Revert "fix(tss): verify recipients before signing"

TICKET: WAL-375

Author: mohammadalfaiyazbitgo

modules/abstract-eth/src/abstractEthLikeNewCoins.ts

@@ -3109,16 +3109,9 @@ export abstract class AbstractEthLikeNewCoins extends AbstractEthLikeCoin {
         txParams.prebuildTx?.consolidateId ||
         txPrebuild?.consolidateId ||
         (txParams.type &&
-          [
-            'acceleration',
-            'fillNonce',
-            'transferToken',
-            'tokenApproval',
-            'consolidate',
-            'bridgeFunds',
-            'enableToken',
-            'customTx',
-          ].includes(txParams.type))
+          ['acceleration', 'fillNonce', 'transferToken', 'tokenApproval', 'consolidate', 'bridgeFunds'].includes(
+            txParams.type
+          ))
       )
     ) {
       throw new Error('missing txParams');

modules/bitgo/test/v2/unit/internal/tssUtils/ecdsa.ts

@@ -749,7 +749,6 @@ describe('TSS Ecdsa Utils:', async function () {
           backupNShare: backupKeyShare.nShares[1],
         }),
         reqId,
-        txParams: { recipients: [{ address: '0xrecipient', amount: '1000' }] },
       });
       signedTxRequest.unsignedTxs.should.deepEqual(txRequest.unsignedTxs);
       const userGpgActual = sendShareSpy.getCalls()[0].args[10] as string;
@@ -767,125 +766,12 @@ describe('TSS Ecdsa Utils:', async function () {
           backupNShare: backupKeyShare.nShares[1],
         }),
         reqId,
-        txParams: { recipients: [{ address: '0xrecipient', amount: '1000' }] },
       });
       signedTxRequest.unsignedTxs.should.deepEqual(txRequest.unsignedTxs);
       const userGpgActual = sendShareSpy.getCalls()[0].args[10] as string;
       userGpgActual.should.startWith('-----BEGIN PGP PUBLIC KEY BLOCK-----');
     });
 
