Validate kernel rpc request (#160)

* Validate kernel rpc request

* update jsdoc

* rpc check fixes

* update tests

* cursor fix for prototype pollution

* linter fixes

* use extractZodError

Author: MoMannn

packages/permissions-kernel-snap/package.json

@@ -47,7 +47,8 @@
     "test": "jest"
   },
   "dependencies": {
-    "@metamask/snaps-sdk": "8.1.0"
+    "@metamask/snaps-sdk": "8.1.0",
+    "zod": "3.25.76"
   },
   "devDependencies": {
     "@jest/globals": "29.7.0",

packages/permissions-kernel-snap/src/index.ts

@@ -1,5 +1,6 @@
 import { logger } from '@metamask/7715-permissions-shared/utils';
 import {
+  InvalidParamsError,
   LimitExceededError,
   MethodNotFoundError,
   type Json,
@@ -10,6 +11,7 @@ import {
 import { createPermissionOfferRegistryManager } from './registryManager';
 import { createRpcHandler } from './rpc/rpcHandler';
 import { RpcMethod } from './rpc/rpcMethod';
+import { validateJsonRpcRequest } from './utils';
 
 // set up dependencies
 const rpcHandler = createRpcHandler({
@@ -38,9 +40,9 @@ let activeProcessingLock: symbol | null = null;
  * @param args - The request handler args as object.
  * @param args.origin - The origin of the request, e.g., the website that
  * invoked the snap.
- * @param args.request - A validated JSON-RPC request object.
- * @returns The result of `snap_dialog`.
- * @throws If the request method is not valid for this snap.
+ * @param args.request - A JSON-RPC request object that will be validated.
+ * @returns The result of the RPC method execution (The 7715 permissions response from the permissions provider).
+ * @throws If the request is invalid, method is not found, or processing fails.
  */
 export const onRpcRequest: OnRpcRequestHandler = async ({
   origin,
@@ -64,22 +66,35 @@ export const onRpcRequest: OnRpcRequestHandler = async ({
       JSON.stringify(request, undefined, 2),
     );
 
+    // First check if the request is a valid object
+    if (typeof request !== 'object' || request === null) {
+      throw new InvalidParamsError('Request must be a valid JSON-RPC object');
+    }
+
+    // Check if method exists first (for proper error codes)
+    if (!request.method || typeof request.method !== 'string') {
+      throw new InvalidParamsError('Request must have a valid method');
+    }
+
     // Use Object.prototype.hasOwnProperty.call() to prevent prototype pollution attacks
-    // This ensures we only access methods that exist on boundRpcHandlers itself
     if (
       !Object.prototype.hasOwnProperty.call(boundRpcHandlers, request.method)
     ) {
+      logger.warn('Method not found in bound handlers:', request.method);
       throw new MethodNotFoundError(`Method ${request.method} not found.`);
     }
 
+    // Now validate the full JSON-RPC structure
+    const validatedRequest = validateJsonRpcRequest(request);
+
     // We know that the method exists, so we can cast to NonNullable
-    const handler = boundRpcHandlers[request.method] as NonNullable<
+    const handler = boundRpcHandlers[validatedRequest.method] as NonNullable<
       (typeof boundRpcHandlers)[string]
     >;
 
     const result = await handler({
       siteOrigin: origin,
-      params: request.params as JsonRpcParams,
+      params: validatedRequest.params as JsonRpcParams,
     });
 
     return result;

packages/permissions-kernel-snap/src/utils/validate.ts

@@ -5,8 +5,49 @@ import {
   zPermissionsRequest,
   zPermissionsResponse,
 } from '@metamask/7715-permissions-shared/types';
-import { extractZodError } from '@metamask/7715-permissions-shared/utils';
+import {
+  extractZodError,
+  logger,
+} from '@metamask/7715-permissions-shared/utils';
 import { InvalidParamsError } from '@metamask/snaps-sdk';
+import { z } from 'zod';
+
+import { RpcMethod } from '../rpc/rpcMethod';
+
+/**
+ * Checks if an object contains prototype pollution keys.
+ * Recursively validates nested objects and arrays to prevent prototype pollution
+ * at any depth in the object structure.
+ *
+ * @param obj - The object to check.
+ * @returns True if the object is safe (no prototype pollution keys).
+ */
+function isSafeObject(obj: unknown): boolean {
+  if (typeof obj !== 'object' || obj === null) {
+    return true;
+  }
+
+  // Check for exact dangerous keys (not substrings)
+  const dangerousKeys = ['__proto__', 'constructor', 'prototype'];
+
+  // Check if any dangerous keys exist as own properties
+  const hasDangerousKey = dangerousKeys.some((dangerousKey) =>
+    Object.prototype.hasOwnProperty.call(obj, dangerousKey),
+  );
+
+  if (hasDangerousKey) {
+    return false;
+  }
+
+  // Recursively check nested objects and arrays
+  for (const value of Object.values(obj)) {
+    if (!isSafeObject(value)) {
+      return false;
+    }
+  }
+
+  return true;
+}
 
