The problem HappyHarpie solves

Metamask currently doesn't check if a transaction or message that is being signed, is malicious. Offchain signatures are always changing and innovating. So, implementing safety measures can be a complex task. Luckily, metamask snaps allows the community to create new solutions!

With HappyHarpie the user's are better informed about what they're signing. HappyHarpie uses the Harpie API to warn users about scams before they sign their transaction or eip712 signature.

For normal transactions, it sends the transaction data through the Harpies API. And then reports to the user if the transaction data and/or address is either malicious. Further more we use Sourcify to check if the contract is verified.

For the EIP712 signatures we extract all the address from the signature and use Harpies API to check if they're malicious.
HappieHarpie also checks an Opensea listing (a 712 signature) to check if the listing price is set to 0 or >10% below the floor price

Challenges we ran into

Metamask snaps doesnt wait for promises to resolve when signing a signature. This means that a user wont get a warning message at all when signing, if they click sign before our snap is done calling the external APIs from Harpie.

Harpie supports simulating transaction but can't analyse signature data (like eip712). However, decoding the data is completly doable after spending some quality time on the ethers docs and the 712 proposal

lastly getting the snap icon to work. It kept saying it expect the "never" type.