Feat: Block Client Side C2 Requests by Managing a hashed C2 Request B…

…locklist (#4526)

## Explanation

This PR implements new logic to manage a Command and Control (C2)
request blocklist within the Phishing Controller. It introduces updates
to both the PhishingController and PhishingDetector to efficiently
handle and validate URLs against a hashed request blocklist.

### Solution
The proposed changes add a requestBlocklist to the Phishing Controller
and Phishing Detector. This includes methods for updating the blocklist,
checking if a request URL's domain is blocked, and incorporating these
checks into the existing phishing detection workflow. This ensures that
any requests to known malicious C2 domains are identified and blocked.

### Notable Changes
Introduction of requestBlocklist to list types.
Implementation of isBlockedRequest in PhishingController.
Update to #updateStalelist to fetch and include the request blocklist.
Addition of isMaliciousRequestDomain in PhishingDetector for URL
validation against the blocklist.

## Changelog

### `@metamask/phishing-controller`

- **ADDED**: `requestBlocklist` type to ListTypes.
- **ADDED**: `isBlockedRequest` method to PhishingController.
- **ADDED**: Logic to update and check `requestBlocklist` in
`#updateStalelist`.
- **ADDED**: `isMaliciousRequestDomain` method to PhishingDetector.
- **ADDED**: Handling of `requestBlocklist` in PhishingDetector
configuration.
- **ADDED**: `sha256` and `toHex` imports from `ethereum-cryptography`.
- **ADDED**: `sha256Hash` function to generate SHA-256 hash of a domain.

---------

Co-authored-by: Jacob Lebowitz <[email protected]>
Co-authored-by: Prithpal Sooriya <[email protected]>
Co-authored-by: Harry <[email protected]>
Co-authored-by: Mark Stacey <[email protected]>
Co-authored-by: OGPoyraz <[email protected]>
Co-authored-by: Elliot Winkler <[email protected]>
Co-authored-by: Dovydas Stankevicius <[email protected]>
Co-authored-by: Jongsun Suh <[email protected]>
Co-authored-by: Matthew Walsh <[email protected]>
Co-authored-by: cryptodev-2s <[email protected]>
Co-authored-by: Kanthesha Devaramane <[email protected]>
Co-authored-by: Michele Esposito <[email protected]>
Co-authored-by: Mathieu Artu <[email protected]>

packages/phishing-controller/package.json

@@ -44,8 +44,10 @@
   "dependencies": {
     "@metamask/base-controller": "^6.0.3",
     "@metamask/controller-utils": "^11.1.0",
+    "@noble/hashes": "^1.4.0",
     "@types/punycode": "^2.1.0",
     "eth-phishing-detect": "^1.2.0",
+    "ethereum-cryptography": "^2.1.2",
     "fastest-levenshtein": "^1.0.16",
     "punycode": "^2.1.1"
   },