Here is a simple flow chart using mermaid:
sequenceDiagram
autonumber
actor User
participant MME as MetaMask-Extension (MME)
participant MMD as MetaMask-Desktop (MMD)
User->>MME: "Enable Desktop App" button clicked
MME->>MMD: start a limited connection
activate MMD
Note over MME,MMD: - Create WebSocket<br/>- Encrypt Stream<br/>- Perform Handshake
MMD->>MME: return connection established
deactivate MMD
Note over MME: Generates TOTP
MME->>User: display Pairing Page to the user
User->>MMD: submit TOTP (6 digits) displayed in the MME
Note over MME: - Validate TOTP<br/>- Create Pairing Key
Note over MME: - Save the pairing key hash<br/>- Enable desktop app
MME->>MMD: send pairing key
MMD->>MMD: save pairing key<br>enable desktop
MME->>MMD: transfer/sync state
Note over MME: Restart to run the background<br> process in the MMD
All starts on the MetaMask extension side whenever a user clicks Enable Desktop App
in Settings>Experimental.
The MetaMask extension connects with MetaMask Desktop via a WebSocket. Once the streams are created and the handshake is completed, a 6 digit TOTP is displayed.
The SHA1
based TOTP is refreshed every 30 seconds and is generated by OTPAuth.
Every 5 TOTP attempts the secret is renewed.
After the user enters the 6 digits and the TOTP is validated by the MetaMask extension:
- A pairing key is generated and sent to MetaMask Desktop.
- Desktop mode is enabled in the extension.
- The hash of the pairing key is saved in the extension state.
Once the pairing is completed, whenever a new connection occurs, the extension waits for the desktop pairing key, hashes it, and checks if it matches the stored hash before establishing the authorised connection and transferring the current MetaMask state.
Once the authorised connection is active, the state is continuously synchronised between MetaMask Desktop and the MetaMask extension whenever the persisted state is updated.