From 2473bec74a39ffcda2bd0da9d85c5ea819f23e4e Mon Sep 17 00:00:00 2001 From: Pranav Jain Date: Wed, 30 Jul 2025 13:07:03 -0400 Subject: [PATCH 1/2] feat(mbe, awm): switch to advanced wallet manager naming BREAKING CHANGE: Enclaved bitgo express name is deprecated. Ticket: WP-5298 --- CLAUDE.md | 41 ++++-- Dockerfile | 4 +- README.md | 85 ++++++------ ...-bitgo-express => advanced-wallet-manager} | 0 masterBitgoExpress.json | 10 +- nodemon.json | 2 +- package-lock.json | 6 +- package.json | 6 +- .../ecdsaUtils.ts | 0 .../nonRecovery.test.ts | 12 +- .../postIndependentKey.test.ts | 10 +- .../postMpcV2Key.test.ts | 10 +- .../recoveryMpcV2.test.ts | 10 +- .../recoveryMultisigTransaction.test.ts | 14 +- .../recoveryMusigEth.test.ts | 10 +- .../signMpcRecoveryTransaction.test.ts | 10 +- .../signMpcTransaction.test.ts | 10 +- .../signMultisigTransaction.test.ts | 10 +- src/__tests__/api/master/accelerate.test.ts | 8 +- src/__tests__/api/master/consolidate.test.ts | 8 +- .../api/master/consolidateUnspents.test.ts | 8 +- src/__tests__/api/master/ecdsa.test.ts | 20 +-- src/__tests__/api/master/eddsa.test.ts | 27 ++-- .../api/master/generateWallet.test.ts | 63 +++++---- .../api/master/musigRecovery.test.ts | 10 +- src/__tests__/api/master/nonRecovery.test.ts | 16 ++- .../recoveryConsolidationsWallet.test.ts | 28 ++-- .../api/master/recoveryWallet.test.ts | 36 ++--- .../api/master/recoveryWalletMpcV2.test.ts | 20 +-- src/__tests__/api/master/sendMany.test.ts | 35 ++--- .../api/master/signAndSendTxRequest.test.ts | 8 +- src/__tests__/config.test.ts | 117 ++++++++-------- ...t.pem => advanced-wallet-manager-cert.pem} | 0 src/__tests__/routes.test.ts | 10 +- .../routers/advancedWalletManagerApiSpec.ts} | 95 ++++++------- .../routers/healthCheck.ts | 2 +- src/advancedWalletManager/routers/index.ts | 8 ++ ...avedApp.ts => advancedWalletManagerApp.ts} | 30 +++-- .../handlers/ecdsaMPCv2Finalize.ts | 6 +- .../handlers/ecdsaMPCv2Initialize.ts | 6 +- .../handlers/ecdsaMPCv2Recovery.ts | 8 +- .../handlers/ecdsaMPCv2Round.ts | 6 +- .../handlers/postIndependentKey.ts | 4 +- .../handlers/recoveryMultisigTransaction.ts | 8 +- .../handlers/signEddsaRecoveryTransaction.ts | 4 +- .../handlers/signMpcTransaction.ts | 10 +- .../handlers/signMultisigTransaction.ts | 4 +- .../mpcFinalize.ts | 10 +- .../mpcInitialize.ts | 8 +- .../utils.ts | 10 +- ...ient.ts => advancedWalletManagerClient.ts} | 55 ++++---- src/api/master/handlerUtils.ts | 10 +- src/api/master/handlers/ecdsaMPCv2.ts | 46 +++---- src/api/master/handlers/eddsa.ts | 31 +++-- src/api/master/handlers/generateWallet.ts | 22 +-- src/api/master/handlers/handleAccelerate.ts | 6 +- src/api/master/handlers/handleConsolidate.ts | 8 +- .../handlers/handleConsolidateUnspents.ts | 6 +- src/api/master/handlers/handleSendMany.ts | 22 +-- .../handlers/handleSignAndSendTxRequest.ts | 13 +- .../master/handlers/recoverEcdsaWallets.ts | 8 +- .../handlers/recoveryConsolidationsWallet.ts | 8 +- src/api/master/handlers/recoveryWallet.ts | 32 ++--- .../master/handlers/transactionRequests.ts | 10 +- src/api/master/middleware/middleware.ts | 16 +-- ...edExpressHealth.ts => awmExpressHealth.ts} | 60 ++++----- src/api/master/routers/index.ts | 8 +- ...piSpec.ts => masterBitGoExpressApiSpec.ts} | 8 +- src/app.ts | 12 +- src/enclavedBitgoExpress/routers/index.ts | 8 -- src/errors.ts | 12 +- src/initConfig.ts | 109 ++++++++------- src/kms/kmsClient.ts | 30 +++-- src/masterBitGoExpressApp.ts | 127 ++++++++++++++++++ src/masterExpressApp.ts | 4 +- src/routes/advancedWalletManager.ts | 27 ++++ src/routes/enclaved.ts | 27 ---- .../{master.ts => masterBitGoExpress.ts} | 10 +- src/routes/utils.ts | 2 +- src/shared/appUtils.ts | 10 +- src/shared/responseHandler.ts | 6 +- src/shared/types/index.ts | 22 +-- src/types/request.ts | 4 +- 83 files changed, 920 insertions(+), 742 deletions(-) rename bin/{enclaved-bitgo-express => advanced-wallet-manager} (100%) rename src/__tests__/api/{enclaved => advancedWalletManager}/ecdsaUtils.ts (100%) rename src/__tests__/api/{enclaved => advancedWalletManager}/nonRecovery.test.ts (82%) rename src/__tests__/api/{enclaved => advancedWalletManager}/postIndependentKey.test.ts (89%) rename src/__tests__/api/{enclaved => advancedWalletManager}/postMpcV2Key.test.ts (98%) rename src/__tests__/api/{enclaved => advancedWalletManager}/recoveryMpcV2.test.ts (94%) rename src/__tests__/api/{enclaved => advancedWalletManager}/recoveryMultisigTransaction.test.ts (90%) rename src/__tests__/api/{enclaved => advancedWalletManager}/recoveryMusigEth.test.ts (93%) rename src/__tests__/api/{enclaved => advancedWalletManager}/signMpcRecoveryTransaction.test.ts (95%) rename src/__tests__/api/{enclaved => advancedWalletManager}/signMpcTransaction.test.ts (98%) rename src/__tests__/api/{enclaved => advancedWalletManager}/signMultisigTransaction.test.ts (91%) rename src/__tests__/mocks/certs/{enclaved-express-cert.pem => advanced-wallet-manager-cert.pem} (100%) rename src/{enclavedBitgoExpress/routers/enclavedApiSpec.ts => advancedWalletManager/routers/advancedWalletManagerApiSpec.ts} (81%) rename src/{enclavedBitgoExpress => advancedWalletManager}/routers/healthCheck.ts (96%) create mode 100644 src/advancedWalletManager/routers/index.ts rename src/{enclavedApp.ts => advancedWalletManagerApp.ts} (77%) rename src/api/{enclaved => advancedWalletManager}/handlers/ecdsaMPCv2Finalize.ts (93%) rename src/api/{enclaved => advancedWalletManager}/handlers/ecdsaMPCv2Initialize.ts (88%) rename src/api/{enclaved => advancedWalletManager}/handlers/ecdsaMPCv2Recovery.ts (92%) rename src/api/{enclaved => advancedWalletManager}/handlers/ecdsaMPCv2Round.ts (97%) rename src/api/{enclaved => advancedWalletManager}/handlers/postIndependentKey.ts (85%) rename src/api/{enclaved => advancedWalletManager}/handlers/recoveryMultisigTransaction.ts (95%) rename src/api/{enclaved => advancedWalletManager}/handlers/signEddsaRecoveryTransaction.ts (97%) rename src/api/{enclaved => advancedWalletManager}/handlers/signMpcTransaction.ts (96%) rename src/api/{enclaved => advancedWalletManager}/handlers/signMultisigTransaction.ts (87%) rename src/api/{enclaved => advancedWalletManager}/mpcFinalize.ts (94%) rename src/api/{enclaved => advancedWalletManager}/mpcInitialize.ts (94%) rename src/api/{enclaved => advancedWalletManager}/utils.ts (92%) rename src/api/master/clients/{enclavedExpressClient.ts => advancedWalletManagerClient.ts} (92%) rename src/api/master/routers/{enclavedExpressHealth.ts => awmExpressHealth.ts} (53%) rename src/api/master/routers/{masterApiSpec.ts => masterBitGoExpressApiSpec.ts} (99%) delete mode 100644 src/enclavedBitgoExpress/routers/index.ts create mode 100644 src/masterBitGoExpressApp.ts create mode 100644 src/routes/advancedWalletManager.ts delete mode 100644 src/routes/enclaved.ts rename src/routes/{master.ts => masterBitGoExpress.ts} (61%) diff --git a/CLAUDE.md b/CLAUDE.md index 80ceba6..f5e7382 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -5,25 +5,29 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co ## Commands ### Development + - `npm start` - Start the application in development mode using nodemon for auto-reloading - `npm run build` - Build the TypeScript code (creates /dist folder) - `npm run lint` - Run ESLint to check for code issues - `npm run lint:fix` - Run ESLint and automatically fix issues when possible ### Testing + - `npm test` - Run all tests - `npm run test:watch` - Run tests in watch mode - `npm run test:coverage` - Run tests with coverage report - `npm run generate-test-ssl` - Generate self-signed SSL certificates for testing ### Container + - `npm run container:build` - Build the container image using Podman (optionally use --build-arg PORT=3080) ## Architecture Overview -Enclaved BitGo Express is a secure cryptocurrency signing server with two operational modes: +Advanced Wallet Manager is a secure cryptocurrency signing server with two operational modes: + +### 1. Advanced Wallet Manager Mode (`APP_MODE=advanced-wallet-manager`) -### 1. Enclaved Express Mode (`APP_MODE=enclaved`) - Lightweight server focused solely on secure signing operations - Runs on port 3080 by default - Integrates with KMS for key management @@ -31,20 +35,23 @@ Enclaved BitGo Express is a secure cryptocurrency signing server with two operat - Exposes minimal endpoints focused on key generation and signing ### 2. Master Express Mode (`APP_MODE=master-express`) + - Full BitGo API functionality with integrated signing capabilities - Runs on port 3081 by default -- Acts as an API gateway and communicates with Enclaved Express for signing operations +- Acts as an API gateway and communicates with Advanced Wallet Manager for signing operations - Provides a broader set of BitGo wallet operations and transaction handling ### Security Architecture + - Both modes support mutual TLS (mTLS) authentication - Certificates can be loaded from files or environment variables - Client certificate validation for secure communications - Option to validate client certificate fingerprints ### Code Structure + - `src/app.ts` - Main entry point that determines mode and starts the appropriate app -- `src/enclavedApp.ts` - Enclaved Express mode implementation +- `src/advancedWalletManagerApp.ts` - Advanced Wallet Manager mode implementation - `src/masterExpressApp.ts` - Master Express mode implementation - `src/initConfig.ts` - Configuration loading and validation - `src/routes/` - Express routes for both modes @@ -53,23 +60,27 @@ Enclaved BitGo Express is a secure cryptocurrency signing server with two operat - `src/shared/` - Shared utilities and types ### Configuration + Configuration is managed through environment variables with defaults defined in `src/initConfig.ts`. The application requires specific environment variables depending on the mode: #### Common Variables -- `APP_MODE` - Set to "enclaved" or "master-express" + +- `APP_MODE` - Set to "advanced-wallet-manager" or "master-express" - `TLS_MODE` - Set to "mtls" or "disabled" - `BIND` - Address to bind to (default: localhost) - `TIMEOUT` - Request timeout in milliseconds (default: 305000) -#### Enclaved Mode Specific -- `ENCLAVED_EXPRESS_PORT` - Port to listen on (default: 3080) +#### Advanced Wallet Manager Mode Specific + +- `ADVANCED_WALLET_MANAGER_PORT` - Port to listen on (default: 3080) - `KMS_URL` - Required KMS service URL #### Master Express Mode Specific + - `MASTER_EXPRESS_PORT` - Port to listen on (default: 3081) - `BITGO_ENV` - BitGo environment (default: test) -- `ENCLAVED_EXPRESS_URL` - Required URL for the Enclaved Express server -- `ENCLAVED_EXPRESS_CERT` - Required path to Enclaved Express certificate +- `ADVANCED_WALLET_MANAGER_URL` - Required URL for the Advanced Wallet Manager +- `ADVANCED_WALLET_MANAGER_CERT` - Required path to Advanced Wallet Manager certificate ## Abbreviations and Nomenclature @@ -95,7 +106,7 @@ API responses follow a standard error format with `error` and `details` fields. ## API Endpoints -### Enclaved Express (Port 3080) +### Advanced Wallet Manager (Port 3080) #### Health and Information - `POST /ping` - Health check @@ -120,19 +131,23 @@ API responses follow a standard error format with `error` and `details` fields. ### Master Express (Port 3081) #### Health and Status Endpoints + - `POST /ping` - Health check - `GET /version` - Version information -- `POST /ping/enclavedExpress` - Test connection to Enclaved Express -- `GET /version/enclavedExpress` - Get Enclaved Express version information +- `POST /ping/advancedWalletManager` - Test connection to Advanced Wallet Manager +- `GET /version/advancedWalletManager` - Get Advanced Wallet Manager version information #### Wallet Management + - `POST /api/:coin/wallet/generate` - Generate wallet (supports onchain and TSS multisig types) #### Transaction Operations + - `POST /api/:coin/wallet/:walletId/sendMany` - Send transaction with multiple recipients - `POST /api/:coin/wallet/:walletId/accelerate` - Accelerate pending transactions (CPFP/RBF) - `POST /api/:coin/wallet/:walletId/consolidate` - Consolidate wallet addresses - `POST /api/:coin/wallet/:walletId/consolidateunspents` - Consolidate unspent transaction outputs #### Recovery -- `POST /api/:coin/wallet/recovery` - Recover wallet funds \ No newline at end of file + +- `POST /api/:coin/wallet/recovery` - Recover wallet funds diff --git a/Dockerfile b/Dockerfile index efd7b1f..a2b0108 100644 --- a/Dockerfile +++ b/Dockerfile @@ -48,7 +48,7 @@ RUN --mount=type=cache,target=/usr/src/app/.npm-cache \ COPY . . # Build TypeScript code with deterministic output -RUN npm run build +RUN npm run build FROM node:22.1.0-alpine@sha256:487dc5d5122d578e13f2231aa4ac0f63068becd921099c4c677c850df93bede8 AS production @@ -91,4 +91,4 @@ USER bitgo EXPOSE ${PORT} # Start the application using the binary -CMD ["./bin/enclaved-bitgo-express"] \ No newline at end of file +CMD ["./bin/advanced-wallet-manager"] diff --git a/README.md b/README.md index f403ca0..83e1205 100644 --- a/README.md +++ b/README.md @@ -1,20 +1,20 @@ -# Enclaved BitGo Express +# Advanced Wallet Manager -A secure, mTLS-enabled cryptocurrency signing server with two operational modes: Enclaved Express (dedicated signer) and Master Express (API gateway with integrated signing capabilities). +A secure, mTLS-enabled cryptocurrency signing server with two operational modes: Advanced Wallet Manager (dedicated signer) and Master Express (API gateway with integrated signing capabilities). ## Overview This application provides secure cryptocurrency operations with mutual TLS (mTLS) authentication: -- **Enclaved Mode**: Lightweight signing server for secure key operations +- **Advanced Wallet Manager Mode**: Lightweight signing server for secure key operations - **Master Express Mode**: Full BitGo Express functionality with integrated signing - **mTLS Security**: Client certificate validation for secure communications - **Flexible Configuration**: Environment-based setup with file or variable-based certificates ## Architecture -- **Enclaved Express** (Port 3080): Focused signing operations with KMS integration -- **Master Express** (Port 3081): Full BitGo API functionality with secure communication to Enclaved Express +- **Advanced Wallet Manager** (Port 3080): Focused signing operations with KMS integration +- **Master Express** (Port 3081): Full BitGo API functionality with secure communication to Advanced Wallet Manager ## Configuration @@ -22,7 +22,7 @@ Configuration is managed through environment variables: ### Required Settings -- `APP_MODE` - Application mode (required: "enclaved" or "master-express") +- `APP_MODE` - Application mode (required: "advanced-wallet-manager" or "master-express") ### Network Settings @@ -31,9 +31,9 @@ Configuration is managed through environment variables: - `KEEP_ALIVE_TIMEOUT` - Keep-alive timeout (optional) - `HEADERS_TIMEOUT` - Headers timeout (optional) -#### Enclaved Mode Specific +#### Advanced Wallet Manager Mode Specific -- `ENCLAVED_EXPRESS_PORT` - Port to listen on (default: 3080) +- `ADVANCED_WALLET_MANAGER_PORT` - Port to listen on (default: 3080) - `KMS_URL` - KMS service URL (required) #### Master Express Mode Specific @@ -44,8 +44,8 @@ Configuration is managed through environment variables: - `BITGO_AUTH_VERSION` - Authentication version (default: 2) - `BITGO_CUSTOM_ROOT_URI` - Custom BitGo API root URI (optional) - `BITGO_CUSTOM_BITCOIN_NETWORK` - Custom Bitcoin network (optional) -- `ENCLAVED_EXPRESS_URL` - Enclaved Express server URL (required) -- `ENCLAVED_EXPRESS_CERT` - Path to Enclaved Express server certificate (required) +- `ADVANCED_WALLET_MANAGER_URL` - Advanced Wallet Manager URL (required) +- `ADVANCED_WALLET_MANAGER_CERT` - Path to Advanced Wallet Manager certificate (required) ### TLS/mTLS Configuration @@ -100,10 +100,10 @@ openssl genrsa -out server.key 2048 openssl req -new -x509 -key server.key -out server.crt -days 365 -subj "/CN=localhost" ``` -### 2. Start Enclaved Express +### 2. Start Advanced Wallet Manager ```bash -export APP_MODE=enclaved +export APP_MODE=advanced-wallet-manager export KMS_URL=https://your-kms-service export TLS_KEY_PATH=./server.key export TLS_CERT_PATH=./server.crt @@ -121,8 +121,8 @@ export APP_MODE=master-express export BITGO_ENV=test export TLS_KEY_PATH=./server.key export TLS_CERT_PATH=./server.crt -export ENCLAVED_EXPRESS_URL=https://localhost:3080 -export ENCLAVED_EXPRESS_CERT=./server.crt +export ADVANCED_WALLET_MANAGER_URL=https://localhost:3080 +export ADVANCED_WALLET_MANAGER_CERT=./server.crt export MTLS_REQUEST_CERT=false export ALLOW_SELF_SIGNED=true npm start @@ -130,10 +130,10 @@ npm start ### 5. Test the Connection -Test that Master Express can communicate with Enclaved Express: +Test that Master Express can communicate with Advanced Wallet Manager: ```bash -curl -k -X POST https://localhost:3081/ping/enclavedExpress +curl -k -X POST https://localhost:3081/ping/advancedWalletManager ``` ## Production Configuration @@ -149,13 +149,13 @@ curl -k -X POST https://localhost:3081/ping/enclavedExpress ### Production Setup Example -#### Enclaved Express (Production) +#### Advanced Wallet Manager (Production) ```bash -export APP_MODE=enclaved +export APP_MODE=advanced-wallet-manager export KMS_URL=https://production-kms.example.com -export TLS_KEY_PATH=/secure/path/enclaved.key -export TLS_CERT_PATH=/secure/path/enclaved.crt +export TLS_KEY_PATH=/secure/path/advanced-wallet-manager.key +export TLS_CERT_PATH=/secure/path/advanced-wallet-manager.crt export MTLS_REQUEST_CERT=true export ALLOW_SELF_SIGNED=false export MTLS_ALLOWED_CLIENT_FINGERPRINTS=ABC123...,DEF456... @@ -169,8 +169,8 @@ export APP_MODE=master-express export BITGO_ENV=prod export TLS_KEY_PATH=/secure/path/master.key export TLS_CERT_PATH=/secure/path/master.crt -export ENCLAVED_EXPRESS_URL=https://enclaved.internal.example.com:3080 -export ENCLAVED_EXPRESS_CERT=/secure/path/enclaved.crt +export ADVANCED_WALLET_MANAGER_URL=https://advanced-wallet-manager.internal.example.com:3080 +export ADVANCED_WALLET_MANAGER_CERT=/secure/path/advanced-wallet-manager.crt export MTLS_REQUEST_CERT=true export ALLOW_SELF_SIGNED=false npm start @@ -184,22 +184,22 @@ First, build the container image: # For Master Express (default port 3081) npm run container:build -# For Enclaved Express (port 3080) +# For Advanced Wallet Manager (port 3080) npm run container:build --build-arg PORT=3080 ``` -For local development, you'll need to run both the Enclaved Express and Master Express containers: +For local development, you'll need to run both the Advanced Wallet Manager and Master Express containers: ```bash -# Start Enclaved Express container +# Start Advanced Wallet Manager container podman run -d \ -p 3080:3080 \ -v $(pwd)/certs:/app/certs:Z \ - -e APP_MODE=enclaved \ + -e APP_MODE=advanced-wallet-manager \ -e BIND=0.0.0.0 \ -e TLS_MODE=mtls \ - -e TLS_KEY_PATH=/app/certs/enclaved-express-key.pem \ - -e TLS_CERT_PATH=/app/certs/enclaved-express-cert.pem \ + -e TLS_KEY_PATH=/app/certs/advanced-wallet-manager-key.pem \ + -e TLS_CERT_PATH=/app/certs/advanced-wallet-manager-cert.pem \ -e KMS_URL=host.containers.internal:3000 \ -e NODE_ENV=development \ -e ALLOW_SELF_SIGNED=true \ @@ -220,8 +220,8 @@ podman run -d \ -e TLS_MODE=mtls \ -e TLS_KEY_PATH=/app/certs/test-ssl-key.pem \ -e TLS_CERT_PATH=/app/certs/test-ssl-cert.pem \ - -e ENCLAVED_EXPRESS_URL=https://host.containers.internal:3080 \ - -e ENCLAVED_EXPRESS_CERT=/app/certs/enclaved-express-cert.pem \ + -e ADVANCED_WALLET_MANAGER_URL=https://host.containers.internal:3080 \ + -e ADVANCED_WALLET_MANAGER_CERT=/app/certs/advanced-wallet-manager-cert.pem \ -e ALLOW_SELF_SIGNED=true \ bitgo-onprem-express @@ -229,14 +229,14 @@ podman run -d \ podman logs -f # Test the endpoints (note: using https and mTLS) -# For Enclaved Express -curl -k --cert certs/test-ssl-cert.pem --key certs/enclaved-express-key.pem -X POST https://localhost:3080/ping +# For Advanced Wallet Manager +curl -k --cert certs/test-ssl-cert.pem --key certs/advanced-wallet-manager-key.pem -X POST https://localhost:3080/ping # For Master Express curl -k --cert certs/test-ssl-cert.pem --key certs/test-ssl-key.pem -X POST https://localhost:3081/ping # Test the connection -curl -k -X POST https://localhost:3081/ping/enclavedExpress +curl -k -X POST https://localhost:3081/ping/advancedWalletManager ``` Notes: @@ -247,7 +247,7 @@ Notes: ## API Endpoints -### Enclaved Express (Port 3080) +### Advanced Wallet Manager (Port 3080) - `POST /ping` - Health check - `GET /version` - Version information @@ -257,8 +257,8 @@ Notes: - `POST /ping` - Health check - `GET /version` - Version information -- `POST /ping/enclavedExpress` - Test connection to Enclaved Express -- `POST /api/:coin/wallet/generate` - Generate wallet (with Enclaved Express integration) +- `POST /ping/advancedWalletManager` - Test connection to Advanced Wallet Manager +- `POST /api/:coin/wallet/generate` - Generate wallet (with Advanced Wallet Manager integration) ## Troubleshooting @@ -291,17 +291,10 @@ openssl x509 -in certificate.crt -text -noout ```bash # Check that required variables are set -env | grep -E "(APP_MODE|KMS_URL|ENCLAVED_EXPRESS|TLS_)" -``` - -### Debug Mode - -Enable debug logging for detailed troubleshooting: - -```bash -DEBUG_NAMESPACE=enclaved:*,master:* npm run start -``` +env | grep -E "(APP_MODE|KMS_URL|ADVANCED_WALLET_MANAGER|TLS_)" +`` ## License MIT +``` diff --git a/bin/enclaved-bitgo-express b/bin/advanced-wallet-manager similarity index 100% rename from bin/enclaved-bitgo-express rename to bin/advanced-wallet-manager diff --git a/masterBitgoExpress.json b/masterBitgoExpress.json index cd2d970..a65a974 100644 --- a/masterBitgoExpress.json +++ b/masterBitgoExpress.json @@ -3,7 +3,7 @@ "info": { "title": "@bitgo/master-bitgo-express", "version": "0.0.0-semantically-released", - "description": "BitGo Enclaved Express - Secure enclave for BitGo signing operations with mTLS" + "description": "Advanced Wallets - On-Premises Key Management with BitGo Express" }, "paths": { "/api/{coin}/wallet/{walletId}/accelerate": { @@ -1178,7 +1178,7 @@ } } }, - "/ping/enclavedExpress": { + "/ping/advancedWalletManager": { "post": { "parameters": [], "responses": { @@ -1192,13 +1192,13 @@ "status": { "type": "string" }, - "enclavedResponse": { + "advancedWalletManagerResponse": { "$ref": "#/components/schemas/PingResponseType" } }, "required": [ "status", - "enclavedResponse" + "advancedWalletManagerResponse" ] } } @@ -1246,7 +1246,7 @@ } } }, - "/version/enclavedExpress": { + "/version/advancedWalletManager": { "get": { "parameters": [], "responses": { diff --git a/nodemon.json b/nodemon.json index f5c5310..6124990 100644 --- a/nodemon.json +++ b/nodemon.json @@ -2,5 +2,5 @@ "watch": ["src/**/*.ts"], "ignore": ["src/**/*.test.ts", "src/**/__tests__/*"], "ext": "ts", - "exec": "yarn build && node ./bin/enclaved-bitgo-express" + "exec": "yarn build && node ./bin/advanced-wallet-manager" } diff --git a/package-lock.json b/package-lock.json index 0712ab8..a68d949 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,11 +1,11 @@ { - "name": "@bitgo/enclaved-bitgo-express", + "name": "@bitgo/advanced-wallets", "version": "0.0.0-semantically-released", "lockfileVersion": 3, "requires": true, "packages": { "": { - "name": "@bitgo/enclaved-bitgo-express", + "name": "@bitgo/advanced-wallets", "version": "0.0.0-semantically-released", "dependencies": { "@api-ts/io-ts-http": "^3.2.1", @@ -103,7 +103,7 @@ "zod": "^3.25.48" }, "bin": { - "enclaved-bitgo-express": "bin/enclaved-bitgo-express" + "advanced-wallet-manager": "bin/advanced-wallet-manager" }, "devDependencies": { "@api-ts/openapi-generator": "^5.7.0", diff --git a/package.json b/package.json index 3662ef8..1999e36 100644 --- a/package.json +++ b/package.json @@ -1,11 +1,11 @@ { - "name": "@bitgo/enclaved-bitgo-express", + "name": "@bitgo/advanced-wallets", "version": "0.0.0-semantically-released", - "description": "BitGo Enclaved Express - Secure enclave for BitGo signing operations with mTLS", + "description": "Advanced Wallets - On-Premises Key Management with BitGo Express", "main": "./dist/src/index.js", "types": "./dist/src/index.d.ts", "bin": { - "enclaved-bitgo-express": "./bin/enclaved-bitgo-express" + "advanced-wallet-manager": "bin/advanced-wallet-manager" }, "scripts": { "start": "nodemon", diff --git a/src/__tests__/api/enclaved/ecdsaUtils.ts b/src/__tests__/api/advancedWalletManager/ecdsaUtils.ts similarity index 100% rename from src/__tests__/api/enclaved/ecdsaUtils.ts rename to src/__tests__/api/advancedWalletManager/ecdsaUtils.ts diff --git a/src/__tests__/api/enclaved/nonRecovery.test.ts b/src/__tests__/api/advancedWalletManager/nonRecovery.test.ts similarity index 82% rename from src/__tests__/api/enclaved/nonRecovery.test.ts rename to src/__tests__/api/advancedWalletManager/nonRecovery.test.ts index 7a308f8..4232cf4 100644 --- a/src/__tests__/api/enclaved/nonRecovery.test.ts +++ b/src/__tests__/api/advancedWalletManager/nonRecovery.test.ts @@ -1,8 +1,8 @@ import 'should'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../enclavedApp'; -import { AppMode, EnclavedConfig, TlsMode } from '../../../shared/types'; +import { app as expressApp } from '../../../advancedWalletManagerApp'; +import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../shared/types'; import sinon from 'sinon'; import * as middleware from '../../../shared/middleware'; import { BitGoRequest } from '../../../types/request'; @@ -11,8 +11,8 @@ import { BitGoAPI as BitGo } from '@bitgo-beta/sdk-api'; describe('Non Recovery', () => { let agent: request.SuperAgentTest; const coin = 'tbtc'; - const config: EnclavedConfig = { - appMode: AppMode.ENCLAVED, + const config: AdvancedWalletManagerConfig = { + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 0, bind: 'localhost', timeout: 60000, @@ -34,8 +34,8 @@ describe('Non Recovery', () => { // Setup middleware stubs before creating app sinon.stub(middleware, 'prepareBitGo').callsFake(() => (req, res, next) => { - (req as BitGoRequest).bitgo = bitgo; - (req as BitGoRequest).config = config; + (req as BitGoRequest).bitgo = bitgo; + (req as BitGoRequest).config = config; next(); }); diff --git a/src/__tests__/api/enclaved/postIndependentKey.test.ts b/src/__tests__/api/advancedWalletManager/postIndependentKey.test.ts similarity index 89% rename from src/__tests__/api/enclaved/postIndependentKey.test.ts rename to src/__tests__/api/advancedWalletManager/postIndependentKey.test.ts index 0be2219..731d0cc 100644 --- a/src/__tests__/api/enclaved/postIndependentKey.test.ts +++ b/src/__tests__/api/advancedWalletManager/postIndependentKey.test.ts @@ -2,8 +2,8 @@ import 'should'; import * as request from 'supertest'; import nock from 'nock'; -import { app as enclavedApp } from '../../../enclavedApp'; -import { AppMode, EnclavedConfig, TlsMode } from '../../../shared/types'; +import { app as advancedWalletManagerApp } from '../../../advancedWalletManagerApp'; +import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../shared/types'; import express from 'express'; import * as sinon from 'sinon'; @@ -11,7 +11,7 @@ import coinFactory from '../../../shared/coinFactory'; import { BaseCoin } from '@bitgo-beta/sdk-core'; describe('postIndependentKey', () => { - let cfg: EnclavedConfig; + let cfg: AdvancedWalletManagerConfig; let app: express.Application; let agent: request.SuperAgentTest; @@ -29,7 +29,7 @@ describe('postIndependentKey', () => { // app config cfg = { - appMode: AppMode.ENCLAVED, + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 0, // Let OS assign a free port bind: 'localhost', timeout: 60000, @@ -40,7 +40,7 @@ describe('postIndependentKey', () => { }; // app setup - app = enclavedApp(cfg); + app = advancedWalletManagerApp(cfg); agent = request.agent(app); }); diff --git a/src/__tests__/api/enclaved/postMpcV2Key.test.ts b/src/__tests__/api/advancedWalletManager/postMpcV2Key.test.ts similarity index 98% rename from src/__tests__/api/enclaved/postMpcV2Key.test.ts rename to src/__tests__/api/advancedWalletManager/postMpcV2Key.test.ts index 01c1b2d..350d2cd 100644 --- a/src/__tests__/api/enclaved/postMpcV2Key.test.ts +++ b/src/__tests__/api/advancedWalletManager/postMpcV2Key.test.ts @@ -1,5 +1,5 @@ -import { AppMode, EnclavedConfig, TlsMode } from '../../../initConfig'; -import { app as enclavedApp } from '../../../enclavedApp'; +import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../initConfig'; +import { app as advancedWalletManagerApp } from '../../../advancedWalletManagerApp'; import express from 'express'; import nock from 'nock'; @@ -12,7 +12,7 @@ import { DklsComms, DklsDkg, DklsTypes } from '@bitgo-beta/sdk-lib-mpc'; import { MPCv2PartiesEnum } from '@bitgo-beta/sdk-core/dist/src/bitgo/utils/tss/ecdsa'; describe('postMpcV2Key', () => { - let cfg: EnclavedConfig; + let cfg: AdvancedWalletManagerConfig; let app: express.Application; let agent: request.SuperAgentTest; @@ -31,7 +31,7 @@ describe('postMpcV2Key', () => { // app config cfg = { - appMode: AppMode.ENCLAVED, + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 0, // Let OS assign a free port bind: 'localhost', timeout: 60000, @@ -44,7 +44,7 @@ describe('postMpcV2Key', () => { configStub = sinon.stub(configModule, 'initConfig').returns(cfg); // app setup - app = enclavedApp(cfg); + app = advancedWalletManagerApp(cfg); agent = request.agent(app); }); diff --git a/src/__tests__/api/enclaved/recoveryMpcV2.test.ts b/src/__tests__/api/advancedWalletManager/recoveryMpcV2.test.ts similarity index 94% rename from src/__tests__/api/enclaved/recoveryMpcV2.test.ts rename to src/__tests__/api/advancedWalletManager/recoveryMpcV2.test.ts index e8cbfe5..118ce5f 100644 --- a/src/__tests__/api/enclaved/recoveryMpcV2.test.ts +++ b/src/__tests__/api/advancedWalletManager/recoveryMpcV2.test.ts @@ -1,5 +1,5 @@ -import { AppMode, EnclavedConfig, TlsMode } from '../../../initConfig'; -import { app as enclavedApp } from '../../../enclavedApp'; +import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../initConfig'; +import { app as advancedWalletManagerApp } from '../../../advancedWalletManagerApp'; import express from 'express'; import nock from 'nock'; @@ -10,7 +10,7 @@ import * as configModule from '../../../initConfig'; import { DklsTypes, DklsUtils } from '@bitgo-beta/sdk-lib-mpc'; describe('recoveryMpcV2', async () => { - let cfg: EnclavedConfig; + let cfg: AdvancedWalletManagerConfig; let app: express.Application; let agent: request.SuperAgentTest; @@ -55,7 +55,7 @@ describe('recoveryMpcV2', async () => { // app config cfg = { - appMode: AppMode.ENCLAVED, + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 0, // Let OS assign a free port bind: 'localhost', timeout: 60000, @@ -69,7 +69,7 @@ describe('recoveryMpcV2', async () => { configStub = sinon.stub(configModule, 'initConfig').returns(cfg); // app setup - app = enclavedApp(cfg); + app = advancedWalletManagerApp(cfg); agent = request.agent(app); }); diff --git a/src/__tests__/api/enclaved/recoveryMultisigTransaction.test.ts b/src/__tests__/api/advancedWalletManager/recoveryMultisigTransaction.test.ts similarity index 90% rename from src/__tests__/api/enclaved/recoveryMultisigTransaction.test.ts rename to src/__tests__/api/advancedWalletManager/recoveryMultisigTransaction.test.ts index fe1ebf6..00a4648 100644 --- a/src/__tests__/api/enclaved/recoveryMultisigTransaction.test.ts +++ b/src/__tests__/api/advancedWalletManager/recoveryMultisigTransaction.test.ts @@ -1,20 +1,20 @@ import 'should'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../enclavedApp'; -import { AppMode, EnclavedConfig, TlsMode } from '../../../shared/types'; +import { app as expressApp } from '../../../advancedWalletManagerApp'; +import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../shared/types'; import sinon from 'sinon'; import * as middleware from '../../../shared/middleware'; import { BitGoRequest } from '../../../types/request'; import { BitGoAPI as BitGo } from '@bitgo-beta/sdk-api'; -import * as kmsUtils from '../../../api/enclaved/utils'; +import * as kmsUtils from '../../../api/advancedWalletManager/utils'; describe('UTXO recovery', () => { let agent: request.SuperAgentTest; let mockRetrieveKmsPrvKey: sinon.SinonStub; const coin = 'tbtc'; - const config: EnclavedConfig = { - appMode: AppMode.ENCLAVED, + const config: AdvancedWalletManagerConfig = { + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 0, bind: 'localhost', timeout: 60000, @@ -37,8 +37,8 @@ describe('UTXO recovery', () => { // Setup middleware stubs before creating app sinon.stub(middleware, 'prepareBitGo').callsFake(() => (req, res, next) => { - (req as BitGoRequest).bitgo = bitgo; - (req as BitGoRequest).config = config; + (req as BitGoRequest).bitgo = bitgo; + (req as BitGoRequest).config = config; next(); }); diff --git a/src/__tests__/api/enclaved/recoveryMusigEth.test.ts b/src/__tests__/api/advancedWalletManager/recoveryMusigEth.test.ts similarity index 93% rename from src/__tests__/api/enclaved/recoveryMusigEth.test.ts rename to src/__tests__/api/advancedWalletManager/recoveryMusigEth.test.ts index f73cd68..28b84d4 100644 --- a/src/__tests__/api/enclaved/recoveryMusigEth.test.ts +++ b/src/__tests__/api/advancedWalletManager/recoveryMusigEth.test.ts @@ -3,8 +3,8 @@ import 'should'; import express from 'express'; import nock from 'nock'; import * as request from 'supertest'; -import { app as enclavedApp } from '../../../enclavedApp'; -import { AppMode, EnclavedConfig, TlsMode } from '../../../shared/types'; +import { app as advancedWalletManagerApp } from '../../../advancedWalletManagerApp'; +import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../shared/types'; import * as sinon from 'sinon'; import * as configModule from '../../../initConfig'; @@ -13,7 +13,7 @@ import { ebeData } from '../../mocks/ethRecoveryMusigMockData'; import unsignedSweepRecJSON from '../../mocks/unsigned-sweep-prebuild-hteth-musig-recovery.json'; describe('recoveryMultisigTransaction', () => { - let cfg: EnclavedConfig; + let cfg: AdvancedWalletManagerConfig; let app: express.Application; let agent: request.SuperAgentTest; @@ -32,7 +32,7 @@ describe('recoveryMultisigTransaction', () => { // app config cfg = { - appMode: AppMode.ENCLAVED, + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 0, // Let OS assign a free port bind: 'localhost', timeout: 60000, @@ -46,7 +46,7 @@ describe('recoveryMultisigTransaction', () => { configStub = sinon.stub(configModule, 'initConfig').returns(cfg); // app setup - app = enclavedApp(cfg); + app = advancedWalletManagerApp(cfg); agent = request.agent(app); }); diff --git a/src/__tests__/api/enclaved/signMpcRecoveryTransaction.test.ts b/src/__tests__/api/advancedWalletManager/signMpcRecoveryTransaction.test.ts similarity index 95% rename from src/__tests__/api/enclaved/signMpcRecoveryTransaction.test.ts rename to src/__tests__/api/advancedWalletManager/signMpcRecoveryTransaction.test.ts index dc2d723..bfbee81 100644 --- a/src/__tests__/api/enclaved/signMpcRecoveryTransaction.test.ts +++ b/src/__tests__/api/advancedWalletManager/signMpcRecoveryTransaction.test.ts @@ -3,15 +3,15 @@ import nock from 'nock'; import sinon from 'sinon'; import supertest from 'supertest'; import { Utils } from '@bitgo-beta/sdk-coin-sol'; -import * as kmsUtils from '../../../api/enclaved/utils'; -import { app as expressApp } from '../../../enclavedApp'; -import { AppMode, EnclavedConfig, TlsMode } from '../../../shared/types'; +import * as kmsUtils from '../../../api/advancedWalletManager/utils'; +import { app as expressApp } from '../../../advancedWalletManagerApp'; +import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../shared/types'; describe('EdDSA Recovery Signing', () => { let agent: supertest.SuperTest; - const config: EnclavedConfig = { + const config: AdvancedWalletManagerConfig = { kmsUrl: 'http://localhost:3000', - appMode: AppMode.ENCLAVED, + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 0, bind: 'localhost', timeout: 60000, diff --git a/src/__tests__/api/enclaved/signMpcTransaction.test.ts b/src/__tests__/api/advancedWalletManager/signMpcTransaction.test.ts similarity index 98% rename from src/__tests__/api/enclaved/signMpcTransaction.test.ts rename to src/__tests__/api/advancedWalletManager/signMpcTransaction.test.ts index 85abf05..b9e2a6b 100644 --- a/src/__tests__/api/enclaved/signMpcTransaction.test.ts +++ b/src/__tests__/api/advancedWalletManager/signMpcTransaction.test.ts @@ -2,8 +2,8 @@ import 'should'; import * as request from 'supertest'; import nock from 'nock'; -import { app as enclavedApp } from '../../../enclavedApp'; -import { AppMode, EnclavedConfig, TlsMode } from '../../../shared/types'; +import { app as advancedWalletManagerApp } from '../../../advancedWalletManagerApp'; +import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../shared/types'; import express from 'express'; import * as sinon from 'sinon'; import * as configModule from '../../../initConfig'; @@ -17,7 +17,7 @@ import createKeccakHash from 'keccak'; import { bitgoGpgKey } from '../../mocks/gpgKeys'; describe('signMpcTransaction', () => { - let cfg: EnclavedConfig; + let cfg: AdvancedWalletManagerConfig; let app: express.Application; let agent: request.SuperAgentTest; @@ -36,7 +36,7 @@ describe('signMpcTransaction', () => { // app config cfg = { - appMode: AppMode.ENCLAVED, + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 0, // Let OS assign a free port bind: 'localhost', timeout: 60000, @@ -49,7 +49,7 @@ describe('signMpcTransaction', () => { configStub = sinon.stub(configModule, 'initConfig').returns(cfg); // app setup - app = enclavedApp(cfg); + app = advancedWalletManagerApp(cfg); agent = request.agent(app); }); diff --git a/src/__tests__/api/enclaved/signMultisigTransaction.test.ts b/src/__tests__/api/advancedWalletManager/signMultisigTransaction.test.ts similarity index 91% rename from src/__tests__/api/enclaved/signMultisigTransaction.test.ts rename to src/__tests__/api/advancedWalletManager/signMultisigTransaction.test.ts index df97430..e2cd946 100644 --- a/src/__tests__/api/enclaved/signMultisigTransaction.test.ts +++ b/src/__tests__/api/advancedWalletManager/signMultisigTransaction.test.ts @@ -2,15 +2,15 @@ import 'should'; import * as request from 'supertest'; import nock from 'nock'; -import { app as enclavedApp } from '../../../enclavedApp'; -import { AppMode, EnclavedConfig, TlsMode } from '../../../shared/types'; +import { app as advancedWalletManagerApp } from '../../../advancedWalletManagerApp'; +import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../shared/types'; import express from 'express'; import * as sinon from 'sinon'; import * as configModule from '../../../initConfig'; describe('signMultisigTransaction', () => { - let cfg: EnclavedConfig; + let cfg: AdvancedWalletManagerConfig; let app: express.Application; let agent: request.SuperAgentTest; @@ -29,7 +29,7 @@ describe('signMultisigTransaction', () => { // app config cfg = { - appMode: AppMode.ENCLAVED, + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 0, // Let OS assign a free port bind: 'localhost', timeout: 60000, @@ -42,7 +42,7 @@ describe('signMultisigTransaction', () => { configStub = sinon.stub(configModule, 'initConfig').returns(cfg); // app setup - app = enclavedApp(cfg); + app = advancedWalletManagerApp(cfg); agent = request.agent(app); }); diff --git a/src/__tests__/api/master/accelerate.test.ts b/src/__tests__/api/master/accelerate.test.ts index f18cc51..624279a 100644 --- a/src/__tests__/api/master/accelerate.test.ts +++ b/src/__tests__/api/master/accelerate.test.ts @@ -2,7 +2,7 @@ import 'should'; import sinon from 'sinon'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import { Environments, Wallet } from '@bitgo-beta/sdk-core'; @@ -12,7 +12,7 @@ describe('POST /api/:coin/wallet/:walletId/accelerate', () => { const walletId = 'test-wallet-id'; const accessToken = 'test-access-token'; const bitgoApiUrl = Environments.test.uri; - const enclavedExpressUrl = 'https://test-enclaved-express.com'; + const advancedWalletManagerUrl = 'https://test-advanced-wallet-manager.com'; const mockWalletData = { id: walletId, @@ -48,8 +48,8 @@ describe('POST /api/:coin/wallet/:walletId/accelerate', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'test-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'test-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, }; diff --git a/src/__tests__/api/master/consolidate.test.ts b/src/__tests__/api/master/consolidate.test.ts index 3470686..44cca87 100644 --- a/src/__tests__/api/master/consolidate.test.ts +++ b/src/__tests__/api/master/consolidate.test.ts @@ -2,7 +2,7 @@ import 'should'; import sinon from 'sinon'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import { Environments, Wallet } from '@bitgo-beta/sdk-core'; import { Hteth } from '@bitgo-beta/sdk-coin-eth'; @@ -15,7 +15,7 @@ describe('POST /api/:coin/wallet/:walletId/consolidate', () => { const walletId = 'test-wallet-id'; const accessToken = 'test-access-token'; const bitgoApiUrl = Environments.test.uri; - const enclavedExpressUrl = 'https://test-enclaved-express.com'; + const advancedWalletManagerUrl = 'https://test-advanced-wallet-manager.com'; const mockWalletData = (multisigType: 'onchain' | 'tss') => ({ id: walletId, @@ -52,8 +52,8 @@ describe('POST /api/:coin/wallet/:walletId/consolidate', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'test-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'test-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, }; diff --git a/src/__tests__/api/master/consolidateUnspents.test.ts b/src/__tests__/api/master/consolidateUnspents.test.ts index 5bbb76d..708f2c0 100644 --- a/src/__tests__/api/master/consolidateUnspents.test.ts +++ b/src/__tests__/api/master/consolidateUnspents.test.ts @@ -2,7 +2,7 @@ import 'should'; import sinon from 'sinon'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import { Environments, Wallet } from '@bitgo-beta/sdk-core'; @@ -12,7 +12,7 @@ describe('POST /api/:coin/wallet/:walletId/consolidateunspents', () => { const walletId = 'test-wallet-id'; const accessToken = 'test-access-token'; const bitgoApiUrl = Environments.test.uri; - const enclavedExpressUrl = 'https://test-enclaved-express.com'; + const advancedWalletManagerUrl = 'https://test-advanced-wallet-manager.com'; const mockWalletData = { id: walletId, @@ -48,8 +48,8 @@ describe('POST /api/:coin/wallet/:walletId/consolidateunspents', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'test-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'test-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, }; diff --git a/src/__tests__/api/master/ecdsa.test.ts b/src/__tests__/api/master/ecdsa.test.ts index 52a7752..1dc06b0 100644 --- a/src/__tests__/api/master/ecdsa.test.ts +++ b/src/__tests__/api/master/ecdsa.test.ts @@ -13,7 +13,7 @@ import { TxRequest, Wallet, } from '@bitgo-beta/sdk-core'; -import { EnclavedExpressClient } from '../../../api/master/clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from '../../../api/master/clients/advancedWalletManagerClient'; import { signAndSendEcdsaMPCv2FromTxRequest } from '../../../api/master/handlers/ecdsaMPCv2'; import { BitGoAPI } from '@bitgo-beta/sdk-api'; import { readKey } from 'openpgp'; @@ -21,10 +21,10 @@ import { readKey } from 'openpgp'; describe('Ecdsa Signing Handler', () => { let bitgo: BitGoAPI; let wallet: Wallet; - let enclavedExpressClient: EnclavedExpressClient; + let awmClient: AdvancedWalletManagerClient; let reqId: IRequestTracer; const bitgoApiUrl = Environments.local.uri; - const enclavedExpressUrl = 'http://enclaved.invalid'; + const advancedWalletManagerUrl = 'http://advancedwalletmanager.invalid'; const coin = 'hteth'; // Use hteth for ECDSA testing const walletId = 'test-wallet-id'; @@ -42,10 +42,10 @@ describe('Ecdsa Signing Handler', () => { }, multisigTypeVersion: () => 2, } as unknown as Wallet; - enclavedExpressClient = new EnclavedExpressClient( + awmClient = new AdvancedWalletManagerClient( { - enclavedExpressUrl, - enclavedExpressCert: 'dummy-cert', + advancedWalletManagerUrl, + advancedWalletManagerCert: 'dummy-cert', tlsMode: 'disabled', allowSelfSigned: true, } as any, @@ -202,7 +202,7 @@ describe('Ecdsa Signing Handler', () => { }); // Mock MPCv2 Round 1 signing - const signMpcV2Round1NockEbe = nock(enclavedExpressUrl) + const signMpcV2Round1NockEbe = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/mpcv2round1`) .reply(200, { signatureShareRound1: round1SignatureShare, @@ -213,7 +213,7 @@ describe('Ecdsa Signing Handler', () => { }); // Mock MPCv2 Round 2 signing - const signMpcV2Round2NockEbe = nock(enclavedExpressUrl) + const signMpcV2Round2NockEbe = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/mpcv2round2`) .reply(200, { signatureShareRound2: round2SignatureShare, @@ -221,7 +221,7 @@ describe('Ecdsa Signing Handler', () => { }); // Mock MPCv2 Round 3 signing - const signMpcV2Round3NockEbe = nock(enclavedExpressUrl) + const signMpcV2Round3NockEbe = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/mpcv2round3`) .reply(200, { signatureShareRound3: round3SignatureShare, @@ -231,7 +231,7 @@ describe('Ecdsa Signing Handler', () => { bitgo, wallet, txRequest, - enclavedExpressClient, + awmClient, 'user', userPubKey, reqId, diff --git a/src/__tests__/api/master/eddsa.test.ts b/src/__tests__/api/master/eddsa.test.ts index 57e759f..3ce3a63 100644 --- a/src/__tests__/api/master/eddsa.test.ts +++ b/src/__tests__/api/master/eddsa.test.ts @@ -12,7 +12,7 @@ import { Wallet, } from '@bitgo-beta/sdk-core'; import { BitGoAPI } from '@bitgo-beta/sdk-api'; -import { EnclavedExpressClient } from '../../../api/master/clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient as AdvancedWalletManagerClient } from '../../../api/master/clients/advancedWalletManagerClient'; import { handleEddsaSigning } from '../../../api/master/handlers/eddsa'; import { readKey } from 'openpgp'; @@ -20,10 +20,10 @@ import { readKey } from 'openpgp'; describe('Eddsa Signing Handler', () => { let bitgo: BitGoBase; let wallet: Wallet; - let enclavedExpressClient: EnclavedExpressClient; + let awmClient: AdvancedWalletManagerClient; let reqId: IRequestTracer; const bitgoApiUrl = Environments.local.uri; - const enclavedExpressUrl = 'http://enclaved.invalid'; + const advancedWalletManagerUrl = 'http://advancedwalletmanager.invalid'; const coin = 'tbtc'; const walletId = 'test-wallet-id'; @@ -37,10 +37,10 @@ describe('Eddsa Signing Handler', () => { wallet = { id: () => 'test-wallet-id', } as Wallet; - enclavedExpressClient = new EnclavedExpressClient( + awmClient = new AdvancedWalletManagerClient( { - enclavedExpressUrl, - enclavedExpressCert: 'dummy-cert', + advancedWalletManagerUrl, + advancedWalletManagerCert: 'dummy-cert', tlsMode: 'disabled', allowSelfSigned: true, } as any, @@ -190,7 +190,7 @@ describe('Eddsa Signing Handler', () => { }); // Mock MPC commitment signing - const signMpcCommitmentNockEbe = nock(enclavedExpressUrl) + const signMpcCommitmentNockEbe = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/commitment`) .reply(200, { userToBitgoCommitment: { share: 'user-commitment-share' }, @@ -200,7 +200,7 @@ describe('Eddsa Signing Handler', () => { }); // Mock MPC R-share signing - const signMpcRShareNockEbe = nock(enclavedExpressUrl) + const signMpcRShareNockEbe = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/r`) .reply(200, { rShare: { @@ -214,7 +214,7 @@ describe('Eddsa Signing Handler', () => { }); // Mock MPC G-share signing - const signMpcGShareNockEbe = nock(enclavedExpressUrl) + const signMpcGShareNockEbe = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/g`) .reply(200, { gShare: { @@ -228,14 +228,7 @@ describe('Eddsa Signing Handler', () => { (bitgo as any).getGPGKeys = getGPGKeysStub; - const result = await handleEddsaSigning( - bitgo, - wallet, - txRequest, - enclavedExpressClient, - userPubKey, - reqId, - ); + const result = await handleEddsaSigning(bitgo, wallet, txRequest, awmClient, userPubKey, reqId); result.should.eql({ ...txRequest, diff --git a/src/__tests__/api/master/generateWallet.test.ts b/src/__tests__/api/master/generateWallet.test.ts index 1d28182..37cf53b 100644 --- a/src/__tests__/api/master/generateWallet.test.ts +++ b/src/__tests__/api/master/generateWallet.test.ts @@ -4,7 +4,7 @@ import assert from 'assert'; import * as request from 'supertest'; import nock from 'nock'; import sinon from 'sinon'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import { Environments } from '@bitgo-beta/sdk-core'; import { BitGoAPI } from '@bitgo-beta/sdk-api'; @@ -22,7 +22,7 @@ import { BitGoRequest } from '../../../types/request'; describe('POST /api/:coin/wallet/generate', () => { let agent: request.SuperAgentTest; - const enclavedExpressUrl = 'http://enclaved.invalid'; + const advancedWalletManagerUrl = 'http://advancedwalletmanager.invalid'; const bitgoApiUrl = Environments.test.uri; const coin = 'tbtc'; const eddsaCoin = 'tsol'; @@ -47,8 +47,8 @@ describe('POST /api/:coin/wallet/generate', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'dummy-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'dummy-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, }; @@ -69,8 +69,8 @@ describe('POST /api/:coin/wallet/generate', () => { sinon.restore(); }); - it('should generate a wallet by calling the enclaved express service', async () => { - const userKeychainNock = nock(enclavedExpressUrl) + it('should generate a wallet by calling the advanced wallet manager service', async () => { + const userKeychainNock = nock(advancedWalletManagerUrl) .post(`/api/${coin}/key/independent`, { source: 'user', }) @@ -80,7 +80,7 @@ describe('POST /api/:coin/wallet/generate', () => { type: 'independent', }); - const backupKeychainNock = nock(enclavedExpressUrl) + const backupKeychainNock = nock(advancedWalletManagerUrl) .post(`/api/${coin}/key/independent`, { source: 'backup', }) @@ -164,7 +164,7 @@ describe('POST /api/:coin/wallet/generate', () => { bitgoAddWalletNock.done(); }); - it('should generate a TSS MPC v1 wallet by calling the enclaved express service', async () => { + it('should generate a TSS MPC v1 wallet by calling the advanced wallet manager service', async () => { // Mock fetchConstants instead of using nock for URL mocking sinon.stub(bitgo, 'fetchConstants').resolves({ mpc: { @@ -172,7 +172,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const userInitNock = nock(enclavedExpressUrl) + const userInitNock = nock(advancedWalletManagerUrl) .post(`/api/${eddsaCoin}/mpc/key/initialize`, { source: 'user', bitgoGpgPub: 'test-bitgo-public-key', @@ -191,7 +191,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const backupInitNock = nock(enclavedExpressUrl) + const backupInitNock = nock(advancedWalletManagerUrl) .post(`/api/${eddsaCoin}/mpc/key/initialize`, { source: 'backup', bitgoGpgPub: 'test-bitgo-public-key', @@ -278,7 +278,7 @@ describe('POST /api/:coin/wallet/generate', () => { walletHSMGPGPublicKeySigs: 'hsm-sig', }); - const userFinalizeNock = nock(enclavedExpressUrl) + const userFinalizeNock = nock(advancedWalletManagerUrl) .post(`/api/${eddsaCoin}/mpc/key/finalize`, { source: 'user', encryptedDataKey: 'key', @@ -349,7 +349,7 @@ describe('POST /api/:coin/wallet/generate', () => { type: 'tss', commonKeychain: 'commonKeychain', }); - const backupFinalizeNock = nock(enclavedExpressUrl) + const backupFinalizeNock = nock(advancedWalletManagerUrl) .post(`/api/${eddsaCoin}/mpc/key/finalize`, { source: 'backup', encryptedDataKey: 'key', @@ -508,7 +508,7 @@ describe('POST /api/:coin/wallet/generate', () => { response.status.should.equal(200); }); - it('should generate a TSS MPC v2 wallet by calling the enclaved express service', async () => { + it('should generate a TSS MPC v2 wallet by calling the advanced wallet manager service', async () => { // Mock fetchConstants instead of using nock for URL mocking sinon.stub(bitgo, 'fetchConstants').resolves({ mpc: { @@ -516,7 +516,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); // init round - const userInitNock = nock(enclavedExpressUrl) + const userInitNock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/initialize`, { source: 'user', }) @@ -526,7 +526,7 @@ describe('POST /api/:coin/wallet/generate', () => { gpgPub: 'test-user-public-key', }); - const backupInitNock = nock(enclavedExpressUrl) + const backupInitNock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/initialize`, { source: 'backup', }) @@ -536,7 +536,7 @@ describe('POST /api/:coin/wallet/generate', () => { gpgPub: 'test-backup-public-key', }); - const userRound1Nock = nock(enclavedExpressUrl) + const userRound1Nock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/round`, { source: 'user', encryptedDataKey: 'key', @@ -558,7 +558,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const backupRound1Nock = nock(enclavedExpressUrl) + const backupRound1Nock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/round`, { source: 'backup', encryptedDataKey: 'key', @@ -623,7 +623,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const userRound2Nock = nock(enclavedExpressUrl) + const userRound2Nock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/round`, { source: 'user', encryptedDataKey: 'key', @@ -672,7 +672,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const backupRound2Nock = nock(enclavedExpressUrl) + const backupRound2Nock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/round`, { source: 'backup', encryptedDataKey: 'key', @@ -721,7 +721,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const userRound3Nock = nock(enclavedExpressUrl) + const userRound3Nock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/round`, { source: 'user', encryptedDataKey: 'key', @@ -774,7 +774,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const backupRound3Nock = nock(enclavedExpressUrl) + const backupRound3Nock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/round`, { source: 'backup', encryptedDataKey: 'key', @@ -867,7 +867,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const userRound4Nock = nock(enclavedExpressUrl) + const userRound4Nock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/round`, { source: 'user', encryptedDataKey: 'key', @@ -907,7 +907,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const backupRound4Nock = nock(enclavedExpressUrl) + const backupRound4Nock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/round`, { source: 'backup', encryptedDataKey: 'key', @@ -988,7 +988,7 @@ describe('POST /api/:coin/wallet/generate', () => { }, }); - const userFinalizeNock = nock(enclavedExpressUrl) + const userFinalizeNock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/finalize`, { source: 'user', encryptedDataKey: 'key', @@ -1016,7 +1016,7 @@ describe('POST /api/:coin/wallet/generate', () => { commonKeychain: 'commonKeychain', }); - const backupFinalizeNock = nock(enclavedExpressUrl) + const backupFinalizeNock = nock(advancedWalletManagerUrl) .post(`/api/${ecdsaCoin}/mpcv2/finalize`, { source: 'backup', encryptedDataKey: 'key', @@ -1129,8 +1129,8 @@ describe('POST /api/:coin/wallet/generate', () => { bitgoAddWalletNock.done(); }); - it('should fail when enclaved express client is not configured', async () => { - // Create a config without enclaved express settings + it('should fail when advanced wallet manager client is not configured', async () => { + // Create a config without advanced wallet manager settings const invalidConfig: Partial = { appMode: AppMode.MASTER_EXPRESS, port: 0, @@ -1146,9 +1146,14 @@ describe('POST /api/:coin/wallet/generate', () => { try { expressApp(invalidConfig as MasterExpressConfig); - assert(false, 'Expected error to be thrown when enclaved express client is not configured'); + assert( + false, + 'Expected error to be thrown when advanced wallet manager client is not configured', + ); } catch (e) { - (e as Error).message.should.equal('enclavedExpressUrl and enclavedExpressCert are required'); + (e as Error).message.should.equal( + 'advancedWalletManagerUrl and advancedWalletManagerCert are required', + ); } }); diff --git a/src/__tests__/api/master/musigRecovery.test.ts b/src/__tests__/api/master/musigRecovery.test.ts index 2559eac..b046861 100644 --- a/src/__tests__/api/master/musigRecovery.test.ts +++ b/src/__tests__/api/master/musigRecovery.test.ts @@ -4,13 +4,13 @@ import sinon from 'sinon'; import { AbstractEthLikeNewCoins } from '@bitgo-beta/abstract-eth'; import nock from 'nock'; import * as request from 'supertest'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import { data as ethRecoveryData } from '../../mocks/ethRecoveryMusigMockData'; describe('POST /api/:coin/wallet/recovery', () => { let agent: request.SuperAgentTest; - const enclavedExpressUrl = 'http://enclaved.invalid'; + const advancedWalletManagerUrl = 'http://advancedwalletmanager.invalid'; const coin = 'hteth'; const accessToken = 'test-token'; @@ -27,8 +27,8 @@ describe('POST /api/:coin/wallet/recovery', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'dummy-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'dummy-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, recoveryMode: true, @@ -51,7 +51,7 @@ describe('POST /api/:coin/wallet/recovery', () => { // the call to eve.recoverWallet(...) // that contains the calls to sdk.signTransaction - const eveRecoverWalletNock = nock(enclavedExpressUrl) + const eveRecoverWalletNock = nock(advancedWalletManagerUrl) .post(`/api/${coin}/multisig/recovery`, { userPub: ethRecoveryData.userKey, backupPub: ethRecoveryData.backupKey, diff --git a/src/__tests__/api/master/nonRecovery.test.ts b/src/__tests__/api/master/nonRecovery.test.ts index 6567d96..8bd6884 100644 --- a/src/__tests__/api/master/nonRecovery.test.ts +++ b/src/__tests__/api/master/nonRecovery.test.ts @@ -1,19 +1,19 @@ import 'should'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import sinon from 'sinon'; import * as middleware from '../../../shared/middleware'; import * as masterMiddleware from '../../../api/master/middleware/middleware'; import { BitGoRequest } from '../../../types/request'; import { BitGoAPI } from '@bitgo-beta/sdk-api'; -import { EnclavedExpressClient } from '../../../api/master/clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from '../../../api/master/clients/advancedWalletManagerClient'; describe('Non Recovery Tests', () => { let agent: request.SuperAgentTest; let mockBitgo: BitGoAPI; - const enclavedExpressUrl = 'http://enclaved.invalid'; + const advancedWalletManagerUrl = 'http://advancedwalletmanager.invalid'; const accessToken = 'test-token'; const config: MasterExpressConfig = { appMode: AppMode.MASTER_EXPRESS, @@ -23,8 +23,8 @@ describe('Non Recovery Tests', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'dummy-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'dummy-cert', tlsMode: TlsMode.DISABLED, httpLoggerFile: '', allowSelfSigned: true, @@ -61,8 +61,10 @@ describe('Non Recovery Tests', () => { beforeEach(() => { sinon.stub(masterMiddleware, 'validateMasterExpressConfig').callsFake((req, res, next) => { (req as BitGoRequest).params = { coin }; - (req as BitGoRequest).enclavedExpressClient = - new EnclavedExpressClient(config, coin); + (req as BitGoRequest).awmClient = new AdvancedWalletManagerClient( + config, + coin, + ); next(); return undefined; }); diff --git a/src/__tests__/api/master/recoveryConsolidationsWallet.test.ts b/src/__tests__/api/master/recoveryConsolidationsWallet.test.ts index f5e9d24..4b8f4e5 100644 --- a/src/__tests__/api/master/recoveryConsolidationsWallet.test.ts +++ b/src/__tests__/api/master/recoveryConsolidationsWallet.test.ts @@ -2,16 +2,16 @@ import 'should'; import sinon from 'sinon'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import { Trx } from '@bitgo-beta/sdk-coin-trx'; import { Sol } from '@bitgo-beta/sdk-coin-sol'; import { Sui } from '@bitgo-beta/sdk-coin-sui'; -import { EnclavedExpressClient } from '../../../api/master/clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from '../../../api/master/clients/advancedWalletManagerClient'; describe('POST /api/:coin/wallet/recoveryconsolidations', () => { let agent: request.SuperAgentTest; - const enclavedExpressUrl = 'https://test-enclaved-express.com'; + const advancedWalletManagerUrl = 'https://test-advanced-wallet-manager.com'; const accessToken = 'test-access-token'; const mockUserPub = @@ -34,8 +34,8 @@ describe('POST /api/:coin/wallet/recoveryconsolidations', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl, - enclavedExpressCert: 'test-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'test-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, recoveryMode: true, @@ -60,7 +60,7 @@ describe('POST /api/:coin/wallet/recoveryconsolidations', () => { }); const recoveryMultisigStub = sinon - .stub(EnclavedExpressClient.prototype, 'recoveryMultisig') + .stub(AdvancedWalletManagerClient.prototype, 'recoveryMultisig') .resolves({ txHex: 'signed-tx' }); const requestPayload = { @@ -100,7 +100,7 @@ describe('POST /api/:coin/wallet/recoveryconsolidations', () => { }); const recoveryMultisigStub = sinon - .stub(EnclavedExpressClient.prototype, 'recoveryMultisig') + .stub(AdvancedWalletManagerClient.prototype, 'recoveryMultisig') .resolves({ txHex: 'signed-tx' }); const requestPayload = { @@ -156,7 +156,7 @@ describe('POST /api/:coin/wallet/recoveryconsolidations', () => { }); const recoveryMPCStub = sinon - .stub(EnclavedExpressClient.prototype, 'recoveryMPC') + .stub(AdvancedWalletManagerClient.prototype, 'recoveryMPC') .resolves({ txHex: 'signed-mpc-tx' }); const requestPayload = { @@ -198,7 +198,7 @@ describe('POST /api/:coin/wallet/recoveryconsolidations', () => { }); const recoveryMPCStub = sinon - .stub(EnclavedExpressClient.prototype, 'recoveryMPC') + .stub(AdvancedWalletManagerClient.prototype, 'recoveryMPC') .resolves({ txHex: 'signed-mpc-tx' }); const requestPayload = { @@ -241,7 +241,7 @@ describe('POST /api/:coin/wallet/recoveryconsolidations', () => { }); const recoveryMultisigStub = sinon - .stub(EnclavedExpressClient.prototype, 'recoveryMultisig') + .stub(AdvancedWalletManagerClient.prototype, 'recoveryMultisig') .resolves({ txHex: 'signed-tx' }); const requestPayload = { @@ -408,7 +408,7 @@ describe('POST /api/:coin/wallet/recoveryconsolidations', () => { sinon.assert.calledOnce(recoverConsolidationsStub); }); - it('should fail when enclavedExpressClient throws an error', async () => { + it('should fail when awmClient throws an error', async () => { const mockTransactions = [{ txHex: 'unsigned-tx-1', serializedTx: 'serialized-unsigned-tx-1' }]; const recoverConsolidationsStub = sinon.stub(Trx.prototype, 'recoverConsolidations').resolves({ @@ -416,8 +416,8 @@ describe('POST /api/:coin/wallet/recoveryconsolidations', () => { }); const recoveryMultisigStub = sinon - .stub(EnclavedExpressClient.prototype, 'recoveryMultisig') - .rejects(new Error('Enclaved Express signing failed')); + .stub(AdvancedWalletManagerClient.prototype, 'recoveryMultisig') + .rejects(new Error('Advanced Wallet Manager signing failed')); const response = await agent .post(`/api/trx/wallet/recoveryconsolidations`) @@ -431,7 +431,7 @@ describe('POST /api/:coin/wallet/recoveryconsolidations', () => { response.status.should.equal(500); response.body.should.have.property('error', 'Internal Server Error'); - response.body.should.have.property('details', 'Enclaved Express signing failed'); + response.body.should.have.property('details', 'Advanced Wallet Manager signing failed'); sinon.assert.calledOnce(recoverConsolidationsStub); sinon.assert.calledOnce(recoveryMultisigStub); diff --git a/src/__tests__/api/master/recoveryWallet.test.ts b/src/__tests__/api/master/recoveryWallet.test.ts index 99d3283..8329cb3 100644 --- a/src/__tests__/api/master/recoveryWallet.test.ts +++ b/src/__tests__/api/master/recoveryWallet.test.ts @@ -1,21 +1,21 @@ import 'should'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import sinon from 'sinon'; import * as middleware from '../../../shared/middleware'; import * as masterMiddleware from '../../../api/master/middleware/middleware'; import { BitGoRequest } from '../../../types/request'; import { BitGoAPI } from '@bitgo-beta/sdk-api'; -import { EnclavedExpressClient } from '../../../api/master/clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from '../../../api/master/clients/advancedWalletManagerClient'; import { CoinFamily } from '@bitgo-beta/statics'; describe('Recovery Tests', () => { let agent: request.SuperAgentTest; let mockBitgo: BitGoAPI; let coinStub: sinon.SinonStub; - const enclavedExpressUrl = 'http://enclaved.invalid'; + const advancedWalletManagerUrl = 'http://advancedwalletmanager.invalid'; const accessToken = 'test-token'; const config: MasterExpressConfig = { appMode: AppMode.MASTER_EXPRESS, @@ -26,8 +26,8 @@ describe('Recovery Tests', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'dummy-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'dummy-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, recoveryMode: true, @@ -128,21 +128,23 @@ describe('Recovery Tests', () => { // Setup coin middleware sinon.stub(masterMiddleware, 'validateMasterExpressConfig').callsFake((req, res, next) => { (req as BitGoRequest).params = { coin }; - (req as BitGoRequest).enclavedExpressClient = - new EnclavedExpressClient(config, coin); + (req as BitGoRequest).awmClient = new AdvancedWalletManagerClient( + config, + coin, + ); next(); return undefined; }); }); - it('should recover a UTXO wallet by calling the enclaved express service', async () => { + it('should recover a UTXO wallet by calling the advanced wallet manager service', async () => { const userPub = 'xpub_user'; const backupPub = 'xpub_backup'; const bitgoPub = 'xpub_bitgo'; const recoveryDestination = 'tb1qprdy6jwxrrr2qrwgd2tzl8z99hqp29jn6f3sguxulqm448myj6jsy2nwsu'; - // Mock the enclaved express recovery call - const recoveryNock = nock(enclavedExpressUrl) + // Mock the advanced wallet manager recovery call + const recoveryNock = nock(advancedWalletManagerUrl) .post(`/api/${coin}/multisig/recovery`, { userPub, backupPub, @@ -198,7 +200,7 @@ describe('Recovery Tests', () => { }) .should.be.true(); - // Verify enclaved express call + // Verify advanced wallet manager call recoveryNock.done(); }); @@ -323,8 +325,10 @@ describe('Recovery Tests', () => { // Setup coin middleware for ETH coin sinon.stub(masterMiddleware, 'validateMasterExpressConfig').callsFake((req, res, next) => { (req as BitGoRequest).params = { coin: ethCoinId }; - (req as BitGoRequest).enclavedExpressClient = - new EnclavedExpressClient(config, ethCoinId); + (req as BitGoRequest).awmClient = new AdvancedWalletManagerClient( + config, + ethCoinId, + ); next(); return undefined; }); @@ -421,8 +425,10 @@ describe('Recovery Tests', () => { // Setup coin middleware for Solana coin sinon.stub(masterMiddleware, 'validateMasterExpressConfig').callsFake((req, res, next) => { (req as BitGoRequest).params = { coin: solCoinId }; - (req as BitGoRequest).enclavedExpressClient = - new EnclavedExpressClient(config, solCoinId); + (req as BitGoRequest).awmClient = new AdvancedWalletManagerClient( + config, + solCoinId, + ); next(); return undefined; }); diff --git a/src/__tests__/api/master/recoveryWalletMpcV2.test.ts b/src/__tests__/api/master/recoveryWalletMpcV2.test.ts index a01dbf7..d468670 100644 --- a/src/__tests__/api/master/recoveryWalletMpcV2.test.ts +++ b/src/__tests__/api/master/recoveryWalletMpcV2.test.ts @@ -1,7 +1,7 @@ import 'should'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import sinon from 'sinon'; import * as middleware from '../../../shared/middleware'; @@ -10,7 +10,7 @@ import { BitGoAPI } from '@bitgo-beta/sdk-api'; describe('MBE mpcv2 recovery', () => { let agent: request.SuperAgentTest; - const enclavedExpressUrl = 'http://enclaved.invalid'; + const advancedWalletManagerUrl = 'http://advancedwalletmanager.invalid'; const ethLikeCoin = 'hteth'; const cosmosLikeCoin = 'tsei'; const accessToken = 'test-token'; @@ -33,8 +33,8 @@ describe('MBE mpcv2 recovery', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'dummy-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'dummy-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, recoveryMode: true, @@ -55,7 +55,7 @@ describe('MBE mpcv2 recovery', () => { nock.cleanAll(); }); - it('should recover a HETH (an eth-like) wallet by calling the enclaved express service', async () => { + it('should recover a HETH (an eth-like) wallet by calling the advanced wallet manager service', async () => { const etherscanTxlistNock = nock('https://api.etherscan.io') .get( `/v2/api?chainid=17000&module=account&action=txlist&address=0x43442e403d64d29c4f64065d0c1a0e8edc03d6c8&apikey=etherscan-api-key`, @@ -78,7 +78,7 @@ describe('MBE mpcv2 recovery', () => { result: '100000000000000000', // 1 ETH in wei }); - const enclavedExpressNock = nock(enclavedExpressUrl) + const awmNock = nock(advancedWalletManagerUrl) .post(`/api/${ethLikeCoin}/mpcv2/recovery`) .reply(200, { txHex: @@ -115,10 +115,10 @@ describe('MBE mpcv2 recovery', () => { etherscanTxlistNock.isDone().should.be.true(); etherscanBalanceNock.isDone().should.be.true(); - enclavedExpressNock.isDone().should.be.true(); + awmNock.isDone().should.be.true(); }); - it('should recover a SEI (a cosmos-like) wallet by calling the enclaved express service', async () => { + it('should recover a SEI (a cosmos-like) wallet by calling the advanced wallet manager service', async () => { const seiChainIdNock = nock('https://rest.atlantic-2.seinetwork.io') .get(`/cosmos/base/tendermint/v1beta1/blocks/latest`) .matchHeader('any', () => true) @@ -147,7 +147,7 @@ describe('MBE mpcv2 recovery', () => { balances: [{ denom: 'usei', amount: '4980000' }], }); - const enclavedExpressNock = nock(enclavedExpressUrl) + const awmNock = nock(advancedWalletManagerUrl) .post(`/api/${cosmosLikeCoin}/mpcv2/recovery`) .reply(200, { txHex: @@ -183,7 +183,7 @@ describe('MBE mpcv2 recovery', () => { seiChainIdNock.isDone().should.be.true(); seiAccountDetailsNock.isDone().should.be.true(); seiBalanceNock.isDone().should.be.true(); - enclavedExpressNock.isDone().should.be.true(); + awmNock.isDone().should.be.true(); }); it('should throw 422 Unprocessable Entity for missing coin specific params', async () => { diff --git a/src/__tests__/api/master/sendMany.test.ts b/src/__tests__/api/master/sendMany.test.ts index bcd49f1..e6df459 100644 --- a/src/__tests__/api/master/sendMany.test.ts +++ b/src/__tests__/api/master/sendMany.test.ts @@ -3,7 +3,7 @@ import sinon from 'sinon'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import { ApiResponseError, Environments, Wallet } from '@bitgo-beta/sdk-core'; import { Tbtc } from '@bitgo-beta/sdk-coin-btc'; @@ -11,7 +11,7 @@ import assert from 'assert'; describe('POST /api/:coin/wallet/:walletId/sendmany', () => { let agent: request.SuperAgentTest; - const enclavedExpressUrl = 'http://enclaved.invalid'; + const advancedWalletManagerUrl = 'http://advancedwalletmanager.invalid'; const bitgoApiUrl = Environments.test.uri; const accessToken = 'test-token'; const walletId = 'test-wallet-id'; @@ -30,8 +30,8 @@ describe('POST /api/:coin/wallet/:walletId/sendmany', () => { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'dummy-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'dummy-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, }; @@ -47,7 +47,7 @@ describe('POST /api/:coin/wallet/:walletId/sendmany', () => { describe('SendMany Multisig:', () => { const coin = 'tbtc'; - it('should send many transactions by calling the enclaved express service', async () => { + it('should send many transactions by calling the advanced wallet manager service', async () => { // Mock wallet get request const walletGetNock = nock(bitgoApiUrl) .get(`/api/v2/${coin}/wallet/${walletId}`) @@ -81,8 +81,8 @@ describe('POST /api/:coin/wallet/:walletId/sendmany', () => { const verifyStub = sinon.stub(Tbtc.prototype, 'verifyTransaction').resolves(true); - // Mock enclaved express sign request - const signNock = nock(enclavedExpressUrl) + // Mock advanced wallet manager sign request + const signNock = nock(advancedWalletManagerUrl) .post(`/api/${coin}/multisig/sign`) .reply(200, { halfSigned: { @@ -170,8 +170,8 @@ describe('POST /api/:coin/wallet/:walletId/sendmany', () => { const verifyStub = sinon.stub(Tbtc.prototype, 'verifyTransaction').resolves(true); - // Mock enclaved express sign request - const signNock = nock(enclavedExpressUrl) + // Mock advanced wallet manager sign request + const signNock = nock(advancedWalletManagerUrl) .post(`/api/${coin}/multisig/sign`) .reply(200, { halfSigned: { @@ -572,8 +572,8 @@ describe('POST /api/:coin/wallet/:walletId/sendmany', () => { keychainGetNock.done(); }); - it('should fail when enclaved express client is not configured', async () => { - // Create a config without enclaved express settings + it('should fail when advanced wallet manager client is not configured', async () => { + // Create a config without advanced wallet manager settings const invalidConfig: Partial = { appMode: AppMode.MASTER_EXPRESS, port: 0, @@ -589,10 +589,13 @@ describe('POST /api/:coin/wallet/:walletId/sendmany', () => { try { expressApp(invalidConfig as MasterExpressConfig); - assert(false, 'Expected error to be thrown when enclaved express client is not configured'); + assert( + false, + 'Expected error to be thrown when advanced wallet manager client is not configured', + ); } catch (error) { (error as Error).message.should.equal( - 'enclavedExpressUrl and enclavedExpressCert are required', + 'advancedWalletManagerUrl and advancedWalletManagerCert are required', ); } }); @@ -744,8 +747,8 @@ describe('POST /api/:coin/wallet/:walletId/sendmany', () => { const verifyStub = sinon.stub(Tbtc.prototype, 'verifyTransaction').resolves(true); - // Mock enclaved express sign request to return an error - const signNock = nock(enclavedExpressUrl) + // Mock advanced wallet manager sign request to return an error + const signNock = nock(advancedWalletManagerUrl) .post(`/api/${coin}/multisig/sign`) .replyWithError( new ApiResponseError('Custom API error', 500, { @@ -768,7 +771,7 @@ describe('POST /api/:coin/wallet/:walletId/sendmany', () => { pubkey: 'xpub_user', }); - // The response should be a 500 error with the enclaved error details + // The response should be a 500 error with the error details response.status.should.equal(500); response.body.should.have.property('error'); response.body.should.have.property('details'); diff --git a/src/__tests__/api/master/signAndSendTxRequest.test.ts b/src/__tests__/api/master/signAndSendTxRequest.test.ts index b8a9e6b..00dbb7a 100644 --- a/src/__tests__/api/master/signAndSendTxRequest.test.ts +++ b/src/__tests__/api/master/signAndSendTxRequest.test.ts @@ -2,7 +2,7 @@ import 'should'; import sinon from 'sinon'; import * as request from 'supertest'; import nock from 'nock'; -import { app as expressApp } from '../../../masterExpressApp'; +import { app as expressApp } from '../../../masterBitGoExpressApp'; import { AppMode, MasterExpressConfig, TlsMode } from '../../../shared/types'; import { BitGoBase, @@ -25,7 +25,7 @@ describe('POST /api/:coin/wallet/:walletId/txrequest/:txRequestId/signAndSend', let bitgo: BitGoBase; let baseCoin: IBaseCoin; let wallet: Wallet; - const enclavedExpressUrl = 'http://enclaved.invalid'; + const advancedWalletManagerUrl = 'http://advancedwalletmanager.invalid'; const bitgoApiUrl = Environments.test.uri; const accessToken = 'test-token'; const walletId = 'test-wallet-id'; @@ -53,8 +53,8 @@ describe('POST /api/:coin/wallet/:walletId/txrequest/:txRequestId/signAndSend', env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: enclavedExpressUrl, - enclavedExpressCert: 'dummy-cert', + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: 'dummy-cert', tlsMode: TlsMode.DISABLED, allowSelfSigned: true, }; diff --git a/src/__tests__/config.test.ts b/src/__tests__/config.test.ts index 69f2e2a..48278de 100644 --- a/src/__tests__/config.test.ts +++ b/src/__tests__/config.test.ts @@ -1,5 +1,10 @@ import 'should'; -import { initConfig, isEnclavedConfig, isMasterExpressConfig, TlsMode } from '../initConfig'; +import { + initConfig, + isAdvancedWalletManagerConfig, + isMasterExpressConfig, + TlsMode, +} from '../initConfig'; import path from 'path'; describe('Configuration', () => { @@ -13,14 +18,14 @@ describe('Configuration', () => { delete process.env.APP_MODE; delete process.env.BITGO_APP_MODE; delete process.env.KMS_URL; - delete process.env.ENCLAVED_EXPRESS_URL; - delete process.env.ENCLAVED_EXPRESS_CERT; + delete process.env.ADVANCED_WALLET_MANAGER_URL; + delete process.env.ADVANCED_WALLET_MANAGER_CERT; delete process.env.TLS_MODE; delete process.env.TLS_KEY; delete process.env.TLS_CERT; delete process.env.MTLS_ALLOWED_CLIENT_FINGERPRINTS; delete process.env.ALLOW_SELF_SIGNED; - delete process.env.ENCLAVED_EXPRESS_PORT; + delete process.env.ADVANCED_WALLET_MANAGER_PORT; delete process.env.MASTER_EXPRESS_PORT; delete process.env.BIND; delete process.env.IPC; @@ -42,20 +47,20 @@ describe('Configuration', () => { it('should throw error when APP_MODE is not set', () => { (() => initConfig()).should.throw( - 'APP_MODE environment variable is required. Set APP_MODE to either "enclaved" or "master-express"', + 'APP_MODE environment variable is required. Set APP_MODE to either "advanced-wallet-manager" or "master-express"', ); }); it('should throw error when APP_MODE is invalid', () => { process.env.APP_MODE = 'invalid'; (() => initConfig()).should.throw( - 'Invalid APP_MODE: invalid. Must be either "enclaved" or "master-express"', + 'Invalid APP_MODE: invalid. Must be either "advanced-wallet-manager" or "master-express"', ); }); - describe('Enclaved Mode', () => { + describe('Advanced Wallet Manager Mode', () => { beforeEach(() => { - process.env.APP_MODE = 'enclaved'; + process.env.APP_MODE = 'advanced-wallet-manager'; }); it('should use default configuration when minimal environment variables are set', () => { @@ -64,8 +69,8 @@ describe('Configuration', () => { process.env.TLS_CERT = mockTlsCert; process.env.KMS_TLS_CERT_PATH = path.resolve(__dirname, 'mocks/certs/test-ssl-cert.pem'); const cfg = initConfig(); - isEnclavedConfig(cfg).should.be.true(); - if (isEnclavedConfig(cfg)) { + isAdvancedWalletManagerConfig(cfg).should.be.true(); + if (isAdvancedWalletManagerConfig(cfg)) { cfg.port.should.equal(3080); cfg.bind.should.equal('localhost'); cfg.tlsMode.should.equal(TlsMode.MTLS); @@ -77,14 +82,14 @@ describe('Configuration', () => { }); it('should read port from environment variable', () => { - process.env.ENCLAVED_EXPRESS_PORT = '4000'; + process.env.ADVANCED_WALLET_MANAGER_PORT = '4000'; process.env.KMS_URL = 'http://localhost:3000'; process.env.TLS_KEY = mockTlsKey; process.env.TLS_CERT = mockTlsCert; process.env.KMS_TLS_CERT_PATH = path.resolve(__dirname, 'mocks/certs/test-ssl-cert.pem'); const cfg = initConfig(); - isEnclavedConfig(cfg).should.be.true(); - if (isEnclavedConfig(cfg)) { + isAdvancedWalletManagerConfig(cfg).should.be.true(); + if (isAdvancedWalletManagerConfig(cfg)) { cfg.port.should.equal(4000); cfg.kmsUrl.should.equal('http://localhost:3000'); cfg.tlsKey!.should.equal(mockTlsKey); @@ -111,8 +116,8 @@ describe('Configuration', () => { // Test with TLS disabled process.env.TLS_MODE = 'disabled'; let cfg = initConfig(); - isEnclavedConfig(cfg).should.be.true(); - if (isEnclavedConfig(cfg)) { + isAdvancedWalletManagerConfig(cfg).should.be.true(); + if (isAdvancedWalletManagerConfig(cfg)) { cfg.tlsMode.should.equal(TlsMode.DISABLED); cfg.kmsUrl.should.equal('http://localhost:3000'); } @@ -120,8 +125,8 @@ describe('Configuration', () => { // Test with mTLS explicitly enabled process.env.TLS_MODE = 'mtls'; cfg = initConfig(); - isEnclavedConfig(cfg).should.be.true(); - if (isEnclavedConfig(cfg)) { + isAdvancedWalletManagerConfig(cfg).should.be.true(); + if (isAdvancedWalletManagerConfig(cfg)) { cfg.tlsMode.should.equal(TlsMode.MTLS); cfg.kmsUrl.should.equal('http://localhost:3000'); cfg.tlsKey!.should.equal(mockTlsKey); @@ -137,8 +142,8 @@ describe('Configuration', () => { // Test with no TLS mode (should default to MTLS) delete process.env.TLS_MODE; cfg = initConfig(); - isEnclavedConfig(cfg).should.be.true(); - if (isEnclavedConfig(cfg)) { + isAdvancedWalletManagerConfig(cfg).should.be.true(); + if (isAdvancedWalletManagerConfig(cfg)) { cfg.tlsMode.should.equal(TlsMode.MTLS); cfg.kmsUrl.should.equal('http://localhost:3000'); cfg.tlsKey!.should.equal(mockTlsKey); @@ -154,8 +159,8 @@ describe('Configuration', () => { process.env.KMS_TLS_CERT_PATH = path.resolve(__dirname, 'mocks/certs/test-ssl-cert.pem'); const cfg = initConfig(); - isEnclavedConfig(cfg).should.be.true(); - if (isEnclavedConfig(cfg)) { + isAdvancedWalletManagerConfig(cfg).should.be.true(); + if (isAdvancedWalletManagerConfig(cfg)) { cfg.mtlsAllowedClientFingerprints!.should.deepEqual(['ABC123', 'DEF456']); cfg.kmsUrl.should.equal('http://localhost:3000'); cfg.tlsKey!.should.equal(mockTlsKey); @@ -185,8 +190,8 @@ describe('Configuration', () => { delete process.env.TLS_CERT; delete process.env.KMS_TLS_CERT_PATH; const cfg = initConfig(); - isEnclavedConfig(cfg).should.be.true(); - if (isEnclavedConfig(cfg)) { + isAdvancedWalletManagerConfig(cfg).should.be.true(); + if (isAdvancedWalletManagerConfig(cfg)) { cfg.tlsMode.should.equal(TlsMode.DISABLED); cfg.kmsUrl.should.equal('http://localhost:3000'); } @@ -200,15 +205,15 @@ describe('Configuration', () => { (() => initConfig()).should.throw(); }); - it('should read HTTP_LOGFILE into httpLoggerFile in Enclaved mode', () => { + it('should read HTTP_LOGFILE into httpLoggerFile in Advanced wallet manager mode', () => { process.env.KMS_URL = 'http://localhost:3000'; process.env.TLS_KEY = mockTlsKey; process.env.TLS_CERT = mockTlsCert; process.env.HTTP_LOGFILE = '/tmp/test-http-access.log'; process.env.KMS_TLS_CERT_PATH = path.resolve(__dirname, 'mocks/certs/test-ssl-cert.pem'); const cfg = initConfig(); - isEnclavedConfig(cfg).should.be.true(); - if (isEnclavedConfig(cfg)) { + isAdvancedWalletManagerConfig(cfg).should.be.true(); + if (isAdvancedWalletManagerConfig(cfg)) { cfg.httpLoggerFile.should.equal('/tmp/test-http-access.log'); } }); @@ -224,10 +229,10 @@ describe('Configuration', () => { describe('Master Express Mode', () => { beforeEach(() => { process.env.APP_MODE = 'master-express'; - process.env.ENCLAVED_EXPRESS_URL = 'http://localhost:3080'; - process.env.ENCLAVED_EXPRESS_CERT = path.resolve( + process.env.ADVANCED_WALLET_MANAGER_URL = 'http://localhost:3080'; + process.env.ADVANCED_WALLET_MANAGER_CERT = path.resolve( __dirname, - 'mocks/certs/enclaved-express-cert.pem', + 'mocks/certs/advanced-wallet-manager-cert.pem', ); process.env.TLS_CERT_PATH = path.resolve(__dirname, 'mocks/certs/test-ssl-cert.pem'); process.env.TLS_KEY_PATH = path.resolve(__dirname, 'mocks/certs/test-ssl-key.pem'); @@ -241,7 +246,7 @@ describe('Configuration', () => { cfg.bind.should.equal('localhost'); cfg.tlsMode.should.equal(TlsMode.MTLS); cfg.timeout.should.equal(305 * 1000); - cfg.enclavedExpressUrl.should.equal('https://localhost:3080'); + cfg.advancedWalletManagerUrl.should.equal('https://localhost:3080'); cfg.env.should.equal('test'); } }); @@ -252,7 +257,7 @@ describe('Configuration', () => { isMasterExpressConfig(cfg).should.be.true(); if (isMasterExpressConfig(cfg)) { cfg.port.should.equal(4001); - cfg.enclavedExpressUrl.should.equal('https://localhost:3080'); + cfg.advancedWalletManagerUrl.should.equal('https://localhost:3080'); } }); @@ -277,7 +282,7 @@ describe('Configuration', () => { it('should handle TLS mode disabled configuration', () => { // Test with TLS disabled process.env.TLS_MODE = 'disabled'; - delete process.env.ENCLAVED_EXPRESS_CERT; + delete process.env.ADVANCED_WALLET_MANAGER_CERT; delete process.env.TLS_KEY_PATH; delete process.env.TLS_CERT_PATH; delete process.env.TLS_KEY; @@ -287,76 +292,76 @@ describe('Configuration', () => { isMasterExpressConfig(cfg).should.be.true(); if (isMasterExpressConfig(cfg)) { cfg.tlsMode.should.equal(TlsMode.DISABLED); - cfg.enclavedExpressUrl.should.equal('http://localhost:3080'); + cfg.advancedWalletManagerUrl.should.equal('http://localhost:3080'); } }); - it('should throw error when ENCLAVED_EXPRESS_URL is not set', () => { - delete process.env.ENCLAVED_EXPRESS_URL; + it('should throw error when ADVANCED_WALLET_MANAGER_URL is not set', () => { + delete process.env.ADVANCED_WALLET_MANAGER_URL; (() => initConfig()).should.throw( - 'ENCLAVED_EXPRESS_URL environment variable is required and cannot be empty', + 'ADVANCED_WALLET_MANAGER_URL environment variable is required and cannot be empty', ); }); - it('should throw error when ENCLAVED_EXPRESS_URL is empty', () => { - process.env.ENCLAVED_EXPRESS_URL = ''; + it('should throw error when ADVANCED_WALLET_MANAGER_URL is empty', () => { + process.env.ADVANCED_WALLET_MANAGER_URL = ''; (() => initConfig()).should.throw( - 'ENCLAVED_EXPRESS_URL environment variable is required and cannot be empty', + 'ADVANCED_WALLET_MANAGER_URL environment variable is required and cannot be empty', ); }); - it('should throw error when ENCLAVED_EXPRESS_CERT is not set for MTLS mode', () => { + it('should throw error when ADVANCED_WALLET_MANAGER_CERT is not set for MTLS mode', () => { process.env.TLS_MODE = 'mtls'; - delete process.env.ENCLAVED_EXPRESS_CERT; + delete process.env.ADVANCED_WALLET_MANAGER_CERT; (() => initConfig()).should.throw( - 'ENCLAVED_EXPRESS_CERT environment variable is required for MTLS mode.', + 'ADVANCED_WALLET_MANAGER_CERT environment variable is required for MTLS mode.', ); }); - it('should succeed when ENCLAVED_EXPRESS_CERT is not set for disabled TLS mode', () => { - process.env.ENCLAVED_EXPRESS_URL = 'http://localhost:3080'; + it('should succeed when ADVANCED_WALLET_MANAGER_CERT is not set for disabled TLS mode', () => { + process.env.ADVANCED_WALLET_MANAGER_URL = 'http://localhost:3080'; process.env.TLS_MODE = 'disabled'; - delete process.env.ENCLAVED_EXPRESS_CERT; + delete process.env.ADVANCED_WALLET_MANAGER_CERT; const cfg = initConfig(); isMasterExpressConfig(cfg).should.be.true(); if (isMasterExpressConfig(cfg)) { cfg.tlsMode.should.equal(TlsMode.DISABLED); - cfg.enclavedExpressUrl.should.equal('http://localhost:3080'); - cfg.enclavedExpressCert!.should.equal(''); + cfg.advancedWalletManagerUrl.should.equal('http://localhost:3080'); + cfg.advancedWalletManagerCert!.should.equal(''); } }); - it('should throw error when ENCLAVED_EXPRESS_CERT is not set for default MTLS mode', () => { - delete process.env.ENCLAVED_EXPRESS_CERT; + it('should throw error when ADVANCED_WALLET_MANAGER_CERT is not set for default MTLS mode', () => { + delete process.env.ADVANCED_WALLET_MANAGER_CERT; (() => initConfig()).should.throw( - 'ENCLAVED_EXPRESS_CERT environment variable is required for MTLS mode.', + 'ADVANCED_WALLET_MANAGER_CERT environment variable is required for MTLS mode.', ); }); it('should handle URL protocol conversion correctly', () => { // Test with URL that already has protocol - process.env.ENCLAVED_EXPRESS_URL = 'https://enclaved.example.com:3080'; + process.env.ADVANCED_WALLET_MANAGER_URL = 'https://akm.example.com:3080'; let cfg = initConfig(); isMasterExpressConfig(cfg).should.be.true(); if (isMasterExpressConfig(cfg)) { - cfg.enclavedExpressUrl.should.equal('https://enclaved.example.com:3080'); + cfg.advancedWalletManagerUrl.should.equal('https://akm.example.com:3080'); } // Test with URL without protocol (should add https for MTLS) - process.env.ENCLAVED_EXPRESS_URL = 'enclaved.example.com:3080'; + process.env.ADVANCED_WALLET_MANAGER_URL = 'akm.example.com:3080'; cfg = initConfig(); isMasterExpressConfig(cfg).should.be.true(); if (isMasterExpressConfig(cfg)) { - cfg.enclavedExpressUrl.should.equal('https://enclaved.example.com:3080'); + cfg.advancedWalletManagerUrl.should.equal('https://akm.example.com:3080'); } // Test with URL without protocol and disabled TLS (should add http) - process.env.ENCLAVED_EXPRESS_URL = 'enclaved.example.com:3080'; + process.env.ADVANCED_WALLET_MANAGER_URL = 'akm.example.com:3080'; process.env.TLS_MODE = 'disabled'; cfg = initConfig(); isMasterExpressConfig(cfg).should.be.true(); if (isMasterExpressConfig(cfg)) { - cfg.enclavedExpressUrl.should.equal('http://enclaved.example.com:3080'); + cfg.advancedWalletManagerUrl.should.equal('http://akm.example.com:3080'); } }); diff --git a/src/__tests__/mocks/certs/enclaved-express-cert.pem b/src/__tests__/mocks/certs/advanced-wallet-manager-cert.pem similarity index 100% rename from src/__tests__/mocks/certs/enclaved-express-cert.pem rename to src/__tests__/mocks/certs/advanced-wallet-manager-cert.pem diff --git a/src/__tests__/routes.test.ts b/src/__tests__/routes.test.ts index 41dd6e1..c9f5f94 100644 --- a/src/__tests__/routes.test.ts +++ b/src/__tests__/routes.test.ts @@ -3,7 +3,7 @@ import 'should'; import request from 'supertest'; import express from 'express'; import { AppMode, TlsMode } from '../shared/types'; -import { setupRoutes } from '../routes/enclaved'; +import { setupRoutes } from '../routes/advancedWalletManager'; describe('Routes', () => { let app: express.Application; @@ -11,7 +11,7 @@ describe('Routes', () => { beforeEach(() => { app = express(); setupRoutes(app, { - appMode: AppMode.ENCLAVED, + appMode: AppMode.ADVANCED_WALLET_MANAGER, httpLoggerFile: '', allowSelfSigned: true, tlsMode: TlsMode.DISABLED, @@ -26,7 +26,7 @@ describe('Routes', () => { it('should return 200 and status message for /ping', async () => { const response = await request(app).post('/ping'); response.status.should.equal(200); - response.body.should.have.property('status', 'enclaved express server is ok!'); + response.body.should.have.property('status', 'advanced wallet manager server is ok!'); response.body.should.have.property('timestamp'); }); @@ -34,7 +34,7 @@ describe('Routes', () => { const response = await request(app).get('/version'); response.status.should.equal(200); response.body.should.have.property('version'); - response.body.should.have.property('name', '@bitgo/enclaved-bitgo-express'); + response.body.should.have.property('name', '@bitgo/advanced-wallets'); }); }); @@ -44,7 +44,7 @@ describe('Routes', () => { response.status.should.equal(404); response.body.should.have.property( 'error', - 'Route not found or not supported in enclaved mode', + 'Route not found or not supported in advanced wallet manager mode', ); }); }); diff --git a/src/enclavedBitgoExpress/routers/enclavedApiSpec.ts b/src/advancedWalletManager/routers/advancedWalletManagerApiSpec.ts similarity index 81% rename from src/enclavedBitgoExpress/routers/enclavedApiSpec.ts rename to src/advancedWalletManager/routers/advancedWalletManagerApiSpec.ts index 55d2f43..fd840c3 100644 --- a/src/enclavedBitgoExpress/routers/enclavedApiSpec.ts +++ b/src/advancedWalletManager/routers/advancedWalletManagerApiSpec.ts @@ -24,20 +24,20 @@ import { UnprocessableEntityResponse, } from '../../shared/errors'; -import { postIndependentKey } from '../../api/enclaved/handlers/postIndependentKey'; -import { recoveryMultisigTransaction } from '../../api/enclaved/handlers/recoveryMultisigTransaction'; -import { signMultisigTransaction } from '../../api/enclaved/handlers/signMultisigTransaction'; -import { signMpcTransaction } from '../../api/enclaved/handlers/signMpcTransaction'; +import { postIndependentKey } from '../../api/advancedWalletManager/handlers/postIndependentKey'; +import { recoveryMultisigTransaction } from '../../api/advancedWalletManager/handlers/recoveryMultisigTransaction'; +import { signMultisigTransaction } from '../../api/advancedWalletManager/handlers/signMultisigTransaction'; +import { signMpcTransaction } from '../../api/advancedWalletManager/handlers/signMpcTransaction'; import { prepareBitGo, responseHandler } from '../../shared/middleware'; -import { EnclavedConfig } from '../../shared/types'; +import { AdvancedWalletManagerConfig as AdvancedWalletManagerConfig } from '../../shared/types'; import { BitGoRequest } from '../../types/request'; -import { eddsaInitialize } from '../../api/enclaved/mpcInitialize'; -import { eddsaFinalize } from '../../api/enclaved/mpcFinalize'; -import { ecdsaMPCv2Initialize } from '../../api/enclaved/handlers/ecdsaMPCv2Initialize'; -import { ecdsaMPCv2Round } from '../../api/enclaved/handlers/ecdsaMPCv2Round'; -import { ecdsaMPCv2Finalize } from '../../api/enclaved/handlers/ecdsaMPCv2Finalize'; -import { ecdsaMPCv2Recovery } from '../../api/enclaved/handlers/ecdsaMPCv2Recovery'; -import { signEddsaRecoveryTransaction } from '../../api/enclaved/handlers/signEddsaRecoveryTransaction'; +import { eddsaInitialize } from '../../api/advancedWalletManager/mpcInitialize'; +import { eddsaFinalize } from '../../api/advancedWalletManager/mpcFinalize'; +import { ecdsaMPCv2Initialize } from '../../api/advancedWalletManager/handlers/ecdsaMPCv2Initialize'; +import { ecdsaMPCv2Round } from '../../api/advancedWalletManager/handlers/ecdsaMPCv2Round'; +import { ecdsaMPCv2Finalize } from '../../api/advancedWalletManager/handlers/ecdsaMPCv2Finalize'; +import { ecdsaMPCv2Recovery } from '../../api/advancedWalletManager/handlers/ecdsaMPCv2Recovery'; +import { signEddsaRecoveryTransaction } from '../../api/advancedWalletManager/handlers/signEddsaRecoveryTransaction'; import { isEddsaCoin } from '../../shared/coinUtils'; import { MethodNotImplementedError } from '@bitgo-beta/sdk-core'; import coinFactory from '../../shared/coinFactory'; @@ -306,7 +306,7 @@ const MpcV2RecoveryResponseType = t.type(MpcV2RecoveryResponse); export type MpcV2RecoveryResponseType = t.TypeOf; // API Specification -export const EnclavedAPiSpec = apiSpec({ +export const AdvancedWalletManagerApiSpec = apiSpec({ 'v1.multisig.sign': { post: httpRoute({ method: 'POST', @@ -494,29 +494,32 @@ export const EnclavedAPiSpec = apiSpec({ }, }); -export type EnclavedApiSpecRouteHandler< - ApiName extends keyof typeof EnclavedAPiSpec, - Method extends keyof (typeof EnclavedAPiSpec)[ApiName] & HttpMethod, -> = TypedRequestHandler; +export type AkmApiSpecRouteHandler< + ApiName extends keyof typeof AdvancedWalletManagerApiSpec, + Method extends keyof (typeof AdvancedWalletManagerApiSpec)[ApiName] & HttpMethod, +> = TypedRequestHandler; -export type EnclavedApiSpecRouteRequest< - ApiName extends keyof typeof EnclavedAPiSpec, - Method extends keyof (typeof EnclavedAPiSpec)[ApiName] & HttpMethod, -> = BitGoRequest & Parameters>[0]; +export type AwmApiSpecRouteRequest< + ApiName extends keyof typeof AdvancedWalletManagerApiSpec, + Method extends keyof (typeof AdvancedWalletManagerApiSpec)[ApiName] & HttpMethod, +> = BitGoRequest & + Parameters>[0]; -export type GenericEnclavedApiSpecRouteRequest = EnclavedApiSpecRouteRequest; +export type GenericAwmApiSpecRouteRequest = AwmApiSpecRouteRequest; // Create router with handlers -export function createKeyGenRouter(config: EnclavedConfig): WrappedRouter { - const router = createRouter(EnclavedAPiSpec); +export function createKeyGenRouter( + config: AdvancedWalletManagerConfig, +): WrappedRouter { + const router = createRouter(AdvancedWalletManagerApiSpec); // Add middleware router.use(express.json()); router.use(prepareBitGo(config)); // Independent key generation endpoint handler router.post('v1.key.independent', [ - responseHandler(async (req) => { - const typedReq = req as EnclavedApiSpecRouteRequest<'v1.key.independent', 'post'>; + responseHandler(async (req) => { + const typedReq = req as AwmApiSpecRouteRequest<'v1.key.independent', 'post'>; const result = await postIndependentKey(typedReq); return Response.ok(result); }), @@ -524,32 +527,32 @@ export function createKeyGenRouter(config: EnclavedConfig): WrappedRouter(async (req) => { - const typedReq = req as EnclavedApiSpecRouteRequest<'v1.multisig.sign', 'post'>; + responseHandler(async (req) => { + const typedReq = req as AwmApiSpecRouteRequest<'v1.multisig.sign', 'post'>; const result = await signMultisigTransaction(typedReq); return Response.ok(result); }), ]); router.post('v1.multisig.recovery', [ - responseHandler(async (req) => { - const typedReq = req as EnclavedApiSpecRouteRequest<'v1.multisig.recovery', 'post'>; + responseHandler(async (req) => { + const typedReq = req as AwmApiSpecRouteRequest<'v1.multisig.recovery', 'post'>; const result = await recoveryMultisigTransaction(typedReq); return Response.ok(result); }), ]); router.post('v1.mpc.sign', [ - responseHandler(async (req) => { - const typedReq = req as EnclavedApiSpecRouteRequest<'v1.mpc.sign', 'post'>; + responseHandler(async (req) => { + const typedReq = req as AwmApiSpecRouteRequest<'v1.mpc.sign', 'post'>; const result = await signMpcTransaction(typedReq); return Response.ok(result); }), ]); router.post('v1.mpc.recovery', [ - responseHandler(async (req) => { - const typedReq = req as EnclavedApiSpecRouteRequest<'v1.mpc.recovery', 'post'>; + responseHandler(async (req) => { + const typedReq = req as AwmApiSpecRouteRequest<'v1.mpc.recovery', 'post'>; const coin = await coinFactory.getCoin(typedReq.decoded.coin, typedReq.bitgo); if (isEddsaCoin(coin)) { const result = await signEddsaRecoveryTransaction({ @@ -570,9 +573,9 @@ export function createKeyGenRouter(config: EnclavedConfig): WrappedRouter(async (_req) => { + responseHandler(async (_req) => { try { - const typedReq = _req as EnclavedApiSpecRouteRequest<'v1.mpc.key.initialize', 'post'>; + const typedReq = _req as AwmApiSpecRouteRequest<'v1.mpc.key.initialize', 'post'>; const response = await eddsaInitialize(typedReq); return Response.ok(response); } catch (error) { @@ -586,9 +589,9 @@ export function createKeyGenRouter(config: EnclavedConfig): WrappedRouter(async (_req) => { + responseHandler(async (_req) => { try { - const typedReq = _req as EnclavedApiSpecRouteRequest<'v1.mpc.key.finalize', 'post'>; + const typedReq = _req as AwmApiSpecRouteRequest<'v1.mpc.key.finalize', 'post'>; const response = await eddsaFinalize(typedReq); return Response.ok(response); } catch (error) { @@ -602,32 +605,32 @@ export function createKeyGenRouter(config: EnclavedConfig): WrappedRouter(async (req) => { - const typedReq = req as EnclavedApiSpecRouteRequest<'v1.mpcv2.initialize', 'post'>; + responseHandler(async (req) => { + const typedReq = req as AwmApiSpecRouteRequest<'v1.mpcv2.initialize', 'post'>; const result = await ecdsaMPCv2Initialize(typedReq); return Response.ok(result); }), ]); router.post('v1.mpcv2.round', [ - responseHandler(async (req) => { - const typedReq = req as EnclavedApiSpecRouteRequest<'v1.mpcv2.round', 'post'>; + responseHandler(async (req) => { + const typedReq = req as AwmApiSpecRouteRequest<'v1.mpcv2.round', 'post'>; const result = await ecdsaMPCv2Round(typedReq); return Response.ok(result); }), ]); router.post('v1.mpcv2.finalize', [ - responseHandler(async (req) => { - const typedReq = req as EnclavedApiSpecRouteRequest<'v1.mpcv2.finalize', 'post'>; + responseHandler(async (req) => { + const typedReq = req as AwmApiSpecRouteRequest<'v1.mpcv2.finalize', 'post'>; const result = await ecdsaMPCv2Finalize(typedReq); return Response.ok(result); }), ]); router.post('v1.mpcv2.recovery', [ - responseHandler(async (req) => { - const typedReq = req as EnclavedApiSpecRouteRequest<'v1.mpcv2.recovery', 'post'>; + responseHandler(async (req) => { + const typedReq = req as AwmApiSpecRouteRequest<'v1.mpcv2.recovery', 'post'>; const result = await ecdsaMPCv2Recovery(typedReq); return Response.ok(result); }), diff --git a/src/enclavedBitgoExpress/routers/healthCheck.ts b/src/advancedWalletManager/routers/healthCheck.ts similarity index 96% rename from src/enclavedBitgoExpress/routers/healthCheck.ts rename to src/advancedWalletManager/routers/healthCheck.ts index a6b981d..f2a0edd 100644 --- a/src/enclavedBitgoExpress/routers/healthCheck.ts +++ b/src/advancedWalletManager/routers/healthCheck.ts @@ -43,7 +43,7 @@ export function createHealthCheckRouter(): WrappedRouter Response.ok({ - status: 'enclaved express server is ok!', + status: 'advanced wallet manager server is ok!', timestamp: new Date().toISOString(), }), ), diff --git a/src/advancedWalletManager/routers/index.ts b/src/advancedWalletManager/routers/index.ts new file mode 100644 index 0000000..a789a8d --- /dev/null +++ b/src/advancedWalletManager/routers/index.ts @@ -0,0 +1,8 @@ +import { AdvancedWalletManagerApiSpec as ApiSpec } from './advancedWalletManagerApiSpec'; +import { HealthCheckApiSpec } from './healthCheck'; + +export const AdvancedWalletManagerApiSpec = { + ...HealthCheckApiSpec, + ...ApiSpec, +}; +export type AdvancedWalletManagerApiSpec = typeof AdvancedWalletManagerApiSpec; diff --git a/src/enclavedApp.ts b/src/advancedWalletManagerApp.ts similarity index 77% rename from src/enclavedApp.ts rename to src/advancedWalletManagerApp.ts index 8040121..8bb24f4 100644 --- a/src/enclavedApp.ts +++ b/src/advancedWalletManagerApp.ts @@ -4,9 +4,13 @@ import http from 'http'; import morgan from 'morgan'; import { SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 } from 'constants'; -import { EnclavedConfig, TlsMode, isEnclavedConfig } from './shared/types'; +import { + AdvancedWalletManagerConfig, + TlsMode, + isAdvancedWalletManagerConfig, +} from './shared/types'; import { initConfig } from './initConfig'; -import { setupRoutes } from './routes/enclaved'; +import { setupRoutes } from './routes/advancedWalletManager'; import { setupLogging, setupCommonMiddleware, @@ -21,20 +25,20 @@ import logger from './logger'; /** * Create a startup function which will be run upon server initialization */ -export function startup(config: EnclavedConfig, baseUri: string): () => void { +export function startup(config: AdvancedWalletManagerConfig, baseUri: string): () => void { return () => { - logger.info('Enclaved Express server starting...'); + logger.info('Advanced Wallet Manager starting...'); logger.info(`Base URI: ${baseUri}`); logger.info(`mTLS Mode: ${config.tlsMode}`); logger.info(`Allow Self-Signed Certificates: ${config.allowSelfSigned}`); logger.info(`Port: ${config.port}`); logger.info(`Bind: ${config.bind}`); logger.info(`KMS URL: ${config.kmsUrl}`); - logger.info('Enclaved Express server started successfully'); + logger.info('Advanced Wallet Manager started successfully'); }; } -function isTLS(config: EnclavedConfig): boolean { +function isTLS(config: AdvancedWalletManagerConfig): boolean { const { keyPath, crtPath, tlsKey, tlsCert, tlsMode } = config; if (tlsMode === TlsMode.DISABLED) return false; return Boolean((keyPath && crtPath) || (tlsKey && tlsCert)); @@ -42,7 +46,7 @@ function isTLS(config: EnclavedConfig): boolean { async function createHttpsServer( app: express.Application, - config: EnclavedConfig, + config: AdvancedWalletManagerConfig, ): Promise { const { tlsKey, tlsCert, tlsMode } = config; @@ -65,7 +69,7 @@ async function createHttpsServer( } export async function createServer( - config: EnclavedConfig, + config: AdvancedWalletManagerConfig, app: express.Application, ): Promise { const server = isTLS(config) ? await createHttpsServer(app, config) : createHttpServer(app); @@ -73,7 +77,7 @@ export async function createServer( return server; } -export function createBaseUri(config: EnclavedConfig): string { +export function createBaseUri(config: AdvancedWalletManagerConfig): string { const { bind, port } = config; const tls = config.tlsMode === TlsMode.MTLS; const isStandardPort = (port === 80 && !tls) || (port === 443 && tls); @@ -83,7 +87,7 @@ export function createBaseUri(config: EnclavedConfig): string { /** * Create and configure the express application */ -export function app(cfg: EnclavedConfig): express.Application { +export function app(cfg: AdvancedWalletManagerConfig): express.Application { logger.info('App is initializing'); const app = express(); @@ -114,10 +118,10 @@ export function app(cfg: EnclavedConfig): express.Application { export async function init(): Promise { const cfg = initConfig(); - // Type-safe validation that we're in enclaved mode - if (!isEnclavedConfig(cfg)) { + // Type-safe validation that we're in advanced wallet manager mode + if (!isAdvancedWalletManagerConfig(cfg)) { throw new Error( - `This application only supports enclaved mode. Current mode: ${cfg.appMode}. Set APP_MODE=enclaved to use this application.