feat(snaps): Add support for custom network per Snap

app/scripts/controllers/permissions/specifications.js

@@ -209,7 +209,7 @@ export const getPermissionSpecifications = ({
       permissionType: PermissionType.Endowment,
       targetName: PermissionNames.permittedChains,
       allowedCaveats: [CaveatTypes.restrictNetworkSwitching],
-      subjectTypes: [SubjectType.Website],
+      subjectTypes: [SubjectType.Website, SubjectType.Snap],
 
       factory: (permissionOptions, requestData) => {
         if (!requestData.approvedChainIds) {

app/scripts/lib/rpc-method-middleware/handlers/add-ethereum-chain.js

@@ -22,6 +22,7 @@ const addEthereumChain = {
     getCurrentChainIdForDomain: true,
     getCaveat: true,
     requestPermittedChainsPermission: true,
+    grantPermittedChainsPermission: true,
     getChainPermissionsFeatureFlag: true,
   },
 };
@@ -44,6 +45,7 @@ async function addEthereumChainHandler(
     getCurrentChainIdForDomain,
     getCaveat,
     requestPermittedChainsPermission,
+    grantPermittedChainsPermission,
     getChainPermissionsFeatureFlag,
   },
 ) {
@@ -162,6 +164,7 @@ async function addEthereumChainHandler(
       requestUserApproval,
       getCaveat,
       requestPermittedChainsPermission,
+      grantPermittedChainsPermission,
       endApprovalFlow,
     },
   );

app/scripts/lib/rpc-method-middleware/handlers/ethereum-chain-utils.js

@@ -1,5 +1,6 @@
 import { errorCodes, ethErrors } from 'eth-rpc-errors';
 import { ApprovalType } from '@metamask/controller-utils';
+import { isSnapId } from '@metamask/snaps-utils';
 
 import {
   BUILT_IN_INFURA_NETWORKS,
@@ -200,6 +201,7 @@ export async function switchChain(
     requestUserApproval,
     getCaveat,
     requestPermittedChainsPermission,
+    grantPermittedChainsPermission,
   },
 ) {
   try {
@@ -214,7 +216,11 @@ export async function switchChain(
         permissionedChainIds === undefined ||
         !permissionedChainIds.includes(chainId)
       ) {
-        await requestPermittedChainsPermission([chainId]);
+        if (isSnapId(origin)) {
+          await grantPermittedChainsPermission([chainId]);
+        } else {
+          await requestPermittedChainsPermission([chainId]);
+        }
       }
     } else {
       await requestUserApproval({

app/scripts/lib/rpc-method-middleware/handlers/switch-ethereum-chain.js

@@ -17,6 +17,7 @@ const switchEthereumChain = {
     getCurrentChainIdForDomain: true,
     requestUserApproval: true,
     getChainPermissionsFeatureFlag: true,
+    grantPermittedChainsPermission: true,
   },
 };
 
@@ -35,6 +36,7 @@ async function switchEthereumChainHandler(
     getCurrentChainIdForDomain,
     requestUserApproval,
     getChainPermissionsFeatureFlag,
+    grantPermittedChainsPermission,
   },
 ) {
   let chainId;
@@ -91,6 +93,7 @@ async function switchEthereumChainHandler(
       requestUserApproval,
       getCaveat,
       requestPermittedChainsPermission,
+      grantPermittedChainsPermission,
     },
   );
 }

app/scripts/metamask-controller.js

@@ -528,6 +528,7 @@ export default class MetamaskController extends EventEmitter {
       trackMetaMetricsEvent: (...args) =>
         this.metaMetricsController.trackEvent(...args),
     });
+
     this.networkController.initializeProvider();
     this.provider =
       this.networkController.getProviderAndBlockTracker().provider;
@@ -5502,6 +5503,25 @@ export default class MetamaskController extends EventEmitter {
               },
             },
           ),
+        grantPermittedChainsPermission: (chainIds) => {
+          this.permissionController.grantPermissionsIncremental({
+            subject: {
+              origin,
+            },
+            requestData: {
+              approvedChainIds: chainIds,
+            },
+            approvedPermissions: {
+              [PermissionNames.permittedChains]: {
+                caveats: [
+                  CaveatFactories[CaveatTypes.restrictNetworkSwitching](
+                    chainIds,
+                  ),
+                ],
+              },
+            },
+          });
+        },
         requestPermissionsForOrigin:
           this.permissionController.requestPermissions.bind(
             this.permissionController,
@@ -5550,9 +5570,11 @@ export default class MetamaskController extends EventEmitter {
           ),
         setActiveNetwork: async (networkClientId) => {
           await this.networkController.setActiveNetwork(networkClientId);
-          // if the origin has the eth_accounts permission
-          // we set per dapp network selection state
+
+          // If the origin has the `eth_accounts` permission, or if it's a Snap,
+          // we set per origin network selection state.
           if (
+            subjectType === SubjectType.Snap ||
             this.permissionController.hasPermission(
               origin,
               PermissionNames.eth_accounts,