@polkadot/extension-base 0.44.9 → 0.45.1

package/background/handlers/Extension.js

@@ -1,6 +1,3 @@
-// Copyright 2019-2023 @polkadot/extension authors & contributors
-// SPDX-License-Identifier: Apache-2.0
-
 import { ALLOWED_PATH, PASSWORD_EXPIRY_MS } from '@polkadot/extension-base/defaults';
 import { metadataExpand } from '@polkadot/extension-chains';
 import { TypeRegistry } from '@polkadot/types';
@@ -8,620 +5,468 @@ import keyring from '@polkadot/ui-keyring';
 import { accounts as accountsObservable } from '@polkadot/ui-keyring/observable/accounts';
 import { assert, isHex } from '@polkadot/util';
 import { keyExtractSuri, mnemonicGenerate, mnemonicValidate } from '@polkadot/util-crypto';
-import { withErrorLog } from "./helpers.js";
-import { createSubscription, unsubscribe } from "./subscriptions.js";
+import { withErrorLog } from './helpers.js';
+import { createSubscription, unsubscribe } from './subscriptions.js';
 const SEED_DEFAULT_LENGTH = 12;
 const SEED_LENGTHS = [12, 15, 18, 21, 24];
 const ETH_DERIVE_DEFAULT = "/m/44'/60'/0'/0/0";
 function getSuri(seed, type) {
-  return type === 'ethereum' ? `${seed}${ETH_DERIVE_DEFAULT}` : seed;
+    return type === 'ethereum'
+        ? `${seed}${ETH_DERIVE_DEFAULT}`
+        : seed;
 }
 function isJsonPayload(value) {
-  return value.genesisHash !== undefined;
+    return value.genesisHash !== undefined;
 }
 export default class Extension {
-  #cachedUnlocks;
-  #state;
-  constructor(state) {
-    this.#cachedUnlocks = {};
-    this.#state = state;
-  }
-  transformAccounts(accounts) {
-    return Object.values(accounts).map(({
-      json: {
-        address,
-        meta
-      },
-      type
-    }) => ({
-      address,
-      isDefaultAuthSelected: this.#state.defaultAuthAccountSelection.includes(address),
-      ...meta,
-      type
-    }));
-  }
-  accountsCreateExternal({
-    address,
-    genesisHash,
-    name
-  }) {
-    keyring.addExternal(address, {
-      genesisHash,
-      name
-    });
-    return true;
-  }
-  accountsCreateHardware({
-    accountIndex,
-    address,
-    addressOffset,
-    genesisHash,
-    hardwareType,
-    name
-  }) {
-    keyring.addHardware(address, hardwareType, {
-      accountIndex,
-      addressOffset,
-      genesisHash,
-      name
-    });
-    return true;
-  }
-  accountsCreateSuri({
-    genesisHash,
-    name,
-    password,
-    suri,
-    type
-  }) {
-    keyring.addUri(getSuri(suri, type), password, {
-      genesisHash,
-      name
-    }, type);
-    return true;
-  }
-  accountsChangePassword({
-    address,
-    newPass,
-    oldPass
-  }) {
-    const pair = keyring.getPair(address);
-    assert(pair, 'Unable to find pair');
-    try {
-      if (!pair.isLocked) {
-        pair.lock();
-      }
-      pair.decodePkcs8(oldPass);
-    } catch (error) {
-      throw new Error('oldPass is invalid');
-    }
-    keyring.encryptAccount(pair, newPass);
-    return true;
-  }
-  accountsEdit({
-    address,
-    name
-  }) {
-    const pair = keyring.getPair(address);
-    assert(pair, 'Unable to find pair');
-    keyring.saveAccountMeta(pair, {
-      ...pair.meta,
-      name
-    });
-    return true;
-  }
-  accountsExport({
-    address,
-    password
-  }) {
-    return {
-      exportedJson: keyring.backupAccount(keyring.getPair(address), password)
-    };
-  }
-  async accountsBatchExport({
-    addresses,
-    password
-  }) {
-    return {
-      exportedJson: await keyring.backupAccounts(addresses, password)
-    };
-  }
-  accountsForget({
-    address
-  }) {
-    const authorizedAccountsDiff = [];
-
-    // cycle through authUrls and prepare the array of diff
-    Object.entries(this.#state.authUrls).forEach(([url, urlInfo]) => {
-      if (!urlInfo.authorizedAccounts.includes(address)) {
-        return;
-      }
-      authorizedAccountsDiff.push([url, urlInfo.authorizedAccounts.filter(previousAddress => previousAddress !== address)]);
-    });
-    this.#state.updateAuthorizedAccounts(authorizedAccountsDiff);
-
-    // cycle through default account selection for auth and remove any occurence of the account
-    const newDefaultAuthAccounts = this.#state.defaultAuthAccountSelection.filter(defaultSelectionAddress => defaultSelectionAddress !== address);
-    this.#state.updateDefaultAuthAccounts(newDefaultAuthAccounts);
-    keyring.forgetAccount(address);
-    return true;
-  }
-  refreshAccountPasswordCache(pair) {
-    const {
-      address
-    } = pair;
