Add new permissionsProvider_getGrantedPermissions RPC#108
Merged
V00D00-child merged 4 commits intoJul 17, 2025
Merged
Conversation
This was referenced Jul 10, 2025
MoMannn
approved these changes
Jul 17, 2025
7 tasks
V00D00-child
added a commit
to MetaMask/metamask-extension
that referenced
this pull request
Aug 14, 2025
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> [](https://codespaces.new/MetaMask/metamask-extension/pull/34373?quickstart=1) Submit transactions to revoke gator permissions. Support single and batch revokes. ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: Adds a button for the user to revoke a gator permission. ## **Related issues** requires: #33996 requires: MetaMask/core#6033 requires: MetaMask/snap-7715-permissions#108 relates to: MetaMask/snap-7715-permissions#84 ## **Manual testing steps** 1. Generate a MM Flask build - `yarn dist --build-type flask --apply-lavamoat false` 2. Install the latest development version of `@metamask/permissions-kernel-snap` and `@metamask/gator-permissions-snap`. 3. Make a permission 7715 request to store a permission in profile sync. 4. Go to the "All Permissions page". 5. Click revoke to trigger a transaction to revoke a permission. 6. Sign the transaction. - Evidence of revoke permission transaction on testnet: https://sepolia.etherscan.io/tx/0x157ae09d68e0b922876f131648657fd780194625ff2d3825021a8293f6f16dd5 ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [x] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [x] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
7 tasks
V00D00-child
added a commit
to MetaMask/core
that referenced
this pull request
Aug 20, 2025
## Explanation <!-- Thanks for your contribution! Take a moment to answer these questions so that reviewers have the information they need to properly understand your changes: * What is the current state of things and why does it need to change? * What is the solution your changes offer and how does it work? * Are there any changes whose purpose might not obvious to those unfamiliar with the domain? * If your primary goal was to update one package but you found you had to update another one along the way, why did you do so? * If you had to upgrade a dependency, why did you do so? --> ### @metamask/gator-permissions-controller #### Current State and Why Change is Needed MetaMask clients currently lack a dedicated system for managing gator permissions that are stored to profile sync via the `@metamask/gator-permissions-snap`. #### Solution and How It Works This change introduces a new `@metamask/gator-permissions-controller` package that provides a comprehensive solution for managing gator permissions in MetaMask clients with gator-snap integration. #### Changes That Might Not Be Obvious - Serialization Strategy: The controller `state` uses JSON serialization for storing permission data fetched from `@metamask/gator-permissions-snap`, which allows for efficient storage and retrieval while maintaining data integrity. The deserialize permission data is represented as a list of gator permissions filtered by permission type and chainId. - Default Permission Structure: The controller initializes with an empty structure for all three permission types, ensuring consistent state even when no permissions are configured #### Package Dependencies and Integration The new package depends on `@metamask/snaps-controllers` as a peer dependency, ensuring it can leverage sending RPC requests to an installed Metamask Snap. This integration allows the `GatorPermissionsController` to forward requests to `@metamask/gator-permissions-snap` to fetch users' Gator permissions that have been stored in the MetaMask Profile Sync service. The `@metamask/gator-permissions-snap` will take on the responsibility of authenticating with MetaMask Profile Sync service using an`SRP` identifier via integration with `@metamask/message-signing-snap`. #### No Dependency Upgrades Required This is a new package that introduces new functionality without requiring changes to existing dependencies. The package uses the current stable versions of `@metamask/base-controller`, `@metamask/utils `,`@metamask/snaps-sdk`, and `@metamask/snaps-utils` following the established patterns in the MetaMask codebase. ## References <!