refactor(sdk-core): consolidate WebAuthn passphrase type

MpcWebauthnInfo and GenerateWalletWebauthnInfo were identical shapes.
Promote GenerateWalletWebauthnInfo to iKeychains.ts as the single
canonical type, re-export it from iWallets.ts, and drop the duplicate
definition. All createKeychains implementations and CreateMpcOptions
now reference the shared type.

The onchain hot wallet path in generateWallet already wires webauthnInfo
through userKeychainPromise; no additional changes are needed there.

Ticket: WAL-761

Author: mohammadalfaiyazbitgo

modules/sdk-core/src/bitgo/keychain/iKeychains.ts

@@ -12,9 +12,10 @@ export interface WebauthnInfo {
   encryptedPrv: string;
 }
 
-/** WebAuthn PRF-based encryption info passed to MPC key creation. The passphrase is the
- * PRF-derived key used to encrypt the user private share before it is persisted. */
-export interface MpcWebauthnInfo {
+/** WebAuthn PRF-based encryption info for protecting the user private key with a hardware
+ * authenticator. The passphrase is the PRF-derived key used to encrypt the user private
+ * key/share before it is persisted. Never sent to the server. */
+export interface GenerateWalletWebauthnInfo {
   otpDeviceId: string;
   prfSalt: string;
   passphrase: string;
@@ -197,7 +198,7 @@ export interface CreateMpcOptions {
   originalPasscodeEncryptionCode?: string;
   enterprise?: string;
   retrofit?: DecryptedRetrofitPayload;
-  webauthnInfo?: MpcWebauthnInfo;
+  webauthnInfo?: GenerateWalletWebauthnInfo;
   encryptionVersion?: EncryptionVersion;
 }
 

modules/sdk-core/src/bitgo/utils/mpcUtils.ts

@@ -5,7 +5,7 @@ import assert from 'assert';
 import { decrypt, readMessage, readPrivateKey, SerializedKeyPair } from 'openpgp';
 import { IBaseCoin, KeychainsTriplet } from '../baseCoin';
 import { BitGoBase } from '../bitgoBase';
-import { AddKeychainOptions, Keychain, KeyType, MpcWebauthnInfo } from '../keychain';
+import { AddKeychainOptions, Keychain, KeyType, GenerateWalletWebauthnInfo } from '../keychain';
 import { encryptText, getBitgoGpgPubKey } from './opengpgUtils';
 import {
   IntentRecipient,
@@ -105,7 +105,7 @@ export abstract class MpcUtils {
     passphrase: string;
     enterprise?: string;
     originalPasscodeEncryptionCode?: string;
-    webauthnInfo?: MpcWebauthnInfo;
+    webauthnInfo?: GenerateWalletWebauthnInfo;
   }): Promise<KeychainsTriplet>;
 
   /**

modules/sdk-core/src/bitgo/utils/tss/baseTSSUtils.ts

@@ -3,7 +3,7 @@ import * as openpgp from 'openpgp';
 import { Key, readKey, SerializedKeyPair } from 'openpgp';
 import { IBaseCoin, KeychainsTriplet } from '../../baseCoin';
 import { BitGoBase } from '../../bitgoBase';
-import { Keychain, KeyIndices, MpcWebauthnInfo } from '../../keychain';
+import { Keychain, KeyIndices, GenerateWalletWebauthnInfo } from '../../keychain';
 import { getTxRequest } from '../../tss';
 import { IWallet } from '../../wallet';
 import { MpcUtils } from '../mpcUtils';
@@ -216,7 +216,7 @@ export default class BaseTssUtils<KeyShare> extends MpcUtils implements ITssUtil
     enterprise?: string | undefined;
     originalPasscodeEncryptionCode?: string | undefined;
     isThirdPartyBackup?: boolean;
-    webauthnInfo?: MpcWebauthnInfo;
+    webauthnInfo?: GenerateWalletWebauthnInfo;
     encryptionVersion?: EncryptionVersion;
   }): Promise<KeychainsTriplet> {
     throw new Error('Method not implemented.');

modules/sdk-core/src/bitgo/utils/tss/baseTypes.ts

@@ -1,7 +1,7 @@
 import { Key, SerializedKeyPair } from 'openpgp';
 import { EncryptionVersion, IEncryptionSession, IRequestTracer } from '../../../api';
 import { KeychainsTriplet, ParsedTransaction, TransactionParams } from '../../baseCoin';
-import { ApiKeyShare, Keychain, MpcWebauthnInfo } from '../../keychain';
+import { ApiKeyShare, Keychain, GenerateWalletWebauthnInfo } from '../../keychain';
 import { ApiVersion, Memo, WalletType } from '../../wallet';
 import { EDDSA, GShare, Signature, SignShare } from '../../../account-lib/mpc/tss';
 import { Signature as EcdsaSignature } from '../../../account-lib/mpc/tss/ecdsa/types';
@@ -482,7 +482,7 @@ export type CreateKeychainParamsBase = {
   passphrase?: string;
   enterprise?: string;
   originalPasscodeEncryptionCode?: string;
-  webauthnInfo?: MpcWebauthnInfo;
+  webauthnInfo?: GenerateWalletWebauthnInfo;
   encryptionVersion?: EncryptionVersion;
   encryptionSession?: IEncryptionSession;
 };