-    const savedExpiry = this.#cachedUnlocks[address] || 0;
-    const remainingTime = savedExpiry - Date.now();
-    if (remainingTime < 0) {
-      this.#cachedUnlocks[address] = 0;
-      pair.lock();
-      return 0;
-    }
-    return remainingTime;
-  }
-  accountsShow({
-    address,
-    isShowing
-  }) {
-    const pair = keyring.getPair(address);
-    assert(pair, 'Unable to find pair');
-    keyring.saveAccountMeta(pair, {
-      ...pair.meta,
-      isHidden: !isShowing
-    });
-    return true;
-  }
-  accountsTie({
-    address,
-    genesisHash
-  }) {
-    const pair = keyring.getPair(address);
-    assert(pair, 'Unable to find pair');
-    keyring.saveAccountMeta(pair, {
-      ...pair.meta,
-      genesisHash
-    });
-    return true;
-  }
-  accountsValidate({
-    address,
-    password
-  }) {
-    try {
-      keyring.backupAccount(keyring.getPair(address), password);
-      return true;
-    } catch (e) {
-      return false;
-    }
-  }
-  accountsSubscribe(id, port) {
-    const cb = createSubscription(id, port);
-    const subscription = accountsObservable.subject.subscribe(accounts => cb(this.transformAccounts(accounts)));
-    port.onDisconnect.addListener(() => {
-      unsubscribe(id);
-      subscription.unsubscribe();
-    });
-    return true;
-  }
-  authorizeApprove({
-    authorizedAccounts,
-    id
-  }) {
-    const queued = this.#state.getAuthRequest(id);
-    assert(queued, 'Unable to find request');
-    const {
-      resolve
-    } = queued;
-    resolve({
-      authorizedAccounts,
-      result: true
-    });
-    return true;
-  }
-  authorizeUpdate({
-    authorizedAccounts,
-    url
-  }) {
-    return this.#state.updateAuthorizedAccounts([[url, authorizedAccounts]]);
-  }
-  getAuthList() {
-    return {
-      list: this.#state.authUrls
-    };
-  }
-
-  // FIXME This looks very much like what we have in accounts
-  authorizeSubscribe(id, port) {
-    const cb = createSubscription(id, port);
-    const subscription = this.#state.authSubject.subscribe(requests => cb(requests));
-    port.onDisconnect.addListener(() => {
-      unsubscribe(id);
-      subscription.unsubscribe();
-    });
-    return true;
-  }
-  metadataApprove({
-    id
-  }) {
-    const queued = this.#state.getMetaRequest(id);
-    assert(queued, 'Unable to find request');
-    const {
-      request,
-      resolve
-    } = queued;
-    this.#state.saveMetadata(request);
-    resolve(true);
-    return true;
-  }
-  metadataGet(genesisHash) {
-    return this.#state.knownMetadata.find(result => result.genesisHash === genesisHash) || null;
-  }
-  metadataList() {
-    return this.#state.knownMetadata;
-  }
-  metadataReject({
-    id
-  }) {
-    const queued = this.#state.getMetaRequest(id);
-    assert(queued, 'Unable to find request');
-    const {
-      reject
-    } = queued;
-    reject(new Error('Rejected'));
-    return true;
-  }
-  metadataSubscribe(id, port) {
-    const cb = createSubscription(id, port);
-    const subscription = this.#state.metaSubject.subscribe(requests => cb(requests));
-    port.onDisconnect.addListener(() => {
-      unsubscribe(id);
-      subscription.unsubscribe();
-    });
-    return true;
-  }
-  jsonRestore({
-    file,
-    password
-  }) {
-    try {
-      keyring.restoreAccount(file, password);
-    } catch (error) {
-      throw new Error(error.message);
-    }
-  }
-  batchRestore({
-    file,
-    password
-  }) {
-    try {
-      keyring.restoreAccounts(file, password);
-    } catch (error) {
-      throw new Error(error.message);
-    }
-  }
-  jsonGetAccountInfo(json) {
-    try {
-      const {
-        address,
-        meta: {
-          genesisHash,
-          name
-        },
-        type
-      } = keyring.createFromJson(json);
-      return {
-        address,
-        genesisHash,
-        name,
-        type
-      };
-    } catch (e) {
-      console.error(e);
-      throw new Error(e.message);
-    }
-  }
-  seedCreate({
-    length = SEED_DEFAULT_LENGTH,
-    seed: _seed,
-    type
-  }) {
-    const seed = _seed || mnemonicGenerate(length);
-    return {
-      address: keyring.createFromUri(getSuri(seed, type), {}, type).address,
-      seed
-    };
-  }
-  seedValidate({
-    suri,
-    type
-  }) {
-    const {
-      phrase
-    } = keyExtractSuri(suri);
-    if (isHex(phrase)) {
-      assert(isHex(phrase, 256), 'Hex seed needs to be 256-bits');
-    } else {
-      // sadly isHex detects as string, so we need a cast here
