@metamask/snaps-rpc-methods 6.0.0 → 7.0.1

package/dist/chunk-JQ456NCC.mjs

@@ -0,0 +1,51 @@
+import {
+  invokeKeyringHandler
+} from "./chunk-TKXU7ZXP.mjs";
+import {
+  invokeSnapSugarHandler
+} from "./chunk-MXCJWR45.mjs";
+import {
+  requestSnapsHandler
+} from "./chunk-MXPVC2XP.mjs";
+import {
+  updateInterfaceHandler
+} from "./chunk-YS6TYXCP.mjs";
+import {
+  createInterfaceHandler
+} from "./chunk-WLDEPJGG.mjs";
+import {
+  getAllSnapsHandler
+} from "./chunk-UB3733UY.mjs";
+import {
+  getClientStatusHandler
+} from "./chunk-62URQ5VS.mjs";
+import {
+  getFileHandler
+} from "./chunk-I6FU5MGE.mjs";
+import {
+  getInterfaceStateHandler
+} from "./chunk-TJYMYQAB.mjs";
+import {
+  getSnapsHandler
+} from "./chunk-CH5O2YCX.mjs";
+
+// src/permitted/handlers.ts
+var methodHandlers = {
+  wallet_getAllSnaps: getAllSnapsHandler,
+  wallet_getSnaps: getSnapsHandler,
+  wallet_requestSnaps: requestSnapsHandler,
+  wallet_invokeSnap: invokeSnapSugarHandler,
+  wallet_invokeKeyring: invokeKeyringHandler,
+  snap_getClientStatus: getClientStatusHandler,
+  snap_getFile: getFileHandler,
+  snap_createInterface: createInterfaceHandler,
+  snap_updateInterface: updateInterfaceHandler,
+  snap_getInterfaceState: getInterfaceStateHandler
+};
+var handlers = Object.values(methodHandlers);
+
+export {
+  methodHandlers,
+  handlers
+};
+//# sourceMappingURL=chunk-JQ456NCC.mjs.map

package/dist/chunk-JQ456NCC.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/permitted/handlers.ts"],"sourcesContent":["import { createInterfaceHandler } from './createInterface';\nimport { getAllSnapsHandler } from './getAllSnaps';\nimport { getClientStatusHandler } from './getClientStatus';\nimport { getFileHandler } from './getFile';\nimport { getInterfaceStateHandler } from './getInterfaceState';\nimport { getSnapsHandler } from './getSnaps';\nimport { invokeKeyringHandler } from './invokeKeyring';\nimport { invokeSnapSugarHandler } from './invokeSnapSugar';\nimport { requestSnapsHandler } from './requestSnaps';\nimport { updateInterfaceHandler } from './updateInterface';\n\n/* eslint-disable @typescript-eslint/naming-convention */\nexport const methodHandlers = {\n  wallet_getAllSnaps: getAllSnapsHandler,\n  wallet_getSnaps: getSnapsHandler,\n  wallet_requestSnaps: requestSnapsHandler,\n  wallet_invokeSnap: invokeSnapSugarHandler,\n  wallet_invokeKeyring: invokeKeyringHandler,\n  snap_getClientStatus: getClientStatusHandler,\n  snap_getFile: getFileHandler,\n  snap_createInterface: createInterfaceHandler,\n  snap_updateInterface: updateInterfaceHandler,\n  snap_getInterfaceState: getInterfaceStateHandler,\n};\n/* eslint-enable @typescript-eslint/naming-convention */\n\nexport const handlers = Object.values(methodHandlers);\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAYO,IAAM,iBAAiB;AAAA,EAC5B,oBAAoB;AAAA,EACpB,iBAAiB;AAAA,EACjB,qBAAqB;AAAA,EACrB,mBAAmB;AAAA,EACnB,sBAAsB;AAAA,EACtB,sBAAsB;AAAA,EACtB,cAAc;AAAA,EACd,sBAAsB;AAAA,EACtB,sBAAsB;AAAA,EACtB,wBAAwB;AAC1B;AAGO,IAAM,WAAW,OAAO,OAAO,cAAc;","names":[]}

package/dist/chunk-JRSPKOFG.js

@@ -0,0 +1,115 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+
+
+var _chunkPWUEAR4Hjs = require('./chunk-PWUEAR4H.js');
+
+
+var _chunk3DHVA2FYjs = require('./chunk-3DHVA2FY.js');
+
+
+
+
+var _chunkIEUCBULUjs = require('./chunk-IEUCBULU.js');
+
+
+var _chunkYOHE52XBjs = require('./chunk-YOHE52XB.js');
+
+
+
+
+var _chunkLIWV3FMYjs = require('./chunk-LIWV3FMY.js');
+
+
+
+
+var _chunkTEXEQGNZjs = require('./chunk-TEXEQGNZ.js');
+
+
+
+
+var _chunk6TKD32TSjs = require('./chunk-6TKD32TS.js');
+
+
+
+
+var _chunkFCVWU5XHjs = require('./chunk-FCVWU5XH.js');
+
+
+var _chunkQ27K2I6Zjs = require('./chunk-Q27K2I6Z.js');
+
+
+
+
+var _chunkOQOTJFFVjs = require('./chunk-OQOTJFFV.js');
+
+
+var _chunkB3NIHNXWjs = require('./chunk-B3NIHNXW.js');
+
+
+var _chunkFMDV3RFTjs = require('./chunk-FMDV3RFT.js');
+
+// src/endowments/index.ts
+var _snapsutils = require('@metamask/snaps-utils');
+var endowmentPermissionBuilders = {
+  [_chunkYOHE52XBjs.networkAccessEndowmentBuilder.targetName]: _chunkYOHE52XBjs.networkAccessEndowmentBuilder,
+  [_chunk6TKD32TSjs.transactionInsightEndowmentBuilder.targetName]: _chunk6TKD32TSjs.transactionInsightEndowmentBuilder,
+  [_chunkOQOTJFFVjs.cronjobEndowmentBuilder.targetName]: _chunkOQOTJFFVjs.cronjobEndowmentBuilder,
+  [_chunkB3NIHNXWjs.ethereumProviderEndowmentBuilder.targetName]: _chunkB3NIHNXWjs.ethereumProviderEndowmentBuilder,
+  [_chunkLIWV3FMYjs.rpcEndowmentBuilder.targetName]: _chunkLIWV3FMYjs.rpcEndowmentBuilder,
+  [_chunkQ27K2I6Zjs.webAssemblyEndowmentBuilder.targetName]: _chunkQ27K2I6Zjs.webAssemblyEndowmentBuilder,
+  [_chunkIEUCBULUjs.nameLookupEndowmentBuilder.targetName]: _chunkIEUCBULUjs.nameLookupEndowmentBuilder,
+  [_chunk3DHVA2FYjs.lifecycleHooksEndowmentBuilder.targetName]: _chunk3DHVA2FYjs.lifecycleHooksEndowmentBuilder,
+  [_chunkPWUEAR4Hjs.keyringEndowmentBuilder.targetName]: _chunkPWUEAR4Hjs.keyringEndowmentBuilder,
+  [_chunkFMDV3RFTjs.homePageEndowmentBuilder.targetName]: _chunkFMDV3RFTjs.homePageEndowmentBuilder,
+  [_chunkTEXEQGNZjs.signatureInsightEndowmentBuilder.targetName]: _chunkTEXEQGNZjs.signatureInsightEndowmentBuilder
+};
+var endowmentCaveatSpecifications = {
+  ..._chunkOQOTJFFVjs.cronjobCaveatSpecifications,
+  ..._chunk6TKD32TSjs.transactionInsightCaveatSpecifications,
+  ..._chunkLIWV3FMYjs.rpcCaveatSpecifications,
+  ..._chunkIEUCBULUjs.nameLookupCaveatSpecifications,
+  ..._chunkPWUEAR4Hjs.keyringCaveatSpecifications,
+  ..._chunkTEXEQGNZjs.signatureInsightCaveatSpecifications,
+  ..._chunkFCVWU5XHjs.maxRequestTimeCaveatSpecifications
+};
+var endowmentCaveatMappers = {
+  [_chunkOQOTJFFVjs.cronjobEndowmentBuilder.targetName]: _chunkFCVWU5XHjs.createMaxRequestTimeMapper.call(void 0, 
+    _chunkOQOTJFFVjs.getCronjobCaveatMapper
+  ),
+  [_chunk6TKD32TSjs.transactionInsightEndowmentBuilder.targetName]: _chunkFCVWU5XHjs.createMaxRequestTimeMapper.call(void 0, 
+    _chunk6TKD32TSjs.getTransactionInsightCaveatMapper
+  ),
+  [_chunkLIWV3FMYjs.rpcEndowmentBuilder.targetName]: _chunkFCVWU5XHjs.createMaxRequestTimeMapper.call(void 0, _chunkLIWV3FMYjs.getRpcCaveatMapper),
+  [_chunkIEUCBULUjs.nameLookupEndowmentBuilder.targetName]: _chunkFCVWU5XHjs.createMaxRequestTimeMapper.call(void 0, 
+    _chunkIEUCBULUjs.getNameLookupCaveatMapper
+  ),
+  [_chunkPWUEAR4Hjs.keyringEndowmentBuilder.targetName]: _chunkFCVWU5XHjs.createMaxRequestTimeMapper.call(void 0, 
+    _chunkPWUEAR4Hjs.getKeyringCaveatMapper
+  ),
+  [_chunkTEXEQGNZjs.signatureInsightEndowmentBuilder.targetName]: _chunkFCVWU5XHjs.createMaxRequestTimeMapper.call(void 0, 
+    _chunkTEXEQGNZjs.getSignatureInsightCaveatMapper
+  ),
+  [_chunk3DHVA2FYjs.lifecycleHooksEndowmentBuilder.targetName]: _chunkFCVWU5XHjs.getMaxRequestTimeCaveatMapper,
+  [_chunkFMDV3RFTjs.homePageEndowmentBuilder.targetName]: _chunkFCVWU5XHjs.getMaxRequestTimeCaveatMapper
+};
+var handlerEndowments = {
+  [_snapsutils.HandlerType.OnRpcRequest]: _chunkLIWV3FMYjs.rpcEndowmentBuilder.targetName,
+  [_snapsutils.HandlerType.OnTransaction]: _chunk6TKD32TSjs.transactionInsightEndowmentBuilder.targetName,
+  [_snapsutils.HandlerType.OnCronjob]: _chunkOQOTJFFVjs.cronjobEndowmentBuilder.targetName,
+  [_snapsutils.HandlerType.OnNameLookup]: _chunkIEUCBULUjs.nameLookupEndowmentBuilder.targetName,
+  [_snapsutils.HandlerType.OnInstall]: _chunk3DHVA2FYjs.lifecycleHooksEndowmentBuilder.targetName,
+  [_snapsutils.HandlerType.OnUpdate]: _chunk3DHVA2FYjs.lifecycleHooksEndowmentBuilder.targetName,
+  [_snapsutils.HandlerType.OnKeyringRequest]: _chunkPWUEAR4Hjs.keyringEndowmentBuilder.targetName,
+  [_snapsutils.HandlerType.OnHomePage]: _chunkFMDV3RFTjs.homePageEndowmentBuilder.targetName,
+  [_snapsutils.HandlerType.OnSignature]: _chunkTEXEQGNZjs.signatureInsightEndowmentBuilder.targetName,
+  [_snapsutils.HandlerType.OnUserInput]: null
+};
+
+
+
+
+
+
+exports.endowmentPermissionBuilders = endowmentPermissionBuilders; exports.endowmentCaveatSpecifications = endowmentCaveatSpecifications; exports.endowmentCaveatMappers = endowmentCaveatMappers; exports.handlerEndowments = handlerEndowments;
+//# sourceMappingURL=chunk-JRSPKOFG.js.map

