All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Fix validation of primary type for signTypedDataV3 and signTypedDataV4 (#353)
- It was updated to handle
undefined
input
- It was updated to handle
- Bump
@metamask/eth-block-tracker
from^11.0.3
to^11.0.4
(#351) - Bump
@metamask/eth-json-rpc-provider
from^4.1.5
to^4.1.7
(#351) - Bump
@metamask/eth-sig-util
from^7.0.3
to^8.1.2
(#351) - Bump
@metamask/json-rpc-engine
from^10.0.0
to^10.0.2
(#351) - Bump
@metamask/rpc-errors
from^7.0.0
to^7.0.2
(#351) - Bump
@metamask/utils
from^9.1.0
to^11.0.1
(#351)
- Improved validation of primary type for signTypedDataV3 and signTypedDataV4 (#350)
- Bump
@metamask/eth-block-tracker
from^11.0.1
to^11.0.3
(#347)
- BREAKING: Update
@metamask/rpc-errors
from^6.3.1
to^7.0.0
(#342) - BREAKING: Update
@metamask/json-rpc-engine
from^9.0.2
to^10.0.0
(#342) - Bump
@metamask/eth-json-rpc-provider
from^4.1.1
to^4.1.5
(#342)
- BREAKING: Remove
eth_sign
support (#320)- The functions
ethSign
andprocessEthSignMessage
have been removed
- The functions
- Allow the string "cosmos" in the "verifyingContract" field of EIP-712 signatures (#333)
- This change was made to support Ethermint's EIP-712 implementation, which was broken by validation added in v14.0.0
- Request validation should not throw if verifyingContract is not defined in typed signature (#328)
- BREAKING: Adapt to EIP-1193 provider changes by replacing the deprecated
sendAsync
method with therequest
method (#317)- BREAKING: Refactor
providerAsMiddleware
and middleware functionsretryOnEmpty
,block-ref
to use therequest
method.
- BREAKING: Refactor
- Bump
@metamask/eth-block-tracker
from^10.0.0
to^11.0.1
(#323) - Bump
@metamask/eth-json-rpc-provider
from^4.0.0
to^4.1.1
(#323, #317) - Bump
@metamask/eth-sig-util
from^7.0.0
to^7.0.3
(#323) - Bump
@metamask/json-rpc-engine
from^9.0.0
to^9.0.2
(#323) - Bump
@metamask/rpc-errors
from^6.0.0
to^6.3.1
(#323) - Bump
@metamask/utils
from^8.1.0
to^9.1.0
(#323)
- BREAKING: Typed signature validation only replaces
0X
prefix with0x
, and contract address normalization is removed for decimal and octal values (#318)- Threat actors have been manipulating
eth_signTypedData_v4
fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address.
- This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x".
- Threat actors have been manipulating
- BREAKING: Drop support for Node.js v16; add support for Node.js v20, v22 (#312)
- Update
@metamask/eth-json-rpc-provider
from^3.0.2
to^4.0.0
(#313) - Update
@metamask/eth-block-tracker
from^9.0.3
to^10.0.0
(#313) - Update
@metamask/json-rpc-engine
from^8.0.2
to^9.0.0
(#313)
- Update
@metamask/eth-block-tracker
from^9.0.2
to^9.0.3
(#306)- Use updated versions of
@metamask/eth-json-rpc-engine
and@metamask/eth-json-rpc-provider
- Use updated versions of
- Update
@metamask/eth-json-rpc-provider
from^2.1.0
to^3.0.2
(#306)- Use updated version of
@metamask/eth-json-rpc-engine
- Use updated version of
- Update
@metamask/json-rpc-engine
from^7.1.1
to^8.0.2
(#306)- Maintenance updates
- Update from
eth-block-tracker@^8.0.0
to@metamask/eth-block-tracker@^9.0.2
(#303)- Mitigates polling-loop related concurrency issue in the block tracker.
- Add
signatureMethod
property toMessageParams
(#273) - Add
version
property toeth_signTypedData
message params (#282)
- Update message types (#282)
- Bump @metamask/json-rpc-engine from 7.1.1 to 7.2.0 (#256)
- Bump @metamask/utils from 8.1.0 to 8.2.0 (#258)
- Bump @metamask/rpc-errors from 6.0.0 to 6.1.0 (#253)
- Bump @metamask/eth-json-rpc-provider from 2.1.0 to 2.2.0 (#252)
- Update
retryOnEmpty
middleware to not retry "execution reverted" errors (#254)
- Fix
signTransaction
andsendTransaction
so it preserves transaction data instead of overwriting it (#263)
- BREAKING: Minimum Node.js version is now v16 (#243)
- BREAKING: Bump
@metamask/utils
from^5.0.2
to^8.1.0
(#241) - BREAKING: Bump
@metamask/eth-json-rpc-provider
from^1.0.0
to^2.1.0
(#245) - BREAKING: Migrate from eth-rpc-errors
^4.0.3
to@metamask/rpc-errors
^6.0.0
(#245) - BREAKING: Migrate from json-rpc-engine
^6.1.0
to@metamask/json-rpc-engine
^7.1.1
(#245) - Bump
@metamask/eth-sig-util
from^6.0.0
to^7.0.0
(#248) - Bump
@metamask/eth-block-tracker
from^7.0.1
to^8.0.0
(#245) - Replace deep-cloning implemantation
clone
withklona/full
(#250)
- Bump @metamask/eth-sig-util from ^5.0.0 to ^6.0.0 (#236)
- Bump @metamask/utils from ^3.5.0 to ^5.0.2 (#201)
- Bump eth-block-tracker from ^7.0.0 to ^7.0.1 (#204)
- BREAKING: Update
eth-block-tracker
to v7 (#196, #188)- This changes the expected type of the
blockTracker
parameter for the following functions:createBlockCacheMiddleware
createBlockRefMiddleware
createBlockRefRewriteMiddleware
createBlockTrackerInspectorMiddleware
createRetryOnEmptyMiddleware
- Only the type change is breaking; there is no functional change here.
