Merge pull request #6078 from BitGo/WIN-5376

DinshawKothari · web-flow · commit ad6eef76aaae · 2025-05-05T20:00:08.000+05:30
fix(sdk-coin-icp): update verifyTransaction to include signableHex parameter
diff --git a/modules/sdk-coin-icp/src/icp.ts b/modules/sdk-coin-icp/src/icp.ts
@@ -38,6 +38,7 @@ import {
   Signatures,
   SigningPayload,
   IcpTransactionExplanation,
+  TransactionHexParams,
 } from './lib/iface';
 import { TransactionBuilderFactory } from './lib/transactionBuilderFactory';
 import utils from './lib/utils';
@@ -85,10 +86,16 @@ export class Icp extends BaseCoin {
     return Math.pow(10, this._staticsCoin.decimalPlaces);
   }
 
-  async explainTransaction(params: { txHex: string }): Promise<IcpTransactionExplanation> {
+  async explainTransaction(params: TransactionHexParams): Promise<IcpTransactionExplanation> {
     const factory = this.getBuilderFactory();
-    const txBuilder = await factory.from(params.txHex);
+    const txBuilder = await factory.from(params.transactionHex);
     const transaction = await txBuilder.build();
+    if (params.signableHex !== undefined) {
+      const generatedSignableHex = txBuilder.transaction.payloadsData.payloads[0].hex_bytes;
+      if (generatedSignableHex !== params.signableHex) {
+        throw new Error('generated signableHex is not equal to params.signableHex');
+      }
+    }
     return transaction.explainTransaction();
   }
 
@@ -98,7 +105,15 @@ export class Icp extends BaseCoin {
     if (!txHex) {
       throw new Error('txHex is required');
     }
-    const explainedTx = await this.explainTransaction({ txHex });
+    const txHexParams: TransactionHexParams = {
+      transactionHex: txHex,
+    };
+
+    if (txPrebuild.txInfo && txPrebuild.txInfo !== undefined && typeof txPrebuild.txInfo === 'string') {
+      txHexParams.signableHex = txPrebuild.txInfo;
+    }
+
+    const explainedTx = await this.explainTransaction(txHexParams);
 
     if (Array.isArray(txParams.recipients) && txParams.recipients.length > 0) {
       if (txParams.recipients.length > 1) {
diff --git a/modules/sdk-coin-icp/src/lib/iface.ts b/modules/sdk-coin-icp/src/lib/iface.ts
@@ -192,3 +192,8 @@ export interface PublicNodeSubmitResponse {
 export interface AccountIdentifierHash {
   hash: Buffer<ArrayBuffer>;
 }
+
+export interface TransactionHexParams {
+  transactionHex: string;
+  signableHex?: string;
+}
diff --git a/modules/sdk-coin-icp/test/unit/icp.ts b/modules/sdk-coin-icp/test/unit/icp.ts
@@ -147,14 +147,15 @@ describe('Internet computer', function () {
   });
 
