MetaMask
diff --git a/‎.github/CODEOWNERS‎
Lines changed: 3 additions & 0 deletions b/‎.github/CODEOWNERS‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 2 additions & 0 deletions b/‎README.md‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎packages/shield-controller/CHANGELOG.md‎
Lines changed: 14 additions & 0 deletions b/‎packages/shield-controller/CHANGELOG.md‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎packages/shield-controller/LICENSE‎
Lines changed: 20 additions & 0 deletions b/‎packages/shield-controller/LICENSE‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎packages/shield-controller/README.md‎
Lines changed: 15 additions & 0 deletions b/‎packages/shield-controller/README.md‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎packages/shield-controller/jest.config.js‎
Lines changed: 26 additions & 0 deletions b/‎packages/shield-controller/jest.config.js‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎packages/shield-controller/package.json‎
Lines changed: 84 additions & 0 deletions b/‎packages/shield-controller/package.json‎
Lines changed: 84 additions & 0 deletions
diff --git a/‎packages/shield-controller/src/ShieldController.test.ts‎
Lines changed: 145 additions & 0 deletions b/‎packages/shield-controller/src/ShieldController.test.ts‎
Lines changed: 145 additions & 0 deletions
@@ -75,6 +75,7 @@
 
 ## Web3Auth Team
 /packages/seedless-onboarding-controller @MetaMask/web3auth
+/packages/shield-controller              @MetaMask/web3auth
 
 ## Joint team ownership
 /packages/eth-json-rpc-provider        @MetaMask/wallet-api-platform-engineers @MetaMask/core-platform
@@ -158,5 +159,7 @@
 /packages/foundryup/CHANGELOG.md @MetaMask/mobile-platform @MetaMask/extension-platform @MetaMask/core-platform
 /packages/seedless-onboarding-controller/package.json @MetaMask/web3auth @MetaMask/core-platform
 /packages/seedless-onboarding-controller/CHANGELOG.md @MetaMask/web3auth @MetaMask/core-platform
+/packages/shield-controller/package.json @MetaMask/web3auth @MetaMask/core-platform
+/packages/shield-controller/CHANGELOG.md @MetaMask/web3auth @MetaMask/core-platform
 /packages/network-enablement-controller/package.json @MetaMask/metamask-assets @MetaMask/core-platform
 /packages/network-enablement-controller/CHANGELOG.md @MetaMask/metamask-assets @MetaMask/core-platform
@@ -67,6 +67,7 @@ Each package in this repository has its own README where you can find installati
 - [`@metamask/sample-controllers`](packages/sample-controllers)
 - [`@metamask/seedless-onboarding-controller`](packages/seedless-onboarding-controller)
 - [`@metamask/selected-network-controller`](packages/selected-network-controller)
+- [`@metamask/shield-controller`](packages/shield-controller)
 - [`@metamask/signature-controller`](packages/signature-controller)
 - [`@metamask/token-search-discovery-controller`](packages/token-search-discovery-controller)
 - [`@metamask/transaction-controller`](packages/transaction-controller)
@@ -127,6 +128,7 @@ linkStyle default opacity:0.5
   sample_controllers(["@metamask/sample-controllers"]);
   seedless_onboarding_controller(["@metamask/seedless-onboarding-controller"]);
   selected_network_controller(["@metamask/selected-network-controller"]);
+  shield_controller(["@metamask/shield-controller"]);
   signature_controller(["@metamask/signature-controller"]);
   token_search_discovery_controller(["@metamask/token-search-discovery-controller"]);
   transaction_controller(["@metamask/transaction-controller"]);
 
@@ -0,0 +1,14 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Added
+
+- Initial release of the shield-controller package ([#6137](https://github.com/MetaMask/core/pull/6137))
+
+[Unreleased]: https://github.com/MetaMask/core/
@@ -0,0 +1,20 @@
+MIT License
+
+Copyright (c) 2025 MetaMask
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
@@ -0,0 +1,15 @@
+# `@metamask/shield-controller`
+
+Controller handling shield transaction coverage logic.
+
+## Installation
+
+`yarn add @metamask/shield-controller`
+
+or
+
+`npm install @metamask/shield-controller`
+
+## Contributing
+
+This package is part of a monorepo. Instructions for contributing can be found in the [monorepo README](https://github.com/MetaMask/core#readme).
