Merge pull request #5785 from BitGo/BTC-1934-lightning-wallet-sharing

saravanan7mani · web-flow · commit 9f3813b6ab42 · 2025-03-18T03:45:51.000+05:30
feat(sdk-core): lightning wallet sharing support
diff --git a/modules/bitgo/test/v2/unit/wallet.ts b/modules/bitgo/test/v2/unit/wallet.ts
@@ -2218,42 +2218,77 @@ describe('V2 Wallet:', function () {
       createShareNock.isDone().should.be.True();
     });
 
-    it('should use keychain pub to share hot wallet', async function () {
+    describe('Hot Wallet Sharing', function () {
       const userId = '123';
       const email = 'shareto@sdktest.com';
       const permissions = 'view,spend';
       const toKeychain = utxoLib.bip32.fromSeed(Buffer.from('deadbeef02deadbeef02deadbeef02deadbeef02', 'hex'));
       const path = 'm/999999/1/1';
       const pubkey = toKeychain.derivePath(path).publicKey.toString('hex');
       const walletPassphrase = 'bitgo1234';
-
-      const getSharingKeyNock = nock(bgUrl)
-        .post('/api/v1/user/sharingkey', { email })
-        .reply(200, { userId, pubkey, path });
-
       const pub = 'Zo1ggzTUKMY5bYnDvT5mtVeZxzf2FaLTbKkmvGUhUQk';
-      const getKeyNock = nock(bgUrl)
-        .get(`/api/v2/tbtc/key/${wallet.keyIds()[0]}`)
-        .reply(200, {
-          id: wallet.keyIds()[0],
-          pub,
-          source: 'user',
-          encryptedPrv: bitgo.encrypt({ input: 'xprv1', password: walletPassphrase }),
-          coinSpecific: {},
-        });
 
-      const stub = sinon.stub(wallet, 'createShare').callsFake(async (options) => {
-        // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-        options!.keychain!.pub!.should.not.be.undefined();
-        // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-        options!.keychain!.pub!.should.equal(pub);
-        return undefined;
-      });
-      await wallet.shareWallet({ email, permissions, walletPassphrase });
+      const lightningCoin: any = bitgo.coin('tlnbtc');
+      const lightningWalletData = {
+        id: '5b34252f1bf349930e34020a00000001',
+        coin: 'tlnbtc',
+        keys: ['5b3424f91bf349930e34017500000001'],
+        coinSpecific: { keys: ['5b3424f91bf349930e34017600000000', '5b3424f91bf349930e34017700000000'] },
+        type: 'hot',
+      };
+      const lightningWallet = new Wallet(bitgo, lightningCoin, lightningWalletData);
+
+      for (const hotWallet of [wallet, lightningWallet] as const) {
+        it(`should use keychain pub to share ${hotWallet.coin()} hot wallet`, async function () {
+          const getSharingKeyNock = nock(bgUrl)
+            .post('/api/v1/user/sharingkey', { email })
+            .reply(200, { userId, pubkey, path });
+
+          const getKeyNocks: nock.Scope[] = [];
+          if (hotWallet.baseCoin.getFamily() === 'lnbtc') {
+            for (let i = 0; i < 2; i++) {
+              const keyId = lightningWalletData.coinSpecific.keys[i];
+              const getKeyNock = nock(bgUrl)
+                .get(`/api/v2/tlnbtc/key/${keyId}`)
+                .reply(200, {
+                  id: keyId,
+                  pub: i === 0 ? pub : 'Zo1ggzTUKMY5bYnDvT5mtVeZxzf2FaLTbKkmvGUhUQm',
+                  source: 'user',
+                  encryptedPrv: bitgo.encrypt({ input: 'xprv' + i, password: walletPassphrase }),
+                  coinSpecific:
+                    i === 0
+                      ? { [hotWallet.baseCoin.getChain()]: { purpose: 'userAuth' } }
+                      : { [hotWallet.baseCoin.getChain()]: { purpose: 'nodeAuth' } },
+                });
+              getKeyNocks.push(getKeyNock);
+            }
+          } else {
+            const getKeyNock = nock(bgUrl)
+              .get(`/api/v2/tbtc/key/${wallet.keyIds()[0]}`)
+              .reply(200, {
+                id: wallet.keyIds()[0],
+                pub,
+                source: 'user',
+                encryptedPrv: bitgo.encrypt({ input: 'xprv1', password: walletPassphrase }),
+                coinSpecific: {},
+              });
+            getKeyNocks.push(getKeyNock);
+          }
 
