release(runway): cherry-pick fix: cp-13.2.0 Make SnapsNameProvider respect the chainIds caveat (#35509)

- fix: cp-13.2.0 Make SnapsNameProvider respect the chainIds caveat
(#35477)

<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->

## **Description**

Previously the SnapsNameProvider would not respect the `chainIds` caveat
when specified by the Snap, this would result in calls to the Snap that
it is not expecting and could crash it. In production this crashes the
Solana Snap.

[![Open in GitHub

Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/MetaMask/metamask-extension/pull/35477?quickstart=1)

## **Related issues**

Fixes: #35473
Fixes: #35364
[62e1a87](62e1a87)

Co-authored-by: Frederik Bolding <[email protected]>

Author: runway-github[bot]

app/scripts/lib/SnapsNameProvider.test.ts

@@ -1,5 +1,5 @@
 import { NameType } from '@metamask/name-controller';
-import { HandlerType } from '@metamask/snaps-utils';
+import { HandlerType, SnapCaveatType } from '@metamask/snaps-utils';
 import {
   GetAllSnaps,
   GetSnap,
@@ -39,6 +39,13 @@ const SNAP_MOCK_3 = {
   },
 };
 
+const SNAP_MOCK_4 = {
+  id: 'testSnap4',
+  manifest: {
+    proposedName: 'Test Snap 4',
+  },
+};
+
 function createMockMessenger({
   getAllSnaps,
   getSnap,
@@ -56,7 +63,9 @@ function createMockMessenger({
     // TODO: Fix in https://github.com/MetaMask/metamask-extension/issues/31880
     // eslint-disable-next-line @typescript-eslint/prefer-nullish-coalescing
     getAllSnaps ||
-    jest.fn().mockReturnValue([SNAP_MOCK, SNAP_MOCK_2, SNAP_MOCK_3]);
+    jest
+      .fn()
+      .mockReturnValue([SNAP_MOCK, SNAP_MOCK_2, SNAP_MOCK_3, SNAP_MOCK_4]);
 
   const getSnapMock =
     // TODO: Fix in https://github.com/MetaMask/metamask-extension/issues/31880
@@ -65,7 +74,9 @@ function createMockMessenger({
     jest
       .fn()
       .mockImplementation((snapId) =>
-        [SNAP_MOCK, SNAP_MOCK_2, SNAP_MOCK_3].find(({ id }) => id === snapId),
+        [SNAP_MOCK, SNAP_MOCK_2, SNAP_MOCK_3, SNAP_MOCK_4].find(
+          ({ id }) => id === snapId,
+        ),
       );
 
   const handleSnapRequestMock =
@@ -79,9 +90,21 @@ function createMockMessenger({
     getPermissionControllerState ||
     jest.fn().mockReturnValue({
       subjects: {
-        [SNAP_MOCK.id]: { permissions: { 'endowment:name-lookup': true } },
-        [SNAP_MOCK_2.id]: { permissions: { 'endowment:name-lookup': true } },
+        [SNAP_MOCK.id]: { permissions: { 'endowment:name-lookup': {} } },
+        [SNAP_MOCK_2.id]: { permissions: { 'endowment:name-lookup': {} } },
         [SNAP_MOCK_3.id]: { permissions: {} },
+        [SNAP_MOCK_4.id]: {
+          permissions: {
+            'endowment:name-lookup': {
+              caveats: [
+                {
+                  type: SnapCaveatType.ChainIds,
+                  value: ['solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp'],
+                },
+              ],
+            },
+          },
+        },
       },
     });
 
@@ -122,12 +145,17 @@ describe('SnapsNameProvider', () => {
       const { sourceIds, sourceLabels } = metadata;
 
       expect(sourceIds).toStrictEqual({
-        [NameType.ETHEREUM_ADDRESS]: [SNAP_MOCK.id, SNAP_MOCK_2.id],
+        [NameType.ETHEREUM_ADDRESS]: [
+          SNAP_MOCK.id,
+          SNAP_MOCK_2.id,
+          SNAP_MOCK_4.id,
+        ],
       });
 
       expect(sourceLabels).toStrictEqual({
         [SNAP_MOCK.id]: SNAP_MOCK.manifest.proposedName,
         [SNAP_MOCK_2.id]: SNAP_MOCK_2.manifest.proposedName,
+        [SNAP_MOCK_4.id]: SNAP_MOCK_4.manifest.proposedName,
       });
     });
   });

