fix: use tkeyStoreItem

tkey · Feb 29, 2024 · f41f00b · f41f00b
1 parent ed82887
commit f41f00b
Show file tree

Hide file tree

Showing 3 changed files with 58 additions and 57 deletions.
diff --git a/packages/core/src/core.ts b/packages/core/src/core.ts
@@ -69,7 +69,8 @@ import {
 } from "./lagrangeInterpolatePolynomial";
 import Metadata from "./metadata";
 // TODO: handle errors for get and set with retries
-// export const TSS_MODULE = "tssModule";
+export const TSS_MODULE = "tssModule";
+export const ACCOUNTSALT = "accountSalt";
 
 class ThresholdKey implements ITKey {
   modules: ModuleMap;
@@ -305,10 +306,13 @@ class ThresholdKey implements ITKey {
         if (useTSS) {
           const { factorEncs, factorPubs, tssPolyCommits } = await this._initializeNewTSSKey(this.tssTag, deviceTSSShare, factorPub, deviceTSSIndex);
 
-          const { encryptedSalt } = await this.generateSaltAndEncrypted(this.privKey);
-          this.metadata.addTSSData({ tssTag: this.tssTag, tssNonce: 0, tssPolyCommits, factorPubs, factorEncs, encryptedSalt });
-          const salt = await this.getAccountSalt(this.privKey);
-          this._accountSalt = salt;
+          this.metadata.addTSSData({ tssTag: this.tssTag, tssNonce: 0, tssPolyCommits, factorPubs, factorEncs });
+          const accountSalt = generateSalt();
+          await this._setTKeyStoreItem(TSS_MODULE, {
+            id: "accountSalt",
+            value: accountSalt,
+          });
+          this._accountSalt = accountSalt;
         }
         return this.getKeyDetails();
       }
@@ -623,15 +627,16 @@ class ThresholdKey implements ITKey {
     // only valid for use Tss
     // assign account salt from tKey store if it exists
     if (Object.keys(this.metadata.tssPolyCommits).length > 0) {
-      const accountSalt = await this.getAccountSalt(privKey);
-
-      if (accountSalt) {
-        this._accountSalt = accountSalt;
+      const accountSalt = await this.getTKeyStoreItem(TSS_MODULE, "accountSalt");
+      if (accountSalt && accountSalt.value) {
+        this._accountSalt = accountSalt.value;
       } else {
-        const { salt, encryptedSalt } = await this.generateSaltAndEncrypted(privKey);
-        this.metadata.addTSSData({ tssTag: this.tssTag, encryptedSalt });
-        this._accountSalt = salt;
-        await this._syncShareMetadata();
+        const newSalt = generateSalt();
+        await this._setTKeyStoreItem(TSS_MODULE, {
+          id: "accountSalt",
+          value: newSalt,
+        });
+        this._accountSalt = newSalt;
         // this is very specific case where exisiting user do not have salt.
         // sync metadata to cloud to ensure salt is stored incase of manual sync mode
         // new user or importKey should not hit this cases
@@ -926,23 +931,28 @@ class ThresholdKey implements ITKey {
           serverEncs: refreshResponse.serverFactorEncs,
         };
       }
-      let accountSalt = await this.getAccountSalt(this.privKey);
-      let encryptedAccountSalt;
-      if (!accountSalt) {
-        const { salt, encryptedSalt } = await this.generateSaltAndEncrypted(this.privKey);
-        accountSalt = salt;
-        encryptedAccountSalt = encryptedSalt;
-      }
       this.metadata.addTSSData({
         tssTag: this.tssTag,
         tssNonce: newTssNonce,
         tssPolyCommits: newTSSCommits,
         factorPubs,
         factorEncs,
-        encryptedSalt: encryptedAccountSalt,
       });
-      this._accountSalt = accountSalt;
-      if (updateMetadata) await this._syncShareMetadata();
+      if (!this._accountSalt) {
+        const accountSalt = generateSalt();
+        // tkeyStoreItem already syncMetadata
+        await this._setTKeyStoreItem(
+          TSS_MODULE,
+          {
+            id: "accountSalt",
+            value: accountSalt,
+          },
+          updateMetadata
+        );
+        this._accountSalt = accountSalt;
+      } else if (updateMetadata) {
+        await this._syncShareMetadata();
+      }
     } catch (error) {
       this.tssTag = oldTag;
       throw error;
@@ -1830,7 +1840,7 @@ class ThresholdKey implements ITKey {
     return decrypt(toPrivKeyECC(this.privKey), encryptedMessage);
   }
 
