feat: Add domain binding SIWE redesign alert row

test/data/confirmations/personal_sign.ts

@@ -35,15 +35,20 @@ export const signatureRequestSIWE = {
     siwe: {
       isSIWEMessage: true,
       parsedMessage: {
-        domain: 'metamask.github.io',
         address: '0x935e73edb9ff52e23bac7f7e049a1ecd06d05477',
+        chainId: 1,
+        domain: 'metamask.github.io',
+        expirationTime: null,
+        issuedAt: '2021-09-30T16:25:24.000Z',
+        nonce: '32891757',
+        notBefore: '2022-03-17T12:45:13.610Z',
+        requestId: 'some_id',
+        scheme: null,
         statement:
           'I accept the MetaMask Terms of Service: https://community.metamask.io/tos',
         uri: 'https://metamask.github.io',
         version: '1',
-        chainId: 1,
-        nonce: '32891757',
-        issuedAt: '2021-09-30T16:25:24.000Z',
+        resources: null,
       },
     },
   },
@@ -67,17 +72,19 @@ export const SignatureRequestSIWEWithResources = {
     siwe: {
       isSIWEMessage: true,
       parsedMessage: {
-        domain: 'metamask.github.io',
         address: '0x935e73edb9ff52e23bac7f7e043a1ecd06d05477',
-        statement:
-          'I accept the MetaMask Terms of Service: https://community.metamask.io/tos',
-        uri: 'https://metamask.github.io',
-        version: '1',
         chainId: 1,
-        nonce: '32891757',
+        domain: 'metamask.github.io',
+        expirationTime: null,
         issuedAt: '2021-09-30T16:25:24.000Z',
+        nonce: '32891757',
         notBefore: '2022-03-17T12:45:13.610Z',
         requestId: 'some_id',
+        scheme: null,
+        statement:
+          'I accept the MetaMask Terms of Service: https://community.metamask.io/tos',
+        uri: 'https://metamask.github.io',
+        version: '1',
         resources: [
           'ipfs://Qme7ss3ARVgxv6rXqVPiikMJ8u2NLgmgszg13pYrDKEoiu',
           'https://example.com/my-web2-claim.json',

ui/pages/confirmations/components/confirm/info/personal-sign/siwe-sign/__snapshots__/siwe-sign.test.tsx.snap

@@ -241,6 +241,30 @@ exports[`SIWESignInfo renders correctly for SIWE signature request 1`] = `
       </p>
     </div>
   </div>
+  <div
+    class="mm-box confirm-info-row mm-box--margin-top-2 mm-box--margin-bottom-2 mm-box--padding-right-2 mm-box--padding-left-2 mm-box--display-flex mm-box--flex-direction-row mm-box--flex-wrap-wrap mm-box--justify-content-space-between mm-box--color-text-default mm-box--rounded-lg"
+    style="overflow-wrap: anywhere; min-height: 24px;"
+  >
+    <div
+      class="mm-box mm-box--display-flex mm-box--flex-direction-row mm-box--justify-content-center mm-box--align-items-center"
+    >
+      <p
+        class="mm-box mm-text mm-text--body-md-medium mm-box--color-inherit"
+      >
+        Request ID
+      </p>
+    </div>
+    <div
+      class="mm-box mm-box--display-flex mm-box--gap-2 mm-box--flex-wrap-wrap mm-box--align-items-center"
+    >
+      <p
+        class="mm-box mm-text mm-text--body-md mm-box--color-inherit"
+        style="white-space: pre-wrap;"
+      >
+        some_id
+      </p>
+    </div>
+  </div>
 </div>
 `;
 

ui/pages/confirmations/components/confirm/info/personal-sign/siwe-sign/siwe-sign.tsx

@@ -44,7 +44,7 @@ const SIWESignInfo: React.FC = () => {
   return (
     <>
       <ConfirmInfoRow label={t('message')}>
-        <ConfirmInfoRowText text={statement} />
+        <ConfirmInfoRowText text={statement || ''} />
       </ConfirmInfoRow>
       <ConfirmInfoRow label={t('siweURI')}>
         <ConfirmInfoRowText text={domain} />

ui/pages/confirmations/hooks/alerts/signatures/useDomainMismatchAlerts.test.ts

@@ -0,0 +1,135 @@
+import { ApprovalType } from '@metamask/controller-utils';
+import { Severity } from '../../../../../helpers/constants/design-system';
+import { renderHookWithProvider } from '../../../../../../test/lib/render-helpers';
+import mockState from '../../../../../../test/data/mock-state.json';
+import useDomainMismatchAlert from './useDomainMismatchAlerts';
+
+const MOCK_ORIGIN = 'https://example-dapp.example';
+const MOCK_SUSPICIOUS_DOMAIN = 'http://suspicious.example';
+const MOCK_ADDRESS = '0x0dcd5d886577d5081b0c52e242ef29e70be3e7bc';
+
+const mockSiwe = {
+  isSIWEMessage: true,
+  parsedMessage: {
+    domain: MOCK_SUSPICIOUS_DOMAIN,
+    address: MOCK_ADDRESS,
+    statement:
+      'Click to sign in and accept the Terms of Service: https://community.metamask.io/tos',
+    uri: 'http://localhost:8080',
+    version: '1',
+    nonce: 'STMt6KQMwwdOXE306',
+    chainId: 1,
+    issuedAt: '2023-03-18T21:40:40.823Z',
+    resources: [
+      'ipfs://Qme7ss3ARVgxv6rXqVPiikMJ8u2NLgmgszg13pYrDKEoiu',
+      'https://example.com/my-web2-claim.json',
+    ],
+  },
+};
+
+const mockCurrentConfirmation = {
+  id: '1',
+  status: 'unapproved',
+  time: new Date().getTime(),
+  type: ApprovalType.PersonalSign,
+  msgParams: {
+    from: MOCK_ADDRESS,
+    data: '0x6c6f63616c686f73743a383038302077616e747320796f7520746f207369676e20696e207769746820796f757220457468657265756d206163636f756e743a0a3078466232433135303034333433393034653566343038323537386334653865313131303563463765330a0a436c69636b20746f207369676e20696e20616e642061636365707420746865205465726d73206f6620536572766963653a2068747470733a2f2f636f6d6d756e6974792e6d6574616d61736b2e696f2f746f730a0a5552493a20687474703a2f2f6c6f63616c686f73743a383038300a56657273696f6e3a20310a436861696e2049443a20310a4e6f6e63653a2053544d74364b514d7777644f58453330360a4973737565642041743a20323032322d30332d31385432313a34303a34302e3832335a0a5265736f75726365733a0a2d20697066733a2f2f516d653773733341525667787636725871565069696b4d4a3875324e4c676d67737a673133705972444b456f69750a2d2068747470733a2f2f6578616d706c652e636f6d2f6d792d776562322d636c61696d2e6a736f6e',
+    origin: MOCK_ORIGIN,
+    siwe: mockSiwe,
+  },
+};
+
+const mockExpectedState = {
+  ...mockState,
+  metamask: {
+    ...mockState.metamask,
+    unapprovedPersonalMsgs: {
+      '1': { ...mockCurrentConfirmation },
+    },
+    pendingApprovals: {
+      '1': {
+        ...mockCurrentConfirmation,
+        // origin: MOCK_ORIGIN,
+        requestData: {},
+        requestState: null,
+        expectsResult: false,
+      },
+    },
+    preferences: { redesignedConfirmationsEnabled: true },
+  },
+  confirm: { currentConfirmation: mockCurrentConfirmation },
+};
+
+describe('useDomainMismatchAlert', () => {
+  beforeAll(() => {
+    process.env.ENABLE_CONFIRMATION_REDESIGN = 'true';
+  });
+
+  afterAll(() => {
+    process.env.ENABLE_CONFIRMATION_REDESIGN = 'false';
+  });
+
+  describe('returns an empty array', () => {
+    it('when there is no current confirmation', () => {
+      const { result } = renderHookWithProvider(
+        () => useDomainMismatchAlert(),
+        mockState,
+      );
+      expect(result.current).toEqual([]);
+    });
+
+    it('when the current confirmation is not a SIWE request', () => {
+      const { result } = renderHookWithProvider(
+        () => useDomainMismatchAlert(),
+        {
+          ...mockExpectedState,
+          confirm: {
+            currentConfirmation: {
+              ...mockCurrentConfirmation,
+              msgParams: {
+                ...mockCurrentConfirmation.msgParams,
+                siwe: {
+                  isSIWEMessage: false,
+                  parsedMessage: mockSiwe.parsedMessage,
+                },
+              },
+            },
+          },
+        },
+      );
+      expect(result.current).toEqual([]);
+    });
+
+    it('when the SIWE domain matches origin', () => {
+      const originalDomain = mockSiwe.parsedMessage.domain;
+      mockSiwe.parsedMessage.domain = MOCK_ORIGIN;
+
+      const { result } = renderHookWithProvider(
+        () => useDomainMismatchAlert(),
+        mockExpectedState,
+      );
+      expect(result.current).toEqual([]);
+
+      mockSiwe.parsedMessage.domain = originalDomain;
+    });
+  });
+
+  it('returns an alert when the SIWE domain does not match the origin', () => {
+    const alertResponseExpected = {
+      field: 'requestFrom',
+      key: 'requestFrom',
+      message:
+        'The site making the request is not the site you’re signing into. This could be an attempt to steal your login credentials.',
+      reason: 'Suspicious sign-in request',
+      severity: Severity.Danger,
+    };
+    const { result } = renderHookWithProvider(
+      () => useDomainMismatchAlert(),
+      mockExpectedState,
+    );
+
+    expect(result.current).toHaveLength(1);
+    expect(result.current[0]).toStrictEqual(alertResponseExpected);
+  });
+});