package/dist/chunk-JRSPKOFG.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/endowments/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,SAAS,mBAAmB;AA4CrB,IAAM,8BAA8B;AAAA,EACzC,CAAC,8BAA8B,UAAU,GAAG;AAAA,EAC5C,CAAC,mCAAmC,UAAU,GAC5C;AAAA,EACF,CAAC,wBAAwB,UAAU,GAAG;AAAA,EACtC,CAAC,iCAAiC,UAAU,GAC1C;AAAA,EACF,CAAC,oBAAoB,UAAU,GAAG;AAAA,EAClC,CAAC,4BAA4B,UAAU,GAAG;AAAA,EAC1C,CAAC,2BAA2B,UAAU,GAAG;AAAA,EACzC,CAAC,+BAA+B,UAAU,GAAG;AAAA,EAC7C,CAAC,wBAAwB,UAAU,GAAG;AAAA,EACtC,CAAC,yBAAyB,UAAU,GAAG;AAAA,EACvC,CAAC,iCAAiC,UAAU,GAC1C;AACJ;AAEO,IAAM,gCAAgC;AAAA,EAC3C,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AACL;AAEO,IAAM,yBAGT;AAAA,EACF,CAAC,wBAAwB,UAAU,GAAG;AAAA,IACpC;AAAA,EACF;AAAA,EACA,CAAC,mCAAmC,UAAU,GAAG;AAAA,IAC/C;AAAA,EACF;AAAA,EACA,CAAC,oBAAoB,UAAU,GAC7B,2BAA2B,kBAAkB;AAAA,EAC/C,CAAC,2BAA2B,UAAU,GAAG;AAAA,IACvC;AAAA,EACF;AAAA,EACA,CAAC,wBAAwB,UAAU,GAAG;AAAA,IACpC;AAAA,EACF;AAAA,EACA,CAAC,iCAAiC,UAAU,GAAG;AAAA,IAC7C;AAAA,EACF;AAAA,EACA,CAAC,+BAA+B,UAAU,GAAG;AAAA,EAC7C,CAAC,yBAAyB,UAAU,GAAG;AACzC;AAGO,IAAM,oBAAwD;AAAA,EACnE,CAAC,YAAY,YAAY,GAAG,oBAAoB;AAAA,EAChD,CAAC,YAAY,aAAa,GAAG,mCAAmC;AAAA,EAChE,CAAC,YAAY,SAAS,GAAG,wBAAwB;AAAA,EACjD,CAAC,YAAY,YAAY,GAAG,2BAA2B;AAAA,EACvD,CAAC,YAAY,SAAS,GAAG,+BAA+B;AAAA,EACxD,CAAC,YAAY,QAAQ,GAAG,+BAA+B;AAAA,EACvD,CAAC,YAAY,gBAAgB,GAAG,wBAAwB;AAAA,EACxD,CAAC,YAAY,UAAU,GAAG,yBAAyB;AAAA,EACnD,CAAC,YAAY,WAAW,GAAG,iCAAiC;AAAA,EAC5D,CAAC,YAAY,WAAW,GAAG;AAC7B","sourcesContent":["import type { PermissionConstraint } from '@metamask/permission-controller';\nimport { HandlerType } from '@metamask/snaps-utils';\nimport type { Json } from '@metamask/utils';\n\nimport {\n  createMaxRequestTimeMapper,\n  getMaxRequestTimeCaveatMapper,\n  maxRequestTimeCaveatSpecifications,\n} from './caveats';\nimport {\n  cronjobCaveatSpecifications,\n  cronjobEndowmentBuilder,\n  getCronjobCaveatMapper,\n} from './cronjob';\nimport { ethereumProviderEndowmentBuilder } from './ethereum-provider';\nimport { homePageEndowmentBuilder } from './home-page';\nimport {\n  getKeyringCaveatMapper,\n  keyringCaveatSpecifications,\n  keyringEndowmentBuilder,\n} from './keyring';\nimport { lifecycleHooksEndowmentBuilder } from './lifecycle-hooks';\nimport {\n  getNameLookupCaveatMapper,\n  nameLookupCaveatSpecifications,\n  nameLookupEndowmentBuilder,\n} from './name-lookup';\nimport { networkAccessEndowmentBuilder } from './network-access';\nimport {\n  getRpcCaveatMapper,\n  rpcCaveatSpecifications,\n  rpcEndowmentBuilder,\n} from './rpc';\nimport {\n  getSignatureInsightCaveatMapper,\n  signatureInsightCaveatSpecifications,\n  signatureInsightEndowmentBuilder,\n} from './signature-insight';\nimport {\n  getTransactionInsightCaveatMapper,\n  transactionInsightCaveatSpecifications,\n  transactionInsightEndowmentBuilder,\n} from './transaction-insight';\nimport { webAssemblyEndowmentBuilder } from './web-assembly';\n\nexport const endowmentPermissionBuilders = {\n  [networkAccessEndowmentBuilder.targetName]: networkAccessEndowmentBuilder,\n  [transactionInsightEndowmentBuilder.targetName]:\n    transactionInsightEndowmentBuilder,\n  [cronjobEndowmentBuilder.targetName]: cronjobEndowmentBuilder,\n  [ethereumProviderEndowmentBuilder.targetName]:\n    ethereumProviderEndowmentBuilder,\n  [rpcEndowmentBuilder.targetName]: rpcEndowmentBuilder,\n  [webAssemblyEndowmentBuilder.targetName]: webAssemblyEndowmentBuilder,\n  [nameLookupEndowmentBuilder.targetName]: nameLookupEndowmentBuilder,\n  [lifecycleHooksEndowmentBuilder.targetName]: lifecycleHooksEndowmentBuilder,\n  [keyringEndowmentBuilder.targetName]: keyringEndowmentBuilder,\n  [homePageEndowmentBuilder.targetName]: homePageEndowmentBuilder,\n  [signatureInsightEndowmentBuilder.targetName]:\n    signatureInsightEndowmentBuilder,\n} as const;\n\nexport const endowmentCaveatSpecifications = {\n  ...cronjobCaveatSpecifications,\n  ...transactionInsightCaveatSpecifications,\n  ...rpcCaveatSpecifications,\n  ...nameLookupCaveatSpecifications,\n  ...keyringCaveatSpecifications,\n  ...signatureInsightCaveatSpecifications,\n  ...maxRequestTimeCaveatSpecifications,\n};\n\nexport const endowmentCaveatMappers: Record<\n  string,\n  (value: Json) => Pick<PermissionConstraint, 'caveats'>\n> = {\n  [cronjobEndowmentBuilder.targetName]: createMaxRequestTimeMapper(\n    getCronjobCaveatMapper,\n  ),\n  [transactionInsightEndowmentBuilder.targetName]: createMaxRequestTimeMapper(\n    getTransactionInsightCaveatMapper,\n  ),\n  [rpcEndowmentBuilder.targetName]:\n    createMaxRequestTimeMapper(getRpcCaveatMapper),\n  [nameLookupEndowmentBuilder.targetName]: createMaxRequestTimeMapper(\n    getNameLookupCaveatMapper,\n  ),\n  [keyringEndowmentBuilder.targetName]: createMaxRequestTimeMapper(\n    getKeyringCaveatMapper,\n  ),\n  [signatureInsightEndowmentBuilder.targetName]: createMaxRequestTimeMapper(\n    getSignatureInsightCaveatMapper,\n  ),\n  [lifecycleHooksEndowmentBuilder.targetName]: getMaxRequestTimeCaveatMapper,\n  [homePageEndowmentBuilder.targetName]: getMaxRequestTimeCaveatMapper,\n};\n\n// We allow null because a permitted handler does not have an endowment\nexport const handlerEndowments: Record<HandlerType, string | null> = {\n  [HandlerType.OnRpcRequest]: rpcEndowmentBuilder.targetName,\n  [HandlerType.OnTransaction]: transactionInsightEndowmentBuilder.targetName,\n  [HandlerType.OnCronjob]: cronjobEndowmentBuilder.targetName,\n  [HandlerType.OnNameLookup]: nameLookupEndowmentBuilder.targetName,\n  [HandlerType.OnInstall]: lifecycleHooksEndowmentBuilder.targetName,\n  [HandlerType.OnUpdate]: lifecycleHooksEndowmentBuilder.targetName,\n  [HandlerType.OnKeyringRequest]: keyringEndowmentBuilder.targetName,\n  [HandlerType.OnHomePage]: homePageEndowmentBuilder.targetName,\n  [HandlerType.OnSignature]: signatureInsightEndowmentBuilder.targetName,\n  [HandlerType.OnUserInput]: null,\n};\n\nexport * from './enum';\nexport { getRpcCaveatOrigins } from './rpc';\nexport { getSignatureOriginCaveat } from './signature-insight';\nexport { getTransactionOriginCaveat } from './transaction-insight';\nexport { getChainIdsCaveat, getLookupMatchersCaveat } from './name-lookup';\nexport { getKeyringCaveatOrigins } from './keyring';\nexport { getMaxRequestTimeCaveat } from './caveats';\nexport { getCronjobCaveatJobs } from './cronjob';\n"]}

package/dist/chunk-JWDQUKKU.mjs

@@ -0,0 +1,80 @@
+// src/restricted/notify.ts
+import { PermissionType, SubjectType } from "@metamask/permission-controller";
+import { rpcErrors } from "@metamask/rpc-errors";
+import { NotificationType } from "@metamask/snaps-sdk";
+import { validateTextLinks } from "@metamask/snaps-utils";
+import { isObject } from "@metamask/utils";
+var methodName = "snap_notify";
+var specificationBuilder = ({ allowedCaveats = null, methodHooks: methodHooks2 }) => {
+  return {
+    permissionType: PermissionType.RestrictedMethod,
+    targetName: methodName,
+    allowedCaveats,
+    methodImplementation: getImplementation(methodHooks2),
+    subjectTypes: [SubjectType.Snap]
+  };
+};
+var methodHooks = {
+  showNativeNotification: true,
+  showInAppNotification: true,
+  isOnPhishingList: true,
+  maybeUpdatePhishingList: true
+};
+var notifyBuilder = Object.freeze({
+  targetName: methodName,
+  specificationBuilder,
+  methodHooks
+});
+function getImplementation({
+  showNativeNotification,
+  showInAppNotification,
+  isOnPhishingList,
+  maybeUpdatePhishingList
+}) {
+  return async function implementation(args) {
+    const {
+      params,
+      context: { origin }
+    } = args;
+    const validatedParams = getValidatedParams(params);
+    await maybeUpdatePhishingList();
+    validateTextLinks(validatedParams.message, isOnPhishingList);
+    switch (validatedParams.type) {
+      case NotificationType.Native:
+        return await showNativeNotification(origin, validatedParams);
+      case NotificationType.InApp:
+        return await showInAppNotification(origin, validatedParams);
+      default:
+        throw rpcErrors.invalidParams({
+          message: 'Must specify a valid notification "type".'
+        });
+    }
+  };
+}
+function getValidatedParams(params) {
+  if (!isObject(params)) {
+    throw rpcErrors.invalidParams({
+      message: "Expected params to be a single object."
+    });
+  }
+  const { type, message } = params;
+  if (!type || typeof type !== "string" || !Object.values(NotificationType).includes(type)) {
+    throw rpcErrors.invalidParams({
+      message: 'Must specify a valid notification "type".'
+    });
+  }
+  if (!message || typeof message !== "string" || message.length >= 50) {
+    throw rpcErrors.invalidParams({
+      message: 'Must specify a non-empty string "message" less than 50 characters long.'
+    });
+  }
+  return params;
+}
+
+export {
+  specificationBuilder,
+  notifyBuilder,
+  getImplementation,
+  getValidatedParams
+};
+//# sourceMappingURL=chunk-JWDQUKKU.mjs.map

package/dist/chunk-JWDQUKKU.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/restricted/notify.ts"],"sourcesContent":["import type {\n  PermissionSpecificationBuilder,\n  RestrictedMethodOptions,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { NotificationType } from '@metamask/snaps-sdk';\nimport type {\n  NotifyParams,\n  NotifyResult,\n  EnumToUnion,\n} from '@metamask/snaps-sdk';\nimport { validateTextLinks } from '@metamask/snaps-utils';\nimport type { NonEmptyArray } from '@metamask/utils';\nimport { isObject } from '@metamask/utils';\n\nimport { type MethodHooksObject } from '../utils';\n\nconst methodName = 'snap_notify';\n\nexport type NotificationArgs = {\n  /**\n   * Enum type to determine notification type.\n   */\n  type: EnumToUnion<NotificationType>;\n\n  /**\n   * A message to show on the notification.\n   */\n  message: string;\n};\n\nexport type NotifyMethodHooks = {\n  /**\n   * @param snapId - The ID of the Snap that created the notification.\n   * @param args - The notification arguments.\n   */\n  showNativeNotification: (\n    snapId: string,\n    args: NotificationArgs,\n  ) => Promise<null>;\n\n  /**\n   * @param snapId - The ID of the Snap that created the notification.\n   * @param args - The notification arguments.\n   */\n  showInAppNotification: (\n    snapId: string,\n    args: NotificationArgs,\n  ) => Promise<null>;\n\n  isOnPhishingList: (url: string) => boolean;\n\n  maybeUpdatePhishingList: () => Promise<void>;\n};\n\ntype SpecificationBuilderOptions = {\n  allowedCaveats?: Readonly<NonEmptyArray<string>> | null;\n  methodHooks: NotifyMethodHooks;\n};\n\ntype Specification = ValidPermissionSpecification<{\n  permissionType: PermissionType.RestrictedMethod;\n  targetName: typeof methodName;\n  methodImplementation: ReturnType<typeof getImplementation>;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n}>;\n\n/**\n * The specification builder for the `snap_notify` permission.\n * `snap_notify` allows snaps to send multiple types of notifications to its users.\n *\n * @param options - The specification builder options.\n * @param options.allowedCaveats - The optional allowed caveats for the permission.\n * @param options.methodHooks - The RPC method hooks needed by the method implementation.\n * @returns The specification for the `snap_notify` permission.\n */\nexport const specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.RestrictedMethod,\n  SpecificationBuilderOptions,\n  Specification\n> = ({ allowedCaveats = null, methodHooks }: SpecificationBuilderOptions) => {\n  return {\n    permissionType: PermissionType.RestrictedMethod,\n    targetName: methodName,\n    allowedCaveats,\n    methodImplementation: getImplementation(methodHooks),\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nconst methodHooks: MethodHooksObject<NotifyMethodHooks> = {\n  showNativeNotification: true,\n  showInAppNotification: true,\n  isOnPhishingList: true,\n  maybeUpdatePhishingList: true,\n};\n\nexport const notifyBuilder = Object.freeze({\n  targetName: methodName,\n  specificationBuilder,\n  methodHooks,\n} as const);\n\n/**\n * Builds the method implementation for `snap_notify`.\n *\n * @param hooks - The RPC method hooks.\n * @param hooks.showNativeNotification - A function that shows a native browser notification.\n * @param hooks.showInAppNotification - A function that shows a notification in the MetaMask UI.\n * @param hooks.isOnPhishingList - A function that checks for links against the phishing list.\n * @param hooks.maybeUpdatePhishingList - A function that updates the phishing list if needed.\n * @returns The method implementation which returns `null` on success.\n * @throws If the params are invalid.\n */\nexport function getImplementation({\n  showNativeNotification,\n  showInAppNotification,\n  isOnPhishingList,\n  maybeUpdatePhishingList,\n}: NotifyMethodHooks) {\n  return async function implementation(\n    args: RestrictedMethodOptions<NotifyParams>,\n  ): Promise<NotifyResult> {\n    const {\n      params,\n      context: { origin },\n    } = args;\n\n    const validatedParams = getValidatedParams(params);\n\n    await maybeUpdatePhishingList();\n\n    validateTextLinks(validatedParams.message, isOnPhishingList);\n\n    switch (validatedParams.type) {\n      case NotificationType.Native:\n        return await showNativeNotification(origin, validatedParams);\n      case NotificationType.InApp:\n        return await showInAppNotification(origin, validatedParams);\n      default:\n        throw rpcErrors.invalidParams({\n          message: 'Must specify a valid notification \"type\".',\n        });\n    }\n  };\n}\n\n/**\n * Validates the notify method `params` and returns them cast to the correct\n * type. Throws if validation fails.\n *\n * @param params - The unvalidated params object from the method request.\n * @returns The validated method parameter object.\n */\nexport function getValidatedParams(params: unknown): NotifyParams {\n  if (!isObject(params)) {\n    throw rpcErrors.invalidParams({\n      message: 'Expected params to be a single object.',\n    });\n  }\n\n  const { type, message } = params;\n\n  if (\n    !type ||\n    typeof type !== 'string' ||\n    !Object.values(NotificationType).includes(type as NotificationType)\n  ) {\n    throw rpcErrors.invalidParams({\n      message: 'Must specify a valid notification \"type\".',\n    });\n  }\n\n  // Set to the max message length on a Mac notification for now.\n  if (!message || typeof message !== 'string' || message.length >= 50) {\n    throw rpcErrors.invalidParams({\n      message:\n        'Must specify a non-empty string \"message\" less than 50 characters long.',\n    });\n  }\n\n  return params as NotificationArgs;\n}\n"],"mappings":";AAKA,SAAS,gBAAgB,mBAAmB;AAC5C,SAAS,iBAAiB;AAC1B,SAAS,wBAAwB;AAMjC,SAAS,yBAAyB;AAElC,SAAS,gBAAgB;AAIzB,IAAM,aAAa;AA2DZ,IAAM,uBAIT,CAAC,EAAE,iBAAiB,MAAM,aAAAA,aAAY,MAAmC;AAC3E,SAAO;AAAA,IACL,gBAAgB,eAAe;AAAA,IAC/B,YAAY;AAAA,IACZ;AAAA,IACA,sBAAsB,kBAAkBA,YAAW;AAAA,IACnD,cAAc,CAAC,YAAY,IAAI;AAAA,EACjC;AACF;AAEA,IAAM,cAAoD;AAAA,EACxD,wBAAwB;AAAA,EACxB,uBAAuB;AAAA,EACvB,kBAAkB;AAAA,EAClB,yBAAyB;AAC3B;AAEO,IAAM,gBAAgB,OAAO,OAAO;AAAA,EACzC,YAAY;AAAA,EACZ;AAAA,EACA;AACF,CAAU;AAaH,SAAS,kBAAkB;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAAsB;AACpB,SAAO,eAAe,eACpB,MACuB;AACvB,UAAM;AAAA,MACJ;AAAA,MACA,SAAS,EAAE,OAAO;AAAA,IACpB,IAAI;AAEJ,UAAM,kBAAkB,mBAAmB,MAAM;AAEjD,UAAM,wBAAwB;AAE9B,sBAAkB,gBAAgB,SAAS,gBAAgB;AAE3D,YAAQ,gBAAgB,MAAM;AAAA,MAC5B,KAAK,iBAAiB;AACpB,eAAO,MAAM,uBAAuB,QAAQ,eAAe;AAAA,MAC7D,KAAK,iBAAiB;AACpB,eAAO,MAAM,sBAAsB,QAAQ,eAAe;AAAA,MAC5D;AACE,cAAM,UAAU,cAAc;AAAA,UAC5B,SAAS;AAAA,QACX,CAAC;AAAA,IACL;AAAA,EACF;AACF;AASO,SAAS,mBAAmB,QAA+B;AAChE,MAAI,CAAC,SAAS,MAAM,GAAG;AACrB,UAAM,UAAU,cAAc;AAAA,MAC5B,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAEA,QAAM,EAAE,MAAM,QAAQ,IAAI;AAE1B,MACE,CAAC,QACD,OAAO,SAAS,YAChB,CAAC,OAAO,OAAO,gBAAgB,EAAE,SAAS,IAAwB,GAClE;AACA,UAAM,UAAU,cAAc;AAAA,MAC5B,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAGA,MAAI,CAAC,WAAW,OAAO,YAAY,YAAY,QAAQ,UAAU,IAAI;AACnE,UAAM,UAAU,cAAc;AAAA,MAC5B,SACE;AAAA,IACJ,CAAC;AAAA,EACH;AAEA,SAAO;AACT;","names":["methodHooks"]}

