBACLA;gBACAX,sBAAsB,CAACW,kBAAkB,CAACC;aAC3C;QACH;QAEA,yEAAyE;QACzE,OAAO;YACLD;YACAC;SACD;IACH;AAEJ;AAEA,OAAO,MAAMC,mCAAmC,CAC9CC,qBAEAP,OAAOQ,MAAM,CAACd,6BAA6Be,MAAM,CAE/C,CAACC,mBAAmB,EAAEC,UAAU,EAAEC,oBAAoB,EAAE;QACxD,IAAI,CAACL,mBAAmBM,QAAQ,CAACF,aAAa;YAC5CD,iBAAiB,CAACC,WAAW,GAAGC,qBAAqB,CAAC;QACxD;QACA,OAAOF;IACT,GAAG,CAAC,GAAG;AAET,OAAO,MAAMI,0CAA0C,CACrDC,qBACAC,QAEAhB,OAAOQ,MAAM,CAACZ,oCAAoCa,MAAM,CAEtD,CAACQ,gBAAgB,EAAEN,UAAU,EAAEC,oBAAoB,EAAEM,WAAW,EAAE;QAClE,IAAI,CAACH,oBAAoBF,QAAQ,CAACF,aAAa;YAC7CM,cAAc,CAACN,WAAW,GAAGC,qBAAqB;gBAChD,iDAAiD;gBACjDM,aAAarB,YACXmB,OACAE;YAEJ;QACF;QACA,OAAOD;IACT,GAAG,CAAC,GAAG"}

package/dist/esm/permitted/createInterface.js

@@ -0,0 +1,58 @@
+import { rpcErrors } from '@metamask/rpc-errors';
+import { ComponentStruct } from '@metamask/snaps-sdk';
+import { StructError, create, object } from 'superstruct';
+const hookNames = {
+    createInterface: true
+};
+export const createInterfaceHandler = {
+    methodNames: [
+        'snap_createInterface'
+    ],
+    implementation: getCreateInterfaceImplementation,
+    hookNames
+};
+const CreateInterfaceParametersStruct = object({
+    ui: ComponentStruct
+});
+/**
+ * The `snap_createInterface` method implementation.
+ *
+ * @param req - The JSON-RPC request object.
+ * @param res - The JSON-RPC response object.
+ * @param _next - The `json-rpc-engine` "next" callback. Not used by this
+ * function.
+ * @param end - The `json-rpc-engine` "end" callback.
+ * @param hooks - The RPC method hooks.
+ * @param hooks.createInterface - The function to create the interface.
+ * @returns Nothing.
+ */ async function getCreateInterfaceImplementation(req, res, _next, end, { createInterface }) {
+    const { params } = req;
+    try {
+        const validatedParams = getValidatedParams(params);
+        const { ui } = validatedParams;
+        res.result = await createInterface(ui);
+    } catch (error) {
+        return end(error);
+    }
+    return end();
+}
+/**
+ * Validate the createInterface method `params` and returns them cast to the correct
+ * type. Throws if validation fails.
+ *
+ * @param params - The unvalidated params object from the method request.
+ * @returns The validated createInterface method parameter object.
+ */ function getValidatedParams(params) {
+    try {
+        return create(params, CreateInterfaceParametersStruct);
+    } catch (error) {
+        if (error instanceof StructError) {
+            throw rpcErrors.invalidParams({
+                message: `Invalid params: ${error.message}.`
+            });
+        }
+        /* istanbul ignore next */ throw rpcErrors.internal();
+    }
+}
+
+//# sourceMappingURL=createInterface.js.map

