snaps icon indicating copy to clipboard operation
snaps copied to clipboard
verified publisher icon MetaMask

Restrict available RPC methods for `snap.request()` by means of an allowlist

Open rekmarks opened this issue 2 years ago • 0 comments

Currently, we restrict the RPC methods available to snap.request() by means of a blocklist. We should consider replacing this with an allowlist explicitly listing each permitted method. In this way, we will never fail to prevent an RPC method from being allowed through the snap RPC provider.

rekmarks avatar Sep 20 '23 17:09 rekmarks