feat: align with 7715 specification #7603
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…pport-7715-discoverability-methods
7 tasks
mj-kiwi
reviewed
Jan 13, 2026
packages/eth-json-rpc-middleware/src/methods/wallet-get-granted-execution-permissions.ts
Show resolved
Hide resolved
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
packages/eth-json-rpc-middleware/src/methods/wallet-get-granted-execution-permissions.ts
Outdated
Show resolved
Hide resolved
mj-kiwi
previously approved these changes
Jan 13, 2026
MoMannn
moved this from Needs dev review
to Has approvals, needs CODEOWNER
in PR review queue
github-project-automation
bot
moved this from Has approvals, needs CODEOWNER
to Review finalised - Ready to be merged
in PR review queue
MoMannn
changed the title
ffmcgee725
approved these changes
Jan 14, 2026
mcmire
approved these changes
Jan 14, 2026
jiexi
reviewed
Jan 14, 2026
|
|
||
| const { params } = request; | ||
|
|
||
| validateParams(params, GetGrantedExecutionPermissionsParamsStruct); |
Contributor
There was a problem hiding this comment.
we can probably just forgo validation in this case?
jiexi
reviewed
Jan 14, 2026
|
|
||
| ### Added | ||
|
|
||
| - Support for `wallet_getSupportedExecutionPermissions` and `wallet_getGrantedExecutionPermissions` RPC methods ([#7603](https://github.com/MetaMask/core/pull/7603)) |
Contributor
There was a problem hiding this comment.
PermissionDependency is also exported now
jiexi
reviewed
Jan 14, 2026
|
|
||
| const REQUEST_MOCK = { | ||
| params: [], | ||
| } as unknown as JsonRpcRequest; |
Contributor
There was a problem hiding this comment.
nit. if we add, id, jsonrpc, and method, we can drop the typecast here and the several below. Seems like the trouble might be worth it
jiexi
approved these changes
Jan 14, 2026
github-merge-queue bot
pushed a commit
to MetaMask/metamask-extension
that referenced
this pull request
Jan 21, 2026
## **Description** This PR updates the codebase to align with API changes in the `@metamask/gator-permissions-controller` package. **Reason for the change:** The upstream `@metamask/gator-permissions-controller` package has updated its type definitions and data structures. This PR ensures compatibility with those changes. **Changes included:** 1. **Type simplification**: Removed the `Signer` generic parameter from `StoredGatorPermissionSanitized<Signer, PermissionTypesWithCustom>` → `StoredGatorPermissionSanitized<PermissionTypesWithCustom>` across all files (selectors, hooks, components, and tests). 2. **Data structure updates**: - `permissionResponse.address` → `permissionResponse.from` (delegator address) - `decodedPermission.signer.data.address` → `decodedPermission.to` (delegate/recipient address) - `permissionResponse.signerMeta.delegationManager` → `permissionResponse.delegationManager` (flattened structure) - `permission.rules` → `permissionResponse.rules` (rules array location change) 3. **New RPC methods**: Added support for two new unrestricted methods: - `wallet_getSupportedExecutionPermissions` - Returns supported permission types (filtered by enabled advanced permissions) - `wallet_getGrantedExecutionPermissions` - Returns granted execution permissions [](https://codespaces.new/MetaMask/metamask-extension/pull/39176?quickstart=1) ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: Added support for `wallet_getSupportedExecutionPermissions` and `wallet_getGrantedExecutionPermissions` RPC methods. CHANGELOG entry: Updated to latest 7715 standart. ## **Related issues** Depends on: MetaMask/core#7603 Relates to: MetaMask/snap-7715-permissions#249 Requires: MetaMask/core#7634 Requires: MetaMask/snap-7715-permissions#254 ## **Manual testing steps** For manual testing check: MetaMask/snap-7715-permissions#249 ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Updates codebase to the 7715/gator-permissions v1 API and introduces execution-permissions query RPCs. > > - Refactors to `@metamask/gator-permissions-controller@^1.0.0`: remove `Signer` generic, move `permission.rules` to `permissionResponse.rules`, rename `permissionResponse.address`→`from`, `signerMeta.delegationManager`→`delegationManager`, and decoded permission `signer...address`→`to`; applies across hooks, selectors, components, and tests > - Adds `wallet_getSupportedExecutionPermissions` (filters by enabled advanced types) and `wallet_getGrantedExecutionPermissions`; wires through `createMetamaskMiddleware` and forwards to the permissions kernel snap > - Bumps related deps (`eth-json-rpc-middleware@^23`, `permissions-kernel-snap@^1.0.0`, `signature-controller@^39`, `shield-controller@^5`, etc.) and adjusts LavaMoat policies to use the updated middleware pathing > - Updates PPOM/confirmation tests and stories to the new permission shape; no functional changes beyond API alignment > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit a522169. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
github-merge-queue bot
pushed a commit
to MetaMask/metamask-extension
that referenced
this pull request
Jan 21, 2026
