Erik Marks
Erik Marks
## **Description** Flushes the memorized request ids in the duplicate request middleware every 3 minutes, and makes the middleware ignore JSON-RPC notifications. Also converts the middleware to TypeScript. The duplicate...
## **Description** Adds all unrestricted RPC methods to the `unrestrictedMethods` array passed to the permission controller, and moves the permission middleware ahead of all RPC method implementations in `setupProviderEngine`. This...
Ref: https://github.com/MetaMask/metamask-mobile/issues/9492 Some RPC methods, e.g. `wallet_switchEthereumChain` and `wallet_addEthereumChain`, are implemented ahead of the permission middleware. This makes it difficult to keep track of our restricted vs. unrestricted methods, while...
Our implementation of `wallet_registerOnboarding` currently lives in its own middleware function. The implementation should be moved to the method middleware instead along with all the other unrestricted RPC methods.
Fixes Storybook failure by patching `@metamask/key-tree`. This is merely an expedient to unblock #24550. The underlying issue will be addressed in the relevant packages.
> [!NOTE] > The diff is not as bad as it seems; just hide whitespace on the diff view. > Actual changes are about `+600` of source code and `+900`...
When successful, `wallet_getPermissions` and `wallet_requestPermissions` both return the current permissions for the requesting subject, which is a subset of the permission controller's state. This is very unfortunate, because it means...
Requires: #4239 For the Barad-dûr multichain milestone, we are implementing [CAIP-25](https://github.com/ChainAgnostic/CAIPs/edit/main/CAIPs/caip-25.md) handshakes. Consequently, our permission system needs to be able to express its granular authorization logic for RPC methods and...
Requires: #4239 As elaborated in the permission controller's [architecture documentation](https://github.com/MetaMask/core/blob/3227bd51bc4eca0531a53f4be6468404e6a5f032/packages/permission-controller/ARCHITECTURE.md), its original purpose was to control access to RPC methods. To this end, we enshrined this responsibility within the current...
Following the closure of #4163 (#4222), we will have introduced a notion of "caveat merging" and incremental permission requests to the permission controller. Call this "additive permission requests". To complete...