-    it('signTxRequest should fail when txParams is missing', async function () {
-      await tssUtils
-        .signTxRequest({
-          txRequest,
-          prv: JSON.stringify({
-            pShare: userKeyShare.pShare,
-            bitgoNShare: bitgoKeyShare.nShares[1],
-            backupNShare: backupKeyShare.nShares[1],
-          }),
-          reqId,
-        })
-        .should.be.rejectedWith(
-          'Recipient details are required to verify this transaction before signing. Pass txParams with at least one recipient.'
-        );
-    });
-
-    it('signTxRequest should fail when txParams has empty recipients', async function () {
-      await tssUtils
-        .signTxRequest({
-          txRequest,
-          prv: JSON.stringify({
-            pShare: userKeyShare.pShare,
-            bitgoNShare: bitgoKeyShare.nShares[1],
-            backupNShare: backupKeyShare.nShares[1],
-          }),
-          reqId,
-          txParams: { recipients: [] },
-        })
-        .should.be.rejectedWith(
-          'Recipient details are required to verify this transaction before signing. Pass txParams with at least one recipient.'
-        );
-    });
-
-    it('signTxRequest should succeed when recipients are only in intent (smart contract interaction)', async function () {
-      await setupSignTxRequestNocks(false, userSignShare, aShare, dShare, enterpriseData);
-      const txRequestWithIntentRecipients = {
-        ...txRequest,
-        intent: {
-          intentType: 'contractCall',
-          recipients: [
-            {
-              address: { address: '0xrecipient' },
-              amount: { value: '1000', symbol: 'hteth' },
-            },
-          ],
-        },
-      };
-      const signedTxRequest = await tssUtils.signTxRequest({
-        txRequest: txRequestWithIntentRecipients,
-        prv: JSON.stringify({
-          pShare: userKeyShare.pShare,
-          bitgoNShare: bitgoKeyShare.nShares[1],
-          backupNShare: backupKeyShare.nShares[1],
-        }),
-        reqId,
-        // no txParams.recipients — should fall back to intent.recipients
-      });
-      signedTxRequest.unsignedTxs.should.deepEqual(txRequest.unsignedTxs);
-    });
-
-    it('signTxRequest should succeed for no-recipient tx types (tokenApproval)', async function () {
-      await setupSignTxRequestNocks(false, userSignShare, aShare, dShare, enterpriseData);
-      const signedTxRequest = await tssUtils.signTxRequest({
-        txRequest,
-        prv: JSON.stringify({
-          pShare: userKeyShare.pShare,
-          bitgoNShare: bitgoKeyShare.nShares[1],
-          backupNShare: backupKeyShare.nShares[1],
-        }),
-        reqId,
-        txParams: { type: 'tokenApproval' },
-      });
-      signedTxRequest.unsignedTxs.should.deepEqual(txRequest.unsignedTxs);
-    });
-
-    it('signTxRequest should succeed for no-recipient tx types (acceleration)', async function () {
-      await setupSignTxRequestNocks(false, userSignShare, aShare, dShare, enterpriseData);
-      const signedTxRequest = await tssUtils.signTxRequest({
-        txRequest,
-        prv: JSON.stringify({
-          pShare: userKeyShare.pShare,
-          bitgoNShare: bitgoKeyShare.nShares[1],
-          backupNShare: backupKeyShare.nShares[1],
-        }),
-        reqId,
-        txParams: { type: 'acceleration' },
-      });
-      signedTxRequest.unsignedTxs.should.deepEqual(txRequest.unsignedTxs);
-    });
-
-    it('signTxRequest should prefer txParams.recipients over intent.recipients when both are present', async function () {
-      await setupSignTxRequestNocks(false, userSignShare, aShare, dShare, enterpriseData);
-      const txRequestWithBothRecipients = {
-        ...txRequest,
-        intent: {
-          intentType: 'contractCall',
-          recipients: [{ address: { address: '0xintentRecipient' }, amount: { value: '9999', symbol: 'hteth' } }],
-        },
-      };
-      const signedTxRequest = await tssUtils.signTxRequest({
-        txRequest: txRequestWithBothRecipients,
-        prv: JSON.stringify({
-          pShare: userKeyShare.pShare,
-          bitgoNShare: bitgoKeyShare.nShares[1],
-          backupNShare: backupKeyShare.nShares[1],
-        }),
-        reqId,
-        txParams: { recipients: [{ address: '0xrecipient', amount: '1000' }] },
-      });
-      signedTxRequest.unsignedTxs.should.deepEqual(txRequest.unsignedTxs);
-    });
-
     it('signTxRequest should fail with wrong recipient', async function () {
       // To generate these Hex values, we used the bitgo-ui to create a transaction and then
       // used the `signableHex` and `serializedTxHex` values from the prebuild.