package/dist/esm/permitted/createInterface.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/permitted/createInterface.ts"],"sourcesContent":["import type { JsonRpcEngineEndCallback } from '@metamask/json-rpc-engine';\nimport type { PermittedHandlerExport } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type {\n  Component,\n  CreateInterfaceParams,\n  CreateInterfaceResult,\n  JsonRpcRequest,\n} from '@metamask/snaps-sdk';\nimport { ComponentStruct } from '@metamask/snaps-sdk';\nimport { type InferMatching } from '@metamask/snaps-utils';\nimport type { PendingJsonRpcResponse } from '@metamask/utils';\nimport { StructError, create, object } from 'superstruct';\n\nimport type { MethodHooksObject } from '../utils';\n\nconst hookNames: MethodHooksObject<CreateInterfaceMethodHooks> = {\n  createInterface: true,\n};\n\nexport type CreateInterfaceMethodHooks = {\n  /**\n   * @param ui - The UI components.\n   * @returns The unique identifier of the interface.\n   */\n  createInterface: (ui: Component) => Promise<string>;\n};\n\nexport const createInterfaceHandler: PermittedHandlerExport<\n  CreateInterfaceMethodHooks,\n  CreateInterfaceParameters,\n  CreateInterfaceResult\n> = {\n  methodNames: ['snap_createInterface'],\n  implementation: getCreateInterfaceImplementation,\n  hookNames,\n};\n\nconst CreateInterfaceParametersStruct = object({\n  ui: ComponentStruct,\n});\n\nexport type CreateInterfaceParameters = InferMatching<\n  typeof CreateInterfaceParametersStruct,\n  CreateInterfaceParams\n>;\n\n/**\n * The `snap_createInterface` method implementation.\n *\n * @param req - The JSON-RPC request object.\n * @param res - The JSON-RPC response object.\n * @param _next - The `json-rpc-engine` \"next\" callback. Not used by this\n * function.\n * @param end - The `json-rpc-engine` \"end\" callback.\n * @param hooks - The RPC method hooks.\n * @param hooks.createInterface - The function to create the interface.\n * @returns Nothing.\n */\nasync function getCreateInterfaceImplementation(\n  req: JsonRpcRequest<CreateInterfaceParameters>,\n  res: PendingJsonRpcResponse<CreateInterfaceResult>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  { createInterface }: CreateInterfaceMethodHooks,\n): Promise<void> {\n  const { params } = req;\n\n  try {\n    const validatedParams = getValidatedParams(params);\n\n    const { ui } = validatedParams;\n\n    res.result = await createInterface(ui);\n  } catch (error) {\n    return end(error);\n  }\n\n  return end();\n}\n\n/**\n * Validate the createInterface method `params` and returns them cast to the correct\n * type. Throws if validation fails.\n *\n * @param params - The unvalidated params object from the method request.\n * @returns The validated createInterface method parameter object.\n */\nfunction getValidatedParams(params: unknown): CreateInterfaceParameters {\n  try {\n    return create(params, CreateInterfaceParametersStruct);\n  } catch (error) {\n    if (error instanceof StructError) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid params: ${error.message}.`,\n      });\n    }\n    /* istanbul ignore next */\n    throw rpcErrors.internal();\n  }\n}\n"],"names":["rpcErrors","ComponentStruct","StructError","create","object","hookNames","createInterface","createInterfaceHandler","methodNames","implementation","getCreateInterfaceImplementation","CreateInterfaceParametersStruct","ui","req","res","_next","end","params","validatedParams","getValidatedParams","result","error","invalidParams","message","internal"],"mappings":"AAEA,SAASA,SAAS,QAAQ,uBAAuB;AAOjD,SAASC,eAAe,QAAQ,sBAAsB;AAGtD,SAASC,WAAW,EAAEC,MAAM,EAAEC,MAAM,QAAQ,cAAc;AAI1D,MAAMC,YAA2D;IAC/DC,iBAAiB;AACnB;AAUA,OAAO,MAAMC,yBAIT;IACFC,aAAa;QAAC;KAAuB;IACrCC,gBAAgBC;IAChBL;AACF,EAAE;AAEF,MAAMM,kCAAkCP,OAAO;IAC7CQ,IAAIX;AACN;AAOA;;;;;;;;;;;CAWC,GACD,eAAeS,iCACbG,GAA8C,EAC9CC,GAAkD,EAClDC,KAAc,EACdC,GAA6B,EAC7B,EAAEV,eAAe,EAA8B;IAE/C,MAAM,EAAEW,MAAM,EAAE,GAAGJ;IAEnB,IAAI;QACF,MAAMK,kBAAkBC,mBAAmBF;QAE3C,MAAM,EAAEL,EAAE,EAAE,GAAGM;QAEfJ,IAAIM,MAAM,GAAG,MAAMd,gBAAgBM;IACrC,EAAE,OAAOS,OAAO;QACd,OAAOL,IAAIK;IACb;IAEA,OAAOL;AACT;AAEA;;;;;;CAMC,GACD,SAASG,mBAAmBF,MAAe;IACzC,IAAI;QACF,OAAOd,OAAOc,QAAQN;IACxB,EAAE,OAAOU,OAAO;QACd,IAAIA,iBAAiBnB,aAAa;YAChC,MAAMF,UAAUsB,aAAa,CAAC;gBAC5BC,SAAS,CAAC,gBAAgB,EAAEF,MAAME,OAAO,CAAC,CAAC,CAAC;YAC9C;QACF;QACA,wBAAwB,GACxB,MAAMvB,UAAUwB,QAAQ;IAC1B;AACF"}

