feat: remove isMultichainOrigin guard from wallet_invokeMethod handler (#6703)

## Explanation

Currently it is possible for the window.ethereum provider to grant
solana accounts and scopes in its permission requests. Whether or not
that should be allowed UX is up for debate. Regardless, it causes an
issue where if Solana accounts and scopes are granted AND a dapp also
uses our solana provider, the dapp will be unable to use the solana
provider to make requests without first re-requesting solana accounts
from the solana provider (not the EVM provider). This is because the
permission granted via window.ethereum has `isMultichainOrigin: false`
where as the solana provider's granted permissions go through the
multichain api which will have them set `true` which then gets caught in
this `isMultichainOrigin` guard in `wallet_invokeMethod` handler.

The original purpose of this guard was to make the multichain api
granted permissions equivalent to a window.ethereum set of permissions,
but not the other way around. Trying to encourage multichain api usage
over window.ethereum usage in this manner doesn't really make sense / is
not worth this hassle anymore.

## References

<!--
Are there any issues that this pull request is tied to?
Are there other links that reviewers should consult to understand these
changes better?
Are there client or consumer pull requests to adopt any breaking
changes?

For example:

* Fixes #12345
* Related to #67890
-->

## Checklist

- [ ] I've updated the test suite for new or updated code as appropriate
- [ ] I've updated documentation (JSDoc, Markdown, etc.) for new or
updated code as appropriate
- [ ] I've communicated my changes to consumers by [updating changelogs
for packages I've
changed](https://github.com/MetaMask/core/tree/main/docs/contributing.md#updating-changelogs),
highlighting breaking changes as necessary
- [ ] I've prepared draft pull requests for clients and consumer
packages to resolve any breaking changes

---------

Co-authored-by: Alex Donesky <adonesky@gmail.com>

Author: jiexi

packages/multichain-api-middleware/CHANGELOG.md

@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Changed
+
+- `wallet_invokeMethod` requests no longer fail with unauthorized error if the `isMultichainOrigin` property is false on the requesting origin's CAIP-25 Permission.
+
 ## [1.1.0]
 
 ### Changed

packages/multichain-api-middleware/src/handlers/wallet-invokeMethod.test.ts

@@ -165,18 +165,6 @@ describe('wallet_invokeMethod', () => {
     expect(end).toHaveBeenCalledWith(providerErrors.unauthorized());
   });
 
-  it('throws an unauthorized error when the CAIP-25 endowment permission was not granted from the multichain flow', async () => {
-    const request = createMockedRequest();
-    const { handler, getCaveatForOrigin, end } = createMockedHandler();
-    getCaveatForOrigin.mockReturnValue({
-      value: {
-        isMultichainOrigin: false,
-      },
-    });
-    await handler(request);
-    expect(end).toHaveBeenCalledWith(providerErrors.unauthorized());
-  });
-
   it('throws an unauthorized error if the requested scope is not authorized', async () => {
     const request = createMockedRequest();
     const { handler, end } = createMockedHandler();

packages/multichain-api-middleware/src/handlers/wallet-invokeMethod.ts

@@ -80,7 +80,7 @@ async function walletInvokeMethodHandler(
   } catch {
     // noop
   }
-  if (!caveat?.value?.isMultichainOrigin) {
+  if (!caveat) {
     return end(providerErrors.unauthorized());
   }