modules/bitgo/test/v2/unit/internal/tssUtils/ecdsaMPCv2/signTxRequest.ts

@@ -193,7 +193,6 @@ describe('signTxRequest:', function () {
       txRequest,
       prv: userPrvBase64,
       reqId,
-      txParams: { recipients: [{ address: '0xrecipient', amount: '1000' }] },
     });
     nockPromises[0].isDone().should.be.true();
     nockPromises[1].isDone().should.be.true();
@@ -216,7 +215,6 @@ describe('signTxRequest:', function () {
       prv: backupPrvBase64,
       mpcv2PartyId: 1,
       reqId,
-      txParams: { recipients: [{ address: '0xrecipient', amount: '1000' }] },
     });
     nockPromises[0].isDone().should.be.true();
     nockPromises[1].isDone().should.be.true();
@@ -238,7 +236,6 @@ describe('signTxRequest:', function () {
       txRequest,
       prv: userPrvBase64,
       reqId,
-      txParams: { recipients: [{ address: '0xrecipient', amount: '1000' }] },
     });
     nockPromises[0].isDone().should.be.true();
     nockPromises[1].isDone().should.be.true();
@@ -260,7 +257,6 @@ describe('signTxRequest:', function () {
       txRequest,
       prv: userPrvBase64,
       reqId,
-      txParams: { recipients: [{ address: '0xrecipient', amount: '1000' }] },
     });
     nockPromises[0].isDone().should.be.true();
     nockPromises[1].isDone().should.be.true();
@@ -281,197 +277,11 @@ describe('signTxRequest:', function () {
         txRequest,
         prv: userPrvBase64,
         reqId,
-        txParams: { recipients: [{ address: '0xrecipient', amount: '1000' }] },
       })
       .should.be.rejectedWith('Too many requests, slow down!');
     nockPromises[0].isDone().should.be.true();
     nockPromises[1].isDone().should.be.false();
   });
-
-  it('rejects signTxRequest when txParams is missing', async function () {
-    const userShare = fs.readFileSync(shareFiles[vector.party1]);
-    const userPrvBase64 = Buffer.from(userShare).toString('base64');
-    await tssUtils
-      .signTxRequest({
-        txRequest,
-        prv: userPrvBase64,
-        reqId,
-      })
-      .should.be.rejectedWith(
-        'Recipient details are required to verify this transaction before signing. Pass txParams with at least one recipient.'
-      );
-  });
-
-  it('rejects signTxRequest when txParams has empty recipients', async function () {
-    const userShare = fs.readFileSync(shareFiles[vector.party1]);
-    const userPrvBase64 = Buffer.from(userShare).toString('base64');
-    await tssUtils
-      .signTxRequest({
-        txRequest,
-        prv: userPrvBase64,
-        reqId,
-        txParams: { recipients: [] },
-      })
-      .should.be.rejectedWith(
-        'Recipient details are required to verify this transaction before signing. Pass txParams with at least one recipient.'
-      );
-  });
-
-  it('accepts signTxRequest when recipients are only in intent (smart contract interaction)', async function () {
-    const txRequestWithIntentRecipients = {
-      ...txRequest,
-      intent: {
-        intentType: 'contractCall',
-        recipients: [
-          {
-            address: { address: '0xrecipient' },
-            amount: { value: '1000', symbol: 'hteth' },
-          },
-        ],
-      },
-    };
-    const nockPromises = [
-      await nockTxRequestResponseSignatureShareRoundOne(bitgoParty, txRequestWithIntentRecipients, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundTwo(bitgoParty, txRequestWithIntentRecipients, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundThree(txRequestWithIntentRecipients),
-      await nockSendTxRequest(txRequestWithIntentRecipients),
-    ];
-    await Promise.all(nockPromises);
-
-    const userShare = fs.readFileSync(shareFiles[vector.party1]);
-    const userPrvBase64 = Buffer.from(userShare).toString('base64');
-    // Falls back to intent.recipients — guard should pass and signing should complete
-    await tssUtils.signTxRequest({
-      txRequest: txRequestWithIntentRecipients,
-      prv: userPrvBase64,
-      reqId,
-      // no txParams.recipients
-    });
-    nockPromises[0].isDone().should.be.true();
-    nockPromises[1].isDone().should.be.true();
-    nockPromises[2].isDone().should.be.true();
-  });
-
-  it('accepts signTxRequest for no-recipient tx types (tokenApproval)', async function () {
-    const nockPromises = [
-      await nockTxRequestResponseSignatureShareRoundOne(bitgoParty, txRequest, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundTwo(bitgoParty, txRequest, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundThree(txRequest),
-      await nockSendTxRequest(txRequest),
-    ];
-    await Promise.all(nockPromises);
-
-    const userShare = fs.readFileSync(shareFiles[vector.party1]);
-    const userPrvBase64 = Buffer.from(userShare).toString('base64');
-    // Type exemption applies — guard passes without recipients
-    await tssUtils.signTxRequest({
-      txRequest,
-      prv: userPrvBase64,
-      reqId,
-      txParams: { type: 'tokenApproval' },
-    });
-    nockPromises[0].isDone().should.be.true();
-    nockPromises[1].isDone().should.be.true();
-    nockPromises[2].isDone().should.be.true();
-  });
-