-      assert(SEED_LENGTHS.includes(phrase.split(' ').length), `Mnemonic needs to contain ${SEED_LENGTHS.join(', ')} words`);
-      assert(mnemonicValidate(phrase), 'Not a valid mnemonic seed');
-    }
-    return {
-      address: keyring.createFromUri(getSuri(suri, type), {}, type).address,
-      suri
-    };
-  }
-  signingApprovePassword({
-    id,
-    password,
-    savePass
-  }) {
-    const queued = this.#state.getSignRequest(id);
-    assert(queued, 'Unable to find request');
-    const {
-      reject,
-      request,
-      resolve
-    } = queued;
-    const pair = keyring.getPair(queued.account.address);
-    if (!pair) {
-      reject(new Error('Unable to find pair'));
-      return false;
-    }
-    this.refreshAccountPasswordCache(pair);
-
-    // if the keyring pair is locked, the password is needed
-    if (pair.isLocked && !password) {
-      reject(new Error('Password needed to unlock the account'));
-    }
-    if (pair.isLocked) {
-      pair.decodePkcs8(password);
-    }
-
-    // construct a new registry (avoiding pollution), between requests
-    let registry;
-    const {
-      payload
-    } = request;
-    if (isJsonPayload(payload)) {
-      // Get the metadata for the genesisHash
-      const metadata = this.#state.knownMetadata.find(({
-        genesisHash
-      }) => genesisHash === payload.genesisHash);
-      if (metadata) {
-        // we have metadata, expand it and extract the info/registry
-        const expanded = metadataExpand(metadata, false);
-        registry = expanded.registry;
-        registry.setSignedExtensions(payload.signedExtensions, expanded.definition.userExtensions);
-      } else {
-        // we have no metadata, create a new registry
-        registry = new TypeRegistry();
-        registry.setSignedExtensions(payload.signedExtensions);
-      }
-    } else {
-      // for non-payload, just create a registry to use
-      registry = new TypeRegistry();
-    }
-    const result = request.sign(registry, pair);
-    if (savePass) {
-      // unlike queued.account.address the following
-      // address is encoded with the default prefix
-      // which what is used for password caching mapping
-      this.#cachedUnlocks[pair.address] = Date.now() + PASSWORD_EXPIRY_MS;
-    } else {
-      pair.lock();
-    }
-    resolve({
-      id,
-      ...result
-    });
-    return true;
-  }
-  signingApproveSignature({
-    id,
-    signature
-  }) {
-    const queued = this.#state.getSignRequest(id);
-    assert(queued, 'Unable to find request');
-    const {
-      resolve
-    } = queued;
-    resolve({
-      id,
-      signature
-    });
-    return true;
-  }
-  signingCancel({
-    id
-  }) {
-    const queued = this.#state.getSignRequest(id);
-    assert(queued, 'Unable to find request');
-    const {
-      reject
-    } = queued;
-    reject(new Error('Cancelled'));
-    return true;
-  }
-  signingIsLocked({
-    id
-  }) {
-    const queued = this.#state.getSignRequest(id);
-    assert(queued, 'Unable to find request');
-    const address = queued.request.payload.address;
-    const pair = keyring.getPair(address);
-    assert(pair, 'Unable to find pair');
-    const remainingTime = this.refreshAccountPasswordCache(pair);
-    return {
-      isLocked: pair.isLocked,
-      remainingTime
-    };
-  }
-
-  // FIXME This looks very much like what we have in authorization
-  signingSubscribe(id, port) {
-    const cb = createSubscription(id, port);
-    const subscription = this.#state.signSubject.subscribe(requests => cb(requests));
-    port.onDisconnect.addListener(() => {
-      unsubscribe(id);
-      subscription.unsubscribe();
-    });
-    return true;
-  }
-  windowOpen(path) {
-    const url = `${chrome.extension.getURL('index.html')}#${path}`;
-    if (!ALLOWED_PATH.includes(path)) {
-      console.error('Not allowed to open the url:', url);
-      return false;
-    }
-    withErrorLog(() => chrome.tabs.create({
-      url
-    }));
-    return true;
-  }
-  derive(parentAddress, suri, password, metadata) {
-    const parentPair = keyring.getPair(parentAddress);
-    try {
-      parentPair.decodePkcs8(password);
-    } catch (e) {
-      throw new Error('invalid password');
-    }
-    try {
-      return parentPair.derive(suri, metadata);
-    } catch (err) {
-      throw new Error(`"${suri}" is not a valid derivation path`);
-    }
-  }
-  derivationValidate({
-    parentAddress,
-    parentPassword,
-    suri
-  }) {