   describe('Verify a transaction', () => {
-    it('should successfully verify a transaction', async () => {
+    it('should successfully verify a transaction with signable Hex', async () => {
       const unsignedTxn = txBuilder.transaction.unsignedTransaction;
       unsignedTxn.should.be.a.String();
       const payloadsData = txBuilder.transaction.payloadsData;
       const serializedTxFormat = {
         serializedTxHex: payloadsData,
         publicKey: testData.Accounts.account1.publicKey,
       };
+      const signableHex = payloadsData.payloads[0].hex_bytes;
       const serializedTxHex = Buffer.from(JSON.stringify(serializedTxFormat), 'utf-8').toString('hex');
       const txParams = {
         recipients: [
@@ -167,10 +168,69 @@ describe('Internet computer', function () {
       const response = await basecoin.verifyTransaction({
         txPrebuild: {
           txHex: serializedTxHex,
+          txInfo: signableHex,
         },
         txParams: txParams,
       });
       assert(response);
     });
+
+    it('should successfully verify a transaction without signable Hex', async () => {
+      const unsignedTxn = txBuilder.transaction.unsignedTransaction;
+      unsignedTxn.should.be.a.String();
+      const payloadsData = txBuilder.transaction.payloadsData;
+      const serializedTxFormat = {
+        serializedTxHex: payloadsData,
+        publicKey: testData.Accounts.account1.publicKey,
+      };
+      const serializedTxHex = Buffer.from(JSON.stringify(serializedTxFormat), 'utf-8').toString('hex');
+      const txParams = {
+        recipients: [
+          {
+            address: testData.Accounts.account2.address,
+            amount: '10',
+          },
+        ],
+      };
+      const response = await basecoin.verifyTransaction({
+        txPrebuild: {
+          txHex: serializedTxHex,
+        },
+        txParams: txParams,
+      });
+      assert(response);
+    });
+
+    it('should fail to verify a transaction with wrong signable Hex', async () => {
+      const unsignedTxn = txBuilder.transaction.unsignedTransaction;
+      unsignedTxn.should.be.a.String();
+      const payloadsData = txBuilder.transaction.payloadsData;
+      const serializedTxFormat = {
+        serializedTxHex: payloadsData,
+        publicKey: testData.Accounts.account1.publicKey,
+      };
+      const serializedTxHex = Buffer.from(JSON.stringify(serializedTxFormat), 'utf-8').toString('hex');
+      const txParams = {
+        recipients: [
+          {
+            address: testData.Accounts.account2.address,
+            amount: '10',
+          },
+        ],
+      };
+
+      const wrongSignableHexValues =
+        '0a69632d72657175657374523de3c7c5b4613155b74ede2e54493f6acbe8bf6d910154fbbb3a98ba3e0098';
+
+      await basecoin
+        .verifyTransaction({
+          txPrebuild: {
+            txHex: serializedTxHex,
+            txInfo: wrongSignableHexValues,
+          },
+          txParams: txParams,
+        })
+        .should.rejectedWith('generated signableHex is not equal to params.signableHex');
+    });
   });
 });
diff --git a/modules/sdk-core/src/bitgo/utils/tss/ecdsa/ecdsa.ts b/modules/sdk-core/src/bitgo/utils/tss/ecdsa/ecdsa.ts
@@ -744,12 +744,26 @@ export class EcdsaUtils extends BaseEcdsaUtils {
       assert(txRequest.transactions || txRequest.unsignedTxs, 'Unable to find transactions in txRequest');
       const unsignedTx =
         txRequest.apiVersion === 'full' ? txRequest.transactions![0].unsignedTx : txRequest.unsignedTxs[0];
-      await this.baseCoin.verifyTransaction({
-        txPrebuild: { txHex: unsignedTx.signableHex },
-        txParams: params.txParams || { recipients: [] },
-        wallet: this.wallet,
-        walletType: this.wallet.multisigType(),
-      });
+
+      // For ICP transactions, the HSM signs the serializedTxHex, while the user signs the signableHex separately.
+      // Verification cannot be performed directly on the signableHex alone. However, we can parse the serializedTxHex
+      // to regenerate the signableHex and compare it against the provided value for verification.
+      // In contrast, for other coin families, verification is typically done using just the signableHex.
+      if (this.baseCoin.getConfig().family === 'icp') {
+        await this.baseCoin.verifyTransaction({
+          txPrebuild: { txHex: unsignedTx.serializedTxHex, txInfo: unsignedTx.signableHex },
+          txParams: params.txParams || { recipients: [] },
+          wallet: this.wallet,
+          walletType: this.wallet.multisigType(),
+        });
+      } else {
+        await this.baseCoin.verifyTransaction({
+          txPrebuild: { txHex: unsignedTx.signableHex },
+          txParams: params.txParams || { recipients: [] },
+          wallet: this.wallet,
+          walletType: this.wallet.multisigType(),
+        });
+      }
       signablePayload = Buffer.from(unsignedTx.signableHex, 'hex');
       derivationPath = unsignedTx.derivationPath;
     } else if (requestType === RequestType.message) {
diff --git a/modules/sdk-core/src/bitgo/utils/tss/ecdsa/ecdsaMPCv2.ts b/modules/sdk-core/src/bitgo/utils/tss/ecdsa/ecdsaMPCv2.ts
@@ -731,12 +731,26 @@ export class EcdsaMPCv2Utils extends BaseEcdsaUtils {
       assert(txRequest.transactions || txRequest.unsignedTxs, 'Unable to find transactions in txRequest');
       const unsignedTx =
         txRequest.apiVersion === 'full' ? txRequest.transactions![0].unsignedTx : txRequest.unsignedTxs[0];
-      await this.baseCoin.verifyTransaction({
-        txPrebuild: { txHex: unsignedTx.signableHex },
-        txParams: params.txParams || { recipients: [] },
-        wallet: this.wallet,
-        walletType: this.wallet.multisigType(),
-      });
+
+      // For ICP transactions, the HSM signs the serializedTxHex, while the user signs the signableHex separately.
+      // Verification cannot be performed directly on the signableHex alone. However, we can parse the serializedTxHex
+      // to regenerate the signableHex and compare it against the provided value for verification.
+      // In contrast, for other coin families, verification is typically done using just the signableHex.
+      if (this.baseCoin.getConfig().family === 'icp') {
+        await this.baseCoin.verifyTransaction({
+          txPrebuild: { txHex: unsignedTx.serializedTxHex, txInfo: unsignedTx.signableHex },
+          txParams: params.txParams || { recipients: [] },
+          wallet: this.wallet,
+          walletType: this.wallet.multisigType(),
+        });
+      } else {
+        await this.baseCoin.verifyTransaction({
+          txPrebuild: { txHex: unsignedTx.signableHex },
+          txParams: params.txParams || { recipients: [] },
+          wallet: this.wallet,
+          walletType: this.wallet.multisigType(),
+        });
+      }
       txOrMessageToSign = unsignedTx.signableHex;
       derivationPath = unsignedTx.derivationPath;
       bufferContent = Buffer.from(txOrMessageToSign, 'hex');

Original file line number	Diff line number	Diff line change
`@@ -192,3 +192,8 @@ export interface PublicNodeSubmitResponse {`
`192`	`192`	`export interface AccountIdentifierHash {`
`193`	`193`	`hash: Buffer<ArrayBuffer>;`
`194`	`194`	`}`
	`195`	`+`
	`196`	`+export interface TransactionHexParams {`
	`197`	`+ transactionHex: string;`
	`198`	`+ signableHex?: string;`
	`199`	`+}`