Merge pull request #31612 from MetaMask/Version-v12.15.2

Version v12.15.2 RC

Author: Gudahtt

.yarn/patches/@metamask-signature-controller-npm-26.0.0-ecbc8b6cda.patch

@@ -0,0 +1,30 @@
+diff --git a/dist/utils/validation.cjs b/dist/utils/validation.cjs
+index eb116f75643a6607af10eb1669aaabfb48159826..349937fca246b26deac4a428fb3ad93dc7e18a6e 100644
+--- a/dist/utils/validation.cjs
++++ b/dist/utils/validation.cjs
+@@ -150,7 +150,9 @@ function validateAddress(address, propertyName) {
+ function validateVerifyingContract({ data, internalAccounts, origin, }) {
+     const verifyingContract = data?.domain?.verifyingContract;
+     const isExternal = origin && origin !== approval_controller_1.ORIGIN_METAMASK;
+-    if (isExternal &&
++    if (verifyingContract &&
++        typeof verifyingContract === 'string' &&
++        isExternal &&
+         internalAccounts.some((internalAccount) => internalAccount.toLowerCase() === verifyingContract.toLowerCase())) {
+         throw new Error(`External signature requests cannot use internal accounts as the verifying contract.`);
+     }
+diff --git a/dist/utils/validation.mjs b/dist/utils/validation.mjs
+index 58b55c134527537c0ef1f44876afcf2939e9ed53..d4af6e8a1e8fff08e422ebfa6b9f444dc24c8632 100644
+--- a/dist/utils/validation.mjs
++++ b/dist/utils/validation.mjs
+@@ -145,7 +145,9 @@ function validateAddress(address, propertyName) {
+ function validateVerifyingContract({ data, internalAccounts, origin, }) {
+     const verifyingContract = data?.domain?.verifyingContract;
+     const isExternal = origin && origin !== ORIGIN_METAMASK;
+-    if (isExternal &&
++    if (verifyingContract &&
++        typeof verifyingContract === 'string' &&
++        isExternal &&
+         internalAccounts.some((internalAccount) => internalAccount.toLowerCase() === verifyingContract.toLowerCase())) {
+         throw new Error(`External signature requests cannot use internal accounts as the verifying contract.`);
+     }

CHANGELOG.md

@@ -6,6 +6,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [12.15.2]
+### Added
+- Add icon image for Lens network ([#31638](https://github.com/MetaMask/metamask-extension/pull/31638))
+
+### Fixed
+- Allow verifyingContract to be omitted from EIP-712 signatures ([#31613](https://github.com/MetaMask/metamask-extension/pull/31613))
+
 ## [12.15.1]
 ### Fixed
 - Re-fix state corruption resulting in inability to create/add accounts – previously fixed in 12.14.2 ([31274])(https://github.com/MetaMask/metamask-extension/pull/31274))
@@ -5884,7 +5891,8 @@ Update styles and spacing on the critical error page  ([#20350](https://github.c
 - Added the ability to restore accounts from seed words.
 
 
-[Unreleased]: https://github.com/MetaMask/metamask-extension/compare/v12.15.1...HEAD
+[Unreleased]: https://github.com/MetaMask/metamask-extension/compare/v12.15.2...HEAD
+[12.15.2]: https://github.com/MetaMask/metamask-extension/compare/v12.15.1...v12.15.2
 [12.15.1]: https://github.com/MetaMask/metamask-extension/compare/v12.15.0...v12.15.1
 [12.15.0]: https://github.com/MetaMask/metamask-extension/compare/v12.14.2...v12.15.0
 [12.14.2]: https://github.com/MetaMask/metamask-extension/compare/v12.14.1...v12.14.2

app/images/lens-native.svg

@@ -1,6 +1,6 @@
 {
   "name": "metamask-crx",
-  "version": "12.15.1",
+  "version": "12.15.2",
   "private": true,
   "repository": {
     "type": "git",
@@ -318,7 +318,7 @@
     "@metamask/safe-event-emitter": "^3.1.1",
     "@metamask/scure-bip39": "^2.0.3",
     "@metamask/selected-network-controller": "^19.0.0",
-    "@metamask/signature-controller": "^26.0.0",
+    "@metamask/signature-controller": "patch:@metamask/signature-controller@npm%3A26.0.0#~/.yarn/patches/@metamask-signature-controller-npm-26.0.0-ecbc8b6cda.patch",
     "@metamask/smart-transactions-controller": "^16.1.0",
     "@metamask/snaps-controllers": "^10.0.1",
     "@metamask/snaps-execution-environments": "^7.0.0",

