fix: remove copy/pasta from sdk-hmac module

- update Dockerfile
- update copied contents to reflect current
  module

Ticket: CE-5010

Author: bitgoAaron

Dockerfile

@@ -52,6 +52,7 @@ COPY --from=builder /tmp/bitgo/modules/abstract-lightning /var/modules/abstract-
 COPY --from=builder /tmp/bitgo/modules/abstract-utxo /var/modules/abstract-utxo/
 COPY --from=builder /tmp/bitgo/modules/blockapis /var/modules/blockapis/
 COPY --from=builder /tmp/bitgo/modules/sdk-api /var/modules/sdk-api/
+COPY --from=builder /tmp/bitgo/modules/sdk-hmac /var/modules/sdk-hmac/
 COPY --from=builder /tmp/bitgo/modules/unspents /var/modules/unspents/
 COPY --from=builder /tmp/bitgo/modules/account-lib /var/modules/account-lib/
 COPY --from=builder /tmp/bitgo/modules/sdk-coin-algo /var/modules/sdk-coin-algo/
@@ -126,6 +127,7 @@ cd /var/modules/abstract-lightning && yarn link && \
 cd /var/modules/abstract-utxo && yarn link && \
 cd /var/modules/blockapis && yarn link && \
 cd /var/modules/sdk-api && yarn link && \
+cd /var/modules/sdk-hmac && yarn link && \
 cd /var/modules/unspents && yarn link && \
 cd /var/modules/account-lib && yarn link && \
 cd /var/modules/sdk-coin-algo && yarn link && \
@@ -203,6 +205,7 @@ RUN cd /var/bitgo-express && \
     yarn link @bitgo/abstract-utxo && \
     yarn link @bitgo/blockapis && \
     yarn link @bitgo/sdk-api && \
+    yarn link @bitgo/sdk-hmac && \
     yarn link @bitgo/unspents && \
     yarn link @bitgo/account-lib && \
     yarn link @bitgo/sdk-coin-algo && \

modules/sdk-hmac/.eslintignore

@@ -1,2 +1 @@
 dist/
-src/opensslbytes.ts

modules/sdk-hmac/CHANGELOG.md

@@ -2,18 +2,3 @@
 
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
-
-# 2.0.0 (2024-08-20)
-
-### Features
-
-- move opensslbytes to own package ([e23c562](https://github.com/BitGo/BitGoJS/commit/e23c5627957916055e68329541dd1eb775704ca5))
-
-### BREAKING CHANGES
-
-- clients using challenge
-  generation & TSS Recovery functions must now
-  install @bitgo/sdk-opensslbytes separately &
-  provide the openSSLBytes WASM themselves.
-
-Ticket: CE-4329

modules/sdk-hmac/README.md

@@ -1,20 +1,50 @@
-# @bitgo/sdk-opensslbytes
+# @bitgo/sdk-sdk-hmac
 
-Isolated module for users of the BitGo SDK that need to generate range proofs or recover funds on a TSS wallet.
+Isolated module for performing hash-based message authentication (HMAC) on API requests.
 
 ## Installation
 
 ```shell
-npm i @bitgo/sdk-api @bitgo/sdk-lib-mpc @bitgo/sdk-opensslbytes
+npm i @bitgo/sdk-hmac
 ```
 
-Import the `openSSLBytes` from this module & pass to related functions that expect it:
-
 ```javascript
-import { loadWebAssembly } from '@bitgo/sdk-opensslbytes';
-import { EcdsaRangeProof } from '@bitgo-beta/sdk-lib-mpc';
+import { calculateRequestHeaders, verifyResponse } from '@bitgo/sdk-hmac';
+
+const bearerToken = 'v2x123...';
+const url = '/api/v2/wallets';
+
+const { hmac, timestamp, tokenHash } = calculateRequestHeaders({
+  url,
+  token: bearerToken,
+  timestamp: new Date().valueOf().toString(),
+  // if making a POST/PUT request with a body, pass as text
+  // text: JSON.stringify(request.body)
+  // optional, can pass 2 or 3 for auth-version
+  // authVersion: 3
+});
+
+const response = await fetch(url, {
+  method: 'GET',
+  headers: {
+    authorization: `Bearer ${tokenHash}`,
+    hmac,
+    'bitgo-auth-version': '2.0',
+    'auth-timestamp': timestamp,
+  },
+});
 
-const openSSLBytes = loadWebAssembly().buffer;
+const verifiedResponse = verifyResponse({
+  url,
+  hmac: response.headers.get('hmac'),
+  statusCode: response.status,
+  text: response.text,
+  timestamp: response.headers.get('timestamp'),
+  token: bearerToken,
+  method: 'get',
+});
 
-const nTilde = await EcdsaRangeProof.generateNtilde(openSSLBytes, 3072);
+if (!verifiedResponse.isValid) {
+  throw new Error('dont trust this response, possible MITM attack');
+}
 ```

modules/sdk-hmac/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@bitgo/sdk-hmac",
   "version": "1.0.0",
-  "description": "Split package for WASM code needed by sdk-lib-mpc",
+  "description": "HMAC module for the BitGo SDK",
   "main": "./dist/src/index.js",
   "types": "./dist/src/index.d.ts",
   "scripts": {
@@ -27,7 +27,7 @@
   "repository": {
     "type": "git",
     "url": "https://github.com/BitGo/BitGoJS.git",
-    "directory": "modules/sdk-opensslbytes"
+    "directory": "modules/sdk-hmac"
   },
   "files": [
     "dist/src"