feat: Handle revocation of already-disabled delegations (#38321)

## **Description**

This PR adds support for revoking delegations that are already disabled
on-chain, without requiring an on-chain transaction.

**Problem:** When users attempt to revoke a delegation that has already
been disabled on-chain (e.g., by another app or directly via contract),
the revoke button would not properly disable and the UI would not
refresh after the operation completed, causing a flash where the button
briefly showed 'Revoke' before the permission disappeared.

**Solution:** 
- Added `submitDirectRevocation` method to the
GatorPermissionsController API
- Updated the revocation flow to check if a delegation is already
disabled on-chain
- For already-disabled delegations, use the direct revocation flow (no
transaction)
- Controller now handles permission list refresh before clearing pending
state to prevent button flashing
- Simplified client-side logic by removing UI-level refresh mechanisms

**Dependencies:**
⚠️ This PR requires an updated version of
`@metamask/gator-permissions-controller` with:
- `submitDirectRevocation` method that:
  1. Adds permission to pending state (disables button)
  2. Submits revocation to snap
  3. Refreshes permission list (removes from UI)
  4. Clears pending state (button already gone, no flash)

## **Changelog**

CHANGELOG entry: null

## **Related issues**

Fixes: #463

## **Manual testing steps**

### Test Already-Disabled Delegation:
1. Enable Gator Permissions feature
2. Create a delegation via a dapp
3. Manually disable the delegation on-chain (via another app or
contract)
4. In MetaMask, navigate to Gator Permissions → Token Transfer
5. Click 'Revoke' on the already-disabled delegation
6. Verify: Button shows 'Revocation Pending' and stays that way (no
flash to 'Revoke')
7. Verify: Permission disappears from list smoothly
8. Verify: No errors in console

### Test Normal Delegation (On-Chain Transaction):
1. Create a new delegation via a dapp
2. In MetaMask, navigate to Gator Permissions → Token Transfer
3. Click 'Revoke' on an active delegation
4. Verify: Transaction confirmation popup appears
5. Approve the transaction
6. Verify: Button shows 'Revocation Pending'
7. Wait for transaction confirmation
8. Verify: Permission disappears from list after confirmation
9. Verify: No button flash, smooth UI update

## **Screenshots/Recordings**

### **Before**
- Button would flash from 'Revocation Pending' → 'Revoke' → disappear
- Permission list would not refresh automatically

### **After**
- Button shows 'Revocation Pending' until permission disappears
- No flash
- Smooth UI update

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask
Extension Coding
Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [ ] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [ ] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.




https://github.com/user-attachments/assets/220f0641-728e-4b99-b757-726c2b8c8167


<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Adds a no-transaction revocation path and updates hooks/controllers to
detect already-disabled delegations.
> 
> - Replace `submitRevocation` with `submitDirectRevocation` in
controller init, background (`metamask-controller.js`), and UI
actions/tests
> - Update revoke hooks (`useRevokeGatorPermissions*`) to:
>   - Compute `delegationHash` via `getDelegationHashOffchain`
> - Query `checkDelegationDisabled`; if true, call
`submitDirectRevocation` and skip creating a transaction
> - Otherwise proceed with `encodeDisableDelegation` and create the
transaction, tracking with `addPendingRevocation`
> - Add `submitDirectRevocation` action and JSDoc; retain
`addPendingRevocation`
> - Extend tests to cover the direct revocation path and
disabled-delegation behavior
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
1aec919. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------

Co-authored-by: Tadej Vengust <[email protected]>

Author: hanzel98

app/scripts/controller-init/gator-permissions/gator-permissions-controller-init.test.ts

@@ -98,7 +98,7 @@ describe('GatorPermissionsControllerInit', () => {
     expect(result.api).toEqual({
       fetchAndUpdateGatorPermissions: expect.any(Function),
       addPendingRevocation: expect.any(Function),
-      submitRevocation: expect.any(Function),
+      submitDirectRevocation: expect.any(Function),
     });
   });
 

app/scripts/controller-init/gator-permissions/gator-permissions-controller-init.ts