package/dist/chunk-KO4MKRYZ.js

@@ -0,0 +1,188 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+var _chunkYG7W4CDTjs = require('./chunk-YG7W4CDT.js');
+
+// src/restricted/manageState.ts
+var _permissioncontroller = require('@metamask/permission-controller');
+var _rpcerrors = require('@metamask/rpc-errors');
+var _snapssdk = require('@metamask/snaps-sdk');
+var _snapsutils = require('@metamask/snaps-utils');
+var _utils = require('@metamask/utils');
+var STATE_ENCRYPTION_SALT = "snap_manageState encryption";
+var methodName = "snap_manageState";
+var specificationBuilder = ({
+  allowedCaveats = null,
+  methodHooks: methodHooks2
+}) => {
+  return {
+    permissionType: _permissioncontroller.PermissionType.RestrictedMethod,
+    targetName: methodName,
+    allowedCaveats,
+    methodImplementation: getManageStateImplementation(methodHooks2),
+    subjectTypes: [_permissioncontroller.SubjectType.Snap]
+  };
+};
+var methodHooks = {
+  getMnemonic: true,
+  getUnlockPromise: true,
+  clearSnapState: true,
+  getSnapState: true,
+  updateSnapState: true,
+  encrypt: true,
+  decrypt: true
+};
+var manageStateBuilder = Object.freeze({
+  targetName: methodName,
+  specificationBuilder,
+  methodHooks
+});
+var STORAGE_SIZE_LIMIT = 104857600;
+async function getEncryptionKey({
+  mnemonicPhrase,
+  snapId
+}) {
+  return await _chunkYG7W4CDTjs.deriveEntropy.call(void 0, {
+    mnemonicPhrase,
+    input: snapId,
+    salt: STATE_ENCRYPTION_SALT,
+    magic: _snapsutils.STATE_ENCRYPTION_MAGIC_VALUE
+  });
+}
+async function encryptState({
+  state,
+  encryptFunction,
+  ...keyArgs
+}) {
+  const encryptionKey = await getEncryptionKey(keyArgs);
+  return await encryptFunction(encryptionKey, state);
+}
+async function decryptState({
+  state,
+  decryptFunction,
+  ...keyArgs
+}) {
+  try {
+    const encryptionKey = await getEncryptionKey(keyArgs);
+    const decryptedState = await decryptFunction(encryptionKey, state);
+    _utils.assert.call(void 0, _utils.isValidJson.call(void 0, decryptedState));
+    return decryptedState;
+  } catch {
+    throw _rpcerrors.rpcErrors.internal({
+      message: "Failed to decrypt snap state, the state must be corrupted."
+    });
+  }
+}
+function getManageStateImplementation({
+  getMnemonic,
+  getUnlockPromise,
+  clearSnapState,
+  getSnapState,
+  updateSnapState,
+  encrypt,
+  decrypt
+}) {
+  return async function manageState(options) {
+    const {
+      params = {},
+      method,
+      context: { origin }
+    } = options;
+    const validatedParams = getValidatedParams(params, method);
+    const shouldEncrypt = validatedParams.encrypted ?? true;
+    if (shouldEncrypt && validatedParams.operation !== _snapssdk.ManageStateOperation.ClearState) {
+      await getUnlockPromise(true);
+    }
+    switch (validatedParams.operation) {
+      case _snapssdk.ManageStateOperation.ClearState:
+        clearSnapState(origin, shouldEncrypt);
+        return null;
+      case _snapssdk.ManageStateOperation.GetState: {
+        const state = getSnapState(origin, shouldEncrypt);
+        if (state === null) {
+          return state;
+        }
+        return shouldEncrypt ? await decryptState({
+          state,
+          decryptFunction: decrypt,
+          mnemonicPhrase: await getMnemonic(),
+          snapId: origin
+        }) : _snapsutils.parseJson.call(void 0, state);
+      }
+      case _snapssdk.ManageStateOperation.UpdateState: {
+        const finalizedState = shouldEncrypt ? await encryptState({
+          state: validatedParams.newState,
+          encryptFunction: encrypt,
+          mnemonicPhrase: await getMnemonic(),
+          snapId: origin
+        }) : JSON.stringify(validatedParams.newState);
+        updateSnapState(origin, finalizedState, shouldEncrypt);
+        return null;
+      }
+      default:
+        throw _rpcerrors.rpcErrors.invalidParams(
+          `Invalid ${method} operation: "${validatedParams.operation}"`
+        );
+    }
+  };
+}
+function getValidatedParams(params, method, storageSizeLimit = STORAGE_SIZE_LIMIT) {
+  if (!_utils.isObject.call(void 0, params)) {
+    throw _rpcerrors.rpcErrors.invalidParams({
+      message: "Expected params to be a single object."
+    });
+  }
+  const { operation, newState, encrypted } = params;
+  if (!operation || typeof operation !== "string" || !Object.values(_snapssdk.ManageStateOperation).includes(
+    operation
+  )) {
+    throw _rpcerrors.rpcErrors.invalidParams({
+      message: 'Must specify a valid manage state "operation".'
+    });
+  }
+  if (encrypted !== void 0 && typeof encrypted !== "boolean") {
+    throw _rpcerrors.rpcErrors.invalidParams({
+      message: '"encrypted" parameter must be a boolean if specified.'
+    });
+  }
+  if (operation === _snapssdk.ManageStateOperation.UpdateState) {
+    if (!_utils.isObject.call(void 0, newState)) {
+      throw _rpcerrors.rpcErrors.invalidParams({
+        message: `Invalid ${method} "updateState" parameter: The new state must be a plain object.`,
+        data: {
+          receivedNewState: typeof newState === "undefined" ? "undefined" : newState
+        }
+      });
+    }
+    let size;
+    try {
+      size = _utils.getJsonSize.call(void 0, newState);
+    } catch {
+      throw _rpcerrors.rpcErrors.invalidParams({
+        message: `Invalid ${method} "updateState" parameter: The new state must be JSON serializable.`,
+        data: {
+          receivedNewState: typeof newState === "undefined" ? "undefined" : newState
+        }
+      });
+    }
+    if (size > storageSizeLimit) {
+      throw _rpcerrors.rpcErrors.invalidParams({
+        message: `Invalid ${method} "updateState" parameter: The new state must not exceed ${storageSizeLimit} bytes in size.`,
+        data: {
+          receivedNewState: typeof newState === "undefined" ? "undefined" : newState
+        }
+      });
+    }
+  }
+  return params;
+}
+
+
+
+
+
+
+
+
+
+exports.STATE_ENCRYPTION_SALT = STATE_ENCRYPTION_SALT; exports.specificationBuilder = specificationBuilder; exports.manageStateBuilder = manageStateBuilder; exports.STORAGE_SIZE_LIMIT = STORAGE_SIZE_LIMIT; exports.getEncryptionKey = getEncryptionKey; exports.getManageStateImplementation = getManageStateImplementation; exports.getValidatedParams = getValidatedParams;
+//# sourceMappingURL=chunk-KO4MKRYZ.js.map

