Conversation
Marzooqa
force-pushed
the
WCI-223
branch
2 times, most recently
from
d7e3741 to
5c8ea10
Compare
EdDSA MPCv2 (MPS) DKG requires an ed25519 GPG key with an X25519 encryption subkey. Using the existing secp256k1 mpcv2PublicKey caused a WASM "Invalid Input" error. This adds a dedicated eddsaMpcv2PublicKey field throughout the key-fetching pipeline so EdDSA and ECDSA MPCv2 wallets each use the correct BitGo GPG key. Also fixes ed25519 GPG key generation to include a dedicated signing subkey, which is required by the HSM's mps.js validator. WCI-223 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> TICKET: WCI-223
Marzooqa
requested review from
kisslove-dewangan,
mrdanish26 and
zahin-mohammad
zahin-mohammad
approved these changes
Apr 21, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
1. Wrong BitGo GPG key type
eddsaMPCv2.tswas usingmpcv2PublicKeyfrom the feature flags endpoint,which is a secp256k1 key used for ECDSA MPCv2. The
EddsaMPSDkgWASMrequires an ed25519 GPG key with an X25519 encryption subkey. Passing the
wrong key type caused an immediate "Invalid Input" error from the WASM.
2. Missing GPG signing subkey
generateGPGKeyPair('ed25519')produced:- Primary: ed25519 (sign + certify)
- Subkey: curve25519 (encrypt)
The HSM's MPS keygen verifies each party's GPG key by calling
getSigningKey()and readingkey.bindingSignatures— a property thatonly exists on subkeys, not the primary key. With no dedicated signing
subkey,
getSigningKey()returns the primary key andbindingSignaturesis undefined, causing:
Changes
New dedicated EdDSA MPCv2 key pipeline:
bitgoPubKeys.ts— AddededdsaMpcv2hardcoded key map (on-prem test/staging) andisBitgoEddsaMpcv2PubKey()validatorbaseTypes.ts— AddededdsaMpcv2PublicKey?: stringtoBitgoGPGPublicKeyopengpgUtils.ts—getBitgoGpgPubKey()now readsbitgoEddsaMpcv2PublicKeyfrom constants and returns it aseddsaMpcV2baseTSSUtils.ts— AddedbitgoEddsaMpcv2PublicGpgKeyfield,getBitgoEddsaMpcv2PublicGpgKey()getter, wired throughsetBitgoGpgPubKey();getBitgoGpgPubkeyBasedOnFeatureFlags()now returns{ mpcv2PublicKey: Key, eddsaMpcv2PublicKey: Key | undefined }eddsaMPCv2.ts— UseseddsaMpcv2PublicKey(ed25519) with fallback tobitgoEddsaMpcv2PublicGpgKey; validates againstisBitgoEddsaMpcv2PubKey()GPG key generation fix:
opengpgUtils.ts—generateGPGKeyPair('ed25519')now passessubkeys: [{sign: true}, {sign: false}], producing a dedicated ed25519signing subkey. This matches the key structure used in the HSM's own test suite (
hsm-api/test/mps.js)Unrelated callers updated:
ecdsa.ts,ecdsaMPCv2.ts— Destructure new return shape ofgetBitgoGpgPubkeyBasedOnFeatureFlags()Test plan
yarn run unit-test --scope @bitgo/sdk-coreyarn run unit-test --scope bitgoCo-Authored-By: Claude Sonnet 4.6 noreply@anthropic.com
TICKET: WCI-223