@metamask/snaps-rpc-methods 6.0.0 → 7.0.1

package/dist/chunk-4W7U4OH6.js

@@ -0,0 +1,42 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});// src/permitted/getInterfaceState.ts
+var _rpcerrors = require('@metamask/rpc-errors');
+var _superstruct = require('superstruct');
+var hookNames = {
+  getInterfaceState: true
+};
+var getInterfaceStateHandler = {
+  methodNames: ["snap_getInterfaceState"],
+  implementation: getGetInterfaceStateImplementation,
+  hookNames
+};
+var GetInterfaceStateParametersStruct = _superstruct.object.call(void 0, {
+  id: _superstruct.string.call(void 0, )
+});
+function getGetInterfaceStateImplementation(req, res, _next, end, { getInterfaceState }) {
+  const { params } = req;
+  try {
+    const validatedParams = getValidatedParams(params);
+    const { id } = validatedParams;
+    res.result = getInterfaceState(id);
+  } catch (error) {
+    return end(error);
+  }
+  return end();
+}
+function getValidatedParams(params) {
+  try {
+    return _superstruct.create.call(void 0, params, GetInterfaceStateParametersStruct);
+  } catch (error) {
+    if (error instanceof _superstruct.StructError) {
+      throw _rpcerrors.rpcErrors.invalidParams({
+        message: `Invalid params: ${error.message}.`
+      });
+    }
+    throw _rpcerrors.rpcErrors.internal();
+  }
+}
+
+
+
+exports.getInterfaceStateHandler = getInterfaceStateHandler;
+//# sourceMappingURL=chunk-4W7U4OH6.js.map

package/dist/chunk-4W7U4OH6.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/permitted/getInterfaceState.ts"],"names":[],"mappings":";AAEA,SAAS,iBAAiB;AAS1B,SAAS,aAAa,QAAQ,QAAQ,cAAc;AAIpD,IAAM,YAA6D;AAAA,EACjE,mBAAmB;AACrB;AAUO,IAAM,2BAIT;AAAA,EACF,aAAa,CAAC,wBAAwB;AAAA,EACtC,gBAAgB;AAAA,EAChB;AACF;AAEA,IAAM,oCAAoC,OAAO;AAAA,EAC/C,IAAI,OAAO;AACb,CAAC;AAmBD,SAAS,mCACP,KACA,KACA,OACA,KACA,EAAE,kBAAkB,GACd;AACN,QAAM,EAAE,OAAO,IAAI;AAEnB,MAAI;AACF,UAAM,kBAAkB,mBAAmB,MAAM;AAEjD,UAAM,EAAE,GAAG,IAAI;AAEf,QAAI,SAAS,kBAAkB,EAAE;AAAA,EACnC,SAAS,OAAO;AACd,WAAO,IAAI,KAAK;AAAA,EAClB;AAEA,SAAO,IAAI;AACb;AASA,SAAS,mBAAmB,QAA8C;AACxE,MAAI;AACF,WAAO,OAAO,QAAQ,iCAAiC;AAAA,EACzD,SAAS,OAAO;AACd,QAAI,iBAAiB,aAAa;AAChC,YAAM,UAAU,cAAc;AAAA,QAC5B,SAAS,mBAAmB,MAAM,OAAO;AAAA,MAC3C,CAAC;AAAA,IACH;AAEA,UAAM,UAAU,SAAS;AAAA,EAC3B;AACF","sourcesContent":["import type { JsonRpcEngineEndCallback } from '@metamask/json-rpc-engine';\nimport type { PermittedHandlerExport } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type {\n  GetInterfaceStateParams,\n  GetInterfaceStateResult,\n  InterfaceState,\n  JsonRpcRequest,\n} from '@metamask/snaps-sdk';\nimport { type InferMatching } from '@metamask/snaps-utils';\nimport type { PendingJsonRpcResponse } from '@metamask/utils';\nimport { StructError, create, object, string } from 'superstruct';\n\nimport type { MethodHooksObject } from '../utils';\n\nconst hookNames: MethodHooksObject<GetInterfaceStateMethodHooks> = {\n  getInterfaceState: true,\n};\n\nexport type GetInterfaceStateMethodHooks = {\n  /**\n   * @param id - The interface ID.\n   * @returns The interface state.\n   */\n  getInterfaceState: (id: string) => InterfaceState;\n};\n\nexport const getInterfaceStateHandler: PermittedHandlerExport<\n  GetInterfaceStateMethodHooks,\n  GetInterfaceStateParameters,\n  GetInterfaceStateResult\n> = {\n  methodNames: ['snap_getInterfaceState'],\n  implementation: getGetInterfaceStateImplementation,\n  hookNames,\n};\n\nconst GetInterfaceStateParametersStruct = object({\n  id: string(),\n});\n\nexport type GetInterfaceStateParameters = InferMatching<\n  typeof GetInterfaceStateParametersStruct,\n  GetInterfaceStateParams\n>;\n\n/**\n * The `snap_getInterfaceState` method implementation.\n *\n * @param req - The JSON-RPC request object.\n * @param res - The JSON-RPC response object.\n * @param _next - The `json-rpc-engine` \"next\" callback. Not used by this\n * function.\n * @param end - The `json-rpc-engine` \"end\" callback.\n * @param hooks - The RPC method hooks.\n * @param hooks.getInterfaceState - The function to get the interface state.\n * @returns Noting.\n */\nfunction getGetInterfaceStateImplementation(\n  req: JsonRpcRequest<GetInterfaceStateParameters>,\n  res: PendingJsonRpcResponse<GetInterfaceStateResult>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  { getInterfaceState }: GetInterfaceStateMethodHooks,\n): void {\n  const { params } = req;\n\n  try {\n    const validatedParams = getValidatedParams(params);\n\n    const { id } = validatedParams;\n\n    res.result = getInterfaceState(id);\n  } catch (error) {\n    return end(error);\n  }\n\n  return end();\n}\n\n/**\n * Validate the getInterfaceState method `params` and returns them cast to the correct\n * type. Throws if validation fails.\n *\n * @param params - The unvalidated params object from the method request.\n * @returns The validated getInterfaceState method parameter object.\n */\nfunction getValidatedParams(params: unknown): GetInterfaceStateParameters {\n  try {\n    return create(params, GetInterfaceStateParametersStruct);\n  } catch (error) {\n    if (error instanceof StructError) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid params: ${error.message}.`,\n      });\n    }\n    /* istanbul ignore next */\n    throw rpcErrors.internal();\n  }\n}\n"]}

package/dist/chunk-62URQ5VS.mjs

@@ -0,0 +1,18 @@
+// src/permitted/getClientStatus.ts
+var hookNames = {
+  getIsLocked: true
+};
+var getClientStatusHandler = {
+  methodNames: ["snap_getClientStatus"],
+  implementation: getClientStatusImplementation,
+  hookNames
+};
+async function getClientStatusImplementation(_request, response, _next, end, { getIsLocked }) {
+  response.result = { locked: getIsLocked() };
+  return end();
+}
+
+export {
+  getClientStatusHandler
+};
+//# sourceMappingURL=chunk-62URQ5VS.mjs.map

