Skip to content

Add method to decode permission to GatorPermissionsController #6556

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Sep 16, 2025
Merged

Add method to decode permission to GatorPermissionsController #6556

merged 8 commits into from
Sep 16, 2025

Conversation

jeffsmale90
Copy link
Contributor

@jeffsmale90 jeffsmale90 commented Sep 11, 2025
edited
Loading

Explanation

  • Why change?
    When signing a permission, MetaMask must present the permission in a way that is easily comprehensible to the user. Based on the design shared here, the permission must be decoded from the eth_signTypedData_v4 request.

This PR adds that functionality to the GatorPermissionsController.

  • What’s the solution?

Introduce decodePermissionFromPermissionContextForOrigin to GatorPermissionsController and register a new action handler. It:

  • Validates the caller origin matches permissionsProviderSnapId (throws OriginNotAllowedError otherwise).

  • Resolves enforcer contract addresses per chain via @metamask/delegation-deployments. Throws if contracts are missing for the chain.

  • Identifies the permission type from caveats via identifyPermissionByEnforcers, extracts expiry and permission-specific data via getPermissionDataAndExpiry, and builds a DecodedPermission via reconstructDecodedPermission.

  • Non-obvious pieces:

    • Added @metamask/delegation-core for terms helpers like createTimestampTerms and createNativeTokenStreamingTerms, and ROOT_AUTHORITY.
    • Added @metamask/delegation-deployments to source enforcer addresses and CHAIN_ID.
    • Moved the decoding logic into a subfolder, to make it easier to export internal functionality from utils.ts to facilitate low level unit testing, without polluting the interface that is exposed to the GatorPermissionsController with these functions.

References

Architecture design https://www.notion.so/metamask-consensys/SignTypedData-with-Metadata-Specification-22bf86d67d688023be67e2ee06e3a56a#22bf86d67d688023be67e2ee06e3a56a

Checklist

  • I've updated the test suite for new or updated code as appropriate
  • I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
  • I've communicated my changes to consumers by updating changelogs for packages I've changed, highlighting breaking changes as necessary
  • I've prepared draft pull requests for clients and consumer packages to resolve any breaking changes

@jeffsmale90 jeffsmale90 force-pushed the feat/decodePermission branch 4 times, most recently from e5e5d20 to 56b2f73 Compare September 12, 2025 01:08
jeffsmale90
jeffsmale90 commented Sep 15, 2025
View reviewed changes
@jeffsmale90 jeffsmale90 force-pushed the feat/decodePermission branch 4 times, most recently from 15794d8 to 4bc812a Compare September 15, 2025 04:24
@jeffsmale90 jeffsmale90 changed the title Add method decodePermissionFromPermissionContextForOrigin to GatorPer… Add method to decode permission to GatorPermissionsController Sep 15, 2025
@jeffsmale90 jeffsmale90 marked this pull request as ready for review September 15, 2025 08:44
@jeffsmale90 jeffsmale90 requested review from a team as code owners September 15, 2025 08:44
@jeffsmale90
Add method decodePermissionFromPermissionContextForOrigin to GatorPer…
6e1f047 
…missionsController

- rejects any request from an origin other than the gator permission snap
- attempts to identify the permission type, and decode the data
- rejects any request where a unique permission is unable to be decoded

Also renames GatorPermissionsController.test.ts
@jeffsmale90
Refactor to allow more thorough testing. Improve test coverage to 100%
fa1a139
cursor[bot]

This comment was marked as outdated.

Sign in to view

@socket-security Socket Security
Copy link

socket-security bot commented Sep 15, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​metamask/​delegation-core@​0.2.0751009992100
Added@​metamask/​delegation-deployments@​0.12.0961007785100

View full report

V00D00-child
V00D00-child reviewed Sep 15, 2025
View reviewed changes
Copy link
Member

@V00D00-child V00D00-child left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not seeing a strong justification for exposing decodePermissionFromPermissionContextForOrigin() via the GatorPermissionsController.

As mentioned in the inline comment, we should consider decoupling it entirely and exposing it as a utility function directly from @metamask/gator-permissions-controller.

@jeffsmale90
Minor fixes:
2036df5 
- fix incorrect type of periodDuration in native-token-periodic-permission was Hex, now number
- removed unnecessary type assertions
- add necessary type assertion to test
cursor[bot]

This comment was marked as outdated.

Sign in to view

@jeffsmale90 jeffsmale90 mentioned this pull request Sep 16, 2025
Open
@jeffsmale90 jeffsmale90 enabled auto-merge (squash) September 16, 2025 18:28
@jeffsmale90 jeffsmale90 merged commit 1e07701 into main Sep 16, 2025
239 checks passed
@jeffsmale90 jeffsmale90 deleted the feat/decodePermission branch September 16, 2025 18:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@V00D00-child V00D00-child V00D00-child approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jeffsmale90 @V00D00-child