test(bitgo, sdk-api): add e2e v2 signing test for DKLS offline rounds with adata

pranavjain97 · pranavjain97 · commit f27db52151b3 · 2026-05-01T15:42:11.000-04:00
- e2e 3-round offline signing with v2 encrypted keys and adata context binding - validates v2 envelopes with adata at each round boundary (round 1->2->3) - tests validateAdata rejects mismatched adata on v2 envelopes - fix typesEddsaMPCv2 imports (EddsaMPCv2KeyGen* -> MPCv2KeyGen*) WCN-32
diff --git a/modules/bitgo/test/v2/unit/internal/tssUtils/ecdsaMPCv2/signTxRequest.ts b/modules/bitgo/test/v2/unit/internal/tssUtils/ecdsaMPCv2/signTxRequest.ts
@@ -263,6 +263,122 @@ describe('signTxRequest:', function () {
     nockPromises[2].isDone().should.be.true();
   });
 
+  describe('v2 encryption (offline rounds with adata)', function () {
+    it('e2e: 3-round offline signing with v2 encrypted keys preserves adata context binding', async function () {
+      const walletPassphrase = 'testpassphrase';
+      const userShare = fs.readFileSync(shareFiles[vector.party1]);
+      const userPrvBase64 = Buffer.from(userShare).toString('base64');
+
+      // Encrypt the prv with v2 to trigger the v2 path
+      const encryptedPrv = await bitgo.encryptAsync({
+        input: userPrvBase64,
+        password: walletPassphrase,
+        encryptionVersion: 2,
+      });
+      JSON.parse(encryptedPrv).v.should.equal(2);
+
+      // Round 1: encrypt session + GPG key with v2 + adata (purely local, no server call)
+      const round1Result = await tssUtils.createOfflineRound1Share({
+        txRequest,
+        prv: userPrvBase64,
+        walletPassphrase,
+        encryptedPrv,
+      });
+
+      // Verify round 1 output has v2 envelopes with adata
+      const r1SessionEnvelope = JSON.parse(round1Result.encryptedRound1Session);
+      r1SessionEnvelope.v.should.equal(2);
+      r1SessionEnvelope.should.have.property('adata');
+      r1SessionEnvelope.should.have.property('hkdfSalt');
+
+      const r1GpgEnvelope = JSON.parse(round1Result.encryptedUserGpgPrvKey);
+      r1GpgEnvelope.v.should.equal(2);
+      r1GpgEnvelope.should.have.property('adata');
+      r1SessionEnvelope.adata.should.equal(r1GpgEnvelope.adata);
+
+      // Nock BitGo round 1 response and submit
+      await nockTxRequestResponseSignatureShareRoundOne(bitgoParty, txRequest, bitgoGpgKey);
+      const transactions = getRoute('ecdsa');
+      const round1TxRequestResponse = await bitgo
+        .post(bitgo.url(`/wallet/${txRequest.walletId}/txrequests/${txRequest.txRequestId + transactions}/sign`, 2))
+        .send({
+          signatureShares: [round1Result.signatureShareRound1],
+          signerGpgPublicKey: round1Result.userGpgPubKey,
+        })
+        .result();
+
+      // Merge server response with original txRequest (server only returns signatureShares)
+      const round1TxReq: TxRequest = {
+        ...txRequest,
+        transactions: [
+          {
+            ...txRequest.transactions![0],
+            signatureShares: round1TxRequestResponse.transactions[0].signatureShares,
+          },
+        ],
+      };
+
+      // Round 2: decrypt v2 round 1 session (validates adata), encrypt round 2 session
+      const round2Result = await tssUtils.createOfflineRound2Share({
+        txRequest: round1TxReq,
+        prv: userPrvBase64,
+        walletPassphrase,
+        bitgoPublicGpgKey: bitgoGpgKey.publicKey,
+        encryptedUserGpgPrvKey: round1Result.encryptedUserGpgPrvKey,
+        encryptedRound1Session: round1Result.encryptedRound1Session,
+      });
+
+      // Verify round 2 output has v2 envelope with adata
+      const r2Envelope = JSON.parse(round2Result.encryptedRound2Session);
+      r2Envelope.v.should.equal(2);
+      r2Envelope.should.have.property('adata');
+      r2Envelope.adata.should.equal(r1SessionEnvelope.adata);
+
+      // Nock BitGo round 2 response and submit
+      await nockTxRequestResponseSignatureShareRoundTwo(bitgoParty, txRequest, bitgoGpgKey);
+      const round2TxRequestResponse = await bitgo
+        .post(bitgo.url(`/wallet/${txRequest.walletId}/txrequests/${txRequest.txRequestId + transactions}/sign`, 2))
+        .send({
+          signatureShares: [round2Result.signatureShareRound2],
+          signerGpgPublicKey: round1Result.userGpgPubKey,
+        })
+        .result();
+
+      const round2TxReq: TxRequest = {
+        ...txRequest,
+        transactions: [
+          {
+            ...txRequest.transactions![0],
+            signatureShares: round2TxRequestResponse.transactions[0].signatureShares,
+          },
+        ],
+      };
+
+      // Round 3: decrypt v2 round 2 session (validates adata), produce final signature share
+      const round3Result = await tssUtils.createOfflineRound3Share({
+        txRequest: round2TxReq,
+        prv: userPrvBase64,
+        walletPassphrase,
+        bitgoPublicGpgKey: bitgoGpgKey.publicKey,
+        encryptedUserGpgPrvKey: round1Result.encryptedUserGpgPrvKey,
+        encryptedRound2Session: round2Result.encryptedRound2Session,
+      });
+
+      round3Result.should.have.property('signatureShareRound3');
+    });
+
+    it('validateAdata rejects v2 envelopes with mismatched adata', async function () {
+      const ct = await bitgo.encryptAsync({
+        input: 'test-data',
+        password: 'testpass',
+        encryptionVersion: 2,
+        adata: 'context-A',
+      });
+
+      (() => (tssUtils as any).validateAdata('context-B', ct)).should.throw(/Adata does not match/);
+    });
+  });
+
   it('fails to signs a txRequest for a dkls hot wallet after receiving over 3 429 errors', async function () {
     const nockPromises = [
       await nockTxRequestResponseSignatureShareRoundOne(bitgoParty, txRequest, bitgoGpgKey),
diff --git a/modules/sdk-api/test/unit/encrypt.ts b/modules/sdk-api/test/unit/encrypt.ts
@@ -150,14 +150,6 @@ describe('encryption methods tests', () => {
       await assert.rejects(() => decryptV2(password, JSON.stringify(envelope)), /operation-specific reason|incorrect/i);
     });
 
