fix: skip blockaid validations for users internal accounts

app/core/RPCMethods/eth_sendTransaction.test.ts

@@ -24,6 +24,12 @@ jest.mock('../../core/Engine', () => ({
         providerConfig: { chainId: '0x1' },
       },
     },
+    AccountsController: {
+      state: {
+        internalAccounts: { accounts: [] },
+      },
+      listAccounts: () => [],
+    },
   },
 }));
 

app/lib/ppom/ppom-util.test.ts

@@ -33,6 +33,12 @@ jest.mock('../../core/Engine', () => ({
         providerConfig: { chainId: CHAIN_ID_MOCK },
       },
     },
+    AccountsController: {
+      state: {
+        internalAccounts: { accounts: [] },
+      },
+      listAccounts: () => [],
+    },
   },
 }));
 
@@ -110,6 +116,27 @@ describe('PPOM Utils', () => {
       expect(spyTransactionAction).toBeCalledTimes(0);
     });
 
+    it('should not validate if request is send to users own account ', async () => {
+      const spyTransactionAction = jest.spyOn(
+        TransactionActions,
+        'setTransactionSecurityAlertResponse',
+      );
+      MockEngine.context.PreferencesController.state.securityAlertsEnabled =
+        false;
+      MockEngine.context.AccountsController.listAccounts = (() => [
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        { address: '0x0c54FcCd2e384b4BB6f2E405Bf5Cbc15a017AaFb' } as any,
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      ]) as any;
+      await PPOMUtil.validateRequest(mockRequest, CHAIN_ID_MOCK);
+      expect(MockEngine.context.PPOMController?.usePPOM).toHaveBeenCalledTimes(
+        0,
+      );
+      expect(spyTransactionAction).toHaveBeenCalledTimes(0);
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      MockEngine.context.AccountsController.listAccounts = (() => []) as any;
+    });
+
     it('should not validate user if on a non supporting blockaid network', async () => {
       const spyTransactionAction = jest.spyOn(
         TransactionActions,

app/lib/ppom/ppom-util.ts

@@ -61,6 +61,7 @@ async function validateRequest(req: PPOMRequest, transactionId?: string) {
     PPOMController: ppomController,
     PreferencesController,
     NetworkController,
+    AccountsController,
   } = Engine.context;
 
   const chainId = NetworkController.state.providerConfig.chainId;
@@ -80,6 +81,22 @@ async function validateRequest(req: PPOMRequest, transactionId?: string) {
     return;
   }
 
+  if (req.method === 'eth_sendTransaction') {
+    const internalAccounts = AccountsController.listAccounts();
+    const toAddress: string | undefined = (
+      req?.params?.[0] as Record<string, string>
+    ).to;
+
+    if (
+      internalAccounts.some(
+        ({ address }: { address: string }) =>
+          address?.toLowerCase() === toAddress?.toLowerCase(),
+      )
+    ) {
+      return;
+    }
+  }
+
   const isTransaction = isTransactionRequest(req);
   let securityAlertResponse: SecurityAlertResponse | undefined;