Restrict a Snap's RPC API methods
If the dapps
caveat of the endowment:rpc
permission
is set to true
, any dapp can call the Snap's RPC API by default.
You can restrict the whole API to specific dapp origins or
restrict the API by method and origin.
Restrict the whole API
The endowment:rpc
permission has an optional
allowedOrigins
caveat.
You can use this to restrict the domains that are allowed to make calls to the Snap's RPC API.
Restrict by method and origin
Sometimes a more granular control is required, such as filtering by method and caller origin.
You can restrict by method and origin using the origin
parameter of the
onRpcRequest
entry point.
For example:
index.ts
import type { OnRpcRequestHandler, UnauthorizedError } from "@metamask/snaps-sdk";
type MethodPermission = "*" | string[];
const RPC_PERMISSIONS: Record<string, MethodPermission> = {
hello: "*",
secureMethod: [
"https://metamask.io",
"https://www.mydomain.com",
]
};
const isAllowed = (method: string, origin: string) => {
return RPC_PERMISSIONS[method] === "*" || RPC_PERMISSIONS[method].includes(origin);
};
export const onRpcRequest: OnRpcRequestHandler = async ({
origin,
request,
}) => {
// Check permissions.
if (!isAllowed(request.method, origin)) {
throw new UnauthorizedError(`Method ${request.method} not authorized for origin ${origin}.`);
}
switch (request.method) {
case "hello":
return "world!";
case "secureMethod":
return "The secret is: 42";
default:
throw new Error("Method not found.");
}
};
You can construct more powerful filtering methods using regular expressions or any other logic of your choice.