Skip to content

feat: unified combiner for multiple signing schemes aggregation #799

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Mar 11, 2025
Merged

feat: unified combiner for multiple signing schemes aggregation #799

merged 15 commits into from
Mar 11, 2025

Conversation

@FedericoAmura
Copy link
Contributor

@FedericoAmura FedericoAmura commented Feb 11, 2025
edited
Loading

Description

This PR adds multiple signing schemes (Ecdsa and Frost) support sending such scheme to the nodes

Migration guide

  • Added SigType to define signing schemes
  • LitNodeClientNodeJs::pkpSign, LitNodeClientNodeJs::ExecuteJsResponse, PKPBase (and childs)::runLitAction/runSign all now return LitNodeSignatures which include 0x${string} values instead of generic strings in hex and { r, s } signatures. all their types have been updated
  • LitNodeClientNodeJs::pkpSign now takes the plain message in messageToSign param instead of the hashed value toSign (unifying frost and ecdsa behaviour, hashing internally when the signing scheme requires it). Also requires the new signingScheme param
  • LitNodeClientNodeJs::executeJs returns all keys that it signs, not just the first one
  • LitCore::computeHDPubKey doesn't accept signing scheme anymore. Will always use ECDSA K256 (where PKPs live). Same for @lit-protocol/crypto computeHDPubKey
  • Removed public functions/methods:
    • @lit-protocol/crypto decryptWithSignatureShares
    • @lit-protocol/crypto combineEcdsaShares replaced with combineExecuteJsNodeShares and combinePKPSignNodeShares
    • @lit-protocol/wasm ecdsaCombine, ecdsaVerify and ecdsaCombineAndVerify. All replaced with unifiedCombineAndVerify

Dev changes

Most notable change will be in litNodeClient.pkpSign that now requires the unhashed message in messageToSign and a signing scheme, SchnorrK256Sha256 will replicate previous networks behavior
When using pkpSign, executeJs from LitNodeClient or any PKP*Wallet, now consider that the returned signature will be in 0x${string} format and not have anymore components { r, s }

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

  • Updated/added unit tests on several components
  • Updated testUseEoaSessionSigsToPkpSign to call pkpSign with all supported signing schemes
  • Manually by running scripts to cover affected scenarios (PKP*Wallet classes, lit action signing, etc.) against an updated local network

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules

@FedericoAmura FedericoAmura self-assigned this Feb 11, 2025
@FedericoAmura
Merge branch 'refs/heads/feat/rc-naga-2025-01-30b' into feature/lit-4…
e0b7b66 
…007-js-sdk-add-frost-support-unified-combiner

# Conflicts:
#	local-tests/tests/testUseEoaSessionSigsToPkpSign.ts
#	packages/constants/src/lib/constants/curves.ts
#	packages/core/src/lib/lit-core.ts
#	packages/crypto/src/lib/crypto.ts
#	packages/lit-node-client-nodejs/src/lib/lit-node-client-nodejs.ts
#	packages/pkp-base/src/lib/pkp-base.ts
#	packages/types/src/lib/interfaces.ts
@FedericoAmura
feat: building fixes and cleanup
fcc5757
@FedericoAmura
feat: restore claims inside lit actions signature aggregation
6e736ff
@FedericoAmura
feat: types unification
42a380f
@FedericoAmura
feat: removed unused types and executeJs return fixes
d617a04
@FedericoAmura FedericoAmura marked this pull request as ready for review February 14, 2025 19:14
@FedericoAmura FedericoAmura mentioned this pull request Feb 17, 2025
Closed
14 tasks
Ansonhkg
Ansonhkg approved these changes Mar 11, 2025
View reviewed changes
Copy link
Collaborator

@Ansonhkg Ansonhkg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: I think we can use zod for all data transformation, but we can have a follow up PR for that later.

local-tests/tests/testUseEoaSessionSigsToPkpSign.ts
devEnv: TinnyEnvironment
) => {
const alice = await devEnv.createRandomPerson();
const signingSchemeConfigs: SigningSchemeConfig[] = [
Copy link
Collaborator

@Ansonhkg Ansonhkg Mar 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we have this config in constants?

Copy link
Contributor Author

@FedericoAmura FedericoAmura Mar 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No. This is just to apply more validations later in this test. Doesn't have much value in real scenarios as we are not doing signature parsing or validation anymore

local-tests/tests/testUseEoaSessionSigsToPkpSign.ts
throw new Error(`Expected "publicKey" in runWithSessionSigs`);
}
// -- Combined signature format assertions
for (const hexString of [
Copy link
Collaborator

@Ansonhkg Ansonhkg Mar 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: can we use zod schema instead?

local-tests/tests/testUseEoaSessionSigsToPkpSign.ts
if (!runWithSessionSigs.signature.startsWith('0x')) {
throw new Error(`Expected "signature" to start with 0x`);
}
if (signingSchemeConfig.recoversPublicKey) {
Copy link
Collaborator

@Ansonhkg Ansonhkg Mar 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: can we use zod schema here?

eg.

  const validConfig = SigningSchemeConfigSchema.parse(signingSchemeConfig);
  const validSignature = PKPSignatureSchema.parse(pkpSignature);

@FedericoAmura FedericoAmura merged commit df88cf5 into feat/rc-naga-2025-01-30b Mar 11, 2025
3 of 4 checks passed
@FedericoAmura FedericoAmura deleted the feature/lit-4007-js-sdk-add-frost-support-unified-combiner branch March 11, 2025 18:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Ansonhkg Ansonhkg Ansonhkg approved these changes

@mikelodder7 mikelodder7 Awaiting requested review from mikelodder7

@MaximusHaximus MaximusHaximus Awaiting requested review from MaximusHaximus

@DashKash54 DashKash54 Awaiting requested review from DashKash54

Assignees

@FedericoAmura FedericoAmura

Labels

v8 | Naga

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@FedericoAmura @Ansonhkg