feat: SIP-26 Integration (#29887)

[![Open in GitHub
Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/MetaMask/metamask-extension/pull/29887?quickstart=1)

General Testing:
- Run this in a flask build
- Create Solana Accounts
- Go to the [Multichain Test
Dapp](https://metamask.github.io/test-dapp-multichain/latest/) (which
now supports Solana!):

[Video Demo of Testing with the Test
Dapp](https://github.com/user-attachments/assets/0e785597-7237-4d05-9192-f06ef9617601)



## **Related issues**

Ticket:
https://github.com/orgs/MetaMask/projects/146/views/6?pane=issue&itemId=94617458&issue=MetaMask%7CMetaMask-planning%7C3989
Upstream Extension:
#27782
Core: MetaMask/core#5191


## **Screenshots/Recordings**

<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->

### **Before**

<!-- [screenshots/recordings] -->

### **After**

<!-- [screenshots/recordings] -->

## **Pre-merge author checklist**

- [ ] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask
Extension Coding
Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [ ] I've completed the PR template to the best of my ability
- [ ] I’ve included tests if applicable
- [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [ ] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.

---------

Co-authored-by: Christian Montoya <[email protected]>
Co-authored-by: Alex <[email protected]>
Co-authored-by: Frederik Bolding <[email protected]>
Co-authored-by: Elliot Winkler <[email protected]>

Author: 5 people

app/build-types/beta/manifest/_base.json

@@ -11,6 +11,10 @@
     },
     "default_title": "MetaMask Beta"
   },
+  "externally_connectable": {
+    "matches": ["http://*/*", "https://*/*"],
+    "ids": ["*"]
+  },
   "icons": {
     "16": "images/icon-16.png",
     "19": "images/icon-19.png",

app/scripts/controllers/permissions/background-api.js

@@ -6,16 +6,24 @@ import {
 import {
   Caip25CaveatType,
   Caip25EndowmentPermissionName,
-  getEthAccounts,
-  setEthAccounts,
-  getPermittedEthChainIds,
-  setPermittedEthChainIds,
-} from '@metamask/multichain';
+  setPermittedChainIds,
+  setPermittedAccounts,
+} from '@metamask/chain-agnostic-permission';
 import { isSnapId } from '@metamask/snaps-utils';
+import { parseCaipAccountId, parseCaipChainId } from '@metamask/utils';
+import {
+  getCaipAccountIdsFromCaip25CaveatValue,
+  isInternalAccountInPermittedAccountIds,
+} from '../../../../shared/lib/multichain/chain-agnostic-permission-utils/caip-accounts';
+import { getAllScopesFromCaip25CaveatValue } from '../../../../shared/lib/multichain/chain-agnostic-permission-utils/caip-chainids';
+import { getNetworkConfigurationsByCaipChainId } from '../../../../shared/modules/selectors/networks';
 
 export function getPermissionBackgroundApiMethods({
   permissionController,
   approvalController,
+  accountsController,
+  networkController,
+  multichainNetworkController,
 }) {
   // Returns the CAIP-25 caveat or undefined if it does not exist
   const getCaip25Caveat = (origin) => {
@@ -38,30 +46,98 @@ export function getPermissionBackgroundApiMethods({
   };
 
   // To add more than one account when already connected to the dapp
-  const addMoreAccounts = (origin, accounts) => {
+  const addMoreAccounts = (origin, addresses) => {
     const caip25Caveat = getCaip25Caveat(origin);
     if (!caip25Caveat) {
       throw new Error(
         `Cannot add account permissions for origin "${origin}": no permission currently exists for this origin.`,
       );
     }
 
-    const ethAccounts = getEthAccounts(caip25Caveat.value);
+    const internalAccounts = addresses.map((address) => {
+      return accountsController.getAccountByAddress(address);
+    });
+
+    // Only the first scope in the scopes array is needed because
+    // setPermittedAccounts currently sets accounts on all matching
+    // namespaces, not just the exact CaipChainId.
+    const caipAccountIds = internalAccounts.map((internalAccount) => {
+      return `${internalAccount.scopes[0]}:${internalAccount.address}`;
+    });
 
-    const updatedEthAccounts = Array.from(
-      new Set([...ethAccounts, ...accounts]),
+    const existingPermittedAccountIds = getCaipAccountIdsFromCaip25CaveatValue(
+      caip25Caveat.value,
     );
 
-    const updatedCaveatValue = setEthAccounts(
+    const existingPermittedChainIds = getAllScopesFromCaip25CaveatValue(
       caip25Caveat.value,
-      updatedEthAccounts,
+    );
+
+    const updatedAccountIds = Array.from(
+      new Set([...existingPermittedAccountIds, ...caipAccountIds]),
+    );
+
+    let updatedPermittedChainIds = [...existingPermittedChainIds];
+
+    const allNetworksList = Object.keys(
+      getNetworkConfigurationsByCaipChainId({
+        networkConfigurationsByChainId:
+          networkController.state.networkConfigurationsByChainId,
+        multichainNetworkConfigurationsByChainId:
+          multichainNetworkController.state
+            .multichainNetworkConfigurationsByChainId,
+        internalAccounts: accountsController.state.internalAccounts,
+      }),
+    );
+
+    updatedAccountIds.forEach((caipAccountAddress) => {
+      const {
+        chain: { namespace: accountNamespace },
+      } = parseCaipAccountId(caipAccountAddress);
+
+      const existsSelectedChainForNamespace = updatedPermittedChainIds.some(
+        (caipChainId) => {
+          try {
+            const { namespace: chainNamespace } = parseCaipChainId(caipChainId);
+            return accountNamespace === chainNamespace;
+          } catch (err) {
+            return false;
+          }
+        },
+      );
+
+      if (!existsSelectedChainForNamespace) {
+        const chainIdsForNamespace = allNetworksList.filter((caipChainId) => {
+          try {
+            const { namespace: chainNamespace } = parseCaipChainId(caipChainId);
+            return accountNamespace === chainNamespace;
+          } catch (err) {
+            return false;
+          }
+        });
+
+        updatedPermittedChainIds = [
+          ...updatedPermittedChainIds,
+          ...chainIdsForNamespace,
+        ];
+      }
+    });
+
+    const updatedCaveatValueWithChainIds = setPermittedChainIds(
+      caip25Caveat.value,
+      updatedPermittedChainIds,
+    );
+
+    const updatedCaveatValueWithAccountIds = setPermittedAccounts(
+      updatedCaveatValueWithChainIds,
+      updatedAccountIds,
     );
 