- This changes the expected type of the
- BREAKING: Add new required parameters for the
fetch
middleware (#192, #190)- The required parameters are
fetch
andbtoa
. Previously we would either use the global by that name (if one existed), or a polyfill. Those polyfills have been removed.
- The required parameters are
- Replace
json-stable-stringify
withsafe-stable-stringify
(#104)- This should slightly improve performance of the inlight cache and block cache middleware
- BREAKING: Remove
providerFromEngine
andproviderFromMiddleware
(#194)- These are now provided by the package
@metamask/eth-json-rpc-provider
instead
- These are now provided by the package
- BREAKING: Remove unnecessary
suppressUnauthorized
option (#193)
- BREAKING: Fix types for
createWalletMiddleware
(#111)- This middleware had previously included a number of errors, where the type contradicted the Ethereum JSON-RPC specification and how we've been using this middleware in practice. They should all now match the specification.
- BREAKING: Rename the package from
eth-json-rpc-middleware
to@metamask/eth-json-rpc-middleware
(#180) - Change all middleware request and response types to
unknown
(#183)- This more accurately reflects the expectations of the middleware, and the way they had been used. This was required to more easily compose this middleware with others that had non-matching types.
- The block cache and the inflight cache middleware types have been updated to include the
skipCache
request property (#178)- This property was always supported, but it was missing from the type.
- Fix
block-ref
middleware, and prevent it from making a duplicate request (#151) - Fix
retryOnEmpty
middleware and prevent it from making duplicate requests (#147)
- Add logging (#140)
- You will not be able to see log messages by default, but you can turn them on for this library by setting the
DEBUG
environment variable tometamask:eth-json-rpc-middleware:*
ormetamask:*
.
- You will not be able to see log messages by default, but you can turn them on for this library by setting the
- BREAKING: Require Node >= 14 (#137)
- Expose
SafeEventEmitterProvider
type (#127)
- Move
eth-block-tracker
fromdevDependencies
todependencies
(#125)- We depend upon this package only for types.
- Added
suppressUnauthorized
param togetAccounts
(#116)
- Bump
node-fetch
to resolve vulnerability (#115)
- Restore support for query strings in fetch middleware (#109)
- As of
v7.0.0
, query strings were silently dropped from RPC URLs passed in. Now they are preserved, as was the case inv6.0.0
.
- As of
8.0.0 - 2021-11-04
- BREAKING: Add
eth_signTransaction
support (#96)- We consider this breaking because a wallet application may not support this method, and would have to explicitly block it until its implications can be adequately represented to the user.
- Add
send
method to provider andethersProviderAsMiddleware
(#97)
7.0.1 - 2021-03-26
blockTrackerInspectorMiddleware
(#88)- Due to an error introduced in #68, this middleware would sometimes hang indefinitely.
7.0.0 - 2021-03-25
- TypeScript types (#68)
- (BREAKING) Move middleware files to
/src
folder (#60) - (BREAKING) Convert all exports to named (#81)
- Migrate to TypeScript (#68)
- Replace
url
dependency with native URL global (#67) - Ask bundlers to ignore Node-specific depedencies in browser environments (#78, #84)
- Removed various unused production dependencies (#10, #80)
- (BREAKING) Parity middleware (#63)
- Previously imported as
eth-json-rpc-middleware/wallet-parity.js
- Previously imported as
- (BREAKING) Scaffold middleware (#60)
- This was just a re-export from
json-rpc-engine
.
- This was just a re-export from
retryOnEmpty
middleware error messages (#58)- They were referencing a different middleware.
- Default unrecognized methods to never be cached (#66)
- Only publish necessary files (#70)
- Robustify
providerFromEngine
callback parameter validation (#76)- Previously, it only errored if the parameter was falsy. Now, it will error if it is not a function.
- Passing the previous implementation a truthy, non-function value would cause fatal downstream errors.
- Prevent caching unrecognized requests (#75)
- Previously, nonsense values were sometimes cached, resulting in an ugly state and possibly a minor performance penalty.
6.0.0 - 2020-09-22
- (BREAKING) Delete VM middleware (#56)
- Previously imported as
eth-json-rpc-middleware/vm.js
- Previously imported as