Conversation
Ticket: WCI-634 Adds a full 3-round DSG round-trip test for the EdDSA MPCv2 external-signer path to externalSign.ts, filling the last gap in the external-signer test matrix (legacy EdDSA v1, ECDSA MPCv2, and EdDSA MPCv2 are now all covered). - Generates real DKG key shares via MPSUtil.generateEdDsaDKGKeyShares() - Drives handleV2GenerateShareTSS for Round1→2→3 with real WASM sessions - Adds signBitgoEddsaMPCv2Round1/2/3 helpers (BitGo-side DSG simulator) using EddsaMPSDsg.DSG + MPSComms stubs, mirroring signBitgoMPCv2Round1/2/3 - GPG layer is stubbed (MPSComms.detachSignMpsMessage/verifyMpsMessage) so the test exercises only the WASM DSG protocol without requiring openpgp or @noble/curves as direct express dependencies — consistent with how the legacy EdDSA v1 test uses only SDK-level abstractions - Final assertion verifies the Ed25519 signature cryptographically via Node.js built-in crypto.verify against the BIP-32-derived public key (deriveUnhardenedMps), consistent with MPC.verify in the legacy EdDSA v1 test and DklsUtils.verifyAndConvertDklsSignature in the ECDSA MPCv2 test Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
mrdanish26
approved these changes
Jun 4, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
modules/express/test/unit/clientRoutes/externalSign.tscommitment/R/G), ECDSA MPCv2, and EdDSA MPCv2 are now all coveredsignBitgoEddsaMPCv2Round1/2/3BitGo-side DSG simulator helpers, the EdDSA analog of the existingsignBitgoMPCv2Round1/2/3(ECDSA)Approach
The test drives
handleV2GenerateShareTSSthrough all three rounds with real WASM sessions (MPSUtil.generateEdDsaDKGKeyShares+EddsaMPSDsg.DSG). The GPG comms layer (MPSComms.detachSignMpsMessage/verifyMpsMessage) is stubbed so the test exercises only the WASM DSG protocol without requiringopenpgpor@noble/curvesas direct express dependencies — consistent with how the legacy EdDSA v1 test uses only SDK-level abstractions (MPC.keyShare,MPC.verify) and the ECDSA MPCv2 test usesDklsCommswhich wraps GPG internally.Final signature is verified cryptographically via Node.js built-in
crypto.verify(Ed25519) against the BIP-32-derived public key (deriveUnhardenedMps), matching the assertion patterns of the other round-trip tests.Test plan
Closes WCI-634