package/dist/chunk-62URQ5VS.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/permitted/getClientStatus.ts"],"sourcesContent":["import type { JsonRpcEngineEndCallback } from '@metamask/json-rpc-engine';\nimport type { PermittedHandlerExport } from '@metamask/permission-controller';\nimport type { GetClientStatusResult } from '@metamask/snaps-sdk';\nimport type {\n  JsonRpcParams,\n  JsonRpcRequest,\n  PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport type { MethodHooksObject } from '../utils';\n\nconst hookNames: MethodHooksObject<GetClientStatusHooks> = {\n  getIsLocked: true,\n};\n\n/**\n * `snap_getClientStatus` returns useful information about the client running the snap.\n */\nexport const getClientStatusHandler: PermittedHandlerExport<\n  GetClientStatusHooks,\n  JsonRpcParams,\n  GetClientStatusResult\n> = {\n  methodNames: ['snap_getClientStatus'],\n  implementation: getClientStatusImplementation,\n  hookNames,\n};\n\nexport type GetClientStatusHooks = {\n  /**\n   * @returns Whether the client is locked or not.\n   */\n  getIsLocked: () => boolean;\n};\n\n/**\n * The `snap_getClientStatus` method implementation.\n * Returns useful information about the client running the snap.\n *\n * @param _request - The JSON-RPC request object. Not used by this function.\n * @param response - The JSON-RPC response object.\n * @param _next - The `json-rpc-engine` \"next\" callback. Not used by this\n * function.\n * @param end - The `json-rpc-engine` \"end\" callback.\n * @param hooks - The RPC method hooks.\n * @param hooks.getIsLocked - A function that returns whether the client is locked or not.\n * @returns Nothing.\n */\nasync function getClientStatusImplementation(\n  _request: JsonRpcRequest,\n  response: PendingJsonRpcResponse<GetClientStatusResult>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  { getIsLocked }: GetClientStatusHooks,\n): Promise<void> {\n  response.result = { locked: getIsLocked() };\n  return end();\n}\n"],"mappings":";AAWA,IAAM,YAAqD;AAAA,EACzD,aAAa;AACf;AAKO,IAAM,yBAIT;AAAA,EACF,aAAa,CAAC,sBAAsB;AAAA,EACpC,gBAAgB;AAAA,EAChB;AACF;AAsBA,eAAe,8BACb,UACA,UACA,OACA,KACA,EAAE,YAAY,GACC;AACf,WAAS,SAAS,EAAE,QAAQ,YAAY,EAAE;AAC1C,SAAO,IAAI;AACb;","names":[]}

package/dist/chunk-6TKD32TS.js

@@ -0,0 +1,78 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+var _chunkQMULJEYNjs = require('./chunk-QMULJEYN.js');
+
+// src/endowments/transaction-insight.ts
+var _permissioncontroller = require('@metamask/permission-controller');
+var _rpcerrors = require('@metamask/rpc-errors');
+var _snapsutils = require('@metamask/snaps-utils');
+var _utils = require('@metamask/utils');
+var permissionName = "endowment:transaction-insight" /* TransactionInsight */;
+var specificationBuilder = (_builderOptions) => {
+  return {
+    permissionType: _permissioncontroller.PermissionType.Endowment,
+    targetName: permissionName,
+    allowedCaveats: [
+      _snapsutils.SnapCaveatType.TransactionOrigin,
+      _snapsutils.SnapCaveatType.MaxRequestTime
+    ],
+    endowmentGetter: (_getterOptions) => void 0,
+    validator: _chunkQMULJEYNjs.createGenericPermissionValidator.call(void 0, [
+      { type: _snapsutils.SnapCaveatType.TransactionOrigin, optional: true },
+      { type: _snapsutils.SnapCaveatType.MaxRequestTime, optional: true }
+    ]),
+    subjectTypes: [_permissioncontroller.SubjectType.Snap]
+  };
+};
+var transactionInsightEndowmentBuilder = Object.freeze({
+  targetName: permissionName,
+  specificationBuilder
+});
+function validateCaveat(caveat) {
+  if (!_utils.hasProperty.call(void 0, caveat, "value") || !_utils.isPlainObject.call(void 0, caveat)) {
+    throw _rpcerrors.rpcErrors.invalidParams({
+      message: "Expected a plain object."
+    });
+  }
+  const { value } = caveat;
+  _utils.assert.call(void 0, 
+    typeof value === "boolean",
+    'Expected caveat value to have type "boolean"'
+  );
+}
+function getTransactionInsightCaveatMapper(value) {
+  if (!value || !_utils.isObject.call(void 0, value) || _utils.isObject.call(void 0, value) && Object.keys(value).length === 0) {
+    return { caveats: null };
+  }
+  return {
+    caveats: [
+      {
+        type: _snapsutils.SnapCaveatType.TransactionOrigin,
+        value: _utils.hasProperty.call(void 0, value, "allowTransactionOrigin") && value.allowTransactionOrigin
+      }
+    ]
+  };
+}
+function getTransactionOriginCaveat(permission) {
+  if (!permission?.caveats) {
+    return null;
+  }
+  _utils.assert.call(void 0, permission.caveats.length === 1);
+  _utils.assert.call(void 0, permission.caveats[0].type === _snapsutils.SnapCaveatType.TransactionOrigin);
+  const caveat = permission.caveats[0];
+  return caveat.value ?? null;
+}
+var transactionInsightCaveatSpecifications = {
+  [_snapsutils.SnapCaveatType.TransactionOrigin]: Object.freeze({
+    type: _snapsutils.SnapCaveatType.TransactionOrigin,
+    validator: (caveat) => validateCaveat(caveat)
+  })
+};
+
+
+
+
+
+
+exports.transactionInsightEndowmentBuilder = transactionInsightEndowmentBuilder; exports.getTransactionInsightCaveatMapper = getTransactionInsightCaveatMapper; exports.getTransactionOriginCaveat = getTransactionOriginCaveat; exports.transactionInsightCaveatSpecifications = transactionInsightCaveatSpecifications;
+//# sourceMappingURL=chunk-6TKD32TS.js.map

