@pezkuwi/extension-base 0.62.13 → 0.62.18

package/background/handlers/Extension.js

@@ -1,489 +0,0 @@
-import { ALLOWED_PATH, PASSWORD_EXPIRY_MS } from '@pezkuwi/extension-base/defaults';
-import { metadataExpand } from '@pezkuwi/extension-chains';
-import { TypeRegistry } from '@pezkuwi/types';
-import { keyring } from '@pezkuwi/ui-keyring';
-import { accounts as accountsObservable } from '@pezkuwi/ui-keyring/observable/accounts';
-import { assert, isHex } from '@pezkuwi/util';
-import { keyExtractSuri, mnemonicGenerate, mnemonicValidate } from '@pezkuwi/util-crypto';
-import { withErrorLog } from './helpers.js';
-import { createSubscription, unsubscribe } from './subscriptions.js';
-const SEED_DEFAULT_LENGTH = 12;
-const SEED_LENGTHS = [12, 15, 18, 21, 24];
-const ETH_DERIVE_DEFAULT = "/m/44'/60'/0'/0/0";
-function getSuri(seed, type) {
-    return type === 'ethereum'
-        ? `${seed}${ETH_DERIVE_DEFAULT}`
-        : seed;
-}
-function isJsonPayload(value) {
-    return value.genesisHash !== undefined;
-}
-export default class Extension {
-    #cachedUnlocks;
-    #state;
-    constructor(state) {
-        this.#cachedUnlocks = {};
-        this.#state = state;
-    }
-    transformAccounts(accounts) {
-        return Object.values(accounts).map(({ json: { address, meta }, type }) => ({
-            address,
-            isDefaultAuthSelected: this.#state.defaultAuthAccountSelection.includes(address),
-            ...meta,
-            type
-        }));
-    }
-    accountsCreateExternal({ address, genesisHash, name }) {
-        keyring.addExternal(address, { genesisHash, name });
-        return true;
-    }
-    accountsCreateHardware({ accountIndex, address, addressOffset, genesisHash, hardwareType, name, type }) {
-        keyring.addHardware(address, hardwareType, { accountIndex, addressOffset, genesisHash, name, type });
-        return true;
-    }
-    accountsCreateSuri({ genesisHash, name, password, suri, type }) {
-        keyring.addUri(getSuri(suri, type), password, { genesisHash, name }, type);
-        return true;
-    }
-    accountsChangePassword({ address, newPass, oldPass }) {
-        const pair = keyring.getPair(address);
-        assert(pair, 'Unable to find pair');
-        try {
-            if (!pair.isLocked) {
-                pair.lock();
-            }
-            pair.decodePkcs8(oldPass);
-        }
-        catch {
-            throw new Error('oldPass is invalid');
-        }
-        keyring.encryptAccount(pair, newPass);
-        return true;
-    }
-    accountsEdit({ address, name }) {
-        const pair = keyring.getPair(address);
-        assert(pair, 'Unable to find pair');
-        keyring.saveAccountMeta(pair, { ...pair.meta, name });
-        return true;
-    }
-    accountsExport({ address, password }) {
-        return { exportedJson: keyring.backupAccount(keyring.getPair(address), password) };
-    }
-    async accountsBatchExport({ addresses, password }) {
-        return {
-            exportedJson: await keyring.backupAccounts(addresses, password)
-        };
-    }
-    async accountsForget({ address }) {
-        const authorizedAccountsDiff = [];
-        // cycle through authUrls and prepare the array of diff
-        Object.entries(this.#state.authUrls).forEach(([url, urlInfo]) => {
-            // Note that urlInfo.authorizedAccounts may be undefined if this website entry
-            // was created before the "account authorization per website" functionality was introduced
-            if (urlInfo.authorizedAccounts?.includes(address)) {
-                authorizedAccountsDiff.push([url, urlInfo.authorizedAccounts.filter((previousAddress) => previousAddress !== address)]);
-            }
-        });
-        await this.#state.updateAuthorizedAccounts(authorizedAccountsDiff);
-        // cycle through default account selection for auth and remove any occurrence of the account
-        const newDefaultAuthAccounts = this.#state.defaultAuthAccountSelection.filter((defaultSelectionAddress) => defaultSelectionAddress !== address);
-        await this.#state.updateDefaultAuthAccounts(newDefaultAuthAccounts);
-        keyring.forgetAccount(address);
-        return true;
-    }
-    refreshAccountPasswordCache(pair) {
-        const { address } = pair;
-        const savedExpiry = this.#cachedUnlocks[address] || 0;
-        const remainingTime = savedExpiry - Date.now();
-        if (remainingTime < 0) {
-            this.#cachedUnlocks[address] = 0;
-            pair.lock();
-            return 0;
-        }
-        return remainingTime;
-    }
-    accountsShow({ address, isShowing }) {
-        const pair = keyring.getPair(address);
-        assert(pair, 'Unable to find pair');
-        keyring.saveAccountMeta(pair, { ...pair.meta, isHidden: !isShowing });
-        return true;
-    }
-    accountsTie({ address, genesisHash }) {
-        const pair = keyring.getPair(address);