-- Are there any issues that this pull request is tied to? Are there other links that reviewers should consult to understand these changes better? Are there client or consumer pull requests to adopt any breaking changes? For example: * Fixes #12345 * Related to #67890 --> Related to(MM snap-7715-permissions): [Persisting Granted Permissions with MM Profile Sync](MetaMask/snap-7715-permissions#84) Requires(MM snap-7715-permissions):[Add new permissionsProvider_getGrantedPermissions RPC](MetaMask/snap-7715-permissions#108) Required by(MM Extension): MetaMask/metamask-extension#33996 ### Gator Permissions Data Flow ```mermaid graph TD %% dApp flow for storing permissions A[dApp<br/>client side RPC] -->|RPC| GPS[gator-permissions-snap] C -->|WRITE| D[(permissions stored<br/>across all sites)] %% User flow for reading permissions E[user<br/>permissions page] -->|UI| F[MM client] F -->|submitRequestToBackground| G[GatorPermissionsController] G --> MSYS[messagingSystem] MSYS -->|handleRequest| SC[SnapController] SC -->|RPC| GPS C -->|READ| D %% SRP Auth GPS -->|OAuth 2.0 Auth| MS[message-signing-snap] MS -->|SRP identifier & signature| C[profile sync service] %% Styling classDef dappStyle fill:#e1f5fe,stroke:#01579b,stroke-width:2px classDef userStyle fill:#f3e5f5,stroke:#4a148c,stroke-width:2px classDef serviceStyle fill:#e8f5e8,stroke:#1b5e20,stroke-width:2px classDef dataStyle fill:#fff3e0,stroke:#e65100,stroke-width:2px classDef authStyle fill:#ffebee,stroke:#c62828,stroke-width:2px classDef systemStyle fill:#fce4ec,stroke:#ad1457,stroke-width:2px class A dappStyle class E,F userStyle class GPS,C serviceStyle class D dataStyle class MS authStyle class G,MSYS,SC systemStyle ``` ## Checklist - [x] I've updated the test suite for new or updated code as appropriate - [x] I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate - [x] I've communicated my changes to consumers by [updating changelogs for packages I've changed](https://github.com/MetaMask/core/tree/main/docs/contributing.md#updating-changelogs), highlighting breaking changes as necessary - [x] I've prepared draft pull requests for clients and consumer packages to resolve any breaking changes
github-merge-queue Bot
pushed a commit
to MetaMask/metamask-extension
that referenced
this pull request
Sep 29, 2025
## **Description**
This PR lays the foundation for the gator permissions revocation
feature. Introduces the following:
- The usage of the `GatorPemissionsController` to fetch gator
permissions that have been granted to sites.
- A dedicated selector that filters `GatorPemissionsController` state to
provide necessary data allowing components to render gator permissions
revocation features.
- Introduces the `GATOR_PERMISSIONS_REVOCATION_ENABLED` feature flag
that is set to `false`. This flag is used to continue building the gator
permissions view without impacting end-users.
- All UI changes are behind the `GATOR_PERMISSIONS_REVOCATION_ENABLED`
feature flag.
- Dynamic routing based on `GATOR_PERMISSIONS_REVOCATION_ENABLED`
feature flag.
- 'All permissions' click on the global menu.
- 'Back button' click on the site connection page.
- Targeting flask build - Once the feature is complete, it will target a
MM Flash realease
- Placeholder for gator `TokenTransferPage` to be implemented fully
#36207
[](https://codespaces.new/MetaMask/metamask-extension/pull/35219?quickstart=1)
## **Related issues**
requires: MetaMask/core#6033
requires: #35627
requires: MetaMask/snap-7715-permissions#108
requires: #35307
relates to: MetaMask/snap-7715-permissions#84
required by: #36207
## **Manual testing steps**
### Setting up required MM snaps(Installing snaps):
Local version of kernel-snap, gator-snap, and the message-signing-snap
from [snap-7715-permissions mono
repo](https://github.com/MetaMask/snap-7715-permissions) is required to
be running locally to fully test e2e manually. Follow the steps in the
README.md to get those snaps up and running. The development site at
`http://localhost:8000/` will be used to install the snaps and grant
some gator permissions.