modules/sdk-core/src/bitgo/utils/tss/ecdsa/ecdsa.ts

@@ -7,7 +7,7 @@ import { EcdsaPaillierProof, EcdsaRangeProof, EcdsaTypes, hexToBigInt, minModulu
 import { bip32 } from '@bitgo/utxo-lib';
 
 import { ECDSA, Ecdsa } from '../../../../account-lib/mpc/tss';
-import { AddKeychainOptions, Keychain, KeyType, MpcWebauthnInfo } from '../../../keychain';
+import { AddKeychainOptions, Keychain, KeyType, GenerateWalletWebauthnInfo } from '../../../keychain';
 import ECDSAMethods, { ECDSAMethodTypes } from '../../../tss/ecdsa';
 import { KeychainsTriplet } from '../../../baseCoin';
 import {
@@ -106,7 +106,7 @@ export class EcdsaUtils extends BaseEcdsaUtils {
     passphrase: string;
     enterprise?: string | undefined;
     originalPasscodeEncryptionCode?: string | undefined;
-    webauthnInfo?: MpcWebauthnInfo;
+    webauthnInfo?: GenerateWalletWebauthnInfo;
   }): Promise<KeychainsTriplet> {
     const MPC = new Ecdsa();
     const m = 2;
@@ -309,7 +309,7 @@ export class EcdsaUtils extends BaseEcdsaUtils {
     bitgoKeychain: Keychain,
     passphrase: string,
     originalPasscodeEncryptionCode?: string,
-    webauthnInfo?: MpcWebauthnInfo
+    webauthnInfo?: GenerateWalletWebauthnInfo
   ): Promise<Keychain> {
     const bitgoKeyShares = bitgoKeychain.keyShares;
     if (!bitgoKeyShares) {

modules/sdk-core/src/bitgo/utils/tss/ecdsa/ecdsaMPCv2.ts

@@ -21,7 +21,7 @@ import {
 } from '@bitgo/public-types';
 
 import { Ecdsa } from '../../../../account-lib';
-import { AddKeychainOptions, Keychain, KeyType, MpcWebauthnInfo } from '../../../keychain';
+import { AddKeychainOptions, Keychain, KeyType, GenerateWalletWebauthnInfo } from '../../../keychain';
 import { DecryptedRetrofitPayload } from '../../../keychain/iKeychains';
 import { ECDSAMethodTypes, getTxRequest } from '../../../tss';
 import { sendSignatureShareV2, sendTxRequest } from '../../../tss/common';
@@ -63,7 +63,7 @@ export class EcdsaMPCv2Utils extends BaseEcdsaUtils {
     enterprise: string;
     originalPasscodeEncryptionCode?: string;
     retrofit?: DecryptedRetrofitPayload;
-    webauthnInfo?: MpcWebauthnInfo;
+    webauthnInfo?: GenerateWalletWebauthnInfo;
     encryptionVersion?: EncryptionVersion;
   }): Promise<KeychainsTriplet> {
     const { userSession, backupSession } = this.getUserAndBackupSession(2, 3, params.retrofit);
@@ -368,7 +368,7 @@ export class EcdsaMPCv2Utils extends BaseEcdsaUtils {
     reducedPrivateMaterial?: Buffer,
     passphrase?: string,
     originalPasscodeEncryptionCode?: string,
-    webauthnInfo?: MpcWebauthnInfo,
+    webauthnInfo?: GenerateWalletWebauthnInfo,
     encryptionSession?: {
       encrypt(plaintext: string): Promise<string>;
       decrypt(ciphertext: string): Promise<string>;
@@ -558,7 +558,7 @@ export class EcdsaMPCv2Utils extends BaseEcdsaUtils {
     reducedPrivateMaterial: Buffer,
     passphrase: string,
     originalPasscodeEncryptionCode?: string,
-    webauthnInfo?: MpcWebauthnInfo,
+    webauthnInfo?: GenerateWalletWebauthnInfo,
     encryptionSession?: {
       encrypt(plaintext: string): Promise<string>;
       decrypt(ciphertext: string): Promise<string>;