-    const childPair = this.derive(parentAddress, suri, parentPassword, {});
-    return {
-      address: childPair.address,
-      suri
-    };
-  }
-  derivationCreate({
-    genesisHash,
-    name,
-    parentAddress,
-    parentPassword,
-    password,
-    suri
-  }) {
-    const childPair = this.derive(parentAddress, suri, parentPassword, {
-      genesisHash,
-      name,
-      parentAddress,
-      suri
-    });
-    keyring.addPair(childPair, password);
-    return true;
-  }
-  removeAuthorization(url) {
-    return {
-      list: this.#state.removeAuthorization(url)
-    };
-  }
-  deleteAuthRequest(requestId) {
-    return this.#state.deleteAuthRequest(requestId);
-  }
-  updateCurrentTabs({
-    urls
-  }) {
-    this.#state.udateCurrentTabsUrl(urls);
-  }
-  getConnectedTabsUrl() {
-    return this.#state.getConnectedTabsUrl();
-  }
-
-  // Weird thought, the eslint override is not needed in Tabs
-  // eslint-disable-next-line @typescript-eslint/require-await
-  async handle(id, type, request, port) {
-    switch (type) {
-      case 'pri(authorize.approve)':
-        return this.authorizeApprove(request);
-      case 'pri(authorize.list)':
-        return this.getAuthList();
-      case 'pri(authorize.remove)':
-        return this.removeAuthorization(request);
-      case 'pri(authorize.delete.request)':
-        return this.deleteAuthRequest(request);
-      case 'pri(authorize.requests)':
-        return port && this.authorizeSubscribe(id, port);
-      case 'pri(authorize.update)':
-        return this.authorizeUpdate(request);
-      case 'pri(accounts.create.external)':
-        return this.accountsCreateExternal(request);
-      case 'pri(accounts.create.hardware)':
-        return this.accountsCreateHardware(request);
-      case 'pri(accounts.create.suri)':
-        return this.accountsCreateSuri(request);
-      case 'pri(accounts.changePassword)':
-        return this.accountsChangePassword(request);
-      case 'pri(accounts.edit)':
-        return this.accountsEdit(request);
-      case 'pri(accounts.export)':
-        return this.accountsExport(request);
-      case 'pri(accounts.batchExport)':
-        return this.accountsBatchExport(request);
-      case 'pri(accounts.forget)':
-        return this.accountsForget(request);
-      case 'pri(accounts.show)':
-        return this.accountsShow(request);
-      case 'pri(accounts.subscribe)':
-        return port && this.accountsSubscribe(id, port);
-      case 'pri(accounts.tie)':
-        return this.accountsTie(request);
-      case 'pri(accounts.validate)':
-        return this.accountsValidate(request);
-      case 'pri(metadata.approve)':
-        return this.metadataApprove(request);
-      case 'pri(metadata.get)':
-        return this.metadataGet(request);
-      case 'pri(metadata.list)':
-        return this.metadataList();
-      case 'pri(metadata.reject)':
-        return this.metadataReject(request);
-      case 'pri(metadata.requests)':
-        return port && this.metadataSubscribe(id, port);
-      case 'pri(activeTabsUrl.update)':
-        return this.updateCurrentTabs(request);
-      case 'pri(connectedTabsUrl.get)':
-        return this.getConnectedTabsUrl();
-      case 'pri(derivation.create)':
-        return this.derivationCreate(request);
-      case 'pri(derivation.validate)':
-        return this.derivationValidate(request);
-      case 'pri(json.restore)':
-        return this.jsonRestore(request);
-      case 'pri(json.batchRestore)':
-        return this.batchRestore(request);
-      case 'pri(json.account.info)':
-        return this.jsonGetAccountInfo(request);
-      case 'pri(ping)':
-        return Promise.resolve(true);
-      case 'pri(seed.create)':
-        return this.seedCreate(request);
-      case 'pri(seed.validate)':
-        return this.seedValidate(request);
-      case 'pri(settings.notification)':
-        return this.#state.setNotification(request);
-      case 'pri(signing.approve.password)':
-        return this.signingApprovePassword(request);
-      case 'pri(signing.approve.signature)':
-        return this.signingApproveSignature(request);
-      case 'pri(signing.cancel)':
-        return this.signingCancel(request);
-      case 'pri(signing.isLocked)':
-        return this.signingIsLocked(request);
-      case 'pri(signing.requests)':
-        return port && this.signingSubscribe(id, port);
-      case 'pri(window.open)':
-        return this.windowOpen(request);
-      default:
