Handle SIWE domain mismatch error by digiwand · Pull Request #18184 · MetaMask/metamask-extension

digiwand · 2023-03-16T09:54:09Z

Explanation

** This PR is placed on hold while we plan how we'd like to update Sign-in with Ethereum guardrails **

Fixes #17707
Related to #16616

Handle SIWE mismatched domain error and return the appropriate RPC error.

Todo:

Add support for SIWE mismatched domains. Mismatched domains are useful for development. Some ideas to support this:
- Add development-mode feature in settings
- Enable mismatched domains with a warning, and add an optional blocklist to disable mismatched domains for particular domains
Write tests

Screenshots/Screencaps

Before

SIWE.mov

After

Screen.Recording.2023-03-16.at.2.52.09.AM.mov

Manual Testing Steps

Login to the extension
Navigate to the test dapp
Click Sign In With Ethereum (Bad Account)
Check the console

Pre-merge author checklist

I've clearly explained:
- What problem this PR is solving
- How this problem was solved
- How reviewers can test my changes
Sufficient automated test coverage has been added

Pre-merge reviewer checklist

Manual testing (e.g. pull and build branch, run in browser, test code being changed)
PR is linked to the appropriate GitHub issue
IF this PR fixes a bug in the release milestone, add this PR to the release milestone

If further QA is required (e.g. new feature, complex testing steps, large refactor), add the Extension QA Board label.

In this case, a QA Engineer approval will be be required.

- throws and handles rpc error - no longer throws uncaught error

github-actions · 2023-03-16T09:54:25Z

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

legobeat · 2023-03-16T10:27:12Z

app/scripts/metamask-controller.js

+    msgParams.siwe = siwe;
+
+    if (siwe.isSIWEMessage && req.origin) {
+      const { host } = new URL(req.origin);
+      if (siwe.parsedMessage.domain !== host) {
+        throw ethErrors.rpc.invalidParams(
+          `SIWE domain is not valid: "${host}" !== "${siwe.parsedMessage.domain}"`,
+        );
+      }
+    }


Not every message is SIWE, right?

Suggested change

msgParams.siwe = siwe;

if (siwe.isSIWEMessage && req.origin) {

const { host } = new URL(req.origin);

if (siwe.parsedMessage.domain !== host) {

throw ethErrors.rpc.invalidParams(

`SIWE domain is not valid: "${host}" !== "${siwe.parsedMessage.domain}"`,

);

}

}

if (siwe) {

if (siwe.isSIWEMessage && req.origin) {

const { host } = new URL(req.origin);

if (siwe.parsedMessage.domain !== host) {

throw ethErrors.rpc.invalidParams(

`SIWE domain is not valid: "${host}" !== "${siwe.parsedMessage.domain}"`,

);

}

}

msgParams.siwe = siwe;

}

Correct. I'm unfamiliar with the decision to add the siwe property to msgParams for non-SIWE, but it appears detectSIWE returns an object with the check included as a boolean property

In this case, siwe will pass the condition for non-SIWE messages as well

@skgbafa, do you know if the siwe msgParams property is being used for non-SIWE? is this a property we can remove for non-SIWE?

- unblocks mismatched domain support - we may re-add error handling here #18184 - reverts logic from #16616

…disable domain binding (#18200) * siwe: re-enable warning UI for mismatched domains - unblocks mismatched domain support - we may re-add error handling here #18184 - reverts logic from #16616 * siwe: fix mismatch domain warning msg UI * lint: rm whitespace EOL * siwe: rm unit test * lint: fix whitespace * Revert "siwe: rm unit test" This reverts commit c80a4a2. --------- Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>

…n with Ethereum page (#18207) * siwe: re-enable warning UI for mismatched domains - unblocks mismatched domain support - we may re-add error handling here #18184 - reverts logic from #16616 * siwe: fix mismatch domain warning msg UI * lint: rm whitespace EOL * siwe: rm unit test * lint: fix whitespace * Icon: support .mm-icon - apply to SIWE actionable-message - .mm-icon is a <span> * lint: fix newline * Revert "siwe: rm unit test" This reverts commit c80a4a2. * ActionableMessage: add deprecation * siwe: replace actionable-msg w/ banner-alert * ActionableMessage: add param for lint * revert .mm_icon ActionableMessage support * siwe: create tests * siwe: fix typo in tests * siwe: fix - do not allow nested <p> elements * Update ui/components/app/signature-request-siwe/signature-request-siwe.js Co-authored-by: George Marshall <george.marshall@consensys.net> * Update ui/components/app/signature-request-siwe/signature-request-siwe.js Co-authored-by: George Marshall <george.marshall@consensys.net> * eslint fix --------- Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com> Co-authored-by: George Marshall <george.marshall@consensys.net>

…disable domain binding (#18200) * siwe: re-enable warning UI for mismatched domains - unblocks mismatched domain support - we may re-add error handling here #18184 - reverts logic from #16616 * siwe: fix mismatch domain warning msg UI * lint: rm whitespace EOL * siwe: rm unit test * lint: fix whitespace * Revert "siwe: rm unit test" This reverts commit c80a4a2. --------- Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>

digiwand · 2023-04-20T18:21:13Z

closing for now. We may resurrect logic from this PR when we strict enforce domain-binding with the developer-mode feature. More details here #18191

siwe: fix rpx error handling

bf9c02c

- throws and handles rpc error - no longer throws uncaught error

legobeat reviewed Mar 16, 2023

View reviewed changes

siwe: improve rpc error message

8020ebc

digiwand added a commit that referenced this pull request Mar 16, 2023

siwe: re-enable warning UI for mismatched domains

d924916

- unblocks mismatched domain support - we may re-add error handling here #18184 - reverts logic from #16616

digiwand mentioned this pull request Mar 16, 2023

Sign in with Ethereum: re-enable warning UI for mismatched domains / disable domain binding #18200

Merged

8 tasks

digiwand added area-signatures team-confirmations-secure-ux-PR PRs from the confirmations team labels Mar 24, 2023

digiwand closed this Apr 20, 2023

github-actions bot locked and limited conversation to collaborators Apr 20, 2023

digiwand deleted the fix-siwe-rpc-err-handling branch January 16, 2024 16:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Handle SIWE domain mismatch error#18184

Handle SIWE domain mismatch error#18184
digiwand wants to merge 2 commits intodevelopfrom
fix-siwe-rpc-err-handling

digiwand commented Mar 16, 2023 •

edited

Loading

Uh oh!

github-actions bot commented Mar 16, 2023

Uh oh!

legobeat Mar 16, 2023 •

edited

Loading

Uh oh!

digiwand Mar 16, 2023

Uh oh!

digiwand Mar 16, 2023

Uh oh!

digiwand Mar 16, 2023

Uh oh!

digiwand commented Apr 20, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

digiwand commented Mar 16, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Explanation

Screenshots/Screencaps

Before

After

Manual Testing Steps

Pre-merge author checklist

Pre-merge reviewer checklist

Uh oh!

github-actions bot commented Mar 16, 2023

Uh oh!

legobeat Mar 16, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

digiwand Mar 16, 2023

Choose a reason for hiding this comment

Uh oh!

digiwand Mar 16, 2023

Choose a reason for hiding this comment

Uh oh!

digiwand Mar 16, 2023

Choose a reason for hiding this comment

Uh oh!

digiwand commented Apr 20, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

digiwand commented Mar 16, 2023 •

edited

Loading

legobeat Mar 16, 2023 •

edited

Loading