-
Notifications
You must be signed in to change notification settings - Fork 558
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move snap_manageAccounts
to a gated permitted method
#2869
base: main
Are you sure you want to change the base?
Conversation
I don't think we can do this without a breaking change. Snaps may still request the permission which will no longer exist, and it also exists in the permission controller state for existing Snaps. |
@@ -6,14 +6,10 @@ import type { Json } from '@metamask/utils'; | |||
* @property method - The method to call on the Snap. | |||
* @property params - The optional parameters to pass to the Snap method. | |||
*/ | |||
export type ManageAccountsParams = |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was intentional IIRC. Is there a reason you're changing it?
@Mrtenz I'm working on a migration on the extension side and a fix in the snap side :) This should probably be a draft. |
This PR moves the
snap_manageAccounts
method from a restricted method to a permitted method.This allows us to couple it with the
Keyring
endowment. The implementation checks if the snap has the permission to use the Keyring and throws if not.This also refactors how the message is passed to the snap. The keyring will now be retrieved on the hook implementation and we will only expose a mutated version of
handleKeyringSnapMessage
where we will bind the origin coming from the RPC engine to the method hook. This ensures we don't manipulate the origin inside the method implementation.The parameters type of the method has also been refactored to a simpler type that doesn't require an union in favor of more readable error messages when validating the params.
Fixes: #2798