feat: Attach metadata when submitting a revocation to the permission provider snap #7503
Conversation
V00D00-child
changed the title
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
jeffsmale90
left a comment
jeffsmale90
left a comment
There was a problem hiding this comment.
Should we also add revocationMetadata to StoredGatorPermission (and as per my comments on the related PR, perhaps remove the isRevoked flag?
This would probably require some changes to how we load the permission from storage also, but IMO worthwhile,
packages/gator-permissions-controller/src/GatorPermissionsController.ts
Outdated
Show resolved
Hide resolved
| */ | ||
| export type RevocationMetadata = { | ||
| txHash: Hex; | ||
| blockTimestamp: string; |
There was a problem hiding this comment.
is blockTimestamp a decimal string?
If that's the case, any reason not to represent it as a number? As is, it's a bit ambiguous.
There was a problem hiding this comment.
I dropped the block timestamp from the metadata. Seems unnecessary to pass this data to our Snap to store in profile sync when we can always fetch using the transaction hash.
| /** | ||
| * The metadata associated with the permission revocation transaction. | ||
| */ | ||
| metadata?: RevocationMetadata; |
There was a problem hiding this comment.
Shouldn't this be required? Is there a scenario where we want to persist the revocation status, but don't have revocation metadata?
As per other comments, I think we should name this explicitly revocationMetadata to make it clear to what it is pertaining.
There was a problem hiding this comment.
There is an edge case in extension where we call submitRevocation with only permissionContext. In this case, we would not pass any revocation metadata, so we have to make that value optional.
Here is a link to the code for more context: https://github.com/MetaMask/metamask-extension/blob/main/ui/hooks/gator-permissions/useRevokeGatorPermissions.ts#L176
Edge case: Before submitting a revocation transaction, we check whether the delegation is already disabled on-chain. If it is disabled, we don't submit a transaction; instead, we pass the permissionContext to the Snap revocation method.
| const revocationParams = metadata | ||
| ? { permissionContext, metadata } | ||
| : { permissionContext }; |
There was a problem hiding this comment.
As per previous comment - should we accept revocations where we don't have the metadata? In what scenario can this happen?
There was a problem hiding this comment.
In this case, where we are in the context of a handler that runs when a transaction is confirmed, we should accept revocations even when we don't have the metadata. Not sure why the hash on TransactionMeta type coming from transaction-controller is marked as optional, but I would expect it to be present when the transaction is confirmed.
Explanation
This PR extends the
GatorPermissionsControllerto allow attaching metadata when submitting a revocation to the permission provider snap. Metadata includes:References
Requires: feat: Store metadata when revoking a permission
Checklist
Note
Attaches the confirmed transaction hash as revocation metadata when submitting
permissionsProvider_submitRevocation, updating types, controller logic, tests, and changelog.src/GatorPermissionsController.ts)transactionConfirmed, parsetransactionMeta.hashand pass it asrevocationMetadata.txHashinsubmitRevocation.revocationMetadatainsubmitRevocationparams; logs when hash is missing.src/types.ts)RevocationMetadataand optionalrevocationMetadatatoRevocationParams.src/GatorPermissionsController.test.ts)permissionsProvider_submitRevocationreceivesrevocationMetadata.txHashafter confirmation.Written by Cursor Bugbot for commit 378443a. This will update automatically on new commits. Configure here.