feat(snaps): Add support for custom network per Snap #26389
Conversation
|
New and updated dependencies detected. Learn more about Socket for GitHub ↗︎
|
|
🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎ To accept the risk, merge this PR and you will not be notified again.
Next stepsWhat is a deprecated package?The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed. Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution. Take a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with
|
Mrtenz
changed the title
Mrtenz
force-pushed
the
mrtenz/snap-networks
branch
from
38edd7a to
7f2494b
Compare
|
| @@ -26,7 +26,7 @@ buildTypes: | |||
| - SEGMENT_WRITE_KEY_REF: SEGMENT_PROD_WRITE_KEY | |||
| - ALLOW_LOCAL_SNAPS: false | |||
| - REQUIRE_SNAPS_ALLOWLIST: true | |||
| - IFRAME_EXECUTION_ENVIRONMENT_URL: https://execution.metamask.io/iframe/6.5.0/index.html | |||
| - IFRAME_EXECUTION_ENVIRONMENT_URL: http://localhost:6363 | |||
There was a problem hiding this comment.
Should be reverted before merge
package.json
Outdated
| @@ -350,7 +350,7 @@ | |||
| "@metamask/rpc-errors": "^6.2.1", | |||
| "@metamask/safe-event-emitter": "^3.1.1", | |||
| "@metamask/scure-bip39": "^2.0.3", | |||
| "@metamask/selected-network-controller": "^15.0.2", | |||
| "@metamask/selected-network-controller": "npm:@metamask-previews/selected-network-controller@17.0.0-preview-55328a6", | |||
There was a problem hiding this comment.
Should be reverted before merge
app/scripts/lib/rpc-method-middleware/handlers/ethereum-chain-utils.js
Outdated
Show resolved
Hide resolved
|
This PR has been automatically marked as stale because it has not had recent activity in the last 60 days. It will be closed in 14 days. Thank you for your contributions. |
|
This PR was closed because there has been no follow up activity in the last 14 days. Thank you for your contributions. |
Mrtenz
force-pushed
the
mrtenz/snap-networks
branch
from
6453f80 to
cf763b1
Compare
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
|
@adonesky1 or @jiexi should review this PR too |
Mrtenz
force-pushed
the
mrtenz/snap-networks
branch
from
0110271 to
b74b5a8
Compare
Builds ready [b74b5a8]
Page Load Metrics (1927 ± 202 ms)
Bundle size diffs [🚨 Warning! Bundle size has increased!]
|
app/scripts/migrations/140.ts
Outdated
| SelectedNetworkController: selectedNetworkControllerState, | ||
| } = state; | ||
| if (!networkControllerState || !isObject(networkControllerState)) { | ||
| log.warn( |
There was a problem hiding this comment.
🤔 where do these logs go? I'm more familiar with the pattern of sending these logs to sentry via:
global.sentry?.captureException(...). Like here for example.
There was a problem hiding this comment.
Not sure. I copied this from another migration, but I see now that the Sentry pattern is used in others. I'll swap it out for that.
app/scripts/migrations/140.ts
Outdated
| >((accumulator, [key, subject]) => { | ||
| const permissionKeys = Object.keys(subject.permissions); | ||
| const needsMigration = | ||
| permissionKeys.includes(SnapEndowments.EthereumProvider) && |
There was a problem hiding this comment.
I'm assuming this permission can only be granted to Snaps? Otherwise we could be overwriting permissions for non-snaps subjects?
There was a problem hiding this comment.
Yes, it can only be granted to Snaps.
| @@ -201,13 +204,13 @@ export async function switchChain( | |||
| if (!ethChainIds.includes(chainId)) { | |||
| await requestPermittedChainsPermissionIncrementalForOrigin({ | |||
| chainId, | |||
| autoApprove: isAddFlow, | |||
| autoApprove: isAddFlow || isSnapId(origin), | |||
There was a problem hiding this comment.
i have a PR here that replaces the isAddFlow param with one named autoApprove. Perhaps this isSnapId check can happen outside the switchChain helper that way we don't need to pass origin in?
There was a problem hiding this comment.
Makes sense. I didn't want to use isAddFlow since it's not an add flow, but autoApprove sounds good.
There was a problem hiding this comment.
i managed to not link the PR lol. Here it is
Mrtenz
force-pushed
the
mrtenz/snap-networks
branch
from
5b07c03 to
49ac07d
Compare
Description
Like with websites, we want to support a custom network per Snap rather than relying on the globally selected network. For Snaps, the permission for the network to switch to is automatically granted.
Blocked by:
wallet_switchEthereumChainsnaps#2634.Todo
selected-network-controller.Manual testing steps
CHAIN_PERMISSIONS=true.wallet_switchEthereumChainin a Snap.Screenshots/Recordings
Before
After
Pre-merge author checklist
Pre-merge reviewer checklist