Skip to content

Add new permissionsProvider_getGrantedPermissions RPC#108

Merged
V00D00-child merged 4 commits into
mainfrom
feat/expose-rpc-to-metamask-for-fetching-stored-permissions
Jul 17, 2025
Merged

Add new permissionsProvider_getGrantedPermissions RPC#108
V00D00-child merged 4 commits into
mainfrom
feat/expose-rpc-to-metamask-for-fetching-stored-permissions

Conversation

@V00D00-child

@V00D00-child V00D00-child commented Jul 10, 2025

Copy link
Copy Markdown
Member

Description

Expose a new RPC method permissionsProvider_getGrantedPermissions to be used by Metamask clients to retrieve granted permissions for all sites.

Related issues

Related to: Persisting Granted Permissions with MM Profile Sync
Required by(MM Extension): Feat/gator permissions revoke UI
Required by(MM Core): feat: add gator permissions controller

Manual testing steps

Exiting functionally should behave as expected. To test the new RPC method, a local build of MaskMeta is required with a request made to gator-snap. See code snippet below for more context:

// Make call to gator-snap new RPC methods directly inside MetaMask extension, the method is only accessible by metamask clients
// Code below needs to be run in the context of the MetaMask extension
 const sampleResponse = (await handleSnapRequest({
          snapId: 'local:http://localhost:8082/', // this would be @metamask/gator-permissions-snap in prod
          origin: 'metamask',
          handler: 'onRpcRequest',
          request: {
            jsonrpc: '2.0',
            method: 'permissionsProvider_getGrantedPermissions',
          },
   })) as { id: string };
  console.log('sampleResponse(to gator-snap):', sampleResponse);

Pre-merge author checklist

Pre-merge reviewer checklist

  • I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
  • I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

@V00D00-child V00D00-child marked this pull request as ready for review July 11, 2025 19:05
@V00D00-child V00D00-child requested a review from a team as a code owner July 11, 2025 19:05
@V00D00-child V00D00-child changed the title [DRAFT] Add new permissionsProvider_getGrantedPermissions RPC Add new permissionsProvider_getGrantedPermissions RPC Jul 11, 2025
MoMannn
MoMannn previously approved these changes Jul 17, 2025

@MoMannn MoMannn left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@V00D00-child V00D00-child merged commit 81ec887 into main Jul 17, 2025
16 checks passed
@V00D00-child V00D00-child deleted the feat/expose-rpc-to-metamask-for-fetching-stored-permissions branch July 17, 2025 15:37
V00D00-child added a commit to MetaMask/metamask-extension that referenced this pull request Aug 14, 2025
<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->

## **Description**

<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->

[![Open in GitHub
Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/MetaMask/metamask-extension/pull/34373?quickstart=1)

Submit transactions to revoke gator permissions. Support single and
batch revokes.

## **Changelog**

<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`

If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`

(This helps the Release Engineer do their job more quickly and
accurately)
-->

CHANGELOG entry: Adds a button for the user to revoke a gator
permission.

## **Related issues**

requires: #33996
requires: MetaMask/core#6033
requires: MetaMask/snap-7715-permissions#108
relates to: MetaMask/snap-7715-permissions#84

## **Manual testing steps**

1. Generate a MM Flask build - `yarn dist --build-type flask
--apply-lavamoat false`
2. Install the latest development version of
`@metamask/permissions-kernel-snap` and
`@metamask/gator-permissions-snap`.
3. Make a permission 7715 request to store a permission in profile sync.
4. Go to the "All Permissions page".
5. Click revoke to trigger a transaction to revoke a permission.
6. Sign the transaction.

- Evidence of revoke permission transaction on testnet:
https://sepolia.etherscan.io/tx/0x157ae09d68e0b922876f131648657fd780194625ff2d3825021a8293f6f16dd5

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask
Extension Coding
Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I’ve included tests if applicable
- [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [x] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [x] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.
V00D00-child added a commit to MetaMask/core that referenced this pull request Aug 20, 2025
## Explanation

<!--
Thanks for your contribution! Take a moment to answer these questions so
that reviewers have the information they need to properly understand
your changes:

* What is the current state of things and why does it need to change?
* What is the solution your changes offer and how does it work?
* Are there any changes whose purpose might not obvious to those
unfamiliar with the domain?
* If your primary goal was to update one package but you found you had
to update another one along the way, why did you do so?
* If you had to upgrade a dependency, why did you do so?
-->

### @metamask/gator-permissions-controller

#### Current State and Why Change is Needed

MetaMask clients currently lack a dedicated system for managing gator
permissions that are stored to profile sync via the
`@metamask/gator-permissions-snap`.

#### Solution and How It Works

This change introduces a new `@metamask/gator-permissions-controller`
package that provides a comprehensive solution for managing gator
permissions in MetaMask clients with gator-snap integration.

#### Changes That Might Not Be Obvious

- Serialization Strategy: The controller `state` uses JSON serialization
for storing permission data fetched from
`@metamask/gator-permissions-snap`, which allows for efficient storage
and retrieval while maintaining data integrity. The deserialize
permission data is represented as a list of gator permissions filtered
by permission type and chainId.
- Default Permission Structure: The controller initializes with an empty
structure for all three permission types, ensuring consistent state even
when no permissions are configured
 
####  Package Dependencies and Integration

The new package depends on `@metamask/snaps-controllers` as a peer
dependency, ensuring it can leverage sending RPC requests to an
installed Metamask Snap. This integration allows the
`GatorPermissionsController` to forward requests to
`@metamask/gator-permissions-snap` to fetch users' Gator permissions
that have been stored in the MetaMask Profile Sync service.

The `@metamask/gator-permissions-snap` will take on the responsibility
of authenticating with MetaMask Profile Sync service using an`SRP`
identifier via integration with `@metamask/message-signing-snap`.

#### No Dependency Upgrades Required

This is a new package that introduces new functionality without
requiring changes to existing dependencies. The package uses the current
stable versions of `@metamask/base-controller`, `@metamask/utils
`,`@metamask/snaps-sdk`, and `@metamask/snaps-utils` following the
established patterns in the MetaMask codebase.

## References

<!--
Are there any issues that this pull request is tied to?
Are there other links that reviewers should consult to understand these
changes better?
Are there client or consumer pull requests to adopt any breaking
changes?

For example:

* Fixes #12345
* Related to #67890
-->

Related to(MM snap-7715-permissions): [Persisting Granted Permissions
with MM Profile
Sync](MetaMask/snap-7715-permissions#84)
Requires(MM snap-7715-permissions):[Add new
permissionsProvider_getGrantedPermissions
RPC](MetaMask/snap-7715-permissions#108)
Required by(MM Extension):
MetaMask/metamask-extension#33996

### Gator Permissions Data Flow
```mermaid
graph TD
    %% dApp flow for storing permissions
    A[dApp<br/>client side RPC] -->|RPC| GPS[gator-permissions-snap]
    C -->|WRITE| D[(permissions stored<br/>across all sites)]
    
    %% User flow for reading permissions
    E[user<br/>permissions page] -->|UI| F[MM client]
    F -->|submitRequestToBackground| G[GatorPermissionsController]
    G --> MSYS[messagingSystem]
    MSYS -->|handleRequest| SC[SnapController]
    SC -->|RPC| GPS
    C -->|READ| D

    %% SRP Auth
    GPS -->|OAuth 2.0 Auth| MS[message-signing-snap]
    MS -->|SRP identifier & signature| C[profile sync service]
    
    %% Styling
    classDef dappStyle fill:#e1f5fe,stroke:#01579b,stroke-width:2px
    classDef userStyle fill:#f3e5f5,stroke:#4a148c,stroke-width:2px
    classDef serviceStyle fill:#e8f5e8,stroke:#1b5e20,stroke-width:2px
    classDef dataStyle fill:#fff3e0,stroke:#e65100,stroke-width:2px
    classDef authStyle fill:#ffebee,stroke:#c62828,stroke-width:2px
    classDef systemStyle fill:#fce4ec,stroke:#ad1457,stroke-width:2px
    
    class A dappStyle
    class E,F userStyle
    class GPS,C serviceStyle
    class D dataStyle
    class MS authStyle
    class G,MSYS,SC systemStyle
```

## Checklist

- [x] I've updated the test suite for new or updated code as appropriate
- [x] I've updated documentation (JSDoc, Markdown, etc.) for new or
updated code as appropriate
- [x] I've communicated my changes to consumers by [updating changelogs
for packages I've
changed](https://github.com/MetaMask/core/tree/main/docs/contributing.md#updating-changelogs),
highlighting breaking changes as necessary
- [x] I've prepared draft pull requests for clients and consumer
packages to resolve any breaking changes
github-merge-queue Bot pushed a commit to MetaMask/metamask-extension that referenced this pull request Sep 29, 2025
## **Description**

This PR lays the foundation for the gator permissions revocation
feature. Introduces the following:
- The usage of the `GatorPemissionsController` to fetch gator
permissions that have been granted to sites.
- A dedicated selector that filters `GatorPemissionsController` state to
provide necessary data allowing components to render gator permissions
revocation features.
- Introduces the `GATOR_PERMISSIONS_REVOCATION_ENABLED` feature flag
that is set to `false`. This flag is used to continue building the gator
permissions view without impacting end-users.
- All UI changes are behind the `GATOR_PERMISSIONS_REVOCATION_ENABLED`
feature flag.
- Dynamic routing based on `GATOR_PERMISSIONS_REVOCATION_ENABLED`
feature flag.
    - 'All permissions' click on the global menu.
    - 'Back button' click on the site connection page.
- Targeting flask build - Once the feature is complete, it will target a
MM Flash realease
- Placeholder for gator `TokenTransferPage` to be implemented fully
#36207

[![Open in GitHub
Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/MetaMask/metamask-extension/pull/35219?quickstart=1)

## **Related issues**

requires: MetaMask/core#6033
requires: #35627
requires: MetaMask/snap-7715-permissions#108
requires: #35307
relates to: MetaMask/snap-7715-permissions#84
required by: #36207

## **Manual testing steps**

### Setting up required MM snaps(Installing snaps):
Local version of kernel-snap, gator-snap, and the message-signing-snap
from [snap-7715-permissions mono
repo](https://github.com/MetaMask/snap-7715-permissions) is required to
be running locally to fully test e2e manually. Follow the steps in the
README.md to get those snaps up and running. The development site at
`http://localhost:8000/` will be used to install the snaps and grant
some gator permissions.

- repo: [snap-7715-permissions mono
repo](https://github.com/MetaMask/snap-7715-permissions)
- branch: `dev`
- commit hash: `520fffde76c98701e9bac9eb080695e673b7736e`

### Testing e2e flow
1. Ensure `snap-7715-permissions mono` development server is up and
running
2. In MM extension `.metamaskrc` file, ensure the following env values
are set:
```bash
GATOR_PERMISSIONS_ENABLED=true
GATOR_PERMISSIONS_REVOCATION_ENABLED=true
PERMISSIONS_KERNEL_SNAP_ID='local:http://localhost:8081'
GATOR_PERMISSIONS_PROVIDER_SNAP_ID='local:http://localhost:8082'
```
4. Run `yarn start:flask`
5. Once MM extension is installed, navigate to the snaps development
site at `http://localhost:8000/`
   - Install kernel-snap
   - Install gator-snap
6. Go to "All Permissions Page" in MM extension

## **Screenshots/Recordings**

### **Installing snaps**


https://github.com/user-attachments/assets/b21a7827-d4d2-4b72-bfa9-ea7ff9a08bd4

### **Before**


https://github.com/user-attachments/assets/f3b4d4fe-8cad-4c48-a314-a65a8fd2dc14

### **After**


https://github.com/user-attachments/assets/490e03d4-54db-48e5-b4b2-f9b16d1d257a

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask
Extension Coding
Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I’ve included tests if applicable
- [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Adds gated Gator Permissions revocation flow: new
routes/pages/components, selectors and hook, global menu/nav updates,
env flag, locales, and comprehensive tests.
> 
> - **Feature flag & config**
> - Add `GATOR_PERMISSIONS_REVOCATION_ENABLED` env (builds.yml) and
`isGatorPermissionsRevocationFeatureEnabled()` with tests.
> - **Routing & navigation**
> - Add routes: `GATOR_PERMISSIONS`, `TOKEN_TRANSFER_ROUTE`; register in
router and analytics map.
> - Update Global Menu “Connected sites” link to route to
`GATOR_PERMISSIONS` when flag is on.
> - Permissions page back button and title vary based on flag; header
visibility utils updated for new routes.
> - **UI**
> - New pages: `GatorPermissionsPage`, `TokenTransferPage` (scaffolded),
and `PermissionListItem` component.
> - Gator Permissions page lists Sites and Token transfer categories
(loading/empty states included).
> - **Data layer**
> - New selectors in `ui/selectors/gator-permissions` to
deserialize/aggregate permissions.
>   - New hook `useGatorPermissions` to fetch/update permissions state.
> - **Tests**
> - Unit tests for env flag, selectors, hook; snapshots for new
pages/components.
> - E2E: permissions navigation and back behavior; global menu link
target.
> - **Locales**
>   - Add strings for `sites` and `tokenTransfer` in `en` and `en_GB`.
> - **Fixtures**
> - Extend mock state with gator permissions fields and serialized map.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
ddf1657. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------

Co-authored-by: Tadej Vengust <tadej.vengust@consensys.net>
NidhiKJha pushed a commit to MetaMask/metamask-extension that referenced this pull request Oct 9, 2025
## **Description**

This PR lays the foundation for the gator permissions revocation
feature. Introduces the following:
- The usage of the `GatorPemissionsController` to fetch gator
permissions that have been granted to sites.
- A dedicated selector that filters `GatorPemissionsController` state to
provide necessary data allowing components to render gator permissions
revocation features.
- Introduces the `GATOR_PERMISSIONS_REVOCATION_ENABLED` feature flag
that is set to `false`. This flag is used to continue building the gator
permissions view without impacting end-users.
- All UI changes are behind the `GATOR_PERMISSIONS_REVOCATION_ENABLED`
feature flag.
- Dynamic routing based on `GATOR_PERMISSIONS_REVOCATION_ENABLED`
feature flag.
    - 'All permissions' click on the global menu.
    - 'Back button' click on the site connection page.
- Targeting flask build - Once the feature is complete, it will target a
MM Flash realease
- Placeholder for gator `TokenTransferPage` to be implemented fully
#36207

[![Open in GitHub
Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/MetaMask/metamask-extension/pull/35219?quickstart=1)

## **Related issues**

requires: MetaMask/core#6033
requires: #35627
requires: MetaMask/snap-7715-permissions#108
requires: #35307
relates to: MetaMask/snap-7715-permissions#84
required by: #36207

## **Manual testing steps**

### Setting up required MM snaps(Installing snaps):
Local version of kernel-snap, gator-snap, and the message-signing-snap
from [snap-7715-permissions mono
repo](https://github.com/MetaMask/snap-7715-permissions) is required to
be running locally to fully test e2e manually. Follow the steps in the
README.md to get those snaps up and running. The development site at
`http://localhost:8000/` will be used to install the snaps and grant
some gator permissions.

- repo: [snap-7715-permissions mono
repo](https://github.com/MetaMask/snap-7715-permissions)
- branch: `dev`
- commit hash: `520fffde76c98701e9bac9eb080695e673b7736e`

### Testing e2e flow
1. Ensure `snap-7715-permissions mono` development server is up and
running
2. In MM extension `.metamaskrc` file, ensure the following env values
are set:
```bash
GATOR_PERMISSIONS_ENABLED=true
GATOR_PERMISSIONS_REVOCATION_ENABLED=true
PERMISSIONS_KERNEL_SNAP_ID='local:http://localhost:8081'
GATOR_PERMISSIONS_PROVIDER_SNAP_ID='local:http://localhost:8082'
```
4. Run `yarn start:flask`
5. Once MM extension is installed, navigate to the snaps development
site at `http://localhost:8000/`
   - Install kernel-snap
   - Install gator-snap
6. Go to "All Permissions Page" in MM extension

## **Screenshots/Recordings**

### **Installing snaps**


https://github.com/user-attachments/assets/b21a7827-d4d2-4b72-bfa9-ea7ff9a08bd4

### **Before**


https://github.com/user-attachments/assets/f3b4d4fe-8cad-4c48-a314-a65a8fd2dc14

### **After**


https://github.com/user-attachments/assets/490e03d4-54db-48e5-b4b2-f9b16d1d257a

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask
Extension Coding
Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I’ve included tests if applicable
- [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Adds gated Gator Permissions revocation flow: new
routes/pages/components, selectors and hook, global menu/nav updates,
env flag, locales, and comprehensive tests.
> 
> - **Feature flag & config**
> - Add `GATOR_PERMISSIONS_REVOCATION_ENABLED` env (builds.yml) and
`isGatorPermissionsRevocationFeatureEnabled()` with tests.
> - **Routing & navigation**
> - Add routes: `GATOR_PERMISSIONS`, `TOKEN_TRANSFER_ROUTE`; register in
router and analytics map.
> - Update Global Menu “Connected sites” link to route to
`GATOR_PERMISSIONS` when flag is on.
> - Permissions page back button and title vary based on flag; header
visibility utils updated for new routes.
> - **UI**
> - New pages: `GatorPermissionsPage`, `TokenTransferPage` (scaffolded),
and `PermissionListItem` component.
> - Gator Permissions page lists Sites and Token transfer categories
(loading/empty states included).
> - **Data layer**
> - New selectors in `ui/selectors/gator-permissions` to
deserialize/aggregate permissions.
>   - New hook `useGatorPermissions` to fetch/update permissions state.
> - **Tests**
> - Unit tests for env flag, selectors, hook; snapshots for new
pages/components.
> - E2E: permissions navigation and back behavior; global menu link
target.
> - **Locales**
>   - Add strings for `sites` and `tokenTransfer` in `en` and `en_GB`.
> - **Fixtures**
> - Extend mock state with gator permissions fields and serialized map.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
ddf1657. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------

Co-authored-by: Tadej Vengust <tadej.vengust@consensys.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants