Merge pull request tkey#286 from tkey/fix/import-ed25519

ed25519: Fix export seed != import seed
tkey · Jun 24, 2024 · 2747794 · 2747794
2 parents 3eb9cbb + d3bff82
commit 2747794
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 3 deletions.
diff --git a/packages/core/src/core.ts b/packages/core/src/core.ts
@@ -234,7 +234,15 @@ class ThresholdKey implements ITKey {
 
     if (p.delete1OutOf1 && !this.manualSync) throw CoreError.delete1OutOf1OnlyManualSync();
 
-    const { withShare, importKey, neverInitializeNewKey, transitionMetadata, previouslyFetchedCloudMetadata, previousLocalMetadataTransitions } = p;
+    const {
+      withShare,
+      importKey,
+      importEd25519Seed,
+      neverInitializeNewKey,
+      transitionMetadata,
+      previouslyFetchedCloudMetadata,
+      previousLocalMetadataTransitions,
+    } = p;
 
     const previousLocalMetadataTransitionsExists =
       previousLocalMetadataTransitions && previousLocalMetadataTransitions[0].length > 0 && previousLocalMetadataTransitions[1].length > 0;
@@ -272,7 +280,7 @@ class ThresholdKey implements ITKey {
 
         // check for serviceprovider migratableKey for import key from service provider for new user
         // provided no importKey is provided ( importKey take precedent )
-        if (this.serviceProvider.migratableKey && !importKey) {
+        if (this.serviceProvider.migratableKey && !(importKey || importEd25519Seed)) {
           // importkey from server provider need to be atomic, hence manual sync is required.
           const tempStateManualSync = this.manualSync; // temp store manual sync flag
           this.manualSync = true; // Setting this as true since _initializeNewKey has a check where for importkey from server provider need to be atomic, hence manual sync is required.
@@ -285,7 +293,7 @@ class ThresholdKey implements ITKey {
             initializeModules: true,
             importedKey: importKey,
             delete1OutOf1: p.delete1OutOf1,
-            importEd25519Seed: params?.importEd25519Seed,
+            importEd25519Seed,
           });
         }
 

diff --git a/packages/default/test/ed25519/ed25519.ts b/packages/default/test/ed25519/ed25519.ts
@@ -53,6 +53,48 @@ export function ed25519Tests(params: { manualSync: boolean; torusSP: TorusServic
       } catch (error) {}
     });
 
+    it("should import key for ed25519", async function () {
+      // Test with migratable key.
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      (customSP as any).migratableKey = generatePrivateBN();
+
+      const tb2 = new ThresholdKey({ serviceProvider: customSP, storageLayer: customSL, manualSync });
+      const ed = randomBytes(32);
+      await tb2.initialize({ importEd25519Seed: ed });
+
+      const share = await tb2.generateNewShare();
+      if (manualSync) {
+        await tb2.syncLocalMetadataTransitions();
+      }
+
+      // Check exported seed = imported seed.
+      {
+        await tb2.reconstructKey();
+        const edExported = tb2.getEd25519Key();
+        assert.strictEqual(ed.toString("hex"), edExported.toString("hex"));
+      }
+
+      const newInstance = new ThresholdKey({ serviceProvider: customSP, storageLayer: customSL, manualSync });
+      await newInstance.initialize();
+      const edPub = newInstance.getEd25519PublicKey();
+      try {
+        newInstance.getEd25519Key();
+        assert.fail("should not be able to get ed25519 key");
+      } catch (error) {}
+
+      newInstance.inputShareStore(share.newShareStores[share.newShareIndex.toString("hex")]);
+      await newInstance.reconstructKey();
+
+      assert.strictEqual(ed.toString("hex"), newInstance.getEd25519Key().toString("hex"));
+      assert.strictEqual(edPub, newInstance.getEd25519PublicKey());
+      // should not able to reinitialize with import key
+      const instance3 = new ThresholdKey({ serviceProvider: customSP, storageLayer: customSL, manualSync });
+      try {
+        await instance3.initialize({ importKey: generatePrivateBN(), importEd25519Seed: randomBytes(32) });
+        assert.fail("should not be able to reinitialize with import key");
+      } catch (error) {}
+    });
+
     it("should import key for ed25519 and secp256k1", async function () {
       const tb2 = new ThresholdKey({ serviceProvider: customSP, storageLayer: customSL, manualSync });
       const secp = generatePrivateBN();

diff --git a/packages/default/test/shared.js b/packages/default/test/shared.js
@@ -66,6 +66,7 @@ function compareReconstructedKeys(a, b, message) {
 export const sharedTestCases = (mode, torusSP, storageLayer) => {
   const customSP = torusSP;
   const customSL = storageLayer;
+
   describe("tkey", function () {
     let tb;
 
@@ -1402,6 +1403,7 @@ export const sharedTestCases = (mode, torusSP, storageLayer) => {
       }
     });
   });
+
   describe("tkey error cases", function () {
     let tb;
     let resp1;