`, + `This application only supports advanced wallet manager mode. Current mode: ${cfg.appMode}. Set APP_MODE=advanced-wallet-manager to use this application.`, ); } diff --git a/src/api/enclaved/handlers/ecdsaMPCv2Finalize.ts b/src/api/advancedWalletManager/handlers/ecdsaMPCv2Finalize.ts similarity index 93% rename from src/api/enclaved/handlers/ecdsaMPCv2Finalize.ts rename to src/api/advancedWalletManager/handlers/ecdsaMPCv2Finalize.ts index 27b3922..20a2f27 100644 --- a/src/api/enclaved/handlers/ecdsaMPCv2Finalize.ts +++ b/src/api/advancedWalletManager/handlers/ecdsaMPCv2Finalize.ts @@ -1,14 +1,14 @@ import { DklsComms, DklsDkg, DklsTypes } from '@bitgo-beta/sdk-lib-mpc'; import { - EnclavedApiSpecRouteRequest, + AwmApiSpecRouteRequest, MpcV2FinalizeResponseType, MpcV2RoundState, -} from '../../../enclavedBitgoExpress/routers/enclavedApiSpec'; +} from '../../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import { KmsClient } from '../../../kms/kmsClient'; import assert from 'assert'; export async function ecdsaMPCv2Finalize( - req: EnclavedApiSpecRouteRequest<'v1.mpcv2.finalize', 'post'>, + req: AwmApiSpecRouteRequest<'v1.mpcv2.finalize', 'post'>, ): Promise { const { source, encryptedData, encryptedDataKey, broadcastMessages, bitgoCommonKeychain } = req.decoded; diff --git a/src/api/enclaved/handlers/ecdsaMPCv2Initialize.ts b/src/api/advancedWalletManager/handlers/ecdsaMPCv2Initialize.ts similarity index 88% rename from src/api/enclaved/handlers/ecdsaMPCv2Initialize.ts rename to src/api/advancedWalletManager/handlers/ecdsaMPCv2Initialize.ts index 2e17692..62686a8 100644 --- a/src/api/enclaved/handlers/ecdsaMPCv2Initialize.ts +++ b/src/api/advancedWalletManager/handlers/ecdsaMPCv2Initialize.ts @@ -1,15 +1,15 @@ import { - EnclavedApiSpecRouteRequest, + AwmApiSpecRouteRequest, MpcV2InitializeResponseType, MpcV2RoundState, -} from '../../../enclavedBitgoExpress/routers/enclavedApiSpec'; +} from '../../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import { KmsClient } from '../../../kms/kmsClient'; import * as bitgoSdk from '@bitgo-beta/sdk-core'; import logger from '../../../logger'; import { MPCv2PartiesEnum } from '@bitgo-beta/sdk-core/dist/src/bitgo/utils/tss/ecdsa'; export async function ecdsaMPCv2Initialize( - req: EnclavedApiSpecRouteRequest<'v1.mpcv2.initialize', 'post'>, + req: AwmApiSpecRouteRequest<'v1.mpcv2.initialize', 'post'>, ): Promise { const { source } = req.decoded; diff --git a/src/api/enclaved/handlers/ecdsaMPCv2Recovery.ts b/src/api/advancedWalletManager/handlers/ecdsaMPCv2Recovery.ts similarity index 92% rename from src/api/enclaved/handlers/ecdsaMPCv2Recovery.ts rename to src/api/advancedWalletManager/handlers/ecdsaMPCv2Recovery.ts index 1b7bb51..9146e6f 100644 --- a/src/api/enclaved/handlers/ecdsaMPCv2Recovery.ts +++ b/src/api/advancedWalletManager/handlers/ecdsaMPCv2Recovery.ts @@ -1,8 +1,8 @@ import { DklsDsg, DklsTypes, DklsUtils } from '@bitgo-beta/sdk-lib-mpc'; import { - EnclavedApiSpecRouteRequest, + AwmApiSpecRouteRequest, MpcV2RecoveryResponseType, -} from '../../../enclavedBitgoExpress/routers/enclavedApiSpec'; +} from '../../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import { KmsClient } from '../../../kms/kmsClient'; import { BaseCoin, ECDSAMethodTypes } from '@bitgo-beta/sdk-core'; import { isCosmosLikeCoin, isEcdsaCoin, isEthLikeCoin } from '../../../shared/coinUtils'; @@ -34,13 +34,13 @@ async function getMessageHash(coin: BaseCoin, txHex: string): Promise { } } else { throw new NotImplementedError( - `Enclave does not support Mpc V2 recovery for coin family: ${coin.getFamily()}`, + `Advanced Wallet Manager does not support Mpc V2 recovery for coin family: ${coin.getFamily()}`, ); } } export async function ecdsaMPCv2Recovery( - req: EnclavedApiSpecRouteRequest<'v1.mpcv2.recovery', 'post'>, + req: AwmApiSpecRouteRequest<'v1.mpcv2.recovery', 'post'>, ): Promise { const { txHex, pub } = req.decoded; const bitgo = req.bitgo; diff --git a/src/api/enclaved/handlers/ecdsaMPCv2Round.ts b/src/api/advancedWalletManager/handlers/ecdsaMPCv2Round.ts similarity index 97% rename from src/api/enclaved/handlers/ecdsaMPCv2Round.ts rename to src/api/advancedWalletManager/handlers/ecdsaMPCv2Round.ts index 4d088af..50fc131 100644 --- a/src/api/enclaved/handlers/ecdsaMPCv2Round.ts +++ b/src/api/advancedWalletManager/handlers/ecdsaMPCv2Round.ts @@ -1,16 +1,16 @@ import { DklsComms, DklsDkg, DklsTypes } from '@bitgo-beta/sdk-lib-mpc'; import { - EnclavedApiSpecRouteRequest, + AwmApiSpecRouteRequest, MpcV2RoundResponseType, MpcV2RoundState, -} from '../../../enclavedBitgoExpress/routers/enclavedApiSpec'; +} from '../../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import { MPCv2PartiesEnum } from '@bitgo-beta/sdk-core/dist/src/bitgo/utils/tss/ecdsa'; import { KmsClient } from '../../../kms/kmsClient'; import logger from '../../../logger'; import { BadRequestError, ValidationError } from '../../../shared/errors'; export async function ecdsaMPCv2Round( - req: EnclavedApiSpecRouteRequest<'v1.mpcv2.round', 'post'>, + req: AwmApiSpecRouteRequest<'v1.mpcv2.round', 'post'>, ): Promise { const { source, encryptedData, encryptedDataKey, round, broadcastMessages, p2pMessages } = req.decoded; diff --git a/src/api/enclaved/handlers/postIndependentKey.ts b/src/api/advancedWalletManager/handlers/postIndependentKey.ts similarity index 85% rename from src/api/enclaved/handlers/postIndependentKey.ts rename to src/api/advancedWalletManager/handlers/postIndependentKey.ts index eb08a48..fc8cac8 100644 --- a/src/api/enclaved/handlers/postIndependentKey.ts +++ b/src/api/advancedWalletManager/handlers/postIndependentKey.ts @@ -1,10 +1,10 @@ import { BitGoAPI } from '@bitgo-beta/sdk-api'; import { KmsClient } from '../../../kms/kmsClient'; -import { EnclavedApiSpecRouteRequest } from '../../../enclavedBitgoExpress/routers/enclavedApiSpec'; +import { AwmApiSpecRouteRequest } from '../../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import coinFactory from '../../../shared/coinFactory'; export async function postIndependentKey( - req: EnclavedApiSpecRouteRequest<'v1.key.independent', 'post'>, + req: AwmApiSpecRouteRequest<'v1.key.independent', 'post'>, ) { const { source, seed }: { source: string; seed?: string } = req.decoded; diff --git a/src/api/enclaved/handlers/recoveryMultisigTransaction.ts b/src/api/advancedWalletManager/handlers/recoveryMultisigTransaction.ts similarity index 95% rename from src/api/enclaved/handlers/recoveryMultisigTransaction.ts rename to src/api/advancedWalletManager/handlers/recoveryMultisigTransaction.ts index fe734b1..46c0a0c 100644 --- a/src/api/enclaved/handlers/recoveryMultisigTransaction.ts +++ b/src/api/advancedWalletManager/handlers/recoveryMultisigTransaction.ts @@ -5,8 +5,8 @@ import { MethodNotImplementedError, TransactionRecipient, } from '@bitgo-beta/sdk-core'; -import { EnclavedApiSpecRouteRequest } from '../../../enclavedBitgoExpress/routers/enclavedApiSpec'; -import { EnclavedConfig, EnvironmentName } from '../../../initConfig'; +import { AwmApiSpecRouteRequest } from '../../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; +import { AdvancedWalletManagerConfig, EnvironmentName } from '../../../initConfig'; import logger from '../../../logger'; import { isEthLikeCoin, @@ -23,9 +23,9 @@ import { checkRecoveryMode, retrieveKmsPrvKey } from '../utils'; import coinFactory from '../../../shared/coinFactory'; export async function recoveryMultisigTransaction( - req: EnclavedApiSpecRouteRequest<'v1.multisig.recovery', 'post'>, + req: AwmApiSpecRouteRequest<'v1.multisig.recovery', 'post'>, ): Promise { - checkRecoveryMode(req.config as EnclavedConfig); + checkRecoveryMode(req.config as AdvancedWalletManagerConfig); const { userPub, backupPub, bitgoPub, unsignedSweepPrebuildTx, walletContractAddress, coin } = req.decoded; diff --git a/src/api/enclaved/handlers/signEddsaRecoveryTransaction.ts b/src/api/advancedWalletManager/handlers/signEddsaRecoveryTransaction.ts similarity index 97% rename from src/api/enclaved/handlers/signEddsaRecoveryTransaction.ts rename to src/api/advancedWalletManager/handlers/signEddsaRecoveryTransaction.ts index 0c59ac5..1f98505 100644 --- a/src/api/enclaved/handlers/signEddsaRecoveryTransaction.ts +++ b/src/api/advancedWalletManager/handlers/signEddsaRecoveryTransaction.ts @@ -11,7 +11,7 @@ import { Ed25519Bip32HdTree } from '@bitgo-beta/sdk-lib-mpc'; import { CoinFamily, coins } from '@bitgo-beta/statics'; import { type KeyPair as SolKeyPair } from '@bitgo-beta/sdk-coin-sol'; import { checkRecoveryMode, retrieveKmsPrvKey } from '../utils'; -import { EnclavedConfig } from '../../../shared/types'; +import { AdvancedWalletManagerConfig } from '../../../shared/types'; import logger from '../../../logger'; async function setupTransactionBuilder( @@ -75,7 +75,7 @@ export type SignEddsaRecoveryTransactionParams = { signableHex: string; derivationPath: string; }; - cfg: EnclavedConfig; + cfg: AdvancedWalletManagerConfig; coin: BaseCoin; }; diff --git a/src/api/enclaved/handlers/signMpcTransaction.ts b/src/api/advancedWalletManager/handlers/signMpcTransaction.ts similarity index 96% rename from src/api/enclaved/handlers/signMpcTransaction.ts rename to src/api/advancedWalletManager/handlers/signMpcTransaction.ts index f13160a..ffea275 100644 --- a/src/api/enclaved/handlers/signMpcTransaction.ts +++ b/src/api/advancedWalletManager/handlers/signMpcTransaction.ts @@ -1,4 +1,4 @@ -import { EnclavedApiSpecRouteRequest } from '../../../enclavedBitgoExpress/routers/enclavedApiSpec'; +import { AwmApiSpecRouteRequest } from '../../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import { decryptDataKey, generateDataKey, retrieveKmsPrvKey } from '../utils'; import logger from '../../../logger'; import { @@ -12,7 +12,7 @@ import { SignShare, TxRequest, } from '@bitgo-beta/sdk-core'; -import { EnclavedConfig } from '../../../shared/types'; +import { AdvancedWalletManagerConfig } from '../../../shared/types'; import { BitGoAPI } from '@bitgo-beta/sdk-api'; import coinFactory from '../../../shared/coinFactory'; @@ -86,7 +86,7 @@ interface EcdsaSigningParams { encryptedRound2Session?: string; } -export async function signMpcTransaction(req: EnclavedApiSpecRouteRequest<'v1.mpc.sign', 'post'>) { +export async function signMpcTransaction(req: AwmApiSpecRouteRequest<'v1.mpc.sign', 'post'>) { const { source, pub, coin, encryptedDataKey, shareType } = req.decoded; const bitgo = req.bitgo; @@ -146,7 +146,7 @@ export async function signMpcTransaction(req: EnclavedApiSpecRouteRequest<'v1.mp async function handleEddsaSigning( bitgo: BitGoAPI, - cfg: EnclavedConfig, + cfg: AdvancedWalletManagerConfig, params: EddsaSigningParams, ): Promise<{ userToBitgoCommitment?: CommitmentShareRecord; @@ -235,7 +235,7 @@ async function handleEddsaSigning( async function handleEcdsaMpcV2Signing( bitgo: BitGoAPI, - cfg: EnclavedConfig, + cfg: AdvancedWalletManagerConfig, params: EcdsaSigningParams, ): Promise { const { coin, shareType } = params; diff --git a/src/api/enclaved/handlers/signMultisigTransaction.ts b/src/api/advancedWalletManager/handlers/signMultisigTransaction.ts similarity index 87% rename from src/api/enclaved/handlers/signMultisigTransaction.ts rename to src/api/advancedWalletManager/handlers/signMultisigTransaction.ts index ce5cf82..a6643fd 100644 --- a/src/api/enclaved/handlers/signMultisigTransaction.ts +++ b/src/api/advancedWalletManager/handlers/signMultisigTransaction.ts @@ -1,11 +1,11 @@ import { KmsClient } from '../../../kms/kmsClient'; import { TransactionPrebuild } from '@bitgo-beta/sdk-core'; import logger from '../../../logger'; -import { EnclavedApiSpecRouteRequest } from '../../../enclavedBitgoExpress/routers/enclavedApiSpec'; +import { AwmApiSpecRouteRequest } from '../../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import coinFactory from '../../../shared/coinFactory'; export async function signMultisigTransaction( - req: EnclavedApiSpecRouteRequest<'v1.multisig.sign', 'post'>, + req: AwmApiSpecRouteRequest<'v1.multisig.sign', 'post'>, ): Promise { const { source, diff --git a/src/api/enclaved/mpcFinalize.ts b/src/api/advancedWalletManager/mpcFinalize.ts similarity index 94% rename from src/api/enclaved/mpcFinalize.ts rename to src/api/advancedWalletManager/mpcFinalize.ts index dad86da..42a1b2e 100644 --- a/src/api/enclaved/mpcFinalize.ts +++ b/src/api/advancedWalletManager/mpcFinalize.ts @@ -2,18 +2,16 @@ import debug from 'debug'; import * as bitgoSdk from '@bitgo-beta/sdk-core'; import { - EnclavedApiSpecRouteRequest, + AwmApiSpecRouteRequest, MpcFinalizeRequestType, -} from '../../enclavedBitgoExpress/routers/enclavedApiSpec'; +} from '../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import { KmsClient } from '../../kms/kmsClient'; import { gpgDecrypt, gpgEncrypt } from './utils'; import coinFactory from '../../shared/coinFactory'; -const debugLogger = debug('bitgo:enclavedBitGoExpress:mpcFinalize'); +const debugLogger = debug('bitgo:advancedWalletManager:mpcFinalize'); -export async function eddsaFinalize( - req: EnclavedApiSpecRouteRequest<'v1.mpc.key.finalize', 'post'>, -) { +export async function eddsaFinalize(req: AwmApiSpecRouteRequest<'v1.mpc.key.finalize', 'post'>) { // request parsing const { source, diff --git a/src/api/enclaved/mpcInitialize.ts b/src/api/advancedWalletManager/mpcInitialize.ts similarity index 94% rename from src/api/enclaved/mpcInitialize.ts rename to src/api/advancedWalletManager/mpcInitialize.ts index 887e7bb..1193d36 100644 --- a/src/api/enclaved/mpcInitialize.ts +++ b/src/api/advancedWalletManager/mpcInitialize.ts @@ -3,16 +3,16 @@ import * as bitgoSdk from '@bitgo-beta/sdk-core'; import { assert } from 'console'; import { KmsClient } from '../../kms/kmsClient'; import { - EnclavedApiSpecRouteRequest, + AwmApiSpecRouteRequest, KeyShareType, MpcInitializeRequestType, -} from '../../enclavedBitgoExpress/routers/enclavedApiSpec'; +} from '../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import { gpgEncrypt } from './utils'; -const debugLogger = debug('bitgo:enclavedExpress:mpcInitialize'); +const debugLogger = debug('bitgo:awm:mpcInitialize'); export async function eddsaInitialize( - req: EnclavedApiSpecRouteRequest<'v1.mpc.key.initialize', 'post'>, + req: AwmApiSpecRouteRequest<'v1.mpc.key.initialize', 'post'>, ) { // request parsing. counterPartyGpgPub can be undefined const { source, bitgoGpgPub, counterPartyGpgPub }: MpcInitializeRequestType = req.decoded; diff --git a/src/api/enclaved/utils.ts b/src/api/advancedWalletManager/utils.ts similarity index 92% rename from src/api/enclaved/utils.ts rename to src/api/advancedWalletManager/utils.ts index b5edfde..995bb5b 100644 --- a/src/api/enclaved/utils.ts +++ b/src/api/advancedWalletManager/utils.ts @@ -2,7 +2,7 @@ import { createMessage, decrypt, encrypt, readKey, readMessage, readPrivateKey } import { KmsClient } from '../../kms/kmsClient'; import { GenerateDataKeyResponse } from '../../kms/types/dataKey'; -import { EnclavedConfig } from '../../shared/types'; +import { AdvancedWalletManagerConfig } from '../../shared/types'; export async function retrieveKmsPrvKey({ pub, @@ -12,7 +12,7 @@ export async function retrieveKmsPrvKey({ }: { pub: string; source: string; - cfg: EnclavedConfig; + cfg: AdvancedWalletManagerConfig; options?: { useLocalEncipherment?: boolean; }; @@ -85,7 +85,7 @@ export async function generateDataKey({ cfg, }: { keyType: 'AES-256' | 'RSA-2048' | 'ECDSA-P256'; - cfg: EnclavedConfig; + cfg: AdvancedWalletManagerConfig; }): Promise { try { const kms = new KmsClient(cfg); @@ -103,7 +103,7 @@ export async function decryptDataKey({ cfg, }: { encryptedDataKey: string; - cfg: EnclavedConfig; + cfg: AdvancedWalletManagerConfig; }): Promise { try { const kms = new KmsClient(cfg); @@ -117,7 +117,7 @@ export async function decryptDataKey({ } } -export function checkRecoveryMode(config: EnclavedConfig) { +export function checkRecoveryMode(config: AdvancedWalletManagerConfig) { if (!config.recoveryMode) { throw new Error( 'Recovery operations are not enabled. The server must be in recovery mode to perform this action.', diff --git a/src/api/master/clients/enclavedExpressClient.ts b/src/api/master/clients/advancedWalletManagerClient.ts similarity index 92% rename from src/api/master/clients/enclavedExpressClient.ts rename to src/api/master/clients/advancedWalletManagerClient.ts index f6c18a7..88654af 100644 --- a/src/api/master/clients/enclavedExpressClient.ts +++ b/src/api/master/clients/advancedWalletManagerClient.ts @@ -23,7 +23,7 @@ import { ApiClient, buildApiClient, superagentRequestFactory } from '@api-ts/sup import { OfflineVaultTxInfo, RecoveryInfo, UnsignedSweepTxMPCv2 } from '@bitgo-beta/sdk-coin-eth'; import { MasterExpressConfig, TlsMode } from '../../../shared/types'; -import { EnclavedApiSpec } from '../../../enclavedBitgoExpress/routers'; +import { AdvancedWalletManagerApiSpec } from '../../../advancedWalletManager/routers'; import { PingResponseType, VersionResponseType } from '../../../types/health'; import { extractTransactionRequestInfo } from '../../../shared/transactionUtils'; import { @@ -34,11 +34,11 @@ import { MpcV2InitializeResponseType, MpcV2RecoveryResponseType, MpcV2RoundResponseType, -} from '../../../enclavedBitgoExpress/routers/enclavedApiSpec'; +} from '../../../advancedWalletManager/routers/advancedWalletManagerApiSpec'; import { FormattedOfflineVaultTxInfo } from '@bitgo-beta/abstract-utxo'; import { RecoveryTxRequest } from '@bitgo-beta/sdk-core'; -const debugLogger = debug('bitgo:express:enclavedExpressClient'); +const debugLogger = debug('bitgo:express:awmClient'); export type InitMpcKeyGenerationParams = { source: 'user' | 'backup'; @@ -174,7 +174,7 @@ export interface SignMpcV2Round3Response { signatureShareRound3: SignatureShareRecord; } -export class EnclavedExpressClient { +export class AdvancedWalletManagerClient { async recoveryMPC(params: { unsignedSweepPrebuildTx: MPCTx | MPCSweepTxs | MPCTxs | RecoveryTxRequest; userPub: string; @@ -221,25 +221,28 @@ export class EnclavedExpressClient { } } private readonly baseUrl: string; - private readonly enclavedExpressCert: string; + private readonly advancedWalletManagerCert: string; private readonly tlsKey?: string; private readonly tlsCert?: string; private readonly allowSelfSigned: boolean; private readonly coin?: string; private readonly tlsMode: TlsMode; - private readonly apiClient: ApiClient; + private readonly apiClient: ApiClient; constructor(cfg: MasterExpressConfig, coin?: string) { - if (!cfg.enclavedExpressUrl || !cfg.enclavedExpressCert) { - throw new Error('enclavedExpressUrl and enclavedExpressCert are required'); + if (!cfg.advancedWalletManagerUrl) { + throw new Error('advancedWalletManagerUrl and advancedWalletManagerCert are required'); } - if (cfg.tlsMode === TlsMode.MTLS && (!cfg.tlsKey || !cfg.tlsCert)) { + if ( + cfg.tlsMode === TlsMode.MTLS && + (!cfg.tlsKey || !cfg.tlsCert || !cfg.advancedWalletManagerUrl) + ) { throw new Error('tlsKey and tlsCert are required for mTLS communication'); } - this.baseUrl = cfg.enclavedExpressUrl; - this.enclavedExpressCert = cfg.enclavedExpressCert; + this.baseUrl = cfg.advancedWalletManagerUrl; + this.advancedWalletManagerCert = cfg.advancedWalletManagerCert; this.tlsKey = cfg.tlsKey; this.tlsCert = cfg.tlsCert; this.allowSelfSigned = cfg.allowSelfSigned ?? false; @@ -250,9 +253,9 @@ export class EnclavedExpressClient { const requestFactory = superagentRequestFactory(superagent, this.baseUrl); // Build the type-safe API client - this.apiClient = buildApiClient(requestFactory, EnclavedApiSpec); + this.apiClient = buildApiClient(requestFactory, AdvancedWalletManagerApiSpec); - debugLogger('EnclavedExpressClient initialized with URL: %s', this.baseUrl); + debugLogger('awmClient initialized with URL: %s', this.baseUrl); } private createHttpsAgent(): https.Agent { @@ -261,8 +264,8 @@ export class EnclavedExpressClient { } return new https.Agent({ rejectUnauthorized: !this.allowSelfSigned, - ca: this.enclavedExpressCert, - // Use Master Express's own certificate as client cert when connecting to Enclaved Express + ca: this.advancedWalletManagerCert, + // Use Master Express's own certificate as client cert when connecting to Advanced Wallet Manager key: this.tlsKey, cert: this.tlsCert, }); @@ -330,12 +333,12 @@ export class EnclavedExpressClient { } /** - * Ping the enclaved express service to check if it's available + * Ping the advanced wallet manager service to check if it's available * @returns {Promise} */ async ping(): Promise { try { - debugLogger('Pinging enclaved express service at: %s', this.baseUrl); + debugLogger('Pinging advanced wallet manager service at: %s', this.baseUrl); let request = this.apiClient['v1.health.ping'].post({}); if (this.tlsMode === TlsMode.MTLS) { @@ -344,21 +347,21 @@ export class EnclavedExpressClient { const response = await request.decodeExpecting(200); - debugLogger('Enclaved express service ping successful'); + debugLogger('Advanced Wallet Manager service ping successful'); return response.body; } catch (error) { const err = error as Error; - debugLogger('Enclaved express service ping failed: %s', err.message); + debugLogger('Advanced Wallet Manager service ping failed: %s', err.message); throw err; } } /** - * Get the version information from the enclaved express service + * Get the version information from the advanced wallet manager service */ async getVersion(): Promise { try { - debugLogger('Getting version information from enclaved express service'); + debugLogger('Getting version information from advanced wallet manager service'); let request = this.apiClient['v1.health.version'].get({}); if (this.tlsMode === TlsMode.MTLS) { @@ -781,17 +784,17 @@ export class EnclavedExpressClient { } /** - * Create an enclaved express client if the configuration is present + * Create an advanced wallet manager client if the configuration is present */ -export function createEnclavedExpressClient( +export function createawmClient( cfg: MasterExpressConfig, coin?: string, -): EnclavedExpressClient | undefined { +): AdvancedWalletManagerClient | undefined { try { - return new EnclavedExpressClient(cfg, coin); + return new AdvancedWalletManagerClient(cfg, coin); } catch (error) { const err = error as Error; - debugLogger('Failed to create enclaved express client: %s', err.message); + debugLogger('Failed to create advanced wallet manager client: %s', err.message); return undefined; } } diff --git a/src/api/master/handlerUtils.ts b/src/api/master/handlerUtils.ts index 77a4fe8..0efb74c 100644 --- a/src/api/master/handlerUtils.ts +++ b/src/api/master/handlerUtils.ts @@ -1,6 +1,6 @@ import { BitGoAPI } from '@bitgo-beta/sdk-api'; import { CustomSigningFunction, RequestTracer } from '@bitgo-beta/sdk-core'; -import { EnclavedExpressClient } from './clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from './clients/advancedWalletManagerClient'; import coinFactory from '../../shared/coinFactory'; import { MasterExpressConfig } from '../../shared/types'; @@ -54,20 +54,20 @@ export async function getWalletAndSigningKeychain({ return { baseCoin, wallet, signingKeychain }; } /** - * Create a custom signing function that delegates to enclavedExpressClient.signMultisig. + * Create a custom signing function that delegates to awmClient.signMultisig. */ export function makeCustomSigningFunction({ - enclavedExpressClient, + awmClient, source, pub, }: { - enclavedExpressClient: EnclavedExpressClient; + awmClient: AdvancedWalletManagerClient; source: 'user' | 'backup'; pub: string; }): CustomSigningFunction { return async function customSigningFunction(signParams: any) { - return enclavedExpressClient.signMultisig({ + return awmClient.signMultisig({ txPrebuild: signParams.txPrebuild, source, pub, diff --git a/src/api/master/handlers/ecdsaMPCv2.ts b/src/api/master/handlers/ecdsaMPCv2.ts index c33d3d4..0fb81d4 100644 --- a/src/api/master/handlers/ecdsaMPCv2.ts +++ b/src/api/master/handlers/ecdsaMPCv2.ts @@ -9,16 +9,16 @@ import { TxRequest, } from '@bitgo-beta/sdk-core'; import { - EnclavedExpressClient, + AdvancedWalletManagerClient, SignMpcV2Round1Response, SignMpcV2Round2Response, -} from '../clients/enclavedExpressClient'; +} from '../clients/advancedWalletManagerClient'; /** - * Creates custom ECDSA MPCv2 signing functions for use with enclaved express client + * Creates custom ECDSA MPCv2 signing functions for use with advanced wallet manager client */ export function createEcdsaMPCv2CustomSigners( - enclavedExpressClient: EnclavedExpressClient, + awmClient: AdvancedWalletManagerClient, source: 'user' | 'backup', commonKeychain: string, ) { @@ -28,7 +28,7 @@ export function createEcdsaMPCv2CustomSigners( // Create custom signing methods that maintain state const customMPCv2Round1Generator = async (params: { txRequest: TxRequest }) => { - const response = await enclavedExpressClient.signMPCv2Round1(source, commonKeychain, params); + const response = await awmClient.signMPCv2Round1(source, commonKeychain, params); round1Response = response; return response; }; @@ -42,7 +42,7 @@ export function createEcdsaMPCv2CustomSigners( if (!round1Response) { throw new Error('Round 1 must be completed before Round 2'); } - const response = await enclavedExpressClient.signMPCv2Round2(source, commonKeychain, { + const response = await awmClient.signMPCv2Round2(source, commonKeychain, { ...params, encryptedDataKey: round1Response.encryptedDataKey, encryptedRound1Session: round1Response.encryptedRound1Session, @@ -62,7 +62,7 @@ export function createEcdsaMPCv2CustomSigners( if (!round2Response) { throw new Error('Round 2 must be completed before Round 3'); } - return await enclavedExpressClient.signMPCv2Round3(source, commonKeychain, { + return await awmClient.signMPCv2Round3(source, commonKeychain, { ...params, encryptedDataKey: round1Response.encryptedDataKey, encryptedRound2Session: round2Response.encryptedRound2Session, @@ -82,7 +82,7 @@ export async function signAndSendEcdsaMPCv2FromTxRequest( bitgo: BitGoBase, wallet: Wallet, txRequest: TxRequest, - enclavedExpressClient: EnclavedExpressClient, + awmClient: AdvancedWalletManagerClient, source: 'user' | 'backup', commonKeychain: string, reqId: IRequestTracer, @@ -91,7 +91,7 @@ export async function signAndSendEcdsaMPCv2FromTxRequest( // Use the shared custom signing functions const { customMPCv2Round1Generator, customMPCv2Round2Generator, customMPCv2Round3Generator } = - createEcdsaMPCv2CustomSigners(enclavedExpressClient, source, commonKeychain); + createEcdsaMPCv2CustomSigners(awmClient, source, commonKeychain); // This also sends the TxRequest for broadcast return await ecdsaMPCv2Utils.signEcdsaMPCv2TssUsingExternalSigner( @@ -106,7 +106,7 @@ export async function signAndSendEcdsaMPCv2FromTxRequest( interface OrchestrateEcdsaKeyGenParams { bitgo: BitGoBase; baseCoin: BaseCoin; - enclavedExpressClient: EnclavedExpressClient; + awmClient: AdvancedWalletManagerClient; enterprise: string; walletParams: SupplementGenerateWalletOptions; } @@ -114,7 +114,7 @@ interface OrchestrateEcdsaKeyGenParams { export async function orchestrateEcdsaKeyGen({ bitgo, baseCoin, - enclavedExpressClient, + awmClient, enterprise, walletParams, }: OrchestrateEcdsaKeyGenParams) { @@ -125,7 +125,7 @@ export async function orchestrateEcdsaKeyGen({ const ecdsaUtils = new EcdsaMPCv2Utils(bitgo, baseCoin); // INITIALIZE ROUND: GENERATE ALL GPG KEYS AND RETRIEVE GPG PUBS FROM ALL PARTIES - const userInitResponse = await enclavedExpressClient.initEcdsaMpcV2KeyGenMpcV2({ + const userInitResponse = await awmClient.initEcdsaMpcV2KeyGenMpcV2({ source: 'user', }); if ( @@ -135,7 +135,7 @@ export async function orchestrateEcdsaKeyGen({ ) { throw new Error('Missing required fields in user init response'); } - const backupInitResponse = await enclavedExpressClient.initEcdsaMpcV2KeyGenMpcV2({ + const backupInitResponse = await awmClient.initEcdsaMpcV2KeyGenMpcV2({ source: 'backup', }); if ( @@ -147,7 +147,7 @@ export async function orchestrateEcdsaKeyGen({ } // ROUND 1 - const userRound1Promise = enclavedExpressClient.roundEcdsaMPCv2KeyGen({ + const userRound1Promise = awmClient.roundEcdsaMPCv2KeyGen({ source: 'user', encryptedData: userInitResponse.encryptedData, encryptedDataKey: userInitResponse.encryptedDataKey, @@ -155,7 +155,7 @@ export async function orchestrateEcdsaKeyGen({ bitgoGpgPub: constants.mpc.bitgoMPCv2PublicKey, counterPartyGpgPub: backupInitResponse.gpgPub, }); - const backupRound1Promise = enclavedExpressClient.roundEcdsaMPCv2KeyGen({ + const backupRound1Promise = awmClient.roundEcdsaMPCv2KeyGen({ source: 'backup', encryptedData: backupInitResponse.encryptedData, encryptedDataKey: backupInitResponse.encryptedDataKey, @@ -190,7 +190,7 @@ export async function orchestrateEcdsaKeyGen({ const { sessionId, bitgoMsg1, bitgoToUserMsg2, bitgoToBackupMsg2 } = round1And2BitGoResponse; // ROUND 2 - const userRound2Promise = enclavedExpressClient.roundEcdsaMPCv2KeyGen({ + const userRound2Promise = awmClient.roundEcdsaMPCv2KeyGen({ source: 'user', encryptedData: userRound1Response.encryptedData, encryptedDataKey: userRound1Response.encryptedDataKey, @@ -200,7 +200,7 @@ export async function orchestrateEcdsaKeyGen({ counterParty: backupRound1Response.broadcastMessage, }, }); - const backupRound2Promise = enclavedExpressClient.roundEcdsaMPCv2KeyGen({ + const backupRound2Promise = awmClient.roundEcdsaMPCv2KeyGen({ source: 'backup', encryptedData: backupRound1Response.encryptedData, encryptedDataKey: backupRound1Response.encryptedDataKey, @@ -222,7 +222,7 @@ export async function orchestrateEcdsaKeyGen({ } // ROUND 3 - const userRound3Promise = enclavedExpressClient.roundEcdsaMPCv2KeyGen({ + const userRound3Promise = awmClient.roundEcdsaMPCv2KeyGen({ source: 'user', encryptedData: userRound2Response.encryptedData, encryptedDataKey: userRound2Response.encryptedDataKey, @@ -232,7 +232,7 @@ export async function orchestrateEcdsaKeyGen({ counterParty: backupRound2Response.p2pMessages?.counterParty, }, }); - const backupRound3Promise = enclavedExpressClient.roundEcdsaMPCv2KeyGen({ + const backupRound3Promise = awmClient.roundEcdsaMPCv2KeyGen({ source: 'backup', encryptedData: backupRound2Response.encryptedData, encryptedDataKey: backupRound2Response.encryptedDataKey, @@ -271,7 +271,7 @@ export async function orchestrateEcdsaKeyGen({ } // ROUND 4 - const userRound4Promise = enclavedExpressClient.roundEcdsaMPCv2KeyGen({ + const userRound4Promise = awmClient.roundEcdsaMPCv2KeyGen({ source: 'user', encryptedData: userRound3Response.encryptedData, encryptedDataKey: userRound3Response.encryptedDataKey, @@ -281,7 +281,7 @@ export async function orchestrateEcdsaKeyGen({ counterParty: backupRound3Response.p2pMessages?.counterParty, }, }); - const backupRound4Promise = enclavedExpressClient.roundEcdsaMPCv2KeyGen({ + const backupRound4Promise = awmClient.roundEcdsaMPCv2KeyGen({ source: 'backup', encryptedData: backupRound3Response.encryptedData, encryptedDataKey: backupRound3Response.encryptedDataKey, @@ -318,7 +318,7 @@ export async function orchestrateEcdsaKeyGen({ bitgoMsg4, commonKeychain: bitgoCommonKeychain, } = round4BitGoResponse; - const userFinalizePromise = enclavedExpressClient.finalizeEcdsaMPCv2KeyGen({ + const userFinalizePromise = awmClient.finalizeEcdsaMPCv2KeyGen({ source: 'user', encryptedData: userRound4Response.encryptedData, encryptedDataKey: userRound4Response.encryptedDataKey, @@ -328,7 +328,7 @@ export async function orchestrateEcdsaKeyGen({ }, bitgoCommonKeychain, }); - const backupFinalizePromise = enclavedExpressClient.finalizeEcdsaMPCv2KeyGen({ + const backupFinalizePromise = awmClient.finalizeEcdsaMPCv2KeyGen({ source: 'backup', encryptedData: backupRound4Response.encryptedData, encryptedDataKey: backupRound4Response.encryptedDataKey, diff --git a/src/api/master/handlers/eddsa.ts b/src/api/master/handlers/eddsa.ts index d839fb1..0e0c4b5 100644 --- a/src/api/master/handlers/eddsa.ts +++ b/src/api/master/handlers/eddsa.ts @@ -14,13 +14,16 @@ import { CustomRShareGeneratingFunction, CustomGShareGeneratingFunction, } from '@bitgo-beta/sdk-core'; -import { EnclavedExpressClient, SignMpcCommitmentResponse } from '../clients/enclavedExpressClient'; +import { + AdvancedWalletManagerClient, + SignMpcCommitmentResponse, +} from '../clients/advancedWalletManagerClient'; /** - * Creates custom EdDSA signing functions for use with enclaved express client + * Creates custom EdDSA signing functions for use with advanced wallet manager client */ export function createEddsaCustomSigningFunctions( - enclavedExpressClient: EnclavedExpressClient, + awmClient: AdvancedWalletManagerClient, source: 'user' | 'backup', commonKeychain: string, ): { @@ -39,7 +42,7 @@ export function createEddsaCustomSigningFunctions( if (!params.bitgoGpgPubKey) { throw new Error('bitgoGpgPubKey is required for commitment share generation'); } - const response = await enclavedExpressClient.signMpcCommitment({ + const response = await awmClient.signMpcCommitment({ txRequest: params.txRequest, bitgoPublicGpgKey: params.bitgoGpgPubKey, source, @@ -56,7 +59,7 @@ export function createEddsaCustomSigningFunctions( if (!commitmentResponse) { throw new Error('Commitment must be completed before R-share generation'); } - const response = await enclavedExpressClient.signMpcRShare({ + const response = await awmClient.signMpcRShare({ txRequest: params.txRequest, encryptedUserToBitgoRShare: params.encryptedUserToBitgoRShare, encryptedDataKey: commitmentResponse.encryptedDataKey, @@ -75,7 +78,7 @@ export function createEddsaCustomSigningFunctions( if (!commitmentResponse) { throw new Error('Commitment must be completed before G-share generation'); } - const response = await enclavedExpressClient.signMpcGShare({ + const response = await awmClient.signMpcGShare({ txRequest: params.txRequest, bitgoToUserRShare: params.bitgoToUserRShare, userToBitgoRShare: params.userToBitgoRShare, @@ -97,13 +100,13 @@ export async function handleEddsaSigning( bitgo: BitGoBase, wallet: Wallet, txRequest: TxRequest, - enclavedExpressClient: EnclavedExpressClient, + awmClient: AdvancedWalletManagerClient, commonKeychain: string, reqId?: IRequestTracer, ) { const eddsaUtils = new EddsaUtils(bitgo, wallet.baseCoin, wallet); const { customCommitmentGenerator, customRShareGenerator, customGShareGenerator } = - createEddsaCustomSigningFunctions(enclavedExpressClient, 'user', commonKeychain); + createEddsaCustomSigningFunctions(awmClient, 'user', commonKeychain); return await eddsaUtils.signEddsaTssUsingExternalSigner( txRequest, customCommitmentGenerator, @@ -116,7 +119,7 @@ export async function handleEddsaSigning( interface OrchestrateEddsaKeyGenParams { bitgo: BitGoBase; baseCoin: BaseCoin; - enclavedExpressClient: EnclavedExpressClient; + awmClient: AdvancedWalletManagerClient; enterprise: string; walletParams: any; } @@ -124,7 +127,7 @@ interface OrchestrateEddsaKeyGenParams { export async function orchestrateEddsaKeyGen({ bitgo, baseCoin, - enclavedExpressClient, + awmClient, enterprise, walletParams, }: OrchestrateEddsaKeyGenParams) { @@ -133,11 +136,11 @@ export async function orchestrateEddsaKeyGen({ throw new Error('Unable to create MPC keys - bitgoPublicKey is missing in constants'); } // Initialize key generation for user and backup - const userInitResponse = await enclavedExpressClient.initMpcKeyGeneration({ + const userInitResponse = await awmClient.initMpcKeyGeneration({ source: 'user', bitgoGpgKey: constants.mpc.bitgoPublicKey, }); - const backupInitResponse = await enclavedExpressClient.initMpcKeyGeneration({ + const backupInitResponse = await awmClient.initMpcKeyGeneration({ source: 'backup', bitgoGpgKey: constants.mpc.bitgoPublicKey, userGpgKey: userInitResponse.bitgoPayload.gpgKey, @@ -167,7 +170,7 @@ export async function orchestrateEddsaKeyGen({ backupGPGPublicKey: backupGPGKey, }); // Finalize user and backup keychains - const userKeychainPromise = await enclavedExpressClient.finalizeMpcKeyGeneration({ + const userKeychainPromise = await awmClient.finalizeMpcKeyGeneration({ source: 'user', coin: baseCoin.getFamily(), encryptedDataKey: userInitResponse.encryptedDataKey, @@ -194,7 +197,7 @@ export async function orchestrateEddsaKeyGen({ source: 'user', type: 'tss', }); - const backupKeychainPromise = await enclavedExpressClient.finalizeMpcKeyGeneration({ + const backupKeychainPromise = await awmClient.finalizeMpcKeyGeneration({ source: 'backup', coin: baseCoin.getFamily(), encryptedDataKey: backupInitResponse.encryptedDataKey, diff --git a/src/api/master/handlers/generateWallet.ts b/src/api/master/handlers/generateWallet.ts index 66837e8..32ba9f3 100644 --- a/src/api/master/handlers/generateWallet.ts +++ b/src/api/master/handlers/generateWallet.ts @@ -9,7 +9,7 @@ import { WalletWithKeychains, } from '@bitgo-beta/sdk-core'; import _ from 'lodash'; -import { MasterApiSpecRouteRequest } from '../routers/masterApiSpec'; +import { MasterApiSpecRouteRequest } from '../routers/masterBitGoExpressApiSpec'; import { orchestrateEcdsaKeyGen } from './ecdsaMPCv2'; import { orchestrateEddsaKeyGen } from './eddsa'; import coinFactory from '../../../shared/coinFactory'; @@ -31,7 +31,7 @@ export async function handleGenerateWalletOnPrem( } /** - * This route is used to generate a multisig wallet when enclaved express is enabled + * This route is used to generate a multisig wallet when advanced wallet manager is enabled */ async function handleGenerateOnPremOnChainWallet( req: MasterApiSpecRouteRequest<'v1.wallet.generate', 'post'>, @@ -39,8 +39,8 @@ async function handleGenerateOnPremOnChainWallet( const bitgo = req.bitgo; const baseCoin = await coinFactory.getCoin(req.params.coin, bitgo); - // The enclavedExpressClient is now available from the request - const enclavedExpressClient = req.enclavedExpressClient; + // The awmClient is now available from the request + const awmClient = req.awmClient; const reqId = new RequestTracer(); @@ -65,7 +65,7 @@ async function handleGenerateOnPremOnChainWallet( } const userKeychainPromise = async (): Promise => { - const userKeychain = await enclavedExpressClient.createIndependentKeychain({ + const userKeychain = await awmClient.createIndependentKeychain({ source: 'user', coin: req.params.coin, type: 'independent', @@ -82,7 +82,7 @@ async function handleGenerateOnPremOnChainWallet( }; const backupKeychainPromise = async (): Promise => { - const backupKeychain = await enclavedExpressClient.createIndependentKeychain({ + const backupKeychain = await awmClient.createIndependentKeychain({ source: 'backup', coin: req.params.coin, type: 'independent', @@ -141,7 +141,7 @@ async function handleGenerateOnPremMpcWallet( ) { const bitgo = req.bitgo; const baseCoin = await coinFactory.getCoin(req.decoded.coin, bitgo); - const enclavedExpressClient = req.enclavedExpressClient; + const awmClient = req.awmClient; if (!baseCoin.supportsTss()) { throw new BadRequestError( @@ -149,8 +149,8 @@ async function handleGenerateOnPremMpcWallet( ); } - if (!enclavedExpressClient) { - throw new Error('Enclaved express client is required for MPC wallet generation'); + if (!awmClient) { + throw new Error('Advanced Wallet Manager client is required for MPC wallet generation'); } const reqId = new RequestTracer(); @@ -180,7 +180,7 @@ async function handleGenerateOnPremMpcWallet( orchestrateResult = await orchestrateEcdsaKeyGen({ bitgo, baseCoin, - enclavedExpressClient, + awmClient, enterprise, walletParams, }); @@ -189,7 +189,7 @@ async function handleGenerateOnPremMpcWallet( orchestrateResult = await orchestrateEddsaKeyGen({ bitgo, baseCoin, - enclavedExpressClient, + awmClient, walletParams, enterprise, }); diff --git a/src/api/master/handlers/handleAccelerate.ts b/src/api/master/handlers/handleAccelerate.ts index 1945bdc..888398a 100644 --- a/src/api/master/handlers/handleAccelerate.ts +++ b/src/api/master/handlers/handleAccelerate.ts @@ -1,12 +1,12 @@ import { RequestTracer, KeyIndices } from '@bitgo-beta/sdk-core'; import logger from '../../../logger'; -import { MasterApiSpecRouteRequest } from '../routers/masterApiSpec'; +import { MasterApiSpecRouteRequest } from '../routers/masterBitGoExpressApiSpec'; import { getWalletAndSigningKeychain, makeCustomSigningFunction } from '../handlerUtils'; export async function handleAccelerate( req: MasterApiSpecRouteRequest<'v1.wallet.accelerate', 'post'>, ) { - const enclavedExpressClient = req.enclavedExpressClient; + const awmClient = req.awmClient; const reqId = new RequestTracer(); const bitgo = req.bitgo; const params = req.decoded; @@ -25,7 +25,7 @@ export async function handleAccelerate( try { // Create custom signing function that delegates to EBE const customSigningFunction = makeCustomSigningFunction({ - enclavedExpressClient, + awmClient, source: params.source, pub: signingKeychain.pub!, }); diff --git a/src/api/master/handlers/handleConsolidate.ts b/src/api/master/handlers/handleConsolidate.ts index 4d377d4..42bafba 100644 --- a/src/api/master/handlers/handleConsolidate.ts +++ b/src/api/master/handlers/handleConsolidate.ts @@ -5,14 +5,14 @@ import { getTxRequest, } from '@bitgo-beta/sdk-core'; import logger from '../../../logger'; -import { MasterApiSpecRouteRequest } from '../routers/masterApiSpec'; +import { MasterApiSpecRouteRequest } from '../routers/masterBitGoExpressApiSpec'; import { getWalletAndSigningKeychain, makeCustomSigningFunction } from '../handlerUtils'; import { signAndSendTxRequests } from './transactionRequests'; export async function handleConsolidate( req: MasterApiSpecRouteRequest<'v1.wallet.consolidate', 'post'>, ) { - const enclavedExpressClient = req.enclavedExpressClient; + const awmClient = req.awmClient; const reqId = new RequestTracer(); const bitgo = req.bitgo; const params = req.decoded; @@ -75,7 +75,7 @@ export async function handleConsolidate( })(), reqId, ), - enclavedExpressClient, + awmClient, signingKeychain, reqId, ) @@ -83,7 +83,7 @@ export async function handleConsolidate( ...consolidationParams, prebuildTx: unsignedBuild, customSigningFunction: makeCustomSigningFunction({ - enclavedExpressClient, + awmClient, source: params.source, pub: signingKeychain.pub!, }), diff --git a/src/api/master/handlers/handleConsolidateUnspents.ts b/src/api/master/handlers/handleConsolidateUnspents.ts index d58f402..669689d 100644 --- a/src/api/master/handlers/handleConsolidateUnspents.ts +++ b/src/api/master/handlers/handleConsolidateUnspents.ts @@ -1,12 +1,12 @@ import { RequestTracer, KeyIndices } from '@bitgo-beta/sdk-core'; import logger from '../../../logger'; -import { MasterApiSpecRouteRequest } from '../routers/masterApiSpec'; +import { MasterApiSpecRouteRequest } from '../routers/masterBitGoExpressApiSpec'; import { getWalletAndSigningKeychain, makeCustomSigningFunction } from '../handlerUtils'; export async function handleConsolidateUnspents( req: MasterApiSpecRouteRequest<'v1.wallet.consolidateunspents', 'post'>, ) { - const enclavedExpressClient = req.enclavedExpressClient; + const awmClient = req.awmClient; const reqId = new RequestTracer(); const bitgo = req.bitgo; const params = req.decoded; @@ -25,7 +25,7 @@ export async function handleConsolidateUnspents( try { // Create custom signing function that delegates to EBE const customSigningFunction = makeCustomSigningFunction({ - enclavedExpressClient, + awmClient, source: params.source, pub: signingKeychain.pub!, }); diff --git a/src/api/master/handlers/handleSendMany.ts b/src/api/master/handlers/handleSendMany.ts index 61f5c8a..8fb3536 100644 --- a/src/api/master/handlers/handleSendMany.ts +++ b/src/api/master/handlers/handleSendMany.ts @@ -9,9 +9,9 @@ import { Keychain, } from '@bitgo-beta/sdk-core'; import logger from '../../../logger'; -import { MasterApiSpecRouteRequest } from '../routers/masterApiSpec'; +import { MasterApiSpecRouteRequest } from '../routers/masterBitGoExpressApiSpec'; import { createEcdsaMPCv2CustomSigners } from './ecdsaMPCv2'; -import { EnclavedExpressClient } from '../clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from '../clients/advancedWalletManagerClient'; import { createEddsaCustomSigningFunctions } from './eddsa'; import { BadRequestError, NotFoundError } from '../../../shared/errors'; import coinFactory from '../../../shared/coinFactory'; @@ -34,7 +34,7 @@ interface Recipient { */ async function createMPCSendParamsWithCustomSigningFns( req: MasterApiSpecRouteRequest<'v1.wallet.sendMany', 'post'>, - enclavedExpressClient: EnclavedExpressClient, + awmClient: AdvancedWalletManagerClient, signingKeychain: Keychain, ): Promise { const coin = await coinFactory.getCoin(req.params.coin, req.bitgo); @@ -48,7 +48,7 @@ async function createMPCSendParamsWithCustomSigningFns( if (mpcAlgorithm === 'ecdsa') { const { customMPCv2Round1Generator, customMPCv2Round2Generator, customMPCv2Round3Generator } = - createEcdsaMPCv2CustomSigners(enclavedExpressClient, source, commonKeychain); + createEcdsaMPCv2CustomSigners(awmClient, source, commonKeychain); return { ...(req.decoded as SendManyOptions), @@ -58,7 +58,7 @@ async function createMPCSendParamsWithCustomSigningFns( }; } else if (mpcAlgorithm === 'eddsa') { const { customCommitmentGenerator, customRShareGenerator, customGShareGenerator } = - createEddsaCustomSigningFunctions(enclavedExpressClient, source, commonKeychain); + createEddsaCustomSigningFunctions(awmClient, source, commonKeychain); return { ...