## **Description** This PR updates the codebase to align with API changes in the `@metamask/gator-permissions-controller` package. **Reason for the change:** The upstream `@metamask/gator-permissions-controller` package has updated its type definitions and data structures. This PR ensures compatibility with those changes. **Changes included:** 1. **Type simplification**: Removed the `Signer` generic parameter from `StoredGatorPermissionSanitized<Signer, PermissionTypesWithCustom>` → `StoredGatorPermissionSanitized<PermissionTypesWithCustom>` across all files (selectors, hooks, components, and tests). 2. **Data structure updates**: - `permissionResponse.address` → `permissionResponse.from` (delegator address) - `decodedPermission.signer.data.address` → `decodedPermission.to` (delegate/recipient address) - `permissionResponse.signerMeta.delegationManager` → `permissionResponse.delegationManager` (flattened structure) - `permission.rules` → `permissionResponse.rules` (rules array location change) 3. **New RPC methods**: Added support for two new unrestricted methods: - `wallet_getSupportedExecutionPermissions` - Returns supported permission types (filtered by enabled advanced permissions) - `wallet_getGrantedExecutionPermissions` - Returns granted execution permissions [](https://codespaces.new/MetaMask/metamask-extension/pull/39176?quickstart=1) ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: Added support for `wallet_getSupportedExecutionPermissions` and `wallet_getGrantedExecutionPermissions` RPC methods. CHANGELOG entry: Updated to latest 7715 standart. ## **Related issues** Depends on: MetaMask/core#7603 Relates to: MetaMask/snap-7715-permissions#249 Requires: MetaMask/core#7634 Requires: MetaMask/snap-7715-permissions#254 ## **Manual testing steps** For manual testing check: MetaMask/snap-7715-permissions#249 ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Updates codebase to the 7715/gator-permissions v1 API and introduces execution-permissions query RPCs. > > - Refactors to `@metamask/gator-permissions-controller@^1.0.0`: remove `Signer` generic, move `permission.rules` to `permissionResponse.rules`, rename `permissionResponse.address`→`from`, `signerMeta.delegationManager`→`delegationManager`, and decoded permission `signer...address`→`to`; applies across hooks, selectors, components, and tests > - Adds `wallet_getSupportedExecutionPermissions` (filters by enabled advanced types) and `wallet_getGrantedExecutionPermissions`; wires through `createMetamaskMiddleware` and forwards to the permissions kernel snap > - Bumps related deps (`eth-json-rpc-middleware@^23`, `permissions-kernel-snap@^1.0.0`, `signature-controller@^39`, `shield-controller@^5`, etc.) and adjusts LavaMoat policies to use the updated middleware pathing > - Updates PPOM/confirmation tests and stories to the new permission shape; no functional changes beyond API alignment > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit a522169. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
](https://codespaces.new/MetaMask/metamask-extension/pull/39176?quickstart=1){kind=link}
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Explanation
What is the current state of things and why does it need to change?
The
@metamask/eth-json-rpc-middlewarepackage currently supports two EIP-7715 methods:wallet_requestExecutionPermissions— for requesting new execution permissionswallet_revokeExecutionPermission— for revoking existing execution permissionsHowever, the EIP-7715 specification also defines two additional "discoverability" methods that allow dApps to query the wallet about its execution permission capabilities. Without these methods, dApps have no way to:
What is the solution your changes offer and how does it work?
This PR adds support for the two missing EIP-7715 discoverability methods:
wallet_getSupportedExecutionPermissions— Returns an object keyed by permission type (e.g.,native-token-allowance,erc20-token-allowance) with their supported chain IDs and rule types. This allows dApps to understand what the wallet can handle before making permission requests.wallet_getGrantedExecutionPermissions— Returns an array of all currently active (non-revoked) execution permissions. Each permission includes chain ID, addresses, permission details, context, dependencies, and delegation manager information.The implementation follows the established patterns in this package:
createWallet*Handler)EIP-7715 spec alignment for
wallet_requestExecutionPermissionsThe request/response schema has been updated to align with the latest EIP-7715 specification:
address+signer: { type, data: { address } }structure with flatfrom(optional) andto(required) fieldsisAdjustmentAllowedfrom rules: This property is only relevant at the permission level, not individual rulesdependencies(array of{ factory, factoryData }) anddelegationManagerto the responsePermissionDependencytype export for consumersGrantedExecutionPermissionStructto useHexChecksumAddressStructfor address fieldsAre there any changes whose purpose might not obvious to those unfamiliar with the domain?
The handlers don't perform parameter validation since these methods don't accept parameters (they're pure query methods). This is intentional and differs from
wallet_requestExecutionPermissionsandwallet_revokeExecutionPermissionwhich validate their params using Superstruct schemas.References
Checklist
Note
Implements EIP-7715 discoverability methods and integrates them into the wallet middleware.
createWalletGetSupportedExecutionPermissionsHandlerandcreateWalletGetGrantedExecutionPermissionsHandlerusing hook-based processing andNoParamsStructvalidationindex.ts(SupportedExecutionPermissionConfig*,GrantedExecutionPermission*, results)EmptyArrayStruct/NoParamsStructinutils/structsfor "no params" validationcreateWalletMiddlewarevia optionalprocessGet*hooksWritten by Cursor Bugbot for commit 8e94f86. This will update automatically on new commits. Configure here.