package/dist/chunk-KO4MKRYZ.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/restricted/manageState.ts"],"names":["methodHooks"],"mappings":";;;;;AAKA,SAAS,gBAAgB,mBAAmB;AAC5C,SAAS,iBAAiB;AAE1B,SAAS,4BAA4B;AACrC,SAAS,8BAA8B,iBAAiB;AAExD,SAAS,UAAU,aAAa,QAAQ,mBAAmB;AAMpD,IAAM,wBAAwB;AAErC,IAAM,aAAa;AAiFZ,IAAM,uBAIT,CAAC;AAAA,EACH,iBAAiB;AAAA,EACjB,aAAAA;AACF,MAA8C;AAC5C,SAAO;AAAA,IACL,gBAAgB,eAAe;AAAA,IAC/B,YAAY;AAAA,IACZ;AAAA,IACA,sBAAsB,6BAA6BA,YAAW;AAAA,IAC9D,cAAc,CAAC,YAAY,IAAI;AAAA,EACjC;AACF;AAEA,IAAM,cAAyD;AAAA,EAC7D,aAAa;AAAA,EACb,kBAAkB;AAAA,EAClB,gBAAgB;AAAA,EAChB,cAAc;AAAA,EACd,iBAAiB;AAAA,EACjB,SAAS;AAAA,EACT,SAAS;AACX;AAEO,IAAM,qBAAqB,OAAO,OAAO;AAAA,EAC9C,YAAY;AAAA,EACZ;AAAA,EACA;AACF,CAAU;AAEH,IAAM,qBAAqB;AAoBlC,eAAsB,iBAAiB;AAAA,EACrC;AAAA,EACA;AACF,GAAyB;AACvB,SAAO,MAAM,cAAc;AAAA,IACzB;AAAA,IACA,OAAO;AAAA,IACP,MAAM;AAAA,IACN,OAAO;AAAA,EACT,CAAC;AACH;AAmBA,eAAe,aAAa;AAAA,EAC1B;AAAA,EACA;AAAA,EACA,GAAG;AACL,GAAqB;AACnB,QAAM,gBAAgB,MAAM,iBAAiB,OAAO;AACpD,SAAO,MAAM,gBAAgB,eAAe,KAAK;AACnD;AAmBA,eAAe,aAAa;AAAA,EAC1B;AAAA,EACA;AAAA,EACA,GAAG;AACL,GAAqB;AACnB,MAAI;AACF,UAAM,gBAAgB,MAAM,iBAAiB,OAAO;AACpD,UAAM,iBAAiB,MAAM,gBAAgB,eAAe,KAAK;AAEjE,WAAO,YAAY,cAAc,CAAC;AAElC,WAAO;AAAA,EACT,QAAQ;AACN,UAAM,UAAU,SAAS;AAAA,MACvB,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AACF;AAuBO,SAAS,6BAA6B;AAAA,EAC3C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAA2B;AACzB,SAAO,eAAe,YACpB,SAC4B;AAC5B,UAAM;AAAA,MACJ,SAAS,CAAC;AAAA,MACV;AAAA,MACA,SAAS,EAAE,OAAO;AAAA,IACpB,IAAI;AACJ,UAAM,kBAAkB,mBAAmB,QAAQ,MAAM;AAGzD,UAAM,gBAAgB,gBAAgB,aAAa;AAInD,QACE,iBACA,gBAAgB,cAAc,qBAAqB,YACnD;AACA,YAAM,iBAAiB,IAAI;AAAA,IAC7B;AAEA,YAAQ,gBAAgB,WAAW;AAAA,MACjC,KAAK,qBAAqB;AACxB,uBAAe,QAAQ,aAAa;AACpC,eAAO;AAAA,MAET,KAAK,qBAAqB,UAAU;AAClC,cAAM,QAAQ,aAAa,QAAQ,aAAa;AAChD,YAAI,UAAU,MAAM;AAClB,iBAAO;AAAA,QACT;AACA,eAAO,gBACH,MAAM,aAAa;AAAA,UACjB;AAAA,UACA,iBAAiB;AAAA,UACjB,gBAAgB,MAAM,YAAY;AAAA,UAClC,QAAQ;AAAA,QACV,CAAC,IACD,UAAgC,KAAK;AAAA,MAC3C;AAAA,MAEA,KAAK,qBAAqB,aAAa;AACrC,cAAM,iBAAiB,gBACnB,MAAM,aAAa;AAAA,UACjB,OAAO,gBAAgB;AAAA,UACvB,iBAAiB;AAAA,UACjB,gBAAgB,MAAM,YAAY;AAAA,UAClC,QAAQ;AAAA,QACV,CAAC,IACD,KAAK,UAAU,gBAAgB,QAAQ;AAE3C,wBAAgB,QAAQ,gBAAgB,aAAa;AACrD,eAAO;AAAA,MACT;AAAA,MAEA;AACE,cAAM,UAAU;AAAA,UACd,WAAW,MAAM,gBACf,gBAAgB,SAClB;AAAA,QACF;AAAA,IACJ;AAAA,EACF;AACF;AAWO,SAAS,mBACd,QACA,QACA,mBAAmB,oBACA;AACnB,MAAI,CAAC,SAAS,MAAM,GAAG;AACrB,UAAM,UAAU,cAAc;AAAA,MAC5B,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAEA,QAAM,EAAE,WAAW,UAAU,UAAU,IAAI;AAE3C,MACE,CAAC,aACD,OAAO,cAAc,YACrB,CAAC,OAAO,OAAO,oBAAoB,EAAE;AAAA,IACnC;AAAA,EACF,GACA;AACA,UAAM,UAAU,cAAc;AAAA,MAC5B,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAEA,MAAI,cAAc,UAAa,OAAO,cAAc,WAAW;AAC7D,UAAM,UAAU,cAAc;AAAA,MAC5B,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAEA,MAAI,cAAc,qBAAqB,aAAa;AAClD,QAAI,CAAC,SAAS,QAAQ,GAAG;AACvB,YAAM,UAAU,cAAc;AAAA,QAC5B,SAAS,WAAW,MAAM;AAAA,QAC1B,MAAM;AAAA,UACJ,kBACE,OAAO,aAAa,cAAc,cAAc;AAAA,QACpD;AAAA,MACF,CAAC;AAAA,IACH;AAEA,QAAI;AACJ,QAAI;AAEF,aAAO,YAAY,QAAQ;AAAA,IAC7B,QAAQ;AACN,YAAM,UAAU,cAAc;AAAA,QAC5B,SAAS,WAAW,MAAM;AAAA,QAC1B,MAAM;AAAA,UACJ,kBACE,OAAO,aAAa,cAAc,cAAc;AAAA,QACpD;AAAA,MACF,CAAC;AAAA,IACH;AAEA,QAAI,OAAO,kBAAkB;AAC3B,YAAM,UAAU,cAAc;AAAA,QAC5B,SAAS,WAAW,MAAM,2DAA2D,gBAAgB;AAAA,QACrG,MAAM;AAAA,UACJ,kBACE,OAAO,aAAa,cAAc,cAAc;AAAA,QACpD;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAEA,SAAO;AACT","sourcesContent":["import type {\n  PermissionSpecificationBuilder,\n  RestrictedMethodOptions,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { ManageStateParams, ManageStateResult } from '@metamask/snaps-sdk';\nimport { ManageStateOperation } from '@metamask/snaps-sdk';\nimport { STATE_ENCRYPTION_MAGIC_VALUE, parseJson } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray, Hex } from '@metamask/utils';\nimport { isObject, getJsonSize, assert, isValidJson } from '@metamask/utils';\n\nimport type { MethodHooksObject } from '../utils';\nimport { deriveEntropy } from '../utils';\n\n// The salt used for SIP-6-based entropy derivation.\nexport const STATE_ENCRYPTION_SALT = 'snap_manageState encryption';\n\nconst methodName = 'snap_manageState';\n\nexport type ManageStateMethodHooks = {\n  /**\n   * @returns The mnemonic of the user's primary keyring.\n   */\n  getMnemonic: () => Promise<Uint8Array>;\n\n  /**\n   * Waits for the extension to be unlocked.\n   *\n   * @returns A promise that resolves once the extension is unlocked.\n   */\n  getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;\n\n  /**\n   * A function that clears the state of the requesting Snap.\n   */\n  clearSnapState: (snapId: string, encrypted: boolean) => void;\n\n  /**\n   * A function that gets the encrypted state of the requesting Snap.\n   *\n   * @returns The current state of the Snap.\n   */\n  getSnapState: (snapId: string, encrypted: boolean) => string;\n\n  /**\n   * A function that updates the state of the requesting Snap.\n   *\n   * @param newState - The new state of the Snap.\n   */\n  updateSnapState: (\n    snapId: string,\n    newState: string,\n    encrypted: boolean,\n  ) => void;\n\n  /**\n   * Encrypts data with a key. This is assumed to perform symmetric encryption.\n   *\n   * @param key - The key to use for encryption, in hexadecimal format.\n   * @param data - The JSON data to encrypt.\n   * @returns The ciphertext as a string. The format for this string is\n   * dependent on the implementation, but MUST be a string.\n   */\n  encrypt: (key: string, data: Json) => Promise<string>;\n\n  /**\n   * Decrypts data with a key. This is assumed to perform symmetric decryption.\n   *\n   * @param key - The key to use for decryption, in hexadecimal format.\n   * @param cipherText - The ciphertext to decrypt. The format for this string\n   * is dependent on the implementation, but MUST be a string.\n   * @returns The decrypted data as a JSON object.\n   */\n  decrypt: (key: Hex, cipherText: string) => Promise<unknown>;\n};\n\ntype ManageStateSpecificationBuilderOptions = {\n  allowedCaveats?: Readonly<NonEmptyArray<string>> | null;\n  methodHooks: ManageStateMethodHooks;\n};\n\ntype ManageStateSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.RestrictedMethod;\n  targetName: typeof methodName;\n  methodImplementation: ReturnType<typeof getManageStateImplementation>;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n}>;\n\n/**\n * The specification builder for the `snap_manageState` permission.\n * `snap_manageState` lets the Snap store and manage some of its state on\n * your device.\n *\n * @param options - The specification builder options.\n * @param options.allowedCaveats - The optional allowed caveats for the permission.\n * @param options.methodHooks - The RPC method hooks needed by the method implementation.\n * @returns The specification for the `snap_manageState` permission.\n */\nexport const specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.RestrictedMethod,\n  ManageStateSpecificationBuilderOptions,\n  ManageStateSpecification\n> = ({\n  allowedCaveats = null,\n  methodHooks,\n}: ManageStateSpecificationBuilderOptions) => {\n  return {\n    permissionType: PermissionType.RestrictedMethod,\n    targetName: methodName,\n    allowedCaveats,\n    methodImplementation: getManageStateImplementation(methodHooks),\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nconst methodHooks: MethodHooksObject<ManageStateMethodHooks> = {\n  getMnemonic: true,\n  getUnlockPromise: true,\n  clearSnapState: true,\n  getSnapState: true,\n  updateSnapState: true,\n  encrypt: true,\n  decrypt: true,\n};\n\nexport const manageStateBuilder = Object.freeze({\n  targetName: methodName,\n  specificationBuilder,\n  methodHooks,\n} as const);\n\nexport const STORAGE_SIZE_LIMIT = 104857600; // In bytes (100MB)\n\ntype GetEncryptionKeyArgs = {\n  snapId: string;\n  mnemonicPhrase: Uint8Array;\n};\n\n/**\n * Get a deterministic encryption key to use for encrypting and decrypting the\n * state.\n *\n * This key should only be used for state encryption using `snap_manageState`.\n * To get other encryption keys, a different salt can be used.\n *\n * @param args - The encryption key args.\n * @param args.snapId - The ID of the snap to get the encryption key for.\n * @param args.mnemonicPhrase - The mnemonic phrase to derive the encryption key\n * from.\n * @returns The state encryption key.\n */\nexport async function getEncryptionKey({\n  mnemonicPhrase,\n  snapId,\n}: GetEncryptionKeyArgs) {\n  return await deriveEntropy({\n    mnemonicPhrase,\n    input: snapId,\n    salt: STATE_ENCRYPTION_SALT,\n    magic: STATE_ENCRYPTION_MAGIC_VALUE,\n  });\n}\n\ntype EncryptStateArgs = GetEncryptionKeyArgs & {\n  state: Json;\n  encryptFunction: ManageStateMethodHooks['encrypt'];\n};\n\n/**\n * Encrypt the state using a deterministic encryption algorithm, based on the\n * snap ID and mnemonic phrase.\n *\n * @param args - The encryption args.\n * @param args.state - The state to encrypt.\n * @param args.encryptFunction - The function to use for encrypting the state.\n * @param args.snapId - The ID of the snap to get the encryption key for.\n * @param args.mnemonicPhrase - The mnemonic phrase to derive the encryption key\n * from.\n * @returns The encrypted state.\n */\nasync function encryptState({\n  state,\n  encryptFunction,\n  ...keyArgs\n}: EncryptStateArgs) {\n  const encryptionKey = await getEncryptionKey(keyArgs);\n  return await encryptFunction(encryptionKey, state);\n}\n\ntype DecryptStateArgs = GetEncryptionKeyArgs & {\n  state: string;\n  decryptFunction: ManageStateMethodHooks['decrypt'];\n};\n\n/**\n * Decrypt the state using a deterministic decryption algorithm, based on the\n * snap ID and mnemonic phrase.\n *\n * @param args - The encryption args.\n * @param args.state - The state to decrypt.\n * @param args.decryptFunction - The function to use for decrypting the state.\n * @param args.snapId - The ID of the snap to get the encryption key for.\n * @param args.mnemonicPhrase - The mnemonic phrase to derive the encryption key\n * from.\n * @returns The encrypted state.\n */\nasync function decryptState({\n  state,\n  decryptFunction,\n  ...keyArgs\n}: DecryptStateArgs) {\n  try {\n    const encryptionKey = await getEncryptionKey(keyArgs);\n    const decryptedState = await decryptFunction(encryptionKey, state);\n\n    assert(isValidJson(decryptedState));\n\n    return decryptedState as Record<string, Json>;\n  } catch {\n    throw rpcErrors.internal({\n      message: 'Failed to decrypt snap state, the state must be corrupted.',\n    });\n  }\n}\n\n/**\n * Builds the method implementation for `snap_manageState`.\n *\n * @param hooks - The RPC method hooks.\n * @param hooks.clearSnapState - A function that clears the state stored for a\n * snap.\n * @param hooks.getSnapState - A function that fetches the persisted decrypted\n * state for a snap.\n * @param hooks.updateSnapState - A function that updates the state stored for a\n * snap.\n * @param hooks.getMnemonic - A function to retrieve the Secret Recovery Phrase\n * of the user.\n * @param hooks.getUnlockPromise - A function that resolves once the MetaMask\n * extension is unlocked and prompts the user to unlock their MetaMask if it is\n * locked.\n * @param hooks.encrypt - A function that encrypts the given state.\n * @param hooks.decrypt - A function that decrypts the given state.\n * @returns The method implementation which either returns `null` for a\n * successful state update/deletion or returns the decrypted state.\n * @throws If the params are invalid.\n */\nexport function getManageStateImplementation({\n  getMnemonic,\n  getUnlockPromise,\n  clearSnapState,\n  getSnapState,\n  updateSnapState,\n  encrypt,\n  decrypt,\n}: ManageStateMethodHooks) {\n  return async function manageState(\n    options: RestrictedMethodOptions<ManageStateParams>,\n  ): Promise<ManageStateResult> {\n    const {\n      params = {},\n      method,\n      context: { origin },\n    } = options;\n    const validatedParams = getValidatedParams(params, method);\n\n    // If the encrypted param is undefined or null we default to true.\n    const shouldEncrypt = validatedParams.encrypted ?? true;\n\n    // We only need to prompt the user when the mnemonic is needed\n    // which it isn't for the clear operation or unencrypted storage.\n    if (\n      shouldEncrypt &&\n      validatedParams.operation !== ManageStateOperation.ClearState\n    ) {\n      await getUnlockPromise(true);\n    }\n\n    switch (validatedParams.operation) {\n      case ManageStateOperation.ClearState:\n        clearSnapState(origin, shouldEncrypt);\n        return null;\n\n      case ManageStateOperation.GetState: {\n        const state = getSnapState(origin, shouldEncrypt);\n        if (state === null) {\n          return state;\n        }\n        return shouldEncrypt\n          ? await decryptState({\n              state,\n              decryptFunction: decrypt,\n              mnemonicPhrase: await getMnemonic(),\n              snapId: origin,\n            })\n          : parseJson<Record<string, Json>>(state);\n      }\n\n      case ManageStateOperation.UpdateState: {\n        const finalizedState = shouldEncrypt\n          ? await encryptState({\n              state: validatedParams.newState,\n              encryptFunction: encrypt,\n              mnemonicPhrase: await getMnemonic(),\n              snapId: origin,\n            })\n          : JSON.stringify(validatedParams.newState);\n\n        updateSnapState(origin, finalizedState, shouldEncrypt);\n        return null;\n      }\n\n      default:\n        throw rpcErrors.invalidParams(\n          `Invalid ${method} operation: \"${\n            validatedParams.operation as string\n          }\"`,\n        );\n    }\n  };\n}\n\n/**\n * Validates the manageState method `params` and returns them cast to the correct\n * type. Throws if validation fails.\n *\n * @param params - The unvalidated params object from the method request.\n * @param method - RPC method name used for debugging errors.\n * @param storageSizeLimit - Maximum allowed size (in bytes) of a new state object.\n * @returns The validated method parameter object.\n */\nexport function getValidatedParams(\n  params: unknown,\n  method: string,\n  storageSizeLimit = STORAGE_SIZE_LIMIT,\n): ManageStateParams {\n  if (!isObject(params)) {\n    throw rpcErrors.invalidParams({\n      message: 'Expected params to be a single object.',\n    });\n  }\n\n  const { operation, newState, encrypted } = params;\n\n  if (\n    !operation ||\n    typeof operation !== 'string' ||\n    !Object.values(ManageStateOperation).includes(\n      operation as ManageStateOperation,\n    )\n  ) {\n    throw rpcErrors.invalidParams({\n      message: 'Must specify a valid manage state \"operation\".',\n    });\n  }\n\n  if (encrypted !== undefined && typeof encrypted !== 'boolean') {\n    throw rpcErrors.invalidParams({\n      message: '\"encrypted\" parameter must be a boolean if specified.',\n    });\n  }\n\n  if (operation === ManageStateOperation.UpdateState) {\n    if (!isObject(newState)) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid ${method} \"updateState\" parameter: The new state must be a plain object.`,\n        data: {\n          receivedNewState:\n            typeof newState === 'undefined' ? 'undefined' : newState,\n        },\n      });\n    }\n\n    let size;\n    try {\n      // `getJsonSize` will throw if the state is not JSON serializable.\n      size = getJsonSize(newState);\n    } catch {\n      throw rpcErrors.invalidParams({\n        message: `Invalid ${method} \"updateState\" parameter: The new state must be JSON serializable.`,\n        data: {\n          receivedNewState:\n            typeof newState === 'undefined' ? 'undefined' : newState,\n        },\n      });\n    }\n\n    if (size > storageSizeLimit) {\n      throw rpcErrors.invalidParams({\n        message: `Invalid ${method} \"updateState\" parameter: The new state must not exceed ${storageSizeLimit} bytes in size.`,\n        data: {\n          receivedNewState:\n            typeof newState === 'undefined' ? 'undefined' : newState,\n        },\n      });\n    }\n  }\n\n  return params as ManageStateParams;\n}\n"]}

