Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document unencrypted state #1124

Merged
merged 4 commits into from Feb 14, 2024
Merged

Document unencrypted state #1124

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a94c154
Document unencrypted state
ziad-saab Feb 6, 2024
2307603
improve wording on unencrypted state
ziad-saab Feb 6, 2024
02b3709
edits
alexandratran Feb 6, 2024
0f9e6e2
Merge remote-tracking branch 'origin/main' into zs/unencrypted-storage
ziad-saab Feb 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 6 additions & 0 deletions snaps/index.mdx
View file
Open in desktop
Expand Up @@ -42,6 +42,12 @@ The following Snaps features are available in the stable version of MetaMask:
title: "Encrypted storage",
description: "Securely store and manage data on the user's device."
},
{
icon: require("./assets/features/state.png").default,
href: "reference/snaps-api#snap_managestate",
title: "Unencrypted storage",
description: "Store non-sensitive data and access it while MetaMask is locked."
},
{
icon: require("./assets/features/manage-keys.png").default,
href: "how-to/manage-keys",
Expand Down
10 changes: 10 additions & 0 deletions snaps/reference/entry-points.md
View file
Open in desktop
Expand Up @@ -216,6 +216,16 @@ For MetaMask to call the Snap's `onCronjob` method, you must request the
[`endowment:cronjob`](permissions.md#endowmentcronjob) permission.
:::

:::info Access data from cron jobs
When accessing encrypted data from cron jobs using [`snap_manageState`](../reference/snaps-api.md#snap_managestate),
MetaMask requires the user to enter their password if the wallet is locked.
This interaction can be confusing to the user, since the Snap accesses the data in the background
without the user being aware.

If your Snap's cron job does not need to access sensitive data, store that data in unencrypted state
by setting `encrypted` to `false` when using [`snap_manageState`](../reference/snaps-api.md#snap_managestate).
:::

If the cron job's logic requires access to encrypted state, you can use
[`snap_getClientStatus`](../reference/snaps-api.md#snap_getclientstatus) to ensure that MetaMask is
unlocked before accessing state.
Expand Down
9 changes: 8 additions & 1 deletion snaps/reference/snaps-api.md
View file
Open in desktop
Expand Up @@ -719,7 +719,9 @@ class MyKeyring implements Keyring {
## `snap_manageState`

Allows the Snap to persist up to 100 MB of data to disk and retrieve it at will.
The data is automatically encrypted using a Snap-specific key and automatically decrypted when retrieved.
By default, the data is automatically encrypted using a Snap-specific key and automatically
decrypted when retrieved.
You can set `encrypted` to `false` to use unencrypted storage.

:::note
Accessing encrypted state requires MetaMask to be unlocked.
Expand All @@ -734,6 +736,11 @@ An object containing:

- `operation` - The state operation to perform (`'clear'`, `'get'`, or `'update'`).
- `newState` - The value to update state with if the operation is `update`, and nothing otherwise.
- `encrypted` (optional) - Indicates whether the Snap will encrypt the data.
The default is `true`.
If set to `false`, the Snap will use a separate storage section, and will not encrypt the data.
This is useful to access the data from background operations without requiring the user to enter
their password in the case that MetaMask is locked.

### Returns

Expand Down