Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move snap_manageAccounts to a gated permitted method #2869

Draft
wants to merge 5 commits into
base: main
Choose a base branch
from
Draft

Move snap_manageAccounts to a gated permitted method #2869

wants to merge 5 commits into from

Conversation

GuillaumeRx
Copy link
Contributor

@GuillaumeRx GuillaumeRx commented Oct 31, 2024
edited
Loading

This PR moves the snap_manageAccounts method from a restricted method to a permitted method.

This allows us to couple it with the Keyring endowment. The implementation checks if the snap has the permission to use the Keyring and throws if not.

This also refactors how the message is passed to the snap. The keyring will now be retrieved on the hook implementation and we will only expose a mutated version of handleKeyringSnapMessage where we will bind the origin coming from the RPC engine to the method hook. This ensures we don't manipulate the origin inside the method implementation.

The parameters type of the method has also been refactored to a simpler type that doesn't require an union in favor of more readable error messages when validating the params.

Fixes: #2798

@GuillaumeRx GuillaumeRx requested a review from a team as a code owner October 31, 2024 11:43
@Mrtenz
Copy link
Member

Mrtenz commented Oct 31, 2024

I don't think we can do this without a breaking change. Snaps may still request the permission which will no longer exist, and it also exists in the permission controller state for existing Snaps.

Mrtenz
Mrtenz reviewed Oct 31, 2024
View reviewed changes
packages/snaps-sdk/src/types/methods/manage-accounts.ts
@@ -6,14 +6,10 @@ import type { Json } from '@metamask/utils';
* @property method - The method to call on the Snap.
* @property params - The optional parameters to pass to the Snap method.
*/
export type ManageAccountsParams =
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was intentional IIRC. Is there a reason you're changing it?

@GuillaumeRx
Copy link
Contributor Author

I don't think we can do this without a breaking change. Snaps may still request the permission which will no longer exist, and it also exists in the permission controller state for existing Snaps.

@Mrtenz I'm working on a migration on the extension side and a fix in the snap side :) This should probably be a draft.

@Mrtenz Mrtenz marked this pull request as draft October 31, 2024 13:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mrtenz Mrtenz Mrtenz left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Couple snap_manageAccounts to endowment:keyring
2 participants
@GuillaumeRx @Mrtenz