package/dist/chunk-KSTF5JYB.mjs

@@ -0,0 +1,23 @@
+// src/endowments/ethereum-provider.ts
+import { PermissionType, SubjectType } from "@metamask/permission-controller";
+var permissionName = "endowment:ethereum-provider" /* EthereumProvider */;
+var specificationBuilder = (_builderOptions) => {
+  return {
+    permissionType: PermissionType.Endowment,
+    targetName: permissionName,
+    allowedCaveats: null,
+    endowmentGetter: (_getterOptions) => {
+      return ["ethereum"];
+    },
+    subjectTypes: [SubjectType.Snap]
+  };
+};
+var ethereumProviderEndowmentBuilder = Object.freeze({
+  targetName: permissionName,
+  specificationBuilder
+});
+
+export {
+  ethereumProviderEndowmentBuilder
+};
+//# sourceMappingURL=chunk-KSTF5JYB.mjs.map

package/dist/chunk-KSTF5JYB.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/endowments/ethereum-provider.ts"],"sourcesContent":["import type {\n  EndowmentGetterParams,\n  PermissionSpecificationBuilder,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.EthereumProvider;\n\ntype EthereumProviderEndowmentSpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.Endowment;\n  targetName: typeof permissionName;\n  endowmentGetter: (_options?: any) => ['ethereum'];\n  allowedCaveats: null;\n}>;\n\n/**\n * `endowment:ethereum-provider` returns the name of the ethereum global browser API.\n * This is intended to populate the endowments of the\n * SES Compartment in which a Snap executes.\n *\n * This populates the global scope with an EIP-1193 provider, which DOES NOT implement all legacy functionality exposed to dapps.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the network endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.Endowment,\n  any,\n  EthereumProviderEndowmentSpecification\n> = (_builderOptions?: any) => {\n  return {\n    permissionType: PermissionType.Endowment,\n    targetName: permissionName,\n    allowedCaveats: null,\n    endowmentGetter: (_getterOptions?: EndowmentGetterParams) => {\n      return ['ethereum'];\n    },\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nexport const ethereumProviderEndowmentBuilder = Object.freeze({\n  targetName: permissionName,\n  specificationBuilder,\n} as const);\n"],"mappings":";AAKA,SAAS,gBAAgB,mBAAmB;AAI5C,IAAM;AAmBN,IAAM,uBAIF,CAAC,oBAA0B;AAC7B,SAAO;AAAA,IACL,gBAAgB,eAAe;AAAA,IAC/B,YAAY;AAAA,IACZ,gBAAgB;AAAA,IAChB,iBAAiB,CAAC,mBAA2C;AAC3D,aAAO,CAAC,UAAU;AAAA,IACpB;AAAA,IACA,cAAc,CAAC,YAAY,IAAI;AAAA,EACjC;AACF;AAEO,IAAM,mCAAmC,OAAO,OAAO;AAAA,EAC5D,YAAY;AAAA,EACZ;AACF,CAAU;","names":[]}