-        throw new Error(`Unable to handle message of type ${type}`);
-    }
-  }
+    #cachedUnlocks;
+    #state;
+    constructor(state) {
+        this.#cachedUnlocks = {};
+        this.#state = state;
+    }
+    transformAccounts(accounts) {
+        return Object.values(accounts).map(({ json: { address, meta }, type }) => ({
+            address,
+            isDefaultAuthSelected: this.#state.defaultAuthAccountSelection.includes(address),
+            ...meta,
+            type
+        }));
+    }
+    accountsCreateExternal({ address, genesisHash, name }) {
+        keyring.addExternal(address, { genesisHash, name });
+        return true;
+    }
+    accountsCreateHardware({ accountIndex, address, addressOffset, genesisHash, hardwareType, name }) {
+        keyring.addHardware(address, hardwareType, { accountIndex, addressOffset, genesisHash, name });
+        return true;
+    }
+    accountsCreateSuri({ genesisHash, name, password, suri, type }) {
+        keyring.addUri(getSuri(suri, type), password, { genesisHash, name }, type);
+        return true;
+    }
+    accountsChangePassword({ address, newPass, oldPass }) {
+        const pair = keyring.getPair(address);
+        assert(pair, 'Unable to find pair');
+        try {
+            if (!pair.isLocked) {
+                pair.lock();
+            }
+            pair.decodePkcs8(oldPass);
+        }
+        catch (error) {
+            throw new Error('oldPass is invalid');
+        }
+        keyring.encryptAccount(pair, newPass);
+        return true;
+    }
+    accountsEdit({ address, name }) {
+        const pair = keyring.getPair(address);
+        assert(pair, 'Unable to find pair');
+        keyring.saveAccountMeta(pair, { ...pair.meta, name });
+        return true;
+    }
+    accountsExport({ address, password }) {
+        return { exportedJson: keyring.backupAccount(keyring.getPair(address), password) };
+    }
+    async accountsBatchExport({ addresses, password }) {
+        return {
+            exportedJson: await keyring.backupAccounts(addresses, password)
+        };
+    }
+    accountsForget({ address }) {
+        const authorizedAccountsDiff = [];
+        // cycle through authUrls and prepare the array of diff
+        Object.entries(this.#state.authUrls).forEach(([url, urlInfo]) => {
+            if (!urlInfo.authorizedAccounts.includes(address)) {
+                return;
+            }
+            authorizedAccountsDiff.push([url, urlInfo.authorizedAccounts.filter((previousAddress) => previousAddress !== address)]);
+        });
+        this.#state.updateAuthorizedAccounts(authorizedAccountsDiff);
+        // cycle through default account selection for auth and remove any occurence of the account
+        const newDefaultAuthAccounts = this.#state.defaultAuthAccountSelection.filter((defaultSelectionAddress) => defaultSelectionAddress !== address);
+        this.#state.updateDefaultAuthAccounts(newDefaultAuthAccounts);
+        keyring.forgetAccount(address);
+        return true;
+    }
+    refreshAccountPasswordCache(pair) {
+        const { address } = pair;
+        const savedExpiry = this.#cachedUnlocks[address] || 0;
+        const remainingTime = savedExpiry - Date.now();
+        if (remainingTime < 0) {
+            this.#cachedUnlocks[address] = 0;
+            pair.lock();
+            return 0;
+        }
+        return remainingTime;
+    }
+    accountsShow({ address, isShowing }) {
+        const pair = keyring.getPair(address);
+        assert(pair, 'Unable to find pair');
+        keyring.saveAccountMeta(pair, { ...pair.meta, isHidden: !isShowing });
+        return true;
+    }
+    accountsTie({ address, genesisHash }) {
+        const pair = keyring.getPair(address);
+        assert(pair, 'Unable to find pair');
+        keyring.saveAccountMeta(pair, { ...pair.meta, genesisHash });
+        return true;
+    }
+    accountsValidate({ address, password }) {
+        try {
+            keyring.backupAccount(keyring.getPair(address), password);
+            return true;
+        }
+        catch (e) {
+            return false;
+        }
+    }
+    accountsSubscribe(id, port) {
+        const cb = createSubscription(id, port);
+        const subscription = accountsObservable.subject.subscribe((accounts) => cb(this.transformAccounts(accounts)));
+        port.onDisconnect.addListener(() => {
+            unsubscribe(id);
+            subscription.unsubscribe();
+        });
+        return true;
