-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Fix/1723 add permission middleware #9521
Conversation
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
🔍 Existing Issues For ReviewYour pull request is modifying functions with the following pre-existing issues: 📄 File: app/core/Permissions/specifications.js
Did you find this useful? React with a 👍 or 👎 |
|
|
…ask/metamask-mobile into fix/1723-add-permission-middleware
|
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
|
Also successfully |
E2E passed from non-JSdoc change |
SDK & WC remain untouched ✅ |
Description
This PR changes the following:
eth_accounts
handler should contain a list of permitted addresses. A migration is included in the changes to migrate the data.Related issues
Fixes:
#9492 & #1723
Manual testing steps
PermissionController state should be successfully migrated
uniswap.org
Un-permitted restricted RPC method should be blocked by permission middleware
metamask.github.io/test-dapp
ETH_ACCOUNTS
buttonPermitted restricted RPC method should be allowed by permission middleware
metamask.github.io/test-dapp
ETH_ACCOUNTS
buttonWC should still work and be able to trigger transaction
Screenshots/Recordings
Before
After
When upgrading with PermissionController state migration
upgrade.mov
When calling restricted+un-permitted RPC method
unauthorized.mov
When calling restricted+permitted RPC method
authorized.mov
Interaction using WC to connect and prompt transaction
RPReplay_Final1714770943.MP4
Pre-merge author checklist
Pre-merge reviewer checklist