[19.x] Backport fix: keyrings restore failure

Author: mikesposito

eslint-warning-thresholds.json

@@ -247,7 +247,7 @@
   },
   "packages/keyring-controller/src/KeyringController.ts": {
     "@typescript-eslint/no-unsafe-enum-comparison": 5,
-    "@typescript-eslint/no-unused-vars": 2
+    "@typescript-eslint/no-unused-vars": 1
   },
   "packages/keyring-controller/tests/mocks/mockKeyring.ts": {
     "@typescript-eslint/prefer-readonly": 1

packages/keyring-controller/CHANGELOG.md

@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Fixed
+
+- Fixed duplication of unsupported keyrings ([#5535](https://github.com/MetaMask/core/pull/5535))
+- Enforce keyrings metadata alignment when unlocking existing vault ([#5535](https://github.com/MetaMask/core/pull/5535))
+- Fixed frozen object mutation attempt when updating metadata ([#5535](https://github.com/MetaMask/core/pull/5535))
+
 ## [19.2.1]
 
 ### Changed

packages/keyring-controller/jest.config.js

@@ -17,10 +17,10 @@ module.exports = merge(baseConfig, {
   // An object that configures minimum threshold enforcement for coverage results
   coverageThreshold: {
     global: {
-      branches: 93.56,
+      branches: 93.14,
       functions: 100,
-      lines: 98.73,
-      statements: 98.74,
+      lines: 98.61,
+      statements: 98.62,
     },
   },
 

packages/keyring-controller/src/KeyringController.test.ts

@@ -198,17 +198,19 @@ describe('KeyringController', () => {
       });
 
       it('should throw an error if there is no primary keyring', async () => {
-        await withController(async ({ controller, encryptor }) => {
-          await controller.setLocked();
-          jest
-            .spyOn(encryptor, 'decrypt')
-            .mockResolvedValueOnce([{ type: 'Unsupported', data: '' }]);
-          await controller.submitPassword('123');
+        await withController(
+          { skipVaultCreation: true, state: { vault: 'my vault' } },
+          async ({ controller, encryptor }) => {
+            jest
+              .spyOn(encryptor, 'decrypt')
+              .mockResolvedValueOnce([{ type: 'Unsupported', data: '' }]);
+            await controller.submitPassword('123');
 
-          await expect(controller.addNewAccount()).rejects.toThrow(
-            'No HD keyring found',
-          );
-        });
+            await expect(controller.addNewAccount()).rejects.toThrow(
+              'No HD keyring found',
+            );
+          },
+        );
       });
     });
 
@@ -265,46 +267,6 @@ describe('KeyringController', () => {
     });
   });
 
-  describe('when the keyringMetadata length is different from the number of keyrings', () => {
-    it('should throw an error if the keyring metadata length mismatch', async () => {
-      const vaultWithOneKeyring = await withController(
-        async ({ controller }) => controller.state.vault,
-      );
-
-      await withController(
-        {
-          skipVaultCreation: true,
-          state: {
-            vault: vaultWithOneKeyring, // pass non-empty vault
-            keyringsMetadata: [
-              { id: '1', name: '' },
-              { id: '2', name: '' },
-            ],
-          },
-        },
-        async ({ controller, encryptor }) => {
-          jest.spyOn(encryptor, 'decrypt').mockResolvedValueOnce([
-            {
-              type: 'HD Key Tree',
-              data: {
-                keyrings: [
-                  {
-                    type: 'HD Key Tree',
-                    accounts: ['0x123'],
-                  },
-                ],
-              },
-            },
-          ]);
-          await controller.submitPassword(password);
-          await expect(controller.addNewAccount()).rejects.toThrow(
-            KeyringControllerError.KeyringMetadataLengthMismatch,
-          );
-        },
-      );
-    });
-  });
-
   describe('addNewAccountForKeyring', () => {
     describe('when accountCount is not provided', () => {
       it('should add new account', async () => {
@@ -1083,21 +1045,23 @@ describe('KeyringController', () => {
       });
 
       it('should throw an error if there is no keyring', async () => {
-        await withController(async ({ controller, encryptor }) => {
-          await controller.setLocked();
-          jest
-            .spyOn(encryptor, 'decrypt')
-            .mockResolvedValueOnce([{ type: 'Unsupported', data: '' }]);
-          await controller.submitPassword('123');
+        await withController(
+          { skipVaultCreation: true, state: { vault: 'my vault' } },
+          async ({ controller, encryptor }) => {
+            jest
+              .spyOn(encryptor, 'decrypt')
+              .mockResolvedValueOnce([{ type: 'Unsupported', data: '' }]);
+            await controller.submitPassword('123');
 
-          await expect(
-            controller.getKeyringForAccount(
-              '0x0000000000000000000000000000000000000000',
-            ),
-          ).rejects.toThrow(
-            'KeyringController - No keyring found. Error info: There are no keyrings',
-          );
-        });
+            await expect(
+              controller.getKeyringForAccount(
+                '0x0000000000000000000000000000000000000000',
+              ),
+            ).rejects.toThrow(
+              'KeyringController - No keyring found. Error info: There are no keyrings',
+            );
+          },
+        );
       });
 
       it('should throw an error if the controller is locked', async () => {
@@ -2579,9 +2543,12 @@ describe('KeyringController', () => {
 
         it('should unlock also with unsupported keyrings', async () => {
           await withController(
-            { cacheEncryptionKey },
+            {
+              cacheEncryptionKey,
+              skipVaultCreation: true,
+              state: { vault: 'my vault' },
+            },
             async ({ controller, encryptor }) => {
-              await controller.setLocked();
               jest.spyOn(encryptor, 'decrypt').mockResolvedValueOnce([
                 {
                   type: 'UnsupportedKeyring',
@@ -2598,9 +2565,12 @@ describe('KeyringController', () => {
 
         it('should throw error if vault unlocked has an unexpected shape', async () => {
           await withController(
-            { cacheEncryptionKey },
+            {
+              cacheEncryptionKey,
+              skipVaultCreation: true,
+              state: { vault: 'my vault' },
+            },
             async ({ controller, encryptor }) => {
-              await controller.setLocked();
               jest.spyOn(encryptor, 'decrypt').mockResolvedValueOnce([
                 {
                   foo: 'bar',
@@ -2625,6 +2595,60 @@ describe('KeyringController', () => {
           );
         });
 