+    }
+    authorizeApprove({ authorizedAccounts, id }) {
+        const queued = this.#state.getAuthRequest(id);
+        assert(queued, 'Unable to find request');
+        const { resolve } = queued;
+        resolve({ authorizedAccounts, result: true });
+        return true;
+    }
+    authorizeUpdate({ authorizedAccounts, url }) {
+        return this.#state.updateAuthorizedAccounts([[url, authorizedAccounts]]);
+    }
+    getAuthList() {
+        return { list: this.#state.authUrls };
+    }
+    // FIXME This looks very much like what we have in accounts
+    authorizeSubscribe(id, port) {
+        const cb = createSubscription(id, port);
+        const subscription = this.#state.authSubject.subscribe((requests) => cb(requests));
+        port.onDisconnect.addListener(() => {
+            unsubscribe(id);
+            subscription.unsubscribe();
+        });
+        return true;
+    }
+    metadataApprove({ id }) {
+        const queued = this.#state.getMetaRequest(id);
+        assert(queued, 'Unable to find request');
+        const { request, resolve } = queued;
+        this.#state.saveMetadata(request);
+        resolve(true);
+        return true;
+    }
+    metadataGet(genesisHash) {
+        return this.#state.knownMetadata.find((result) => result.genesisHash === genesisHash) || null;
+    }
+    metadataList() {
+        return this.#state.knownMetadata;
+    }
+    metadataReject({ id }) {
+        const queued = this.#state.getMetaRequest(id);
+        assert(queued, 'Unable to find request');
+        const { reject } = queued;
+        reject(new Error('Rejected'));
+        return true;
+    }
+    metadataSubscribe(id, port) {
+        const cb = createSubscription(id, port);
+        const subscription = this.#state.metaSubject.subscribe((requests) => cb(requests));
+        port.onDisconnect.addListener(() => {
+            unsubscribe(id);
+            subscription.unsubscribe();
+        });
+        return true;
+    }
+    jsonRestore({ file, password }) {
+        try {
+            keyring.restoreAccount(file, password);
+        }
+        catch (error) {
+            throw new Error(error.message);
+        }
+    }
+    batchRestore({ file, password }) {
+        try {
+            keyring.restoreAccounts(file, password);
+        }
+        catch (error) {
+            throw new Error(error.message);
+        }
+    }
+    jsonGetAccountInfo(json) {
+        try {
+            const { address, meta: { genesisHash, name }, type } = keyring.createFromJson(json);
+            return {
+                address,
+                genesisHash,
+                name,
+                type
+            };
+        }
+        catch (e) {
+            console.error(e);
+            throw new Error(e.message);
+        }
+    }
+    seedCreate({ length = SEED_DEFAULT_LENGTH, seed: _seed, type }) {
+        const seed = _seed || mnemonicGenerate(length);
+        return {
+            address: keyring.createFromUri(getSuri(seed, type), {}, type).address,
+            seed
+        };
+    }
+    seedValidate({ suri, type }) {
+        const { phrase } = keyExtractSuri(suri);
+        if (isHex(phrase)) {
+            assert(isHex(phrase, 256), 'Hex seed needs to be 256-bits');
+        }
+        else {
+            // sadly isHex detects as string, so we need a cast here
+            assert(SEED_LENGTHS.includes((phrase).split(' ').length), `Mnemonic needs to contain ${SEED_LENGTHS.join(', ')} words`);
+            assert(mnemonicValidate(phrase), 'Not a valid mnemonic seed');
+        }
+        return {
+            address: keyring.createFromUri(getSuri(suri, type), {}, type).address,
+            suri
+        };
+    }
+    signingApprovePassword({ id, password, savePass }) {
+        const queued = this.#state.getSignRequest(id);
+        assert(queued, 'Unable to find request');
+        const { reject, request, resolve } = queued;
+        const pair = keyring.getPair(queued.account.address);
+        if (!pair) {
+            reject(new Error('Unable to find pair'));
+            return false;
+        }
+        this.refreshAccountPasswordCache(pair);
+        // if the keyring pair is locked, the password is needed
+        if (pair.isLocked && !password) {
+            reject(new Error('Password needed to unlock the account'));
+        }
+        if (pair.isLocked) {
+            pair.decodePkcs8(password);
+        }
+        // construct a new registry (avoiding pollution), between requests