-    it('encrypts and decrypts without adata (backward compat)', async () => {
-      const ciphertext = await encryptV2(password, plaintext);
-      const envelope: V2Envelope = JSON.parse(ciphertext);
-      assert.strictEqual(envelope.adata, undefined);
-      const decrypted = await decryptV2(password, ciphertext);
-      assert.strictEqual(decrypted, plaintext);
-    });
-
     it('v1 and v2 are independent (v1 data does not decrypt with v2)', async () => {
       const v1ct = encrypt(password, plaintext);
       await assert.rejects(() => decryptV2(password, v1ct), /invalid envelope/);
diff --git a/modules/sdk-core/src/bitgo/utils/tss/eddsa/typesEddsaMPCv2.ts b/modules/sdk-core/src/bitgo/utils/tss/eddsa/typesEddsaMPCv2.ts
@@ -1,15 +1,18 @@
 import * as t from 'io-ts';
 import {
-  MPCv2KeyGenRound1Request,
-  MPCv2KeyGenRound1Response,
-  MPCv2KeyGenRound2Request,
-  MPCv2KeyGenRound2Response,
+  EddsaMPCv2KeyGenRound1Request,
+  EddsaMPCv2KeyGenRound1Response,
+  EddsaMPCv2KeyGenRound2Request,
+  EddsaMPCv2KeyGenRound2Response,
 } from '@bitgo/public-types';
 
-export const generateEddsaMPCv2KeyRequestBody = t.union([MPCv2KeyGenRound1Request, MPCv2KeyGenRound2Request]);
+export const generateEddsaMPCv2KeyRequestBody = t.union([EddsaMPCv2KeyGenRound1Request, EddsaMPCv2KeyGenRound2Request]);
 
 export type GenerateEddsaMPCv2KeyRequestBody = t.TypeOf<typeof generateEddsaMPCv2KeyRequestBody>;
 
-export const generateEddsaMPCv2KeyRequestResponse = t.union([MPCv2KeyGenRound1Response, MPCv2KeyGenRound2Response]);
+export const generateEddsaMPCv2KeyRequestResponse = t.union([
+  EddsaMPCv2KeyGenRound1Response,
+  EddsaMPCv2KeyGenRound2Response,
+]);
 
 export type GenerateEddsaMPCv2KeyRequestResponse = t.TypeOf<typeof generateEddsaMPCv2KeyRequestResponse>;
