New Action on the GatorPermissionsController to Allow the Consumer to SubmitRevocation#6713
Merged
New Action on the GatorPermissionsController to Allow the Consumer to SubmitRevocation#6713
Conversation
hanzel98
force-pushed
the
chore/revokation-rpc-request
branch
2 times, most recently
from
c86dca7 to
1833a20
Compare
hanzel98
force-pushed
the
chore/revokation-rpc-request
branch
from
595f36d to
0a44e3c
Compare
hanzel98
requested review from
MoMannn,
V00D00-child,
jeffsmale90 and
mj-kiwi
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
hanzel98
force-pushed
the
chore/revokation-rpc-request
branch
from
da91f33 to
61b8900
Compare
MoMannn
requested changes
Oct 27, 2025
Contributor
MoMannn
left a comment
MoMannn
left a comment
There was a problem hiding this comment.
Add changes to CHANGELOG.md under ## [Unreleased].
MoMannn
requested changes
Oct 27, 2025
packages/gator-permissions-controller/src/GatorPermissionsController.ts
Outdated
Show resolved
Hide resolved
…he consumer to submitRevocation
- Add RevocationParams type with delegationHash field - Add PermissionProviderSubmitRevocation RPC method enum - Implement submitRevocation method with proper error handling - Add comprehensive test suite with 100% coverage - Export new types in public API This enables MetaMask clients to submit permission revocations through the gator permissions provider snap using the permissionsProvider_submitRevocation RPC method.
hanzel98
force-pushed
the
chore/revokation-rpc-request
branch
from
68fe787 to
6999403
Compare
hanzel98
force-pushed
the
chore/revokation-rpc-request
branch
from
4985f70 to
7b7535f
Compare
4 tasks
jeffsmale90
reviewed
Nov 3, 2025
packages/gator-permissions-controller/src/GatorPermissionsController.ts
Outdated
Show resolved
Hide resolved
| params, | ||
| }: { | ||
| snapId: SnapId; | ||
| params?: Json; |
Contributor
There was a problem hiding this comment.
Should we have a more specific type for the params? I guess it's params for a specific method, so we should always know the type, and leaving it as Json is opening us up for bugs.
| */ | ||
| public async fetchAndUpdateGatorPermissions(): Promise<GatorPermissionsMap> { | ||
| public async fetchAndUpdateGatorPermissions( | ||
| params?: Json, |
Contributor
There was a problem hiding this comment.
same question regarding typing of params
packages/gator-permissions-controller/src/GatorPermissionsController.ts
Outdated
Show resolved
Hide resolved
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
MoMannn
approved these changes
Nov 4, 2025
4 tasks
V00D00-child
added a commit
that referenced
this pull request
Nov 4, 2025
## Explanation Expose the list of pending revocations in the state to allow MM clients to create custom selectors that filter on `pendingRevocations` to determine whether the revoke CTA should show the "pending" status. - A revocation is added to `pendingRevocations` state on calls to `addPendingRevocation()` - A revocation is removed from `pendingRevocations` state given a `transactionId` when the handler's `cleanup()` function is executed. ## References Forked from #6713 ## Checklist - [x] I've updated the test suite for new or updated code as appropriate - [x] I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate - [x] I've communicated my changes to consumers by [updating changelogs for packages I've changed](https://github.com/MetaMask/core/tree/main/docs/contributing.md#updating-changelogs), highlighting breaking changes as necessary - [x] I've prepared draft pull requests for clients and consumer packages to resolve any breaking changes <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Adds `pendingRevocations` to controller state with lifecycle management via `addPendingRevocation` and `submitRevocation`, updating metadata, tests, and changelog. > > - **GatorPermissionsController**: > - **State**: Add `pendingRevocations: { txId: string; permissionContext: Hex }[]` with default `[]` and UI exposure in metadata. > - **API**: > - New getter `pendingRevocations`. > - `addPendingRevocation` now appends to state immediately and cleans up on confirm/fail/drop/timeout by `txId`. > - `submitRevocation` submits to Snap and removes entry by `permissionContext` on success. > - **Internals**: Add private helpers to add/remove pending revocations; import `Hex` type. > - **Tests**: Update snapshots, add coverage for pending revocations lifecycle and getter. > - **Docs**: Update `CHANGELOG.md` to note exposed pending revocations and related actions. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 77e676e. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY -->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Explanation
What is the current state of things and why does it need to change?
The GatorPermissionsController currently provides functionality to fetch, enable, disable, and decode gator permissions, but it lacks the ability to revoke permissions. This missing capability prevents MetaMask clients from providing users with a complete permission management experience where they can not only grant permissions but also revoke them when needed.
What is the solution your changes offer and how does it work?
This PR adds a new
submitRevocationaction to the GatorPermissionsController that allows consumers (MetaMask clients) to submit permission revocations through the gator permissions provider snap. The implementation:RevocationParamstype that accepts adelegationHash(hex string) to identify the permission to revokesubmitRevocationmethod that forwards the revocation request to the gator permissions provider snap using thepermissionsProvider_submitRevocationRPC methodGatorPermissionsNotEnabledErrorandGatorPermissionsProviderError)Are there any changes whose purpose might not obvious to those unfamiliar with the domain?
The
delegationHashparameter is a unique identifier for ERC-7715 delegations/permissions that allows the snap to locate and revoke the specific permission. This hash-based approach is standard in the ERC-7715 delegation framework for permission management.References
[Related to ]
This PR depends on this other PR of the permissions-controller #6713
Checklist
Note: The changelog item should be checked off after updating the CHANGELOG.md file, and the last item can be checked as N/A since this is a new feature addition with no breaking changes.
Note
Adds
submitRevocationandaddPendingRevocationactions, optional fetch filters, and integrates TransactionController events for revocation flow.submitRevocation(submits revocations to snap) andaddPendingRevocation(queues until tx confirmation; cleans up on fail/drop/timeout).TransactionControllerevents:transactionConfirmed,transactionFailed,transactionDropped.fetchAndUpdateGatorPermissionsto accept optional filterparamsforwarded to snap.permissionsProvider_submitRevocation.RevocationParams,PendingRevocationParams; extendStoredGatorPermission*with optionalisRevoked.src/index.ts.submitRevocation, andaddPendingRevocation(including event-driven and error paths).@metamask/transaction-controller; update TS project references to include transaction-controller.Written by Cursor Bugbot for commit 2774c30. This will update automatically on new commits. Configure here.