@@ -61,7 +61,8 @@ export const GatorPermissionsControllerInit: ControllerInitFunction<
       fetchAndUpdateGatorPermissions:
         controller.fetchAndUpdateGatorPermissions.bind(controller),
       addPendingRevocation: controller.addPendingRevocation.bind(controller),
-      submitRevocation: controller.submitRevocation.bind(controller),
+      submitDirectRevocation:
+        controller.submitDirectRevocation.bind(controller),
     },
   };
 };

app/scripts/metamask-controller.js

@@ -3320,9 +3320,10 @@ export default class MetamaskController extends EventEmitter {
         gatorPermissionsController.addPendingRevocation.bind(
           gatorPermissionsController,
         ),
-      submitRevocation: gatorPermissionsController.submitRevocation.bind(
-        gatorPermissionsController,
-      ),
+      submitDirectRevocation:
+        gatorPermissionsController.submitDirectRevocation.bind(
+          gatorPermissionsController,
+        ),
       checkDelegationDisabled: this.checkDelegationDisabled.bind(this),
 
       // KeyringController

ui/hooks/gator-permissions/useRevokeGatorPermissions.test.tsx

@@ -31,7 +31,6 @@ import {
 } from '../../selectors';
 import {
   addPendingRevocation,
-  submitRevocation,
   checkDelegationDisabled,
 } from '../../store/controller-actions/gator-permissions-controller';
 import { useRevokeGatorPermissions } from './useRevokeGatorPermissions';
@@ -51,7 +50,6 @@ jest.mock(
   '../../store/controller-actions/gator-permissions-controller',
   () => ({
     addPendingRevocation: jest.fn(),
-    submitRevocation: jest.fn(),
     checkDelegationDisabled: jest.fn(),
   }),
 );
@@ -110,9 +108,6 @@ const mockGetDelegationHashOffchain =
 const mockAddPendingRevocation = addPendingRevocation as jest.MockedFunction<
   typeof addPendingRevocation
 >;
-const mockSubmitRevocation = submitRevocation as jest.MockedFunction<
-  typeof submitRevocation
->;
 const mockCheckDelegationDisabled =
   checkDelegationDisabled as jest.MockedFunction<
     typeof checkDelegationDisabled
@@ -273,7 +268,6 @@ describe('useRevokeGatorPermissions', () => {
       '0xfd165b374563126931d2be865bbec75623dca111840d148cf88492c0bb997f96' as `0x${string}`,
     );
     mockCheckDelegationDisabled.mockResolvedValue(false);
-    mockSubmitRevocation.mockResolvedValue(undefined);
     mockAddPendingRevocation.mockResolvedValue(undefined);
     mockAddTransaction.mockResolvedValue(mockTransactionMeta as never);
 

ui/hooks/gator-permissions/useRevokeGatorPermissions.ts

@@ -21,7 +21,7 @@ import {
 } from '../../../shared/lib/delegation/delegation';
 import {
   addPendingRevocation,
-  submitRevocation,
+  submitDirectRevocation,
   checkDelegationDisabled,
 } from '../../store/controller-actions/gator-permissions-controller';
 import { useGatorPermissionRedirect } from './useGatorPermissionRedirect';
@@ -172,9 +172,10 @@ export function useRevokeGatorPermissions({
         delegationHash,
         networkClientId,
       );
+
       if (isDisabled) {
-        await submitRevocation({ permissionContext });
         // Return null since no actual transaction is needed when already disabled
+        await submitDirectRevocation({ permissionContext });
         return null;
       }
 