-  it('accepts signTxRequest for no-recipient tx types (acceleration)', async function () {
-    const nockPromises = [
-      await nockTxRequestResponseSignatureShareRoundOne(bitgoParty, txRequest, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundTwo(bitgoParty, txRequest, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundThree(txRequest),
-      await nockSendTxRequest(txRequest),
-    ];
-    await Promise.all(nockPromises);
-
-    const userShare = fs.readFileSync(shareFiles[vector.party1]);
-    const userPrvBase64 = Buffer.from(userShare).toString('base64');
-    await tssUtils.signTxRequest({
-      txRequest,
-      prv: userPrvBase64,
-      reqId,
-      txParams: { type: 'acceleration' },
-    });
-    nockPromises[0].isDone().should.be.true();
-    nockPromises[1].isDone().should.be.true();
-    nockPromises[2].isDone().should.be.true();
-  });
-
-  it('accepts signTxRequest for no-recipient tx types (customTx)', async function () {
-    const nockPromises = [
-      await nockTxRequestResponseSignatureShareRoundOne(bitgoParty, txRequest, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundTwo(bitgoParty, txRequest, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundThree(txRequest),
-      await nockSendTxRequest(txRequest),
-    ];
-    await Promise.all(nockPromises);
-
-    const userShare = fs.readFileSync(shareFiles[vector.party1]);
-    const userPrvBase64 = Buffer.from(userShare).toString('base64');
-    // DeFi/WalletConnect smart contract interactions have no traditional recipients
-    await tssUtils.signTxRequest({
-      txRequest,
-      prv: userPrvBase64,
-      reqId,
-      txParams: { type: 'customTx' },
-    });
-    nockPromises[0].isDone().should.be.true();
-    nockPromises[1].isDone().should.be.true();
-    nockPromises[2].isDone().should.be.true();
-  });
-
-  it('accepts signTxRequest for no-recipient tx types (enableToken)', async function () {
-    const nockPromises = [
-      await nockTxRequestResponseSignatureShareRoundOne(bitgoParty, txRequest, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundTwo(bitgoParty, txRequest, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundThree(txRequest),
-      await nockSendTxRequest(txRequest),
-    ];
-    await Promise.all(nockPromises);
-
-    const userShare = fs.readFileSync(shareFiles[vector.party1]);
-    const userPrvBase64 = Buffer.from(userShare).toString('base64');
-    // TSS wallets do not populate recipients for token enablement — exemption must apply
-    await tssUtils.signTxRequest({
-      txRequest,
-      prv: userPrvBase64,
-      reqId,
-      txParams: { type: 'enableToken' },
-    });
-    nockPromises[0].isDone().should.be.true();
-    nockPromises[1].isDone().should.be.true();
-    nockPromises[2].isDone().should.be.true();
-  });
-
-  it('accepts signTxRequest when txParams.recipients takes priority over intent.recipients', async function () {
-    const txRequestWithBothRecipients = {
-      ...txRequest,
-      intent: {
-        intentType: 'contractCall',
-        recipients: [{ address: { address: '0xintentRecipient' }, amount: { value: '9999', symbol: 'hteth' } }],
-      },
-    };
-    const nockPromises = [
-      await nockTxRequestResponseSignatureShareRoundOne(bitgoParty, txRequestWithBothRecipients, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundTwo(bitgoParty, txRequestWithBothRecipients, bitgoGpgKey),
-      await nockTxRequestResponseSignatureShareRoundThree(txRequestWithBothRecipients),
-      await nockSendTxRequest(txRequestWithBothRecipients),
-    ];
-    await Promise.all(nockPromises);
-
-    const userShare = fs.readFileSync(shareFiles[vector.party1]);
-    const userPrvBase64 = Buffer.from(userShare).toString('base64');
-    // txParams.recipients takes priority — guard passes and signing completes
-    await tssUtils.signTxRequest({
-      txRequest: txRequestWithBothRecipients,
-      prv: userPrvBase64,
-      reqId,
-      txParams: { recipients: [{ address: '0xrecipient', amount: '1000' }] },
-    });
-    nockPromises[0].isDone().should.be.true();
-    nockPromises[1].isDone().should.be.true();
-    nockPromises[2].isDone().should.be.true();
-  });
 });
 
 export function getBitGoPartyGpgKeyPrv(key: openpgp.SerializedKeyPair<string>): DklsTypes.PartyGpgKey {

modules/sdk-core/src/bitgo/pendingApproval/pendingApproval.ts

@@ -250,9 +250,7 @@ export class PendingApproval implements IPendingApproval {
     }
 
     const decryptedPrv = await this.wallet.getPrv({ walletPassphrase });
-    const pendingApprovalRecipients = this._pendingApproval.info?.transactionRequest?.recipients;
-    const txParams = pendingApprovalRecipients?.length ? { recipients: pendingApprovalRecipients } : undefined;
-    const txRequest = await this.tssUtils!.recreateTxRequest(txRequestId, decryptedPrv, reqId, txParams);
+    const txRequest = await this.tssUtils!.recreateTxRequest(txRequestId, decryptedPrv, reqId);
     if (txRequest.apiVersion === 'lite') {
       if (!txRequest.unsignedTxs || txRequest.unsignedTxs.length === 0) {
         throw new Error('Unexpected error, no transactions found in txRequest.');