From 1d83e1f92824ddc64a822902328210ad79800b55 Mon Sep 17 00:00:00 2001
From: Dan J Miller <danjm.com@gmail.com>
Date: Mon, 18 Dec 2023 09:19:22 -0330
Subject: [PATCH] Cherry-pick of 'Ensure user is prompted for password during
 reminder based backup (#22307)' into v11.7.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

During the backup flow, we should prompt a user for a password. This
provides extra friction during a security sensitive step.

1. Build, install and onboard
2. Make sure to back up your seed phrase during onboarding. Onboarding
should work as normal
3. Once you get to the home screen, replace `home.html` in the url
browsers url bar with
`home.html#onboarding/secure-your-wallet/?isFromReminder=true` and press
enter
4. Click "Secure my wallet"
5. You should then be prompted to enter your password.
6. After entering your password, you should be able to proceed as normal

If you repeat those steps but click cancel when being prompted to enter
your password, you should be taken to the home screen.

If you repeat those steps, but on step 2 don't back up your seed phrase,
the remaining steps should work as described above.

https://github.com/MetaMask/metamask-extension/assets/7499938/ac8b5dfb-ca7b-4622-95b8-07db5405abfe

- [ ] I’ve followed [MetaMask Coding
Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md).
- [ ] I've clearly explained what problem this PR is solving and how it
is solved.
- [ ] I've linked related issues
- [ ] I've included manual testing steps
- [ ] I've included screenshots/recordings if applicable
- [ ] I’ve included tests if applicable
- [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [ ] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.
- [ ] I’ve properly set the pull request status:
  - [ ] In case it's not yet "ready for review", I've set it to "draft".
- [ ] In case it's "ready for review", I've changed it from "draft" to
"non-draft".

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.

---------

Co-authored-by: Pedro Figueiredo <pedro.figueiredo@consensys.net>
---
 ...ring-controller-npm-8.0.3-63afac5958.patch | 12 +++
 app/scripts/metamask-controller.js            |  7 +-
 app/scripts/metamask-controller.test.js       |  8 +-
 package.json                                  |  2 +-
 test/e2e/tests/incremental-security.spec.js   | 13 ++-
 ui/components/app/reveal-SRP-modal/index.js   |  1 +
 .../app/reveal-SRP-modal/reveal-SRP-modal.js  | 88 +++++++++++++++++++
 ui/pages/onboarding-flow/onboarding-flow.js   | 29 +++---
 .../onboarding-flow/onboarding-flow.test.js   |  1 -
 ui/store/actions.test.js                      |  6 +-
 ui/store/actions.ts                           | 11 +--
 yarn.lock                                     | 24 ++++-
 12 files changed, 167 insertions(+), 35 deletions(-)
 create mode 100644 .yarn/patches/@metamask-keyring-controller-npm-8.0.3-63afac5958.patch
 create mode 100644 ui/components/app/reveal-SRP-modal/index.js
 create mode 100644 ui/components/app/reveal-SRP-modal/reveal-SRP-modal.js

diff --git a/.yarn/patches/@metamask-keyring-controller-npm-8.0.3-63afac5958.patch b/.yarn/patches/@metamask-keyring-controller-npm-8.0.3-63afac5958.patch
new file mode 100644
index 000000000000..4eb1771d1423
--- /dev/null
+++ b/.yarn/patches/@metamask-keyring-controller-npm-8.0.3-63afac5958.patch
@@ -0,0 +1,12 @@
+diff --git a/dist/KeyringController.js b/dist/KeyringController.js
+index fc1c30d4e23badb803242eee5cac65ece8de172b..57d0067cbe551fc0cea986daedf95344dd41fa14 100644
+--- a/dist/KeyringController.js
++++ b/dist/KeyringController.js
+@@ -645,7 +645,6 @@ class KeyringController extends base_controller_1.BaseControllerV2 {
+                     throw new Error('Seed phrase imported different accounts.');
+                 }
+             });
+-            return seedWords;
+         });
+     }
+     // QR Hardware related methods
diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js
index e663c4892d8f..077090dc9c56 100644
--- a/app/scripts/metamask-controller.js
+++ b/app/scripts/metamask-controller.js
@@ -2608,7 +2608,7 @@ export default class MetamaskController extends EventEmitter {
 
