Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: isPermitSignatureRequest logic. Do not display as Permit if spender is not present #27384

Closed
wants to merge 9 commits into from
Closed

fix: isPermitSignatureRequest logic. Do not display as Permit if spender is not present #27384

wants to merge 9 commits into from

Conversation

digiwand
Copy link
Contributor

@digiwand digiwand commented Sep 25, 2024
edited
Loading

Description

If primaryType either:

  • Permit
  • PermitBatch
  • PermitBatchTransferFrom
  • PermitSingle
  • PermitTransferFrom

and it does not have a "spender" hex address, do not render the signature as a Permit. Without a spender, we will fallback to an EIP-712 signature.

Note: The check for isPermitSignatureRequest is not sophisticated. This will be revisited with the upcoming Signatures API work.

Open in GitHub Codespaces

Related issues

Fixes: #27385

Manual testing steps

await window.ethereum.request({ "method": "eth_signTypedData_v4", "params": [
  "0xE56E7847Fd3661A9B7c86aAF1DaEa08D9DA5750e", 
    {
            domain: {
              name: 'Test Domain',
              version: '1',
              chainId: 11155111,
              verifyingContract: '0xC36442b4a4522E871399CD717aBDD847Ab11FE88',
            },
                    types: {
          Person: [
            { name: "name", type: "string" },
            { name: "wallet", type: "address" },
          ],
          Permit: [
            { name: "from", type: "Person" },
            { name: "to", type: "Person" },
            { name: "contents", type: "string" },
          ],
        },
        primaryType: "Permit",
        message: {
          from: {
            name: "Cow",
            wallet: "0xCD2a3d9F938E13CD947Ec05AbC7FE734Df8DD826",
          },
          to: {
            name: "Bob",
            wallet: "0xbBbBBBBbbBBBbbbBbbBbbbbBBbBbbbbBbBbbBBbB",
          },
          contents: "Hello, Bob!",
        },
  }
], });

Screenshots/Recordings

Before

After

Pre-merge author checklist

Pre-merge reviewer checklist

  • I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
  • I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

@github-actions GitHub Actions
Copy link
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@github-actions github-actions bot added the team-confirmations Push issues to confirmations team label Sep 25, 2024
@digiwand digiwand changed the title fix: hide Spender if no "spender" is found fix: EIP-2612 isPermitSignatureRequest logic. Do not display spender if it is not a EIP-2612 Sep 25, 2024
@metamaskbot
Copy link
Collaborator

Builds ready [7cd71ee]
Page Load Metrics (1809 ± 126 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint41325501737395190
domContentLoaded156625181775249119
load157425501809263126
domInteractive14258575325
Bundle size diffs [🚨 Warning! Bundle size has increased!]
  • background: 0 Bytes (0.00%)
  • ui: 0 Bytes (0.00%)
  • common: 236 Bytes (0.00%)

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 25, 2024

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@digiwand digiwand requested a review from jpuri September 25, 2024 13:17
@digiwand digiwand changed the title fix: EIP-2612 isPermitSignatureRequest logic. Do not display spender if it is not a EIP-2612 fix: EIP-2612 isPermitSignatureRequest logic. Do not display as Permit if spender is not present Sep 25, 2024
@metamaskbot
Copy link
Collaborator

Builds ready [876f27d]
Page Load Metrics (1732 ± 76 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint25321341644355170
domContentLoaded14632116170015574
load14702136173215876
domInteractive17195503818
Bundle size diffs [🚨 Warning! Bundle size has increased!]
  • background: 0 Bytes (0.00%)
  • ui: 0 Bytes (0.00%)
  • common: 153 Bytes (0.00%)

@jpuri
Copy link
Contributor

jpuri commented Sep 25, 2024

Hey @digiwand : I think this task requires more detailed discussion as there can be many different validations for different signature. In case we are not able to validate a signature - should we reject it or display as simple typed sign or some other approach.

jpuri
jpuri requested changes Sep 25, 2024
View reviewed changes
Copy link
Contributor

@jpuri jpuri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should re-evaluate the approach and discuss this more.

@digiwand digiwand marked this pull request as ready for review September 25, 2024 15:29
@digiwand digiwand requested review from a team as code owners September 25, 2024 15:29
@digiwand
Copy link
Contributor Author

digiwand commented Sep 25, 2024
edited
Loading

Hi @jpuri, I agree we should discuss how to approach this further. In the meantime, I think we should still enforce the spender exists for displaying Permit since spender is required for EIP-2612, Permit2, and EIP-4494 (NFT)(not finalized ERC), and without it, our UI is misleading.

should we reject it or display as simple typed sign or some other approach

I think we should persist the behavior of our old signatures and not reject the signatures in this case. As the signature authors design their own EIP-712 struct, any arbitrary string could be a valid primaryType. This should mean a message with primaryType === "Permit" without a spender, or another required Permit spec, can still be a valid EIP-712.

We could possibly warn developers if we detect that they may be trying to create a EIP-2612 signature and the required fields are invalid or missing.

We have explicit support for a minor subset of Permit primaryTypes as mentioned in the description above, along with Order primaryTypes not mentioned. We will revisit support for additional types with the upcoming Signature API work

@digiwand digiwand changed the title fix: EIP-2612 isPermitSignatureRequest logic. Do not display as Permit if spender is not present fix: isPermitSignatureRequest logic. Do not display as Permit if spender is not present Sep 26, 2024
@digiwand
Copy link
Contributor Author

per discussion to reevaulate UI/UX closing ticket

@digiwand digiwand closed this Sep 30, 2024
@github-actions github-actions bot locked and limited conversation to collaborators Sep 30, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jpuri jpuri jpuri requested changes

Assignees
No one assigned
Labels
team-confirmations Push issues to confirmations team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: Permit pages may render for TypedSign signatures without "Spender" field
3 participants
@digiwand @metamaskbot @jpuri