package/dist/chunk-6TKD32TS.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/endowments/transaction-insight.ts"],"names":[],"mappings":";;;;;AASA,SAAS,gBAAgB,mBAAmB;AAC5C,SAAS,iBAAiB;AAC1B,SAAS,sBAAsB;AAE/B,SAAS,QAAQ,aAAa,UAAU,qBAAqB;AAK7D,IAAM;AAiBN,IAAM,uBAIF,CAAC,oBAA8B;AACjC,SAAO;AAAA,IACL,gBAAgB,eAAe;AAAA,IAC/B,YAAY;AAAA,IACZ,gBAAgB;AAAA,MACd,eAAe;AAAA,MACf,eAAe;AAAA,IACjB;AAAA,IACA,iBAAiB,CAAC,mBAA2C;AAAA,IAC7D,WAAW,iCAAiC;AAAA,MAC1C,EAAE,MAAM,eAAe,mBAAmB,UAAU,KAAK;AAAA,MACzD,EAAE,MAAM,eAAe,gBAAgB,UAAU,KAAK;AAAA,IACxD,CAAC;AAAA,IACD,cAAc,CAAC,YAAY,IAAI;AAAA,EACjC;AACF;AAEO,IAAM,qCAAqC,OAAO,OAAO;AAAA,EAC9D,YAAY;AAAA,EACZ;AACF,CAAU;AAQV,SAAS,eAAe,QAAmC;AACzD,MAAI,CAAC,YAAY,QAAQ,OAAO,KAAK,CAAC,cAAc,MAAM,GAAG;AAC3D,UAAM,UAAU,cAAc;AAAA,MAC5B,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAEA,QAAM,EAAE,MAAM,IAAI;AAElB;AAAA,IACE,OAAO,UAAU;AAAA,IACjB;AAAA,EACF;AACF;AAUO,SAAS,kCACd,OACuC;AACvC,MACE,CAAC,SACD,CAAC,SAAS,KAAK,KACd,SAAS,KAAK,KAAK,OAAO,KAAK,KAAK,EAAE,WAAW,GAClD;AACA,WAAO,EAAE,SAAS,KAAK;AAAA,EACzB;AACA,SAAO;AAAA,IACL,SAAS;AAAA,MACP;AAAA,QACE,MAAM,eAAe;AAAA,QACrB,OACE,YAAY,OAAO,wBAAwB,KAC1C,MAAM;AAAA,MACX;AAAA,IACF;AAAA,EACF;AACF;AAaO,SAAS,2BACd,YACgB;AAChB,MAAI,CAAC,YAAY,SAAS;AACxB,WAAO;AAAA,EACT;AAEA,SAAO,WAAW,QAAQ,WAAW,CAAC;AACtC,SAAO,WAAW,QAAQ,CAAC,EAAE,SAAS,eAAe,iBAAiB;AAEtE,QAAM,SAAS,WAAW,QAAQ,CAAC;AAEnC,SAAO,OAAO,SAAS;AACzB;AAEO,IAAM,yCAGT;AAAA,EACF,CAAC,eAAe,iBAAiB,GAAG,OAAO,OAAO;AAAA,IAChD,MAAM,eAAe;AAAA,IACrB,WAAW,CAAC,WAAgC,eAAe,MAAM;AAAA,EACnE,CAAC;AACH","sourcesContent":["import type {\n  PermissionSpecificationBuilder,\n  EndowmentGetterParams,\n  ValidPermissionSpecification,\n  PermissionValidatorConstraint,\n  PermissionConstraint,\n  CaveatSpecificationConstraint,\n  Caveat,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';\n\nimport { createGenericPermissionValidator } from './caveats';\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.TransactionInsight;\n\ntype TransactionInsightEndowmentSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.Endowment;\n  targetName: typeof permissionName;\n  endowmentGetter: (_options?: EndowmentGetterParams) => undefined;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n  validator: PermissionValidatorConstraint;\n}>;\n\n/**\n * `endowment:transaction-insight` returns nothing; it is intended to be used as a flag\n * by the extension to detect whether the snap has the capability to show information on the transaction confirmation screen.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the transaction-insight endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.Endowment,\n  any,\n  TransactionInsightEndowmentSpecification\n> = (_builderOptions?: unknown) => {\n  return {\n    permissionType: PermissionType.Endowment,\n    targetName: permissionName,\n    allowedCaveats: [\n      SnapCaveatType.TransactionOrigin,\n      SnapCaveatType.MaxRequestTime,\n    ],\n    endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n    validator: createGenericPermissionValidator([\n      { type: SnapCaveatType.TransactionOrigin, optional: true },\n      { type: SnapCaveatType.MaxRequestTime, optional: true },\n    ]),\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nexport const transactionInsightEndowmentBuilder = Object.freeze({\n  targetName: permissionName,\n  specificationBuilder,\n} as const);\n\n/**\n * Validates the type of the caveat value.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveat(caveat: Caveat<string, any>): void {\n  if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {\n    throw rpcErrors.invalidParams({\n      message: 'Expected a plain object.',\n    });\n  }\n\n  const { value } = caveat;\n\n  assert(\n    typeof value === 'boolean',\n    'Expected caveat value to have type \"boolean\"',\n  );\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getTransactionInsightCaveatMapper(\n  value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n  if (\n    !value ||\n    !isObject(value) ||\n    (isObject(value) && Object.keys(value).length === 0)\n  ) {\n    return { caveats: null };\n  }\n  return {\n    caveats: [\n      {\n        type: SnapCaveatType.TransactionOrigin,\n        value:\n          hasProperty(value, 'allowTransactionOrigin') &&\n          (value.allowTransactionOrigin as boolean),\n      },\n    ],\n  };\n}\n\n/**\n * Getter function to get the transaction origin caveat from a permission.\n *\n * This does basic validation of the caveat, but does not validate the type or\n * value of the namespaces object itself, as this is handled by the\n * `PermissionsController` when the permission is requested.\n *\n * @param permission - The permission to get the transaction origin caveat from.\n * @returns The transaction origin, or `null` if the permission does not have a\n * transaction origin caveat.\n */\nexport function getTransactionOriginCaveat(\n  permission?: PermissionConstraint,\n): boolean | null {\n  if (!permission?.caveats) {\n    return null;\n  }\n\n  assert(permission.caveats.length === 1);\n  assert(permission.caveats[0].type === SnapCaveatType.TransactionOrigin);\n\n  const caveat = permission.caveats[0] as Caveat<string, boolean>;\n\n  return caveat.value ?? null;\n}\n\nexport const transactionInsightCaveatSpecifications: Record<\n  SnapCaveatType.TransactionOrigin,\n  CaveatSpecificationConstraint\n> = {\n  [SnapCaveatType.TransactionOrigin]: Object.freeze({\n    type: SnapCaveatType.TransactionOrigin,\n    validator: (caveat: Caveat<string, any>) => validateCaveat(caveat),\n  }),\n};\n"]}

package/dist/chunk-6UY23OOZ.js

@@ -0,0 +1,39 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+var _chunkD6MUXDVIjs = require('./chunk-D6MUXDVI.js');
+
+
+var _chunkYG7W4CDTjs = require('./chunk-YG7W4CDT.js');
+
+// src/permitted/middleware.ts
+var _rpcerrors = require('@metamask/rpc-errors');
+var _snapsutils = require('@metamask/snaps-utils');
+function createSnapsMethodMiddleware(isSnap, hooks) {
+  return async function methodMiddleware(request, response, next, end) {
+    const handler = _chunkD6MUXDVIjs.methodHandlers[request.method];
+    if (handler) {
+      if (String.prototype.startsWith.call(request.method, "snap_") && !isSnap) {
+        return end(_rpcerrors.rpcErrors.methodNotFound());
+      }
+      const { implementation, hookNames } = handler;
+      try {
+        return await implementation(
+          request,
+          response,
+          next,
+          end,
+          _chunkYG7W4CDTjs.selectHooks.call(void 0, hooks, hookNames)
+        );
+      } catch (error) {
+        _snapsutils.logError.call(void 0, error);
+        return end(error);
+      }
+    }
+    return next();
+  };
+}
+
+
+
+exports.createSnapsMethodMiddleware = createSnapsMethodMiddleware;
+//# sourceMappingURL=chunk-6UY23OOZ.js.map

package/dist/chunk-6UY23OOZ.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/permitted/middleware.ts"],"names":[],"mappings":";;;;;;;;AACA,SAAS,iBAAiB;AAC1B,SAAS,gBAAgB;AAalB,SAAS,4BACd,QACA,OACwC;AAGxC,SAAO,eAAe,iBAAiB,SAAS,UAAU,MAAM,KAAK;AACnE,UAAM,UACJ,eAAe,QAAQ,MAAqC;AAC9D,QAAI,SAAS;AACX,UACE,OAAO,UAAU,WAAW,KAAK,QAAQ,QAAQ,OAAO,KACxD,CAAC,QACD;AACA,eAAO,IAAI,UAAU,eAAe,CAAC;AAAA,MACvC;AAGA,YAAM,EAAE,gBAAgB,UAAU,IAAI;AACtC,UAAI;AAEF,eAAO,MAAM;AAAA,UACX;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA,YAAY,OAAO,SAAS;AAAA,QAC9B;AAAA,MACF,SAAS,OAAO;AACd,iBAAS,KAAK;AACd,eAAO,IAAI,KAAK;AAAA,MAClB;AAAA,IACF;AAEA,WAAO,KAAK;AAAA,EACd;AACF","sourcesContent":["import type { JsonRpcMiddleware } from '@metamask/json-rpc-engine';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { logError } from '@metamask/snaps-utils';\nimport type { Json, JsonRpcParams } from '@metamask/utils';\n\nimport { selectHooks } from '../utils';\nimport { methodHandlers } from './handlers';\n\n/**\n * Creates a middleware that handles permitted snap RPC methods.\n *\n * @param isSnap - A flag that should indicate whether the requesting origin is a snap or not.\n * @param hooks - An object containing the hooks made available to the permitted RPC methods.\n * @returns The middleware.\n */\nexport function createSnapsMethodMiddleware(\n  isSnap: boolean,\n  hooks: Record<string, unknown>,\n): JsonRpcMiddleware<JsonRpcParams, Json> {\n  // This is not actually a misused promise, the type is just wrong\n  // eslint-disable-next-line @typescript-eslint/no-misused-promises\n  return async function methodMiddleware(request, response, next, end) {\n    const handler =\n      methodHandlers[request.method as keyof typeof methodHandlers];\n    if (handler) {\n      if (\n        String.prototype.startsWith.call(request.method, 'snap_') &&\n        !isSnap\n      ) {\n        return end(rpcErrors.methodNotFound());\n      }\n\n      // TODO: Once json-rpc-engine types are up to date, we should type this correctly\n      const { implementation, hookNames } = handler as any;\n      try {\n        // Implementations may or may not be async, so we must await them.\n        return await implementation(\n          request,\n          response,\n          next,\n          end,\n          selectHooks(hooks, hookNames),\n        );\n      } catch (error) {\n        logError(error);\n        return end(error);\n      }\n    }\n\n    return next();\n  };\n}\n"]}

