feat(mbe): api to sign and send unsigned txrequest

pranavjain97 · pranavjain97 · commit 1bf290ea49cb · 2025-07-09T18:07:50.000-04:00
Ticket: WP-5238
diff --git a/masterBitgoExpress.json b/masterBitgoExpress.json
@@ -6,6 +6,120 @@
     "description": "BitGo Enclaved Express - Secure enclave for BitGo signing operations with mTLS"
   },
   "paths": {
+    "/api/{coin}/wallet/{walletId}/accelerate": {
+      "post": {
+        "parameters": [
+          {
+            "name": "walletId",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "coin",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "type": "object",
+                "properties": {
+                  "pubkey": {
+                    "type": "string"
+                  },
+                  "source": {
+                    "type": "string",
+                    "enum": [
+                      "user",
+                      "backup"
+                    ]
+                  },
+                  "cpfpTxIds": {
+                    "type": "array",
+                    "items": {
+                      "type": "string"
+                    }
+                  },
+                  "cpfpFeeRate": {
+                    "type": "number"
+                  },
+                  "maxFee": {
+                    "type": "number"
+                  },
+                  "rbfTxIds": {
+                    "type": "array",
+                    "items": {
+                      "type": "string"
+                    }
+                  },
+                  "feeMultiplier": {
+                    "type": "number"
+                  }
+                },
+                "required": [
+                  "pubkey",
+                  "source"
+                ]
+              }
+            }
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "type": "object",
+                  "properties": {
+                    "txid": {
+                      "type": "string"
+                    },
+                    "tx": {
+                      "type": "string"
+                    }
+                  },
+                  "required": [
+                    "txid",
+                    "tx"
+                  ]
+                }
+              }
+            }
+          },
+          "500": {
+            "description": "Internal Server Error",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "type": "object",
+                  "properties": {
+                    "error": {
+                      "type": "string"
+                    },
+                    "details": {
+                      "type": "string"
+                    }
+                  },
+                  "required": [
+                    "error",
+                    "details"
+                  ]
+                }
+              }
+            }
+          }
+        }
+      }
+    },
     "/api/{coin}/wallet/{walletId}/consolidate": {
       "post": {
         "parameters": [
@@ -142,9 +256,6 @@
                       "backup"
                     ]
                   },
-                  "walletPassphrase": {
-                    "type": "string"
-                  },
                   "feeRate": {
                     "type": "number"
                   },
@@ -463,6 +574,92 @@
         }
       }
     },
+    "/api/{coin}/wallet/{walletId}/txrequest/{txRequestId}/signAndSend": {
+      "post": {
+        "parameters": [
+          {
+            "name": "walletId",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "coin",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "txRequestId",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "type": "object",
+                "properties": {
+                  "source": {
+                    "type": "string",
+                    "enum": [
+                      "user",
+                      "backup"
+                    ]
+                  },
+                  "commonKeychain": {
+                    "type": "string"
+                  }
+                },
+                "required": [
+                  "source"
+                ]
+              }
+            }
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {}
+              }
+            }
+          },
+          "500": {
+            "description": "Internal Server Error",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "type": "object",
+                  "properties": {
+                    "error": {
+                      "type": "string"
+                    },
+                    "details": {
+                      "type": "string"
+                    }
+                  },
+                  "required": [
+                    "error",
+                    "details"
+                  ]
+                }
+              }
+            }
+          }
+        }
+      }
+    },
     "/api/{coin}/wallet/generate": {
       "post": {
         "parameters": [
@@ -503,6 +700,7 @@
                 },
                 "required": [
                   "label",
+                  "multisigType",
                   "enterprise"
                 ]
               }
diff --git a/src/api/master/handlers/handleSignAndSendTxRequest.ts b/src/api/master/handlers/handleSignAndSendTxRequest.ts
@@ -0,0 +1,62 @@
+import { getTxRequest, KeyIndices, RequestTracer } from '@bitgo/sdk-core';
+import logger from '../../../logger';
+import { signAndSendTxRequests } from './transactionRequests';
+import { MasterApiSpecRouteRequest } from '../routers/masterApiSpec';
+
+export async function handleSignAndSendTxRequest(
+  req: MasterApiSpecRouteRequest<'v1.wallet.txrequest.signAndSend', 'post'>,
+) {
+  const enclavedExpressClient = req.enclavedExpressClient;
+  const reqId = new RequestTracer();
+  const bitgo = req.bitgo;
+  const baseCoin = bitgo.coin(req.params.coin);
+
+  const params = req.decoded;
+
+  const walletId = req.params.walletId;
+  const wallet = await baseCoin.wallets().get({ id: walletId, reqId });
+  if (!wallet) {
+    throw new Error(`Wallet ${walletId} not found`);
+  }
+
+  if (wallet.type() !== 'cold' || wallet.subType() !== 'onPrem') {
+    throw new Error('Wallet is not an on-prem wallet');
+  }
+
+  const keyIdIndex = params.source === 'user' ? KeyIndices.USER : KeyIndices.BACKUP;
+  logger.info(`Key ID index: ${keyIdIndex}`);
+  logger.info(`Key IDs: ${JSON.stringify(wallet.keyIds(), null, 2)}`);
+
+  // Get the signing keychain
+  const signingKeychain = await baseCoin.keychains().get({
+    id: wallet.keyIds()[keyIdIndex],
+  });
+
+  if (!signingKeychain) {
+    throw new Error(`Signing keychain for ${params.source} not found`);
+  }
+  if (params.commonKeychain && signingKeychain.commonKeychain !== params.commonKeychain) {
+    throw new Error(
+      `Common keychain provided does not match the keychain on wallet for ${params.source}`,
+    );
+  }
+
+  logger.debug(`Signing keychain: ${JSON.stringify(signingKeychain, null, 2)}`);
+  logger.debug(`Params: ${JSON.stringify(params, null, 2)}`);
+
+  const txRequest = await getTxRequest(bitgo, wallet.id(), params.txRequestId, reqId);
+  if (!txRequest) {
+    throw new Error(`TxRequest ${params.txRequestId} not found`);
+  }
+
+  logger.debug(`TxRequest: ${JSON.stringify(txRequest, null, 2)}`);
+
+  return signAndSendTxRequests(
+    bitgo,
+    wallet,
+    txRequest,
+    enclavedExpressClient,
+    signingKeychain,
+    reqId,
+  );
+}
diff --git a/src/api/master/routers/masterApiSpec.ts b/src/api/master/routers/masterApiSpec.ts
@@ -24,6 +24,7 @@ import { handleRecoveryWalletOnPrem } from '../handlers/recoveryWallet';
 import { handleConsolidate } from '../handlers/handleConsolidate';
 import { handleAccelerate } from '../handlers/handleAccelerate';
 import { handleConsolidateUnspents } from '../handlers/handleConsolidateUnspents';
+import { handleSignAndSendTxRequest } from '../handlers/handleSignAndSendTxRequest';
 
 // Middleware functions
 export function parseBody(req: express.Request, res: express.Response, next: express.NextFunction) {
@@ -218,6 +219,19 @@ const ConsolidateUnspentsResponse: HttpResponse = {
   }),
 };
 
+const SignMpcRequest = {
+  source: t.union([t.literal('user'), t.literal('backup')]),
+  commonKeychain: t.union([t.undefined, t.string]),
+};
+
+const SignMpcResponse: HttpResponse = {
+  200: t.any,
+  500: t.type({
+    error: t.string,
+    details: t.string,
+  }),
+};
+
 // API Specification
 export const MasterApiSpec = apiSpec({
   'v1.wallet.generate': {
@@ -249,6 +263,22 @@ export const MasterApiSpec = apiSpec({
       description: 'Send many transactions',
     }),
   },
+  'v1.wallet.txrequest.signAndSend': {
+    post: httpRoute({
+      method: 'POST',
+      path: '/api/{coin}/wallet/{walletId}/txrequest/{txRequestId}/signAndSend',
+      request: httpRequest({
+        params: {
+          walletId: t.string,
+          coin: t.string,
+          txRequestId: t.string,
+        },
+        body: SignMpcRequest,
+      }),
+      response: SignMpcResponse,
+      description: 'Sign MPC with TxRequest',
+    }),
+  },
   'v1.wallet.recovery': {
     post: httpRoute({
       method: 'POST',
@@ -384,5 +414,13 @@ export function createMasterApiRouter(
     }),
   ]);
 
+  router.post('v1.wallet.txrequest.signAndSend', [
+    responseHandler<MasterExpressConfig>(async (req: express.Request) => {
+      const typedReq = req as GenericMasterApiSpecRouteRequest;
+      const result = await handleSignAndSendTxRequest(typedReq);
+      return Response.ok(result);
+    }),
+  ]);
+
   return router;
 }