-      stub.calledOnce.should.be.true();
-      getSharingKeyNock.isDone().should.be.True();
-      getKeyNock.isDone().should.be.True();
+          const stub = sinon.stub(hotWallet, 'createShare').callsFake(async (options) => {
+            // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+            options!.keychain!.pub!.should.not.be.undefined();
+            // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+            options!.keychain!.pub!.should.equal(pub);
+            return undefined;
+          });
+          await hotWallet.shareWallet({ email, permissions, walletPassphrase });
+
+          stub.calledOnce.should.be.true();
+          getSharingKeyNock.isDone().should.be.True();
+          getKeyNocks.every((v) => v.isDone().should.be.True());
+        });
+      }
     });
 
     it('should provide skipKeychain to wallet share api for hot wallet', async function () {
diff --git a/modules/sdk-core/src/bitgo/lightning/lightningWalletUtil.ts b/modules/sdk-core/src/bitgo/lightning/lightningWalletUtil.ts
@@ -0,0 +1,29 @@
+import { Wallet } from '../wallet';
+import { KeychainWithEncryptedPrv } from '../keychain';
+
+/**
+ * Get the lightning auth key for the given purpose
+ */
+export async function getLightningAuthKey(
+  wallet: Wallet,
+  purpose: 'userAuth' | 'nodeAuth'
+): Promise<KeychainWithEncryptedPrv> {
+  if (wallet.baseCoin.getFamily() !== 'lnbtc') {
+    throw new Error(`Invalid lightning coin family: ${wallet.baseCoin.getFamily()}`);
+  }
+  const authKeyIds = wallet.coinSpecific()?.keys;
+  if (authKeyIds?.length !== 2) {
+    throw new Error(`Invalid number of auth keys in lightning wallet: ${authKeyIds?.length}`);
+  }
+  const keychains = await Promise.all(authKeyIds.map((id) => wallet.baseCoin.keychains().get({ id })));
+  const userAuthKeychain = keychains.find((v) => {
+    const coinSpecific = v?.coinSpecific?.[wallet.baseCoin.getChain()];
+    return (
+      coinSpecific && typeof coinSpecific === 'object' && 'purpose' in coinSpecific && coinSpecific.purpose === purpose
+    );
+  });
+  if (userAuthKeychain?.encryptedPrv) {
+    return userAuthKeychain as KeychainWithEncryptedPrv;
+  }
+  throw new Error(`Missing lightning ${purpose} keychain with encrypted private key`);
+}
diff --git a/modules/sdk-core/src/bitgo/wallet/wallet.ts b/modules/sdk-core/src/bitgo/wallet/wallet.ts
@@ -111,6 +111,7 @@ import { TxSendBody } from '@bitgo/public-types';
 import { AddressBook, IAddressBook } from '../address-book';
 import { IRequestTracer } from '../../api';
 import { getTxRequestApiVersion, validateTxRequestApiVersion } from '../utils/txRequest';
+import { getLightningAuthKey } from '../lightning/lightningWalletUtil';
 
 const debug = require('debug')('bitgo:v2:wallet');
 
@@ -1609,6 +1610,19 @@ export class Wallet implements IWallet {
     return this.bitgo.post(url).send({ shareOptions: params }).result();
   }
 
+  /**
+   * Gets keychain with encrypted private key to be shared for wallet sharing.
+   */
+  private async getEncryptedWalletKeychainForWalletSharing(): Promise<KeychainWithEncryptedPrv> {
+    if (this.baseCoin.getFamily() === 'lnbtc') {
+      // lightning coin does not use user key to sign the transactions from SDK.
+      // it uses user auth key instead.
+      return await getLightningAuthKey(this, 'userAuth');
+    } else {
+      return await this.getEncryptedUserKeychain();
+    }
+  }
+
   async prepareSharedKeychain(
     walletPassphrase: string | undefined,
     pubkey: string,
@@ -1617,7 +1631,7 @@ export class Wallet implements IWallet {
     let sharedKeychain: SharedKeyChain = {};
 
     try {
-      const keychain = await this.getEncryptedUserKeychain();
+      const keychain = await this.getEncryptedWalletKeychainForWalletSharing();
 
       // Decrypt the user key with a passphrase
       if (keychain.encryptedPrv) {