package/dist/chunk-6WUIFFMQ.mjs

@@ -0,0 +1,78 @@
+import {
+  getNode
+} from "./chunk-SGQXD5K7.mjs";
+
+// src/restricted/getBip32PublicKey.ts
+import { PermissionType, SubjectType } from "@metamask/permission-controller";
+import { rpcErrors } from "@metamask/rpc-errors";
+import {
+  bip32entropy,
+  Bip32PathStruct,
+  SnapCaveatType
+} from "@metamask/snaps-utils";
+import { assertStruct } from "@metamask/utils";
+import { boolean, enums, object, optional } from "superstruct";
+var targetName = "snap_getBip32PublicKey";
+var Bip32PublicKeyArgsStruct = bip32entropy(
+  object({
+    path: Bip32PathStruct,
+    curve: enums(["ed25519", "secp256k1"]),
+    compressed: optional(boolean())
+  })
+);
+var specificationBuilder = ({ methodHooks: methodHooks2 }) => {
+  return {
+    permissionType: PermissionType.RestrictedMethod,
+    targetName,
+    allowedCaveats: [SnapCaveatType.PermittedDerivationPaths],
+    methodImplementation: getBip32PublicKeyImplementation(methodHooks2),
+    validator: ({ caveats }) => {
+      if (caveats?.length !== 1 || caveats[0].type !== SnapCaveatType.PermittedDerivationPaths) {
+        throw rpcErrors.invalidParams({
+          message: `Expected a single "${SnapCaveatType.PermittedDerivationPaths}" caveat.`
+        });
+      }
+    },
+    subjectTypes: [SubjectType.Snap]
+  };
+};
+var methodHooks = {
+  getMnemonic: true,
+  getUnlockPromise: true
+};
+var getBip32PublicKeyBuilder = Object.freeze({
+  targetName,
+  specificationBuilder,
+  methodHooks
+});
+function getBip32PublicKeyImplementation({
+  getMnemonic,
+  getUnlockPromise
+}) {
+  return async function getBip32PublicKey(args) {
+    await getUnlockPromise(true);
+    assertStruct(
+      args.params,
+      Bip32PublicKeyArgsStruct,
+      "Invalid BIP-32 public key params",
+      rpcErrors.invalidParams
+    );
+    const { params } = args;
+    const node = await getNode({
+      curve: params.curve,
+      path: params.path,
+      secretRecoveryPhrase: await getMnemonic()
+    });
+    if (params.compressed) {
+      return node.compressedPublicKey;
+    }
+    return node.publicKey;
+  };
+}
+
+export {
+  Bip32PublicKeyArgsStruct,
+  getBip32PublicKeyBuilder,
+  getBip32PublicKeyImplementation
+};
+//# sourceMappingURL=chunk-6WUIFFMQ.mjs.map

package/dist/chunk-6WUIFFMQ.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/restricted/getBip32PublicKey.ts"],"sourcesContent":["import type {\n  PermissionSpecificationBuilder,\n  PermissionValidatorConstraint,\n  RestrictedMethodOptions,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type {\n  GetBip32PublicKeyParams,\n  GetBip32PublicKeyResult,\n} from '@metamask/snaps-sdk';\nimport {\n  bip32entropy,\n  Bip32PathStruct,\n  SnapCaveatType,\n} from '@metamask/snaps-utils';\nimport type { NonEmptyArray } from '@metamask/utils';\nimport { assertStruct } from '@metamask/utils';\nimport { boolean, enums, object, optional } from 'superstruct';\n\nimport type { MethodHooksObject } from '../utils';\nimport { getNode } from '../utils';\n\nconst targetName = 'snap_getBip32PublicKey';\n\nexport type GetBip32PublicKeyMethodHooks = {\n  /**\n   * @returns The mnemonic of the user's primary keyring.\n   */\n  getMnemonic: () => Promise<Uint8Array>;\n\n  /**\n   * Waits for the extension to be unlocked.\n   *\n   * @returns A promise that resolves once the extension is unlocked.\n   */\n  getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;\n};\n\ntype GetBip32PublicKeySpecificationBuilderOptions = {\n  methodHooks: GetBip32PublicKeyMethodHooks;\n};\n\ntype GetBip32PublicKeySpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.RestrictedMethod;\n  targetName: typeof targetName;\n  methodImplementation: ReturnType<typeof getBip32PublicKeyImplementation>;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n  validator: PermissionValidatorConstraint;\n}>;\n\nexport const Bip32PublicKeyArgsStruct = bip32entropy(\n  object({\n    path: Bip32PathStruct,\n    curve: enums(['ed25519', 'secp256k1']),\n    compressed: optional(boolean()),\n  }),\n);\n\n/**\n * The specification builder for the `snap_getBip32PublicKey` permission.\n * `snap_getBip32PublicKey` lets the Snap retrieve public keys for a particular\n * BIP-32 node.\n *\n * @param options - The specification builder options.\n * @param options.methodHooks - The RPC method hooks needed by the method implementation.\n * @returns The specification for the `snap_getBip32PublicKey` permission.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.RestrictedMethod,\n  GetBip32PublicKeySpecificationBuilderOptions,\n  GetBip32PublicKeySpecification\n> = ({ methodHooks }: GetBip32PublicKeySpecificationBuilderOptions) => {\n  return {\n    permissionType: PermissionType.RestrictedMethod,\n    targetName,\n    allowedCaveats: [SnapCaveatType.PermittedDerivationPaths],\n    methodImplementation: getBip32PublicKeyImplementation(methodHooks),\n    validator: ({ caveats }) => {\n      if (\n        caveats?.length !== 1 ||\n        caveats[0].type !== SnapCaveatType.PermittedDerivationPaths\n      ) {\n        throw rpcErrors.invalidParams({\n          message: `Expected a single \"${SnapCaveatType.PermittedDerivationPaths}\" caveat.`,\n        });\n      }\n    },\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nconst methodHooks: MethodHooksObject<GetBip32PublicKeyMethodHooks> = {\n  getMnemonic: true,\n  getUnlockPromise: true,\n};\n\nexport const getBip32PublicKeyBuilder = Object.freeze({\n  targetName,\n  specificationBuilder,\n  methodHooks,\n} as const);\n\n/**\n * Builds the method implementation for `snap_getBip32PublicKey`.\n *\n * @param hooks - The RPC method hooks.\n * @param hooks.getMnemonic - A function to retrieve the Secret Recovery Phrase of the user.\n * @param hooks.getUnlockPromise - A function that resolves once the MetaMask extension is unlocked\n * and prompts the user to unlock their MetaMask if it is locked.\n * @returns The method implementation which returns a public key.\n * @throws If the params are invalid.\n */\nexport function getBip32PublicKeyImplementation({\n  getMnemonic,\n  getUnlockPromise,\n}: GetBip32PublicKeyMethodHooks) {\n  return async function getBip32PublicKey(\n    args: RestrictedMethodOptions<GetBip32PublicKeyParams>,\n  ): Promise<GetBip32PublicKeyResult> {\n    await getUnlockPromise(true);\n\n    assertStruct(\n      args.params,\n      Bip32PublicKeyArgsStruct,\n      'Invalid BIP-32 public key params',\n      rpcErrors.invalidParams,\n    );\n\n    const { params } = args;\n    const node = await getNode({\n      curve: params.curve,\n      path: params.path,\n      secretRecoveryPhrase: await getMnemonic(),\n    });\n\n    if (params.compressed) {\n      return node.compressedPublicKey;\n    }\n\n    return node.publicKey;\n  };\n}\n"],"mappings":";;;;;AAMA,SAAS,gBAAgB,mBAAmB;AAC5C,SAAS,iBAAiB;AAK1B;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,SAAS,oBAAoB;AAC7B,SAAS,SAAS,OAAO,QAAQ,gBAAgB;AAKjD,IAAM,aAAa;AA4BZ,IAAM,2BAA2B;AAAA,EACtC,OAAO;AAAA,IACL,MAAM;AAAA,IACN,OAAO,MAAM,CAAC,WAAW,WAAW,CAAC;AAAA,IACrC,YAAY,SAAS,QAAQ,CAAC;AAAA,EAChC,CAAC;AACH;AAWA,IAAM,uBAIF,CAAC,EAAE,aAAAA,aAAY,MAAoD;AACrE,SAAO;AAAA,IACL,gBAAgB,eAAe;AAAA,IAC/B;AAAA,IACA,gBAAgB,CAAC,eAAe,wBAAwB;AAAA,IACxD,sBAAsB,gCAAgCA,YAAW;AAAA,IACjE,WAAW,CAAC,EAAE,QAAQ,MAAM;AAC1B,UACE,SAAS,WAAW,KACpB,QAAQ,CAAC,EAAE,SAAS,eAAe,0BACnC;AACA,cAAM,UAAU,cAAc;AAAA,UAC5B,SAAS,sBAAsB,eAAe,wBAAwB;AAAA,QACxE,CAAC;AAAA,MACH;AAAA,IACF;AAAA,IACA,cAAc,CAAC,YAAY,IAAI;AAAA,EACjC;AACF;AAEA,IAAM,cAA+D;AAAA,EACnE,aAAa;AAAA,EACb,kBAAkB;AACpB;AAEO,IAAM,2BAA2B,OAAO,OAAO;AAAA,EACpD;AAAA,EACA;AAAA,EACA;AACF,CAAU;AAYH,SAAS,gCAAgC;AAAA,EAC9C;AAAA,EACA;AACF,GAAiC;AAC/B,SAAO,eAAe,kBACpB,MACkC;AAClC,UAAM,iBAAiB,IAAI;AAE3B;AAAA,MACE,KAAK;AAAA,MACL;AAAA,MACA;AAAA,MACA,UAAU;AAAA,IACZ;AAEA,UAAM,EAAE,OAAO,IAAI;AACnB,UAAM,OAAO,MAAM,QAAQ;AAAA,MACzB,OAAO,OAAO;AAAA,MACd,MAAM,OAAO;AAAA,MACb,sBAAsB,MAAM,YAAY;AAAA,IAC1C,CAAC;AAED,QAAI,OAAO,YAAY;AACrB,aAAO,KAAK;AAAA,IACd;AAEA,WAAO,KAAK;AAAA,EACd;AACF;","names":["methodHooks"]}

