feat(mbe): fix rebase

Author: cpatino-intive

src/__tests__/api/master/musigRecovery.test.ts

@@ -75,7 +75,7 @@ describe('POST /api/:coin/wallet/recovery', () => {
           userPub: ethRecoveryData.userKey,
           backupPub: ethRecoveryData.backupKey,
           walletContractAddress: ethRecoveryData.walletContractAddress,
-          bitgoPub: undefined,
+          bitgoPub: '',
         },
         apiKey: 'etherscan-api-token',
         recoveryDestinationAddress: ethRecoveryData.recoveryDestinationAddress,
@@ -158,18 +158,4 @@ describe('POST /api/:coin/wallet/recovery', () => {
     responseNoBackupKey.body.should.have.property('error');
     responseNoBackupKey.body.error.should.match(/backupPub/i);
   });
-
-  it('should fail TSS recovery when common keychain is missing', async () => {
-    const response = await agent
-      .post(`/api/${coin}/wallet/recovery`)
-      .set('Authorization', `Bearer ${accessToken}`)
-      .send({
-        isTssRecovery: true,
-        recoveryDestinationAddress: ethRecoveryData.recoveryDestinationAddress,
-      });
-
-    response.status.should.equal(400);
-    response.body.should.have.property('error');
-    response.body.error.should.match(/TSS recovery parameters are required/i);
-  });
 });

src/api/enclaved/handlers/signEddsaRecoveryTransaction.ts

@@ -0,0 +1,148 @@
+import { BitGoAPI } from '@bitgo/sdk-api';
+import {
+  BaseCoin,
+  BaseTransactionBuilder,
+  Eddsa,
+  EDDSAMethods,
+  EDDSAMethodTypes,
+  PublicKey,
+} from '@bitgo/sdk-core';
+import { Ed25519Bip32HdTree } from '@bitgo/sdk-lib-mpc';
+import { CoinFamily, coins } from '@bitgo/statics';
+import { type KeyPair as SolKeyPair } from '@bitgo/sdk-coin-sol';
+import { retrieveKmsPrvKey } from '../utils';
+import { EnclavedConfig } from '../../../shared/types';
+import logger from '../../../logger';
+
+async function setupTransactionBuilder(
+  sdk: BitGoAPI,
+  coinFamily: CoinFamily,
+  signableHex: string,
+  accountId: string,
+): Promise<{ txBuilder: BaseTransactionBuilder; publicKey: string }> {
+  let modules;
+  switch (coinFamily) {
+    case CoinFamily.NEAR:
+      modules = await import('@bitgo/sdk-coin-near');
+      break;
+    case CoinFamily.DOT:
+      modules = await import('@bitgo/sdk-coin-dot');
+      break;
+    case CoinFamily.SUI:
+      modules = await import('@bitgo/sdk-coin-sui');
+      break;
+    case CoinFamily.ADA:
+      modules = await import('@bitgo/sdk-coin-ada');
+      break;
+    case CoinFamily.SOL:
+      modules = await import('@bitgo/sdk-coin-sol');
+      break;
+    default:
+      throw new Error(`Unsupported coin family: ${coinFamily}`);
+  }
+
+  const { TransactionBuilderFactory, register, KeyPair } = modules;
+  register(sdk);
+
+  const staticCoin = coins.get(coinFamily);
+  try {
+    const keyPair = new KeyPair({ pub: accountId });
+
+    let txBuilder;
+    let publicKey: string;
+    if (coinFamily === CoinFamily.SOL) {
+      txBuilder = new TransactionBuilderFactory(staticCoin).from(signableHex);
+      // For Solana, we need to use the getAddress method to derive the public key
+      publicKey = (keyPair as SolKeyPair).getAddress();
+    } else {
+      txBuilder = new TransactionBuilderFactory(staticCoin).from(
+        Buffer.from(signableHex, 'hex').toString('base64'),
+      );
+      publicKey = keyPair.getKeys().pub;
+    }
+
+    return { txBuilder, publicKey };
+  } catch (error) {
+    logger.error(error);
+    throw error;
+  }
+}
+
+export type SignEddsaRecoveryTransactionParams = {
+  sdk: BitGoAPI;
+  request: {
+    commonKeychain: string;
+    signableHex: string;
+    derivationPath: string;
+  };
+  cfg: EnclavedConfig;
+  coin: BaseCoin;
+};
+
+export async function signEddsaRecoveryTransaction({
+  sdk,
+  cfg,
+  request,
+  coin,
+}: SignEddsaRecoveryTransactionParams) {
+  let publicKey = '';
+  logger.info(`Received request ${JSON.stringify(request)}`);
+
+  const hdTree = await Ed25519Bip32HdTree.initialize();
+  const MPC = await Eddsa.initialize(hdTree);
+
+  const accountId = MPC.deriveUnhardened(request.commonKeychain, request.derivationPath).slice(
+    0,
+    64,
+  );
+
+  const { txBuilder, publicKey: derivedKey } = await setupTransactionBuilder(
+    sdk,
+    coin.getFamily() as CoinFamily,
+    request.signableHex,
+    accountId,
+  );
+
+  publicKey = derivedKey;
+  // Get user and backup private keys
+  const userPrv = await retrieveKmsPrvKey({
+    pub: request.commonKeychain.toString(),
+    source: 'user',
+    cfg,
+    options: { useLocalEncipherment: false },
+  });
+
+  const backupPrv = await retrieveKmsPrvKey({
+    pub: request.commonKeychain.toString(),
+    source: 'backup',
+    cfg,
+    options: { useLocalEncipherment: false },
+  });
+
+  if (!userPrv || !backupPrv) {
+    throw new Error('Missing required private keys for recovery');
+  }
+
+  const userSigningMaterial = JSON.parse(userPrv) as EDDSAMethodTypes.UserSigningMaterial;
+  const backupSigningMaterial = JSON.parse(backupPrv) as EDDSAMethodTypes.BackupSigningMaterial;
+
+  try {
+    const signatureHex = await EDDSAMethods.getTSSSignature(
+      userSigningMaterial,
+      backupSigningMaterial,
+      request.derivationPath,
+      await txBuilder.build(),
+    );
+
+    const publicKeyObj = { pub: publicKey };
+    txBuilder.addSignature(publicKeyObj as PublicKey, signatureHex);
+    const signedTx = await txBuilder.build();
+    const serializedTx = signedTx.toBroadcastFormat();
+
+    return {
+      txHex: serializedTx,
+    };
+  } catch (error) {
+    throw error;
+  }
+}