package/dist/chunk-LGUJMQC7.js

@@ -0,0 +1,78 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+var _chunkYG7W4CDTjs = require('./chunk-YG7W4CDT.js');
+
+// src/restricted/getBip32PublicKey.ts
+var _permissioncontroller = require('@metamask/permission-controller');
+var _rpcerrors = require('@metamask/rpc-errors');
+
+
+
+
+var _snapsutils = require('@metamask/snaps-utils');
+var _utils = require('@metamask/utils');
+var _superstruct = require('superstruct');
+var targetName = "snap_getBip32PublicKey";
+var Bip32PublicKeyArgsStruct = _snapsutils.bip32entropy.call(void 0, 
+  _superstruct.object.call(void 0, {
+    path: _snapsutils.Bip32PathStruct,
+    curve: _superstruct.enums.call(void 0, ["ed25519", "secp256k1"]),
+    compressed: _superstruct.optional.call(void 0, _superstruct.boolean.call(void 0, ))
+  })
+);
+var specificationBuilder = ({ methodHooks: methodHooks2 }) => {
+  return {
+    permissionType: _permissioncontroller.PermissionType.RestrictedMethod,
+    targetName,
+    allowedCaveats: [_snapsutils.SnapCaveatType.PermittedDerivationPaths],
+    methodImplementation: getBip32PublicKeyImplementation(methodHooks2),
+    validator: ({ caveats }) => {
+      if (caveats?.length !== 1 || caveats[0].type !== _snapsutils.SnapCaveatType.PermittedDerivationPaths) {
+        throw _rpcerrors.rpcErrors.invalidParams({
+          message: `Expected a single "${_snapsutils.SnapCaveatType.PermittedDerivationPaths}" caveat.`
+        });
+      }
+    },
+    subjectTypes: [_permissioncontroller.SubjectType.Snap]
+  };
+};
+var methodHooks = {
+  getMnemonic: true,
+  getUnlockPromise: true
+};
+var getBip32PublicKeyBuilder = Object.freeze({
+  targetName,
+  specificationBuilder,
+  methodHooks
+});
+function getBip32PublicKeyImplementation({
+  getMnemonic,
+  getUnlockPromise
+}) {
+  return async function getBip32PublicKey(args) {
+    await getUnlockPromise(true);
+    _utils.assertStruct.call(void 0, 
+      args.params,
+      Bip32PublicKeyArgsStruct,
+      "Invalid BIP-32 public key params",
+      _rpcerrors.rpcErrors.invalidParams
+    );
+    const { params } = args;
+    const node = await _chunkYG7W4CDTjs.getNode.call(void 0, {
+      curve: params.curve,
+      path: params.path,
+      secretRecoveryPhrase: await getMnemonic()
+    });
+    if (params.compressed) {
+      return node.compressedPublicKey;
+    }
+    return node.publicKey;
+  };
+}
+
+
+
+
+
+exports.Bip32PublicKeyArgsStruct = Bip32PublicKeyArgsStruct; exports.getBip32PublicKeyBuilder = getBip32PublicKeyBuilder; exports.getBip32PublicKeyImplementation = getBip32PublicKeyImplementation;
+//# sourceMappingURL=chunk-LGUJMQC7.js.map