package/dist/chunk-7NBRKDKJ.mjs

@@ -0,0 +1,188 @@
+import {
+  deriveEntropy
+} from "./chunk-SGQXD5K7.mjs";
+
+// src/restricted/manageState.ts
+import { PermissionType, SubjectType } from "@metamask/permission-controller";
+import { rpcErrors } from "@metamask/rpc-errors";
+import { ManageStateOperation } from "@metamask/snaps-sdk";
+import { STATE_ENCRYPTION_MAGIC_VALUE, parseJson } from "@metamask/snaps-utils";
+import { isObject, getJsonSize, assert, isValidJson } from "@metamask/utils";
+var STATE_ENCRYPTION_SALT = "snap_manageState encryption";
+var methodName = "snap_manageState";
+var specificationBuilder = ({
+  allowedCaveats = null,
+  methodHooks: methodHooks2
+}) => {
+  return {
+    permissionType: PermissionType.RestrictedMethod,
+    targetName: methodName,
+    allowedCaveats,
+    methodImplementation: getManageStateImplementation(methodHooks2),
+    subjectTypes: [SubjectType.Snap]
+  };
+};
+var methodHooks = {
+  getMnemonic: true,
+  getUnlockPromise: true,
+  clearSnapState: true,
+  getSnapState: true,
+  updateSnapState: true,
+  encrypt: true,
+  decrypt: true
+};
+var manageStateBuilder = Object.freeze({
+  targetName: methodName,
+  specificationBuilder,
+  methodHooks
+});
+var STORAGE_SIZE_LIMIT = 104857600;
+async function getEncryptionKey({
+  mnemonicPhrase,
+  snapId
+}) {
+  return await deriveEntropy({
+    mnemonicPhrase,
+    input: snapId,
+    salt: STATE_ENCRYPTION_SALT,
+    magic: STATE_ENCRYPTION_MAGIC_VALUE
+  });
+}
+async function encryptState({
+  state,
+  encryptFunction,
+  ...keyArgs
+}) {
+  const encryptionKey = await getEncryptionKey(keyArgs);
+  return await encryptFunction(encryptionKey, state);
+}
+async function decryptState({
+  state,
+  decryptFunction,
+  ...keyArgs
+}) {
+  try {
+    const encryptionKey = await getEncryptionKey(keyArgs);
+    const decryptedState = await decryptFunction(encryptionKey, state);
+    assert(isValidJson(decryptedState));
+    return decryptedState;
+  } catch {
+    throw rpcErrors.internal({
+      message: "Failed to decrypt snap state, the state must be corrupted."
+    });
+  }
+}
+function getManageStateImplementation({
+  getMnemonic,
+  getUnlockPromise,
+  clearSnapState,
+  getSnapState,
+  updateSnapState,
+  encrypt,
+  decrypt
+}) {
+  return async function manageState(options) {
+    const {
+      params = {},
+      method,
+      context: { origin }
+    } = options;
+    const validatedParams = getValidatedParams(params, method);
+    const shouldEncrypt = validatedParams.encrypted ?? true;
+    if (shouldEncrypt && validatedParams.operation !== ManageStateOperation.ClearState) {
+      await getUnlockPromise(true);
+    }
+    switch (validatedParams.operation) {
+      case ManageStateOperation.ClearState:
+        clearSnapState(origin, shouldEncrypt);
+        return null;
+      case ManageStateOperation.GetState: {
+        const state = getSnapState(origin, shouldEncrypt);
+        if (state === null) {
+          return state;
+        }
+        return shouldEncrypt ? await decryptState({
+          state,
+          decryptFunction: decrypt,
+          mnemonicPhrase: await getMnemonic(),
+          snapId: origin
+        }) : parseJson(state);
+      }
+      case ManageStateOperation.UpdateState: {
+        const finalizedState = shouldEncrypt ? await encryptState({
+          state: validatedParams.newState,
+          encryptFunction: encrypt,
+          mnemonicPhrase: await getMnemonic(),
+          snapId: origin
+        }) : JSON.stringify(validatedParams.newState);
+        updateSnapState(origin, finalizedState, shouldEncrypt);
+        return null;
+      }
+      default:
+        throw rpcErrors.invalidParams(
+          `Invalid ${method} operation: "${validatedParams.operation}"`
+        );
+    }
+  };
+}
+function getValidatedParams(params, method, storageSizeLimit = STORAGE_SIZE_LIMIT) {
+  if (!isObject(params)) {
+    throw rpcErrors.invalidParams({
+      message: "Expected params to be a single object."
+    });
+  }
+  const { operation, newState, encrypted } = params;
+  if (!operation || typeof operation !== "string" || !Object.values(ManageStateOperation).includes(
+    operation
+  )) {
+    throw rpcErrors.invalidParams({
+      message: 'Must specify a valid manage state "operation".'
+    });
+  }
+  if (encrypted !== void 0 && typeof encrypted !== "boolean") {
+    throw rpcErrors.invalidParams({
+      message: '"encrypted" parameter must be a boolean if specified.'
+    });
+  }
+  if (operation === ManageStateOperation.UpdateState) {
+    if (!isObject(newState)) {
+      throw rpcErrors.invalidParams({
+        message: `Invalid ${method} "updateState" parameter: The new state must be a plain object.`,
+        data: {
+          receivedNewState: typeof newState === "undefined" ? "undefined" : newState
+        }
+      });
+    }
+    let size;
+    try {
+      size = getJsonSize(newState);
+    } catch {
+      throw rpcErrors.invalidParams({
+        message: `Invalid ${method} "updateState" parameter: The new state must be JSON serializable.`,
+        data: {
+          receivedNewState: typeof newState === "undefined" ? "undefined" : newState
+        }
+      });
+    }
+    if (size > storageSizeLimit) {
+      throw rpcErrors.invalidParams({
+        message: `Invalid ${method} "updateState" parameter: The new state must not exceed ${storageSizeLimit} bytes in size.`,
+        data: {
+          receivedNewState: typeof newState === "undefined" ? "undefined" : newState
+        }
+      });
+    }
+  }
+  return params;
+}
+
+export {
+  STATE_ENCRYPTION_SALT,
+  specificationBuilder,
+  manageStateBuilder,
+  STORAGE_SIZE_LIMIT,
+  getEncryptionKey,
+  getManageStateImplementation,
+  getValidatedParams
+};
+//# sourceMappingURL=chunk-7NBRKDKJ.mjs.map