app/images/lens.png

@@ -181,6 +181,7 @@ export const CHAIN_IDS = {
   MODE_SEPOLIA: '0x397',
   MODE: '0x868b',
   MEGAETH_TESTNET: '0x18c6',
+  LENS: '0xe8',
 } as const;
 
 export const CHAINLIST_CHAIN_IDS_MAP = {
@@ -306,6 +307,7 @@ export const INK_DISPLAY_NAME = 'Ink Mainnet';
 export const SONEIUM_DISPLAY_NAME = 'Soneium Mainnet';
 export const MODE_SEPOLIA_DISPLAY_NAME = 'Mode Sepolia';
 export const MODE_DISPLAY_NAME = 'Mode Mainnet';
+export const LENS_DISPLAY_NAME = 'Lens';
 
 export const infuraProjectId = process.env.INFURA_PROJECT_ID;
 export const getRpcUrl = ({
@@ -362,6 +364,7 @@ export const CURRENCY_SYMBOLS = {
   GLIMMER: 'GLMR',
   MOONRIVER: 'MOVR',
   ONE: 'ONE',
+  LENS: 'GHO',
 } as const;
 
 // Non-EVM currency symbols
@@ -529,6 +532,8 @@ export const MODE_SEPOLIA_IMAGE_URL = './images/mode-sepolia.svg';
 export const MODE_IMAGE_URL = './images/mode.svg';
 export const UNICHAIN_IMAGE_URL = './images/unichain.svg';
 export const MEGAETH_TESTNET_IMAGE_URL = './images/MegaETH-logo-testnet.png';
+export const LENS_IMAGE_URL = './images/lens.png';
+export const LENS_NATIVE_TOKEN_IMAGE_URL = './images/lens-native.svg';
 
 export const INFURA_PROVIDER_TYPES = [
   NETWORK_TYPES.MAINNET,
@@ -650,6 +655,7 @@ export const NETWORK_TO_NAME_MAP = {
   [CHAIN_IDS.LISK]: LISK_DISPLAY_NAME,
   [CHAIN_IDS.LISK_SEPOLIA]: LISK_SEPOLIA_DISPLAY_NAME,
   [CHAIN_IDS.MEGAETH_TESTNET]: MEGAETH_TESTNET_DISPLAY_NAME,
+  [CHAIN_IDS.LENS]: LENS_DISPLAY_NAME,
 } as const;
 
 export const CHAIN_ID_TO_CURRENCY_SYMBOL_MAP = {
@@ -777,6 +783,7 @@ export const CHAIN_ID_TO_CURRENCY_SYMBOL_MAP = {
     CHAINLIST_CURRENCY_SYMBOLS_MAP.SONEIUM_TESTNET,
   [CHAINLIST_CHAIN_IDS_MAP.MEGAETH_TESTNET]:
     TEST_NETWORK_TICKER_MAP[NETWORK_TYPES.MEGAETH_TESTNET],
+  [CHAIN_IDS.LENS]: CURRENCY_SYMBOLS.LENS,
 } as const;
 
 /**
@@ -909,6 +916,7 @@ export const CHAIN_ID_TO_NETWORK_IMAGE_URL_MAP: Record<Hex, string> = {
   [CHAINLIST_CHAIN_IDS_MAP.MODE]: MODE_IMAGE_URL,
   [CHAINLIST_CHAIN_IDS_MAP.UNICHAIN]: UNICHAIN_IMAGE_URL,
   [CHAINLIST_CHAIN_IDS_MAP.UNICHAIN_SEPOLIA]: UNICHAIN_IMAGE_URL,
+  [CHAIN_IDS.LENS]: LENS_IMAGE_URL,
 } as const;
 
 export const CHAIN_ID_TO_ETHERS_NETWORK_NAME_MAP = {
@@ -958,6 +966,7 @@ export const CHAIN_ID_TOKEN_IMAGE_MAP = {
   [CHAINLIST_CHAIN_IDS_MAP.FUNKICHAIN]: ETH_TOKEN_IMAGE_URL,
   [CHAINLIST_CHAIN_IDS_MAP.UNICHAIN]: ETH_TOKEN_IMAGE_URL,
   [CHAINLIST_CHAIN_IDS_MAP.UNICHAIN_SEPOLIA]: ETH_TOKEN_IMAGE_URL,
+  [CHAIN_IDS.LENS]: LENS_NATIVE_TOKEN_IMAGE_URL,
 } as const;
 
