Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Place permission middleware ahead of all method implementations #24472

Draft
wants to merge 5 commits into
base: develop
Choose a base branch
from
Draft

fix: Place permission middleware ahead of all method implementations #24472

wants to merge 5 commits into from
+1,868 −80

Conversation

rekmarks
Copy link
Member

@rekmarks rekmarks commented May 10, 2024
edited by github-actions bot

Description

Adds all unrestricted RPC methods to the unrestrictedMethods array passed to the permission controller, and moves the permission middleware ahead of all RPC method implementations in setupProviderEngine. This forces us to add all methods that aren't permission to the unrestrictedMethods array, as a "method not found" error will be thrown otherwise. It's safer this way.

Open in GitHub Codespaces

Related issues

Fixes: #24331

Manual testing steps

  1. Go the test dapp
  2. Ensure that everything is working normally
  3. Repeat these steps for Snaps and MMI

Pre-merge author checklist

  • I’ve followed MetaMask Coding Standards.
  • I've completed the PR template to the best of my ability
  • I’ve included tests if applicable
  • I’ve documented my code using JSDoc format if applicable
  • I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

  • I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
  • I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

@rekmarks rekmarks added team-snaps DEPRECATED: Use "team-snaps-platform" or "team-snaps-ecosystem" instead team-extension-platform team-mmi PRs from the MMI team labels May 10, 2024
@rekmarks rekmarks requested a review from a team as a code owner May 10, 2024 02:34
@metamaskbot metamaskbot added the INVALID-PR-TEMPLATE PR's body doesn't match template label May 10, 2024
@rekmarks rekmarks requested review from zone-live and a team and removed request for FrederikBolding and zone-live May 10, 2024 02:36
@rekmarks
Copy link
Member Author

@MetaMask/snaps-devs @MetaMask/mmi tagging you guys to confirm that your RPC methods continue to work as expected.

@rekmarks rekmarks force-pushed the rekmarks/reorder-permission-middleware branch 3 times, most recently from 760c9a6 to 9fb45c4 Compare May 10, 2024 18:38
@rekmarks rekmarks marked this pull request as draft May 10, 2024 19:20
@rekmarks
Copy link
Member Author

rekmarks commented May 10, 2024
edited

Converting to draft while figuring out how best to fix wallet_invokeSnap (i.e. the sugar for wallet_snap), whose implementation assumes that it runs before the permission middleware.

Update: We will need a bump of @metamask/snaps-rpc-methods once the following PR is merged: MetaMask/snaps#2398

@rekmarks rekmarks mentioned this pull request May 10, 2024
Closed
@rekmarks rekmarks force-pushed the rekmarks/reorder-permission-middleware branch 2 times, most recently from e39e390 to 653e514 Compare May 10, 2024 21:39
@metamaskbot
Copy link
Collaborator

Builds ready [653e514]
Page Load Metrics (2225 ± 753 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint804521417938
domContentLoaded9302366431
load65392422251569753
domInteractive9302356431
Bundle size diffs [🚨 Warning! Bundle size has increased!]
  • background: 1.45 KiB (0.04%)
  • ui: 0 Bytes (0.00%)
  • common: 189 Bytes (0.00%)

@github-actions GitHub Actions
Copy link
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@metamaskbot
Copy link
Collaborator

Builds ready [611dac9]
Page Load Metrics (1833 ± 699 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint621801022813
domContentLoaded9331673
load51357118331456699
domInteractive9321673
Bundle size diffs [🚨 Warning! Bundle size has increased!]
  • background: 1.45 KiB (0.04%)
  • ui: 0 Bytes (0.00%)
  • common: 189 Bytes (0.00%)

@codecov Codecov
Copy link

codecov bot commented May 14, 2024
edited

Codecov Report

Attention: Patch coverage is 88.88889% with 2 lines in your changes are missing coverage. Please review.

Project coverage is 67.48%. Comparing base (d27a233) to head (611dac9).
Report is 59 commits behind head on develop.

❗ Current head 611dac9 differs from pull request most recent head 9c346cd. Consider uploading reports for the commit 9c346cd to get more accurate results

Files Patch % Lines
app/scripts/metamask-controller.js 80.00% 2 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff             @@
##           develop   #24472      +/-   ##
===========================================
+ Coverage    67.37%   67.48%   +0.11%     
===========================================
  Files         1278     1289      +11     
  Lines        49881    50168     +287     
  Branches     12944    13015      +71     
===========================================
+ Hits         33605    33853     +248     
- Misses       16276    16315      +39

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@rekmarks rekmarks marked this pull request as ready for review May 14, 2024 14:41
@rekmarks rekmarks marked this pull request as draft May 14, 2024 15:16
@adonesky1 adonesky1 mentioned this pull request May 14, 2024
Open
7 tasks
@rekmarks rekmarks force-pushed the rekmarks/reorder-permission-middleware branch from 9c346cd to d3f1a0a Compare May 14, 2024 16:12
@rekmarks rekmarks mentioned this pull request May 14, 2024
Merged
rekmarks added a commit to MetaMask/snaps that referenced this pull request May 14, 2024
@rekmarks
refactor!(snaps-rpc-methods): Use hooks in wallet_invokeSnap instea…
5348c82 
…d of remapping the request to `wallet_snap` (#2406)

Refactors `wallet_invokeSnap` to use an `invokeSnap()` hook,
intended to be `PermissionController.executeRestrictedMethod()` bound to
the requesting origin and `'wallet_snap'`.

Necessary because we are moving our permission middleware ahead of all RPC method
implementations in the extension
(MetaMask/metamask-extension#24472) and mobile
(MetaMask/metamask-mobile#9521). This breaks the
previous implementation of `wallet_invokeSnap`, which assumes that it's
called before the permission middleware (which calls the implementation
of `wallet_snap`, which is a restricted method).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Gudahtt Gudahtt Awaiting requested review from Gudahtt

@adonesky1 adonesky1 Awaiting requested review from adonesky1

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
INVALID-PR-TEMPLATE PR's body doesn't match template team-extension-platform team-mmi PRs from the MMI team team-snaps DEPRECATED: Use "team-snaps-platform" or "team-snaps-ecosystem" instead
Projects
PR review queue
Status: Needs dev review
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Stop implementing RPC methods ahead of the permission middleware
3 participants
@rekmarks @metamaskbot @zone-live