From db9da21cfcd5e7d40b50427d2c60f23d31f08518 Mon Sep 17 00:00:00 2001 From: muji Date: Thu, 8 Aug 2024 09:21:29 +0800 Subject: [PATCH 1/2] Initial draft for SIP-24. --- SIPS/sip-24.md | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 SIPS/sip-24.md diff --git a/SIPS/sip-24.md b/SIPS/sip-24.md new file mode 100644 index 00000000..7c642671 --- /dev/null +++ b/SIPS/sip-24.md @@ -0,0 +1,49 @@ +--- +sip: 24 +title: WebSocket Connections +status: Draft +discussions-to: https://github.com/MetaMask/SIPs/discussions/142 +author: Muji (@tmpfs) +created: 2024-08-08 +--- + +## Abstract + +This SIP describes a way for Snaps using the Keyring API to establish WebSocket connections. + +## Motivation + +Snaps that need to perform multi-party computation (MPC) for threshold signatures schemes (TSS) require sending various messages in rounds to participants over the network; MPC communication is best suited to a session-based WebSocket connection. This SIP is concerned with using WebSocket connections to sign transactions as part of the Keyring API and not the more generic use case defined in [SIP-20](/SIPS/sip-20.md). + +## Specification + +> Formal specifications are written in TypeScript. + +### Language + +The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", +"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and +"OPTIONAL" written in uppercase in this document are to be interpreted as described in [RFC 2119](https://www.ietf.org/rfc/rfc2119.txt) + +### Snap Manifest + +This SIP specifies an addendum that MAY be applied to existing and future Snap handler permissions for `endowment:keyring`. The addendum is that the `allowedOrigins` array may contain URLs using the `wss:` or `ws:` schemes. + +The caveat is specified as follows in the manifest: + +```json +{ + "initialPermissions": { + "endowment:keyring": { + "allowedOrigins": [ + "https://tss.ac", + "wss://relay.tss.ac" + ] + }, + } +} +``` + +## Copyright + +Copyright and related rights waived via [CC0](../LICENSE). From 14f061a84a48dc40167f4f3e33ef7e4f20aa645f Mon Sep 17 00:00:00 2001 From: muji Date: Fri, 9 Aug 2024 10:38:36 +0800 Subject: [PATCH 2/2] Prefer adding allowedOrigins to endowment:network-access. The allowedOrigins for the endowment:keyring permission specifies which snap origins can connect to the keyring snap and this SIP is to allow outbound access from the snap to external resources so is better placed in endowment:network-access. --- SIPS/sip-24.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/SIPS/sip-24.md b/SIPS/sip-24.md index 7c642671..69a7dea7 100644 --- a/SIPS/sip-24.md +++ b/SIPS/sip-24.md @@ -27,14 +27,14 @@ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", ### Snap Manifest -This SIP specifies an addendum that MAY be applied to existing and future Snap handler permissions for `endowment:keyring`. The addendum is that the `allowedOrigins` array may contain URLs using the `wss:` or `ws:` schemes. +This SIP specifies an addendum that MAY be applied to existing and future Snap handler permissions for `endowment:network-access`. The addendum is that the `allowedOrigins` array may contain URLs using the `wss:` or `ws:` schemes. The caveat is specified as follows in the manifest: ```json { "initialPermissions": { - "endowment:keyring": { + "endowment:network-access": { "allowedOrigins": [ "https://tss.ac", "wss://relay.tss.ac"