fix: PPOM - Malicious transactions triggered from Deeplinks are not flagged

[segun]

Description

When a malicious transaction is triggered from a dapplink, the blockaid banner alert is not shown. This is because the transaction is shown in the confirm screen after evaluation without calling PPOM.

The approach taken here is to add ppom validation to send flow.

Related issues

Fixes: #7543

Manual testing steps

1. Enable Blockaid in Experimental Settings
2. Goto https://metamask.github.io/metamask-deeplinks/# and generate a malicious Payment Request, set the recipient to this malicious address: 0x5FbDB2315678afecb367f032d93F642f64180aa3
3. Open MM Mobile and scan the QR code generated in 1 above
4. You should not see a Blockaid alert
5. Press Cancel the confirm screen
6. Perform a normal send from wallet, enter 0x5FbDB2315678afecb367f032d93F642f64180aa3 as the recipient
7. On confirm screen, you should not see a Blockaid alert
8. Checkout this branch, build and run on a physical device
9. Repeat Steps 2-7
10. This time Blockaid alert should be shown on the confirm screen in Step 4 and Step 7

Screenshots/Recordings

Before

WhatsApp.Video.2024-01-18.at.09.40.43.mp4

After

Pre-merge author checklist

• I’ve followed MetaMask Coding Standards.
• I've clearly explained what problem this PR is solving and how it is solved.
• I've linked related issues
• I've included manual testing steps
• I've included screenshots/recordings if applicable
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.
• I’ve properly set the pull request status:
  • In case it's not yet "ready for review", I've set it to "draft".
  • In case it's "ready for review", I've changed it from "draft" to "non-draft".

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[github-actions]

E2E test started on Bitrise: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/9825bcf4-6087-4afb-8db5-540831e9d45c
You can also kick off another Bitrise E2E smoke test by removing and re-applying the (Run Smoke E2E) label

[sonarcloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
53.6% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[codecov-commenter]

Codecov Report

Attention: 10 lines in your changes are missing coverage. Please review.

Comparison is base (c6aec14) 40.34% compared to head (fa640f4) 40.34%.
Report is 3 commits behind head on main.

Files	Patch %	Lines
app/components/Views/SendFlow/Confirm/index.js	50.00%	10 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #8326   +/-   ##
=======================================
  Coverage   40.34%   40.34%           
=======================================
  Files        1235     1236    +1     
  Lines       29957    29993   +36     
  Branches     2877     2881    +4     
=======================================
+ Hits        12087    12102   +15     
- Misses      17175    17195   +20     
- Partials      695      696    +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.