(req.decoded as SendManyOptions), @@ -72,7 +72,7 @@ async function createMPCSendParamsWithCustomSigningFns( } export async function handleSendMany(req: MasterApiSpecRouteRequest<'v1.wallet.sendMany', 'post'>) { - const enclavedExpressClient = req.enclavedExpressClient; + const awmClient = req.awmClient; const reqId = new RequestTracer(); const bitgo = req.bitgo; const baseCoin = await coinFactory.getCoin(req.params.coin, bitgo); @@ -119,7 +119,7 @@ export async function handleSendMany(req: MasterApiSpecRouteRequest<'v1.wallet.s } const mpcSendParams = await createMPCSendParamsWithCustomSigningFns( req, - enclavedExpressClient, + awmClient, signingKeychain, ); return wallet.sendMany(mpcSendParams); @@ -165,7 +165,7 @@ export async function handleSendMany(req: MasterApiSpecRouteRequest<'v1.wallet.s req.decoded.source, txPrebuilt, prebuildParams, - enclavedExpressClient, + awmClient, signingKeychain, reqId, ); @@ -181,7 +181,7 @@ export async function signAndSendMultisig( source: 'user' | 'backup', txPrebuilt: PrebuildTransactionResult, params: SendManyOptions, - enclavedExpressClient: EnclavedExpressClient, + awmClient: AdvancedWalletManagerClient, signingKeychain: Keychain, reqId: RequestTracer, ) { @@ -191,8 +191,8 @@ export async function signAndSendMultisig( logger.info(`Signing with ${source} keychain, pub: ${signingKeychain.pub}`); logger.debug(`Signing keychain: ${JSON.stringify(signingKeychain, null, 2)}`); - // Then sign it using the enclaved express client - const signedTx = await enclavedExpressClient.signMultisig({ + // Then sign it using the advanced wallet manager client + const signedTx = await awmClient.signMultisig({ txPrebuild: txPrebuilt, source: source, pub: signingKeychain.pub, diff --git a/src/api/master/handlers/handleSignAndSendTxRequest.ts b/src/api/master/handlers/handleSignAndSendTxRequest.ts index dac0749..a8dc9d7 100644 --- a/src/api/master/handlers/handleSignAndSendTxRequest.ts +++ b/src/api/master/handlers/handleSignAndSendTxRequest.ts @@ -1,13 +1,13 @@ import { getTxRequest, KeyIndices, RequestTracer } from '@bitgo-beta/sdk-core'; import logger from '../../../logger'; import { signAndSendTxRequests } from './transactionRequests'; -import { MasterApiSpecRouteRequest } from '../routers/masterApiSpec'; +import { MasterApiSpecRouteRequest } from '../routers/masterBitGoExpressApiSpec'; import coinFactory from '../../../shared/coinFactory'; export async function handleSignAndSendTxRequest( req: MasterApiSpecRouteRequest<'v1.wallet.txrequest.signAndSend', 'post'>, ) { - const enclavedExpressClient = req.enclavedExpressClient; + const awmClient = req.awmClient; const reqId = new RequestTracer(); const bitgo = req.bitgo; const baseCoin = await coinFactory.getCoin(req.params.coin, bitgo); @@ -47,12 +47,5 @@ export async function handleSignAndSendTxRequest( throw new Error(`TxRequest ${req.params.txRequestId} not found`); } - return signAndSendTxRequests( - bitgo, - wallet, - txRequest, - enclavedExpressClient, - signingKeychain, - reqId, - ); + return signAndSendTxRequests(bitgo, wallet, txRequest, awmClient, signingKeychain, reqId); } diff --git a/src/api/master/handlers/recoverEcdsaWallets.ts b/src/api/master/handlers/recoverEcdsaWallets.ts index cef6a1d..1cfe9f8 100644 --- a/src/api/master/handlers/recoverEcdsaWallets.ts +++ b/src/api/master/handlers/recoverEcdsaWallets.ts @@ -1,5 +1,5 @@ import { BaseCoin, BitGoBase, Ecdsa } from '@bitgo-beta/sdk-core'; -import { EnclavedExpressClient } from '../clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from '../clients/advancedWalletManagerClient'; import { isCosmosLikeCoin, isEthLikeCoin } from '../../../shared/coinUtils'; import { ValidationError } from '../../../shared/errors'; @@ -20,7 +20,7 @@ export type recoverEcdsaMpcV2Params = { export async function recoverEcdsaMPCv2Wallets( bitgo: BitGoBase, baseCoin: BaseCoin, - enclavedExpressClient: EnclavedExpressClient, + awmClient: AdvancedWalletManagerClient, params: recoverEcdsaMpcV2Params, ): Promise<{ txHex: string }> { // get unsigned recovery transaction using the base coin's recover method @@ -107,7 +107,7 @@ export async function recoverEcdsaMPCv2Wallets( } // sent to EBE for signing - const enclvaedResponse = await enclavedExpressClient.recoverEcdsaMpcV2Wallet({ + const enclvaedResponse = await awmClient.recoverEcdsaMpcV2Wallet({ txHex: unsignedTx.signableHex, pub: userKey, }); @@ -115,7 +115,7 @@ export async function recoverEcdsaMPCv2Wallets( // Sanity check: returned signature should be in the form of ECDSAMethodTypes.Signature if (!signature || signature.recid === undefined || !signature.r || !signature.s || !signature.y) { - throw new Error('Invalid signature returned from enclaved express for Ecdsa recovery'); + throw new Error('Invalid signature returned from advanced wallet manager for Ecdsa recovery'); } // post processing of the response diff --git a/src/api/master/handlers/recoveryConsolidationsWallet.ts b/src/api/master/handlers/recoveryConsolidationsWallet.ts index 6915391..29af170 100644 --- a/src/api/master/handlers/recoveryConsolidationsWallet.ts +++ b/src/api/master/handlers/recoveryConsolidationsWallet.ts @@ -1,4 +1,4 @@ -import { MasterApiSpecRouteRequest } from '../routers/masterApiSpec'; +import { MasterApiSpecRouteRequest } from '../routers/masterBitGoExpressApiSpec'; import logger from '../../../logger'; import { BaseCoin, @@ -83,7 +83,7 @@ export async function handleRecoveryConsolidationsOnPrem( const bitgo = req.bitgo; const coin = req.decoded.coin; - const enclavedExpressClient = req.enclavedExpressClient; + const awmClient = req.awmClient; const isMPC = req.decoded.multisigType === 'tss'; @@ -129,7 +129,7 @@ export async function handleRecoveryConsolidationsOnPrem( try { for (const tx of txs) { const signedTx = isMPC - ? await enclavedExpressClient.recoveryMPC({ + ? await awmClient.recoveryMPC({ userPub, backupPub, apiKey, @@ -137,7 +137,7 @@ export async function handleRecoveryConsolidationsOnPrem( coinSpecificParams: {}, walletContractAddress: '', }) - : await enclavedExpressClient.recoveryMultisig({ + : await awmClient.recoveryMultisig({ userPub, backupPub, unsignedSweepPrebuildTx: tx as RecoveryTransaction, diff --git a/src/api/master/handlers/recoveryWallet.ts b/src/api/master/handlers/recoveryWallet.ts index 7aa3ce6..54b45d4 100644 --- a/src/api/master/handlers/recoveryWallet.ts +++ b/src/api/master/handlers/recoveryWallet.ts @@ -20,14 +20,14 @@ import { getReplayProtectionOptions, } from '../../../shared/recoveryUtils'; -import { EnclavedExpressClient } from '../clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from '../clients/advancedWalletManagerClient'; import { CoinSpecificParams, CoinSpecificParamsUnion, MasterApiSpecRouteRequest, ScriptType2Of3, SolanaRecoveryOptions, -} from '../routers/masterApiSpec'; +} from '../routers/masterBitGoExpressApiSpec'; import { recoverEddsaWallets } from './recoverEddsaWallets'; import { EnvironmentName, MasterExpressConfig } from '../../../shared/types'; import { recoverEcdsaMpcV2Params, recoverEcdsaMPCv2Wallets } from './recoverEcdsaWallets'; @@ -44,7 +44,7 @@ interface RecoveryParams { apiKey: string; } -interface EnclavedRecoveryParams { +interface AdvancedWalletManagerRecoveryParams { userPub: string; backupPub: string; apiKey: string; @@ -110,8 +110,8 @@ function validateRecoveryParams( async function handleEthLikeRecovery( sdkCoin: BaseCoin, commonRecoveryParams: RecoveryParams, - enclavedExpressClient: any, - params: EnclavedRecoveryParams, + awmClient: any, + params: AdvancedWalletManagerRecoveryParams, env: EnvironmentName, ) { try { @@ -129,7 +129,7 @@ async function handleEthLikeRecovery( isUnsignedSweep: true, }); - return await enclavedExpressClient.recoveryMultisig({ + return await awmClient.recoveryMultisig({ ...params, unsignedSweepPrebuildTx, }); @@ -142,8 +142,8 @@ async function handleEddsaRecovery( bitgo: BitGoAPI, sdkCoin: BaseCoin, commonRecoveryParams: RecoveryParams, - enclavedExpressClient: EnclavedExpressClient, - params: EnclavedRecoveryParams, + awmClient: AdvancedWalletManagerClient, + params: AdvancedWalletManagerRecoveryParams, ) { const { recoveryDestination, userKey } = commonRecoveryParams; try { @@ -173,7 +173,7 @@ async function handleEddsaRecovery( } logger.info('Unsigned sweep tx: ', JSON.stringify(unsignedSweepPrebuildTx, null, 2)); - return await enclavedExpressClient.recoveryMPC({ + return await awmClient.recoveryMPC({ userPub: params.userPub, backupPub: params.backupPub, apiKey: params.apiKey, @@ -200,7 +200,7 @@ export type UtxoCoinSpecificRecoveryParams = Pick< async function handleUtxoLikeRecovery( sdkCoin: BaseCoin, - enclavedClient: EnclavedExpressClient, + awmClient: AdvancedWalletManagerClient, recoveryParams: UtxoCoinSpecificRecoveryParams, ): Promise<{ txHex: string }> { const abstractUtxoCoin = sdkCoin as unknown as AbstractUtxoCoin; @@ -211,7 +211,7 @@ async function handleUtxoLikeRecovery( throw new MethodNotImplementedError(`Unknown transaction ${JSON.stringify(recoverTx)} created`); } - return (await enclavedClient.recoveryMultisig({ + return (await awmClient.recoveryMultisig({ userPub: recoveryParams.userKey, backupPub: recoveryParams.backupKey, bitgoPub: recoveryParams.bitgoKey, @@ -227,7 +227,7 @@ export async function handleRecoveryWalletOnPrem( const bitgo = req.bitgo; const coin = req.decoded.coin; - const enclavedExpressClient = req.enclavedExpressClient; + const awmClient = req.awmClient; const { recoveryDestinationAddress, coinSpecificParams } = req.decoded; const sdkCoin = await coinFactory.getCoin(coin, bitgo); @@ -254,7 +254,7 @@ export async function handleRecoveryWalletOnPrem( recoveryDestination: recoveryDestinationAddress, apiKey: req.decoded.apiKey || '', }, - enclavedExpressClient, + awmClient, { userPub: commonKeychain, backupPub: commonKeychain, @@ -295,7 +295,7 @@ export async function handleRecoveryWalletOnPrem( throw new NotImplementedError(`TSS recovery is not supported for coin: ${coin}.`); } - return recoverEcdsaMPCv2Wallets(bitgo, sdkCoin, enclavedExpressClient, params); + return recoverEcdsaMPCv2Wallets(bitgo, sdkCoin, awmClient, params); } else { throw new ValidationError( `TSS recovery is not supported for coin ${coin}. ${coin} is neither eddsa nor ecdsa.`, @@ -338,7 +338,7 @@ export async function handleRecoveryWalletOnPrem( return handleEthLikeRecovery( sdkCoin, commonRecoveryParams, - enclavedExpressClient, + awmClient, { userPub, backupPub, @@ -355,7 +355,7 @@ export async function handleRecoveryWalletOnPrem( } if (isUtxoCoin(sdkCoin)) { - return handleUtxoLikeRecovery(sdkCoin, req.enclavedExpressClient, { + return handleUtxoLikeRecovery(sdkCoin, req.awmClient, { userKey: userPub, backupKey: backupPub, bitgoKey: bitgoPub, diff --git a/src/api/master/handlers/transactionRequests.ts b/src/api/master/handlers/transactionRequests.ts index 76c90f8..b9dd939 100644 --- a/src/api/master/handlers/transactionRequests.ts +++ b/src/api/master/handlers/transactionRequests.ts @@ -6,7 +6,7 @@ import { TxRequest, Wallet, } from '@bitgo-beta/sdk-core'; -import { EnclavedExpressClient } from '../clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from '../clients/advancedWalletManagerClient'; import { handleEddsaSigning } from './eddsa'; import { signAndSendEcdsaMPCv2FromTxRequest } from './ecdsaMPCv2'; @@ -16,7 +16,7 @@ import { signAndSendEcdsaMPCv2FromTxRequest } from './ecdsaMPCv2'; * @param bitgo - BitGo instance * @param wallet - Wallet instance * @param txRequestId - Transaction request ID - * @param enclavedExpressClient - Enclaved express client + * @param awmClient - Advanced Wallet Manager client * @param signingKeychain - Signing keychain * @param reqId - Request tracer */ @@ -24,7 +24,7 @@ export async function signAndSendTxRequests( bitgo: BitGoBase, wallet: Wallet, txRequest: TxRequest, - enclavedExpressClient: EnclavedExpressClient, + awmClient: AdvancedWalletManagerClient, signingKeychain: Keychain, reqId: RequestTracer, ): Promise { @@ -40,7 +40,7 @@ export async function signAndSendTxRequests( bitgo, wallet, txRequest, - enclavedExpressClient, + awmClient, signingKeychain.commonKeychain, reqId, ); @@ -49,7 +49,7 @@ export async function signAndSendTxRequests( bitgo, wallet, txRequest, - enclavedExpressClient, + awmClient, signingKeychain.source as 'user' | 'backup', signingKeychain.commonKeychain, reqId, diff --git a/src/api/master/middleware/middleware.ts b/src/api/master/middleware/middleware.ts index d42b96b..bce5929 100644 --- a/src/api/master/middleware/middleware.ts +++ b/src/api/master/middleware/middleware.ts @@ -1,10 +1,10 @@ import { Request, Response, NextFunction } from 'express'; import { isMasterExpressConfig } from '../../../shared/types'; -import { createEnclavedExpressClient } from '../clients/enclavedExpressClient'; +import { createawmClient } from '../clients/advancedWalletManagerClient'; import { BitGoRequest } from '../../../types/request'; /** - * Middleware to validate master express configuration and enclaved express client + * Middleware to validate master express configuration and advanced wallet manager client */ export function validateMasterExpressConfig(req: Request, res: Response, next: NextFunction) { const bitgoReq = req as BitGoRequest; @@ -17,16 +17,16 @@ export function validateMasterExpressConfig(req: Request, res: Response, next: N }); } - // Validate enclaved express client - const enclavedExpressClient = createEnclavedExpressClient(bitgoReq.config, bitgoReq.params?.coin); - if (!enclavedExpressClient) { + // Validate advanced wallet manager client + const awmClient = createawmClient(bitgoReq.config, bitgoReq.params?.coin); + if (!awmClient) { return res.status(500).json({ - error: 'Please configure enclaved express configs.', - details: 'Enclaved express features will be disabled', + error: 'Please configure advanced wallet manager configs.', + details: 'Advanced Wallet Manager features will be disabled', }); } // Attach the client to the request for use in route handlers - bitgoReq.enclavedExpressClient = enclavedExpressClient; + bitgoReq.awmClient = awmClient; next(); } diff --git a/src/api/master/routers/enclavedExpressHealth.ts b/src/api/master/routers/awmExpressHealth.ts similarity index 53% rename from src/api/master/routers/enclavedExpressHealth.ts rename to src/api/master/routers/awmExpressHealth.ts index c1ba0f3..7a64c6c 100644 --- a/src/api/master/routers/enclavedExpressHealth.ts +++ b/src/api/master/routers/awmExpressHealth.ts @@ -5,14 +5,14 @@ import { Response } from '@api-ts/response'; import { MasterExpressConfig } from '../../../shared/types'; import logger from '../../../logger'; import { responseHandler } from '../../../shared/middleware'; -import { EnclavedExpressClient } from '../clients/enclavedExpressClient'; +import { AdvancedWalletManagerClient } from '../clients/advancedWalletManagerClient'; import { PingResponseType, VersionResponseType } from '../../../types/health'; -// Response type for /ping/enclavedExpress endpoint -const PingEnclavedResponse: HttpResponse = { +// Response type for /ping/advancedWalletManager endpoint +const PingAwmResponse: HttpResponse = { 200: t.type({ status: t.string, - enclavedResponse: PingResponseType, + advancedWalletManagerResponse: PingResponseType, }), 500: t.type({ error: t.string, @@ -20,7 +20,7 @@ const PingEnclavedResponse: HttpResponse = { }), }; -const VersionEnclavedResponse: HttpResponse = { +const VersionAwmResponse: HttpResponse = { 200: VersionResponseType, 500: t.type({ error: t.string, @@ -29,76 +29,76 @@ const VersionEnclavedResponse: HttpResponse = { }; // API Specification -export const EnclavedExpressApiSpec = apiSpec({ - 'v1.enclaved.ping': { +export const AdvancedWalletManagerHealthSpec = apiSpec({ + 'v1.advancedwalletmanager.ping': { post: httpRoute({ method: 'POST', - path: '/ping/enclavedExpress', + path: '/ping/advancedWalletManager', request: httpRequest({}), - response: PingEnclavedResponse, - description: 'Ping the enclaved express server', + response: PingAwmResponse, + description: 'Ping the advanced wallet manager server', }), }, - 'v1.enclaved.version': { + 'v1.advancedwalletmanager.version': { get: httpRoute({ method: 'GET', - path: '/version/enclavedExpress', + path: '/version/advancedWalletManager', request: httpRequest({}), - response: VersionEnclavedResponse, - description: 'Get the version of the enclaved express server', + response: VersionAwmResponse, + description: 'Get the version of the advanced wallet manager server', }), }, }); // Create router with handlers -export function createEnclavedExpressRouter( +export function createAdvancedWalletManagerHealthRouter( cfg: MasterExpressConfig, -): WrappedRouter { - const router = createRouter(EnclavedExpressApiSpec); +): WrappedRouter { + const router = createRouter(AdvancedWalletManagerHealthSpec); - // Create an instance of EnclavedExpressClient - const enclavedClient = new EnclavedExpressClient(cfg); + // Create an instance of awmClient + const awmClient = new AdvancedWalletManagerClient(cfg); // Ping endpoint handler - router.post('v1.enclaved.ping', [ + router.post('v1.advancedwalletmanager.ping', [ responseHandler(async () => { - logger.debug('Pinging enclaved express'); + logger.debug('Pinging advanced wallet manager'); try { // Use the client's ping method instead of direct HTTP request - const pingResponse = await enclavedClient.ping(); + const pingResponse = await awmClient.ping(); return Response.ok({ - status: 'Successfully pinged enclaved express', - enclavedResponse: { + status: 'Successfully pinged advanced wallet manager', + awmResponse: { status: pingResponse.status, timestamp: pingResponse.timestamp, }, }); } catch (error) { - logger.error('Failed to ping enclaved express:', { error }); + logger.error('Failed to ping advanced wallet manager:', { error }); return Response.internalError({ - error: 'Failed to ping enclaved express', + error: 'Failed to ping advanced wallet manager', details: error instanceof Error ? error.message : String(error), }); } }), ]); - router.get('v1.enclaved.version', [ + router.get('v1.advancedwalletmanager.version', [ responseHandler(async () => { try { // Use the client's getVersion method instead of direct HTTP request - const versionResponse = await enclavedClient.getVersion(); + const versionResponse = await awmClient.getVersion(); return Response.ok({ version: versionResponse.version, name: versionResponse.name, }); } catch (error) { - logger.error('Failed to get version from enclaved express:', { error }); + logger.error('Failed to get version from advanced wallet manager:', { error }); return Response.internalError({ - error: 'Failed to get version from enclaved express', + error: 'Failed to get version from advanced wallet manager', details: error instanceof Error ? error.message : String(error), }); } diff --git a/src/api/master/routers/index.ts b/src/api/master/routers/index.ts index 4ea8182..6a3c079 100644 --- a/src/api/master/routers/index.ts +++ b/src/api/master/routers/index.ts @@ -1,13 +1,13 @@ import { apiSpec } from '@api-ts/io-ts-http'; import { HealthCheckApiSpec } from './healthCheck'; -import { MasterApiSpec } from './masterApiSpec'; -import { EnclavedExpressApiSpec } from './enclavedExpressHealth'; +import { MasterBitGoExpressApiSpec } from './masterBitGoExpressApiSpec'; +import { AdvancedWalletManagerHealthSpec } from './awmExpressHealth'; // Combine all API specifications const combinedSpec = apiSpec({ ...HealthCheckApiSpec, - ...MasterApiSpec, - ...EnclavedExpressApiSpec, + ...MasterBitGoExpressApiSpec, + ...AdvancedWalletManagerHealthSpec, }); export const FullApiSpec = combinedSpec; diff --git a/src/api/master/routers/masterApiSpec.ts b/src/api/master/routers/masterBitGoExpressApiSpec.ts similarity index 99% rename from src/api/master/routers/masterApiSpec.ts rename to src/api/master/routers/masterBitGoExpressApiSpec.ts index c6e9588..67b6a2e 100644 --- a/src/api/master/routers/masterApiSpec.ts +++ b/src/api/master/routers/masterBitGoExpressApiSpec.ts @@ -655,7 +655,7 @@ const SignMpcResponse: HttpResponse = { }; // API Specification -export const MasterApiSpec = apiSpec({ +export const MasterBitGoExpressApiSpec = apiSpec({ 'v1.wallet.generate': { post: httpRoute({ method: 'POST' as const, @@ -776,7 +776,7 @@ export const MasterApiSpec = apiSpec({ }, }); -export type MasterApiSpec = typeof MasterApiSpec; +export type MasterApiSpec = typeof MasterBitGoExpressApiSpec; export type MasterApiSpecRouteHandler< ApiName extends keyof MasterApiSpec, @@ -793,8 +793,8 @@ export type GenericMasterApiSpecRouteRequest = MasterApiSpecRouteRequest { - const router = createRouter(MasterApiSpec); +): WrappedRouter { + const router = createRouter(MasterBitGoExpressApiSpec); // Add middleware to all routes router.use(parseBody); diff --git a/src/app.ts b/src/app.ts index 5011e65..5c5b139 100644 --- a/src/app.ts +++ b/src/app.ts @@ -1,7 +1,7 @@ import { determineAppMode } from './initConfig'; import { AppMode } from './shared/types'; -import * as enclavedApp from './enclavedApp'; -import * as masterExpressApp from './masterExpressApp'; +import * as advancedWalletManagerApp from './advancedWalletManagerApp'; +import * as masterExpressApp from './masterBitGoExpressApp'; import logger from './logger'; /** @@ -10,9 +10,9 @@ import logger from './logger'; export async function init(): Promise { const appMode = determineAppMode(); - if (appMode === AppMode.ENCLAVED) { - logger.info('Starting in Enclaved mode...'); - await enclavedApp.init(); + if (appMode === AppMode.ADVANCED_WALLET_MANAGER) { + logger.info('Starting in Advanced Wallet Manager mode...'); + await advancedWalletManagerApp.init(); } else if (appMode === AppMode.MASTER_EXPRESS) { logger.info('Starting in Master Express mode...'); await masterExpressApp.init(); @@ -22,4 +22,4 @@ export async function init(): Promise { } // Export the individual app modules for direct access if needed -export { enclavedApp, masterExpressApp }; +export { advancedWalletManagerApp, masterExpressApp }; diff --git a/src/enclavedBitgoExpress/routers/index.ts b/src/enclavedBitgoExpress/routers/index.ts deleted file mode 100644 index 8221c9c..0000000 --- a/src/enclavedBitgoExpress/routers/index.ts +++ /dev/null @@ -1,8 +0,0 @@ -import { EnclavedAPiSpec as ApiSpec } from './enclavedApiSpec'; -import { HealthCheckApiSpec } from './healthCheck'; - -export const EnclavedApiSpec = { - ...HealthCheckApiSpec, - ...ApiSpec, -}; -export type EnclavedApiSpec = typeof EnclavedApiSpec; diff --git a/src/errors.ts b/src/errors.ts index 6ce5540..fb50f66 100644 --- a/src/errors.ts +++ b/src/errors.ts @@ -1,7 +1,7 @@ /** - * Common base error class for the Enclaved Express application + * Common base error class for the Advanced Wallet Manager application */ -export class EnclavedError extends Error { +export class AdvancedWalletManagerError extends Error { public status: number; constructor(message: string, status = 500) { @@ -15,7 +15,7 @@ export class EnclavedError extends Error { /** * Error for API responses */ -export class ApiResponseError extends EnclavedError { +export class ApiResponseError extends AdvancedWalletManagerError { public result: any; constructor(message: string, status = 500, result?: any) { @@ -27,7 +27,7 @@ export class ApiResponseError extends EnclavedError { /** * Error for configuration issues */ -export class ConfigurationError extends EnclavedError { +export class ConfigurationError extends AdvancedWalletManagerError { constructor(message: string) { super(message, 500); } @@ -36,7 +36,7 @@ export class ConfigurationError extends EnclavedError { /** * Error for service connection issues */ -export class ServiceConnectionError extends EnclavedError { +export class ServiceConnectionError extends AdvancedWalletManagerError { constructor(message: string) { super(message, 502); } @@ -45,7 +45,7 @@ export class ServiceConnectionError extends EnclavedError { /** * Error for unsupported operations */ -export class UnsupportedOperationError extends EnclavedError { +export class UnsupportedOperationError extends AdvancedWalletManagerError { constructor(message: string) { super(message, 400); } diff --git a/src/initConfig.ts b/src/initConfig.ts index 3ac13b2..652f244 100644 --- a/src/initConfig.ts +++ b/src/initConfig.ts @@ -1,7 +1,7 @@ import fs from 'fs'; import { Config, - EnclavedConfig, + AdvancedWalletManagerConfig, MasterExpressConfig, TlsMode, AppMode, @@ -10,7 +10,14 @@ import { import logger from './logger'; import { validateTlsCertificates, validateMasterExpressConfig } from './shared/appUtils'; -export { Config, EnclavedConfig, MasterExpressConfig, TlsMode, AppMode, EnvironmentName }; +export { + Config, + AdvancedWalletManagerConfig, + MasterExpressConfig, + TlsMode, + AppMode, + EnvironmentName, +}; function isNilOrNaN(val: unknown): val is null | undefined | number { return val == null || (typeof val === 'number' && isNaN(val)); @@ -26,26 +33,28 @@ function determineAppMode(): AppMode { const mode = readEnvVar('APP_MODE') || readEnvVar('BITGO_APP_MODE'); if (!mode) { throw new Error( - 'APP_MODE environment variable is required. Set APP_MODE to either "enclaved" or "master-express"', + 'APP_MODE environment variable is required. Set APP_MODE to either "advanced-wallet-manager" or "master-express"', ); } if (mode === 'master-express') { return AppMode.MASTER_EXPRESS; } - if (mode === 'enclaved') { - return AppMode.ENCLAVED; + if (mode === 'advanced-wallet-manager') { + return AppMode.ADVANCED_WALLET_MANAGER; } - throw new Error(`Invalid APP_MODE: ${mode}. Must be either "enclaved" or "master-express"`); + throw new Error( + `Invalid APP_MODE: ${mode}. Must be either "advanced-wallet-manager" or "master-express"`, + ); } export { determineAppMode }; // ============================================================================ -// ENCLAVED MODE CONFIGURATION +// ADVANCED WALLET MANAGER MODE CONFIGURATION // ============================================================================ -const defaultEnclavedConfig: EnclavedConfig = { - appMode: AppMode.ENCLAVED, +const advancedWalletManagerConfig: AdvancedWalletManagerConfig = { + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: 3080, bind: 'localhost', timeout: 305 * 1000, @@ -74,7 +83,7 @@ function determineTlsMode(): TlsMode { throw new Error(`Invalid TLS_MODE: ${tlsMode}. Must be either "disabled" or "mtls"`); } -function enclavedEnvConfig(): Partial { +function advancedWalletManagerEnvConfig(): Partial { const kmsUrl = readEnvVar('KMS_URL'); if (!kmsUrl) { @@ -83,8 +92,8 @@ function enclavedEnvConfig(): Partial { } return { - appMode: AppMode.ENCLAVED, - port: Number(readEnvVar('ENCLAVED_EXPRESS_PORT')), + appMode: AppMode.ADVANCED_WALLET_MANAGER, + port: Number(readEnvVar('ADVANCED_WALLET_MANAGER_PORT')), bind: readEnvVar('BIND'), ipc: readEnvVar('IPC'), httpLoggerFile: readEnvVar('HTTP_LOGFILE') || 'logs/http-access.log', @@ -106,17 +115,19 @@ function enclavedEnvConfig(): Partial { }; } -function mergeEnclavedConfigs(...configs: Partial[]): EnclavedConfig { - function get(k: T): EnclavedConfig[T] { +function mergeAkmConfigs( + ...configs: Partial[] +): AdvancedWalletManagerConfig { + function get(k: T): AdvancedWalletManagerConfig[T] { return configs.reduce( - (entry: EnclavedConfig[T], config) => - !isNilOrNaN(config[k]) ? (config[k] as EnclavedConfig[T]) : entry, - defaultEnclavedConfig[k], + (entry: AdvancedWalletManagerConfig[T], config) => + !isNilOrNaN(config[k]) ? (config[k] as AdvancedWalletManagerConfig[T]) : entry, + advancedWalletManagerConfig[k], ); } return { - appMode: AppMode.ENCLAVED, + appMode: AppMode.ADVANCED_WALLET_MANAGER, port: get('port'), bind: get('bind'), ipc: get('ipc'), @@ -137,9 +148,9 @@ function mergeEnclavedConfigs(...configs: Partial[]): EnclavedCo }; } -function configureEnclavedMode(): EnclavedConfig { - const env = enclavedEnvConfig(); - let config = mergeEnclavedConfigs(env); +function configureAdvancedWalletManagaerMode(): AdvancedWalletManagerConfig { + const env = advancedWalletManagerEnvConfig(); + let config = mergeAkmConfigs(env); // Only load certificates if TLS is enabled if (config.tlsMode !