From d1b4cdf19e114e7389a7e1e4ad3a81fea3dad178 Mon Sep 17 00:00:00 2001
From: Shane Jonas <jonas.shane@gmail.com>
Date: Wed, 22 Feb 2023 17:31:07 -0500
Subject: [PATCH 01/10] Changed eth_sign to be disabled based on the users
 preferences

---
 app/core/RPCMethods/RPCMethodMiddleware.ts | 10 +++++++-
 ios/Podfile.lock                           |  2 +-
 package.json                               |  2 +-
 yarn.lock                                  | 27 ++++++++++++++++++++++
 4 files changed, 38 insertions(+), 3 deletions(-)

diff --git a/app/core/RPCMethods/RPCMethodMiddleware.ts b/app/core/RPCMethods/RPCMethodMiddleware.ts
index ec64d7e467b..f1f4b2b9d9e 100644
--- a/app/core/RPCMethods/RPCMethodMiddleware.ts
+++ b/app/core/RPCMethods/RPCMethodMiddleware.ts
@@ -340,7 +340,15 @@ export const getRpcMethodMiddleware = ({
         throw ethErrors.rpc.methodNotSupported();
       },
       eth_sign: async () => {
-        const { MessageManager } = Engine.context;
+        const { MessageManager, PreferencesController } = Engine.context;
+        const { disabledRpcMethodPreferences } = PreferencesController.state;
+        const { eth_sign } = disabledRpcMethodPreferences;
+
+        if (!eth_sign) {
+          throw ethErrors.rpc.methodNotFound(
+            'eth_sign has been disabled. You must enable it in the advanced settings',
+          );
+        }
         const pageMeta = {
           meta: {
             url: url.current,
diff --git a/ios/Podfile.lock b/ios/Podfile.lock
index 8fea1f97d60..441f5c9ef7c 100644
--- a/ios/Podfile.lock
+++ b/ios/Podfile.lock
@@ -777,7 +777,7 @@ EXTERNAL SOURCES:
 
 SPEC CHECKSUMS:
   boost: a7c83b31436843459a1961bfd74b96033dc77234
-  Branch: 74cc856025984f691833c8fa332834ac38a0cf4e
+  Branch: 4ac024cb3c29b0ef628048694db3c4cfa679beb0
   BVLinearGradient: e3aad03778a456d77928f594a649e96995f1c872
   CocoaAsyncSocket: 065fd1e645c7abab64f7a6a2007a48038fdc6a99
   DoubleConversion: 831926d9b8bf8166fd87886c4abab286c2422662
diff --git a/package.json b/package.json
index ecb3843f5fc..2ee9a3680af 100644
--- a/package.json
+++ b/package.json
@@ -153,7 +153,7 @@
     "@metamask/network-controller": "^1.0.0",
     "@metamask/permission-controller": "^1.0.2",
     "@metamask/phishing-controller": "^1.1.0",
-    "@metamask/preferences-controller": "^1.0.1",
+    "@metamask/preferences-controller": "^2.1.0",
     "@metamask/sdk-communication-layer": "^0.1.0",
     "@metamask/swaps-controller": "^6.8.0",
     "@metamask/transaction-controller": "^1.0.0",
diff --git a/yarn.lock b/yarn.lock
index 68bfeaa9882..9ab8d63fc78 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3972,6 +3972,14 @@
     "@metamask/controller-utils" "^1.0.0"
     immer "^9.0.6"
 
+"@metamask/base-controller@^2.0.0":
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/@metamask/base-controller/-/base-controller-2.0.0.tgz#8f9130df3edaa270ade00378cf57917545d44617"
+  integrity sha512-DppA4/HCabsphVucNRpWA3/mp6m2KhZr/8gidSlpUNLMFqljOKA81GW9nemN3HDqH1RoZdXusI82/4SPEbdbaA==
+  dependencies:
+    "@metamask/controller-utils" "^3.0.0"
+    immer "^9.0.6"
+
 "@metamask/base-controller@~1.0.0":
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/@metamask/base-controller/-/base-controller-1.0.0.tgz#9de86efafdf88b46f6d3710f8708a9515fd8ecf6"
@@ -4014,6 +4022,17 @@
     fast-deep-equal "^3.1.3"
     isomorphic-fetch "^3.0.0"
 
+"@metamask/controller-utils@^3.0.0":
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/@metamask/controller-utils/-/controller-utils-3.0.0.tgz#e0984cdab14280409297671b5858891527c5e4ee"
+  integrity sha512-JjFWBZnnh5DSX2tRsw5xtXxaqVkTzaW7mkSZ+lL3LoCAw47Cf8zGP1kGR6VKxcceKi+MpEFvZr7gf1OFnOoEjw==
+  dependencies:
+    eth-ens-namehash "^2.0.8"
+    eth-rpc-errors "^4.0.0"
+    ethereumjs-util "^7.0.10"
+    ethjs-unit "^0.1.6"
+    fast-deep-equal "^3.1.3"
+
 "@metamask/controllers@^26.0.0":
   version "26.0.0"
   resolved "git+https://github.com/MetaMask/controllers.git#d4e9507d9612f2d36c3f848333b33330a19b811b"
@@ -4209,6 +4228,14 @@
     "@metamask/base-controller" "^1.1.1"
     "@metamask/controller-utils" "^1.0.0"
 
+"@metamask/preferences-controller@^2.1.0":
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/@metamask/preferences-controller/-/preferences-controller-2.1.0.tgz#c3ed464259f3f969ff492167c368752d23db3924"
+  integrity sha512-/GvYSaCCT0DVDZLlt8eiJDcw7WNFeIMpssP0X0+MK+Ye5eGEMp0Wo0n5uoMOKDR+x3HnWo5YuVGHBlSCnusEeg==
+  dependencies:
+    "@metamask/base-controller" "^2.0.0"
+    "@metamask/controller-utils" "^3.0.0"
+
 "@metamask/safe-event-emitter@^2.0.0":
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/@metamask/safe-event-emitter/-/safe-event-emitter-2.0.0.tgz#af577b477c683fad17c619a78208cede06f9605c"

From 8d2103c4c0187130a9eb40b65bce04533f3674c7 Mon Sep 17 00:00:00 2001
From: Zachary Belford <belfordz66@gmail.com>
Date: Wed, 22 Feb 2023 17:43:05 -0800
Subject: [PATCH 02/10] Added toggle switch in advanced settings to turn on/off
 eth_sign

---
 .node-version                                 |  1 +
 .../Views/Settings/AdvancedSettings/index.js  | 32 +++++++++++++++++++
 locales/languages/en.json                     |  2 ++
 3 files changed, 35 insertions(+)
 create mode 100644 .node-version

diff --git a/.node-version b/.node-version
new file mode 100644
index 00000000000..c6244cda044
--- /dev/null
+++ b/.node-version
@@ -0,0 +1 @@
+14.17.3
diff --git a/app/components/Views/Settings/AdvancedSettings/index.js b/app/components/Views/Settings/AdvancedSettings/index.js
index e246d256de7..41b2c75ee80 100644
--- a/app/components/Views/Settings/AdvancedSettings/index.js
+++ b/app/components/Views/Settings/AdvancedSettings/index.js
@@ -133,6 +133,10 @@ class AdvancedSettings extends PureComponent {
      * Indicates whether hex data should be shown in transaction editor
      */
     showHexData: PropTypes.bool,
+    /**
+     * Allow dapp api requests to eth_sign
+     */
+    enableEthSign: PropTypes.bool,
     /**
      * Called to toggle show hex data
      */
@@ -292,6 +296,11 @@ class AdvancedSettings extends PureComponent {
     PreferencesController.setIpfsGateway(ipfsGateway);
   };
 
+  setEnableEthSign = (enabled) => {
+    const { PreferencesController } = Engine.context;
+    PreferencesController.setDisabledRpcMethodPreference('eth_sign', enabled);
+  };
+
   toggleTokenDetection = (detectionStatus) => {
     const { PreferencesController } = Engine.context;
     PreferencesController.setUseTokenDetection(detectionStatus);
@@ -336,6 +345,7 @@ class AdvancedSettings extends PureComponent {
       setShowHexData,
       setShowCustomNonce,
       ipfsGateway,
+      enableEthSign,
     } = this.props;
     const { resetModalVisible, onlineIpfsGateways } = this.state;
     const { styles, colors } = this.getStyles();
@@ -424,6 +434,27 @@ class AdvancedSettings extends PureComponent {
                 />
               </View>
             </View>
+            <View style={styles.setting}>
+              <Text style={styles.title}>
+                {strings('app_settings.enable_eth_sign')}
+              </Text>
+              <Text style={styles.desc}>
+                {strings('app_settings.enable_eth_sign_desc')}
+              </Text>
+              <View style={styles.marginTop}>
+                <Switch
+                  value={enableEthSign}
+                  onValueChange={this.setEnableEthSign}
+                  trackColor={{
+                    true: colors.primary.default,
+                    false: colors.border.muted,
+                  }}
+                  thumbColor={importedColors.white}
+                  style={styles.switch}
+                  ios_backgroundColor={colors.border.muted}
+                />
+              </View>
+            </View>
             <View style={styles.setting}>
               <Text style={styles.title}>
                 {strings('app_settings.show_custom_nonce')}
@@ -474,6 +505,7 @@ const mapStateToProps = (state) => ({
   ipfsGateway: state.engine.backgroundState.PreferencesController.ipfsGateway,
   showHexData: state.settings.showHexData,
   showCustomNonce: state.settings.showCustomNonce,
+  enableEthSign: state.engine.backgroundState.PreferencesController.disabledRpcMethodPreferences['eth_sign'],
   fullState: state,
   isTokenDetectionEnabled:
     state.engine.backgroundState.PreferencesController.useTokenDetection,
diff --git a/locales/languages/en.json b/locales/languages/en.json
index 4073408eda6..3ff6f183a74 100644
--- a/locales/languages/en.json
+++ b/locales/languages/en.json
@@ -555,6 +555,8 @@
     "nft_autodetect_desc": "Displaying NFT media & data may expose your IP address to centralized servers. Third-party APIs (like OpenSea) are used to detect NFTs in your wallet. This exposes your account address with those services. Leave this disabled if you don't want the app to pull data from those services.",
     "show_hex_data": "Show Hex Data",
     "show_hex_data_desc": "Select this to show the hex data field on the send screen.",
+    "enable_eth_sign": "Toggle eth_sign requests",
+    "enable_eth_sign_desc": "Turn this on to let dapps request your signature using eth_sign requests. eth_sign is an open-ended signing method that lets you sign an arbitrary hash, making it a dangerous phishing risk. Only sign eth_sign requests if you can read what you are signing and trust the origin of the request.",
     "show_custom_nonce": "Customize transaction nonce",
     "custom_nonce_desc": "Turn this on to change the nonce (transaction number) on confirmation screens. This is an advanced feature, use cautiously.",
     "accounts_identicon_title": "Account Identicon",

From 067eb224e7ba4e58f3036514473ebb245d6f042e Mon Sep 17 00:00:00 2001
From: Shane Jonas <jonas.shane@gmail.com>
Date: Thu, 23 Feb 2023 09:34:59 -0500
Subject: [PATCH 03/10] Removed .node-version

---
 .node-version | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 .node-version

diff --git a/.node-version b/.node-version
deleted file mode 100644
index c6244cda044..00000000000
--- a/.node-version
+++ /dev/null
@@ -1 +0,0 @@
-14.17.3

From 2f8d53eed733f0b478c47347055073f831b26b3b Mon Sep 17 00:00:00 2001
From: Shane Jonas <jonas.shane@gmail.com>
Date: Thu, 23 Feb 2023 10:06:26 -0500
Subject: [PATCH 04/10] Fixed linting

---
 app/components/Views/Settings/AdvancedSettings/index.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/components/Views/Settings/AdvancedSettings/index.js b/app/components/Views/Settings/AdvancedSettings/index.js
index 41b2c75ee80..d52d7becf78 100644
--- a/app/components/Views/Settings/AdvancedSettings/index.js
+++ b/app/components/Views/Settings/AdvancedSettings/index.js
@@ -505,7 +505,9 @@ const mapStateToProps = (state) => ({
   ipfsGateway: state.engine.backgroundState.PreferencesController.ipfsGateway,
   showHexData: state.settings.showHexData,
   showCustomNonce: state.settings.showCustomNonce,
-  enableEthSign: state.engine.backgroundState.PreferencesController.disabledRpcMethodPreferences['eth_sign'],
+  enableEthSign:
+    state.engine.backgroundState.PreferencesController
+      .disabledRpcMethodPreferences.eth_sign,
   fullState: state,
   isTokenDetectionEnabled:
     state.engine.backgroundState.PreferencesController.useTokenDetection,

From ff3b93c7f2c128c070fbcf94a4029106de8ef5b8 Mon Sep 17 00:00:00 2001
From: Shane Jonas <jonas.shane@gmail.com>
Date: Thu, 23 Feb 2023 10:27:32 -0500
Subject: [PATCH 05/10] Fixed AdvancedSettings tests with new
 disabledRpcMethodPreferences state key

---
 app/components/Views/Settings/AdvancedSettings/index.test.tsx | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/app/components/Views/Settings/AdvancedSettings/index.test.tsx b/app/components/Views/Settings/AdvancedSettings/index.test.tsx
index 93934bd2195..b29b8c43ef0 100644
--- a/app/components/Views/Settings/AdvancedSettings/index.test.tsx
+++ b/app/components/Views/Settings/AdvancedSettings/index.test.tsx
@@ -11,6 +11,9 @@ const initialState = {
     backgroundState: {
       PreferencesController: {
         ipfsGateway: 'https://ipfs.io/ipfs/',
+        disabledRpcMethodPreferences: {
+          eth_sign: false
+        },
       },
       NetworkController: {
         provider: { chainId: '1' },

From 56b596e0c9d8e04f4b19b9d39c3aedc03868af52 Mon Sep 17 00:00:00 2001
From: Shane Jonas <jonas.shane@gmail.com>
Date: Thu, 23 Feb 2023 10:57:42 -0500
Subject: [PATCH 06/10] Fixed linting and snapshots

---
 .../AdvancedSettings/__snapshots__/index.test.tsx.snap        | 4 ++++
 app/components/Views/Settings/AdvancedSettings/index.test.tsx | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/components/Views/Settings/AdvancedSettings/__snapshots__/index.test.tsx.snap b/app/components/Views/Settings/AdvancedSettings/__snapshots__/index.test.tsx.snap
index a4631b29e70..319c54fe41d 100644
--- a/app/components/Views/Settings/AdvancedSettings/__snapshots__/index.test.tsx.snap
+++ b/app/components/Views/Settings/AdvancedSettings/__snapshots__/index.test.tsx.snap
@@ -3,6 +3,7 @@
 exports[`AdvancedSettings should render correctly 1`] = `
 <AdvancedSettings
   chainId="1"
+  enableEthSign={false}
   fullState={
     Object {
       "engine": Object {
@@ -13,6 +14,9 @@ exports[`AdvancedSettings should render correctly 1`] = `
             },
           },
           "PreferencesController": Object {
+            "disabledRpcMethodPreferences": Object {
+              "eth_sign": false,
+            },
             "ipfsGateway": "https://ipfs.io/ipfs/",
           },
         },
diff --git a/app/components/Views/Settings/AdvancedSettings/index.test.tsx b/app/components/Views/Settings/AdvancedSettings/index.test.tsx
index b29b8c43ef0..b85c5f8e021 100644
--- a/app/components/Views/Settings/AdvancedSettings/index.test.tsx
+++ b/app/components/Views/Settings/AdvancedSettings/index.test.tsx
@@ -12,7 +12,7 @@ const initialState = {
       PreferencesController: {
         ipfsGateway: 'https://ipfs.io/ipfs/',
         disabledRpcMethodPreferences: {
-          eth_sign: false
+          eth_sign: false,
         },
       },
       NetworkController: {

From a73555acb2804a6db62539f658af72d42bbff089 Mon Sep 17 00:00:00 2001
From: Shane Jonas <jonas.shane@gmail.com>
Date: Thu, 23 Feb 2023 13:24:28 -0500
Subject: [PATCH 07/10] Revert Branch checksum change

---
 ios/Podfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ios/Podfile.lock b/ios/Podfile.lock
index 441f5c9ef7c..8fea1f97d60 100644
--- a/ios/Podfile.lock
+++ b/ios/Podfile.lock
@@ -777,7 +777,7 @@ EXTERNAL SOURCES:
 
 SPEC CHECKSUMS:
   boost: a7c83b31436843459a1961bfd74b96033dc77234
-  Branch: 4ac024cb3c29b0ef628048694db3c4cfa679beb0
+  Branch: 74cc856025984f691833c8fa332834ac38a0cf4e
   BVLinearGradient: e3aad03778a456d77928f594a649e96995f1c872
   CocoaAsyncSocket: 065fd1e645c7abab64f7a6a2007a48038fdc6a99
   DoubleConversion: 831926d9b8bf8166fd87886c4abab286c2422662

From 342de90521c8343a8c58668aeabdec914334efed Mon Sep 17 00:00:00 2001
From: Shane Jonas <jonas.shane@gmail.com>
Date: Thu, 23 Feb 2023 14:05:05 -0500
Subject: [PATCH 08/10] Fixed yarn lock issues

---
 yarn.lock | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/yarn.lock b/yarn.lock
index 9ab8d63fc78..f5397f53e70 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3972,6 +3972,14 @@
     "@metamask/controller-utils" "^1.0.0"
     immer "^9.0.6"
 
+"@metamask/base-controller@^1.1.2":
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/@metamask/base-controller/-/base-controller-1.1.2.tgz#92643d16a322664adae924cf45806c96c6704e30"
+  integrity sha512-lOV3dyaTw+dTZOYkpjFwKN4DfOlvRpALknUlOzoFg+ChLeva8T7E4/pyo52FOEtxhajsq9/77soGm729oaNGMA==
+  dependencies:
+    "@metamask/controller-utils" "^2.0.0"
+    immer "^9.0.6"
+
 "@metamask/base-controller@^2.0.0":
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/@metamask/base-controller/-/base-controller-2.0.0.tgz#8f9130df3edaa270ade00378cf57917545d44617"
@@ -4022,6 +4030,18 @@
     fast-deep-equal "^3.1.3"
     isomorphic-fetch "^3.0.0"
 