package/dist/chunk-7NBRKDKJ.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/restricted/manageState.ts"],"sourcesContent":["import type {\n  PermissionSpecificationBuilder,\n  RestrictedMethodOptions,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { ManageStateParams, ManageStateResult } from '@metamask/snaps-sdk';\nimport { ManageStateOperation } from '@metamask/snaps-sdk';\nimport { STATE_ENCRYPTION_MAGIC_VALUE, parseJson } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray, Hex } from '@metamask/utils';\nimport { isObject, getJsonSize, assert, isValidJson } from '@metamask/utils';\n\nimport type { MethodHooksObject } from '../utils';\nimport { deriveEntropy } from '../utils';\n\n// The salt used for SIP-6-based entropy derivation.\nexport const STATE_ENCRYPTION_SALT = 'snap_manageState encryption';\n\nconst methodName = 'snap_manageState';\n\nexport type ManageStateMethodHooks = {\n  /**\n   * @returns The mnemonic of the user's primary keyring.\n   */\n  getMnemonic: () => Promise<Uint8Array>;\n\n  /**\n   * Waits for the extension to be unlocked.\n   *\n   * @returns A promise that resolves once the extension is unlocked.\n   */\n  getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;\n\n  /**\n   * A function that clears the state of the requesting Snap.\n   */\n  clearSnapState: (snapId: string, encrypted: boolean) => void;\n\n  /**\n   * A function that gets the encrypted state of the requesting Snap.\n   *\n   * @returns The current state of the Snap.\n   */\n  getSnapState: (snapId: string, encrypted: boolean) => string;\n\n  /**\n   * A function that updates the state of the requesting Snap.\n   *\n   * @param newState - The new state of the Snap.\n   */\n  updateSnapState: (\n    snapId: string,\n    newState: string,\n    encrypted: boolean,\n  ) => void;\n\n  /**\n   * Encrypts data with a key. This is assumed to perform symmetric encryption.\n   *\n   * @param key - The key to use for encryption, in hexadecimal format.\n   * @param data - The JSON data to encrypt.\n   * @returns The ciphertext as a string. The format for this string is\n   * dependent on the implementation, but MUST be a string.\n   */\n  encrypt: (key: string, data: Json) => Promise<string>;\n\n  /**\n   * Decrypts data with a key. This is assumed to perform symmetric decryption.\n   *\n   * @param key - The key to use for decryption, in hexadecimal format.\n   * @param cipherText - The ciphertext to decrypt. The format for this string\n   * is dependent on the implementation, but MUST be a string.\n   * @returns The decrypted data as a JSON object.\n   */\n  decrypt: (key: Hex, cipherText: string) => Promise<unknown>;\n};\n\ntype ManageStateSpecificationBuilderOptions = {\n  allowedCaveats?: Readonly<NonEmptyArray<string>> | null;\n  methodHooks: ManageStateMethodHooks;\n};\n\ntype ManageStateSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.RestrictedMethod;\n  targetName: typeof methodName;\n  methodImplementation: ReturnType<typeof getManageStateImplementation>;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n}>;\n\n/**\n * The specification builder for the `snap_manageState` permission.\n * `snap_manageState` lets the Snap store and manage some of its state on\n * your device.\n *\n * @param options - The specification builder options.\n * @param options.allowedCaveats - The optional allowed caveats for the permission.\n * @param options.methodHooks - The RPC method hooks needed by the method implementation.\n * @returns The specification for the `snap_manageState` permission.\n */\nexport const specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.RestrictedMethod,\n  ManageStateSpecificationBuilderOptions,\n  ManageStateSpecification\n> = ({\n  allowedCaveats = null,\n  methodHooks,\n}: ManageStateSpecificationBuilderOptions) => {\n  return {\n    permissionType: PermissionType.RestrictedMethod,\n    targetName: methodName,\n    allowedCaveats,\n    methodImplementation: getManageStateImplementation(methodHooks),\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nconst methodHooks: MethodHooksObject<ManageStateMethodHooks> = {\n  getMnemonic: true,\n  getUnlockPromise: true,\n  clearSnapState: true,\n  getSnapState: true,\n  updateSnapState: true,\n  encrypt: true,\n  decrypt: true,\n};\n\nexport const manageStateBuilder = Object.freeze({\n  targetName: methodName,\n  specificationBuilder,\n  methodHooks,\n} as const);\n\nexport const STORAGE_SIZE_LIMIT = 104857600; // In bytes (100MB)\n\ntype GetEncryptionKeyArgs = {\n  snapId: string;\n  mnemonicPhrase: Uint8Array;\n};\n\n/**\n * Get a deterministic encryption key to use for encrypting and decrypting the\n * state.\n *\n * This key should only be used for state encryption using `snap_manageState`.\n * To get other encryption keys, a different salt can be used.\n *\n * @param args - The encryption key args.\n * @param args.snapId - The ID of the snap to get the encryption key for.\n * @param args.mnemonicPhrase - The mnemonic phrase to derive the encryption key\n * from.\n * @returns The state encryption key.\n */\nexport async function getEncryptionKey({\n  mnemonicPhrase,\n  snapId,\n}: GetEncryptionKeyArgs) {\n  return await deriveEntropy({\n    mnemonicPhrase,\n    input: snapId,\n    salt: STATE_ENCRYPTION_SALT,\n    magic: STATE_ENCRYPTION_MAGIC_VALUE,\n  });\n}\n\ntype EncryptStateArgs = GetEncryptionKeyArgs & {\n  state: Json;\n  encryptFunction: ManageStateMethodHooks['encrypt'];\n};\n\n/**\n * Encrypt the state using a deterministic encryption algorithm, based on the\n * snap ID and mnemonic phrase.\n *\n * @param args - The encryption args.\n * @param args.state - The state to encrypt.\n * @param args.encryptFunction - The function to use for encrypting the state.\n * @param args.snapId - The ID of the snap to get the encryption key for.\n * @param args.mnemonicPhrase - The mnemonic phrase to derive the encryption key\n * from.\n * @returns The encrypted state.\n */\nasync function encryptState({\n  state,\n  encryptFunction,\n  ...keyArgs\n}: EncryptStateArgs) {\n  const encryptionKey = await getEncryptionKey(keyArgs);\n  return await encryptFunction(encryptionKey, state);\n}\n\ntype DecryptStateArgs = GetEncryptionKeyArgs & {\n  state: string;\n  decryptFunction: ManageStateMethodHooks['decrypt'];\n};\n\n/**\n * Decrypt the state using a deterministic decryption algorithm, based on the\n * snap ID and mnemonic phrase.\n *\n * @param args - The encryption args.\n * @param args.state - The state to decrypt.\n * @param args.decryptFunction - The function to use for decrypting the state.\n * @param args.snapId - The ID of the snap to get the encryption key for.\n * @param args.mnemonicPhrase - The mnemonic phrase to derive the encryption key\n * from.\n * @returns The encrypted state.\n */\nasync function decryptState({\n  state,\n  decryptFunction,\n  ...keyArgs\n}: DecryptStateArgs) {\n  try {\n    const encryptionKey = await getEncryptionKey(keyArgs);\n    const decryptedState = await decryptFunction(encryptionKey, state);\n\n    assert(isValidJson(decryptedState));\n\n    return decryptedState as Record<string, Json>;\n  } catch {\n    throw rpcErrors.internal({\n      message: 'Failed to decrypt snap state, the state must be corrupted.',\n    });\n  }\n}\n\n/**\n * Builds the method implementation for `snap_manageState`.\n *\n * @param hooks - The RPC method hooks.\n * @param hooks.clearSnapState - A function that clears the state stored for a\n * snap.\n * @param hooks.getSnapState - A function that fetches the persisted decrypted\n * state for a snap.\n * @param hooks.updateSnapState - A function that updates the state stored for a\n * snap.\n * @param hooks.getMnemonic - A function to retrieve the Secret Recovery Phrase\n * of the user.\n * @param hooks.getUnlockPromise - A function that resolves once the MetaMask\n * extension is unlocked and prompts the user to unlock their MetaMask if it is\n * locked.\n * @param hooks.encrypt - A function that encrypts the given state.\n * @param hooks.decrypt - A function that decrypts the given state.