diff --git a/wallets/metamask/test/e2e/metamask/PPOM.spec.ts b/wallets/metamask/test/e2e/metamask/PPOM.spec.ts new file mode 100644 index 000000000..37e2ca036 --- /dev/null +++ b/wallets/metamask/test/e2e/metamask/PPOM.spec.ts @@ -0,0 +1,82 @@ +import { getNotificationPageAndWaitForLoad } from '../../../src/utils/getNotificationPageAndWaitForLoad' +import { createDataTestSelector } from '../../../src/utils/selectors/createDataTestSelector' +import { testWithMetaMask } from '../testWithMetaMask' + +const test = testWithMetaMask + +const { describe, expect } = test + +const PPOM_ERROR = 'This is a deceptive request' +const PPOM_WARNING = 'Request may not be safe' + +describe('using PPOM security mechanism', () => { + test('should prevent malicious ETH transfer', async ({ context, page, metamask }) => { + await page.locator('#maliciousRawEthButton').click() + + const notificationPage = await getNotificationPageAndWaitForLoad(context, metamask.extensionId || '') + + await expect(notificationPage.locator(createDataTestSelector('security-provider-banner-alert'))).toContainText( + PPOM_ERROR + ) + }) + + test('should prevent malicious ERC20 transfer', async ({ context, page, metamask }) => { + await page.locator('#maliciousERC20TransferButton').click() + + const notificationPage = await getNotificationPageAndWaitForLoad(context, metamask.extensionId || '') + + await expect(notificationPage.locator(createDataTestSelector('security-provider-banner-alert'))).toContainText( + PPOM_WARNING + ) + }) + + test('should prevent malicious ERC20 approval', async ({ context, page, metamask }) => { + await page.locator('#maliciousApprovalButton').click() + + const notificationPage = await getNotificationPageAndWaitForLoad(context, metamask.extensionId || '') + + await expect(notificationPage.locator(createDataTestSelector('security-provider-banner-alert'))).toContainText( + PPOM_WARNING + ) + }) + + test('should prevent malicious approval for all', async ({ context, page, metamask }) => { + await page.locator('#maliciousSetApprovalForAll').click() + + const notificationPage = await getNotificationPageAndWaitForLoad(context, metamask.extensionId || '') + + await expect(notificationPage.locator(createDataTestSelector('security-provider-banner-alert'))).toContainText( + PPOM_WARNING + ) + }) + + test('should prevent malicious permit', async ({ context, page, metamask }) => { + await page.locator('#maliciousPermit').click() + + const notificationPage = await getNotificationPageAndWaitForLoad(context, metamask.extensionId || '') + + await expect(notificationPage.locator(createDataTestSelector('security-provider-banner-alert'))).toContainText( + PPOM_ERROR + ) + }) + + test('should prevent malicious trade order', async ({ context, page, metamask }) => { + await page.locator('#maliciousTradeOrder').click() + + const notificationPage = await getNotificationPageAndWaitForLoad(context, metamask.extensionId || '') + + await expect(notificationPage.locator(createDataTestSelector('security-provider-banner-alert'))).toContainText( + PPOM_ERROR + ) + }) + + test('should prevent malicious seaport', async ({ context, page, metamask }) => { + await page.locator('#maliciousSeaport').click() + + const notificationPage = await getNotificationPageAndWaitForLoad(context, metamask.extensionId || '') + + await expect(notificationPage.locator(createDataTestSelector('security-provider-banner-alert'))).toContainText( + PPOM_ERROR + ) + }) +}) diff --git a/wallets/metamask/test/e2e/metamask/confirmTransaction.spec.ts b/wallets/metamask/test/e2e/metamask/confirmTransaction.spec.ts index 30d59dc76..2db81b225 100644 --- a/wallets/metamask/test/e2e/metamask/confirmTransaction.spec.ts +++ b/wallets/metamask/test/e2e/metamask/confirmTransaction.spec.ts @@ -279,3 +279,16 @@ describe('without gas limit', () => { await metamask.confirmTransaction() }) }) + +describe('using custom transaction form', () => { + test('should send defined amount', async ({ page, metamask, connectToAnvil }) => { + await connectToAnvil() + + await page.locator('#toInput').fill('0x70997970C51812dc3A010C7d01b50e0d17dc79C8') + await page.locator('#amountInput').fill('3') + await page.locator('#gasInput').fill('1000000000') + + await page.locator('#submitForm').click() + await metamask.confirmTransaction() + }) +})