Add method decodePermissionFromPermissionContextForOrigin to GatorPermissionsController

- rejects any request from an origin other than the gator permission snap
- attempts to identify the permission type, and decode the data
- rejects any request where a unique permission is unable to be decoded

Also renames GatorPermissionsController.test.ts

Author: jeffsmale90

packages/gator-permissions-controller/package.json

@@ -49,6 +49,8 @@
   "dependencies": {
     "@metamask/7715-permission-types": "^0.3.0",
     "@metamask/base-controller": "^8.3.0",
+    "@metamask/delegation-core": "^0.2.0-rc.1",
+    "@metamask/delegation-deployments": "^0.12.0",
     "@metamask/snaps-sdk": "^9.0.0",
     "@metamask/snaps-utils": "^11.0.0",
     "@metamask/utils": "^11.8.0"

packages/gator-permissions-controller/src/GatorPermissionContoller.test.ts renamed to packages/gator-permissions-controller/src/GatorPermissionsController.test.ts

@@ -1,9 +1,19 @@
 import type { AccountSigner } from '@metamask/7715-permission-types';
 import { Messenger, deriveStateFromMetadata } from '@metamask/base-controller';
+import {
+  createTimestampTerms,
+  createNativeTokenStreamingTerms,
+  ROOT_AUTHORITY,
+} from '@metamask/delegation-core';
+import {
+  CHAIN_ID,
+  DELEGATOR_CONTRACTS,
+} from '@metamask/delegation-deployments';
 import type { HandleSnapRequest, HasSnap } from '@metamask/snaps-controllers';
 import type { SnapId } from '@metamask/snaps-sdk';
-import type { Hex } from '@metamask/utils';
+import { hexToBigInt, numberToHex, type Hex } from '@metamask/utils';
 