-        assert(pair, 'Unable to find pair');
-        keyring.saveAccountMeta(pair, { ...pair.meta, genesisHash });
-        return true;
-    }
-    accountsValidate({ address, password }) {
-        try {
-            keyring.backupAccount(keyring.getPair(address), password);
-            return true;
-        }
-        catch {
-            return false;
-        }
-    }
-    accountsSubscribe(id, port) {
-        const cb = createSubscription(id, port);
-        const subscription = accountsObservable.subject.subscribe((accounts) => cb(this.transformAccounts(accounts)));
-        port.onDisconnect.addListener(() => {
-            unsubscribe(id);
-            subscription.unsubscribe();
-        });
-        return true;
-    }
-    authorizeApprove({ authorizedAccounts, id }) {
-        const queued = this.#state.getAuthRequest(id);
-        assert(queued, 'Unable to find request');
-        const { resolve } = queued;
-        resolve({ authorizedAccounts, result: true });
-        return true;
-    }
-    async authorizeUpdate({ authorizedAccounts, url }) {
-        return await this.#state.updateAuthorizedAccounts([[url, authorizedAccounts]]);
-    }
-    getAuthList() {
-        return { list: this.#state.authUrls };
-    }
-    // FIXME This looks very much like what we have in accounts
-    authorizeSubscribe(id, port) {
-        const cb = createSubscription(id, port);
-        const subscription = this.#state.authSubject.subscribe((requests) => cb(requests));
-        port.onDisconnect.addListener(() => {
-            unsubscribe(id);
-            subscription.unsubscribe();
-        });
-        return true;
-    }
-    async metadataApprove({ id }) {
-        const queued = this.#state.getMetaRequest(id);
-        assert(queued, 'Unable to find request');
-        const { request, resolve } = queued;
-        await this.#state.saveMetadata(request);
-        resolve(true);
-        return true;
-    }
-    metadataGet(genesisHash) {
-        return this.#state.knownMetadata.find((result) => result.genesisHash === genesisHash) || null;
-    }
-    metadataList() {
-        return this.#state.knownMetadata;
-    }
-    metadataReject({ id }) {
-        const queued = this.#state.getMetaRequest(id);
-        assert(queued, 'Unable to find request');
-        const { reject } = queued;
-        reject(new Error('Rejected'));
-        return true;
-    }
-    metadataSubscribe(id, port) {
-        const cb = createSubscription(id, port);
-        const subscription = this.#state.metaSubject.subscribe((requests) => cb(requests));
-        port.onDisconnect.addListener(() => {
-            unsubscribe(id);
-            subscription.unsubscribe();
-        });
-        return true;
-    }
-    jsonRestore({ file, password }) {
-        try {
-            keyring.restoreAccount(file, password);
-        }
-        catch (error) {
-            throw new Error(error.message);
-        }
-    }
-    batchRestore({ file, password }) {
-        try {
-            keyring.restoreAccounts(file, password);
-        }
-        catch (error) {
-            throw new Error(error.message);
-        }
-    }
-    jsonGetAccountInfo(json) {
-        try {
-            const { address, meta: { genesisHash, name }, type } = keyring.createFromJson(json);
-            return {
-                address,
-                genesisHash,
-                name,
-                type
-            };
-        }
-        catch (e) {
-            console.error(e);
-            throw new Error(e.message);
-        }
-    }
-    seedCreate({ length = SEED_DEFAULT_LENGTH, seed: _seed, type }) {
-        const seed = _seed || mnemonicGenerate(length);
-        return {
-            address: keyring.createFromUri(getSuri(seed, type), {}, type).address,
-            seed
-        };
-    }
-    seedValidate({ suri, type }) {
-        const { phrase } = keyExtractSuri(suri);
-        if (isHex(phrase)) {
-            assert(isHex(phrase, 256), 'Hex seed needs to be 256-bits');
-        }
-        else {
-            // sadly isHex detects as string, so we need a cast here
-            assert(SEED_LENGTHS.includes((phrase).split(' ').length), `Mnemonic needs to contain ${SEED_LENGTHS.join(', ')} words`);
-            assert(mnemonicValidate(phrase), 'Not a valid mnemonic seed');
-        }
-        return {
-            address: keyring.createFromUri(getSuri(suri, type), {}, type).address,
-            suri
-        };
-    }
-    signingApprovePassword({ id, password, savePass }) {
-        const queued = this.#state.getSignRequest(id);
-        assert(queued, 'Unable to find request');
-        const { reject, request, resolve } = queued;
-        const pair = keyring.getPair(queued.account.address);
-        if (!pair) {
-            reject(new Error('Unable to find pair'));
-            return false;
-        }