src/api/master/clients/enclavedExpressClient.ts

@@ -14,6 +14,8 @@ import {
   Keychain,
   ApiKeyShare,
   MPCTx,
+  MPCSweepTxs,
+  MPCTxs,
 } from '@bitgo/sdk-core';
 import { RecoveryTransaction } from '@bitgo/sdk-coin-trx';
 import { superagentRequestFactory, buildApiClient, ApiClient } from '@api-ts/superagent-wrapper';
@@ -32,6 +34,7 @@ import {
   MpcV2RoundResponseType,
 } from '../../../enclavedBitgoExpress/routers/enclavedApiSpec';
 import { FormattedOfflineVaultTxInfo } from '@bitgo/abstract-utxo';
+import { RecoveryTxRequest } from 'bitgo';
 
 const debugLogger = debug('bitgo:express:enclavedExpressClient');
 
@@ -171,7 +174,7 @@ export interface SignMpcV2Round3Response {
 
 export class EnclavedExpressClient {
   async recoveryMPC(params: {
-    unsignedSweepPrebuildTx: MPCTx | MPCSweepTxs | MPCTxs;
+    unsignedSweepPrebuildTx: MPCTx | MPCSweepTxs | MPCTxs | RecoveryTxRequest;
     userPub: string;
     backupPub: string;
     apiKey: string;

src/api/master/handlers/recoveryConsolidationsWallet.ts

@@ -1,8 +1,67 @@
 import { MasterApiSpecRouteRequest } from '../routers/masterApiSpec';
 import logger from '../../../logger';
-import { isSolCoin } from '../../../shared/coinUtils';
-import { MPCTx } from 'bitgo';
+import { BaseCoin, MPCConsolidationRecoveryOptions, MPCTx, RecoveryTxRequest } from 'bitgo';
 import { RecoveryTransaction } from '@bitgo/sdk-coin-trx';
+import { BitGoBase } from '@bitgo/sdk-core';
+import { CoinFamily } from '@bitgo/statics';
+import type { Sol, SolConsolidationRecoveryOptions, Tsol } from '@bitgo/sdk-coin-sol';
+import type { Trx, ConsolidationRecoveryOptions, Ttrx } from '@bitgo/sdk-coin-trx';
+import type { Sui, Tsui } from '@bitgo/sdk-coin-sui';
+import type { Ada, Tada } from '@bitgo/sdk-coin-ada';
+import type { Dot, Tdot } from '@bitgo/sdk-coin-dot';
+import type { Tao, Ttao } from '@bitgo/sdk-coin-tao';
+
+type RecoveryConsolidationParams =
+  | ConsolidationRecoveryOptions
+  | SolConsolidationRecoveryOptions
+  | MPCConsolidationRecoveryOptions;
+
+type RecoveryConsolidationResult = {
+  transactions?: (RecoveryTransaction | MPCTx)[];
+  txRequests?: RecoveryTxRequest[];
+};
+
+export async function recoveryConsolidateWallets(
+  sdk: BitGoBase,
+  baseCoin: BaseCoin,
+  params: RecoveryConsolidationParams,
+): Promise<RecoveryConsolidationResult> {
+  const family = baseCoin.getFamily();
+
+  switch (family) {
+    case CoinFamily.SOL: {
+      const { register } = await import('@bitgo/sdk-coin-sol');
+      register(sdk);
+      const solCoin = baseCoin as unknown as Sol | Tsol;
+      return await solCoin.recoverConsolidations(params as SolConsolidationRecoveryOptions);
+    }
+    case CoinFamily.TRX: {
+      const { register } = await import('@bitgo/sdk-coin-trx');
+      register(sdk);
+      const trxCoin = baseCoin as unknown as Trx | Ttrx;
+      return await trxCoin.recoverConsolidations(params as ConsolidationRecoveryOptions);
+    }
+    default: {
+      const [
+        { register: registerSui },
+        { register: registerAda },
+        { register: registerDot },
+        { register: registerTao },
+      ] = await Promise.all([
+        import('@bitgo/sdk-coin-sui'),
+        import('@bitgo/sdk-coin-ada'),
+        import('@bitgo/sdk-coin-dot'),
+        import('@bitgo/sdk-coin-tao'),
+      ]);
+      registerAda(sdk);
+      registerSui(sdk);
+      registerDot(sdk);
+      registerTao(sdk);
+      const coin = baseCoin as unknown as Sui | Tsui | Ada | Tada | Dot | Tdot | Tao | Ttao;
+      return await coin.recoverConsolidations(params as MPCConsolidationRecoveryOptions);
+    }
+  }
+}
 
 // Handler for recovery from receive addresses (consolidation sweeps)
 export async function handleRecoveryConsolidationsOnPrem(
@@ -12,48 +71,67 @@ export async function handleRecoveryConsolidationsOnPrem(
   const coin = req.decoded.coin;
   const enclavedExpressClient = req.enclavedExpressClient;
 
-  const { userPub, backupPub, bitgoKey } = req.decoded;
+  const isMPC = true;
 
-  const sdkCoin = bitgo.coin(coin);
-  let txs: MPCTx[] | RecoveryTransaction[] = [];
-  // 1. Build unsigned consolidations
-  if (isSolCoin(sdkCoin) && !req.decoded.durableNonces) {
-    throw new Error('durableNonces is required for Solana consolidation recovery');
+  const { commonKeychain, apiKey } = req.decoded;
+  let { userPub, backupPub, bitgoPub } = req.decoded;
+
+  if (isMPC) {
+    if (!commonKeychain) {
+      throw new Error('Missing required key: commonKeychain');
+    }
+
+    userPub = commonKeychain;
+    backupPub = commonKeychain;
+    bitgoPub = commonKeychain;
   }
 
-  if (typeof (sdkCoin as any).recoverConsolidations !== 'function') {
-    throw new Error(`recoverConsolidations is not supported for coin: ${coin}`);
+  if (!userPub || !backupPub || !bitgoPub) {
+    throw new Error('Missing required keys: userPub, backupPub, bitgoPub');
   }
 
+  const sdkCoin = bitgo.coin(coin);
+  let txs: (RecoveryTransaction | MPCTx | RecoveryTxRequest)[] = [];
+
   // Use type assertion to access recoverConsolidations
-  const result = await (sdkCoin as any).recoverConsolidations({
+  const result = await recoveryConsolidateWallets(bitgo, sdkCoin, {
     ...req.decoded,
-    userKey: userPub,
-    backupKey: backupPub,
-    bitgoKey,
-    durableNonces: req.decoded.durableNonces,
+    userKey: !isMPC ? userPub : '',
+    backupKey: !isMPC ? backupPub : '',
+    bitgoKey: bitgoPub,
   });
 
-  if ('transactions' in result) {
+  console.log(`Recovery consolidations result: ${JSON.stringify(result)}`);
+
+  if (result.transactions) {
     txs = result.transactions;
-  } else if ('txRequests' in result) {
+  } else if (result.txRequests) {
     txs = result.txRequests;
   } else {
     throw new Error('recoverConsolidations did not return expected transactions');
   }
 
   logger.debug(`Found ${txs.length} unsigned consolidation transactions`);
 
-  // 2. For each unsigned sweep, get it signed by EBE (using recoveryMultisig)
   const signedTxs = [];
   try {
     for (const tx of txs) {
-      const signedTx = await enclavedExpressClient.recoveryMultisig({
-        userPub,
-        backupPub,
-        unsignedSweepPrebuildTx: tx,
-        walletContractAddress: '',
-      });
+      const signedTx = isMPC
+        ? await enclavedExpressClient.recoveryMPC({
+            userPub,
+            backupPub,
+            apiKey,
+            unsignedSweepPrebuildTx: tx as MPCTx | RecoveryTxRequest,
+            coinSpecificParams: {},
+            walletContractAddress: '',
+          })
+        : await enclavedExpressClient.recoveryMultisig({
+            userPub,
+            backupPub,
+            unsignedSweepPrebuildTx: tx as RecoveryTransaction,
+            walletContractAddress: '',
+          });
+
       signedTxs.push(signedTx);
     }