app/scripts/lib/SnapsNameProvider.ts

@@ -10,6 +10,8 @@ import { GetPermissionControllerState } from '@metamask/permission-controller';
 import {
   AddressLookupArgs,
   AddressLookupResult,
+  CaipChainId,
+  SnapId,
   Snap as TruncatedSnap,
 } from '@metamask/snaps-sdk';
 import { HandlerType } from '@metamask/snaps-utils';
@@ -20,6 +22,7 @@ import {
   HandleSnapRequest,
 } from '@metamask/snaps-controllers';
 import { RestrictedMessenger } from '@metamask/base-controller';
+import { getChainIdsCaveat } from '@metamask/snaps-rpc-methods';
 
 type AllowedActions =
   | GetAllSnaps
@@ -73,10 +76,15 @@ export class SnapsNameProvider implements NameProvider {
   async getProposedNames(
     request: NameProviderRequest,
   ): Promise<NameProviderResult> {
-    const nameSnaps = this.#getNameLookupSnaps();
+    const { variation: chainIdHex, value } = request;
+    const caipChainId = `eip155:${parseInt(chainIdHex, 16)}` as CaipChainId;
+
+    const nameSnaps = this.#getNameLookupSnaps(caipChainId);
 
     const snapResults = await Promise.all(
-      nameSnaps.map((snap) => this.#getSnapProposedName(snap, request)),
+      nameSnaps.map((snap) =>
+        this.#getSnapProposedName(snap.id, caipChainId, value),
+      ),
     );
 
     const results = snapResults.reduce(
@@ -93,29 +101,41 @@ export class SnapsNameProvider implements NameProvider {
     return { results };
   }
 
-  #getNameLookupSnaps(): TruncatedSnap[] {
+  #getNameLookupSnaps(chainId?: string): TruncatedSnap[] {
     const permissionSubjects = this.#messenger.call(
       'PermissionController:getState',
     ).subjects;
 
     const snaps = this.#messenger.call('SnapController:getAll');
 
-    return snaps.filter(
-      ({ id }) => permissionSubjects[id]?.permissions['endowment:name-lookup'],
-    );
+    return snaps.filter(({ id }) => {
+      const permission =
+        permissionSubjects[id]?.permissions['endowment:name-lookup'];
+
+      if (!permission) {
+        return false;
+      }
+
+      const chainIdCaveat = getChainIdsCaveat(permission);
+
+      if (chainId && chainIdCaveat && !chainIdCaveat.includes(chainId)) {
+        return false;
+      }
+
+      return true;
+    });
   }
 
   async #getSnapProposedName(
-    snap: TruncatedSnap,
-    request: NameProviderRequest,
+    snapId: SnapId,
+    caipChainId: CaipChainId,
+    address: string,
   ): Promise<{ sourceId: string; result: NameProviderSourceResult }> {
-    const { variation: chainIdHex, value } = request;
-    const sourceId = snap.id;
-    const chainIdDecimal = parseInt(chainIdHex, 16);
+    const sourceId = snapId;
 
     const nameLookupRequest: AddressLookupArgs = {
-      chainId: `eip155:${chainIdDecimal}`,
-      address: value,
+      chainId: caipChainId,
+      address,
     };
 
     let proposedNames;
@@ -125,7 +145,7 @@ export class SnapsNameProvider implements NameProvider {
       const result = (await this.#messenger.call(
         'SnapController:handleRequest',
         {
-          snapId: snap.id,
+          snapId,
           origin: 'metamask',
           handler: HandlerType.OnNameLookup,
           request: {
@@ -144,7 +164,7 @@ export class SnapsNameProvider implements NameProvider {
         : [];
     } catch (error) {
       log.error('Snap name provider request failed', {
-        snapId: snap.id,
+        snapId,
         request: nameLookupRequest,
         error,
       });

privacy-snapshot.json

@@ -2,6 +2,7 @@
   "accounts.api.cx.metamask.io",
   "acl.execution.metamask.io",
   "api.devnet.solana.com",
+  "api.etherscan.io",
   "api.lens.dev",
   "api.segment.io",
   "api.simplehash.com",

test/e2e/tests/petnames/petnames-signatures.spec.ts

@@ -94,6 +94,7 @@ describe('Petnames - Signatures', function (this: Suite) {
         fixtures: new FixtureBuilder()
           .withPermissionControllerConnectedToTestDapp()
           .withNoNames()
+          .withNetworkControllerOnMainnet()
           .build(),
         testSpecificMock: mockLookupSnap,
         title: this.test?.fullTitle(),
@@ -112,7 +113,7 @@ describe('Petnames - Signatures', function (this: Suite) {
         await driver.switchToWindowWithTitle(WINDOW_TITLES.Dialog);
         await confirmation.checkProposedNames('0xCD2a3...DD826', [
           ['test.lens', 'Lens Protocol'],
-          ['cd2.1337.test.domain', 'Name Lookup Example Snap'],
+          ['cd2.1.test.domain', 'Name Lookup Example Snap'],
         ]);
       },
     );