-        this.refreshAccountPasswordCache(pair);
-        // if the keyring pair is locked, the password is needed
-        if (pair.isLocked && !password) {
-            reject(new Error('Password needed to unlock the account'));
-        }
-        if (pair.isLocked) {
-            pair.decodePkcs8(password);
-        }
-        // construct a new registry (avoiding pollution), between requests
-        let registry;
-        const { payload } = request;
-        if (isJsonPayload(payload)) {
-            // Get the metadata for the genesisHash
-            const metadata = this.#state.knownMetadata.find(({ genesisHash }) => genesisHash === payload.genesisHash);
-            if (metadata) {
-                // we have metadata, expand it and extract the info/registry
-                const expanded = metadataExpand(metadata, false);
-                registry = expanded.registry;
-                registry.setSignedExtensions(payload.signedExtensions, expanded.definition.userExtensions);
-            }
-            else {
-                // we have no metadata, create a new registry
-                registry = new TypeRegistry();
-                registry.setSignedExtensions(payload.signedExtensions);
-            }
-        }
-        else {
-            // for non-payload, just create a registry to use
-            registry = new TypeRegistry();
-        }
-        const result = request.sign(registry, pair);
-        if (savePass) {
-            // unlike queued.account.address the following
-            // address is encoded with the default prefix
-            // which what is used for password caching mapping
-            this.#cachedUnlocks[pair.address] = Date.now() + PASSWORD_EXPIRY_MS;
-        }
-        else {
-            pair.lock();
-        }
-        resolve({
-            id,
-            ...result
-        });
-        return true;
-    }
-    signingApproveSignature({ id, signature, signedTransaction }) {
-        const queued = this.#state.getSignRequest(id);
-        assert(queued, 'Unable to find request');
-        const { resolve } = queued;
-        resolve({ id, signature, signedTransaction });
-        return true;
-    }
-    signingCancel({ id }) {
-        const queued = this.#state.getSignRequest(id);
-        assert(queued, 'Unable to find request');
-        const { reject } = queued;
-        reject(new Error('Cancelled'));
-        return true;
-    }
-    signingIsLocked({ id }) {
-        const queued = this.#state.getSignRequest(id);
-        assert(queued, 'Unable to find request');
-        const address = queued.request.payload.address;
-        const pair = keyring.getPair(address);
-        assert(pair, 'Unable to find pair');
-        const remainingTime = this.refreshAccountPasswordCache(pair);
-        return {
-            isLocked: pair.isLocked,
-            remainingTime
-        };
-    }
-    // FIXME This looks very much like what we have in authorization
-    signingSubscribe(id, port) {
-        const cb = createSubscription(id, port);
-        const subscription = this.#state.signSubject.subscribe((requests) => cb(requests));
-        port.onDisconnect.addListener(() => {
-            unsubscribe(id);
-            subscription.unsubscribe();
-        });
-        return true;
-    }
-    windowOpen(path) {
-        const url = `${chrome.runtime.getURL('index.html')}#${path}`;
-        if (!ALLOWED_PATH.includes(path)) {
-            console.error('Not allowed to open the url:', url);
-            return false;
-        }
-        withErrorLog(() => chrome.tabs.create({ url }));
-        return true;
-    }
-    derive(parentAddress, suri, password, metadata) {
-        const parentPair = keyring.getPair(parentAddress);
-        try {
-            parentPair.decodePkcs8(password);
-        }
-        catch {
-            throw new Error('invalid password');
-        }
-        try {
-            return parentPair.derive(suri, metadata);
-        }
-        catch {
-            throw new Error(`"${suri}" is not a valid derivation path`);
-        }
-    }
-    derivationValidate({ parentAddress, parentPassword, suri }) {
-        const childPair = this.derive(parentAddress, suri, parentPassword, {});
-        return {
-            address: childPair.address,
-            suri
-        };
-    }
-    derivationCreate({ genesisHash, name, parentAddress, parentPassword, password, suri }) {
-        const childPair = this.derive(parentAddress, suri, parentPassword, {
-            genesisHash,
-            name,
-            parentAddress,
-            suri
-        });
-        keyring.addPair(childPair, password);
-        return true;
-    }
-    async removeAuthorization(url) {
-        const remAuth = await this.#state.removeAuthorization(url);
-        return { list: remAuth };
-    }
-    // Reject the authorization request and add the URL to the authorized list with no keys.
