fix: setDeviceFactor

Author: ieow

src/mpcCoreKit.ts

@@ -323,6 +323,11 @@ export class Web3AuthMPCCoreKit implements ICoreKit {
     if (this.isNodejsOrRN(this.options.uxMode)) {
       throw CoreKitError.oauthLoginUnsupported(`Oauth login is NOT supported in ${this.options.uxMode} mode.`);
     }
+
+    if ( this.state.factorKey ) {
+      throw CoreKitError.oauthLoginUnsupported("Instance is alreay login or rehydrated");
+    }
+
     const { importTssKey, registerExistingSFAKey } = params;
     const tkeyServiceProvider = this.torusSp;
 
@@ -677,7 +682,7 @@ export class Web3AuthMPCCoreKit implements ICoreKit {
    */
   public getPubKey(): Buffer {
     const { tssPubKey } = this.state;
-    return Buffer.from(tssPubKey);
+    return tssPubKey;
   }
 
   /**
@@ -1107,6 +1112,7 @@ export class Web3AuthMPCCoreKit implements ICoreKit {
           shareDescription: FactorKeyTypeShareDescription.Other,
           updateMetadata: false,
         });
+        await this.setDeviceFactor(factorKey);
       } else {
         await this.addFactorDescription({
           factorKey,
@@ -1199,6 +1205,14 @@ export class Web3AuthMPCCoreKit implements ICoreKit {
         signatures: result.signatures,
         userInfo: result.userInfo,
       });
+
+      // update device factor if not present upon rehydration
+      if (this.options.disableHashedFactorKey) {
+        const deviceFactorKey = await this.getDeviceFactor();
+        if (!deviceFactorKey && this.state.factorKey && this.state.tssShareIndex === TssShareType.DEVICE) {
+          await this.setDeviceFactor(this.state.factorKey);
+        }
+      }
     } catch (err) {
       log.warn("failed to authorize session", err);
     }

tests/factors.spec.ts

@@ -1,14 +1,15 @@
 import assert from "node:assert";
 import test from "node:test";
 
-import { EllipticPoint, Point } from "@tkey/common-types";
+import { EllipticPoint, KeyType, Point, secp256k1 } from "@tkey/common-types";
 import { factorKeyCurve } from "@tkey/tss";
 import { tssLib as tssLibDKLS } from "@toruslabs/tss-dkls-lib";
 import { tssLib as tssLibFROST } from "@toruslabs/tss-frost-lib";
 import BN from "bn.js";
 
-import { COREKIT_STATUS, IAsyncStorage, IStorage, MemoryStorage, TssLibType, TssShareType, WEB3AUTH_NETWORK, Web3AuthMPCCoreKit } from "../src";
+import { AsyncStorage, COREKIT_STATUS, ed25519, IAsyncStorage, IStorage, MemoryStorage, sigToRSV, TssLibType, TssShareType, WEB3AUTH_NETWORK, Web3AuthMPCCoreKit } from "../src";
 import { AsyncMemoryStorage, bufferToElliptic, criticalResetAccount, mockLogin } from "./setup";
+import { keccak256 } from "@toruslabs/metadata-helpers";
 
 type FactorTestVariable = {
   manualSync?: boolean;
@@ -28,6 +29,26 @@ function getPubKeys(kit: Web3AuthMPCCoreKit, indices: number[]): EllipticPoint[]
   return pubKeys;
 }
 
+async function signSecp256k1Data( params : { coreKitInstance: Web3AuthMPCCoreKit, msg: string, }) {
+  const {coreKitInstance, msg } = params
+  const msgBuffer1 = Buffer.from(msg);
+  const msgHash = keccak256(msgBuffer1);
+
+  const signature = sigToRSV(await coreKitInstance.sign(msgHash, true));
+
+  const pubkey = secp256k1.recoverPubKey(msgHash, signature, signature.v) as EllipticPoint;
+  const publicKeyPoint = bufferToElliptic(coreKitInstance.getPubKey());
+  assert(pubkey.eq(publicKeyPoint));
+}
+
+async function signEd25519Data(params: { coreKitInstance: Web3AuthMPCCoreKit, msg: string }) {
+  const { coreKitInstance, msg } = params;
+  const msgBuffer = Buffer.from(msg)
+  const signature = ed25519().makeSignature((await coreKitInstance.sign(msgBuffer)).toString("hex"));
+  const valid = ed25519().verify(msgBuffer, signature, coreKitInstance.getPubKeyEd25519());
+  assert(valid);
+}
+
 export const FactorManipulationTest = async (testVariable: FactorTestVariable) => {
   const { email, tssLib } = testVariable;
   const newInstance = async () => {
@@ -39,6 +60,7 @@ export const FactorManipulationTest = async (testVariable: FactorTestVariable) =
       tssLib: tssLib || tssLibDKLS,
       storage: testVariable.storage,
       manualSync: testVariable.manualSync,
+      disableSessionManager: true
     });
 