- repo: [snap-7715-permissions mono
repo](https://github.com/MetaMask/snap-7715-permissions)
- branch: `dev`
- commit hash: `520fffde76c98701e9bac9eb080695e673b7736e`
### Testing e2e flow
1. Ensure `snap-7715-permissions mono` development server is up and
running
2. In MM extension `.metamaskrc` file, ensure the following env values
are set:
```bash
GATOR_PERMISSIONS_ENABLED=true
GATOR_PERMISSIONS_REVOCATION_ENABLED=true
PERMISSIONS_KERNEL_SNAP_ID='local:http://localhost:8081'
GATOR_PERMISSIONS_PROVIDER_SNAP_ID='local:http://localhost:8082'
```
4. Run `yarn start:flask`
5. Once MM extension is installed, navigate to the snaps development
site at `http://localhost:8000/`
- Install kernel-snap
- Install gator-snap
6. Go to "All Permissions Page" in MM extension
## **Screenshots/Recordings**
### **Installing snaps**
https://github.com/user-attachments/assets/b21a7827-d4d2-4b72-bfa9-ea7ff9a08bd4
### **Before**
https://github.com/user-attachments/assets/f3b4d4fe-8cad-4c48-a314-a65a8fd2dc14
### **After**
https://github.com/user-attachments/assets/490e03d4-54db-48e5-b4b2-f9b16d1d257a
## **Pre-merge author checklist**
- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask
Extension Coding
Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I’ve included tests if applicable
- [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.
## **Pre-merge reviewer checklist**
- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Adds gated Gator Permissions revocation flow: new
routes/pages/components, selectors and hook, global menu/nav updates,
env flag, locales, and comprehensive tests.
>
> - **Feature flag & config**
> - Add `GATOR_PERMISSIONS_REVOCATION_ENABLED` env (builds.yml) and
`isGatorPermissionsRevocationFeatureEnabled()` with tests.
> - **Routing & navigation**
> - Add routes: `GATOR_PERMISSIONS`, `TOKEN_TRANSFER_ROUTE`; register in
router and analytics map.
> - Update Global Menu “Connected sites” link to route to
`GATOR_PERMISSIONS` when flag is on.
> - Permissions page back button and title vary based on flag; header
visibility utils updated for new routes.
> - **UI**
> - New pages: `GatorPermissionsPage`, `TokenTransferPage` (scaffolded),
and `PermissionListItem` component.
> - Gator Permissions page lists Sites and Token transfer categories
(loading/empty states included).
> - **Data layer**
> - New selectors in `ui/selectors/gator-permissions` to
deserialize/aggregate permissions.
> - New hook `useGatorPermissions` to fetch/update permissions state.
> - **Tests**
> - Unit tests for env flag, selectors, hook; snapshots for new
pages/components.
> - E2E: permissions navigation and back behavior; global menu link
target.
> - **Locales**
> - Add strings for `sites` and `tokenTransfer` in `en` and `en_GB`.
> - **Fixtures**
> - Extend mock state with gator permissions fields and serialized map.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
ddf1657. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
---------
Co-authored-by: Tadej Vengust <tadej.vengust@consensys.net>
NidhiKJha
pushed a commit
to MetaMask/metamask-extension
that referenced
this pull request
Oct 9, 2025
## **Description**
This PR lays the foundation for the gator permissions revocation
feature. Introduces the following:
- The usage of the `GatorPemissionsController` to fetch gator
permissions that have been granted to sites.
- A dedicated selector that filters `GatorPemissionsController` state to
provide necessary data allowing components to render gator permissions
revocation features.
- Introduces the `GATOR_PERMISSIONS_REVOCATION_ENABLED` feature flag
that is set to `false`. This flag is used to continue building the gator
permissions view without impacting end-users.
- All UI changes are behind the `GATOR_PERMISSIONS_REVOCATION_ENABLED`
feature flag.
- Dynamic routing based on `GATOR_PERMISSIONS_REVOCATION_ENABLED`
feature flag.
- 'All permissions' click on the global menu.
- 'Back button' click on the site connection page.
- Targeting flask build - Once the feature is complete, it will target a
MM Flash realease
- Placeholder for gator `TokenTransferPage` to be implemented fully
#36207
[](https://codespaces.new/MetaMask/metamask-extension/pull/35219?quickstart=1)
## **Related issues**
requires: MetaMask/core#6033
requires: #35627
requires: MetaMask/snap-7715-permissions#108
requires: #35307
relates to: MetaMask/snap-7715-permissions#84
required by: #36207
## **Manual testing steps**
### Setting up required MM snaps(Installing snaps):
Local version of kernel-snap, gator-snap, and the message-signing-snap
from [snap-7715-permissions mono
repo](https://github.com/MetaMask/snap-7715-permissions) is required to
be running locally to fully test e2e manually. Follow the steps in the
README.md to get those snaps up and running. The development site at
`http://localhost:8000/` will be used to install the snaps and grant
some gator permissions.
