Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Fully remove eth_sign #24756

Merged
merged 42 commits into from
Aug 1, 2024
Merged

chore: Fully remove eth_sign #24756

merged 42 commits into from
Aug 1, 2024

Conversation

adonesky1
Copy link
Contributor

@adonesky1 adonesky1 commented May 23, 2024

Explanation

Months ago, because of phishing risk, we disabled the eth_sign API method by default (users could manually enable it with a preference toggle). Now because of additional risk associated with potentially malicious EIP-3074 invokers we are fully removing support for this method.

This PR introduces the changes to @metamask/signature-controller and @metamask/preferences-controller from MetaMask/core#4319 which remove eth_sign related infrastructure.

Additionally it removes all instances of eth_sign components and references from the extension codebase.

References

Manual testing steps

  1. Go to the e2e test dapp
  2. Connect the wallet
  3. Scroll down to the Eth Sign card (https://metamask.github.io/test-dapp/#ethSign)
  4. Click Sign
  5. You should see Error: The method "eth_sign" does not exist / is not available.

Pre-merge author checklist

  • I’ve followed MetaMask Coding Standards.
  • I've completed the PR template to the best of my ability
  • I’ve included tests if applicable
  • I’ve documented my code using JSDoc format if applicable
  • I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

  • I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
  • I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

Copy link
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@adonesky1 adonesky1 changed the title Ad/remove eth sign chore: Fully remove eth_sign May 23, 2024
@adonesky1 adonesky1 force-pushed the ad/remove-eth_sign branch from 036e0c6 to 2256e62 Compare June 25, 2024 17:28
@adonesky1 adonesky1 force-pushed the ad/remove-eth_sign branch from 641c3e5 to dd98d96 Compare July 18, 2024 20:25
Copy link

socket-security bot commented Jul 18, 2024

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@metamask/logging-controller@5.0.0 None 0 84.6 kB metamaskbot
npm/@metamask/signature-controller@17.0.0 None 0 221 kB metamaskbot

🚮 Removed packages: npm/@metamask/logging-controller@3.0.1, npm/@metamask/signature-controller@16.0.0

View full report↗︎

@adonesky1
Copy link
Contributor Author

@metamaskbot update-policies

@metamaskbot
Copy link
Collaborator

Policies updated

@adonesky1 adonesky1 force-pushed the ad/remove-eth_sign branch from 408b612 to 60271aa Compare July 18, 2024 21:16
@adonesky1 adonesky1 force-pushed the ad/remove-eth_sign branch from 9992fc4 to 6c131d4 Compare July 19, 2024 16:35
@adonesky1 adonesky1 requested a review from jiexi July 29, 2024 19:15
jiexi
jiexi previously approved these changes Jul 29, 2024
this.preferencesController.store.getState()
?.disabledRpcMethodPreferences?.eth_sign,
// TODO remove this option
isEthSignEnabled: () => false,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we remove this now?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. Not sure why but I thought I'd forgotten to remove it as an option so was going to loop back to it but it can be remove removed now.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@@ -63,10 +27,21 @@ const props = {
txData: {
msgParams: {
from: address,
data: MOCK_SIGN_DATA,
data: [
Copy link
Member

@FrederikBolding FrederikBolding Jul 30, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why the change in test data here? IIRC the data is stringified like MOCK_SIGN_DATA

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So I didn't change the way the data was formatted in the actual component for eth_signTypedData see here... I agree this doesn't seem right. But as you can see here, this data is expected to be mappable. So what I've done here is preserve the existing behavior but make the test pass because of expectations embedded in the component that I didn't necessarily want to dig further into because of 👇

A few things. This component is technically deprecated and slated for removal shortly. I'm not clear on the original API method signature for eth_signTypedData (v1) since EIP-712 doesn't have a changelog...

@@ -313,10 +311,6 @@ export default class SignatureRequestOriginal extends Component {
history.push(mostRecentOverviewPage);
}}
onSubmit={async () => {
if (txData.type === MESSAGE_TYPE.ETH_SIGN) {
return this.setState({ showSignatureRequestWarning: true });
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't we delete the state and component for showSignatureRequestWarning too?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updatedMsgParams as PersonalMessageParams,
req as OriginalRequest,
);
return undefined;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Perhaps just throwing here is simpler?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

gantunesr
gantunesr previously approved these changes Jul 30, 2024
Copy link
Member

@gantunesr gantunesr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved for team-accounts.

Just reviewed the file snap-keyring/metrics.test.ts

@adonesky1 adonesky1 dismissed stale reviews from FrederikBolding and gantunesr via 7c1a3b8 July 31, 2024 14:44
Copy link

@metamaskbot
Copy link
Collaborator

Builds ready [7c1a3b8]
Page Load Metrics (207 ± 218 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint573101025727
domContentLoaded96021157
load371600207454218
domInteractive96021157
Bundle size diffs [🚀 Bundle size reduced!]
  • background: -8.63 KiB (-0.25%)
  • ui: -12.09 KiB (-0.17%)
  • common: -2.47 KiB (-0.04%)

@adonesky1 adonesky1 requested a review from gantunesr July 31, 2024 16:51
Copy link
Member

@gantunesr gantunesr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved for team-accounts.

Just reviewed the file snap-keyring/metrics.test.ts

return await this.signatureController.newUnsignedPersonalMessage(
updatedMsgParams as PersonalMessageParams,
req as OriginalRequest,
);
}
return await this.signatureController.newUnsignedMessage(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adonesky1, the only thing I'm afraid of in this PR is the removal of this newUnsignedMessage for the custodian accounts. Let me talk with the team first. cc @zone-live @shane-t

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not concerned about it, because it willy only be true if the method is eth_sign based on the other conditions in the block.

@adonesky1 adonesky1 merged commit 757b699 into develop Aug 1, 2024
75 checks passed
@adonesky1 adonesky1 deleted the ad/remove-eth_sign branch August 1, 2024 14:15
@github-actions github-actions bot locked and limited conversation to collaborators Aug 1, 2024
@metamaskbot metamaskbot added the release-12.4.0 Issue or pull request that will be included in release 12.4.0 label Aug 1, 2024
@gauthierpetetin gauthierpetetin added release-12.3.0 Issue or pull request that will be included in release 12.3.0 and removed release-12.4.0 Issue or pull request that will be included in release 12.4.0 labels Sep 11, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
INVALID-PR-TEMPLATE PR's body doesn't match template release-12.3.0 Issue or pull request that will be included in release 12.3.0 team-wallet-api-platform
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.