@@ -0,0 +1,26 @@
+/*
+ * For a detailed explanation regarding each configuration property and type check, visit:
+ * https://jestjs.io/docs/configuration
+ */
+
+const merge = require('deepmerge');
+const path = require('path');
+
+const baseConfig = require('../../jest.config.packages');
+
+const displayName = path.basename(__dirname);
+
+module.exports = merge(baseConfig, {
+  // The display name when running multiple projects
+  displayName,
+
+  // An object that configures minimum threshold enforcement for coverage results
+  coverageThreshold: {
+    global: {
+      branches: 100,
+      functions: 100,
+      lines: 100,
+      statements: 100,
+    },
+  },
+});
@@ -0,0 +1,84 @@
+{
+  "name": "@metamask/shield-controller",
+  "version": "0.0.0",
+  "description": "Controller handling shield transaction coverage logic",
+  "keywords": [
+    "MetaMask",
+    "Ethereum"
+  ],
+  "homepage": "https://github.com/MetaMask/core/tree/main/packages/shield-controller#readme",
+  "bugs": {
+    "url": "https://github.com/MetaMask/core/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/MetaMask/core.git"
+  },
+  "license": "MIT",
+  "sideEffects": false,
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.mts",
+        "default": "./dist/index.mjs"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    },
+    "./package.json": "./package.json"
+  },
+  "main": "./dist/index.cjs",
+  "types": "./dist/index.d.cts",
+  "files": [
+    "dist/"
+  ],
+  "scripts": {
+    "build": "ts-bridge --project tsconfig.build.json --verbose --clean --no-references",
+    "build:docs": "typedoc",
+    "changelog:update": "../../scripts/update-changelog.sh @metamask/shield-controller",
+    "changelog:validate": "../../scripts/validate-changelog.sh @metamask/shield-controller",
+    "publish:preview": "yarn npm publish --tag preview",
+    "test": "NODE_OPTIONS=--experimental-vm-modules jest --reporters=jest-silent-reporter",
+    "test:clean": "NODE_OPTIONS=--experimental-vm-modules jest --clearCache",
+    "test:verbose": "NODE_OPTIONS=--experimental-vm-modules jest --verbose",
+    "test:watch": "NODE_OPTIONS=--experimental-vm-modules jest --watch",
+    "since-latest-release": "../../scripts/since-latest-release.sh"
+  },
+  "dependencies": {
+    "@metamask/base-controller": "^8.1.0",
+    "@metamask/utils": "^11.4.2"
+  },
+  "devDependencies": {
+    "@babel/runtime": "^7.23.9",
+    "@lavamoat/allow-scripts": "^3.0.4",
+    "@lavamoat/preinstall-always-fail": "^2.1.0",
+    "@metamask/auto-changelog": "^3.4.4",
+    "@metamask/transaction-controller": "^59.2.0",
+    "@ts-bridge/cli": "^0.6.1",
+    "@types/jest": "^27.4.1",
+    "deepmerge": "^4.2.2",
+    "jest": "^27.5.1",
+    "ts-jest": "^27.1.4",
+    "typedoc": "^0.24.8",
+    "typedoc-plugin-missing-exports": "^2.0.0",
+    "typescript": "~5.2.2",
+    "uuid": "^8.3.2"
+  },
+  "peerDependencies": {
+    "@metamask/transaction-controller": "^59.2.0"
+  },
+  "engines": {
+    "node": "^18.18 || >=20"
+  },
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/"
+  },
+  "lavamoat": {
+    "allowScripts": {
+      "@lavamoat/allow-scripts>@lavamoat/preinstall-always-fail": false
+    }
+  }
+}
@@ -0,0 +1,145 @@
+import type { TransactionControllerState } from '@metamask/transaction-controller';
+
+import { ShieldController } from './ShieldController';
+import { createMockBackend } from '../tests/mocks/backend';
+import { createMockMessenger } from '../tests/mocks/messenger';
+import { generateMockTxMeta } from '../tests/utils';
+
+/**
+ * Sets up a ShieldController for testing.
+ *
+ * @param options - The options for setup.
+ * @param options.coverageHistoryLimit - The coverage history limit.
+ * @param options.transactionHistoryLimit - The transaction history limit.
+ * @returns Objects that have been created for testing.
