feat: implement safe createSafeKeys and finalize orchestrator#9267
Conversation
fb32a95 to
381be89
Compare
|
Claude finished @davidkaplanbitgo's task —— View job Code Review: Safe CreateSafeKeys and Finalize OrchestratorThis PR implements Phase 2 (root key ceremonies) and Phase 3 (finalize) of safe creation in sdk-core, along with the ✅ Strengths1. Well-Structured Architecture
2. Comprehensive Safe ID Threading
3. Robust Error Handling
4. Good Test Coverage
🔍 Areas for Improvement1. Type Safety ( const [secp256k1Multisig, ecdsaMpc, eddsaMpc, ed25519Multisig] = results.map(
(result) => (result as PromiseFulfilledResult<RootKeyTriplet>).value
);Issue: Unsafe type assertion assumes all results are fulfilled, but 2. Error Aggregation Logic ( 3. Network Detection ( const network = Environments[this.bitgo.getEnv()].network === 'bitcoin' ? 'mainnet' : 'testnet';This hardcoded logic may not scale if new environments are added. Consider a more explicit mapping. 🔧 Technical Implementation1. MPC Integration
2. Interface Extensions
3. Coin Routing
🛡️ Security Considerations1. Safe Archival on Failure 2. Ceremony Isolation 3. Parameter Threading 📝 Minor Suggestions
✨ Overall AssessmentThis is a well-implemented feature that successfully orchestrates multiple complex cryptographic ceremonies while maintaining proper error handling and cleanup. The code follows BitGoJS patterns and maintains backwards compatibility. The implementation correctly handles the challenging requirement of running 4 different key generation ceremonies in parallel while ensuring atomic success/failure semantics. Recommendation: ✅ APPROVE - This PR is ready for merge after addressing the type safety concern in the results mapping. 🔗 Links: Job Run | Branch: davidkaplan/wcn-1192-safe-createkeys |
|
Addressed the type-safety point and clarified the network logic; leaving the rest as-is with rationale below. Addressed
Not worth changing (with reasons)
|
Implement Phase 2 (root key ceremonies) and Phase 3 (finalize) of safe creation in sdk-core, plus the generateSafe orchestrator chaining all three phases. createSafeKeys runs the 4 root ceremonies in parallel, tagged with safeId, and returns the 12 key ids as ordered [user, backup, bitgo] triplets: - 2.1 multisig roots (secp256k1Multisig, ed25519Multisig): local user/backup keypairs + BitGo key via the existing keychain flows. - 2.2 MPC roots (ecdsaMpc DKLS, eddsaMpc EdDSA): the existing MPCv2 ceremonies via createMpc. If any ceremony fails, the partially-created safe is archived and an error listing every ceremony failure is thrown, so a failed run leaves no half-created safe behind. Thread an optional safeId through the shared key-generation paths: keychains.add/createMpc, the ecdsa/eddsa MPCv2 createKeychains ceremonies (round 1 generatekey envelope + participant registration), and their key-gen senders. Legacy MPCv1 paths accept and ignore safeId for signature compatibility. finalizeSafe posts the rootKeys to the finalize route using the existing public-types codec; generateSafe chains init -> keys -> finalize. WCN-1192
381be89 to
a1f488e
Compare
|
@claude re-review and look at the comments to see if everything was either changed or addressed |
|
Claude finished @davidkaplanbitgo's task —— View job Re-Review: Safe CreateSafeKeys Implementation ✅Re-reviewing the implementation and author's responses to previous feedback: Todo List
✅ Author Successfully Addressed Previous Concerns1. Type Safety Issue RESOLVED ( // Single pass over the settled results: `status === 'fulfilled'` narrows `.value` to a
// RootKeyTriplet (no cast needed), and rejections are collected per-slot for the error below.
const hot = {} as SafeKeys['rootKeys']['hot'];
const failures: string[] = [];
results.forEach((result, i) => {
if (result.status === 'fulfilled') {
hot[slots[i]] = result.value; // ← TypeScript correctly narrows this to RootKeyTriplet
} else {
// ... handle rejections
}
});This is much safer than the previous 2. @experimental Markings ADDED
✅ Author's Rationale for Unchanged Items is Sound1. Error Aggregation Pattern - Correctly kept local (6 lines, single caller, YAGNI principle) 🔍 Code Quality AssessmentStrengths Maintained:
Implementation Details:
🛡️ Security & Reliability
✨ Final AssessmentEXCELLENT - The author has successfully addressed all technical concerns from the previous review:
This implementation demonstrates:
Recommendation: ✅ STRONG APPROVAL - This PR successfully implements the safe creation orchestrator with high code quality, proper error handling, and excellent attention to the review feedback. Ready for merge. 🔗 Links: Job Run | Branch: davidkaplan/wcn-1192-safe-createkeys |
zahin-mohammad
left a comment
There was a problem hiding this comment.
lgtm, just need to check the multisig ed representative coin
Implement Phase 2 (root key ceremonies) and Phase 3 (finalize) of safe creation in sdk-core, plus the generateSafe orchestrator chaining all three phases.
createSafeKeys runs the 4 root ceremonies tagged with safeId and returns the 12 key ids as ordered [user, backup, bitgo] triplets:
Thread an optional safeId through the shared key-generation paths: keychains.add/createMpc, the ecdsa/eddsa MPCv2 createKeychains ceremonies (round 1 generatekey envelope + participant registration), and their key-gen senders. Legacy MPCv1 paths accept and ignore safeId for signature compatibility.
finalizeSafe posts the rootKeys to the finalize route using the existing public-types codec; generateSafe chains init -> keys -> finalize.
WCN-1192