-  async _setTKeyStoreItem(moduleName: string, data: TkeyStoreItemType): Promise<void> {
+  async _setTKeyStoreItem(moduleName: string, data: TkeyStoreItemType, updateMetadata: boolean = true): Promise<void> {
     if (!this.metadata) {
       throw CoreError.metadataUndefined();
     }
@@ -1851,7 +1861,7 @@ class ThresholdKey implements ITKey {
 
     // update metadataStore
     this.metadata.setTkeyStoreDomain(moduleName, rawTkeyStoreItems);
-    await this._syncShareMetadata();
+    if (updateMetadata) await this._syncShareMetadata();
   }
 
   async _deleteTKeyStoreItem(moduleName: string, id: string): Promise<void> {
@@ -2039,24 +2049,24 @@ class ThresholdKey implements ITKey {
   }
 
   //
-  private async generateSaltAndEncrypted(privKey: BN): Promise<{ salt: string; encryptedSalt: EncryptedMessage }> {
-    if (!privKey) {
-      throw CoreError.privateKeyUnavailable();
-    }
-
-    const salt = generateSalt();
-    const encryptedSalt = await encrypt(getPubKeyECC(privKey), Buffer.from(salt, "hex"));
-    return { salt, encryptedSalt };
-  }
-
-  private async getAccountSalt(privKey: BNString): Promise<string | undefined> {
-    if (this._accountSalt) return this._accountSalt;
-    if (Object.keys(this.metadata.encryptedSalt).length) {
-      const decryptedSalt = await decrypt(toPrivKeyECC(privKey), this.metadata.encryptedSalt as EncryptedMessage);
-      return decryptedSalt.toString("hex");
-    }
-    return undefined;
-  }
+  // private async generateSaltAndEncrypted(privKey: BN): Promise<{ salt: string; encryptedSalt: EncryptedMessage }> {
+  //   if (!privKey) {
+  //     throw CoreError.privateKeyUnavailable();
+  //   }
+
+  //   const salt = generateSalt();
+  //   const encryptedSalt = await encrypt(getPubKeyECC(privKey), Buffer.from(salt, "hex"));
+  //   return { salt, encryptedSalt };
+  // }
+
+  // private async getAccountSalt(privKey: BNString): Promise<string | undefined> {
+  //   if (this._accountSalt) return this._accountSalt;
+  //   if (Object.keys(this.metadata.encryptedSalt).length) {
+  //     const decryptedSalt = await decrypt(toPrivKeyECC(privKey), this.metadata.encryptedSalt as EncryptedMessage);
+  //     return decryptedSalt.toString("hex");
+  //   }
+  //   return undefined;
+  // }
 }
 
 export default ThresholdKey;
diff --git a/packages/core/src/metadata.ts b/packages/core/src/metadata.ts
@@ -68,14 +68,11 @@ class Metadata implements IMetadata {
     };
   };
 