\n * @returns The method implementation which either returns `null` for a\n * successful state update/deletion or returns the decrypted state.\n * @throws If the params are invalid.\n */\nexport function getManageStateImplementation({\n  getMnemonic,\n  getUnlockPromise,\n  clearSnapState,\n  getSnapState,\n  updateSnapState,\n  encrypt,\n  decrypt,\n}: ManageStateMethodHooks) {\n  return async function manageState(\n    options: RestrictedMethodOptions<ManageStateParams>,\n  ): Promise<ManageStateResult> {\n    const {\n      params = {},\n      method,\n      context: { origin },\n    } = options;\n    const validatedParams = getValidatedParams(params, method);\n\n    // If the encrypted param is undefined or null we default to true.\n    const shouldEncrypt = validatedParams.encrypted ?? true;\n\n    // We only need to prompt the user when the mnemonic is needed\n    // which it isn't for the clear operation or unencrypted storage.\n    if (\n      shouldEncrypt &&\n      validatedParams.operation !== ManageStateOperation.ClearState\n    ) {\n      await getUnlockPromise(true);\n    }\n\n    switch (validatedParams.operation) {\n      case ManageStateOperation.ClearState:\n        clearSnapState(origin, shouldEncrypt);\n        return null;\n\n      case ManageStateOperation.GetState: {\n        const state = getSnapState(origin, shouldEncrypt);\n        if (state === null) {\n          return state;\n        }\n        return shouldEncrypt\n          ? await decryptState({\n              state,\n              decryptFunction: decrypt,\n              mnemonicPhrase: await getMnemonic(),\n              snapId: origin,\n            })\n          : parseJson<Record<string, Json>>(state);\n      }\n\n      case ManageStateOperation.UpdateState: {\n        const finalizedState = shouldEncrypt\n          ? await encryptState({\n              state: validatedParams.newState,\n              encryptFunction: encrypt,\n              mnemonicPhrase: await getMnemonic(),\n              snapId: origin,\n            })\n          : JSON.stringify(validatedParams.newState);\n\n        updateSnapState(origin, finalizedState, shouldEncrypt);\n        return null;\n      }\n\n      default:\n        throw rpcErrors.invalidParams(\n          `Invalid ${method} operation: \"${\n            validatedParams.operation as string\n          }\"`,\n        );\n    }\n  };\n}\n\n/**\n * Validates the manageState method `params` and returns them cast to the correct\n * type. Throws if validation fails.\n *\n * @param params - The unvalidated params object from the method request.\n * @param method - RPC method name used for debugging errors.\n * @param storageSizeLimit - Maximum allowed size (in bytes) of a new state object.\n * @returns The validated method parameter object.\n */\nexport function getValidatedParams(\n  params: unknown,\n  method: string,\n  storageSizeLimit = STORAGE_SIZE_LIMIT,\n): ManageStateParams {\n  if (!isObject(params)) {\n    throw rpcErrors.invalidParams({\n      message: 'Expected params to be a single object.',\n    });\n  }\n\n  const { operation, newState, encrypted } = params;\n\n  if (\n    !operation ||\n    typeof operation !== 'string' ||\n    !Object.values(ManageStateOperation).includes(\n      operation as ManageStateOperation,\n    )\n  ) {\n    throw rpcErrors.invalidParams({\n      message: 'Must specify a valid manage state \"operation\".',\n    });\n  }\n\n  if (encrypted !== undefined && typeof encrypted !== 'boolean') {\n    throw rpcErrors.invalidParams({\n      message: '\"encrypted\" parameter must be a boolean if specified.',\n    });\n  }\n\n  if (operation === ManageStateOperation.UpdateState) {\n    if (!isObject(newState)) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid ${method} \"updateState\" parameter: The new state must be a plain object.`,\n        data: {\n          receivedNewState:\n            typeof newState === 'undefined' ? 'undefined' : newState,\n        },\n      });\n    }\n\n    let size;\n    try {\n      // `getJsonSize` will throw if the state is not JSON serializable.\n      size = getJsonSize(newState);\n    } catch {\n      throw rpcErrors.invalidParams({\n        message: `Invalid ${method} \"updateState\" parameter: The new state must be JSON serializable.`,\n        data: {\n          receivedNewState:\n            typeof newState === 'undefined' ? 'undefined' : newState,\n        },\n      });\n    }\n\n    if (size > storageSizeLimit) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid ${method} \"updateState\" parameter: The new state must not exceed ${storageSizeLimit} bytes in size.`,\n        data: {\n          receivedNewState:\n            typeof newState === 'undefined' ? 'undefined' : newState,\n        },\n      });\n    }\n  }\n\n  return params as ManageStateParams;\n}\n"],"mappings":";;;;;AAKA,SAAS,gBAAgB,mBAAmB;AAC5C,SAAS,iBAAiB;AAE1B,SAAS,4BAA4B;AACrC,SAAS,8BAA8B,iBAAiB;AAExD,SAAS,UAAU,aAAa,QAAQ,mBAAmB;AAMpD,IAAM,wBAAwB;AAErC,IAAM,aAAa;AAiFZ,IAAM,uBAIT,CAAC;AAAA,EACH,iBAAiB;AAAA,EACjB,aAAAA;AACF,MAA8C;AAC5C,SAAO;AAAA,IACL,gBAAgB,eAAe;AAAA,IAC/B,YAAY;AAAA,IACZ;AAAA,IACA,sBAAsB,6BAA6BA,YAAW;AAAA,IAC9D,cAAc,CAAC,YAAY,IAAI;AAAA,EACjC;AACF;AAEA,IAAM,cAAyD;AAAA,EAC7D,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,cAAc;AAAA,EACd,iBAAiB;AAAA,EACjB,SAAS;AAAA,EACT,SAAS;AACX;AAEO,IAAM,qBAAqB,OAAO,OAAO;AAAA,EAC9C,YAAY;AAAA,EACZ;AAAA,EACA;AACF,CAAU;AAEH,IAAM,qBAAqB;AAoBlC,eAAsB,iBAAiB;AAAA,EACrC;AAAA,EACA;AACF,GAAyB;AACvB,SAAO,MAAM,cAAc;AAAA,IACzB;AAAA,IACA,OAAO;AAAA,IACP,MAAM;AAAA,IACN,OAAO;AAAA,EACT,CAAC;AACH;AAmBA,eAAe,aAAa;AAAA,EAC1B;AAAA,EACA;AAAA,EACA,GAAG;AACL,GAAqB;AACnB,QAAM,gBAAgB,MAAM,iBAAiB,OAAO;AACpD,SAAO,MAAM,gBAAgB,eAAe,KAAK;AACnD;AAmBA,eAAe,aAAa;AAAA,EAC1B;AAAA,EACA;AAAA,EACA,GAAG;AACL,GAAqB;AACnB,MAAI;AACF,UAAM,gBAAgB,MAAM,iBAAiB,OAAO;AACpD,UAAM,iBAAiB,MAAM,gBAAgB,eAAe,KAAK;AAEjE,WAAO,YAAY,cAAc,CAAC;AAElC,WAAO;AAAA,EACT,QAAQ;AACN,UAAM,UAAU,SAAS;AAAA,MACvB,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AACF;AAuBO,SAAS,6BAA6B;AAAA,EAC3C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAA2B;AACzB,SAAO,eAAe,YACpB,SAC4B;AAC5B,UAAM;AAAA,MACJ,SAAS,CAAC;AAAA,MACV;AAAA,MACA,SAAS,EAAE,OAAO;AAAA,IACpB,IAAI;AACJ,UAAM,kBAAkB,mBAAmB,QAAQ,MAAM;AAGzD,UAAM,gBAAgB,gBAAgB,aAAa;AAInD,QACE,iBACA,gBAAgB,cAAc,qBAAqB,YACnD;AACA,YAAM,iBAAiB,IAAI;AAAA,IAC7B;AAEA,YAAQ,gBAAgB,WAAW;AAAA,MACjC,KAAK,qBAAqB;AACxB,uBAAe,QAAQ,aAAa;AACpC,eAAO;AAAA,MAET,KAAK,qBAAqB,UAAU;AAClC,cAAM,QAAQ,aAAa,QAAQ,aAAa;AAChD,YAAI,UAAU,MAAM;AAClB,iBAAO;AAAA,QACT;AACA,eAAO,gBACH,MAAM,aAAa;AAAA,UACjB;AAAA,UACA,iBAAiB;AAAA,UACjB,gBAAgB,MAAM,YAAY;AAAA,UAClC,QAAQ;AAAA,QACV,CAAC,IACD,UAAgC,KAAK;AAAA,MAC3C;AAAA,MAEA,KAAK,qBAAqB,aAAa;AACrC,cAAM,iBAAiB,gBACnB,MAAM,aAAa;AAAA,UACjB,OAAO,gBAAgB;AAAA,UACvB,iBAAiB;AAAA,UACjB,gBAAgB,MAAM,YAAY;AAAA,UAClC,QAAQ;AAAA,QACV,CAAC,IACD,KAAK,UAAU,gBAAgB,QAAQ;AAE3C,wBAAgB,QAAQ,gBAAgB,aAAa;AACrD,eAAO;AAAA,MACT;AAAA,MAEA;AACE,cAAM,UAAU;AAAA,UACd,WAAW,MAAM,gBACf,gBAAgB,SAClB;AAAA,QACF;AAAA,IACJ;AAAA,EACF;AACF;AAWO,SAAS,mBACd,QACA,QACA,mBAAmB,oBACA;AACnB,MAAI,CAAC,SAAS,MAAM,GAAG;AACrB,UAAM,UAAU,cAAc;AAAA,MAC5B,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAEA,QAAM,EAAE,WAAW,UAAU,UAAU,IAAI;AAE3C,MACE,CAAC,aACD,OAAO,cAAc,YACrB,CAAC,OAAO,OAAO,oBAAoB,EAAE;AAAA,IACnC;AAAA,EACF,GACA;AACA,UAAM,UAAU,cAAc;AAAA,MAC5B,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAEA,MAAI,cAAc,UAAa,OAAO,cAAc,WAAW;AAC7D,UAAM,UAAU,cAAc;AAAA,MAC5B,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAEA,MAAI,cAAc,qBAAqB,aAAa;AAClD,QAAI,CAAC,SAAS,QAAQ,GAAG;AACvB,YAAM,UAAU,cAAc;AAAA,QAC5B,SAAS,WAAW,MAAM;AAAA,QAC1B,MAAM;AAAA,UACJ,kBACE,OAAO,aAAa,cAAc,cAAc;AAAA,QACpD;AAAA,MACF,CAAC;AAAA,IACH;AAEA,QAAI;AACJ,QAAI;AAEF,aAAO,YAAY,QAAQ;AAAA,IAC7B,QAAQ;AACN,YAAM,UAAU,cAAc;AAAA,QAC5B,SAAS,WAAW,MAAM;AAAA,QAC1B,MAAM;AAAA,UACJ,kBACE,OAAO,aAAa,cAAc,cAAc;AAAA,QACpD;AAAA,MACF,CAAC;AAAA,IACH;AAEA,QAAI,OAAO,kBAAkB;AAC3B,YAAM,UAAU,cAAc;AAAA,QAC5B,SAAS,WAAW,MAAM,2DAA2D,gBAAgB;AAAA,QACrG,MAAM;AAAA,UACJ,kBACE,OAAO,aAAa,cAAc,cAAc;AAAA,QACpD;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAEA,SAAO;AACT;","names":["methodHooks"]}

