Merge remote-tracking branch 'origin/WP-2860/add-examples-for-tss-rec…

…overy'

examples/README.md

@@ -17,6 +17,7 @@ In this directory, you can find examples on how to use the BitGoJS SDK with Type
 - [List Wallet Shares](./ts/list-wallet-shares.ts)
 - [List Wallet Transfers](./ts/list-wallet-transfers.ts)
 - [List Wallets](./ts/list-wallets.ts)
+- [Recover TSS](./ts/tss-recovery.ts)
 - [Recover XRP](./ts/recover-xrp.ts)
 - [Resend Wallet Share Invite](./ts/resend-wallet-share-invite.ts)
 - [Send Wallet Transaction](./ts/send-wallet-transaction.ts)

examples/ts/tss-recovery/README.md

@@ -0,0 +1,33 @@
+# Verifying user and backup key signing on a TSS Keycard Examples
+
+## Prerequisites
+
+Install yarn and nvm.
+
+## Running the Examples
+
+Navigate into `examples/ts/tss-recovery` and run `yarn install`.
+
+```
+$ cd examples/ts/tss-recovery
+$ nvm use
+$ yarn install
+```
+
+Use `npx ts-node` to run the desired example:
+
+```
+$ npx ts-node eddsa-recovery.ts
+```
+
+or, 
+
+```
+$ yarn test:ecdsa
+```
+
+```
+$ yarn test:eddsa
+```
+
+**Note**: Complete the required TODO's for each script, i.e. replace the content of backupKey.txt and userKey.txt with the appropriate keys from your keycard and fill in the commonkeychain + wallet passphrase in the script you want to run.

examples/ts/tss-recovery/eddsa-recovery.ts

@@ -0,0 +1,65 @@
+import { Eddsa } from '@bitgo/sdk-core';
+import * as fs from 'fs';
+import assert = require('assert');
+import { bigIntFromBufferBE, bigIntFromBufferLE, Ed25519Bip32HdTree } from '@bitgo/sdk-lib-mpc';
+import sjcl = require('sjcl');
+
+const sampleMessage = "Hello, World!";
+const derivationPath = "m/0";
+// TODO: Replace the following variables with your own values. Moreover, copy the encrypted user and backup keys from the key card into the userKey.txt and backupKey.txt files.
+const commonKeyChain = "<Public key from key card>";
+const walletPassphrase = "<Wallet passphrase>";
+
+
+async function testRecoveryEddsaTss() {
+  const userKey = fs.readFileSync('userKey.txt', 'utf8').replace(/(\r\n|\n|\r)/gm, "");
+  const backupKey = fs.readFileSync('backupKey.txt', 'utf8').replace(/(\r\n|\n|\r)/gm, "");
+  // Produce a signature.
+  const hdTree = await Ed25519Bip32HdTree.initialize();
+  const MPC = await Eddsa.initialize(hdTree);
+  const userSigningMaterial = JSON.parse(sjcl.decrypt(walletPassphrase, userKey));
+  const backupSigningMaterial = JSON.parse(sjcl.decrypt(walletPassphrase, backupKey));
+  // Combine the key shares from backup -> user, bitgo -> user, and the user's private share to form the backup signing key offset by the derivation path.
+  const userSubkey = MPC.keyDerive(
+    userSigningMaterial.uShare,
+    [userSigningMaterial.bitgoYShare, userSigningMaterial.backupYShare],
+    derivationPath,
+  );
+  // Combine the offset key shares from user -> backup, bitgo -> backup, and the backup's private share to form the backup signing key.
+  const backupSubkey = MPC.keyCombine(backupSigningMaterial.uShare, [
+    userSubkey.yShares[2],
+    backupSigningMaterial.bitgoYShare,
+  ]);
+  const messageBuffer = Buffer.from(sampleMessage, 'utf8');
+  // Partial Sign the message with the user and backup signing keys.
+  const userSignShare = MPC.signShare(messageBuffer, userSubkey.pShare, [userSubkey.yShares[2]]);
+  const backupSignShare = MPC.signShare(messageBuffer, backupSubkey.pShare, [backupSubkey.jShares[1]]);
+  const userSign = MPC.sign(
+    messageBuffer,
+    userSignShare.xShare,
+    [backupSignShare.rShares[1]],
+    [userSigningMaterial.bitgoYShare]
+  );
+  const backupSign = MPC.sign(
+    messageBuffer,
+    backupSignShare.xShare,
+    [userSignShare.rShares[2]],
+    [backupSigningMaterial.bitgoYShare]
+  );
+  // Combine partial signatures to form the final signature.
+  const signature = MPC.signCombine([userSign, backupSign]);
+  const signatureBuffer = Buffer.concat([Buffer.from(signature.R, 'hex'), Buffer.from(signature.sigma, 'hex')]);
+  // Deriving the public key at path m/0 from the common key chain.
+  const derivedPub = hdTree.publicDerive(
+    {
+      pk: bigIntFromBufferLE(Buffer.from(commonKeyChain.slice(0, 64), 'hex')),
+      chaincode: bigIntFromBufferBE(Buffer.from(commonKeyChain.slice(64), 'hex')),
+    },
+    derivationPath
+  );
+  // Verify the signature.
+  const isSignatureValid = Eddsa.curve.verify(messageBuffer, signatureBuffer, derivedPub.pk);
+  assert(isSignatureValid, "Signature is not valid.");
+}
+
+testRecoveryEddsaTss().catch((e) => console.error(e));

examples/ts/tss-recovery/mpcv2-recovery.ts

@@ -6,7 +6,7 @@ import assert = require('assert');
 import { bigIntFromBufferBE, bigIntToBufferBE, HDTree, Secp256k1Bip32HdTree } from '@bitgo/sdk-lib-mpc';
 
 const sampleMessage = "Hello, World!";
-// Replace the following variables with your own values. Moreover, copy the encrypted user and backup keys from the key card into the userKey.txt and backupKey.txt files.
+// TODO: Replace the following variables with your own values. Moreover, copy the encrypted user and backup keys from the key card into the userKey.txt and backupKey.txt files.
 const commonKeyChain = "<Public key from key card>";
 const walletPassphrase = "<Wallet passphrase>";
 

examples/ts/tss-recovery/package.json

@@ -4,7 +4,7 @@
   "description": "TSS User <> Backup keycard signing",
   "scripts": {
     "test:ecdsa": "ts-node mpcv2-recovery.ts",
-    "test:eddsa": "ts-node TBD"
+    "test:eddsa": "ts-node eddsa-recovery.ts"
   },
   "dependencies": {
     "@bitgo/sdk-core": "28.10.0",