     const { idToken, parsedToken } = await mockLogin(email);
@@ -55,6 +77,7 @@ export const FactorManipulationTest = async (testVariable: FactorTestVariable) =
     const resetInstance = await newInstance();
     await criticalResetAccount(resetInstance);
     await resetInstance.logout();
+    await new AsyncStorage(resetInstance._storageKey, testVariable.storage).resetStore();
   }
 
   await test(`#Factor manipulation - manualSync ${testVariable.manualSync} `, async function (t) {
@@ -163,6 +186,7 @@ export const FactorManipulationTest = async (testVariable: FactorTestVariable) =
       // login with mfa factor
       await instance2.inputFactorKey(new BN(recoverFactor, "hex"));
       assert.strictEqual(instance2.status, COREKIT_STATUS.LOGGED_IN);
+
       await instance2.logout();
 
       // new instance
@@ -180,16 +204,24 @@ export const FactorManipulationTest = async (testVariable: FactorTestVariable) =
 
       await instance3.inputFactorKey(new BN(browserFactor, "hex"));
       assert.strictEqual(instance3.status, COREKIT_STATUS.LOGGED_IN);
+
+      if ( tssLib && tssLib.keyType === KeyType.ed25519) {
+        await signEd25519Data({ coreKitInstance: instance3, msg: "hello world" });
+      } else {
+        await signSecp256k1Data({ coreKitInstance: instance3, msg: "hello world" });
+      }
+
     });
+
   });
 };
 
 const variable: FactorTestVariable[] = [
-  { manualSync: true, storage: new MemoryStorage(), email: "testmail1012" },
-  { manualSync: false, storage: new MemoryStorage(), email: "testmail1013" },
+  { manualSync: true, storage: new MemoryStorage(), email: "testmail1012-1" },
+  { manualSync: false, storage: new MemoryStorage(), email: "testmail1013-1" },
 
-  { manualSync: true, storage: new AsyncMemoryStorage(), email: "testmail1014" },
-  { manualSync: false, storage: new AsyncMemoryStorage(), email: "testmail1015" },
+  { manualSync: true, storage: new AsyncMemoryStorage(), email: "testmail1014-1" },
+  { manualSync: false, storage: new AsyncMemoryStorage(), email: "testmail1015-1" },
 
   { manualSync: true, storage: new MemoryStorage(), email: "testmail1012ed25519", tssLib: tssLibFROST },
 ];

tests/importRecovery.spec.ts

@@ -4,34 +4,63 @@ import test from "node:test";
 import { tssLib as tssLibDKLS } from "@toruslabs/tss-dkls-lib";
 import { tssLib as tssLibFROST } from "@toruslabs/tss-frost-lib";
 
-import { AsyncStorage, MemoryStorage, TssLibType, TssShareType, WEB3AUTH_NETWORK } from "../src";
-import { bufferToElliptic, criticalResetAccount, newCoreKitLogInInstance } from "./setup";
+import {  MemoryStorage, sigToRSV, TssLibType, TssShareType, WEB3AUTH_NETWORK, Web3AuthMPCCoreKit } from "../src";
+import { bufferToElliptic, criticalResetAccount, mockLogin  } from "./setup";
+import { EllipticPoint, KeyType, secp256k1 } from "@tkey/common-types";
+import { keccak256 } from "@toruslabs/metadata-helpers";
 
 type ImportKeyTestVariable = {
   manualSync?: boolean;
   email: string;
   importKeyEmail: string;
   tssLib: TssLibType;
 };
+async function signSecp256k1Data( params : { coreKitInstance: Web3AuthMPCCoreKit, msg: string, }) {
+  const {coreKitInstance, msg } = params
+  const msgBuffer1 = Buffer.from(msg);
+  const msgHash = keccak256(msgBuffer1);
 
