feat: snaps controllers integration (Flask Only)

[owencraston]

Description

This pr enables snaps to be installed and executed on mobile. This change will be code fenced for flask only. We achieve this by doing the following..

• integrating the @metamask/snaps-controllers
• integrating @metamask/snaps-rpc-methods
• adding handlers for the snaps rpc methods into the BackgroundBridge.js file
• implementing the InstallSnapApproval flow
• create a custom detectSnapLocation function
• implementing a custom fetch function that we pass to the snaps controller
• For npm hosted snaps, we will fetch them using the custom NPMLocation class. This classic fetches (using the custom fetch function mentioned above), downloads the compressed snap code and then decompresses and reads the snap code using the RNTar native module that was implemented/merged in this PR.

All of these changes have been implemented and tested in this PR. This PR updates that logic and brings it into main behind a code fence.

Guide for reviewers

• All modified code should be wrapped inside a code fence ///: BEGIN:ONLY_INCLUDE_IF(snaps)...///: END:ONLY_INCLUDE_IF
• all new files should be wrapped in a code fence ///: BEGIN:ONLY_INCLUDE_IF(snaps)...///: END:ONLY_INCLUDE_IF
• The most important files for to review are...
  1. Engine.ts
  2. BackgroundBridge.js
  3. useApprovalRequest.ts
  4. EngineService.ts
  5. npm.ts
  6. location.ts
  7. fetch.ts

Related issues

Progresses: https://github.com/MetaMask/accounts-planning/issues/143

Manual testing steps

1. checkout this branch
2. run yarn setup
3. open the .js.env
4. modify the METAMASK_BUILD_TYPE to export METAMASK_BUILD_TYPE="flask"
5. in your terminal run source .js.env and then run yarn watch:clean
6. in xcode select the flask variant and press play
7. open http://metamask.github.io/snaps/test-snaps/1.1.0 in the browser

14. create a wallet
15. navigate to the browser
16. open this url: https://metamask.github.io/snaps/test-snaps/1.1.0/
17. install a snap, I usually install the bip32/bip44 snap
18. the install flow should appear with 3 steps including the a success screen
19. click the Get Public key button on the snap site, you should get a result
20. navigate to settings/snaps
21. you should see a list of all your installed snaps

Checking code fencing

1. reset your .js.env file so that the METAMASK_BUILD_TYPE is set to main
2. restart your watchman server and refresh the app
3. the snaps section in the settings list should no longer exist
4. installing a snap should fail.

Screenshots/Recordings

After

Screen.Recording.2023-12-07.at.11.42.58.PM.mov

Pre-merge author checklist

• I’ve followed MetaMask Coding Standards.
• I've clearly explained what problem this PR is solving and how it is solved.
• I've linked related issues
• I've included manual testing steps
• I've included screenshots/recordings if applicable
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.
• I’ve properly set the pull request status:
  • In case it's not yet "ready for review", I've set it to "draft".
  • In case it's "ready for review", I've changed it from "draft" to "non-draft".

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[socket-security]

New and updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
@metamask/snaps-rpc-methods	3.2.1	None	+18	12 MB	metamaskbot
@metamask/snaps-utils	3.2.0	filesystem, shell	+17	11.5 MB	metamaskbot
@metamask/snaps-controllers	3.2.0	shell	+32	14.4 MB	metamaskbot
@metamask/post-message-stream	7.0.0	None	+0	75.9 kB	gudahtt
@metamask/slip44	3.1.0	None	+0	128 kB	metamaskbot
@types/readable-stream	4.0.9	None	+0	31 kB	types
@metamask/key-tree	9.0.0	None	+1	655 kB	metamaskbot
@metamask/permission-controller	4.0.1...4.1.2	None	+0/-0	402 kB	metamaskbot
@types/react	17.0.14...17.0.59	None	+0/-0	169 kB	types

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: [email protected], @metamask/[email protected], @metamask/[email protected], @metamask/[email protected]

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] bar@* or ignore all packages with @SocketSecurity ignore-all

[github-actions]

E2E test started on Bitrise: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/077d55c7-03bd-4338-bff4-272f5cd151f2
You can also kick off another Bitrise E2E smoke test by removing and re-applying the (Run Smoke E2E) label

[github-actions]

E2E test started on Bitrise: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/48b3f443-236a-4d09-ba0d-a398f8029316
You can also kick off another Bitrise E2E smoke test by removing and re-applying the (Run Smoke E2E) label

[Jonathansoufer]

LGTM! Left some comments.

[github-actions]

E2E test started on Bitrise: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/dcaaa896-5313-4c87-9f6e-bff67a06f05e
You can also kick off another Bitrise E2E smoke test by removing and re-applying the (Run Smoke E2E) label

[tommasini]

Engine, RpcMethodMiddleware, EngineService, BackgroundBridge and Engine LGTM!

Cool thing that we use code fencing only for snaps and this way we can create easily other feature to include on the diferent featureSet!
Awesome work going on 🚀

we have decided to iteratively ship improvements to this implementation after it merges.

[owencraston]

e2e smoke test passed

[gantunesr]

The overall code looks good to me, there are a lot of improvements to be done but we need to take into consideration that this is the first iteration of the code working and this is a great step into opening the snaps platform in the mobile app to the dev community. Since it is behind code fencing I don't have any reason to not merge it as it is and start working on smaller refactors that can be shipped faster and stop dedicating time into constant rebases.

The comments I left in the PR are suggestion I'd like to see done but I don't mind it being addressed in a follow up PR.

To do in a follow up PR:

• Address pending comments
• Add unit tests to all files in core/Snaps
• The Engine is getting too big, this code would be a good candidate to break it down to another file

Great work @owencraston 🎉 🚢

[Jonathansoufer]

Excellent work putting all this together @owencraston ! Minor comments of mine, but approved since they can be addressed in a follow up PR.

[sonarcloud]

Quality Gate failed

Failed conditions

4.9% Duplication on New Code (required ≤ 3%)

See analysis details on SonarCloud

[owencraston]

e2e regression test passed

[github-actions]

E2E test started on Bitrise: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/908dbf9e-632e-4d36-8059-ecbd4f3212bc
You can also kick off another Bitrise E2E smoke test by removing and re-applying the (Run Smoke E2E) label