modules/sdk-core/src/bitgo/utils/tss/eddsa/eddsa.ts

@@ -4,7 +4,7 @@
 import assert from 'assert';
 import * as openpgp from 'openpgp';
 import Eddsa, { GShare, SignShare } from '../../../../account-lib/mpc/tss';
-import { AddKeychainOptions, CreateBackupOptions, Keychain, MpcWebauthnInfo } from '../../../keychain';
+import { AddKeychainOptions, CreateBackupOptions, Keychain, GenerateWalletWebauthnInfo } from '../../../keychain';
 import { verifyWalletSignature } from '../../../tss/eddsa/eddsa';
 import { createShareProof, encryptText, generateGPGKeyPair, getBitgoGpgPubKey } from '../../opengpgUtils';
 import {
@@ -368,7 +368,7 @@ export class EddsaUtils extends baseTSSUtils<KeyShare> {
     passphrase?: string;
     enterprise?: string;
     originalPasscodeEncryptionCode?: string;
-    webauthnInfo?: MpcWebauthnInfo;
+    webauthnInfo?: GenerateWalletWebauthnInfo;
     encryptionVersion?: EncryptionVersion;
   }): Promise<KeychainsTriplet> {
     const MPC = await Eddsa.initialize();

modules/sdk-core/src/bitgo/utils/tss/eddsa/eddsaMPCv2.ts

@@ -11,7 +11,7 @@ import {
 } from '@bitgo/public-types';
 import { EddsaMPSDkg, MPSComms, MPSTypes } from '@bitgo/sdk-lib-mpc';
 import { KeychainsTriplet } from '../../../baseCoin';
-import { AddKeychainOptions, Keychain, KeyType, MpcWebauthnInfo } from '../../../keychain';
+import { AddKeychainOptions, Keychain, KeyType, GenerateWalletWebauthnInfo } from '../../../keychain';
 import { envRequiresBitgoPubGpgKeyConfig, isBitgoEddsaMpcv2PubKey } from '../../../tss/bitgoPubKeys';
 import { generateGPGKeyPair } from '../../opengpgUtils';
 import { MPCv2PartiesEnum } from '../ecdsa/typesMPCv2';
@@ -24,7 +24,7 @@ export class EddsaMPCv2Utils extends BaseEddsaUtils {
     passphrase: string;
     enterprise: string;
     originalPasscodeEncryptionCode?: string;
-    webauthnInfo?: MpcWebauthnInfo;
+    webauthnInfo?: GenerateWalletWebauthnInfo;
   }): Promise<KeychainsTriplet> {
     const userKeyPair = await generateGPGKeyPair('ed25519');
     const userGpgKey = await pgp.readPrivateKey({ armoredKey: userKeyPair.privateKey });
@@ -182,7 +182,7 @@ export class EddsaMPCv2Utils extends BaseEddsaUtils {
     reducedPrivateMaterial?: Buffer,
     passphrase?: string,
     originalPasscodeEncryptionCode?: string,
-    webauthnInfo?: MpcWebauthnInfo
+    webauthnInfo?: GenerateWalletWebauthnInfo
   ): Promise<Keychain> {
     let source: string;
     let encryptedPrv: string | undefined = undefined;
@@ -251,7 +251,7 @@ export class EddsaMPCv2Utils extends BaseEddsaUtils {
     reducedPrivateMaterial: Buffer,
     passphrase: string,
     originalPasscodeEncryptionCode?: string,
-    webauthnInfo?: MpcWebauthnInfo
+    webauthnInfo?: GenerateWalletWebauthnInfo
   ): Promise<Keychain> {
     return this.createParticipantKeychain(
       MPCv2PartiesEnum.USER,

modules/sdk-core/src/bitgo/wallet/iWallets.ts

@@ -2,7 +2,7 @@ import * as t from 'io-ts';
 
 import { EncryptionVersion, IRequestTracer } from '../../api';
 import { KeychainsTriplet, LightningKeychainsTriplet } from '../baseCoin';
-import { Keychain, WebauthnInfo } from '../keychain';
+import { GenerateWalletWebauthnInfo, Keychain, WebauthnInfo } from '../keychain';
 import { IWallet, PaginationOptions, WalletShare } from './iWallet';
 import { Wallet } from './wallet';
 
@@ -42,6 +42,8 @@ export interface GenerateBaseMpcWalletOptions {
   walletVersion?: number;
 }
 
+export { GenerateWalletWebauthnInfo } from '../keychain';
+
 export interface GenerateMpcWalletOptions extends GenerateBaseMpcWalletOptions {
   passphrase: string;
   originalPasscodeEncryptionCode?: string;
@@ -54,16 +56,6 @@ export interface GenerateSMCMpcWalletOptions extends GenerateBaseMpcWalletOption
   coldDerivationSeed?: string;
 }
 
-/** WebAuthn PRF-based encryption info for protecting the user private key with a hardware authenticator. */
-export interface GenerateWalletWebauthnInfo {
-  /** The OTP device ID of the WebAuthn authenticator. */
-  otpDeviceId: string;
-  /** The PRF salt used to derive the passphrase from the authenticator. */
-  prfSalt: string;
-  /** PRF-derived passphrase used to encrypt the user private key. Never sent to the server. */
-  passphrase: string;
-}
-
 export interface GenerateWalletOptions {
   label?: string;
   passphrase?: string;