Skip to content

feat: enhance permission rules with payee enforcers#8668

Draft
mj-kiwi wants to merge 2 commits intomainfrom
feat/payee-rule
Draft

feat: enhance permission rules with payee enforcers#8668
mj-kiwi wants to merge 2 commits intomainfrom
feat/payee-rule

Conversation

@mj-kiwi
Copy link
Copy Markdown
Contributor

@mj-kiwi mj-kiwi commented May 4, 2026

Explanation

The snap now encodes payee-restricting caveats when creating permissions. This PR adds the decoding counterpart so the controller can read back payee restrictions from on-chain permission contexts.

  • Single payee: AllowedTargetsEnforcer (native) or AllowedCalldataEnforcer (ERC-20) restricts the payment recipient to a single address.
  • Multiple payees: Individual caveats wrapped in LogicalOrWrapperEnforcer.
  • Extracts a payee rule ({ type: 'payee', data: { addresses: Hex[] } }) following the same pattern as the existing redeemer rule.

Scope: all 7 execution permission types (native-token-stream, native-token-periodic, erc20-token-stream, erc20-token-periodic, native-token-allowance, erc20-token-allowance, erc20-token-revocation).

References

Changelog entry

@metamask/gator-permissions-controller

Added

  • Support payee-restricting caveats when decoding execution permissions
    • Permission decoding now recognizes AllowedTargetsEnforcer, AllowedCalldataEnforcer, and LogicalOrWrapperEnforcer as optional caveats for payee extraction on execution permission types and extracts a payee rule containing the allowlisted addresses.
    • Export new EXECUTION_PERMISSION_PAYEE_RULE_TYPE constant and PayeeRule type.

Checklist

  • I've updated the test suite for new or updated code as appropriate
  • I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
  • I've communicated my changes to consumers by updating changelogs for packages I've changed
  • I've introduced breaking changes in this PR and have prepared draft pull requests for clients and consumer packages to resolve them

@mj-kiwi
feat: enhance permission rules with payee enforcers
7bc3e65 
- Added support for payee enforcers in makePermissionRule, allowing for extraction of allowedCalldata and allowedTargets addresses.
- Updated native token rules (allowance, periodic, stream) to include payee enforcers.
- Introduced new PayeeRule type for execution permission rules.
- Modified utility functions to handle new payee enforcer logic.
- Updated tests to validate the inclusion of new enforcers in permission rules.
@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 4, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​metamask/​delegation-core@​1.1.0 ⏵ 0.0.0-use.local100 +1100100100 +7100
Updated@​metamask/​delegation-deployments@​0.12.0 ⏵ 0.0.0-use.local100 +1100100 +23100 +5100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mj-kiwi