       // primary keyring management
       addNewAccount: this.addNewAccount.bind(this),
-      verifySeedPhrase: this.verifySeedPhrase.bind(this),
+      getSeedPhrase: this.getSeedPhrase.bind(this),
       resetAccount: this.resetAccount.bind(this),
       removeAccount: this.removeAccount.bind(this),
       importAccountWithStrategy: this.importAccountWithStrategy.bind(this),
@@ -3798,12 +3798,13 @@ export default class MetamaskController extends EventEmitter {
    *
    * Called when the first account is created and on unlocking the vault.
    *
+   * @param password
    * @returns {Promise<number[]>} The seed phrase to be confirmed by the user,
    * encoded as an array of UTF-8 bytes.
    */
-  async verifySeedPhrase() {
+  async getSeedPhrase(password) {
     return this._convertEnglishWordlistIndicesToCodepoints(
-      await this.keyringController.verifySeedPhrase(),
+      await this.keyringController.exportSeedPhrase(password),
     );
   }
 
diff --git a/app/scripts/metamask-controller.test.js b/app/scripts/metamask-controller.test.js
index b9e97c82a463..871857f99d67 100644
--- a/app/scripts/metamask-controller.test.js
+++ b/app/scripts/metamask-controller.test.js
@@ -925,10 +925,10 @@ describe('MetaMaskController', () => {
       });
     });
 
-    describe('#verifyseedPhrase', () => {
-      it('errors when no keying is provided', async () => {
-        await expect(metamaskController.verifySeedPhrase()).rejects.toThrow(
-          'No HD keyring found',
+    describe('#getSeedPhrase', () => {
+      it('errors when no password is provided', async () => {
+        await expect(metamaskController.getSeedPhrase()).rejects.toThrow(
+          'KeyringController - Cannot unlock without a previous vault.',
         );
       });
 
diff --git a/package.json b/package.json
index c203c6483d3f..5862028afd98 100644
--- a/package.json
+++ b/package.json
@@ -265,7 +265,7 @@
     "@metamask/jazzicon": "^2.0.0",
     "@metamask/key-tree": "^9.0.0",
     "@metamask/keyring-api": "^1.0.0",
-    "@metamask/keyring-controller": "^8.0.3",
+    "@metamask/keyring-controller": "patch:@metamask/keyring-controller@npm%3A8.0.3#~/.yarn/patches/@metamask-keyring-controller-npm-8.0.3-63afac5958.patch",
     "@metamask/logging-controller": "^1.0.1",
     "@metamask/logo": "^3.1.2",
     "@metamask/message-manager": "^7.3.0",
diff --git a/test/e2e/tests/incremental-security.spec.js b/test/e2e/tests/incremental-security.spec.js
index 48ac135423b3..7c7346c52561 100644
--- a/test/e2e/tests/incremental-security.spec.js
+++ b/test/e2e/tests/incremental-security.spec.js
@@ -2,6 +2,8 @@ const { strict: assert } = require('assert');
 const { convertToHexValue, withFixtures, openDapp } = require('../helpers');
 const FixtureBuilder = require('../fixture-builder');
 
+const WALLET_PASSWORD = 'correct horse battery staple';
+
 describe('Incremental Security', function () {
   const ganacheOptions = {
     accounts: [
@@ -124,7 +126,16 @@ describe('Incremental Security', function () {
 
         // reveals the Secret Recovery Phrase
         await driver.clickElement('[data-testid="secure-wallet-recommended"]');
-        await driver.clickElement('[data-testid="recovery-phrase-reveal"]');
+
+        await driver.fill('[placeholder="Password"]', WALLET_PASSWORD);
+        await driver.clickElement({ text: 'Confirm', tag: 'button' });
+        await driver.waitForElementNotPresent('.mm-modal-overlay');
+
+        const recoveryPhraseRevealButton = await driver.findClickableElement(
+          '[data-testid="recovery-phrase-reveal"]',
+        );
+        await recoveryPhraseRevealButton.click();
+
         const chipTwo = await (
           await driver.findElement('[data-testid="recovery-phrase-chip-2"]')
         ).getText();
diff --git a/ui/components/app/reveal-SRP-modal/index.js b/ui/components/app/reveal-SRP-modal/index.js
new file mode 100644
index 000000000000..0d5246dcfd0e
--- /dev/null
+++ b/ui/components/app/reveal-SRP-modal/index.js
@@ -0,0 +1 @@
+export { default } from './reveal-SRP-modal';
diff --git a/ui/components/app/reveal-SRP-modal/reveal-SRP-modal.js b/ui/components/app/reveal-SRP-modal/reveal-SRP-modal.js
new file mode 100644
index 000000000000..dabdf2e062d4
--- /dev/null
+++ b/ui/components/app/reveal-SRP-modal/reveal-SRP-modal.js
@@ -0,0 +1,88 @@
+import PropTypes from 'prop-types';
+import React, { useCallback, useState } from 'react';
+import {
+  Display,
+  TextVariant,
+  FontWeight,
+} from '../../../helpers/constants/design-system';
+import { useI18nContext } from '../../../hooks/useI18nContext';
+import { getSeedPhrase } from '../../../store/actions';
+import {
+  Box,
+  Modal,
+  ModalContent,
+  ModalHeader,
+  ModalOverlay,
+  ButtonPrimary,
+  ButtonSecondary,
+  FormTextField,
+} from '../../component-library';
+
+export default function RevealSRPModal({
+  setSecretRecoveryPhrase,
+  onClose,
+  isOpen,
+}) {
+  const t = useI18nContext();
+
+  const [password, setPassword] = useState('');
+
+  const onSubmit = useCallback(
+    async (_password) => {
+      const seedPhrase = await getSeedPhrase(_password);
+      setSecretRecoveryPhrase(seedPhrase);
+    },
+    [setSecretRecoveryPhrase],
+  );
+
+  return (
+    <Modal isOpen={isOpen} onClose={onClose}>
+      <ModalOverlay />
+      <ModalContent>
+        <ModalHeader onClose={onClose}>{t('revealSeedWords')}</ModalHeader>
+        <Box paddingLeft={4} paddingRight={4}>
+          <form
+            onSubmit={(e) => {
+              e.preventDefault();
+              onSubmit(password);
+            }}
+          >
+            <FormTextField
+              marginTop={6}
+              id="account-details-authenticate"
+              label={t('enterYourPassword')}
+              placeholder={t('password')}
+              onChange={(e) => setPassword(e.target.value)}
+              value={password}
+              variant={TextVariant.bodySm}
+              type="password"
+              labelProps={{ fontWeight: FontWeight.Medium }}
+              autoFocus
+            />
+          </form>
+          <Box display={Display.Flex} marginTop={6} gap={2}>
+            <ButtonSecondary onClick={onClose} block>
+              {t('cancel')}
+            </ButtonSecondary>
+            <ButtonPrimary
+              onClick={() => onSubmit(password)}
+              disabled={password === ''}
+              block
+            >
+              {t('confirm')}
+            </ButtonPrimary>
+          </Box>
+        </Box>
+      </ModalContent>
+    </Modal>
+  );
+}
+
+RevealSRPModal.propTypes = {
+  /**
+   * A function to set a secret receovery phrase in the context that is rendering the RevealSRPModal
+   */
+  setSecretRecoveryPhrase: PropTypes.func.isRequired,
+  onClose: PropTypes.func.isRequired,
+  isOpen: PropTypes.bool.isRequired,
+};
diff --git a/ui/pages/onboarding-flow/onboarding-flow.js b/ui/pages/onboarding-flow/onboarding-flow.js
index be6367277758..d6e7accfe7ea 100644
--- a/ui/pages/onboarding-flow/onboarding-flow.js
+++ b/ui/pages/onboarding-flow/onboarding-flow.js
@@ -27,11 +27,11 @@ import {
   createNewVaultAndGetSeedPhrase,
   unlockAndGetSeedPhrase,
   createNewVaultAndRestore,
-  verifySeedPhrase,
 } from '../../store/actions';
 import { getFirstTimeFlowTypeRoute } from '../../selectors';
 import { MetaMetricsContext } from '../../contexts/metametrics';
 import Button from '../../components/ui/button';
+import RevealSRPModal from '../../components/app/reveal-SRP-modal';
 import { useI18nContext } from '../../hooks/useI18nContext';
 import {
   MetaMetricsEventCategory,
@@ -60,7 +60,7 @@ const TWITTER_URL = 'https://twitter.com/MetaMask';
 export default function OnboardingFlow() {
   const [secretRecoveryPhrase, setSecretRecoveryPhrase] = useState('');
   const dispatch = useDispatch();
-  const { pathName, search } = useLocation();
+  const { pathname, search } = useLocation();
   const history = useHistory();
   const t = useI18nContext();
   const completedOnboarding = useSelector(getCompletedOnboarding);
@@ -74,18 +74,6 @@ export default function OnboardingFlow() {
     }
   }, [history, completedOnboarding, isFromReminder]);
 
-  useEffect(() => {
-    const verifyAndSetSeedPhrase = async () => {
-      if (completedOnboarding && !secretRecoveryPhrase) {
-        const verifiedSeedPhrase = await verifySeedPhrase();
-        if (verifiedSeedPhrase) {
-          setSecretRecoveryPhrase(verifiedSeedPhrase);
-        }
-      }
-    };
-    verifyAndSetSeedPhrase();
-  }, [completedOnboarding, secretRecoveryPhrase]);
-
   const handleCreateNewAccount = async (password) => {
     const newSecretRecoveryPhrase = await dispatch(
       createNewVaultAndGetSeedPhrase(password),
@@ -105,8 +93,19 @@ export default function OnboardingFlow() {
     return await dispatch(createNewVaultAndRestore(password, srp));
   };
 
+  const showPasswordModalToAllowSRPReveal =
+    pathname === `${ONBOARDING_REVIEW_SRP_ROUTE}/` &&
+    completedOnboarding &&
+    !secretRecoveryPhrase &&
+    isFromReminder;
+
   return (
     <div className="onboarding-flow">
+      <RevealSRPModal
+        setSecretRecoveryPhrase={setSecretRecoveryPhrase}
+        onClose={() => history.push(DEFAULT_ROUTE)}
+        isOpen={showPasswordModalToAllowSRPReveal}
+      />
       <div className="onboarding-flow__wrapper">
         <Switch>
           <Route
@@ -203,7 +202,7 @@ export default function OnboardingFlow() {
           <Route exact path="*" component={OnboardingFlowSwitch} />
         </Switch>
       </div>
-      {pathName === ONBOARDING_COMPLETION_ROUTE && (
+      {pathname === ONBOARDING_COMPLETION_ROUTE && (
         <Button
           className="onboarding-flow__twitter-button"
           type="link"
diff --git a/ui/pages/onboarding-flow/onboarding-flow.test.js b/ui/pages/onboarding-flow/onboarding-flow.test.js
index 1f42e52eb09e..9ad5ad113c5b 100644
--- a/ui/pages/onboarding-flow/onboarding-flow.test.js
+++ b/ui/pages/onboarding-flow/onboarding-flow.test.js
@@ -30,7 +30,6 @@ jest.mock('../../store/actions', () => ({
   createNewVaultAndGetSeedPhrase: jest.fn().mockResolvedValue(null),
   unlockAndGetSeedPhrase: jest.fn().mockResolvedValue(null),
   createNewVaultAndRestore: jest.fn(),
-  verifySeedPhrase: jest.fn(),
 }));
 
 describe('Onboarding Flow', () => {
diff --git a/ui/store/actions.test.js b/ui/store/actions.test.js
index 7bc9f1b933d6..bc92a21db1a3 100644
--- a/ui/store/actions.test.js
+++ b/ui/store/actions.test.js
@@ -185,7 +185,7 @@ describe('Actions', () => {
       const verifyPassword = background.verifyPassword.callsFake((_, cb) =>
         cb(),
       );
-      const verifySeedPhrase = background.verifySeedPhrase.callsFake((cb) =>
+      const getSeedPhrase = background.getSeedPhrase.callsFake((_, cb) =>
         cb(null, Array.from(Buffer.from('test').values())),
       );
 
@@ -193,14 +193,14 @@ describe('Actions', () => {
 
       await store.dispatch(actions.requestRevealSeedWords());
       expect(verifyPassword.callCount).toStrictEqual(1);
-      expect(verifySeedPhrase.callCount).toStrictEqual(1);
+      expect(getSeedPhrase.callCount).toStrictEqual(1);
     });
 
     it('displays warning error message then callback in background errors', async () => {
       const store = mockStore();
 
       background.verifyPassword.callsFake((_, cb) => cb());
-      background.verifySeedPhrase.callsFake((cb) => {
+      background.getSeedPhrase.callsFake((_, cb) => {
         cb(new Error('error'));
       });
 
diff --git a/ui/store/actions.ts b/ui/store/actions.ts
index 577c5fa3603a..398ff1da17bb 100644
--- a/ui/store/actions.ts
+++ b/ui/store/actions.ts
@@ -220,7 +220,7 @@ export function createNewVaultAndGetSeedPhrase(
 
     try {
       await createNewVault(password);
-      const seedPhrase = await verifySeedPhrase();
+      const seedPhrase = await getSeedPhrase(password);
       return seedPhrase;
     } catch (error) {
       dispatch(displayWarning(error));
@@ -243,7 +243,7 @@ export function unlockAndGetSeedPhrase(
 
     try {
       await submitPassword(password);
-      const seedPhrase = await verifySeedPhrase();
+      const seedPhrase = await getSeedPhrase(password);
       await forceUpdateMetamaskState(dispatch);
       return seedPhrase;
     } catch (error) {
@@ -298,9 +298,10 @@ export function verifyPassword(password: string): Promise<boolean> {
   });
 }
 
-export async function verifySeedPhrase() {
+export async function getSeedPhrase(password: string) {
   const encodedSeedPhrase = await submitRequestToBackground<string>(
-    'verifySeedPhrase',
+    'getSeedPhrase',
+    [password],
   );
   return Buffer.from(encodedSeedPhrase).toString('utf8');
 }
@@ -314,7 +315,7 @@ export function requestRevealSeedWords(
 
     try {
       await verifyPassword(password);
-      const seedPhrase = await verifySeedPhrase();
+      const seedPhrase = await getSeedPhrase(password);
       return seedPhrase;
     } finally {
       dispatch(hideLoadingIndication());
diff --git a/yarn.lock b/yarn.lock
index 41d8821d6f7a..00d84d4b1c81 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4468,7 +4468,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@metamask/keyring-controller@npm:^8.0.3":
+"@metamask/keyring-controller@npm:8.0.3":
   version: 8.0.3
   resolution: "@metamask/keyring-controller@npm:8.0.3"
   dependencies:
@@ -4488,6 +4488,26 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@metamask/keyring-controller@patch:@metamask/keyring-controller@npm%3A8.0.3#~/.yarn/patches/@metamask-keyring-controller-npm-8.0.3-63afac5958.patch":
+  version: 8.0.3
+  resolution: "@metamask/keyring-controller@patch:@metamask/keyring-controller@npm%3A8.0.3#~/.yarn/patches/@metamask-keyring-controller-npm-8.0.3-63afac5958.patch::version=8.0.3&hash=1ad908"
+  dependencies:
+    "@keystonehq/metamask-airgapped-keyring": "npm:^0.13.1"
+    "@metamask/base-controller": "npm:^3.2.3"
+    "@metamask/eth-keyring-controller": "npm:^13.0.1"
+    "@metamask/message-manager": "npm:^7.3.5"
+    "@metamask/preferences-controller": "npm:^4.4.3"
+    "@metamask/utils": "npm:^8.1.0"
+    async-mutex: "npm:^0.2.6"
+    ethereumjs-util: "npm:^7.0.10"
+    ethereumjs-wallet: "npm:^1.0.1"
+    immer: "npm:^9.0.6"
+  peerDependencies:
+    "@metamask/preferences-controller": ^4.4.3
+  checksum: f608bdf408323f233b16fc42b2013ad5de6c8cc8b63173ae1823872821e5c1935822f12209a326856af2a440878948d5e245cdbd557defe9ec4f55428d74cc5c
+  languageName: node
+  linkType: hard
+
 "@metamask/logging-controller@npm:^1.0.1, @metamask/logging-controller@npm:^1.0.3":
   version: 1.0.4
   resolution: "@metamask/logging-controller@npm:1.0.4"
@@ -24330,7 +24350,7 @@ __metadata:
     "@metamask/jazzicon": "npm:^2.0.0"
     "@metamask/key-tree": "npm:^9.0.0"
     "@metamask/keyring-api": "npm:^1.0.0"
-    "@metamask/keyring-controller": "npm:^8.0.3"
+    "@metamask/keyring-controller": "patch:@metamask/keyring-controller@npm%3A8.0.3#~/.yarn/patches/@metamask-keyring-controller-npm-8.0.3-63afac5958.patch"
     "@metamask/logging-controller": "npm:^1.0.1"
     "@metamask/logo": "npm:^3.1.2"
     "@metamask/message-manager": "npm:^7.3.0"