ui/hooks/gator-permissions/useRevokeGatorPermissionsMultiChain.test.tsx

@@ -20,8 +20,15 @@ import {
   addTransaction,
   findNetworkClientIdByChainId,
 } from '../../store/actions';
-import { encodeDisableDelegation } from '../../../shared/lib/delegation/delegation';
+import {
+  encodeDisableDelegation,
+  getDelegationHashOffchain,
+} from '../../../shared/lib/delegation/delegation';
 import { getMemoizedInternalAccountByAddress } from '../../selectors/accounts';
+import {
+  checkDelegationDisabled,
+  submitDirectRevocation,
+} from '../../store/controller-actions/gator-permissions-controller';
 import {
   useRevokeGatorPermissionsMultiChain,
   RevokeGatorPermissionsMultiChainResults,
@@ -40,6 +47,7 @@ jest.mock('@metamask/delegation-core', () => ({
 
 jest.mock('../../../shared/lib/delegation/delegation', () => ({
   encodeDisableDelegation: jest.fn(),
+  getDelegationHashOffchain: jest.fn(),
 }));
 
 jest.mock('../../../shared/lib/delegation', () => ({
@@ -54,6 +62,15 @@ jest.mock('../../selectors/accounts', () => ({
   getMemoizedInternalAccountByAddress: jest.fn(),
 }));
 
+jest.mock(
+  '../../store/controller-actions/gator-permissions-controller',
+  () => ({
+    addPendingRevocation: jest.fn(),
+    submitDirectRevocation: jest.fn(),
+    checkDelegationDisabled: jest.fn(),
+  }),
+);
+
 // Mock useConfirmationNavigation hook
 const mockNavigateToId = jest.fn();
 const mockConfirmations: Partial<ApprovalRequest<Record<string, Json>>>[] = [];
@@ -79,10 +96,20 @@ const mockEncodeDisableDelegation =
   encodeDisableDelegation as jest.MockedFunction<
     typeof encodeDisableDelegation
   >;
+const mockGetDelegationHashOffchain =
+  getDelegationHashOffchain as jest.MockedFunction<
+    typeof getDelegationHashOffchain
+  >;
 const mockGetMemoizedInternalAccountByAddress =
   getMemoizedInternalAccountByAddress as jest.MockedFunction<
     typeof getMemoizedInternalAccountByAddress
   >;
+const mockCheckDelegationDisabled =
+  checkDelegationDisabled as jest.MockedFunction<
+    typeof checkDelegationDisabled
+  >;
+const mockSubmitDirectRevocation =
+  submitDirectRevocation as jest.MockedFunction<typeof submitDirectRevocation>;
 
 const mockStore = configureStore();
 
@@ -208,9 +235,12 @@ describe('useRevokeGatorPermissionsMultiChain', () => {
 
     mockDecodeDelegations.mockReturnValue([mockDelegation]);
     mockEncodeDisableDelegation.mockReturnValue('0xencodedCallData' as Hex);
+    mockGetDelegationHashOffchain.mockReturnValue('0xdelegationhash' as Hex);
     mockFindNetworkClientIdByChainId.mockResolvedValue(
       mockNetworkClientId1 as never,
     );
+    // Default to false so transactions are created (delegation is not disabled)
+    mockCheckDelegationDisabled.mockResolvedValue(false);
   });
 
   const wrapper = ({ children }: { children: React.ReactNode }) => (
@@ -358,6 +388,37 @@ describe('useRevokeGatorPermissionsMultiChain', () => {
       expect(results[mockChainId1].revoked).toHaveLength(0);
     });
 
