Skip to content

Metamask overwrites gas values set by the dapp #32492

New issue
New issue
Open
Open
Metamask overwrites gas values set by the dapp#32492
Labels
external-contributor
@Th0rgal

Description

@Th0rgal
Th0rgal
opened on May 3, 2025

What is this about?

MetaMask replaces certain fee-related parameters (eth_sendTransaction) with its own gas estimator just before showing the signing UI. These modified parameters are not surfaced back to the dApp or other extensions.

As a result, a dApp that needs to:

display the exact transaction hash that will be signed on a hardware wallet (e.g., Ledger shows the hash of the final tx), or

cache/analyze fees for analytics or compliance,

has no reliable way to access the final transaction object before signature.
The first moment the dApp can observe the real parameters is after MetaMask broadcasts the signed transaction via eth_sendRawTransaction.

This breaks flows where the dApp must pre-compute or display the same hash the user sees on their hardware wallet.

Scenario

As a user pairing MetaMask with an iOS companion app to enhance the Ledger signing experience, I want to preview the exact transaction hash (including gas details) so that the hash shown on the Ledger matches what I see on the companion app, providing full transparency before signature.

Design

Proposed solution:

Emit a browser event so dApps and companion extensions can read the prepared transaction just before signature.

Example event:

window.dispatchEvent(
  new CustomEvent('metamask:preparedTx', { detail: txObject })
);

Technical Details

  • Hook into MetaMask’s internal flow just before calling the signing prompt.
  • Package the prepared txObject with all final gas parameters and nonce.
  • Emit a browser CustomEvent (e.g., metamask:preparedTx) with the txObject as the detail payload.
  • Ensure the event does not interfere with security, permissions, or signing flow.
  • Document the event shape and expected behavior for developers.

Threat Modeling Framework

n.a.

Acceptance Criteria

n.a.

Stakeholder review needed before the work gets merged

  • Engineering (needed in most cases)
  • Design
  • Product
  • QA (automation tests are required to pass before merging PRs but not all changes are covered by automation tests - please review if QA is needed beyond automation tests)
  • Security
  • Legal
  • Marketing
  • Management (please specify)
  • Other (please specify)

References

Similar issue in Rabby Wallet: RabbyHub/Rabby#2946

Metadata

Metadata

Assignees

No one assigned

    Labels

    external-contributor

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions