feat(sdk-core): add signRecoveryMpcV2 for EdDSA MPCv2 offline signing#9024
Open
vibhavgo wants to merge 1 commit into
Open
feat(sdk-core): add signRecoveryMpcV2 for EdDSA MPCv2 offline signing#9024vibhavgo wants to merge 1 commit into
vibhavgo wants to merge 1 commit into
Conversation
vibhavgo
force-pushed
the
WCI-397/sdk-core
branch
from
81215c8 to
b02b31e
Compare
vibhavgo
force-pushed
the
WCI-396/sdk-core
branch
from
75eea88 to
e0ef825
Compare
lcovar
previously approved these changes
Jun 15, 2026
vibhavgo
force-pushed
the
WCI-396/sdk-core
branch
2 times, most recently
from
d225f17 to
95b7c38
Compare
vibhavgo
force-pushed
the
WCI-397/sdk-core
branch
4 times, most recently
from
7b079de to
7d7406e
Compare
Ticket: WCI-397 Implements local 2-party MPS signing for EdDSA MPCv2 recovery flows, mirroring the existing ECDSA signRecoveryMpcV2 pattern. The function runs the MPS DSG protocol to round 3 using user and backup key shares, then verifies the resulting 64-byte Ed25519 signature against the child public key derived via deriveUnhardenedMps. - export `signRecoveryMpcV2` from eddsaMPCv2.ts - drives `MPSUtil.executeTillRound(3, ...)` locally with user + backup DSG instances - derives the child public key via `deriveUnhardenedMps(commonKeyChain, derivationPath)` - verifies the signature with `nacl.sign.detached.verify`; throws on mismatch - add unit tests for `signRecoveryMpcV2` - valid path: 64-byte signature verifies against derived public key - tampered message: signature does not verify against a different message - wrong commonKeyChain: throws "EdDSA MPCv2 recovery signature verification failed" Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Cursor <cursoragent@cursor.com>
vibhavgo
force-pushed
the
WCI-397/sdk-core
branch
from
7d7406e to
b870319
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds
signRecoveryMpcV2tomodules/sdk-core/src/bitgo/utils/tss/eddsa/eddsaMPCv2.tsas a standalone export for EdDSA MPCv2 recovery signing flows. The function drives the MPS DSG protocol locally to completion using user and backup key shares (obtained fromgetEddsaMPCv2RecoveryKeyShares), then verifies the resulting 64-byte Ed25519 signature against the child public key derived viaderiveUnhardenedMps. Mirrors the existing ECDSAsignRecoveryMpcV2pattern.Issue Number
WCI-397
Type of change
How Has This Been Tested?
Unit tests added in
modules/sdk-core/test/unit/bitgo/utils/tss/eddsa/eddsaMPCv2.tsunderdescribe('signRecoveryMpcV2'):nacl.sign.detached.verifyagainstderiveUnhardenedMpsfalse"EdDSA MPCv2 recovery signature verification failed"Run with: