feat: add utility function to get supported chains from the Security Alerts API

[vinistevam]

Description

This PR aims to include a new utility function to get supported chains from the Security Alerts API when enabled.

Related Repository

Refer to the Security Alerts API repository for more details.

Related issues

Fixes:

Manual testing steps

1. Test blockaid regression

2. add the envs

export SECURITY_ALERTS_API_URL='https://security-alerts.dev-api.cx.metamask.io'
export SECURITY_ALERTS_API_ENABLED='true'

• Go to test dapp and trigger on of the malicious signatures
• To verify in chrome go to dev tools > network. Search for security-alerts and find the call to the API service.

Existing PPOM logic should function as before, even with the above environment variables added, due to the fallback to the controller in the event of an error.

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I’ve followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[github-actions]

Bitrise

✅✅✅ pr_smoke_e2e_pipeline passed on Bitrise! ✅✅✅

Commit hash: a5129ef
Build link: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/1b92f74d-0db8-4195-b34e-ead46ea98544

Note

• You can kick off another pr_smoke_e2e_pipeline on Bitrise by removing and re-applying the Run Smoke E2E label on the pull request

[jpuri]

There is usage of BLOCKAID_SUPPORTED_CHAIN_IDS here also:

metamask-mobile/app/util/blockaid/index.ts

Line 20 in f7d8e61

export const isSupportedChainId = (chainId: string) => {

[matthewwalsh0]

Can we remove the duplication and create a request function for example that accepts the method and some extra properties?

[matthewwalsh0]

Maybe getSecurityAlertsAPISupportedChainIds to be explicit?

[matthewwalsh0]

Minor, but could we remove some duplication with something like:

let supportedChainIds = BLOCKAID_SUPPORTED_CHAIN_IDS;

try {
    if(isSecurityAlertsAPIEnabled()) {
        supportedChainIds = getSupportedChainds();
    }
} catch (e) {
    Logger.log(
      `Error fetching supported chains from security alerts API: ${e}`,
    );
}

return supportedChainIds.includes(chainId);

[matthewwalsh0]

Minor, but could we create a persistent variable for this such as getSupportedChainsMock like we do for isSecurityAlertsEnabledMock?