+        it('should unlock succesfully when the controller is instantiated with an existing `keyringsMetadata`', async () => {
+          await withController(
+            {
+              cacheEncryptionKey,
+              state: { keyringsMetadata: [], vault: 'my vault' },
+              skipVaultCreation: true,
+            },
+            async ({ controller, encryptor }) => {
+              jest.spyOn(encryptor, 'decrypt').mockResolvedValueOnce([
+                {
+                  type: KeyringTypes.hd,
+                  data: {
+                    accounts: ['0x123'],
+                  },
+                },
+              ]);
+
+              await controller.submitPassword(password);
+
+              expect(controller.state.keyringsMetadata).toHaveLength(1);
+            },
+          );
+        });
+
+        it('should throw an error when the controller is instantiated with an existing `keyringsMetadata` with too many objects', async () => {
+          await withController(
+            {
+              cacheEncryptionKey,
+              state: {
+                keyringsMetadata: [
+                  { id: '123', name: '' },
+                  { id: '456', name: '' },
+                ],
+                vault: 'my vault',
+              },
+              skipVaultCreation: true,
+            },
+            async ({ controller, encryptor }) => {
+              jest.spyOn(encryptor, 'decrypt').mockResolvedValueOnce([
+                {
+                  type: KeyringTypes.hd,
+                  data: {
+                    accounts: ['0x123'],
+                  },
+                },
+              ]);
+
+              await expect(controller.submitPassword(password)).rejects.toThrow(
+                KeyringControllerError.KeyringMetadataLengthMismatch,
+              );
+            },
+          );
+        });
+
         !cacheEncryptionKey &&
           it('should throw error if password is of wrong type', async () => {
             await withController(
@@ -2669,9 +2693,17 @@ describe('KeyringController', () => {
 
     it('should unlock also with unsupported keyrings', async () => {
       await withController(
-        { cacheEncryptionKey: true },
+        {
+          cacheEncryptionKey: true,
+          skipVaultCreation: true,
+          state: {
+            vault: JSON.stringify({ data: '0x123', salt: 'my salt' }),
+            // @ts-expect-error we want to force the controller to have an
+            // encryption salt equal to the one in the vault
+            encryptionSalt: 'my salt',
+          },
+        },
         async ({ controller, initialState, encryptor }) => {
-          await controller.setLocked();
           jest.spyOn(encryptor, 'decrypt').mockResolvedValueOnce([
             {
               type: 'UnsupportedKeyring',
@@ -2798,17 +2830,19 @@ describe('KeyringController', () => {
     });
 
     it('should throw an error if there is no primary keyring', async () => {
-      await withController(async ({ controller, encryptor }) => {
-        await controller.setLocked();
-        jest
-          .spyOn(encryptor, 'decrypt')
-          .mockResolvedValueOnce([{ type: 'Unsupported', data: '' }]);
-        await controller.submitPassword('123');
+      await withController(
+        { skipVaultCreation: true, state: { vault: 'my vault' } },
+        async ({ controller, encryptor }) => {
+          jest
+            .spyOn(encryptor, 'decrypt')
+            .mockResolvedValueOnce([{ type: 'Unsupported', data: '' }]);
+          await controller.submitPassword('123');
 
-        await expect(controller.verifySeedPhrase()).rejects.toThrow(
-          KeyringControllerError.KeyringNotFound,
-        );
-      });
+          await expect(controller.verifySeedPhrase()).rejects.toThrow(
+            KeyringControllerError.KeyringNotFound,
+          );
+        },
+      );
     });
 
     it('should throw error when the controller is locked', async () => {
@@ -4191,18 +4225,20 @@ describe('KeyringController', () => {
       it('should rollback the controller keyrings if the keyring creation fails', async () => {
         const mockAddress = '0x4584d2B4905087A100420AFfCe1b2d73fC69B8E4';
         stubKeyringClassWithAccount(MockKeyring, mockAddress);
-
+        // Mocking the serialize method to throw an error will
+        // halt the controller everytime it tries to persist the keyring,
+        // making it impossible to update the vault
+        jest
+          .spyOn(MockKeyring.prototype, 'serialize')
+          .mockImplementation(async () => {
+            throw new Error('You will never be able to persist me!');
+          });
         await withController(
           { keyringBuilders: [keyringBuilderFactory(MockKeyring)] },
           async ({ controller, initialState }) => {
-            // We're mocking BaseController .update() to throw an error, as it's the last operation
-            // that is called before the function is rolled back.
-            jest.spyOn(controller, 'update' as never).mockImplementation(() => {
-              throw new Error('You will never be able to change me!');
-            });
             await expect(
               controller.addNewKeyring(MockKeyring.type),
-            ).rejects.toThrow('You will never be able to change me!');
+            ).rejects.toThrow('You will never be able to persist me!');
 
             expect(controller.state).toStrictEqual(initialState);
             await expect(