+  const signature = sigToRSV(await coreKitInstance.sign(msgHash, true));
+
+  const pubkey = secp256k1.recoverPubKey(msgHash, signature, signature.v) as EllipticPoint;
+  const publicKeyPoint = bufferToElliptic(coreKitInstance.getPubKey());
+  assert(pubkey.eq(publicKeyPoint));
+}
 const storageInstance = new MemoryStorage();
 export const ImportTest = async (testVariable: ImportKeyTestVariable) => {
   async function newCoreKitInstance(email: string, importTssKey?: string) {
-    return newCoreKitLogInInstance({
-      network: WEB3AUTH_NETWORK.DEVNET,
-      manualSync: testVariable.manualSync,
-      email: email,
-      storageInstance,
-      tssLib: testVariable.tssLib,
-      importTssKey,
-    });
+      const instance = new Web3AuthMPCCoreKit({
+        web3AuthClientId: "torus-key-test",
+        web3AuthNetwork: WEB3AUTH_NETWORK.DEVNET,
+        baseUrl: "http://localhost:3000",
+        uxMode: "nodejs",
+        tssLib: testVariable.tssLib,
+        storage: storageInstance,
+        manualSync: testVariable.manualSync,
+        disableSessionManager: true
+      });
+
+      const { idToken, parsedToken } = await mockLogin(email);
+      await instance.init({ handleRedirectResult: false, rehydrate: false });
+      await instance.loginWithJWT({
+        verifier: "torus-test-health",
+        verifierId: parsedToken.email,
+        idToken,
+        importTssKey
+      });
+      return instance;
+    
   }
 
   async function resetAccount(email: string) {
     const kit = await newCoreKitInstance(email);
+    console.log('tss pub key', kit.state.tssPubKey)
     await criticalResetAccount(kit);
+    if (testVariable.manualSync) {
+      await kit.commitChanges();
+    }
     await kit.logout();
-    await new AsyncStorage(kit._storageKey, storageInstance).resetStore();
+    // await new AsyncStorage(kit._storageKey, storageInstance).resetStore();
   }
 
   test(`import recover tss key : ${testVariable.manualSync}`, async function (t) {
@@ -50,6 +79,9 @@ export const ImportTest = async (testVariable: ImportKeyTestVariable) => {
         shareType: TssShareType.DEVICE,
       });
 
+      if (testVariable.tssLib.keyType === KeyType.secp256k1) {
+        await signSecp256k1Data({ coreKitInstance, msg: "hello world" });
+      }
       const factorKeyRecovery = await coreKitInstance.createFactor({
         shareType: TssShareType.RECOVERY,
       });
@@ -62,8 +94,21 @@ export const ImportTest = async (testVariable: ImportKeyTestVariable) => {
       const exportedTssKey1 = await coreKitInstance._UNSAFE_exportTssKey();
       await coreKitInstance.logout();
 
+      const instance = new Web3AuthMPCCoreKit({
+        web3AuthClientId: "torus-key-test",
+        web3AuthNetwork: WEB3AUTH_NETWORK.DEVNET,
+        baseUrl: "http://localhost:3000",
+        uxMode: "nodejs",
+        tssLib: testVariable.tssLib,
+        storage: storageInstance,
+        manualSync: testVariable.manualSync,
+        disableSessionManager: true
+      });
+
+      await instance.init({rehydrate: false, handleRedirectResult: false})
+      
       // Recover key from any two factors.
-      const recoveredTssKey = await coreKitInstance._UNSAFE_recoverTssKey([factorKeyDevice, factorKeyRecovery]);
+      const recoveredTssKey = await instance._UNSAFE_recoverTssKey([factorKeyDevice, factorKeyRecovery]);
       assert.strictEqual(recoveredTssKey, exportedTssKey1);
 
       // Initialize new instance and import existing key.
@@ -105,9 +150,9 @@ export const ImportTest = async (testVariable: ImportKeyTestVariable) => {
 };
 
 const variable: ImportKeyTestVariable[] = [
-  { manualSync: false, email: "emailexport", importKeyEmail: "emailimport", tssLib: tssLibDKLS },
-  { manualSync: true, email: "emailexport", importKeyEmail: "emailimport", tssLib: tssLibDKLS },
-  { manualSync: false, email: "emailexport_ed25519", importKeyEmail: "emailimport_ed25519", tssLib: tssLibFROST },
+  { manualSync: false, email: "emailexport-01", importKeyEmail: "emailimport-001", tssLib: tssLibDKLS },
+  { manualSync: true, email: "emailexport-01", importKeyEmail: "emailimport-001", tssLib: tssLibDKLS },
+  // { manualSync: false, email: "emailexport_ed25519", importKeyEmail: "emailimport_ed25519", tssLib: tssLibFROST },
 ];
 
 variable.forEach(async (testVariable) => {