     permissionController.updateCaveat(
       origin,
       Caip25EndowmentPermissionName,
       Caip25CaveatType,
-      updatedCaveatValue,
+      updatedCaveatValueWithAccountIds,
     );
   };
 
@@ -73,22 +149,26 @@ export function getPermissionBackgroundApiMethods({
       );
     }
 
-    const ethChainIds = getPermittedEthChainIds(caip25Caveat.value);
+    const updatedChainIds = Array.from(
+      new Set([
+        ...getAllScopesFromCaip25CaveatValue(caip25Caveat.value),
+        ...chainIds,
+      ]),
+    );
 
-    const updatedEthChainIds = Array.from(
-      new Set([...ethChainIds, ...chainIds]),
+    const caveatValueWithChainIds = setPermittedChainIds(
+      caip25Caveat.value,
+      updatedChainIds,
     );
 
-    const caveatValueWithChains = setPermittedEthChainIds(
+    const permittedAccountIds = getCaipAccountIdsFromCaip25CaveatValue(
       caip25Caveat.value,
-      updatedEthChainIds,
     );
 
-    // ensure that the list of permitted eth accounts is set for the newly added eth scopes
-    const ethAccounts = getEthAccounts(caveatValueWithChains);
-    const caveatValueWithAccountsSynced = setEthAccounts(
-      caveatValueWithChains,
-      ethAccounts,
+    // ensure that the list of permitted accounts is set for the newly added scopes
+    const caveatValueWithAccountsSynced = setPermittedAccounts(
+      caveatValueWithChainIds,
+      permittedAccountIds,
     );
 
     permissionController.updateCaveat(
@@ -147,33 +227,41 @@ export function getPermissionBackgroundApiMethods({
     addPermittedAccounts: (origin, accounts) =>
       addMoreAccounts(origin, accounts),
 
-    removePermittedAccount: (origin, account) => {
+    removePermittedAccount: (origin, address) => {
       const caip25Caveat = getCaip25Caveat(origin);
       if (!caip25Caveat) {
         throw new Error(
-          `Cannot remove account "${account}": No permissions exist for origin "${origin}".`,
+          `Cannot remove account "${address}": No permissions exist for origin "${origin}".`,
         );
       }
 
-      const existingAccounts = getEthAccounts(caip25Caveat.value);
+      const existingAccountIds = getCaipAccountIdsFromCaip25CaveatValue(
+        caip25Caveat.value,
+      );
 
-      const remainingAccounts = existingAccounts.filter(
-        (existingAccount) => existingAccount !== account,
+      const internalAccount = accountsController.getAccountByAddress(address);
+
+      const remainingAccountIds = existingAccountIds.filter(
+        (existingAccountId) => {
+          return !isInternalAccountInPermittedAccountIds(internalAccount, [
+            existingAccountId,
+          ]);
+        },
       );
 
-      if (remainingAccounts.length === existingAccounts.length) {
+      if (remainingAccountIds.length === existingAccountIds.length) {
         return;
       }
 
-      if (remainingAccounts.length === 0) {
+      if (remainingAccountIds.length === 0) {
         permissionController.revokePermission(
           origin,
           Caip25EndowmentPermissionName,
         );
       } else {
-        const updatedCaveatValue = setEthAccounts(
+        const updatedCaveatValue = setPermittedAccounts(
           caip25Caveat.value,
-          remainingAccounts,
+          remainingAccountIds,
         );
         permissionController.updateCaveat(
           origin,
@@ -196,13 +284,15 @@ export function getPermissionBackgroundApiMethods({
         );
       }
 
-      const existingEthChainIds = getPermittedEthChainIds(caip25Caveat.value);
+      const existingChainIds = getAllScopesFromCaip25CaveatValue(
+        caip25Caveat.value,
+      );
 
-      const remainingChainIds = existingEthChainIds.filter(
+      const remainingChainIds = existingChainIds.filter(
         (existingChainId) => existingChainId !== chainId,
       );
 
-      if (remainingChainIds.length === existingEthChainIds.length) {
+      if (remainingChainIds.length === existingChainIds.length) {
         return;
       }
 
@@ -212,7 +302,7 @@ export function getPermissionBackgroundApiMethods({
           Caip25EndowmentPermissionName,
         );
       } else {
-        const updatedCaveatValue = setPermittedEthChainIds(
+        const updatedCaveatValue = setPermittedChainIds(
           caip25Caveat.value,
           remainingChainIds,
         );