seperate useDKG and client side mpc key flags

Web3Auth · Sep 9, 2024 · e64adc6 · e64adc6
1 parent aa8ca1e
commit e64adc6
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 3 deletions.
diff --git a/src/helper/errors.ts b/src/helper/errors.ts
@@ -134,6 +134,7 @@ class CoreKitError extends AbstractCoreKitError {
     1004: "OAuth login is NOT supported in this UX mode.",
     1005: "No valid storage option found.",
     1006: "No data found in storage.",
+    1007: "Invalid config.",
 
     // TSS and key management errors
     1101: "'tssLib' is required when running in this UX mode.",
@@ -210,6 +211,10 @@ class CoreKitError extends AbstractCoreKitError {
     return CoreKitError.fromCode(1006, extraMessage);
   }
 
+  public static invalidConfig(extraMessage = ""): ICoreKitError {
+    return CoreKitError.fromCode(1007, extraMessage);
+  }
+
   // TSS and key management errors
   public static tssLibRequired(extraMessage = ""): ICoreKitError {
     return CoreKitError.fromCode(1101, extraMessage);

diff --git a/src/interfaces.ts b/src/interfaces.ts
@@ -412,9 +412,20 @@ export interface Web3AuthOptions {
   /**
    * Set this flag to false to generate keys on client side
    * by default keys are generated on using dkg protocol on a distributed network
-   * @defaultValue false if keyType is ed25519, true for secp256k1 keys
+   * Note: This option is not supported for ed25519 key type
+   * @defaultValue `true`
    */
   useDKG?: boolean;
+
+  /**
+   * @defaultValue `false` for secp256k1 and `true` for ed25519
+   * Set this flag to true to use the client generated key for signing
+   * Note: This option is set to true for ed25519 key type by default to ensure ed25519 mpc key  seed exportablity.
+   * The seed thn can be used for importing user's key other wallets like phantom etc
+   * If you set this flag to false for ed25519 key type, you will not be able to export the seed and
+   * only scalar will be exported, scalar can be used for signing outside of this sdk but not for importing the key in other wallets.
+   */
+  useClientGeneratedKey?: boolean;
 }
 
 export type Web3AuthOptionsWithDefaults = Required<Web3AuthOptions>;

diff --git a/src/mpcCoreKit.ts b/src/mpcCoreKit.ts
@@ -3,7 +3,7 @@ import { CoreError } from "@tkey/core";
 import { ShareSerializationModule } from "@tkey/share-serialization";
 import { TorusStorageLayer } from "@tkey/storage-layer-torus";
 import { factorKeyCurve, getPubKeyPoint, lagrangeInterpolation, TKeyTSS, TSSTorusServiceProvider } from "@tkey/tss";
-import { SIGNER_MAP } from "@toruslabs/constants";
+import { KEY_TYPE, SIGNER_MAP } from "@toruslabs/constants";
 import { AGGREGATE_VERIFIER, TORUS_METHOD, TorusAggregateLoginResponse, TorusLoginResponse, UX_MODE } from "@toruslabs/customauth";
 import type { UX_MODE_TYPE } from "@toruslabs/customauth/dist/types/utils/enums";
 import { Ed25519Curve } from "@toruslabs/elliptic-wrapper";
@@ -205,6 +205,10 @@ export class Web3AuthMPCCoreKit implements ICoreKit {
     return this.keyType === KeyType.ed25519 && this.options.useDKG === undefined ? false : this.options.useDKG;
   }
 
+  private get useClientGeneratedKey(): boolean {
+    return this.keyType === KeyType.ed25519 && this.options.useDKG === undefined ? true : !!this.options.useDKG;
+  }
+
   // RecoverTssKey only valid for user that enable MFA where user has 2 type shares :
   // TssShareType.DEVICE and TssShareType.RECOVERY
   // if the factors key provided is the same type recovery will not works
@@ -245,6 +249,10 @@ export class Web3AuthMPCCoreKit implements ICoreKit {
       throw CoreKitError.nodeDetailsRetrievalFailed();
     }
 
+    if (this.keyType === KEY_TYPE.ED25519 && this.useDKG !== undefined) {
+      throw CoreKitError.invalidConfig("DKG is not supported for ed25519 key type");
+    }
+
     this.torusSp = new TSSTorusServiceProvider({
       customAuthArgs: {
         web3AuthClientId: this.options.web3AuthClientId,
@@ -887,7 +895,7 @@ export class Web3AuthMPCCoreKit implements ICoreKit {
     const existingUser = await this.isMetadataPresent(this.state.postBoxKey);
     let importTssKey = providedImportTssKey;
     if (!existingUser) {
-      if (!importTssKey && !this.useDKG) {
+      if (!importTssKey && this.useClientGeneratedKey) {
         if (this.keyType === KeyType.ed25519) {
           const k = generateEd25519Seed();
           importTssKey = k.toString("hex");