+    it('should call submitDirectRevocation without creating transaction when delegation is already disabled', async () => {
+      mockCheckDelegationDisabled.mockResolvedValue(true);
+
+      const { result } = renderHook(
+        () => useRevokeGatorPermissionsMultiChain(),
+        { wrapper },
+      );
+
+      const permissionsByChain = {
+        [mockChainId1]: [mockPermission1],
+      };
+
+      let results: RevokeGatorPermissionsMultiChainResults | undefined;
+      await act(async () => {
+        results =
+          await result.current.revokeGatorPermissionsBatchMultiChain(
+            permissionsByChain,
+          );
+      });
+
+      if (!results) {
+        throw new Error('Results should be defined');
+      }
+      expect(mockSubmitDirectRevocation).toHaveBeenCalledWith({
+        permissionContext: mockPermissionContext1,
+      });
+      expect(mockAddTransaction).not.toHaveBeenCalled();
+      expect(results[mockChainId1].revoked).toHaveLength(0);
+      expect(results[mockChainId1].errors).toHaveLength(0);
+    });
+
     it('should handle empty permissionsByChain object', async () => {
       const { result } = renderHook(
         () => useRevokeGatorPermissionsMultiChain(),

ui/hooks/gator-permissions/useRevokeGatorPermissionsMultiChain.ts

@@ -15,8 +15,15 @@ import {
   findNetworkClientIdByChainId,
 } from '../../store/actions';
 import { getMemoizedInternalAccountByAddress } from '../../selectors/accounts';
-import { encodeDisableDelegation } from '../../../shared/lib/delegation/delegation';
-import { addPendingRevocation } from '../../store/controller-actions/gator-permissions-controller';
+import {
+  encodeDisableDelegation,
+  getDelegationHashOffchain,
+} from '../../../shared/lib/delegation/delegation';
+import {
+  addPendingRevocation,
+  submitDirectRevocation,
+  checkDelegationDisabled,
+} from '../../store/controller-actions/gator-permissions-controller';
 import { extractDelegationFromGatorPermissionContext } from './utils';
 import { useGatorPermissionRedirect } from './useGatorPermissionRedirect';
 
@@ -114,6 +121,25 @@ export function useRevokeGatorPermissionsMultiChain({
               permissionResponse.context,
             );
 
+            const delegationHash = getDelegationHashOffchain(delegation);
+
+            // Check if delegation is already disabled on-chain
+            const isDisabled = await checkDelegationDisabled(
+              permissionResponse.signerMeta.delegationManager,
+              delegationHash,
+              networkClientId,
+            );
+
+            if (isDisabled) {
+              // Delegation is already disabled, submit direct revocation without transaction
+              await submitDirectRevocation({
+                permissionContext: permissionResponse.context,
+              });
+              results[currentChainId as Hex].skipped.push(permission);
+              // Continue to next permission - no transaction needed
+              continue;
+            }
+
             // Encode disable delegation call
             const encodedCallData = encodeDisableDelegation({ delegation });
 

ui/store/controller-actions/gator-permissions-controller.ts

@@ -15,6 +15,15 @@ export const fetchAndUpdateGatorPermissions = async (
   );
 };
 
+/**
+ * Adds a pending revocation for a delegation that requires an on-chain transaction.
+ * This method is used for revocations that come with a transaction that has to be
+ * confirmed before marking the permission as revoked.
+ *
+ * @param params - The parameters for pending revocation.
+ * @param params.txId - The transaction ID associated with the revocation.
+ * @param params.permissionContext - The permission context to revoke.
+ */
 export const addPendingRevocation = async ({
   txId,
   permissionContext,
@@ -30,12 +39,24 @@ export const addPendingRevocation = async ({
   ]);
 };
 
-export const submitRevocation = async ({
+/**
+ * Submits a revocation for a delegation that is already disabled on-chain.
+ * This method is used when a delegation has already been disabled and does not
+ * require an on-chain transaction to revoke the permission.
+ *
+ * @param params - The parameters for direct revocation.
+ * @param params.permissionContext - The permission context to revoke.
+ */
+export const submitDirectRevocation = async ({
   permissionContext,
 }: {
   permissionContext: Hex;
 }): Promise<void> => {
-  await submitRequestToBackground('submitRevocation', [{ permissionContext }]);
+  await submitRequestToBackground('submitDirectRevocation', [
+    {
+      permissionContext,
+    },
+  ]);
 };
 
 /**