Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wallet revoke permissions #145

Merged
merged 12 commits into from
Nov 20, 2023
Merged

Wallet revoke permissions #145

Changes from 2 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
5c25773
feat(wallet): Add wallet_revokePermissions JSON-RPC method
alaahd Jun 5, 2023
c87df1f
Merge branch 'main' of github.com:MetaMask/api-specs into wallet-revo…
alaahd Jun 5, 2023
3c0d28b
update the list of optional params for wallet_revokePermissions
alaahd Jun 8, 2023
c9ed7b8
update the description of wallet_revokePermissions
alaahd Jun 8, 2023
d2ef2ef
update wallet_revokePermissions method to allow revoking permissions …
alaahd Jul 11, 2023
b2a3cd3
Merge branch 'main' of github.com:MetaMask/api-specs into wallet-revo…
alaahd Jul 11, 2023
c473b54
Changed revokePermissions to better follow the internal API
shanejonas Nov 15, 2023
5790f1c
Merge branch 'main' into wallet-revoke-permissions
shanejonas Nov 15, 2023
0656f06
Added titles to Caveats and Caveat
shanejonas Nov 15, 2023
5a4e769
Update openrpc.json
shanejonas Nov 16, 2023
803b26d
Update openrpc.json
shanejonas Nov 16, 2023
4b63391
Changed PermissionObject to be its own schema and re-use across reque…
shanejonas Nov 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 67 additions & 0 deletions openrpc.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -283,6 +283,73 @@
}
]
},
{
"name": "wallet_revokePermissions",
"tags": [
{
"$ref": "#/components/tags/MetaMask"
}
],
"summary": "Revoke existing permissions.",
"description": "Revoke permissions from the user",
shanejonas marked this conversation as resolved.
Show resolved Hide resolved
"paramStructure": "by-name",
shanejonas marked this conversation as resolved.
Show resolved Hide resolved
"params": [
{
"name": "accounts",
shanejonas marked this conversation as resolved.
Show resolved Hide resolved
"description": "If not provided, all permissions for the specified invoker will be revoked. Alternatively, if permissions list is provided, the method will delete permissions for each of the passed IDs",
"required": false,
"schema": {
"title": "optionalAccountsArray",
"type": "array",
"description": "Optional list of account addresses to be revoked",
"items": {
"$ref": "#/components/schemas/address"
}
}
}
],
"result": {
"name": "UpdatedPermissionsAfterRevoke",
"description": "The list of the revoked permissions objects",
shanejonas marked this conversation as resolved.
Show resolved Hide resolved
"schema": {
"$ref": "#/components/schemas/PermissionsList"
}
},
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this response is expected for a dApp that was already connected previously, will the wallet_revokePermissions RPC method will only be accessible to dApps who are connected (ie: its a restricted method)?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It could. It doesn't have to be though, it could just return an empty array if there are no existing permissions.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just saw the update to the description. Makes sense now 👍

If we are allowing this method without being connected, we should ensure its resistant to timing attacks which can reveal if a specific snap or account exists on the device.

"errors": [
{
"code": 404,
shanejonas marked this conversation as resolved.
Show resolved Hide resolved
"message": "revoked permission was not found"
}
],
"examples": [
{
"name": "wallet_revokePermissions example of revoking all permissions",
"params": [
{
"name": "accounts",
"value": ["0x71c7656ec7ab88b098defb751b7401b5f6d8976f"]
}
],
"result": {
"name": "UpdatedPermissionsAfterRevoke",
"value": []
}
},
{
"name": "wallet_revokePermissions example of revoking specific account address",
"params": [
{
"name": "accounts",
"value": []
}
],
"result": {
"name": "UpdatedPermissionsAfterRevoke",
"value": []
}
}
]
},
{
"tags": [
{
Expand Down