 /**
  * Safely parses the grant permissions request parameters, validating them using Zod schema.
@@ -55,3 +96,74 @@ export const parsePermissionsResponseParam = (
 
   return validatePermissionsResponse.data;
 };
+
+/**
+ * Zod schema for validating JSON-RPC request structure
+ */
+export const zJsonRpcRequest = z.object({
+  /**
+   * The JSON-RPC version, must be "2.0"
+   */
+  jsonrpc: z.literal('2.0'),
+
+  /**
+   * The method name - must be a valid RPC method
+   */
+  method: z.nativeEnum(RpcMethod),
+
+  /**
+   * The parameters for the method - must be valid JsonRpcParams
+   */
+  params: z
+    .union([
+      z.string(),
+      z.number(),
+      z.boolean(),
+      z.null(),
+      z.array(z.unknown()).refine((arr) => arr.every(isSafeObject), {
+        message: 'Invalid key in array: potential prototype pollution attempt',
+      }),
+      z.record(z.unknown()).refine((obj) => isSafeObject(obj), {
+        message: 'Invalid key: potential prototype pollution attempt',
+      }),
+    ])
+    .optional(),
+
+  /**
+   * The request ID - must be a string or number
+   */
+  id: z.union([z.string(), z.number()]).optional(),
+});
+
+/**
+ * Type for a validated JSON-RPC request
+ */
+export type ValidatedJsonRpcRequest = z.infer<typeof zJsonRpcRequest>;
+
+/**
+ * Validates that the request object is a proper JSON-RPC request
+ * and that the method is supported by this snap.
+ *
+ * @param request - The request object to validate.
+ * @returns The validated request object.
+ * @throws InvalidParamsError if validation fails.
+ */
+export function validateJsonRpcRequest(
+  request: unknown,
+): ValidatedJsonRpcRequest {
+  // Validate the JSON-RPC structure using Zod
+  const validationResult = zJsonRpcRequest.safeParse(request);
+
+  if (!validationResult.success) {
+    const errorMessage = extractZodError(validationResult.error.errors);
+
+    logger.warn('Invalid JSON-RPC request structure:', {
+      errors: errorMessage,
+      request: JSON.stringify(request, null, 2),
+    });
+
+    throw new InvalidParamsError(`Invalid JSON-RPC request: ${errorMessage}`);
+  }
+
+  return validationResult.data;
+}

packages/permissions-kernel-snap/test/end-to-end/index.test.tsx

@@ -47,6 +47,110 @@ describe('Kernel Snap', () => {
           });
         }
       });
+
+      it('validates JSON-RPC request structure', async () => {
+        // Test missing jsonrpc field
+        const response1 = await snapRequest({
+          method: 'wallet_requestExecutionPermissions',
+        });
+
+        expect(response1).toRespondWithError({
+          code: -32602,
+          message: expect.stringContaining('Failed type validation'),
+          stack: expect.any(String),
+        });
+
+        // Test invalid jsonrpc version
+        const response2 = await snapRequest({
+          jsonrpc: '1.0',
+          method: 'wallet_requestExecutionPermissions',
+        } as any);
+
+        expect(response2).toRespondWithError({
+          code: -32602,
+          data: expect.objectContaining({
+            cause: null,
+            method: 'snapRpc',
+            params: expect.arrayContaining([
+              expect.stringMatching(/^local:http:\/\/localhost:\d+$/),
+              'onRpcRequest',
+              'https://metamask.io',
+              expect.objectContaining({
+                id: 1,
+                jsonrpc: '1.0',
+                method: 'wallet_requestExecutionPermissions',
+              }),
+            ]),
+          }),
+          message: expect.stringContaining('Invalid parameters for method "snapRpc": At path: 3.jsonrpc -- Expected the literal `"2.0"`, but received: "1.0"'),
+          stack: expect.any(String),
+        });
+      });
+
+      it('validates request method against allowed methods', async () => {
+        const response = await snapRequest({
+          jsonrpc: '2.0',
+          method: 'invalid_method',
+        } as any);
+
+        expect(response).toRespondWithError({
+          code: -32601,
+          message: 'Method invalid_method not found.',
+          stack: expect.any(String),
+        });
+      });
+
+      it('prevents prototype pollution in request params', async () => {
+        const response = await snapRequest({
+          jsonrpc: '2.0',
+          method: 'wallet_requestExecutionPermissions',
+          params: {
+            '__proto__': 'malicious',
+            normalKey: 'value',
+          },
+        } as any);
+
+        expect(response).toRespondWithError({
+          code: -32602,
+          message: expect.stringContaining('Failed type validation'),
+          stack: expect.any(String),
+        });
+      });
+
+      it('prevents prototype pollution in nested request params', async () => {
+        const response = await snapRequest({
+          jsonrpc: '2.0',
+          method: 'wallet_requestExecutionPermissions',
+          params: {
+            normalKey: {
+              '__proto__': 'malicious',
+            },
+          },
+        } as any);
+
+        expect(response).toRespondWithError({
+          code: -32602,
+          message: expect.stringContaining('Failed type validation'),
+          stack: expect.any(String),
+        });
+      });
+
+      it('allows valid JSON-RPC request structure', async () => {
+        const response = await snapRequest({
+          jsonrpc: '2.0',
+          method: 'wallet_requestExecutionPermissions',
+          params: {
+            test: 'value',
+          },
+          id: 1,
+        } as any);
+
+        // The request should be processed (may fail later due to test setup, but not due to validation)
+        expect(response).not.toRespondWithError({
+          code: -32602,
+          message: expect.stringContaining('Failed type validation'),
+        });
+      });
     });
 
     describe('processing lock', () => {