From b26ec47f23a6dd69957af200b76589ca72edcb42 Mon Sep 17 00:00:00 2001
From: Pranav Jain <pranavjain@bitgo.com>
Date: Wed, 10 Jun 2026 21:29:17 +0000
Subject: [PATCH 1/2] feat(gha): add @claude PR reviews to AKM

Wire up the github-ai-assistant reusable workflow to run an
AKM-specific code review prompt on every @claude mention in
a PR. Add code_review_prompt_path and always_apply_review_prompt
so the review fires for any @claude invocation, with the
user's words adding emphasis on top of the default checklist.

The review prompt covers the areas most critical to this repo:
cryptographic / key-management safety, MPC protocol sequencing,
mTLS config, monetary-math correctness, and test coverage.

Ticket: WAL-1545
Session-Id: 370d5696-0241-42b2-9607-273a4cd2ed99
Task-Id: d63c168d-4c13-4704-bf9e-61f2c30b9985
---
 .github/prompts/code-review.md     | 64 ++++++++++++++++++++++++++++++
 .github/workflows/claude-code.yaml |  3 ++
 2 files changed, 67 insertions(+)
 create mode 100644 .github/prompts/code-review.md

diff --git a/.github/prompts/code-review.md b/.github/prompts/code-review.md
new file mode 100644
index 00000000..f8908e5e
--- /dev/null
+++ b/.github/prompts/code-review.md
@@ -0,0 +1,64 @@
+## Task
+
+Review this pull request thoroughly. Cover:
+
+### Correctness & Logic
+
+- Control flow, edge cases, and error propagation across both `advanced-wallet-manager`
+  and `master-express` modes
+- mTLS certificate loading, validation, and fingerprint-checking paths
+- Key generation and signing correctness — no silent failures or swallowed errors
+
+### Cryptographic & Key Management Safety
+
+- **Never approve code that logs, serializes, or transmits private key material,
+  mnemonics, or key shares in plaintext** — flag as Critical
+- MPC/DKG/DSG round sequencing: ensure protocol state machines advance in the correct
+  order and cannot be replayed or skipped
+- EdDSA and ECDSA signing paths: verify that the correct key share type is used and
+  that partial signatures are assembled correctly
+- Recovery paths: confirm that recovery operations use backup key material correctly
+  and do not weaken the key custody model
+
+### Resiliency & External I/O
+
+- Key-provider client calls are treated as unreliable: timeouts, retries, and response
+  validation must be present
+- HTTP/mTLS connections to the Advanced Wallet Manager from Master Express: verify
+  error handling for network failures and unexpected status codes
+- No floats for coin amounts — all monetary/crypto math must use BigNumber, BigInt,
+  or string arithmetic
+
+### Security
+
+- Input validation on all route handlers (`ValidationError` for bad input, not 500s)
+- No injection vectors (path traversal, command injection, prototype pollution)
+- Certificate paths and environment variables sourced only from trusted config, not
+  request data
+- Secrets and credentials are never written to logs
+
+### API & Contract
+
+- Public endpoint behavior changes are backwards-compatible or explicitly documented
+  as breaking
+- Response shapes conform to the `error` / `details` error format
+- Route params (`:coin`, `:walletId`, `:txRequestId`, `:shareType`) are validated
+  before use
+
+### Test Coverage
+
+- Changed signing/key-management paths have unit tests covering happy path, error
+  paths, and protocol edge cases
+- mTLS config changes are covered by integration-test scenarios where applicable
+
+### General
+
+- TypeScript strictness — no unsafe `any` casts or missing null checks in hot paths
+- Logging is meaningful and does not leak sensitive payload data
+
+## Context
+
+- Repository: ${{ github.repository }}
+- PR/Issue: ${{ github.event.issue.number || github.event.pull_request.number }}
+- This is a cryptographic signing server. Treat correctness and key-safety findings
+  with maximum scrutiny — a bug here can result in loss of customer funds.
diff --git a/.github/workflows/claude-code.yaml b/.github/workflows/claude-code.yaml
index 485bfef3..f08e37cf 100644
--- a/.github/workflows/claude-code.yaml
+++ b/.github/workflows/claude-code.yaml
@@ -18,3 +18,6 @@ jobs:
   claude-code:
     name: Invoke Claude Code AI assistant
     uses: BitGo/github-ai-assistant/.github/workflows/claude.yaml@v1
+    with:
+      code_review_prompt_path: .github/prompts/code-review.md
+      always_apply_review_prompt: true

From 4ebc5d294a140164ccec2cf2177f8e298aa41288 Mon Sep 17 00:00:00 2001
From: Pranav Jain <pranavjain@bitgo.com>
Date: Thu, 11 Jun 2026 13:31:19 -0400
Subject: [PATCH 2/2] feat(gha): restrict @claude to org members on public repo

Prevent unauthorized invocation by external contributors by gating
on OWNER/MEMBER author_association.

WAL-1545
---
 .github/workflows/claude-code.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/claude-code.yaml b/.github/workflows/claude-code.yaml
index f08e37cf..3d3fc1e2 100644
--- a/.github/workflows/claude-code.yaml
+++ b/.github/workflows/claude-code.yaml
@@ -17,6 +17,9 @@ on:
 jobs:
   claude-code:
     name: Invoke Claude Code AI assistant
+    if: |
+      github.event.comment.author_association == 'OWNER' ||
+      github.event.comment.author_association == 'MEMBER'
     uses: BitGo/github-ai-assistant/.github/workflows/claude.yaml@v1
     with:
       code_review_prompt_path: .github/prompts/code-review.md