- repo: [snap-7715-permissions mono
repo](https://github.com/MetaMask/snap-7715-permissions)
- branch: `dev`
- commit hash: `520fffde76c98701e9bac9eb080695e673b7736e`
### Testing e2e flow
1. Ensure `snap-7715-permissions mono` development server is up and
running
2. In MM extension `.metamaskrc` file, ensure the following env values
are set:
```bash
GATOR_PERMISSIONS_ENABLED=true
GATOR_PERMISSIONS_REVOCATION_ENABLED=true
PERMISSIONS_KERNEL_SNAP_ID='local:http://localhost:8081'
GATOR_PERMISSIONS_PROVIDER_SNAP_ID='local:http://localhost:8082'
```
4. Run `yarn start:flask`
5. Once MM extension is installed, navigate to the snaps development
site at `http://localhost:8000/`
- Install kernel-snap
- Install gator-snap
6. Go to "All Permissions Page" in MM extension
## **Screenshots/Recordings**
### **Installing snaps**
https://github.com/user-attachments/assets/b21a7827-d4d2-4b72-bfa9-ea7ff9a08bd4
### **Before**
https://github.com/user-attachments/assets/f3b4d4fe-8cad-4c48-a314-a65a8fd2dc14
### **After**
https://github.com/user-attachments/assets/490e03d4-54db-48e5-b4b2-f9b16d1d257a
## **Pre-merge author checklist**
- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask
Extension Coding
Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I’ve included tests if applicable
- [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.
## **Pre-merge reviewer checklist**
- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Adds gated Gator Permissions revocation flow: new
routes/pages/components, selectors and hook, global menu/nav updates,
env flag, locales, and comprehensive tests.
>
> - **Feature flag & config**
> - Add `GATOR_PERMISSIONS_REVOCATION_ENABLED` env (builds.yml) and
`isGatorPermissionsRevocationFeatureEnabled()` with tests.
> - **Routing & navigation**
> - Add routes: `GATOR_PERMISSIONS`, `TOKEN_TRANSFER_ROUTE`; register in
router and analytics map.
> - Update Global Menu “Connected sites” link to route to
`GATOR_PERMISSIONS` when flag is on.
> - Permissions page back button and title vary based on flag; header
visibility utils updated for new routes.
> - **UI**
> - New pages: `GatorPermissionsPage`, `TokenTransferPage` (scaffolded),
and `PermissionListItem` component.
> - Gator Permissions page lists Sites and Token transfer categories
(loading/empty states included).
> - **Data layer**
> - New selectors in `ui/selectors/gator-permissions` to
deserialize/aggregate permissions.
> - New hook `useGatorPermissions` to fetch/update permissions state.
> - **Tests**
> - Unit tests for env flag, selectors, hook; snapshots for new
pages/components.
> - E2E: permissions navigation and back behavior; global menu link
target.
> - **Locales**
> - Add strings for `sites` and `tokenTransfer` in `en` and `en_GB`.
> - **Fixtures**
> - Extend mock state with gator permissions fields and serialized map.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
ddf1657. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
---------
Co-authored-by: Tadej Vengust <tadej.vengust@consensys.net>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Expose a new RPC method
permissionsProvider_getGrantedPermissionsto be used by Metamask clients to retrieve granted permissions for all sites.Related issues
Related to: Persisting Granted Permissions with MM Profile Sync
Required by(MM Extension): Feat/gator permissions revoke UI
Required by(MM Core): feat: add gator permissions controller
Manual testing steps
Exiting functionally should behave as expected. To test the new RPC method, a local build of MaskMeta is required with a request made to
gator-snap. See code snippet below for more context:Pre-merge author checklist
Pre-merge reviewer checklist