-  encryptedSalt?: EncryptedMessage | Record<string, unknown>;
-
   constructor(input: Point) {
     this.tssPolyCommits = {};
     this.tssNonces = {};
     this.factorPubs = {};
     this.factorEncs = {};
-    this.encryptedSalt = {};
     this.publicPolynomials = {};
     this.publicShares = {};
     this.generalStore = {};
@@ -87,8 +84,7 @@ class Metadata implements IMetadata {
   }
 
   static fromJSON(value: StringifiedType): Metadata {
-    const { pubKey, polyIDList, generalStore, tkeyStore, scopedStore, nonce, tssNonces, tssPolyCommits, factorPubs, factorEncs, encryptedSalt } =
-      value;
+    const { pubKey, polyIDList, generalStore, tkeyStore, scopedStore, nonce, tssNonces, tssPolyCommits, factorPubs, factorEncs } = value;
     const point = Point.fromCompressedPub(pubKey);
     const metadata = new Metadata(point);
     const unserializedPolyIDList: PolyIDAndShares[] = [];
@@ -117,8 +113,6 @@ class Metadata implements IMetadata {
     }
     if (factorEncs) metadata.factorEncs = factorEncs;
 
-    if (encryptedSalt) metadata.encryptedSalt = encryptedSalt;
-
     for (let i = 0; i < polyIDList.length; i += 1) {
       const serializedPolyID: string = polyIDList[i];
       const arrPolyID = serializedPolyID.split("|");
@@ -195,14 +189,12 @@ class Metadata implements IMetadata {
     factorEncs?: {
       [factorPubID: string]: FactorEnc;
     };
-    encryptedSalt?: EncryptedMessage;
   }): void {
-    const { tssTag, tssNonce, tssPolyCommits, factorPubs, factorEncs, encryptedSalt } = tssData;
+    const { tssTag, tssNonce, tssPolyCommits, factorPubs, factorEncs } = tssData;
     if (tssNonce !== undefined) this.tssNonces[tssTag] = tssNonce;
     if (tssPolyCommits) this.tssPolyCommits[tssTag] = tssPolyCommits;
     if (factorPubs) this.factorPubs[tssTag] = factorPubs;
     if (factorEncs) this.factorEncs[tssTag] = factorEncs;
-    if (encryptedSalt && Object.keys(this.encryptedSalt).length === 0) this.encryptedSalt = encryptedSalt;
   }
 
   // appends shares and public polynomial to metadata.
@@ -346,7 +338,6 @@ class Metadata implements IMetadata {
       ...(this.tssPolyCommits && { tssPolyCommits: this.tssPolyCommits }),
       ...(this.factorPubs && { factorPubs: this.factorPubs }),
       ...(this.factorEncs && { factorEncs: this.factorEncs }),
-      ...(this.encryptedSalt && { encryptedSalt: this.encryptedSalt }),
     };
   }
 }

diff --git a/packages/default/test/RefreshAndAccountIndex.js b/packages/default/test/RefreshAndAccountIndex.js
@@ -8,7 +8,7 @@ import ThresholdKey from "../src/index";
 import { assignTssDkgKeys, computeIndexedPrivateKey, fetchPostboxKeyAndSigs, getMetadataUrl, initStorageLayer } from "./helpers";
 
 const metadataURL = getMetadataUrl();
-
+const TSS_MODULE = "tssModule";
 // eslint-disable-next-line mocha/no-exports
 export const refreshAndAccountIndex = (customSP, manualSync, resetAccountSalt) => {
   const mode = manualSync;
@@ -52,8 +52,8 @@ export const refreshAndAccountIndex = (customSP, manualSync, resetAccountSalt) =
       const tss0ShareIndex2 = await tb0.getTSSShare(factorKey, { accountIndex: 2 });
       const tss0ShareIndex99 = await tb0.getTSSShare(factorKey, { accountIndex: 99 });
       if (resetAccountSalt) {
-        // eslint-disable-next-line require-atomic-updates
-        tb0.metadata.encryptedSalt = {};
+        // tb0.metadata.encryptedSalt = {};
+        await tb0._deleteTKeyStoreItem(TSS_MODULE, "accountSalt");
       }
 
       const newShare = await tb0.generateNewShare();