feat(sdk-core): add MPC EdDSA address verification

TICKET: WP-6378

Author: pranavjain97

modules/sdk-core/src/bitgo/baseCoin/baseCoin.ts

@@ -47,6 +47,7 @@ import {
   VerifyTransactionOptions,
   AuditKeyParams,
   AuditDecryptedKeyParams,
+  TssVerifyAddressOptions,
 } from './iBaseCoin';
 import { IInscriptionBuilder } from '../inscriptionBuilder';
 import {
@@ -346,7 +347,7 @@ export abstract class BaseCoin implements IBaseCoin {
    * @param params
    * @return true iff address is a wallet address. Must return false if address is outside wallet.
    */
-  abstract isWalletAddress(params: VerifyAddressOptions): Promise<boolean>;
+  abstract isWalletAddress(params: VerifyAddressOptions | TssVerifyAddressOptions): Promise<boolean>;
 
   /**
    * convert address into desired address format.

modules/sdk-core/src/bitgo/baseCoin/iBaseCoin.ts

@@ -149,15 +149,18 @@ export interface VerifyAddressOptions {
   addressType?: string;
   keychains?: {
     pub: string;
-    commonKeychain?: string;
   }[];
   error?: string;
   coinSpecific?: AddressCoinSpecific;
   impliedForwarderVersion?: number;
 }
 
-export interface TssVerifyAddressOptions extends VerifyAddressOptions {
-  chain: string;
+export interface TssVerifyAddressOptions {
+  address: string;
+  keychains: {
+    commonKeychain: string;
+  }[];
+  chain?: string;
   index: string;
 }
 
@@ -552,7 +555,7 @@ export interface IBaseCoin {
   explainTransaction(options: Record<string, any>): Promise<ITransactionExplanation<any, string | number> | undefined>;
   verifyTransaction(params: VerifyTransactionOptions): Promise<boolean>;
   verifyAddress(params: VerifyAddressOptions): Promise<boolean>;
-  isWalletAddress(params: VerifyAddressOptions, wallet?: IWallet): Promise<boolean>;
+  isWalletAddress(params: VerifyAddressOptions | TssVerifyAddressOptions, wallet?: IWallet): Promise<boolean>;
   canonicalAddress(address: string, format: unknown): string;
   supportsBlockTarget(): boolean;
   supportsLightning(): boolean;

modules/sdk-core/src/bitgo/utils/tss/addressVerification.ts

@@ -0,0 +1,50 @@
+import { InvalidAddressError, TssVerifyAddressOptions } from '../../baseCoin/iBaseCoin';
+import { EDDSAMethods } from '../../tss';
+
+/**
+ * Verifies if an address belongs to a wallet using EdDSA TSS MPC derivation.
+ * This is a common implementation for EdDSA-based MPC coins (SOL, DOT, SUI, TON, IOTA, etc.)
+ *
+ * @param params - Verification options including keychains, address, and derivation index
+ * @param isValidAddress - Coin-specific function to validate address format
+ * @param getAddressFromPublicKey - Coin-specific function to convert public key to address
+ * @returns true if the address matches the derived address, false otherwise
+ * @throws {InvalidAddressError} if the address is invalid
+ * @throws {Error} if required parameters are missing or invalid
+ */
+export async function verifyEddsaTssWalletAddress(
+  params: TssVerifyAddressOptions,
+  isValidAddress: (address: string) => boolean,
+  getAddressFromPublicKey: (publicKey: string) => string
+): Promise<boolean> {
+  const { keychains, address, index } = params;
+
+  if (!isValidAddress(address)) {
+    throw new InvalidAddressError(`invalid address: ${address}`);
+  }
+
+  if (!keychains || keychains.length === 0) {
+    throw new Error('missing required param keychains');
+  }
+
+  // For MPC coins, commonKeychain should be the same for all keychains
+  const commonKeychain = keychains[0].commonKeychain as string;
+  if (!commonKeychain) {
+    throw new Error('missing required param commonKeychain');
+  }
+
+  // Verify all keychains have the same commonKeychain
+  for (const keychain of keychains) {
+    if (keychain.commonKeychain !== commonKeychain) {
+      throw new Error('all keychains must have the same commonKeychain for MPC coins');
+    }
+  }
+
+  // Only perform derivation once since commonKeychain is the same
+  const MPC = await EDDSAMethods.getInitializedMpcInstance();
+  const derivationPath = 'm/' + index;
+  const derivedPublicKey = MPC.deriveUnhardened(commonKeychain, derivationPath).slice(0, 64);
+  const expectedAddress = getAddressFromPublicKey(derivedPublicKey);
+
+  return address === expectedAddress;
+}

modules/sdk-core/src/bitgo/utils/tss/index.ts

@@ -14,3 +14,4 @@ export { ITssUtils, IEddsaUtils, TxRequest, EddsaUnsignedTransaction } from './e
 
 export * as BaseTssUtils from './baseTSSUtils';
 export * from './baseTypes';
+export * from './addressVerification';