Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dynamic Permissions #111
Dynamic Permissions #111
Changes from 4 commits
28cac41
257e6b4
3cc9db3
43488f7
8f689da
a630e93
4386519
6f9b141
File filter
Filter by extension
Conversations
Jump to
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With the exception of
eth_accounts
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that is true. But
eth_accounts
is kind of an edge-case right now. We should probably require it being put intodynamicPermissions
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That would be a new permission? Right now we just require that they request
endowment:ethereum-provider
, so it's like a dynamic permission on top of a static one.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
eth_accounts
is an edge-case because it is technically a permission that is granted when using certain RPC methods withendowment:ethereum-provider
. It is not inherently granted just by having the endowment.We could choose to enforce that you need to have it as part of
dynamicPermissions
to grant it viaendowment:ethereum-provider
. We could also choose to keep it as the edge-case that it is.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I do wonder if we have created a strange design pattern with the current approach. What if a Snap just wants
eth_accounts
and is requestingendowment:ethereum-provider
just for that, and not using anything else that the endowment offers? Maybe it should be a separate endowment that must be defined indynamicPermissions
and is never ininitialPermissions
. Assuming this change would be in manifest version 0.2 and would not be backwards compatible.To be clear I am comfortable punting on this topic, leaving
eth_accounts
as a special edge case and solving this in a separate effort.