package/dist/chunk-7OMVZR5X.mjs

@@ -0,0 +1,39 @@
+import {
+  methodHandlers
+} from "./chunk-JQ456NCC.mjs";
+import {
+  selectHooks
+} from "./chunk-SGQXD5K7.mjs";
+
+// src/permitted/middleware.ts
+import { rpcErrors } from "@metamask/rpc-errors";
+import { logError } from "@metamask/snaps-utils";
+function createSnapsMethodMiddleware(isSnap, hooks) {
+  return async function methodMiddleware(request, response, next, end) {
+    const handler = methodHandlers[request.method];
+    if (handler) {
+      if (String.prototype.startsWith.call(request.method, "snap_") && !isSnap) {
+        return end(rpcErrors.methodNotFound());
+      }
+      const { implementation, hookNames } = handler;
+      try {
+        return await implementation(
+          request,
+          response,
+          next,
+          end,
+          selectHooks(hooks, hookNames)
+        );
+      } catch (error) {
+        logError(error);
+        return end(error);
+      }
+    }
+    return next();
+  };
+}
+
+export {
+  createSnapsMethodMiddleware
+};
+//# sourceMappingURL=chunk-7OMVZR5X.mjs.map

package/dist/chunk-7OMVZR5X.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/permitted/middleware.ts"],"sourcesContent":["import type { JsonRpcMiddleware } from '@metamask/json-rpc-engine';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { logError } from '@metamask/snaps-utils';\nimport type { Json, JsonRpcParams } from '@metamask/utils';\n\nimport { selectHooks } from '../utils';\nimport { methodHandlers } from './handlers';\n\n/**\n * Creates a middleware that handles permitted snap RPC methods.\n *\n * @param isSnap - A flag that should indicate whether the requesting origin is a snap or not.\n * @param hooks - An object containing the hooks made available to the permitted RPC methods.\n * @returns The middleware.\n */\nexport function createSnapsMethodMiddleware(\n  isSnap: boolean,\n  hooks: Record<string, unknown>,\n): JsonRpcMiddleware<JsonRpcParams, Json> {\n  // This is not actually a misused promise, the type is just wrong\n  // eslint-disable-next-line @typescript-eslint/no-misused-promises\n  return async function methodMiddleware(request, response, next, end) {\n    const handler =\n      methodHandlers[request.method as keyof typeof methodHandlers];\n    if (handler) {\n      if (\n        String.prototype.startsWith.call(request.method, 'snap_') &&\n        !isSnap\n      ) {\n        return end(rpcErrors.methodNotFound());\n      }\n\n      // TODO: Once json-rpc-engine types are up to date, we should type this correctly\n      const { implementation, hookNames } = handler as any;\n      try {\n        // Implementations may or may not be async, so we must await them.\n        return await implementation(\n          request,\n          response,\n          next,\n          end,\n          selectHooks(hooks, hookNames),\n        );\n      } catch (error) {\n        logError(error);\n        return end(error);\n      }\n    }\n\n    return next();\n  };\n}\n"],"mappings":";;;;;;;;AACA,SAAS,iBAAiB;AAC1B,SAAS,gBAAgB;AAalB,SAAS,4BACd,QACA,OACwC;AAGxC,SAAO,eAAe,iBAAiB,SAAS,UAAU,MAAM,KAAK;AACnE,UAAM,UACJ,eAAe,QAAQ,MAAqC;AAC9D,QAAI,SAAS;AACX,UACE,OAAO,UAAU,WAAW,KAAK,QAAQ,QAAQ,OAAO,KACxD,CAAC,QACD;AACA,eAAO,IAAI,UAAU,eAAe,CAAC;AAAA,MACvC;AAGA,YAAM,EAAE,gBAAgB,UAAU,IAAI;AACtC,UAAI;AAEF,eAAO,MAAM;AAAA,UACX;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA,YAAY,OAAO,SAAS;AAAA,QAC9B;AAAA,MACF,SAAS,OAAO;AACd,iBAAS,KAAK;AACd,eAAO,IAAI,KAAK;AAAA,MAClB;AAAA,IACF;AAEA,WAAO,KAAK;AAAA,EACd;AACF;","names":[]}

package/dist/chunk-7TVJV425.js

@@ -0,0 +1 @@
+"use strict";//# sourceMappingURL=chunk-7TVJV425.js.map

package/dist/chunk-7TVJV425.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":""}