feat: add getApprovals to PhishingController#8074
Merged
Merged
Conversation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| }, | ||
| ], | ||
| }, | ||
| verdict: 'Benign', |
Contributor
There was a problem hiding this comment.
May as well use the enum that is introduced (ApprovalResultType and ApprovalFeatureType).
Contributor
Author
There was a problem hiding this comment.
Done, updated to use ApprovalResultType and ApprovalFeatureType enums.
| * @param address - The address to get approvals for. | ||
| * @returns The approvals response containing approval data, or empty approvals on error. | ||
| */ | ||
| getApprovals = async ( |
Contributor
There was a problem hiding this comment.
The flow duplicates scanAddress, seems like a good opportunity to extract the shared logic and reuse for both.
Contributor
Author
There was a problem hiding this comment.
Agreed there's duplication. Similar to the test scaffold
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
imblue-dabadee
approved these changes
Mar 25, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
getApprovalsmethod toPhishingControllerthat wraps the security alerts APIPOST /address/evm/approvalsendpoint (Blockaid's approvals endpoint)scanAddresspattern (input validation, chain resolution,safelyExecuteWithTimeout) but intentionally does not cache — the frontend manages stateChanges
src/types.ts— AddedApprovalResultType/ApprovalFeatureTypeenums and types:Approval,ApprovalsResponse,Allowance,ApprovalAsset,Exposure,Spender,ApprovalFeaturesrc/PhishingController.ts— AddedAPPROVALS_ENDPOINTconstant,PhishingControllerGetApprovalsActionaction type, messenger registration, andgetApprovalsmethodsrc/index.ts— Exported all new types and enumssrc/PhishingController.test.ts— Added 8 test cases covering: valid response, missing address/chainId, unknown chain, HTTP errors, timeout, address/chainId normalizationNote
Medium Risk
Adds a new network-backed controller method that calls the Security Alerts approvals endpoint; correctness depends on chain resolution/support gating and error/timeout handling to avoid unexpected empty results.
Overview
Adds a new
PhishingController:getApprovalsmessenger action andgetApprovals(chainId, address)method that POSTs to the Security Alerts API (/address/evm/approvals) to retrieve token approvals with security enrichments, returning{ approvals: [] }for invalid inputs, unsupported/unknown chains, HTTP errors, or timeouts.Introduces approval domain types/enums (
ApprovalsResponse,Approval,ApprovalResultType, etc.), a supported-chain allowlist (APPROVAL_SUPPORTED_CHAINS) withisApprovalSupportedChain, exports these fromindex.ts, and adds comprehensive unit tests covering success, normalization, unsupported chains, errors, and timeout behavior.Written by Cursor Bugbot for commit e2ad990. This will update automatically on new commits. Configure here.