New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Place permission middleware ahead of all method implementations #24472
base: develop
Are you sure you want to change the base?
Conversation
@MetaMask/snaps-devs @MetaMask/mmi tagging you guys to confirm that your RPC methods continue to work as expected. |
760c9a6
to
9fb45c4
Compare
Converting to draft while figuring out how best to fix Update: We will need a bump of |
e39e390
to
653e514
Compare
Builds ready [653e514]
Page Load Metrics (2225 ± 753 ms)
Bundle size diffs [🚨 Warning! Bundle size has increased!]
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
Builds ready [611dac9]
Page Load Metrics (1833 ± 699 ms)
Bundle size diffs [🚨 Warning! Bundle size has increased!]
|
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## develop #24472 +/- ##
===========================================
+ Coverage 67.37% 67.48% +0.11%
===========================================
Files 1278 1289 +11
Lines 49881 50168 +287
Branches 12944 13015 +71
===========================================
+ Hits 33605 33853 +248
- Misses 16276 16315 +39 ☔ View full report in Codecov by Sentry. |
9c346cd
to
d3f1a0a
Compare
…d of remapping the request to `wallet_snap` (#2406) Refactors `wallet_invokeSnap` to use an `invokeSnap()` hook, intended to be `PermissionController.executeRestrictedMethod()` bound to the requesting origin and `'wallet_snap'`. Necessary because we are moving our permission middleware ahead of all RPC method implementations in the extension (MetaMask/metamask-extension#24472) and mobile (MetaMask/metamask-mobile#9521). This breaks the previous implementation of `wallet_invokeSnap`, which assumes that it's called before the permission middleware (which calls the implementation of `wallet_snap`, which is a restricted method).
Description
Adds all unrestricted RPC methods to the
unrestrictedMethods
array passed to the permission controller, and moves the permission middleware ahead of all RPC method implementations insetupProviderEngine
. This forces us to add all methods that aren't permission to theunrestrictedMethods
array, as a "method not found" error will be thrown otherwise. It's safer this way.Related issues
Fixes: #24331
Manual testing steps
Pre-merge author checklist
Pre-merge reviewer checklist