+import { DELEGATION_FRAMEWORK_VERSION } from './decodePermission';
 import type { GatorPermissionsControllerMessenger } from './GatorPermissionsController';
 import GatorPermissionsController from './GatorPermissionsController';
 import {
@@ -453,6 +463,215 @@ describe('GatorPermissionsController', () => {
       `);
     });
   });
+
+  describe('decodePermissionFromPermissionContextForOrigin', () => {
+    const chainId = CHAIN_ID.sepolia;
+    const contracts =
+      DELEGATOR_CONTRACTS[DELEGATION_FRAMEWORK_VERSION][chainId];
+
+    const delegatorAddressA =
+      '0x1111111111111111111111111111111111111111' as Hex;
+    const delegateAddressB =
+      '0x2222222222222222222222222222222222222222' as Hex;
+    const metamaskOrigin = 'https://metamask.io';
+    const buildMetadata = (justification: string) => ({
+      justification,
+      origin: metamaskOrigin,
+    });
+
+    let controller: GatorPermissionsController;
+
+    beforeEach(() => {
+      controller = new GatorPermissionsController({
+        messenger: getMessenger(),
+      });
+    });
+
+    it('decodes a native-token-stream permission successfully', async () => {
+      const {
+        TimestampEnforcer,
+        NativeTokenStreamingEnforcer,
+        ExactCalldataEnforcer,
+        NonceEnforcer,
+      } = contracts;
+
+      const delegator = delegatorAddressA;
+      const delegate = delegateAddressB;
+
+      const timestampBeforeThreshold = 1720000;
+      const expiryTerms = createTimestampTerms(
+        { timestampAfterThreshold: 0, timestampBeforeThreshold },
+        { out: 'hex' },
+      );
+
+      const initialAmount = 123456n;
+      const maxAmount = 999999n;
+      const amountPerSecond = 1n;
+      const startTime = 1715664;
+      const streamTerms = createNativeTokenStreamingTerms(
+        { initialAmount, maxAmount, amountPerSecond, startTime },
+        { out: 'hex' },
+      );
+
+      const caveats = [
+        {
+          enforcer: TimestampEnforcer,
+          terms: expiryTerms,
+          args: '0x',
+        } as const,
+        {
+          enforcer: NativeTokenStreamingEnforcer,
+          terms: streamTerms,
+          args: '0x',
+        } as const,
+        { enforcer: ExactCalldataEnforcer, terms: '0x', args: '0x' } as const,
+        { enforcer: NonceEnforcer, terms: '0x', args: '0x' } as const,
+      ];
+
+      const delegation = {
+        delegate,
+        delegator,
+        authority: ROOT_AUTHORITY as Hex,
+        caveats,
+      };
+
+      const result =
+        await controller.decodePermissionFromPermissionContextForOrigin({
+          origin: controller.permissionsProviderSnapId,
+          chainId,
+          delegation,
+          metadata: buildMetadata('Test justification'),
+        });
+
+      expect(result.chainId).toBe(numberToHex(chainId));
+      expect(result.address).toBe(delegator);
+      expect(result.signer).toStrictEqual({
+        type: 'account',
+        data: { address: delegate },
+      });
+      expect(result.permission.type).toBe('native-token-stream');
+      expect(result.expiry).toBe(timestampBeforeThreshold);
+      // amounts are hex-encoded in decoded data; startTime is numeric
+      expect(result.permission.data.startTime).toBe(startTime);
+      // BigInt fields are encoded as hex; compare after decoding
+      expect(hexToBigInt(result.permission.data.initialAmount)).toBe(
+        initialAmount,
+      );
+      expect(hexToBigInt(result.permission.data.maxAmount)).toBe(maxAmount);
+      expect(hexToBigInt(result.permission.data.amountPerSecond)).toBe(
+        amountPerSecond,
+      );
+      expect(result.permission.justification).toBe('Test justification');
+    });
+
+    it('throws when origin does not match permissions provider', async () => {
+      await expect(
+        controller.decodePermissionFromPermissionContextForOrigin({
+          origin: 'not-the-provider',
+          chainId: 1,
+          delegation: {
+            delegate: '0x1',
+            delegator: '0x2',
+            authority: ROOT_AUTHORITY as Hex,
+            caveats: [],
+          },
+          metadata: buildMetadata(''),
+        }),
+      ).rejects.toThrow('Origin not-the-provider not allowed');
+    });
+
+    it('throws when enforcers do not identify a supported permission', async () => {
+      const { TimestampEnforcer, ValueLteEnforcer } = contracts;
+
+      const expiryTerms = createTimestampTerms(
+        { timestampAfterThreshold: 0, timestampBeforeThreshold: 100 },
+        { out: 'hex' },
+      );
+
+      const caveats = [
+        {
+          enforcer: TimestampEnforcer,
+          terms: expiryTerms,
+          args: '0x',
+        } as const,
+        // Include a forbidden/irrelevant enforcer without required counterparts
+        { enforcer: ValueLteEnforcer, terms: '0x', args: '0x' } as const,
+      ];
+
+      await expect(
+        controller.decodePermissionFromPermissionContextForOrigin({
+          origin: controller.permissionsProviderSnapId,
+          chainId,
+          delegation: {
+            delegate: delegatorAddressA,
+            delegator: delegateAddressB,
+            authority: ROOT_AUTHORITY as Hex,
+            caveats,
+          },
+          metadata: buildMetadata(''),
+        }),
+      ).rejects.toThrow('Failed to decode permission');
+    });
+
+    it('throws when authority is not ROOT_AUTHORITY', async () => {
+      const {
+        TimestampEnforcer,
+        NativeTokenStreamingEnforcer,
+        ExactCalldataEnforcer,
+        NonceEnforcer,
+      } = contracts;
+
+      const delegator = delegatorAddressA;
+      const delegate = delegateAddressB;
+
+      const timestampBeforeThreshold = 2000;
+      const expiryTerms = createTimestampTerms(
+        { timestampAfterThreshold: 0, timestampBeforeThreshold },
+        { out: 'hex' },
+      );
+
+      const initialAmount = 1n;
+      const maxAmount = 2n;
+      const amountPerSecond = 1n;
+      const startTime = 1715000;
+      const streamTerms = createNativeTokenStreamingTerms(
+        { initialAmount, maxAmount, amountPerSecond, startTime },
+        { out: 'hex' },
+      );
+
+      const caveats = [
+        {
+          enforcer: TimestampEnforcer,
+          terms: expiryTerms,
+          args: '0x',
+        } as const,
+        {
+          enforcer: NativeTokenStreamingEnforcer,
+          terms: streamTerms,
+          args: '0x',
+        } as const,
+        { enforcer: ExactCalldataEnforcer, terms: '0x', args: '0x' } as const,
+        { enforcer: NonceEnforcer, terms: '0x', args: '0x' } as const,
+      ];
+
+      const invalidAuthority =
+        '0x0000000000000000000000000000000000000000' as Hex;
+
+      await expect(
+        controller.decodePermissionFromPermissionContextForOrigin({
+          origin: controller.permissionsProviderSnapId,
+          chainId,
+          delegation: {
+            delegate,
+            delegator,
+            authority: invalidAuthority,
+            caveats,
+          },
+          metadata: buildMetadata(''),
+        }),
+      ).rejects.toThrow('Failed to decode permission');
+    });
+  });
 });
 
 /**

packages/gator-permissions-controller/src/GatorPermissionsController.ts

@@ -10,10 +10,18 @@ import type { HandleSnapRequest, HasSnap } from '@metamask/snaps-controllers';
 import type { SnapId } from '@metamask/snaps-sdk';
 import { HandlerType } from '@metamask/snaps-utils';
 
+import type { DecodedPermission } from './decodePermission';
+import {
+  getPermissionDataAndExpiry,
+  identifyPermissionByEnforcers,
+  reconstructDecodedPermission,
+} from './decodePermission';
 import {
   GatorPermissionsFetchError,
   GatorPermissionsNotEnabledError,
   GatorPermissionsProviderError,
+  OriginNotAllowedError,
+  PermissionDecodingError,
 } from './errors';
 import { controllerLog } from './logger';
 import type { StoredGatorPermissionSanitized } from './types';
@@ -22,6 +30,7 @@ import {
   type GatorPermissionsMap,
   type PermissionTypesWithCustom,
   type StoredGatorPermission,
+  type DelegationDetails,
 } from './types';
 import {
   deserializeGatorPermissionsMap,
@@ -155,6 +164,12 @@ export type GatorPermissionsControllerDisableGatorPermissionsAction = {
   handler: GatorPermissionsController['disableGatorPermissions'];
 };
 
+export type GatorPermissionsControllerDecodePermissionFromPermissionContextForOriginAction =
+  {
+    type: `${typeof controllerName}:decodePermissionFromPermissionContextForOrigin`;
+    handler: GatorPermissionsController['decodePermissionFromPermissionContextForOrigin'];
+  };
+
 /**
  * All actions that {@link GatorPermissionsController} registers, to be called
  * externally.
@@ -163,7 +178,8 @@ export type GatorPermissionsControllerActions =
   | GatorPermissionsControllerGetStateAction
   | GatorPermissionsControllerFetchAndUpdateGatorPermissionsAction
   | GatorPermissionsControllerEnableGatorPermissionsAction
-  | GatorPermissionsControllerDisableGatorPermissionsAction;
+  | GatorPermissionsControllerDisableGatorPermissionsAction
+  | GatorPermissionsControllerDecodePermissionFromPermissionContextForOriginAction;
 
 /**
  * All actions that {@link GatorPermissionsController} calls internally.
@@ -268,6 +284,11 @@ export default class GatorPermissionsController extends BaseController<
       `${controllerName}:disableGatorPermissions`,
       this.disableGatorPermissions.bind(this),
     );
+
+    this.messagingSystem.registerActionHandler(
+      `${controllerName}:decodePermissionFromPermissionContextForOrigin`,
+      this.decodePermissionFromPermissionContextForOrigin.bind(this),
+    );
   }
 
   /**
@@ -490,4 +511,76 @@ export default class GatorPermissionsController extends BaseController<
       this.#setIsFetchingGatorPermissions(false);
     }
   }
+
+  /**
+   * Decodes a permission context into a structured permission for a specific origin.
+   *
+   * This method validates the caller origin, decodes the provided `permissionContext`
+   * into delegations, identifies the permission type from the caveat enforcers,
+   * extracts the permission-specific data and expiry, and reconstructs a
+   * {@link DecodedPermission} containing chainId, account addresses, signer, type and data.
+   *
+   * @param args - The arguments to this function.
+   * @param args.origin - The caller's origin; must match the configured permissions provider Snap id.
+   * @param args.chainId - Numeric EIP-155 chain id used for resolving enforcer contracts and encoding.
+   * @param args.delegation - delegation representing the permission.
+   * @param args.metadata - metadata included in the request.
+   * @param args.metadata.justification - the justification as specified in the request metadata.
+   * @param args.metadata.origin - the origin as specified in the request metadata.
+   *
+   * @returns A decoded permission object suitable for UI consumption and follow-up actions.
+   * @throws If the origin is not allowed, the context cannot be decoded into exactly one delegation,
+   * or the enforcers/terms do not match a supported permission type.
+   */
+  public async decodePermissionFromPermissionContextForOrigin({
+    origin,
+    chainId,
+    delegation: { caveats, delegator, delegate, authority },
+    metadata: { justification, origin: specifiedOrigin },
+  }: {
+    origin: string;
+    chainId: number;
+    metadata: {
+      justification: string;
+      origin: string;
+    };
+    delegation: DelegationDetails;
+  }): Promise<DecodedPermission> {
+    if (origin !== this.permissionsProviderSnapId) {
+      throw new OriginNotAllowedError({ origin });
+    }
+
+    try {
+      const enforcers = caveats.map((caveat) => caveat.enforcer);
+
+      const permissionType = identifyPermissionByEnforcers({
+        enforcers,
+        chainId,
+      });
+
+      const { expiry, data } = getPermissionDataAndExpiry({
+        chainId,
+        caveats,
+        permissionType,
+      });
+
+      const permission = reconstructDecodedPermission({
+        chainId,
+        permissionType,
+        delegator,
+        delegate,
+        authority,
+        expiry,
+        data,
+        justification,
+        specifiedOrigin,
+      });
+
+      return permission;
+    } catch (error) {
+      throw new PermissionDecodingError({
+        cause: error as Error,
+      });
+    }
+  }
 }