Skip to content

fix(sdk-core): persist passkey for onchain generateWallet#8989

Merged
rajangarg047 merged 1 commit into
masterfrom
rajangarg047/wcn-870-m2-sdk-persist-passkey-for-onchain-walletsgeneratewallet
Jun 11, 2026
Merged

fix(sdk-core): persist passkey for onchain generateWallet#8989
rajangarg047 merged 1 commit into
masterfrom
rajangarg047/wcn-870-m2-sdk-persist-passkey-for-onchain-walletsgeneratewallet

Conversation

@rajangarg047

@rajangarg047 rajangarg047 commented Jun 10, 2026

Copy link
Copy Markdown
Contributor

Summary

Fixes WCN-870. The onchain hot-wallet path of wallets.generateWallet built the deprecated webauthnDevices array on the user keychain. The backend's atomic POST /api/v2/:coin/key only consumes webauthnInfo (a single object, with enterpriseId for PRF-salt validation) and ignores webauthnDevices on input — so the passkey was never persisted for onchain wallets created via generateWallet.

This switches that path to send webauthnInfo: { otpDeviceId, prfSalt, encryptedPrv, enterpriseId } (threading params.enterprise), matching the keychains.add contract the backend actually consumes. Same bug class fixed for the MPC/TSS utils in WCN-848.

Exposure

  • Retail — not affected (uses coinKeychain.add({ webauthnInfo }) + createMpc directly).
  • TSS branch of generateWallet — fine, routes through createMpc (WCN-848).
  • Onchain hot wallets via generateWallet({ webauthnInfo }) (mobile, Express, scripts, partners) — fixed here.

Changes

  • modules/sdk-core/src/bitgo/wallet/wallets.ts — send webauthnInfo (with enterpriseId) instead of webauthnDevices.
  • modules/sdk-core/test/unit/bitgo/wallet/walletsWebauthn.ts — assert webauthnInfo + enterpriseId; negative tests assert neither field present.

Verification

  • cd modules/sdk-core && yarn unit-test --grep "WebAuthn" — 7 passing
  • yarn build (tsc) — clean
  • eslint — 0 errors

🤖 Generated with Claude Code

@rajangarg047 @claude
fix(sdk-core): persist passkey for onchain generateWallet
cb63106 
Switch the onchain generateWallet user-keychain path to send
`webauthnInfo` (single object, with enterpriseId threaded from
params.enterprise) instead of the deprecated `webauthnDevices` array.
The backend's atomic POST /key only consumes `webauthnInfo` and ignores
`webauthnDevices` on input, so the passkey was never persisted for
onchain hot wallets created via generateWallet.

Update walletsWebauthn unit tests to assert webauthnInfo (with
enterpriseId) instead of webauthnDevices.

Ticket: WCN-870

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@rajangarg047 rajangarg047 requested review from a team as code owners June 10, 2026 18:19
@linear-code

linear-code Bot commented Jun 10, 2026

Copy link
Copy Markdown

WCN-870

@rajangarg047 rajangarg047 merged commit c8a1310 into master Jun 11, 2026
22 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mukeshsp mukeshsp mukeshsp approved these changes

@margueriteblair margueriteblair Awaiting requested review from margueriteblair margueriteblair is a code owner automatically assigned from BitGo/wallet-core

@lokesh-bitgo lokesh-bitgo Awaiting requested review from lokesh-bitgo lokesh-bitgo is a code owner automatically assigned from BitGo/wallet-core-india

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rajangarg047 @mukeshsp