feat(sdk-lib-mpc): support DKLS DKG primitives #4281
Conversation
islamaminBitGo
force-pushed
the
dkls-dkg
branch
from
64b48c1
to
0f3808e
Compare
|
New dependencies detected. Learn more about Socket for GitHub ↗︎
|
|
👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎ This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. |
islamaminBitGo
force-pushed
the
dkls-dkg
branch
7 times, most recently
from
4cb279a
to
cdcfc87
Compare
| * @param publicArmor public key to encrypt with | ||
| * @param privateArmor private key to sign with | ||
| */ | ||
| export async function encryptAndDetachSignText( |
There was a problem hiding this comment.
i recently added these openpgp utility functions but decided to move them to where they're actually needed plus change them to encrypt + decrypt and sign + verify binary data to be compatible with hsm.
islamaminBitGo
force-pushed
the
dkls-dkg
branch
3 times, most recently
from
500985e
to
697ba80
Compare
| export type SerializedP2PMessage = P2PMessage<string, string>; | ||
| export type DeserializedP2PMessage = P2PMessage<Uint8Array, Uint8Array>; | ||
| export type AuthEncP2PMessage = P2PMessage<AuthEncMessage, string>; | ||
| export type AuthBroadcastMessage = BroadcastMessage<AuthEncMessage>; |
There was a problem hiding this comment.
AuthBroadcastMessage being parameterized to AuthEncMessage is a little confusing, maybe apart from AuthEncMessage, we need another type AuthMessage, with message and signature.
| }, | ||
| }); | ||
| return { | ||
| encryptedMessage: data.toString('base64'), |
There was a problem hiding this comment.
See my comment about adding AuthMessage.
| * @param signedMessage message to verify | ||
| * @param publicArmor public key to verify signature with | ||
| */ | ||
| export async function verifySignedData(signedMessage: AuthEncMessage, publicArmor: string): Promise<boolean> { |
There was a problem hiding this comment.
See my comment about adding AuthMessage.
islamaminBitGo
force-pushed
the
dkls-dkg
branch
from
697ba80
to
779b1e6
Compare
| user.handleIncomingMessages({ | ||
| p2pMessages: [], | ||
| broadcastMessages: bitgoRound4Messages.broadcastMessages.concat(backupRound4Messages.broadcastMessages), | ||
| }); | ||
| bitgo.handleIncomingMessages({ | ||
| p2pMessages: [], | ||
| broadcastMessages: backupRound4Messages.broadcastMessages.concat(userRound4Messages.broadcastMessages), | ||
| }); | ||
| backup.handleIncomingMessages({ | ||
| p2pMessages: [], | ||
| broadcastMessages: bitgoRound4Messages.broadcastMessages.concat(userRound4Messages.broadcastMessages), | ||
| }); |
There was a problem hiding this comment.
maybe add a check that all three parties get to the same public key in their keyshares.
islamaminBitGo
force-pushed
the
dkls-dkg
branch
from
779b1e6
to
1042642
Compare
Ticket: HSM-267 BREAKING CHANGE: moves and renames authenticated encryption utility functions to sdk-lib-mpc
islamaminBitGo
force-pushed
the
dkls-dkg
branch
from
1042642
to
ccd6e66
Compare
Ticket: HSM-267
* Broadcast messages are only authenticated (signed with the sender's private gpg key).
* P2P messages are authenticated using the sender's private gpg key and encrypted to the recipient's public gpg key).