+"@metamask/controller-utils@^2.0.0":
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/@metamask/controller-utils/-/controller-utils-2.0.0.tgz#11b7639b7724b67c4ad983fd1185313fff2217be"
+  integrity sha512-dwpF1qPIGzTr6kMAJQmX6/eVtRPrBBMlB9oiHnOhHN2mYPqd6fCnesyA3TsqM8I65mTjqrkV4OtPtz6pzYvclw==
+  dependencies:
+    eth-ens-namehash "^2.0.8"
+    eth-rpc-errors "^4.0.0"
+    ethereumjs-util "^7.0.10"
+    ethjs-unit "^0.1.6"
+    fast-deep-equal "^3.1.3"
+    isomorphic-fetch "^3.0.0"
+
 "@metamask/controller-utils@^3.0.0":
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/@metamask/controller-utils/-/controller-utils-3.0.0.tgz#e0984cdab14280409297671b5858891527c5e4ee"

From bb955b5138fec9ce49203748c13f6aa3b36a27a5 Mon Sep 17 00:00:00 2001
From: Zachary Belford <belfordz66@gmail.com>
Date: Mon, 27 Feb 2023 14:31:12 -0800
Subject: [PATCH 09/10] fix lockfile issue from rebase

---
 .node-version |  1 +
 yarn.lock     | 20 --------------------
 2 files changed, 1 insertion(+), 20 deletions(-)
 create mode 100644 .node-version

diff --git a/.node-version b/.node-version
new file mode 100644
index 00000000000..a3eb5a03fa6
--- /dev/null
+++ b/.node-version
@@ -0,0 +1 @@
+14.20.0
diff --git a/yarn.lock b/yarn.lock
index f5397f53e70..9ab8d63fc78 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3972,14 +3972,6 @@
     "@metamask/controller-utils" "^1.0.0"
     immer "^9.0.6"
 
-"@metamask/base-controller@^1.1.2":
-  version "1.1.2"
-  resolved "https://registry.yarnpkg.com/@metamask/base-controller/-/base-controller-1.1.2.tgz#92643d16a322664adae924cf45806c96c6704e30"
-  integrity sha512-lOV3dyaTw+dTZOYkpjFwKN4DfOlvRpALknUlOzoFg+ChLeva8T7E4/pyo52FOEtxhajsq9/77soGm729oaNGMA==
-  dependencies:
-    "@metamask/controller-utils" "^2.0.0"
-    immer "^9.0.6"
-
 "@metamask/base-controller@^2.0.0":
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/@metamask/base-controller/-/base-controller-2.0.0.tgz#8f9130df3edaa270ade00378cf57917545d44617"
@@ -4030,18 +4022,6 @@
     fast-deep-equal "^3.1.3"
     isomorphic-fetch "^3.0.0"
 
-"@metamask/controller-utils@^2.0.0":
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/@metamask/controller-utils/-/controller-utils-2.0.0.tgz#11b7639b7724b67c4ad983fd1185313fff2217be"
-  integrity sha512-dwpF1qPIGzTr6kMAJQmX6/eVtRPrBBMlB9oiHnOhHN2mYPqd6fCnesyA3TsqM8I65mTjqrkV4OtPtz6pzYvclw==
-  dependencies:
-    eth-ens-namehash "^2.0.8"
-    eth-rpc-errors "^4.0.0"
-    ethereumjs-util "^7.0.10"
-    ethjs-unit "^0.1.6"
-    fast-deep-equal "^3.1.3"
-    isomorphic-fetch "^3.0.0"
-
 "@metamask/controller-utils@^3.0.0":
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/@metamask/controller-utils/-/controller-utils-3.0.0.tgz#e0984cdab14280409297671b5858891527c5e4ee"

From 180df544c85117ac9d0efb9d827fa8299c6e5da1 Mon Sep 17 00:00:00 2001
From: Zachary Belford <belfordz66@gmail.com>
Date: Mon, 27 Feb 2023 19:03:48 -0800
Subject: [PATCH 10/10] Remove accidentally commited node-version file

---
 .node-version | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 .node-version

diff --git a/.node-version b/.node-version
deleted file mode 100644
index a3eb5a03fa6..00000000000
--- a/.node-version
+++ /dev/null
@@ -1 +0,0 @@
-14.20.0