+        let registry;
+        const { payload } = request;
+        if (isJsonPayload(payload)) {
+            // Get the metadata for the genesisHash
+            const metadata = this.#state.knownMetadata.find(({ genesisHash }) => genesisHash === payload.genesisHash);
+            if (metadata) {
+                // we have metadata, expand it and extract the info/registry
+                const expanded = metadataExpand(metadata, false);
+                registry = expanded.registry;
+                registry.setSignedExtensions(payload.signedExtensions, expanded.definition.userExtensions);
+            }
+            else {
+                // we have no metadata, create a new registry
+                registry = new TypeRegistry();
+                registry.setSignedExtensions(payload.signedExtensions);
+            }
+        }
+        else {
+            // for non-payload, just create a registry to use
+            registry = new TypeRegistry();
+        }
+        const result = request.sign(registry, pair);
+        if (savePass) {
+            // unlike queued.account.address the following
+            // address is encoded with the default prefix
+            // which what is used for password caching mapping
+            this.#cachedUnlocks[pair.address] = Date.now() + PASSWORD_EXPIRY_MS;
+        }
+        else {
+            pair.lock();
+        }
+        resolve({
+            id,
+            ...result
+        });
+        return true;
+    }
+    signingApproveSignature({ id, signature }) {
+        const queued = this.#state.getSignRequest(id);
+        assert(queued, 'Unable to find request');
+        const { resolve } = queued;
+        resolve({ id, signature });
+        return true;
+    }
+    signingCancel({ id }) {
+        const queued = this.#state.getSignRequest(id);
+        assert(queued, 'Unable to find request');
+        const { reject } = queued;
+        reject(new Error('Cancelled'));
+        return true;
+    }
+    signingIsLocked({ id }) {
+        const queued = this.#state.getSignRequest(id);
+        assert(queued, 'Unable to find request');
+        const address = queued.request.payload.address;
+        const pair = keyring.getPair(address);
+        assert(pair, 'Unable to find pair');
+        const remainingTime = this.refreshAccountPasswordCache(pair);
+        return {
+            isLocked: pair.isLocked,
+            remainingTime
+        };
+    }
+    // FIXME This looks very much like what we have in authorization
+    signingSubscribe(id, port) {
+        const cb = createSubscription(id, port);
+        const subscription = this.#state.signSubject.subscribe((requests) => cb(requests));
+        port.onDisconnect.addListener(() => {
+            unsubscribe(id);
+            subscription.unsubscribe();
+        });
+        return true;
+    }
+    windowOpen(path) {
+        const url = `${chrome.extension.getURL('index.html')}#${path}`;
+        if (!ALLOWED_PATH.includes(path)) {
+            console.error('Not allowed to open the url:', url);
+            return false;
+        }
+        withErrorLog(() => chrome.tabs.create({ url }));
+        return true;
+    }
+    derive(parentAddress, suri, password, metadata) {
+        const parentPair = keyring.getPair(parentAddress);
+        try {
+            parentPair.decodePkcs8(password);
+        }
+        catch (e) {
+            throw new Error('invalid password');
+        }
+        try {
+            return parentPair.derive(suri, metadata);
+        }
+        catch (err) {
+            throw new Error(`"${suri}" is not a valid derivation path`);
+        }
+    }
+    derivationValidate({ parentAddress, parentPassword, suri }) {
+        const childPair = this.derive(parentAddress, suri, parentPassword, {});
+        return {
+            address: childPair.address,
+            suri
+        };
+    }
+    derivationCreate({ genesisHash, name, parentAddress, parentPassword, password, suri }) {
+        const childPair = this.derive(parentAddress, suri, parentPassword, {
+            genesisHash,
+            name,
+            parentAddress,
+            suri
+        });
+        keyring.addPair(childPair, password);
+        return true;
+    }
+    removeAuthorization(url) {
+        return { list: this.#state.removeAuthorization(url) };
+    }
+    deleteAuthRequest(requestId) {
+        return this.#state.deleteAuthRequest(requestId);
+    }