+ */
+function setup({
+  coverageHistoryLimit,
+  transactionHistoryLimit,
+}: {
+  coverageHistoryLimit?: number;
+  transactionHistoryLimit?: number;
+} = {}) {
+  const backend = createMockBackend();
+  const { messenger, baseMessenger } = createMockMessenger();
+
+  const controller = new ShieldController({
+    backend,
+    coverageHistoryLimit,
+    transactionHistoryLimit,
+    messenger,
+  });
+  controller.start();
+  return {
+    controller,
+    messenger,
+    baseMessenger,
+    backend,
+  };
+}
+
+describe('ShieldController', () => {
+  describe('checkCoverage', () => {
+    it('should trigger checkCoverage when a new transaction is added', async () => {
+      const { baseMessenger, backend } = setup();
+      const txMeta = generateMockTxMeta();
+      const coverageResultReceived = new Promise<void>((resolve) => {
+        baseMessenger.subscribe(
+          'ShieldController:coverageResultReceived',
+          (_coverageResult) => resolve(),
+        );
+      });
+      baseMessenger.publish(
+        'TransactionController:stateChange',
+        { transactions: [txMeta] } as TransactionControllerState,
+        undefined as never,
+      );
+      expect(await coverageResultReceived).toBeUndefined();
+      expect(backend.checkCoverage).toHaveBeenCalledWith(txMeta);
+    });
+
+    it('should no longer trigger checkCoverage when controller is stopped', async () => {
+      const { controller, baseMessenger, backend } = setup();
+      controller.stop();
+      const txMeta = generateMockTxMeta();
+      const coverageResultReceived = new Promise<void>((resolve, reject) => {
+        baseMessenger.subscribe(
+          'ShieldController:coverageResultReceived',
+          (_coverageResult) => resolve(),
+        );
+        setTimeout(
+          () => reject(new Error('Coverage result not received')),
+          100,
+        );
+      });
+      baseMessenger.publish(
+        'TransactionController:stateChange',
+        { transactions: [txMeta] } as TransactionControllerState,
+        undefined as never,
+      );
+      await expect(coverageResultReceived).rejects.toThrow(
+        'Coverage result not received',
+      );
+      expect(backend.checkCoverage).not.toHaveBeenCalled();
+    });
+
+    it('should purge coverage history when the limit is exceeded', async () => {
+      const { controller } = setup({
+        coverageHistoryLimit: 1,
+      });
+      const txMeta = generateMockTxMeta();
+      await controller.checkCoverage(txMeta);
+      await controller.checkCoverage(txMeta);
+      expect(controller.state.coverageResults).toHaveProperty(txMeta.id);
+      expect(controller.state.coverageResults[txMeta.id].results).toHaveLength(
+        1,
+      );
+    });
+
+    it('should purge transaction history when the limit is exceeded', async () => {
+      const { controller } = setup({
+        transactionHistoryLimit: 1,
+      });
+      const txMeta1 = generateMockTxMeta();
+      const txMeta2 = generateMockTxMeta();
+      await controller.checkCoverage(txMeta1);
+      await controller.checkCoverage(txMeta2);
+      expect(controller.state.coverageResults).toHaveProperty(txMeta2.id);
+      expect(controller.state.coverageResults[txMeta2.id].results).toHaveLength(
+        1,
+      );
+    });
+
+    it('should check coverage when a transaction is simulated', async () => {
+      const { baseMessenger, backend } = setup();
+      const txMeta = generateMockTxMeta();
+      const coverageResultReceived = new Promise<void>((resolve) => {
+        baseMessenger.subscribe(
+          'ShieldController:coverageResultReceived',
+          (_coverageResult) => resolve(),
+        );
+      });
+
+      // Add transaction.
+      baseMessenger.publish(
+        'TransactionController:stateChange',
+        { transactions: [txMeta] } as TransactionControllerState,
+        undefined as never,
+      );
+      expect(await coverageResultReceived).toBeUndefined();
+      expect(backend.checkCoverage).toHaveBeenCalledWith(txMeta);
+
+      // Simulate transaction.
+      txMeta.simulationData = {
+        tokenBalanceChanges: [],
+      };
+      baseMessenger.publish(
+        'TransactionController:stateChange',
+        { transactions: [txMeta] } as TransactionControllerState,
+        undefined as never,
+      );
+      expect(await coverageResultReceived).toBeUndefined();
+      expect(backend.checkCoverage).toHaveBeenCalledWith(txMeta);
+    });
+  });
+});