I am trying to understand the implementation of the Ethereum provider API provided by MetaMask. I understand that MetaMask injects an object into the global window, and all requests made using that “window.ethereum” object are passed through MetaMask’s extension and processed according to what that specific request. I am confused as to how that’s exactly implemented. A more specific question: When I enter the command “window.ethereum.enable()”, how is that communicated to the extension?
Willing to send over 0.015 ETH or equivalent BTC if anyone could explain the technical implementation of the this provider API. Thank you!
The browser allows extensions like MetaMask to run JavaScript code on all websites and the executed code has higher privileges than normal JavaScript.
The higher privilege includes being allowed to call chrome.runtime.sendMessage which dispatches a message to another part of the MetaMask extension running in a privileged scope that is isolated from the code running inside the website.
This isolation is for security purposes and is required by browsers.
The code running in the privileged scope then calls chrome.windows.create which creates a new popup window and load an HTML page from the extension code which is the MetaMask window that you typically see.