 export const INFURA_BLOCKED_KEY = 'countryBlocked';

package.json

@@ -70,8 +70,18 @@ async function mockInfuraWithBenignResponses(mockServer) {
 
 async function mockInfuraWithMaliciousResponses(mockServer) {
   await mockInfura(mockServer);
+  const requestMock = {
+    method: 'eth_sendTransaction',
+    params: [
+      {
+        from: '0x5cfe73b6021e818b776b421b1c4db2474086a7e1',
+        to: '0x5fbdb2315678afecb367f032d93f642f64180aa3',
+        value: '0x9184e72a000',
+      },
+    ],
+  };
 
-  await mockRequest(mockServer, SEND_REQUEST_BASE_MOCK, {
+  await mockRequest(mockServer, requestMock, {
     block: 20733277,
     result_type: 'Malicious',
     reason: 'transfer_farming',

shared/constants/network.ts

@@ -2,6 +2,7 @@ const FixtureBuilder = require('../../fixture-builder');
 
 const { WINDOW_TITLES, unlockWallet, withFixtures } = require('../../helpers');
 const { mockServerJsonRpc } = require('./mocks/mock-server-json-rpc');
+const { SECURITY_ALERTS_PROD_API_BASE_URL } = require('./constants');
 
 const CONTRACT_ADDRESS = {
   WrappedEther: 'c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2',
@@ -78,6 +79,30 @@ async function mockInfura(mockServer) {
     ['eth_getCode'],
     ['eth_getTransactionCount'],
   ]);
+  mockSecurityAlertsRequest(mockServer);
+}
+
+async function mockSecurityAlertsRequest(server) {
+  const request = {
+    method: 'eth_signTypedData_v4',
+    params: ['0x5cfe73b6021e818b776b421b1c4db2474086a7e1'],
+  };
+
+  const response = {
+    statusCode: 201,
+    body: {
+      block: 20733277,
+      result_type: 'Malicious',
+      reason: 'transfer_farming',
+      description: '',
+      features: ['Interaction with a known malicious address'],
+    },
+  };
+
+  await server
+    .forPost(`${SECURITY_ALERTS_PROD_API_BASE_URL}/validate/0x1`)
+    .withJsonBodyIncluding(request)
+    .thenJson(response.statusCode ?? 201, response);
 }
 
 describe('PPOM Blockaid Alert - Set Trade farming order', function () {

test/e2e/tests/ppom/ppom-blockaid-alert-simple-send.spec.js

@@ -3,7 +3,7 @@ import path from 'path';
 import fs from 'fs-extra';
 import level from 'level';
 import { Driver } from './webdriver/driver';
-import { withFixtures, WALLET_PASSWORD } from './helpers';
+import { WALLET_PASSWORD, WINDOW_TITLES, withFixtures } from './helpers';
 import HeaderNavbar from './page-objects/pages/header-navbar';
 import HomePage from './page-objects/pages/home/homepage';
 import PrivacySettings from './page-objects/pages/settings/privacy-settings';
@@ -166,10 +166,11 @@ describe('Vault Decryptor Page', function () {
         await driver.waitUntilXWindowHandles(2);
 
         // we cannot use the customized driver functions as there is no socket for window communications in prod builds
-        const windowHandles = await driver.driver.getAllWindowHandles();
+        await driver.switchToWindowByTitleWithoutSocket(
+          WINDOW_TITLES.ExtensionInFullScreenView,
+        );
 
         // switch to MetaMask window and create a new vault through onboarding flow
-        await driver.driver.switchTo().window(windowHandles[2]);
         await completeCreateNewWalletOnboardingFlowWithCustomSettings({
           driver,
           password: WALLET_PASSWORD,
@@ -224,10 +225,11 @@ describe('Vault Decryptor Page', function () {
         await driver.waitUntilXWindowHandles(2);
 
         // we cannot use the customized driver functions as there is no socket for window communications in prod builds
-        const windowHandles = await driver.driver.getAllWindowHandles();
+        await driver.switchToWindowByTitleWithoutSocket(
+          WINDOW_TITLES.ExtensionInFullScreenView,
+        );
 