-    // The site will not prompt for re-authorization on future visits.
-    rejectAuthRequest(id) {
-        const queued = this.#state.getAuthRequest(id);
-        assert(queued, 'Unable to find request');
-        const { reject } = queued;
-        reject(new Error('Rejected'));
-    }
-    // Cancel the authorization request and do not add the URL to the authorized list.
-    // The site will prompt for authorization on future visits.
-    cancelAuthRequest(id) {
-        const queued = this.#state.getAuthRequest(id);
-        assert(queued, 'Unable to find request');
-        const { reject } = queued;
-        reject(new Error('Cancelled'));
-    }
-    updateCurrentTabs({ urls }) {
-        this.#state.updateCurrentTabsUrl(urls);
-    }
-    getConnectedTabsUrl() {
-        return this.#state.getConnectedTabsUrl();
-    }
-    // Weird thought, the eslint override is not needed in Tabs
-    // eslint-disable-next-line @typescript-eslint/require-await
-    async handle(id, type, request, port) {
-        switch (type) {
-            case 'pri(authorize.approve)':
-                return this.authorizeApprove(request);
-            case 'pri(authorize.list)':
-                return this.getAuthList();
-            case 'pri(authorize.remove)':
-                return this.removeAuthorization(request);
-            case 'pri(authorize.reject)':
-                return this.rejectAuthRequest(request);
-            case 'pri(authorize.cancel)':
-                return this.cancelAuthRequest(request);
-            case 'pri(authorize.requests)':
-                return port && this.authorizeSubscribe(id, port);
-            case 'pri(authorize.update)':
-                return this.authorizeUpdate(request);
-            case 'pri(accounts.create.external)':
-                return this.accountsCreateExternal(request);
-            case 'pri(accounts.create.hardware)':
-                return this.accountsCreateHardware(request);
-            case 'pri(accounts.create.suri)':
-                return this.accountsCreateSuri(request);
-            case 'pri(accounts.changePassword)':
-                return this.accountsChangePassword(request);
-            case 'pri(accounts.edit)':
-                return this.accountsEdit(request);
-            case 'pri(accounts.export)':
-                return this.accountsExport(request);
-            case 'pri(accounts.batchExport)':
-                return this.accountsBatchExport(request);
-            case 'pri(accounts.forget)':
-                return this.accountsForget(request);
-            case 'pri(accounts.show)':
-                return this.accountsShow(request);
-            case 'pri(accounts.subscribe)':
-                return port && this.accountsSubscribe(id, port);
-            case 'pri(accounts.tie)':
-                return this.accountsTie(request);
-            case 'pri(accounts.validate)':
-                return this.accountsValidate(request);
-            case 'pri(metadata.approve)':
-                return await this.metadataApprove(request);
-            case 'pri(metadata.get)':
-                return this.metadataGet(request);
-            case 'pri(metadata.list)':
-                return this.metadataList();
-            case 'pri(metadata.reject)':
-                return this.metadataReject(request);
-            case 'pri(metadata.requests)':
-                return port && this.metadataSubscribe(id, port);
-            case 'pri(activeTabsUrl.update)':
-                return this.updateCurrentTabs(request);
-            case 'pri(connectedTabsUrl.get)':
-                return this.getConnectedTabsUrl();
-            case 'pri(derivation.create)':
-                return this.derivationCreate(request);
-            case 'pri(derivation.validate)':
-                return this.derivationValidate(request);
-            case 'pri(json.restore)':
-                return this.jsonRestore(request);
-            case 'pri(json.batchRestore)':
-                return this.batchRestore(request);
-            case 'pri(json.account.info)':
-                return this.jsonGetAccountInfo(request);
-            case 'pri(ping)':
-                return Promise.resolve(true);
-            case 'pri(seed.create)':
-                return this.seedCreate(request);
-            case 'pri(seed.validate)':
-                return this.seedValidate(request);
-            case 'pri(settings.notification)':
-                return this.#state.setNotification(request);
-            case 'pri(signing.approve.password)':
-                return this.signingApprovePassword(request);
-            case 'pri(signing.approve.signature)':
-                return this.signingApproveSignature(request);
-            case 'pri(signing.cancel)':
-                return this.signingCancel(request);
-            case 'pri(signing.isLocked)':
-                return this.signingIsLocked(request);
-            case 'pri(signing.requests)':
-                return port && this.signingSubscribe(id, port);
-            case 'pri(window.open)':
-                return this.windowOpen(request);
-            default:
-                throw new Error(`Unable to handle message of type ${type}`);
-        }
-    }
-}