== TlsMode.DISABLED) { @@ -201,8 +212,8 @@ const defaultMasterExpressConfig: MasterExpressConfig = { env: 'test', disableEnvCheck: true, authVersion: 2, - enclavedExpressUrl: '', // Will be overridden by environment variable - enclavedExpressCert: '', // Will be overridden by environment variable + advancedWalletManagerUrl: '', // Will be overridden by environment variable + advancedWalletManagerCert: '', // Will be overridden by environment variable tlsMode: TlsMode.MTLS, allowSelfSigned: false, }; @@ -217,16 +228,18 @@ function determineProtocol(url: string, tlsMode: TlsMode, isBitGo = false): stri } function masterExpressEnvConfig(): Partial { - const enclavedExpressUrl = readEnvVar('ENCLAVED_EXPRESS_URL'); - const enclavedExpressCert = readEnvVar('ENCLAVED_EXPRESS_CERT'); + const advancedWalletManagerUrl = readEnvVar('ADVANCED_WALLET_MANAGER_URL'); + const advancedWalletManagerCert = readEnvVar('ADVANCED_WALLET_MANAGER_CERT'); const tlsMode = determineTlsMode(); - if (!enclavedExpressUrl) { - throw new Error('ENCLAVED_EXPRESS_URL environment variable is required and cannot be empty'); + if (!advancedWalletManagerUrl) { + throw new Error( + 'ADVANCED_WALLET_MANAGER_URL environment variable is required and cannot be empty', + ); } - if (tlsMode === TlsMode.MTLS && !enclavedExpressCert) { - throw new Error('ENCLAVED_EXPRESS_CERT environment variable is required for MTLS mode.'); + if (tlsMode === TlsMode.MTLS && !advancedWalletManagerCert) { + throw new Error('ADVANCED_WALLET_MANAGER_CERT environment variable is required for MTLS mode.'); } // Debug mTLS environment variables @@ -247,8 +260,8 @@ function masterExpressEnvConfig(): Partial { customRootUri: readEnvVar('BITGO_CUSTOM_ROOT_URI'), disableEnvCheck: readEnvVar('BITGO_DISABLE_ENV_CHECK') === 'true', authVersion: Number(readEnvVar('BITGO_AUTH_VERSION')), - enclavedExpressUrl, - enclavedExpressCert, + advancedWalletManagerUrl: advancedWalletManagerUrl, + advancedWalletManagerCert: advancedWalletManagerCert, customBitcoinNetwork: readEnvVar('BITGO_CUSTOM_BITCOIN_NETWORK'), // mTLS settings keyPath: readEnvVar('TLS_KEY_PATH'), @@ -286,8 +299,8 @@ function mergeMasterExpressConfigs( customRootUri: get('customRootUri'), disableEnvCheck: get('disableEnvCheck'), authVersion: get('authVersion'), - enclavedExpressUrl: get('enclavedExpressUrl'), - enclavedExpressCert: get('enclavedExpressCert'), + advancedWalletManagerUrl: get('advancedWalletManagerUrl'), + advancedWalletManagerCert: get('advancedWalletManagerCert'), customBitcoinNetwork: get('customBitcoinNetwork'), keyPath: get('keyPath'), crtPath: get('crtPath'), @@ -309,9 +322,9 @@ export function configureMasterExpressMode(): MasterExpressConfig { if (config.customRootUri) { updates.customRootUri = determineProtocol(config.customRootUri, config.tlsMode, true); } - if (config.enclavedExpressUrl) { - updates.enclavedExpressUrl = determineProtocol( - config.enclavedExpressUrl, + if (config.advancedWalletManagerUrl) { + updates.advancedWalletManagerUrl = determineProtocol( + config.advancedWalletManagerUrl, config.tlsMode, false, ); @@ -349,26 +362,26 @@ export function configureMasterExpressMode(): MasterExpressConfig { validateTlsCertificates(config); } - // Handle cert loading for Enclaved Express (always required for Master Express) - if (config.enclavedExpressCert) { + // Handle cert loading for Advanced Wallet Manager (always required for Master Express) + if (config.advancedWalletManagerCert) { try { - if (fs.existsSync(config.enclavedExpressCert)) { + if (fs.existsSync(config.advancedWalletManagerCert)) { config = { ...config, - enclavedExpressCert: fs.readFileSync(config.enclavedExpressCert, 'utf-8'), + advancedWalletManagerCert: fs.readFileSync(config.advancedWalletManagerCert, 'utf-8'), }; logger.info( - `Successfully loaded Enclaved Express certificate from file: ${config.enclavedExpressCert.substring( + `Successfully loaded Advanced Wallet Manager certificate from file: ${config.advancedWalletManagerCert.substring( 0, 50, )}...`, ); } else { - throw new Error(`Certificate file not found: ${config.enclavedExpressCert}`); + throw new Error(`Certificate file not found: ${config.advancedWalletManagerCert}`); } } catch (e) { const err = e instanceof Error ? e : new Error(String(e)); - throw new Error(`Failed to read enclaved express cert: ${err.message}`); + throw new Error(`Failed to read advanced wallet manager cert: ${err.message}`); } } @@ -385,8 +398,8 @@ export function configureMasterExpressMode(): MasterExpressConfig { export function initConfig(): Config { const appMode = determineAppMode(); - if (appMode === AppMode.ENCLAVED) { - return configureEnclavedMode(); + if (appMode === AppMode.ADVANCED_WALLET_MANAGER) { + return configureAdvancedWalletManagaerMode(); } else if (appMode === AppMode.MASTER_EXPRESS) { return configureMasterExpressMode(); } else { @@ -395,8 +408,10 @@ export function initConfig(): Config { } // Type guards for working with the union type -export function isEnclavedConfig(config: Config): config is EnclavedConfig { - return config.appMode === AppMode.ENCLAVED; +export function isAdvancedWalletManagerConfig( + config: Config, +): config is AdvancedWalletManagerConfig { + return config.appMode === AppMode.ADVANCED_WALLET_MANAGER; } export function isMasterExpressConfig(config: Config): config is MasterExpressConfig { diff --git a/src/kms/kmsClient.ts b/src/kms/kmsClient.ts index f7e83c2..8ddd21c 100644 --- a/src/kms/kmsClient.ts +++ b/src/kms/kmsClient.ts @@ -1,5 +1,5 @@ import * as superagent from 'superagent'; -import { EnclavedConfig, isMasterExpressConfig, TlsMode } from '../shared/types'; +import { AdvancedWalletManagerConfig, isMasterExpressConfig, TlsMode } from '../shared/types'; import { PostKeyKmsSchema, PostKeyParams, PostKeyResponse } from './types/postKey'; import { GetKeyKmsSchema, GetKeyParams, GetKeyResponse } from './types/getKey'; import { @@ -13,6 +13,7 @@ import { GenerateDataKeyResponse, } from './types/generateDataKey'; import https from 'https'; +import { URL } from 'url'; import logger from '../logger'; @@ -20,24 +21,31 @@ export class KmsClient { private readonly url: string; private readonly agent?: https.Agent; - constructor(cfg: EnclavedConfig) { + constructor(cfg: AdvancedWalletManagerConfig) { if (isMasterExpressConfig(cfg)) { logger.error('KMS client cannot be initialized in master express mode'); - throw new Error('Configuration is not in enclaved express mode'); + throw new Error('Configuration is not in advanced wallet manager mode'); } if (!cfg.kmsUrl) { logger.error('KMS URL not configured. Please set KMS_URL in your environment.'); throw new Error('KMS URL not configured. Please set KMS_URL in your environment.'); } - this.url = cfg.kmsUrl; - if (cfg.tlsMode === TlsMode.MTLS && cfg.kmsTlsCert) { - this.agent = new https.Agent({ - ca: cfg.kmsTlsCert, - cert: cfg.tlsCert, - key: cfg.tlsKey, - }); + const kmsUrlObj = new URL(cfg.kmsUrl); + if (cfg.tlsMode === TlsMode.MTLS) { + kmsUrlObj.protocol = 'https:'; + if (cfg.kmsTlsCert) { + this.agent = new https.Agent({ + ca: cfg.kmsTlsCert, + cert: cfg.tlsCert, + key: cfg.tlsKey, + }); + } + } else { + kmsUrlObj.protocol = 'http:'; } + + this.url = kmsUrlObj.toString().replace(/\/$/, ''); logger.debug('kmsClient initialized with URL: %s', this.url); } @@ -47,7 +55,7 @@ export class KmsClient { // Call KMS to post the key let kmsResponse: any; try { - let req = superagent.post(`${this.url}/key`).set('x-api-key', 'abc').send(params); + let req = superagent.post(`${this.url}/key`).send(params); if (this.agent) req = req.agent(this.agent); kmsResponse = await req; } catch (error: any) { diff --git a/src/masterBitGoExpressApp.ts b/src/masterBitGoExpressApp.ts new file mode 100644 index 0000000..45eaf5b --- /dev/null +++ b/src/masterBitGoExpressApp.ts @@ -0,0 +1,127 @@ +import express from 'express'; +import https from 'https'; +import http from 'http'; +import { SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 } from 'constants'; + +import { MasterExpressConfig, isMasterExpressConfig, TlsMode } from './shared/types'; +import { initConfig } from './initConfig'; +import { + setupLogging, + setupCommonMiddleware, + createErrorHandler, + createHttpServer, + configureServerTimeouts, + prepareIpc, + createMtlsMiddleware, +} from './shared/appUtils'; +import logger from './logger'; +import { setupRoutes } from './routes/masterBitGoExpress'; + +/** + * Create a startup function which will be run upon server initialization + */ +export function startup(config: MasterExpressConfig, baseUri: string): () => void { + return () => { + logger.info('Master Express server starting...'); + logger.info(`Base URI: ${baseUri}`); + logger.info(`TLS Mode: ${config.tlsMode}`); + logger.info(`Port: ${config.port}`); + logger.info(`Bind: ${config.bind}`); + logger.info(`Advanced Wallet Manager URL: ${config.advancedWalletManagerUrl}`); + logger.info('Master Express server started successfully'); + }; +} + +function isTLS(config: MasterExpressConfig): boolean { + const { keyPath, crtPath, tlsKey, tlsCert, tlsMode } = config; + if (tlsMode === TlsMode.DISABLED) return false; + return Boolean((keyPath && crtPath) || (tlsKey && tlsCert)); +} + +async function createHttpsServer( + app: express.Application, + config: MasterExpressConfig, +): Promise { + const { tlsKey, tlsCert, tlsMode } = config; + + if (!tlsKey || !tlsCert) { + throw new Error('TLS key and certificate must be provided for HTTPS server'); + } + + const httpsOptions: https.ServerOptions = { + secureOptions: SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, + key: tlsKey, + cert: tlsCert, + // Always request cert if mTLS is enabled + requestCert: tlsMode === TlsMode.MTLS, + rejectUnauthorized: false, // Handle authorization in middleware + }; + + const server = https.createServer(httpsOptions, app); + + return server; +} + +export async function createServer( + config: MasterExpressConfig, + app: express.Application, +): Promise { + const server = isTLS(config) ? await createHttpsServer(app, config) : createHttpServer(app); + configureServerTimeouts(server, config); + return server; +} + +export function createBaseUri(config: MasterExpressConfig): string { + const { bind, port } = config; + const ssl = isTLS(config); + const isStandardPort = (port === 80 && !ssl) || (port === 443 && ssl); + return `http${ssl ? 's' : ''}://${bind}${!isStandardPort ? ':' + port : ''}`; +} + +/** + * Create and configure the express application for master express mode + */ +export function app(cfg: MasterExpressConfig): express.Application { + logger.info('Master express app is initializing'); + + const app = express(); + + setupLogging(app, cfg); + setupCommonMiddleware(app, cfg); + + // Add mTLS middleware before routes if in mTLS mode + if (cfg.tlsMode === TlsMode.MTLS) { + app.use(createMtlsMiddleware(cfg)); + } + + // Setup master express routes + setupRoutes(app, cfg); + + // Add error handler + app.use(createErrorHandler()); + + return app; +} + +export async function init(): Promise { + const cfg = initConfig(); + + // Type-safe validation that we're in master express mode + if (!isMasterExpressConfig(cfg)) { + throw new Error( + `This application only supports master express mode. Current mode: ${cfg.appMode}. Set APP_MODE=master-express to use this application.`, + ); + } + + const expressApp = app(cfg); + const server = await createServer(cfg, expressApp); + const { port, bind, ipc } = cfg; + const baseUri = createBaseUri(cfg); + + if (ipc) { + await prepareIpc(ipc); + server.listen(ipc, startup(cfg, baseUri)); + } else { + server.listen(port, bind, startup(cfg, baseUri)); + } +} diff --git a/src/masterExpressApp.ts b/src/masterExpressApp.ts index 0b16ec0..45eaf5b 100644 --- a/src/masterExpressApp.ts +++ b/src/masterExpressApp.ts @@ -15,7 +15,7 @@ import { createMtlsMiddleware, } from './shared/appUtils'; import logger from './logger'; -import { setupRoutes } from './routes/master'; +import { setupRoutes } from './routes/masterBitGoExpress'; /** * Create a startup function which will be run upon server initialization @@ -27,7 +27,7 @@ export function startup(config: MasterExpressConfig, baseUri: string): () => voi logger.info(`TLS Mode: ${config.tlsMode}`); logger.info(`Port: ${config.port}`); logger.info(`Bind: ${config.bind}`); - logger.info(`Enclaved Express URL: ${config.enclavedExpressUrl}`); + logger.info(`Advanced Wallet Manager URL: ${config.advancedWalletManagerUrl}`); logger.info('Master Express server started successfully'); }; } diff --git a/src/routes/advancedWalletManager.ts b/src/routes/advancedWalletManager.ts new file mode 100644 index 0000000..4633454 --- /dev/null +++ b/src/routes/advancedWalletManager.ts @@ -0,0 +1,27 @@ +import express from 'express'; +import debug from 'debug'; +import { AdvancedWalletManagerConfig } from '../shared/types'; +import { createKeyGenRouter } from '../advancedWalletManager/routers/advancedWalletManagerApiSpec'; +import { createHealthCheckRouter } from '../advancedWalletManager/routers/healthCheck'; + +const debugLogger = debug('advancedWalletManager:routes'); +/** + * Setup all routes for the Advanced Wallet Manager application + * @param app Express application + * @param config + */ +export function setupRoutes(app: express.Application, config: AdvancedWalletManagerConfig): void { + // Register health check routes + app.use(createHealthCheckRouter()); + + // Register keygen routes + app.use(createKeyGenRouter(config)); + + app.use('*', (_req, res) => { + res.status(404).json({ + error: 'Route not found or not supported in advanced wallet manager mode', + }); + }); + + debugLogger('All routes configured'); +} diff --git a/src/routes/enclaved.ts b/src/routes/enclaved.ts deleted file mode 100644 index b9e5857..0000000 --- a/src/routes/enclaved.ts +++ /dev/null @@ -1,27 +0,0 @@ -import express from 'express'; -import debug from 'debug'; -import { EnclavedConfig } from '../shared/types'; -import { createKeyGenRouter } from '../enclavedBitgoExpress/routers/enclavedApiSpec'; -import { createHealthCheckRouter } from '../enclavedBitgoExpress/routers/healthCheck'; - -const debugLogger = debug('enclaved:routes'); -/** - * Setup all routes for the Enclaved Express application - * @param app Express application - * @param config - */ -export function setupRoutes(app: express.Application, config: EnclavedConfig): void { - // Register health check routes - app.use(createHealthCheckRouter()); - - // Register keygen routes - app.use(createKeyGenRouter(config)); - - app.use('*', (_req, res) => { - res.status(404).json({ - error: 'Route not found or not supported in enclaved mode', - }); - }); - - debugLogger('All routes configured'); -} diff --git a/src/routes/master.ts b/src/routes/masterBitGoExpress.ts similarity index 61% rename from src/routes/master.ts rename to src/routes/masterBitGoExpress.ts index ac705bd..2821ba8 100644 --- a/src/routes/master.ts +++ b/src/routes/masterBitGoExpress.ts @@ -1,8 +1,8 @@ import express from 'express'; import { MasterExpressConfig } from '../shared/types'; import { createHealthCheckRouter } from '../api/master/routers/healthCheck'; -import { createEnclavedExpressRouter } from '../api/master/routers/enclavedExpressHealth'; -import { createMasterApiRouter } from '../api/master/routers/masterApiSpec'; +import { createAdvancedWalletManagerHealthRouter } from '../api/master/routers/awmExpressHealth'; +import { createMasterApiRouter } from '../api/master/routers/masterBitGoExpressApiSpec'; /** * Setup master express specific routes @@ -11,9 +11,9 @@ export function setupRoutes(app: express.Application, cfg: MasterExpressConfig): // Setup health check routes using the new router app.use(createHealthCheckRouter('master express')); - // Add enclaved express routes for pinging the enclaved express server - // TODO: Add version endpoint to enclaved express - app.use(createEnclavedExpressRouter(cfg)); + // Add advanced wallet manager routes for pinging the advanced wallet manager server + // TODO: Add version endpoint to advanced wallet manager + app.use(createAdvancedWalletManagerHealthRouter(cfg)); app.use(createMasterApiRouter(cfg)); } diff --git a/src/routes/utils.ts b/src/routes/utils.ts index 547b646..6f87435 100644 --- a/src/routes/utils.ts +++ b/src/routes/utils.ts @@ -1,7 +1,7 @@ import express from 'express'; import debug from 'debug'; -const debugLogger = debug('enclaved:routes'); +const debugLogger = debug('advancedWalletManager:routes'); // promiseWrapper implementation export function promiseWrapper(promiseRequestHandler: any) { diff --git a/src/shared/appUtils.ts b/src/shared/appUtils.ts index 56bf080..815454f 100644 --- a/src/shared/appUtils.ts +++ b/src/shared/appUtils.ts @@ -212,16 +212,16 @@ export function validateTlsCertificates(config: Config): void { * Validate Master Express configuration */ export function validateMasterExpressConfig(config: MasterExpressConfig): void { - // Validate that we have the required enclaved express certificate for mTLS - if (config.tlsMode === TlsMode.MTLS && !config.enclavedExpressCert) { - throw new Error('Enclaved Express certificate is required for mTLS mode'); + // Validate that we have the required advanced wallet manager certificate for mTLS + if (config.tlsMode === TlsMode.MTLS && !config.advancedWalletManagerCert) { + throw new Error('Advanced Wallet Manager certificate is required for mTLS mode'); } // Validate client certificate if mTLS is enabled if (config.tlsMode === TlsMode.MTLS) { const hasValidClientCert = - config.enclavedExpressCert && - config.enclavedExpressCert.includes('-----BEGIN CERTIFICATE-----'); + config.advancedWalletManagerCert && + config.advancedWalletManagerCert.includes('-----BEGIN CERTIFICATE-----'); if (!hasValidClientCert) { throw new Error('Valid client certificate is required for mTLS mode'); diff --git a/src/shared/responseHandler.ts b/src/shared/responseHandler.ts index 2bbe6fc..61fef20 100644 --- a/src/shared/responseHandler.ts +++ b/src/shared/responseHandler.ts @@ -1,7 +1,7 @@ import { Request, Response as ExpressResponse, NextFunction } from 'express'; import { Config } from '../shared/types'; import { BitGoRequest } from '../types/request'; -import { ApiResponseError, EnclavedError } from '../errors'; +import { ApiResponseError, AdvancedWalletManagerError } from '../errors'; import { BitgoExpressError, ValidationError, @@ -91,8 +91,8 @@ export function responseHandler(fn: ServiceFunction extends express.Request { bitgo: BitGoAPI; config: T; - enclavedExpressClient: EnclavedExpressClient; + awmClient: AdvancedWalletManagerClient; } export function isBitGoRequest(req: express.Request): req is BitGoRequest { From 0e4877b895c73edd894d9a11dd472c751efebbef Mon Sep 17 00:00:00 2001 From: Pranav Jain Date: Thu, 31 Jul 2025 18:41:19 -0400 Subject: [PATCH 2/2] chore(awm): rename shorthand ebe to awm Ticket: WP-5298 --- .commitlintrc.json | 2 +- .../api/advancedWalletManager/nonRecovery.test.ts | 2 +- .../advancedWalletManager/recoveryMusigEth.test.ts | 6 +++--- src/__tests__/api/master/ecdsa.test.ts | 12 ++++++------ src/__tests__/api/master/eddsa.test.ts | 12 ++++++------ src/__tests__/mocks/ethRecoveryMusigMockData.ts | 2 +- 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.commitlintrc.json b/.commitlintrc.json index e440d2d..6bbaeb2 100644 --- a/.commitlintrc.json +++ b/.commitlintrc.json @@ -5,7 +5,7 @@ "header-max-length": [2, "always", 72], "references-empty": [1, "never"], "subject-case": [0], - "scope-enum": [2, "always", ["mbe", "ebe", "docker"]], + "scope-enum": [2, "always", ["mbe", "awm", "docker"]], "scope-empty": [0, "never"] }, "parserPreset": { diff --git a/src/__tests__/api/advancedWalletManager/nonRecovery.test.ts b/src/__tests__/api/advancedWalletManager/nonRecovery.test.ts index 4232cf4..6574aa2 100644 --- a/src/__tests__/api/advancedWalletManager/nonRecovery.test.ts +++ b/src/__tests__/api/advancedWalletManager/nonRecovery.test.ts @@ -49,7 +49,7 @@ describe('Non Recovery', () => { sinon.restore(); }); - it('should fail to run ebe recovery if not in recovery mode', async () => { + it('should fail to run awm recovery if not in recovery mode', async () => { const userPub = 'xpub_user'; const backupPub = 'xpub_backup'; const bitgoPub = 'xpub_bitgo'; diff --git a/src/__tests__/api/advancedWalletManager/recoveryMusigEth.test.ts b/src/__tests__/api/advancedWalletManager/recoveryMusigEth.test.ts index 28b84d4..1482520 100644 --- a/src/__tests__/api/advancedWalletManager/recoveryMusigEth.test.ts +++ b/src/__tests__/api/advancedWalletManager/recoveryMusigEth.test.ts @@ -9,7 +9,7 @@ import { AppMode, AdvancedWalletManagerConfig, TlsMode } from '../../../shared/t import * as sinon from 'sinon'; import * as configModule from '../../../initConfig'; -import { ebeData } from '../../mocks/ethRecoveryMusigMockData'; +import { awmData } from '../../mocks/ethRecoveryMusigMockData'; import unsignedSweepRecJSON from '../../mocks/unsigned-sweep-prebuild-hteth-musig-recovery.json'; describe('recoveryMultisigTransaction', () => { @@ -59,7 +59,7 @@ describe('recoveryMultisigTransaction', () => { }); it('should generate a successful txHex from unsigned sweep prebuild data', async () => { - const { userPub, backupPub, walletContractAddress, userPrv, backupPrv, txHexResult } = ebeData; + const { userPub, backupPub, walletContractAddress, userPrv, backupPrv, txHexResult } = awmData; const unsignedSweepPrebuildTx = unsignedSweepRecJSON as unknown as any; const mockKmsUserResponse = { @@ -106,7 +106,7 @@ describe('recoveryMultisigTransaction', () => { }); it('should fail when prv keys non related to pub keys', async () => { - const { userPub, backupPub, walletContractAddress } = ebeData; + const { userPub, backupPub, walletContractAddress } = awmData; const unsignedSweepPrebuildTx = unsignedSweepRecJSON as unknown as any; // Use invalid private keys diff --git a/src/__tests__/api/master/ecdsa.test.ts b/src/__tests__/api/master/ecdsa.test.ts index 1dc06b0..f34f307 100644 --- a/src/__tests__/api/master/ecdsa.test.ts +++ b/src/__tests__/api/master/ecdsa.test.ts @@ -202,7 +202,7 @@ describe('Ecdsa Signing Handler', () => { }); // Mock MPCv2 Round 1 signing - const signMpcV2Round1NockEbe = nock(advancedWalletManagerUrl) + const signMpcV2Round1NockAwm = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/mpcv2round1`) .reply(200, { signatureShareRound1: round1SignatureShare, @@ -213,7 +213,7 @@ describe('Ecdsa Signing Handler', () => { }); // Mock MPCv2 Round 2 signing - const signMpcV2Round2NockEbe = nock(advancedWalletManagerUrl) + const signMpcV2Round2NockAwm = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/mpcv2round2`) .reply(200, { signatureShareRound2: round2SignatureShare, @@ -221,7 +221,7 @@ describe('Ecdsa Signing Handler', () => { }); // Mock MPCv2 Round 3 signing - const signMpcV2Round3NockEbe = nock(advancedWalletManagerUrl) + const signMpcV2Round3NockAwm = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/mpcv2round3`) .reply(200, { signatureShareRound3: round3SignatureShare, @@ -246,8 +246,8 @@ describe('Ecdsa Signing Handler', () => { sendSignatureShareV2Round2Nock.done(); sendSignatureShareV2Round3Nock.done(); sendTxRequestNock.done(); - signMpcV2Round1NockEbe.done(); - signMpcV2Round2NockEbe.done(); - signMpcV2Round3NockEbe.done(); + signMpcV2Round1NockAwm.done(); + signMpcV2Round2NockAwm.done(); + signMpcV2Round3NockAwm.done(); }); }); diff --git a/src/__tests__/api/master/eddsa.test.ts b/src/__tests__/api/master/eddsa.test.ts index 3ce3a63..19b0060 100644 --- a/src/__tests__/api/master/eddsa.test.ts +++ b/src/__tests__/api/master/eddsa.test.ts @@ -190,7 +190,7 @@ describe('Eddsa Signing Handler', () => { }); // Mock MPC commitment signing - const signMpcCommitmentNockEbe = nock(advancedWalletManagerUrl) + const signMpcCommitmentNockAwm = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/commitment`) .reply(200, { userToBitgoCommitment: { share: 'user-commitment-share' }, @@ -200,7 +200,7 @@ describe('Eddsa Signing Handler', () => { }); // Mock MPC R-share signing - const signMpcRShareNockEbe = nock(advancedWalletManagerUrl) + const signMpcRShareNockAwm = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/r`) .reply(200, { rShare: { @@ -214,7 +214,7 @@ describe('Eddsa Signing Handler', () => { }); // Mock MPC G-share signing - const signMpcGShareNockEbe = nock(advancedWalletManagerUrl) + const signMpcGShareNockAwm = nock(advancedWalletManagerUrl) .post(`/api/${coin}/mpc/sign/g`) .reply(200, { gShare: { @@ -240,8 +240,8 @@ describe('Eddsa Signing Handler', () => { getBitgoRShareNock.done(); sendGShareNock.done(); finalGetTxRequestNock.done(); - signMpcCommitmentNockEbe.done(); - signMpcRShareNockEbe.done(); - signMpcGShareNockEbe.done(); + signMpcCommitmentNockAwm.done(); + signMpcRShareNockAwm.done(); + signMpcGShareNockAwm.done(); }); }); diff --git a/src/__tests__/mocks/ethRecoveryMusigMockData.ts b/src/__tests__/mocks/ethRecoveryMusigMockData.ts index c710785..c75f90c 100644 --- a/src/__tests__/mocks/ethRecoveryMusigMockData.ts +++ b/src/__tests__/mocks/ethRecoveryMusigMockData.ts @@ -37,7 +37,7 @@ export const data = { recoveryDestinationAddress: '0x927324f364a6fd1bf4648310a445b58063f5bb64', }; -export const ebeData = { +export const awmData = { userPub: 'xpub661MyMwAqRbcGvbtjkhDJ5uiFWb6eK9nFQmLLgW1jDwJzJ2vQPyp2uKLmUBgGZKiA9HDUFYfuDoyP1dF3tj3Ucod25tmiEG2k26UX97S3Wz', backupPub: