Make the metamask-extension-provider work with privacy mode

[Powersource]

The steps described in this blogpost do not work when connecting from another browser extension (i.e. when using the metamask-extension-provider).

We really hope this will be fixed before privacy mode is turned opt-out, since our app would otherwise break for most users.

[bdresser]

cc @bitpshr @danfinlay

[danfinlay]

Oh cool! You may be the first metamask extension api consumer we’re aware of! Very cool to see what you’re building. Would this be similar to Brave’s tipping system?

We’ll be sure to keep that module up to date, please reach out with any issues you encounter, you’re likely the first person hitting some of them.

[ErikBjare]

@danfinlay There are some similarities, but Thankful is different because:

• There is no special token. We currently support ETH and want to support ERC-20 tokens (such as Dai and other stablecoins)
• It is browser-independent (as it should be)
• We won't have a centralized sign-up process for creators (like Brave does)
• We don't want to be limited to the web, we want to let users support creators of music, podcasts, and software (not there yet, but we've come a long way on the data collection part in ActivityWatch)

We're working on other differentiating features (such as giving supporters tokens for supporting a creator), but we're still very much in an exploratory stage.

Thanks for fixing the issue for us so quickly, we'll get to implementing it in our extension soonish.

[danfinlay]

It isn’t quite fixed yet, hit a couple snags that would be impossible with a rewrite of a portion of code, which also presents the opportunity for some other improvements. Hoping to have the fix done in this coming week.

[Powersource]

Any updates on this? :)

[ErikBjare]

@danfinlay Any updates? We're aiming for a release soon and would rather not want to encourage people to turn off privacy mode.

[danfinlay]

Apologies, the refactor to fix this turned into a larger upgrade of our login system, in an effort that is still ongoing. In the meanwhile it also seems the eth_requestAccounts RPC method will also trigger the login confirmation.

[Powersource]

As I mention here, eth_requestAccounts unfortunately doesn't work in privacy mode either :/

[danfinlay]

Sorry it's taken so long. As it stands, this issue will be solved when this branch is merged into master, as it unifies all of the MetaMask communication under a common interface (today the enable() method uses a separate transport from the rest of the RPC that is unavailable cross-extension, making it much more configuration-heavy).

[deluca-mike]

This doesn't explain why there are controller references to eth_requestAccounts in metamask's code:

if (req.method !== 'eth_requestAccounts') return next()
( proceed with unlock/approval logic )

which does not seem to fully execute. Sadly prettying the code in order to set a breakpoint to test is failing in chrome. Might load a dev version of metamask to test out.

[deluca-mike]

I've fixed this in #7039. As suspected, the approval logic threw trying to fetch site metadata for an origin that was an extension id. I've added the necessary logic to fetch extension metadata (chrome only, and requires "management" permissions). Tested this and eth_requestAccounts RPC call brings up the appropriate approval dialog in MetaMask with the extension name and icon.

[johngrantuk]

Just to confirm the latest state - this is still not possible right? I also can't seem to find an option in my MetaMask to disable privacy mode?

[danfinlay]

I also can't seem to find an option in my MetaMask to disable privacy mode?

You can "disable privacy mode"/connect on a site-by-site basis in settings > connections.

[johngrantuk]

Thanks for the tip but I don't actually have any option for that in my MetaMask, it just shows each Connected site but these are unclickable and don't have any "disable privacy mode" option.

[ErikBjare]

@johngrantuk There seems to no longer be a way to disable privacy mode, just manually adding allowing an exception. But the suggestion by @danfinlay worked fine for me:

1. Browse to the site/extension you want to allow
2. Go to Metamask -> Settings -> Connections
3. Check that the "Allow Site" textbox has the correct address in it (in my case the extension ID)
4. Click "Connect"

[whymarrh]

@Powersource can we close this? Is there anything outstanding in the latest version of MM?

[Powersource]

I haven't tested it lately but since this issue https://github.com/MetaMask/metamask-extension-provider/issues/3 is still open I would guess it's still a problem.

[Gudahtt]

This has been supported by metamask-extension since v7.4.0, but metamask-extension-provider still needs to be updated (possibly just the example and docs, though I haven't confirmed that).