         // switch to MetaMask window and create a new vault through onboarding flow
-        await driver.driver.switchTo().window(windowHandles[2]);
         await completeCreateNewWalletOnboardingFlowWithCustomSettings({
           driver,
           password: WALLET_PASSWORD,

test/e2e/tests/ppom/ppom-blockaid-alert-trade-order-farming.spec.js

@@ -1258,6 +1258,46 @@ class Driver {
     }
   }
 
+  /**
+   * Switches to a window by its title without using the background socket.
+   * To be used in specs that run against production builds.
+   *
+   * @param {string} title - The target window title to switch to
+   * @returns {Promise<void>}
+   * @throws {Error} Will throw an error if the target window is not found
+   */
+  async switchToWindowByTitleWithoutSocket(title) {
+    const windowHandles = await this.driver.getAllWindowHandles();
+    let targetWindowFound = false;
+
+    // Iterate through each window handle
+    for (const handle of windowHandles) {
+      await this.driver.switchTo().window(handle);
+      let currentTitle = await this.driver.getTitle();
+
+      // Wait 25 x 200ms = 5 seconds for the title to match the target title
+      for (let i = 0; i < 25; i++) {
+        if (currentTitle === title) {
+          targetWindowFound = true;
+          console.log(`Switched to ${title} window`);
+          break;
+        }
+        await this.driver.sleep(200);
+        currentTitle = await this.driver.getTitle();
+      }
+
+      // If the target window is found, break out of the outer loop
+      if (targetWindowFound) {
+        break;
+      }
+    }
+
+    // If target window is not found, throw an error
+    if (!targetWindowFound) {
+      throw new Error(`${title} window not found`);
+    }
+  }
+
   // Error handling
 
   async verboseReportOnFailure(testTitle, error) {

test/e2e/vault-decryption-chrome.spec.ts

@@ -6231,7 +6231,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@metamask/signature-controller@npm:^26.0.0":
+"@metamask/signature-controller@npm:26.0.0":
   version: 26.0.0
   resolution: "@metamask/signature-controller@npm:26.0.0"
   dependencies:
@@ -6252,6 +6252,27 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@metamask/signature-controller@patch:@metamask/signature-controller@npm%3A26.0.0#~/.yarn/patches/@metamask-signature-controller-npm-26.0.0-ecbc8b6cda.patch":
+  version: 26.0.0
+  resolution: "@metamask/signature-controller@patch:@metamask/signature-controller@npm%3A26.0.0#~/.yarn/patches/@metamask-signature-controller-npm-26.0.0-ecbc8b6cda.patch::version=26.0.0&hash=eeb7c7"
+  dependencies:
+    "@metamask/base-controller": "npm:^8.0.0"
+    "@metamask/controller-utils": "npm:^11.6.0"
+    "@metamask/eth-sig-util": "npm:^8.2.0"
+    "@metamask/utils": "npm:^11.2.0"
+    jsonschema: "npm:^1.4.1"
+    lodash: "npm:^4.17.21"
+    uuid: "npm:^8.3.2"
+  peerDependencies:
+    "@metamask/accounts-controller": ^26.0.0
+    "@metamask/approval-controller": ^7.0.0
+    "@metamask/keyring-controller": ^21.0.0
+    "@metamask/logging-controller": ^6.0.0
+    "@metamask/network-controller": ^22.0.0
+  checksum: 10/a2df7d134d1b8e48af9ef218c0011b8a41ca5dcbed23ce75cc089043950b5c95114bea223639230fc0197d81b1c89647bf99abad41b7368082aa829c2ff3aacd
+  languageName: node
+  linkType: hard
+
 "@metamask/slip44@npm:^4.1.0":
   version: 4.1.0
   resolution: "@metamask/slip44@npm:4.1.0"
@@ -27309,7 +27330,7 @@ __metadata:
     "@metamask/safe-event-emitter": "npm:^3.1.1"
     "@metamask/scure-bip39": "npm:^2.0.3"
     "@metamask/selected-network-controller": "npm:^19.0.0"
-    "@metamask/signature-controller": "npm:^26.0.0"
+    "@metamask/signature-controller": "patch:@metamask/signature-controller@npm%3A26.0.0#~/.yarn/patches/@metamask-signature-controller-npm-26.0.0-ecbc8b6cda.patch"
     "@metamask/smart-transactions-controller": "npm:^16.1.0"
     "@metamask/snaps-controllers": "npm:^10.0.1"
     "@metamask/snaps-execution-environments": "npm:^7.0.0"