feat: Blockaid Token Security Scanning for Change Trust Operations#90
Open
wantedsystem wants to merge 5 commits into
Open
feat: Blockaid Token Security Scanning for Change Trust Operations#90wantedsystem wants to merge 5 commits into
wantedsystem wants to merge 5 commits into
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds Blockaid token security scanning to Stellar change-trust confirmations (opt-in/opt-out) and centralizes confirmation banner priority so only one banner renders at a time.
Changes:
- Introduces
/token/scansupport end-to-end (API client → service mapping → confirmation context + background refresher). - Integrates token-scan state into change-trust confirmation UI (new
TokenScanAlert, confirm-disable logic, and banner resolution priority). - Adds/updates unit tests and localization strings for the new token-scan UX.
Reviewed changes
Copilot reviewed 27 out of 27 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| packages/snap/src/ui/confirmation/views/ConfirmSignChangeTrustOptOut/ConfirmSignChangeTrustOptOut.tsx | Wires token scan + centralized banner resolution into change-trust opt-out confirmation UI. |
| packages/snap/src/ui/confirmation/views/ConfirmSignChangeTrustOptIn/ConfirmSignChangeTrustOptIn.tsx | Wires token scan + centralized banner resolution into change-trust opt-in confirmation UI. |
| packages/snap/src/ui/confirmation/views/ConfirmSendTransaction/ConfirmSendTransaction.tsx | Switches send confirmation banner rendering to resolveConfirmationBanner. |
| packages/snap/src/ui/confirmation/utils.ts | Adds token-scan confirm-disable logic, token/txn banner visibility helpers, and resolveConfirmationBanner. |
| packages/snap/src/ui/confirmation/utils.test.ts | Adds unit tests for token-scan visibility/disable logic and banner priority resolution. |
| packages/snap/src/ui/confirmation/controller.tsx | Adds scanToken option, plumbs token-scan request/context, and schedules a token-scan refresher. |
| packages/snap/src/ui/confirmation/controller.test.tsx | Tests controller validation for missing token-scan request when scanToken is enabled. |
| packages/snap/src/ui/confirmation/components/TokenScanAlert.tsx | Adds a new confirmation banner component for malicious/warning trustline assets. |
| packages/snap/src/ui/confirmation/components/TokenScanAlert.test.tsx | Adds unit tests for TokenScanAlert rendering behavior. |
| packages/snap/src/ui/confirmation/components/index.ts | Exports TokenScanAlert. |
| packages/snap/src/ui/confirmation/api.ts | Extends confirmation context/types with token-scan state + request structs. |
| packages/snap/src/services/transaction-scan/TransactionScanService.ts | Adds scanToken and token-scan response → result mapping. |
| packages/snap/src/services/transaction-scan/TransactionScanService.test.ts | Adds unit tests for scanToken mapping and error handling. |
| packages/snap/src/services/transaction-scan/SecurityAlertsApiClient.ts | Adds /token/scan request/response support with validation. |
| packages/snap/src/services/transaction-scan/SecurityAlertsApiClient.test.ts | Adds tests for token-scan POST request and HTTP error handling. |
| packages/snap/src/services/transaction-scan/api.ts | Adds token-scan request/response/result types + superstruct validation. |
| packages/snap/src/handlers/cronjob/refreshConfirmationContext/tokenScanRefresher.ts | Adds background refresher to update token scan while confirmation is open. |
| packages/snap/src/handlers/cronjob/refreshConfirmationContext/tokenScanRefresher.test.ts | Adds unit tests for token scan refresher scheduling and state transitions. |
| packages/snap/src/handlers/cronjob/refreshConfirmationContext/index.ts | Exports ConfirmationTokenScanRefresher. |
| packages/snap/src/handlers/cronjob/refreshConfirmationContext/api.ts | Adds TokenScan refresher key. |
| packages/snap/src/handlers/clientRequest/changeTrustOpt.ts | Enables token scanning for change-trust confirmations and passes classic CODE-ISSUER asset reference. |
| packages/snap/src/handlers/clientRequest/changeTrustOpt.test.ts | Updates change-trust tests to expect token-scan wiring. |
| packages/snap/src/context.ts | Registers the token-scan refresher in the background refresh handler. |
| packages/snap/snap.manifest.json | Updates bundle shasum. |
| packages/snap/messages.json | Adds new token-scan localization keys. |
| packages/snap/locales/es.json | Adds token-scan localization keys for Spanish locale file. |
| packages/snap/locales/en.json | Adds token-scan localization keys for English locale file. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Contributor
Author
|
@metamaskbot publish-preview |
|
Preview builds have been published. Learn how to use preview builds in other projects. Expand for full list of packages and versions. |
stanleyyconsensys
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds Blockaid token security scanning for Stellar change-trust confirmations and centralizes confirmation banner priority handling.
Changes
Token Security Scanning
/token/scansupport toSecurityAlertsApiClient.TransactionScanService.scanTokenand token scan response/result mapping.Background Scan Refresh
ConfirmationTokenScanRefresherto perform background token scans while change-trust dialogs are open.Change Trust Integration
CODE-ISSUER.Token Alerts
TokenScanAlertfor malicious and warning-level trustline assets.Confirmation Banner Priority
Centralized confirmation banner priority logic through
resolveConfirmationBannerwith the following order:Behavior Updates
scopeparameter fromscanTokenservice APIs.Test Coverage
Added unit tests covering:
ConfirmationTokenScanRefresherbehaviorReferences
Checklist