feat: externally_connectable CAIP delivery and enveloping

app/manifest/v2/_barad_dur.json

@@ -0,0 +1,6 @@
+{
+  "externally_connectable": {
+    "matches": ["http://*/*", "https://*/*"],
+    "ids": ["*"]
+  }
+}

app/manifest/v3/_barad_dur.json

@@ -0,0 +1,6 @@
+{
+  "externally_connectable": {
+    "matches": ["http://*/*", "https://*/*"],
+    "ids": ["*"]
+  }
+}

app/scripts/background.js

@@ -43,6 +43,7 @@ import { checkForLastErrorAndLog } from '../../shared/modules/browser-runtime.ut
 import { isManifestV3 } from '../../shared/modules/mv3.utils';
 import { maskObject } from '../../shared/modules/object.utils';
 import { FIXTURE_STATE_METADATA_VERSION } from '../../test/e2e/default-fixture';
+import { createCaipStream } from '../../shared/modules/caip-stream';
 import migrations from './migrations';
 import Migrator from './lib/migrator';
 import ExtensionPlatform from './platforms/extension';
@@ -195,7 +196,8 @@ const sendReadyMessageToTabs = async () => {
 
 // These are set after initialization
 let connectRemote;
-let connectExternal;
+let connectExternalLegacy;
+let connectExternalDapp;
 
 browser.runtime.onConnect.addListener(async (...args) => {
   // Queue up connection attempts here, waiting until after initialization
@@ -208,7 +210,13 @@ browser.runtime.onConnectExternal.addListener(async (...args) => {
   // Queue up connection attempts here, waiting until after initialization
   await isInitialized;
   // This is set in `setupController`, which is called as part of initialization
-  connectExternal(...args);
+  const port = args[0];
+
+  if (port.sender.tab?.id && process.env.BARAD_DUR) {
+    connectExternalDapp(...args);
+  } else {
+    connectExternalLegacy(...args);
+  }
 });
 
 function saveTimestamp() {
@@ -517,6 +525,47 @@ function emitDappViewedMetricEvent(
   }
 }
 
+/**
+ * Track dapp connection when loaded and permissioned
+ *
+ * @param {Port} remotePort - The port provided by a new context.
+ * @param {object} preferencesController - Preference Controller to get total created accounts
+ * @param {object} permissionController - Permission Controller to check if origin is permitted
+ */
+function trackDappView(
+  remotePort,
+  preferencesController,
+  permissionController,
+) {
+  if (!remotePort.sender || !remotePort.sender.tab || !remotePort.sender.url) {
+    return;
+  }
+  const tabId = remotePort.sender.tab.id;
+  const url = new URL(remotePort.sender.url);
+  const { origin } = url;
+
+  // store the orgin to corresponding tab so it can provide infor for onActivated listener
+  if (!Object.keys(tabOriginMapping).includes(tabId)) {
+    tabOriginMapping[tabId] = origin;
+  }
+  const connectSitePermissions = permissionController.state.subjects[origin];
+  // when the dapp is not connected, connectSitePermissions is undefined
+  const isConnectedToDapp = connectSitePermissions !== undefined;
+  // when open a new tab, this event will trigger twice, only 2nd time is with dapp loaded
+  const isTabLoaded = remotePort.sender.tab.title !== 'New Tab';
+
+  // *** Emit DappViewed metric event when ***
+  // - refresh the dapp
+  // - open dapp in a new tab
+  if (isConnectedToDapp && isTabLoaded) {
+    emitDappViewedMetricEvent(
+      origin,
+      connectSitePermissions,
+      preferencesController,
+    );
+  }
+}
+
 /**
  * Initializes the MetaMask Controller with any initial state and default language.
  * Configures platform-specific error reporting strategy.
@@ -734,27 +783,11 @@ export function setupController(
         const url = new URL(remotePort.sender.url);
         const { origin } = url;
 
-        // store the orgin to corresponding tab so it can provide infor for onActivated listener
-        if (!Object.keys(tabOriginMapping).includes(tabId)) {
-          tabOriginMapping[tabId] = origin;
-        }
-        const connectSitePermissions =
-          controller.permissionController.state.subjects[origin];
-        // when the dapp is not connected, connectSitePermissions is undefined
-        const isConnectedToDapp = connectSitePermissions !== undefined;
-        // when open a new tab, this event will trigger twice, only 2nd time is with dapp loaded
-        const isTabLoaded = remotePort.sender.tab.title !== 'New Tab';
-
-        // *** Emit DappViewed metric event when ***
-        // - refresh the dapp
-        // - open dapp in a new tab
-        if (isConnectedToDapp && isTabLoaded) {
-          emitDappViewedMetricEvent(
-            origin,
-            connectSitePermissions,
-            controller.preferencesController,
-          );
-        }
+        trackDappView(
+          remotePort,
+          controller.preferencesController,
+          controller.permissionController,
+        );
 
         remotePort.onMessage.addListener((msg) => {
           if (
@@ -765,12 +798,12 @@ export function setupController(
           }
         });
       }
-      connectExternal(remotePort);
+      connectExternalLegacy(remotePort);
     }
   };
 
   // communication with page or other extension
-  connectExternal = (remotePort) => {
+  connectExternalLegacy = (remotePort) => {
     ///: BEGIN:ONLY_INCLUDE_IF(desktop)
     if (
       DesktopManager.isDesktopEnabled() &&
@@ -789,8 +822,48 @@ export function setupController(
     });
   };
 
+  connectExternalDapp = async (remotePort) => {
+    if (metamaskBlockedPorts.includes(remotePort.name)) {
+      return;
+    }
+
+    // this is triggered when a new tab is opened, or origin(url) is changed
+    if (remotePort.sender && remotePort.sender.tab && remotePort.sender.url) {
+      const tabId = remotePort.sender.tab.id;
+      const url = new URL(remotePort.sender.url);
+      const { origin } = url;
+
+      trackDappView(
+        remotePort,
+        controller.preferencesController,
+        controller.permissionController,
+      );
+
+      // TODO: remove this when we separate the legacy and multichain rpc pipelines
+      remotePort.onMessage.addListener((msg) => {
+        if (
+          msg.type === 'caip-x' &&
+          msg.data &&
+          msg.data.method === MESSAGE_TYPE.ETH_REQUEST_ACCOUNTS
+        ) {
+          requestAccountTabIds[origin] = tabId;
+        }
+      });
+    }
+
+    const portStream =
+      overrides?.getPortStream?.(remotePort) || new PortStream(remotePort);
+
+    const connectionStream = createCaipStream(portStream);
+
+    controller.setupUntrustedCommunication({
+      connectionStream,
+      sender: remotePort.sender,
+    });
+  };
+
   if (overrides?.registerConnectListeners) {
-    overrides.registerConnectListeners(connectRemote, connectExternal);
+    overrides.registerConnectListeners(connectRemote, connectExternalLegacy);
   }
 
   //

app/scripts/inpage.js

@@ -33,13 +33,13 @@ cleanContextForImports();
 /* eslint-disable import/first */
 import log from 'loglevel';
 import { v4 as uuid } from 'uuid';
-import { WindowPostMessageStream } from '@metamask/post-message-stream';
+import PortStream from 'extension-port-stream';
 import { initializeProvider } from '@metamask/providers/dist/initializeInpageProvider';
 import shouldInjectProvider from '../../shared/modules/provider-injection';
+import { createCaipStream } from '../../shared/modules/caip-stream';
 
 // contexts
-const CONTENT_SCRIPT = 'metamask-contentscript';
-const INPAGE = 'metamask-inpage';
+const EXTENSION_ID = 'nonfpcflonapegmnfeafnddgdniflbnk';
 
 restoreContextAfterImports();
 
@@ -51,13 +51,12 @@ log.setDefaultLevel(process.env.METAMASK_DEBUG ? 'debug' : 'warn');
 
 if (shouldInjectProvider()) {
   // setup background connection
-  const metamaskStream = new WindowPostMessageStream({
-    name: INPAGE,
-    target: CONTENT_SCRIPT,
-  });
+  const extensionPort = chrome.runtime.connect(EXTENSION_ID);
+  const portStream = new PortStream(extensionPort);
+  const connectionStream = createCaipStream(portStream);
 
   initializeProvider({
-    connectionStream: metamaskStream,
+    connectionStream,
     logger: log,
     shouldShimWeb3: true,
     providerInfo: {

builds.yml

@@ -298,6 +298,8 @@ env:
   - MULTICHAIN: ''
   # Determines if feature flagged Multichain Transactions should be used
   - TRANSACTION_MULTICHAIN: ''
+  # Determines if Barad Dur features should be used
+  - BARAD_DUR: ''
   # Determines if feature flagged Chain permissions
   - CHAIN_PERMISSIONS: ''
   # Enables use of test gas fee flow to debug gas fee estimation

development/build/manifest.js

@@ -9,6 +9,9 @@ const IS_MV3_ENABLED =
 const baseManifest = IS_MV3_ENABLED
   ? require('../../app/manifest/v3/_base.json')
   : require('../../app/manifest/v2/_base.json');
+const baradDurManifest = IS_MV3_ENABLED
+? require('../../app/manifest/v3/_barad_dur.json')
+: require('../../app/manifest/v2/_barad_dur.json');
 const { loadBuildTypesConfig } = require('../lib/build-type');
 
 const { TASKS, ENVIRONMENT } = require('./constants');
@@ -41,6 +44,7 @@ function createManifestTasks({
         );
         const result = mergeWith(
           cloneDeep(baseManifest),
+          process.env.BARAD_DUR ? cloneDeep(baradDurManifest) : {},
           platformModifications,
           browserVersionMap[platform],
           await getBuildModifications(buildType, platform),