package/dist/{cjs/restricted/getBip32PublicKey.js.map → chunk-LGUJMQC7.js.map}

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/restricted/getBip32PublicKey.ts"],"sourcesContent":["import type {\n  PermissionSpecificationBuilder,\n  PermissionValidatorConstraint,\n  RestrictedMethodOptions,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type {\n  GetBip32PublicKeyParams,\n  GetBip32PublicKeyResult,\n} from '@metamask/snaps-sdk';\nimport {\n  bip32entropy,\n  Bip32PathStruct,\n  SnapCaveatType,\n} from '@metamask/snaps-utils';\nimport type { NonEmptyArray } from '@metamask/utils';\nimport { assertStruct } from '@metamask/utils';\nimport { boolean, enums, object, optional } from 'superstruct';\n\nimport type { MethodHooksObject } from '../utils';\nimport { getNode } from '../utils';\n\nconst targetName = 'snap_getBip32PublicKey';\n\nexport type GetBip32PublicKeyMethodHooks = {\n  /**\n   * @returns The mnemonic of the user's primary keyring.\n   */\n  getMnemonic: () => Promise<Uint8Array>;\n\n  /**\n   * Waits for the extension to be unlocked.\n   *\n   * @returns A promise that resolves once the extension is unlocked.\n   */\n  getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;\n};\n\ntype GetBip32PublicKeySpecificationBuilderOptions = {\n  methodHooks: GetBip32PublicKeyMethodHooks;\n};\n\ntype GetBip32PublicKeySpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.RestrictedMethod;\n  targetName: typeof targetName;\n  methodImplementation: ReturnType<typeof getBip32PublicKeyImplementation>;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n  validator: PermissionValidatorConstraint;\n}>;\n\nexport const Bip32PublicKeyArgsStruct = bip32entropy(\n  object({\n    path: Bip32PathStruct,\n    curve: enums(['ed25519', 'secp256k1']),\n    compressed: optional(boolean()),\n  }),\n);\n\n/**\n * The specification builder for the `snap_getBip32PublicKey` permission.\n * `snap_getBip32PublicKey` lets the Snap retrieve public keys for a particular\n * BIP-32 node.\n *\n * @param options - The specification builder options.\n * @param options.methodHooks - The RPC method hooks needed by the method implementation.\n * @returns The specification for the `snap_getBip32PublicKey` permission.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.RestrictedMethod,\n  GetBip32PublicKeySpecificationBuilderOptions,\n  GetBip32PublicKeySpecification\n> = ({ methodHooks }: GetBip32PublicKeySpecificationBuilderOptions) => {\n  return {\n    permissionType: PermissionType.RestrictedMethod,\n    targetName,\n    allowedCaveats: [SnapCaveatType.PermittedDerivationPaths],\n    methodImplementation: getBip32PublicKeyImplementation(methodHooks),\n    validator: ({ caveats }) => {\n      if (\n        caveats?.length !== 1 ||\n        caveats[0].type !== SnapCaveatType.PermittedDerivationPaths\n      ) {\n        throw rpcErrors.invalidParams({\n          message: `Expected a single \"${SnapCaveatType.PermittedDerivationPaths}\" caveat.`,\n        });\n      }\n    },\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nconst methodHooks: MethodHooksObject<GetBip32PublicKeyMethodHooks> = {\n  getMnemonic: true,\n  getUnlockPromise: true,\n};\n\nexport const getBip32PublicKeyBuilder = Object.freeze({\n  targetName,\n  specificationBuilder,\n  methodHooks,\n} as const);\n\n/**\n * Builds the method implementation for `snap_getBip32PublicKey`.\n *\n * @param hooks - The RPC method hooks.\n * @param hooks.getMnemonic - A function to retrieve the Secret Recovery Phrase of the user.\n * @param hooks.getUnlockPromise - A function that resolves once the MetaMask extension is unlocked\n * and prompts the user to unlock their MetaMask if it is locked.\n * @returns The method implementation which returns a public key.\n * @throws If the params are invalid.\n */\nexport function getBip32PublicKeyImplementation({\n  getMnemonic,\n  getUnlockPromise,\n}: GetBip32PublicKeyMethodHooks) {\n  return async function getBip32PublicKey(\n    args: RestrictedMethodOptions<GetBip32PublicKeyParams>,\n  ): Promise<GetBip32PublicKeyResult> {\n    await getUnlockPromise(true);\n\n    assertStruct(\n      args.params,\n      Bip32PublicKeyArgsStruct,\n      'Invalid BIP-32 public key params',\n      rpcErrors.invalidParams,\n    );\n\n    const { params } = args;\n    const node = await getNode({\n      curve: params.curve,\n      path: params.path,\n      secretRecoveryPhrase: await getMnemonic(),\n    });\n\n    if (params.compressed) {\n      return node.compressedPublicKey;\n    }\n\n    return node.publicKey;\n  };\n}\n"],"names":["Bip32PublicKeyArgsStruct","getBip32PublicKeyBuilder","getBip32PublicKeyImplementation","targetName","bip32entropy","object","path","Bip32PathStruct","curve","enums","compressed","optional","boolean","specificationBuilder","methodHooks","permissionType","PermissionType","RestrictedMethod","allowedCaveats","SnapCaveatType","PermittedDerivationPaths","methodImplementation","validator","caveats","length","type","rpcErrors","invalidParams","message","subjectTypes","SubjectType","Snap","getMnemonic","getUnlockPromise","Object","freeze","getBip32PublicKey","args","assertStruct","params","node","getNode","secretRecoveryPhrase","compressedPublicKey","publicKey"],"mappings":";;;;;;;;;;;IAoDaA,wBAAwB;eAAxBA;;IA8CAC,wBAAwB;eAAxBA;;IAgBGC,+BAA+B;eAA/BA;;;sCA5G4B;2BAClB;4BASnB;uBAEsB;6BACoB;wBAGzB;AAExB,MAAMC,aAAa;AA4BZ,MAAMH,2BAA2BI,IAAAA,wBAAY,EAClDC,IAAAA,mBAAM,EAAC;IACLC,MAAMC,2BAAe;IACrBC,OAAOC,IAAAA,kBAAK,EAAC;QAAC;QAAW;KAAY;IACrCC,YAAYC,IAAAA,qBAAQ,EAACC,IAAAA,oBAAO;AAC9B;AAGF;;;;;;;;CAQC,GACD,MAAMC,uBAIF,CAAC,EAAEC,WAAW,EAAgD;IAChE,OAAO;QACLC,gBAAgBC,oCAAc,CAACC,gBAAgB;QAC/Cd;QACAe,gBAAgB;YAACC,0BAAc,CAACC,wBAAwB;SAAC;QACzDC,sBAAsBnB,gCAAgCY;QACtDQ,WAAW,CAAC,EAAEC,OAAO,EAAE;YACrB,IACEA,SAASC,WAAW,KACpBD,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKN,0BAAc,CAACC,wBAAwB,EAC3D;gBACA,MAAMM,oBAAS,CAACC,aAAa,CAAC;oBAC5BC,SAAS,CAAC,mBAAmB,EAAET,0BAAc,CAACC,wBAAwB,CAAC,SAAS,CAAC;gBACnF;YACF;QACF;QACAS,cAAc;YAACC,iCAAW,CAACC,IAAI;SAAC;IAClC;AACF;AAEA,MAAMjB,cAA+D;IACnEkB,aAAa;IACbC,kBAAkB;AACpB;AAEO,MAAMhC,2BAA2BiC,OAAOC,MAAM,CAAC;IACpDhC;IACAU;IACAC;AACF;AAYO,SAASZ,gCAAgC,EAC9C8B,WAAW,EACXC,gBAAgB,EACa;IAC7B,OAAO,eAAeG,kBACpBC,IAAsD;QAEtD,MAAMJ,iBAAiB;QAEvBK,IAAAA,mBAAY,EACVD,KAAKE,MAAM,EACXvC,0BACA,oCACA0B,oBAAS,CAACC,aAAa;QAGzB,MAAM,EAAEY,MAAM,EAAE,GAAGF;QACnB,MAAMG,OAAO,MAAMC,IAAAA,eAAO,EAAC;YACzBjC,OAAO+B,OAAO/B,KAAK;YACnBF,MAAMiC,OAAOjC,IAAI;YACjBoC,sBAAsB,MAAMV;QAC9B;QAEA,IAAIO,OAAO7B,UAAU,EAAE;YACrB,OAAO8B,KAAKG,mBAAmB;QACjC;QAEA,OAAOH,KAAKI,SAAS;IACvB;AACF"}
+{"version":3,"sources":["../src/restricted/getBip32PublicKey.ts"],"names":["methodHooks"],"mappings":";;;;;AAMA,SAAS,gBAAgB,mBAAmB;AAC5C,SAAS,iBAAiB;AAK1B;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,SAAS,oBAAoB;AAC7B,SAAS,SAAS,OAAO,QAAQ,gBAAgB;AAKjD,IAAM,aAAa;AA4BZ,IAAM,2BAA2B;AAAA,EACtC,OAAO;AAAA,IACL,MAAM;AAAA,IACN,OAAO,MAAM,CAAC,WAAW,WAAW,CAAC;AAAA,IACrC,YAAY,SAAS,QAAQ,CAAC;AAAA,EAChC,CAAC;AACH;AAWA,IAAM,uBAIF,CAAC,EAAE,aAAAA,aAAY,MAAoD;AACrE,SAAO;AAAA,IACL,gBAAgB,eAAe;AAAA,IAC/B;AAAA,IACA,gBAAgB,CAAC,eAAe,wBAAwB;AAAA,IACxD,sBAAsB,gCAAgCA,YAAW;AAAA,IACjE,WAAW,CAAC,EAAE,QAAQ,MAAM;AAC1B,UACE,SAAS,WAAW,KACpB,QAAQ,CAAC,EAAE,SAAS,eAAe,0BACnC;AACA,cAAM,UAAU,cAAc;AAAA,UAC5B,SAAS,sBAAsB,eAAe,wBAAwB;AAAA,QACxE,CAAC;AAAA,MACH;AAAA,IACF;AAAA,IACA,cAAc,CAAC,YAAY,IAAI;AAAA,EACjC;AACF;AAEA,IAAM,cAA+D;AAAA,EACnE,aAAa;AAAA,EACb,kBAAkB;AACpB;AAEO,IAAM,2BAA2B,OAAO,OAAO;AAAA,EACpD;AAAA,EACA;AAAA,EACA;AACF,CAAU;AAYH,SAAS,gCAAgC;AAAA,EAC9C;AAAA,EACA;AACF,GAAiC;AAC/B,SAAO,eAAe,kBACpB,MACkC;AAClC,UAAM,iBAAiB,IAAI;AAE3B;AAAA,MACE,KAAK;AAAA,MACL;AAAA,MACA;AAAA,MACA,UAAU;AAAA,IACZ;AAEA,UAAM,EAAE,OAAO,IAAI;AACnB,UAAM,OAAO,MAAM,QAAQ;AAAA,MACzB,OAAO,OAAO;AAAA,MACd,MAAM,OAAO;AAAA,MACb,sBAAsB,MAAM,YAAY;AAAA,IAC1C,CAAC;AAED,QAAI,OAAO,YAAY;AACrB,aAAO,KAAK;AAAA,IACd;AAEA,WAAO,KAAK;AAAA,EACd;AACF","sourcesContent":["import type {\n  PermissionSpecificationBuilder,\n  PermissionValidatorConstraint,\n  RestrictedMethodOptions,\n  ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type {\n  GetBip32PublicKeyParams,\n  GetBip32PublicKeyResult,\n} from '@metamask/snaps-sdk';\nimport {\n  bip32entropy,\n  Bip32PathStruct,\n  SnapCaveatType,\n} from '@metamask/snaps-utils';\nimport type { NonEmptyArray } from '@metamask/utils';\nimport { assertStruct } from '@metamask/utils';\nimport { boolean, enums, object, optional } from 'superstruct';\n\nimport type { MethodHooksObject } from '../utils';\nimport { getNode } from '../utils';\n\nconst targetName = 'snap_getBip32PublicKey';\n\nexport type GetBip32PublicKeyMethodHooks = {\n  /**\n   * @returns The mnemonic of the user's primary keyring.\n   */\n  getMnemonic: () => Promise<Uint8Array>;\n\n  /**\n   * Waits for the extension to be unlocked.\n   *\n   * @returns A promise that resolves once the extension is unlocked.\n   */\n  getUnlockPromise: (shouldShowUnlockRequest: boolean) => Promise<void>;\n};\n\ntype GetBip32PublicKeySpecificationBuilderOptions = {\n  methodHooks: GetBip32PublicKeyMethodHooks;\n};\n\ntype GetBip32PublicKeySpecification = ValidPermissionSpecification<{\n  permissionType: PermissionType.RestrictedMethod;\n  targetName: typeof targetName;\n  methodImplementation: ReturnType<typeof getBip32PublicKeyImplementation>;\n  allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n  validator: PermissionValidatorConstraint;\n}>;\n\nexport const Bip32PublicKeyArgsStruct = bip32entropy(\n  object({\n    path: Bip32PathStruct,\n    curve: enums(['ed25519', 'secp256k1']),\n    compressed: optional(boolean()),\n  }),\n);\n\n/**\n * The specification builder for the `snap_getBip32PublicKey` permission.\n * `snap_getBip32PublicKey` lets the Snap retrieve public keys for a particular\n * BIP-32 node.\n *\n * @param options - The specification builder options.\n * @param options.methodHooks - The RPC method hooks needed by the method implementation.\n * @returns The specification for the `snap_getBip32PublicKey` permission.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n  PermissionType.RestrictedMethod,\n  GetBip32PublicKeySpecificationBuilderOptions,\n  GetBip32PublicKeySpecification\n> = ({ methodHooks }: GetBip32PublicKeySpecificationBuilderOptions) => {\n  return {\n    permissionType: PermissionType.RestrictedMethod,\n    targetName,\n    allowedCaveats: [SnapCaveatType.PermittedDerivationPaths],\n    methodImplementation: getBip32PublicKeyImplementation(methodHooks),\n    validator: ({ caveats }) => {\n      if (\n        caveats?.length !== 1 ||\n        caveats[0].type !== SnapCaveatType.PermittedDerivationPaths\n      ) {\n        throw rpcErrors.invalidParams({\n          message: `Expected a single \"${SnapCaveatType.PermittedDerivationPaths}\" caveat.`,\n        });\n      }\n    },\n    subjectTypes: [SubjectType.Snap],\n  };\n};\n\nconst methodHooks: MethodHooksObject<GetBip32PublicKeyMethodHooks> = {\n  getMnemonic: true,\n  getUnlockPromise: true,\n};\n\nexport const getBip32PublicKeyBuilder = Object.freeze({\n  targetName,\n  specificationBuilder,\n  methodHooks,\n} as const);\n\n/**\n * Builds the method implementation for `snap_getBip32PublicKey`.\n *\n * @param hooks - The RPC method hooks.\n * @param hooks.getMnemonic - A function to retrieve the Secret Recovery Phrase of the user.\n * @param hooks.getUnlockPromise - A function that resolves once the MetaMask extension is unlocked\n * and prompts the user to unlock their MetaMask if it is locked.\n * @returns The method implementation which returns a public key.\n * @throws If the params are invalid.\n */\nexport function getBip32PublicKeyImplementation({\n  getMnemonic,\n  getUnlockPromise,\n}: GetBip32PublicKeyMethodHooks) {\n  return async function getBip32PublicKey(\n    args: RestrictedMethodOptions<GetBip32PublicKeyParams>,\n  ): Promise<GetBip32PublicKeyResult> {\n    await getUnlockPromise(true);\n\n    assertStruct(\n      args.params,\n      Bip32PublicKeyArgsStruct,\n      'Invalid BIP-32 public key params',\n      rpcErrors.invalidParams,\n    );\n\n    const { params } = args;\n    const node = await getNode({\n      curve: params.curve,\n      path: params.path,\n      secretRecoveryPhrase: await getMnemonic(),\n    });\n\n    if (params.compressed) {\n      return node.compressedPublicKey;\n    }\n\n    return node.publicKey;\n  };\n}\n"]}