diff --git a/src/mpcCoreKit.ts b/src/mpcCoreKit.ts index 505629b..84a1f42 100644 --- a/src/mpcCoreKit.ts +++ b/src/mpcCoreKit.ts @@ -512,6 +512,12 @@ export class Web3AuthMPCCoreKit implements ICoreKit { // input tkey device share when required share > 0 ( or not reconstructed ) // assumption tkey shares will not changed if (!this.tKey.secp256k1Key) { + const factorKeyPrivate = factorKeyCurve.keyFromPrivate(factorKey.toBuffer()); + const factorPubX = factorKeyPrivate.getPublic().getX().toString("hex").padStart(64, "0"); + const factorEncExist = this.tkey.metadata.factorEncs?.[this.tkey.tssTag]?.[factorPubX]; + if (!factorEncExist) { + throw CoreKitError.providedFactorKeyInvalid("Invalid FactorKey provided. Failed to input factor key."); + } const factorKeyMetadata = await this.getFactorKeyMetadata(factorKey); await this.tKey.inputShareStoreSafe(factorKeyMetadata, true); } diff --git a/tests/factors.spec.ts b/tests/factors.spec.ts index e3a7506..01b3833 100644 --- a/tests/factors.spec.ts +++ b/tests/factors.spec.ts @@ -158,6 +158,8 @@ export const FactorManipulationTest = async (testVariable: FactorTestVariable) = const browserFactor = await instance2.getDeviceFactor(); + const factorBN = new BN(recoverFactor, "hex") + // login with mfa factor await instance2.inputFactorKey(new BN(recoverFactor, "hex")); assert.strictEqual(instance2.status, COREKIT_STATUS.LOGGED_IN); @@ -167,6 +169,15 @@ export const FactorManipulationTest = async (testVariable: FactorTestVariable) = const instance3 = await newInstance(); assert.strictEqual(instance3.status, COREKIT_STATUS.REQUIRED_SHARE); + + + try { + await instance3.inputFactorKey(factorBN.subn(1)); + throw Error("should not be able to input factor"); + } catch (e) { + assert(e instanceof Error); + } + await instance3.inputFactorKey(new BN(browserFactor, "hex")); assert.strictEqual(instance3.status, COREKIT_STATUS.LOGGED_IN); });