feat: Auto grant EVM permissions

FrederikBolding · FrederikBolding · commit d02653ff7a3e · 2025-06-10T13:25:59.000+02:00
diff --git a/packages/snaps-rpc-methods/src/index.ts b/packages/snaps-rpc-methods/src/index.ts
@@ -7,4 +7,5 @@ export { SnapCaveatType } from '@metamask/snaps-utils';
 export { selectHooks } from './utils';
 export * from './endowments';
 export * from './permissions';
+export * from './preinstalled';
 export * from './restricted';
diff --git a/packages/snaps-rpc-methods/src/preinstalled/index.ts b/packages/snaps-rpc-methods/src/preinstalled/index.ts
@@ -0,0 +1 @@
+export * from './middleware';
diff --git a/packages/snaps-rpc-methods/src/preinstalled/middleware.ts b/packages/snaps-rpc-methods/src/preinstalled/middleware.ts
@@ -0,0 +1,64 @@
+import type { JsonRpcMiddleware } from '@metamask/json-rpc-engine';
+import { PermissionConstraint, RequestedPermissions } from '@metamask/permission-controller';
+import { hasProperty, type Json, type JsonRpcParams } from '@metamask/utils';
+import { SnapEndowments } from '../endowments';
+import { isEqual } from '@metamask/snaps-utils';
+
+export interface PreinstalledSnapsMiddlewareHooks {
+    getPermittedEvmAccounts: () => string[];
+    getAllEvmAccounts: () => string[];
+    getPermissions:  () => Record<string, PermissionConstraint> | undefined;
+    grantPermissions: (permissions: RequestedPermissions) => void;
+}
+
+/**
+ * Creates a middleware that automatically grants permissions to preinstalled Snaps
+ * that want to use the Ethereum provider endowment.
+ *
+ * @param hooks - The hooks used by the middleware.
+ * @returns The middleware.
+ */
+export function createPreinstalledSnapsMiddleware(
+  { getPermittedEvmAccounts, getAllEvmAccounts, getPermissions, grantPermissions }: PreinstalledSnapsMiddlewareHooks,
+): JsonRpcMiddleware<JsonRpcParams, Json> {
+  return function methodMiddleware(request, _response, next, _end) {
+    if (!request.method.startsWith("wallet") && !request.method.startsWith("eth")) {
+        return next();
+    }
+
+    const permissions = getPermissions();
+
+    if (!permissions || !hasProperty(permissions, SnapEndowments.EthereumProvider)) {
+        return next();
+    }
+
+    const evmAccounts = getAllEvmAccounts();
+    const existingEvmAccounts = getPermittedEvmAccounts();
+
+    if (isEqual(evmAccounts, existingEvmAccounts)) {
+        return next();
+    }
+
+    grantPermissions({
+        'endowment:caip25': {
+            caveats: [
+              {
+                type: 'authorizedScopes',
+                value: {
+                  requiredScopes: {},
+                  optionalScopes: {
+                    'wallet:eip155': {
+                      accounts: evmAccounts.map(account => `wallet:eip155:${account}`),
+                    },
+                  },
+                  sessionProperties: {},
+                  isMultichainOrigin: false,
+                },
+              },
+            ],
+          },
+    });
+
+    return next();
+  };
+}
