Unblock `wallet_switchEthereumChain` #2634

Mrtenz · 2024-08-13T07:12:38Z

This removes wallet_switchEthereumChain from the BLOCKED_RPC_METHODS list.

Closes MetaMask/MetaMask-planning#2938.
Closes #2654.

Blocked by:

Use selected network controller for Snaps core#4602

codecov · 2024-08-13T07:22:53Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.89%. Comparing base (473d07f) to head (3612252).
Report is 8 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2634   +/-   ##
=======================================
  Coverage   94.88%   94.89%           
=======================================
  Files         506      507    +1     
  Lines       11123    11136   +13     
  Branches     1709     1712    +3     
=======================================
+ Hits        10554    10567   +13     
  Misses        569      569

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Mrtenz · 2024-08-21T11:01:07Z

@metamaskbot update-pr

socket-security · 2024-08-21T11:02:04Z

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@metamask/[email protected] 🔁 npm/@metamask/[email protected]	None	`+1`	730 kB	metamaskbot
npm/[email protected] 🔁 npm/[email protected]	None	`0`	86.2 kB	pimterry
npm/[email protected] 🔁 npm/[email protected]	None	`+1`	3.47 MB	vitebot

View full report↗︎

socket-security · 2024-08-21T11:02:07Z

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: npm/[email protected]

View full report↗︎

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

Mrtenz · 2024-08-21T11:02:26Z

@SocketSecurity ignore npm/@metamask/[email protected]

This is ours.

Mrtenz · 2024-08-21T12:59:31Z

...ges/snaps-jest/src/internals/simulation/middleware/internal-methods/switch-ethereum-chain.ts

In the future we could consider full support for wallet_switchEthereumChain, and actually updating the provider configuration etc., but for now this simply makes the wallet_switchEthereumChain method always return null.

This adds a `isSnapId` function which accepts any value, and returns a boolean if the input is a valid Snap ID or not. This is extracted from #2634.

Mrtenz · 2025-01-15T11:50:39Z

@SocketSecurity ignore npm/[email protected]

Only used for development / testing, and pending update in another PR.

@SocketSecurity ignore npm/@metamask/[email protected]

This is ours.

FrederikBolding · 2025-01-21T11:49:18Z

packages/snaps-controllers/src/snaps/SnapController.ts

+   * @param newPermissions - The new permissions to be granted.
+   * @returns The permissions to grant to the Snap.
+   */
+  #getPermissionsToGrant(snapId: SnapId, newPermissions: RequestedPermissions) {


Do we still need this? I thought we were making changes elsewhere for the auto granting?

In addition, this endowment has been removed in favor of the CAIP-25 endowment AFAIK

We grant permission when calling wallet_switchEthereumChain, but still need to grant permission for some network when first installing or updating the Snap.

Makes sense! Can we document this?

packages/examples/packages/ethereum-provider/src/index.ts

packages/snaps-controllers/src/snaps/SnapController.test.tsx

jiexi · 2025-01-21T21:00:49Z

packages/examples/packages/ethereum-provider/src/index.ts

@@ -207,6 +223,9 @@ async function signTypedData(message: string, from: string) {
 * @see https://docs.metamask.io/snaps/reference/rpc-api/#wallet_invokesnap
 */
 export const onRpcRequest: OnRpcRequestHandler = async ({ request }) => {
+  const { chainId = '0x1' } = (request.params as BaseParams) ?? {};
+  await switchChain(chainId);


probably not a problem, but i think always using mainnet makes it possible in the extension e2e tests that use this snap to try to hit the mainnet infura endpoint, but I think that's probably only the case if something triggers getGasPrice and i'm not certain there is an extension e2e test that does that. Just pointing this out in case I am wrong

packages/snaps-simulation/src/middleware/internal-methods/switch-ethereum-chain.ts

jiexi · 2025-01-21T21:01:52Z

sorry, I realize this PR is still marked as draft, so sorry for the early nit comments

packages/snaps-controllers/package.json

packages/snaps-controllers/src/snaps/SnapController.ts

packages/snaps-controllers/src/snaps/SnapController.test.tsx

FrederikBolding · 2025-02-17T09:46:43Z

packages/snaps-controllers/src/snaps/SnapController.test.tsx

@@ -5330,6 +5330,216 @@ describe('SnapController', () => {
      snapController.destroy();
    });

+    it('grants the `endowment:caip25` permission to a Snap with `endowment:ethereum-provider` if the `useCaip25Permission` feature flag is enabled', async () => {


Can we add some tests for updating a Snap? That it also grants the permission and maybe revokes the permission as well? I can't recall what happens to eth_accounts normally actually

Mrtenz marked this pull request as ready for review August 13, 2024 07:27

Mrtenz requested a review from a team as a code owner August 13, 2024 07:27

Mrtenz mentioned this pull request Aug 13, 2024

feat(snaps): Add support for custom network per Snap MetaMask/metamask-extension#26389

Draft

7 tasks

Mrtenz force-pushed the mrtenz/unblock-wallet_switchEthereumChain branch from 2a66d50 to fd11f16 Compare August 21, 2024 11:01

Mrtenz marked this pull request as draft August 21, 2024 11:36

Mrtenz commented Aug 21, 2024

View reviewed changes

Mrtenz mentioned this pull request Oct 8, 2024

Add isSnapId utility function #2808

Merged

Mrtenz added a commit that referenced this pull request Oct 8, 2024

Add isSnapId utility function (#2808)

a80db22

This adds a `isSnapId` function which accepts any value, and returns a boolean if the input is a valid Snap ID or not. This is extracted from #2634.

Mrtenz force-pushed the mrtenz/unblock-wallet_switchEthereumChain branch from f2aa83e to 1dcbeda Compare January 15, 2025 11:46

FrederikBolding reviewed Jan 21, 2025

View reviewed changes