+    updateCurrentTabs({ urls }) {
+        this.#state.udateCurrentTabsUrl(urls);
+    }
+    getConnectedTabsUrl() {
+        return this.#state.getConnectedTabsUrl();
+    }
+    // Weird thought, the eslint override is not needed in Tabs
+    // eslint-disable-next-line @typescript-eslint/require-await
+    async handle(id, type, request, port) {
+        switch (type) {
+            case 'pri(authorize.approve)':
+                return this.authorizeApprove(request);
+            case 'pri(authorize.list)':
+                return this.getAuthList();
+            case 'pri(authorize.remove)':
+                return this.removeAuthorization(request);
+            case 'pri(authorize.delete.request)':
+                return this.deleteAuthRequest(request);
+            case 'pri(authorize.requests)':
+                return port && this.authorizeSubscribe(id, port);
+            case 'pri(authorize.update)':
+                return this.authorizeUpdate(request);
+            case 'pri(accounts.create.external)':
+                return this.accountsCreateExternal(request);
+            case 'pri(accounts.create.hardware)':
+                return this.accountsCreateHardware(request);
+            case 'pri(accounts.create.suri)':
+                return this.accountsCreateSuri(request);
+            case 'pri(accounts.changePassword)':
+                return this.accountsChangePassword(request);
+            case 'pri(accounts.edit)':
+                return this.accountsEdit(request);
+            case 'pri(accounts.export)':
+                return this.accountsExport(request);
+            case 'pri(accounts.batchExport)':
+                return this.accountsBatchExport(request);
+            case 'pri(accounts.forget)':
+                return this.accountsForget(request);
+            case 'pri(accounts.show)':
+                return this.accountsShow(request);
+            case 'pri(accounts.subscribe)':
+                return port && this.accountsSubscribe(id, port);
+            case 'pri(accounts.tie)':
+                return this.accountsTie(request);
+            case 'pri(accounts.validate)':
+                return this.accountsValidate(request);
+            case 'pri(metadata.approve)':
+                return this.metadataApprove(request);
+            case 'pri(metadata.get)':
+                return this.metadataGet(request);
+            case 'pri(metadata.list)':
+                return this.metadataList();
+            case 'pri(metadata.reject)':
+                return this.metadataReject(request);
+            case 'pri(metadata.requests)':
+                return port && this.metadataSubscribe(id, port);
+            case 'pri(activeTabsUrl.update)':
+                return this.updateCurrentTabs(request);
+            case 'pri(connectedTabsUrl.get)':
+                return this.getConnectedTabsUrl();
+            case 'pri(derivation.create)':
+                return this.derivationCreate(request);
+            case 'pri(derivation.validate)':
+                return this.derivationValidate(request);
+            case 'pri(json.restore)':
+                return this.jsonRestore(request);
+            case 'pri(json.batchRestore)':
+                return this.batchRestore(request);
+            case 'pri(json.account.info)':
+                return this.jsonGetAccountInfo(request);
+            case 'pri(ping)':
+                return Promise.resolve(true);
+            case 'pri(seed.create)':
+                return this.seedCreate(request);
+            case 'pri(seed.validate)':
+                return this.seedValidate(request);
+            case 'pri(settings.notification)':
+                return this.#state.setNotification(request);
+            case 'pri(signing.approve.password)':
+                return this.signingApprovePassword(request);
+            case 'pri(signing.approve.signature)':
+                return this.signingApproveSignature(request);
+            case 'pri(signing.cancel)':
+                return this.signingCancel(request);
+            case 'pri(signing.isLocked)':
+                return this.signingIsLocked(request);
+            case 'pri(signing.requests)':
+                return port && this.signingSubscribe(id, port);
+            case 'pri(window.open)':
+                return this.windowOpen(request);
+            default:
+                throw new Error(`Unable to handle message of type ${type}`);
+        }
+    }
 }