ui/pages/confirmations/hooks/alerts/signatures/useDomainMismatchAlerts.ts

@@ -0,0 +1,45 @@
+import { useMemo } from 'react';
+import { useSelector } from 'react-redux';
+import {
+  isValidSIWEOrigin,
+  WrappedSIWERequest,
+} from '@metamask/controller-utils';
+
+import { Alert } from '../../../../../ducks/confirm-alerts/confirm-alerts';
+import { Severity } from '../../../../../helpers/constants/design-system';
+import { useI18nContext } from '../../../../../hooks/useI18nContext';
+import { currentConfirmationSelector } from '../../../../../selectors';
+
+import { SignatureRequestType } from '../../../types/confirm';
+import { isSIWESignatureRequest } from '../../../utils';
+
+export default function useDomainMismatchAlerts(): Alert[] {
+  const t = useI18nContext();
+
+  const currentConfirmation = useSelector(
+    currentConfirmationSelector,
+  ) as SignatureRequestType;
+  const { msgParams } = currentConfirmation || {};
+
+  const isSIWE = isSIWESignatureRequest(currentConfirmation);
+  const isInvalidSIWEDomain =
+    isSIWE && !isValidSIWEOrigin(msgParams as WrappedSIWERequest);
+
+  const alerts = useMemo(() => {
+    if (!isInvalidSIWEDomain) {
+      return [];
+    }
+
+    return [
+      {
+        field: 'requestFrom',
+        key: 'requestFrom',
+        message: t('alertMessageSignInDomainMismatch'),
+        reason: t('alertReasonSignIn'),
+        severity: Severity.Danger,
+      },
+    ] as Alert[];
+  }, [isInvalidSIWEDomain, t]);
+
+  return alerts;
+}

ui/pages/confirmations/hooks/useConfirmationAlerts.ts

@@ -1,6 +1,7 @@
 import { useMemo } from 'react';
 import { Alert } from '../../../ducks/confirm-alerts/confirm-alerts';
 import useBlockaidAlerts from './alerts/useBlockaidAlerts';
+import useDomainMismatchAlerts from './alerts/signatures/useDomainMismatchAlerts';
 import { useInsufficientBalanceAlerts } from './alerts/transactions/useInsufficientBalanceAlerts';
 import { useGasEstimateFailedAlerts } from './alerts/transactions/useGasEstimateFailedAlerts';
 import { usePendingTransactionAlerts } from './alerts/transactions/usePendingTransactionAlerts';
@@ -10,6 +11,12 @@ import { useGasTooLowAlerts } from './alerts/transactions/useGasTooLowAlerts';
 import { useNoGasPriceAlerts } from './alerts/transactions/useNoGasPriceAlerts';
 import { useNetworkBusyAlerts } from './alerts/transactions/useNetworkBusyAlerts';
 
+function useSignatureAlerts(): Alert[] {
+  const domainMismatchAlerts = useDomainMismatchAlerts();
+
+  return useMemo(() => [...domainMismatchAlerts], [domainMismatchAlerts]);
+}
+
 function useTransactionAlerts(): Alert[] {
   const gasEstimateFailedAlerts = useGasEstimateFailedAlerts();
   const gasFeeLowAlerts = useGasFeeLowAlerts();
@@ -46,10 +53,11 @@ function useTransactionAlerts(): Alert[] {
 
 export default function useConfirmationAlerts(): Alert[] {
   const blockaidAlerts = useBlockaidAlerts();
+  const signatureAlerts = useSignatureAlerts();
   const transactionAlerts = useTransactionAlerts();
 
   return useMemo(
-    () => [...blockaidAlerts, ...transactionAlerts],
-    [blockaidAlerts, transactionAlerts],
+    () => [...blockaidAlerts, ...signatureAlerts, ...transactionAlerts],
+    [blockaidAlerts, signatureAlerts, transactionAlerts],
   );
 }

ui/pages/confirmations/hooks/useCurrentConfirmation.ts

@@ -63,6 +63,10 @@ const useCurrentConfirmation = () => {
     if (
       !redesignedConfirmationsEnabled ||
       (!isCorrectTransactionType && !isCorrectApprovalType) ||
+      /**
+       * @todo remove isSIWE check when we want to enable SIWE in redesigned confirmations
+       * @see {@link https://github.com/MetaMask/metamask-extension/issues/24617}
+       */
       isSIWE
     ) {
       return { currentConfirmation: undefined };

ui/pages/confirmations/types/confirm.ts

@@ -1,4 +1,6 @@
 import { ApprovalControllerState } from '@metamask/approval-controller';
+import { SIWEMessage } from '@metamask/controller-utils';
+
 import {
   TransactionMeta,
   TransactionType,
@@ -27,21 +29,7 @@ export type SignatureRequestType = {
     data: string | TypedSignDataV1Type;
     version?: string;
     signatureMethod?: string;
-    siwe?: {
-      isSIWEMessage: boolean;
-      parsedMessage: null | {
-        domain: string;
-        address: string;
-        statement: string;
-        uri: string;
-        version: string;
-        chainId: number;
-        nonce: string;
-        issuedAt: string;
-        requestId?: string;
-        resources?: string[];
-      };
-    };
+    siwe?: SIWEMessage;
   };
   type: TransactionType;
   custodyId?: string;

ui/pages/confirmations/utils/confirm.ts

@@ -46,7 +46,7 @@ export const parseSanitizeTypedDataMessage = (dataToParse: string) => {
 };
 
 export const isSIWESignatureRequest = (request: SignatureRequestType) =>
-  request.msgParams?.siwe?.isSIWEMessage;
+  Boolean(request?.msgParams?.siwe?.isSIWEMessage);
 
 export const isPermitSignatureRequest = (request: SignatureRequestType) => {
   if (