Harden endowments

Update AVA config

Add harden for default endowments and test

Add some refactoring and fix coverage issues

Add endowment registry

Add hardening for special endowment cases (snap & ethereum)

Refactor nyc config

Revert hardening of the ethereum endowment

Update ava test runner config

Revert default-endowments.ts

Additionally harden args and returned values

Add script for updating coverage thresholds

Refactor tests related to hardening of the endowments (optimization)

Update coverage thresholds after refactoring

Add tests for endowment modules

Add object walker utility

Integrate object-walker into the AVA security tests and do some refactoring

Revert hardening of a snap endowment in index.ts (for now)

Manually resolve coverage threshold confusion after deleting line of code

packages/snaps-execution-environments/.c8rc.json

@@ -1,5 +1,5 @@
 {
-  "reporter": ["html", "json-summary", "text", "json"],
+  "reporter": ["html", "json-summary", "json"],
   "exclude": ["*.js", "./src/index.ts", "**/*.ava.test.ts"],
   "report-dir": "./coverage-ava"
 }

packages/snaps-execution-environments/ava.config.js

@@ -1,9 +1,9 @@
 module.exports = () => {
   return {
-    concurrency: 5,
     extensions: ['ts'],
     require: ['ts-node/register'],
     verbose: true,
     files: ['src/**/*.ava.test.ts'],
+    timeout: '30s',
   };
 };

packages/snaps-execution-environments/jest.config.js

@@ -2,20 +2,20 @@ const deepmerge = require('deepmerge');
 
 const baseConfig = require('../../jest.config.base');
 
+delete baseConfig.coverageThreshold;
+
 module.exports = deepmerge(baseConfig, {
-  coveragePathIgnorePatterns: ['./src/index.ts', '.ava.test.ts'],
-  coverageThreshold: {
-    global: {
-      branches: 83.93,
-      functions: 92.25,
-      lines: 87.07,
-      statements: 87.18,
-    },
-  },
+  coveragePathIgnorePatterns: [
+    './src/index.ts',
+    '.ava.test.ts',
+    'update-coverage-thresholds.js',
+  ],
   testEnvironment: '<rootDir>/jest.environment.js',
   testEnvironmentOptions: {
     customExportConditions: ['node', 'node-addons'],
   },
   testTimeout: 2500,
   testPathIgnorePatterns: ['.ava.test.ts'],
+  coverageProvider: 'v8',
+  coverageReporters: ['html', 'json-summary', 'json'],
 });

packages/snaps-execution-environments/jest.environment.js

@@ -13,6 +13,7 @@ module.exports = class CustomTestEnvironment extends TestEnvironment {
       this.global.TextDecoder = TextDecoder;
       this.global.ArrayBuffer = ArrayBuffer;
       this.global.Uint8Array = Uint8Array;
+      this.global.harden = (param) => param;
     }
   }
 };

packages/snaps-execution-environments/nyc.config.js

@@ -0,0 +1,10 @@
+/**
+ * NYC coverage reporter configuration.
+ */
+module.exports = {
+  'check-coverage': true,
+  branches: 91.02,
+  lines: 91.36,
+  functions: 92.85,
+  statements: 91.36,
+};

packages/snaps-execution-environments/package.json

@@ -12,10 +12,10 @@
     "dist/"
   ],
   "scripts": {
-    "test": "yarn test:ava && jest && yarn posttest && yarn merge:coverage",
-    "posttest": "jest-it-up --margin 0.25",
+    "test": "yarn test:ava && jest && yarn merge:coverage && yarn posttest",
+    "posttest": "node update-coverage-thresholds.js",
     "test:ava": "c8 ava",
-    "merge:coverage": "yarn mkdirp coverage-all && shx cp coverage/coverage-final.json coverage-all/coverage-final-jest.json && shx cp coverage-ava/coverage-final.json coverage-all/coverage-final-ava.json && rimraf 'coverage' 'coverage-ava' && nyc merge coverage-all coverage-merged/merged-coverage.json && nyc report -t coverage-merged --report-dir coverage --reporter=html --reporter=json-summary --reporter=json && rimraf 'coverage-merged' 'coverage-all'",
+    "merge:coverage": "yarn mkdirp coverage-all && shx cp coverage/coverage-final.json coverage-all/coverage-final-jest.json && shx cp coverage-ava/coverage-final.json coverage-all/coverage-final-ava.json && rimraf 'coverage' 'coverage-ava' && nyc merge coverage-all coverage-merged/merged-coverage.json && nyc report -t coverage-merged --report-dir coverage --reporter=text --reporter=html --reporter=json-summary --reporter=json && rimraf 'coverage-merged' 'coverage-all'",
     "test:ci": "yarn test",
     "test:watch": "jest --watch",
     "lint:eslint": "eslint . --cache --ext js,ts",

packages/snaps-execution-environments/src/common/endowments/abortController.ts

@@ -0,0 +1,16 @@
+/**
+ * Creates AbortController function hardened by SES.
+ *
+ * @returns An object with the attenuated `AbortController` function.
+ */
+const createAbortController = () => {
+  return {
+    AbortController: harden(AbortController),
+  } as const;
+};
+
+const endowmentModule = {
+  names: ['AbortController'] as const,
+  factory: createAbortController,
+};
+export default endowmentModule;

packages/snaps-execution-environments/src/common/endowments/abortSignal.ts

@@ -0,0 +1,16 @@
+/**
+ * Creates AbortSignal function hardened by SES.
+ *
+ * @returns An object with the attenuated `AbortSignal` function.
+ */
+const createAbortSignal = () => {
+  return {
+    AbortSignal: harden(AbortSignal),
+  } as const;
+};
+
+const endowmentModule = {
+  names: ['AbortSignal'] as const,
+  factory: createAbortSignal,
+};
+export default endowmentModule;

packages/snaps-execution-environments/src/common/endowments/arrayBuffer.ts

@@ -0,0 +1,16 @@
+/**
+ * Creates ArrayBuffer function hardened by SES.
+ *
+ * @returns An object with the attenuated `ArrayBuffer` function.
+ */
+const createArrayBuffer = () => {
+  return {
+    ArrayBuffer: harden(ArrayBuffer),
+  } as const;
+};
+
+const endowmentModule = {
+  names: ['ArrayBuffer'] as const,
+  factory: createArrayBuffer,
+};
+export default endowmentModule;

packages/snaps-execution-environments/src/common/endowments/atob.ts

@@ -0,0 +1,16 @@
+/**
+ * Creates atob function hardened by SES.
+ *
+ * @returns An object with the attenuated `atob` function.
+ */
+const createAtob = () => {
+  return {
+    atob: harden(atob),
+  } as const;
+};
+
+const endowmentModule = {
+  names: ['atob'] as const,
+  factory: createAtob,
+};
+export default endowmentModule;

packages/snaps-execution-environments/src/common/endowments/bigInt.ts

@@ -0,0 +1,16 @@
+/**
+ * Creates BigInt function hardened by SES.
+ *
+ * @returns An object with the attenuated `BigInt` function.
+ */
+const createBigInt = () => {
+  return {
+    BigInt: harden(BigInt),
+  } as const;
+};
+
+const endowmentModule = {
+  names: ['BigInt'] as const,
+  factory: createBigInt,
+};
+export default endowmentModule;

packages/snaps-execution-environments/src/common/endowments/bigInt64Array.ts

@@ -0,0 +1,16 @@
+/**
+ * Creates BigInt64Array function hardened by SES.
+ *
+ * @returns An object with the attenuated `BigInt64Array` function.
+ */
+const createBigInt64Array = () => {
+  return {
+    BigInt64Array: harden(BigInt64Array),
+  } as const;
+};
+
+const endowmentModule = {
+  names: ['BigInt64Array'] as const,
+  factory: createBigInt64Array,
+};
+export default endowmentModule;

packages/snaps-execution-environments/src/common/endowments/bigUint64Array.ts

@@ -0,0 +1,16 @@
+/**
+ * Creates BigUint64Array function hardened by SES.
+ *
+ * @returns An object with the attenuated `BigUint64Array` function.
+ */
+const createBigUint64Array = () => {
+  return {
+    BigUint64Array: harden(BigUint64Array),
+  } as const;
+};
+
+const endowmentModule = {
+  names: ['BigUint64Array'] as const,
+  factory: createBigUint64Array,
+};
+export default endowmentModule;

packages/snaps-execution-environments/src/common/endowments/btoa.ts

@@ -0,0 +1,16 @@
+/**
+ * Creates btoa function hardened by SES.
+ *
+ * @returns An object with the attenuated `btoa` function.
+ */
+const createBtoa = () => {
+  return {
+    btoa: harden(btoa),
+  } as const;
+};
+
+const endowmentModule = {
+  names: ['btoa'] as const,
+  factory: createBtoa,
+};
+export default endowmentModule;

packages/snaps-execution-environments/src/common/endowments/crypto.ts

@@ -16,7 +16,10 @@ const createCrypto = () => {
   // TODO: Figure out if this is enough long-term or if we should use a polyfill.
   /* eslint-disable-next-line @typescript-eslint/no-require-imports, @typescript-eslint/no-var-requires, node/global-require */
   const crypto = require('crypto').webcrypto;
-  return { crypto, SubtleCrypto: crypto.subtle.constructor } as const;
+  return {
+    crypto: harden(crypto),
+    SubtleCrypto: harden(crypto.subtle.constructor),
+  } as const;
 };
 
 const endowmentModule = {

packages/snaps-execution-environments/src/common/endowments/dataView.ts

@@ -0,0 +1,16 @@
+/**
+ * Creates DataView function hardened by SES.
+ *
+ * @returns An object with the attenuated `DataView` function.
+ */
+const createDataView = () => {
+  return {
+    DataView: harden(DataView),
+  } as const;
+};
+
+const endowmentModule = {
+  names: ['DataView'] as const,
+  factory: createDataView,
+};
+export default endowmentModule;