package/dist/esm/permitted/getClientStatus.js

@@ -0,0 +1,32 @@
+const hookNames = {
+    getIsLocked: true
+};
+/**
+ * `snap_getClientStatus` returns useful information about the client running the snap.
+ */ export const getClientStatusHandler = {
+    methodNames: [
+        'snap_getClientStatus'
+    ],
+    implementation: getClientStatusImplementation,
+    hookNames
+};
+/**
+ * The `snap_getClientStatus` method implementation.
+ * Returns useful information about the client running the snap.
+ *
+ * @param _request - The JSON-RPC request object. Not used by this function.
+ * @param response - The JSON-RPC response object.
+ * @param _next - The `json-rpc-engine` "next" callback. Not used by this
+ * function.
+ * @param end - The `json-rpc-engine` "end" callback.
+ * @param hooks - The RPC method hooks.
+ * @param hooks.getIsLocked - A function that returns whether the client is locked or not.
+ * @returns Nothing.
+ */ async function getClientStatusImplementation(_request, response, _next, end, { getIsLocked }) {
+    response.result = {
+        locked: getIsLocked()
+    };
+    return end();
+}
+
+//# sourceMappingURL=getClientStatus.js.map

package/dist/esm/permitted/getClientStatus.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/permitted/getClientStatus.ts"],"sourcesContent":["import type { JsonRpcEngineEndCallback } from '@metamask/json-rpc-engine';\nimport type { PermittedHandlerExport } from '@metamask/permission-controller';\nimport type { GetClientStatusResult } from '@metamask/snaps-sdk';\nimport type {\n  JsonRpcParams,\n  JsonRpcRequest,\n  PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport type { MethodHooksObject } from '../utils';\n\nconst hookNames: MethodHooksObject<GetClientStatusHooks> = {\n  getIsLocked: true,\n};\n\n/**\n * `snap_getClientStatus` returns useful information about the client running the snap.\n */\nexport const getClientStatusHandler: PermittedHandlerExport<\n  GetClientStatusHooks,\n  JsonRpcParams,\n  GetClientStatusResult\n> = {\n  methodNames: ['snap_getClientStatus'],\n  implementation: getClientStatusImplementation,\n  hookNames,\n};\n\nexport type GetClientStatusHooks = {\n  /**\n   * @returns Whether the client is locked or not.\n   */\n  getIsLocked: () => boolean;\n};\n\n/**\n * The `snap_getClientStatus` method implementation.\n * Returns useful information about the client running the snap.\n *\n * @param _request - The JSON-RPC request object. Not used by this function.\n * @param response - The JSON-RPC response object.\n * @param _next - The `json-rpc-engine` \"next\" callback. Not used by this\n * function.\n * @param end - The `json-rpc-engine` \"end\" callback.\n * @param hooks - The RPC method hooks.\n * @param hooks.getIsLocked - A function that returns whether the client is locked or not.\n * @returns Nothing.\n */\nasync function getClientStatusImplementation(\n  _request: JsonRpcRequest,\n  response: PendingJsonRpcResponse<GetClientStatusResult>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  { getIsLocked }: GetClientStatusHooks,\n): Promise<void> {\n  response.result = { locked: getIsLocked() };\n  return end();\n}\n"],"names":["hookNames","getIsLocked","getClientStatusHandler","methodNames","implementation","getClientStatusImplementation","_request","response","_next","end","result","locked"],"mappings":"AAWA,MAAMA,YAAqD;IACzDC,aAAa;AACf;AAEA;;CAEC,GACD,OAAO,MAAMC,yBAIT;IACFC,aAAa;QAAC;KAAuB;IACrCC,gBAAgBC;IAChBL;AACF,EAAE;AASF;;;;;;;;;;;;CAYC,GACD,eAAeK,8BACbC,QAAwB,EACxBC,QAAuD,EACvDC,KAAc,EACdC,GAA6B,EAC7B,EAAER,WAAW,EAAwB;IAErCM,SAASG,MAAM,GAAG;QAAEC,QAAQV;IAAc;IAC1C,OAAOQ;AACT"}

package/dist/esm/permitted/getFile.js

@@ -29,7 +29,7 @@ export const getFileHandler = {
  * function.
  * @param end - The `json-rpc-engine` "end" callback.
  * @param hooks - The RPC method hooks.
- * @param hooks.getSnapFile - The funnction to load a static snap file.
+ * @param hooks.getSnapFile - The function to load a static snap file.
  * @returns Nothing.
  */ async function implementation(req, res, _next, end, { getSnapFile }) {
     const { params } = req;