After loading gator permissions, resolve status for each item#8445
After loading gator permissions, resolve status for each item#8445jeffsmale90 wants to merge 1 commit intomainfrom
Conversation
- if revocationMetadata exists, or revoked onchain - 'Revoked' - if expiration after onchain block timestamp 'Expired' - otherwise 'Active'
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 46e2976. Configure here.
| /** | ||
| * Whether the permission is active, revoked (off-chain and/or on-chain), or expired by time rule. | ||
| */ | ||
| status: PermissionStatus; |
There was a problem hiding this comment.
Required status field missing from older persisted state
Medium Severity
The status field on PermissionInfoWithMetadata is declared as required (status: PermissionStatus), but grantedPermissions is persisted state (persist: true). Entries from before this change will lack status at runtime. The controller internally handles this with ?? 'Active' fallbacks (in #buildPreviousStatusByContext and resolvePermissionStatusAfterSync), confirming status can be undefined — yet the type doesn't reflect this. If initialize() skips syncing (recent lastSyncedTimestamp), consumers reading state will get undefined where the type guarantees a string, causing incorrect comparisons or crashes.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 46e2976. Configure here.
1 participant
Explanation
Gator permissions loaded from storage may be either active, revoked, or expired - this is in addition to the "Revoked" metadata stored with the permission.
With this change, after loading the permissions we resolve the status for each item. While the status is being resolved, we show the previous status held in storage for this item, or "Active" if it doesn't have a previous status.
When resolving the status:
Mocked up UI in Extension:
References
Checklist
Note
Medium Risk
Adds post-sync on-chain resolution of permission lifecycle status using NetworkController RPC calls, which changes persisted/used-in-UI state shape and introduces new network-dependent logic that could affect performance or correctness across chains.
Overview
After fetching granted permissions from the snap, the controller now derives and maintains a per-permission
status(Active/Revoked/Expired) and updates it after sync based on revocation metadata plus on-chain checks.This introduces a new
permissionOnChainStatusmodule that decodes the permission context, callsDelegationManager.disabledDelegationsviaeth_call, and compares any TimestampEnforcer expiry against the latest block timestamp, usingNetworkControllerto obtain the chain provider. Tests are expanded and added to cover status merging/defaulting and the on-chain resolution paths, and@metamask/network-controller/@metamask/abi-utilsare added as dependencies.Reviewed by Cursor Bugbot for commit 46e2976. Bugbot is set up for automated code reviews on this repo. Configure here.