Merge branch 'master' into CECHO-962

Author: bhavesh-prasad

.gitignore

@@ -21,3 +21,4 @@ playwright/.cache/
 
 # Idea IntelliJ
 .idea/
+*.tsbuildinfo

e2e/sign-psbt.spec.ts

@@ -0,0 +1,139 @@
+import { test, expect } from '@playwright/test';
+
+test.describe('Sign PSBT E2E Tests', () => {
+  test.beforeEach(async ({ page }) => {
+    // Navigate to test environment home page
+    // The playwright config has webServer configured to start vite on localhost:5173
+    await page.goto('http://localhost:5173/#/test');
+    await page.waitForLoadState('networkidle');
+  });
+
+  test('Sign PSBT link should be accessible from home page', async ({ page }) => {
+    // Navigate directly to the sign-psbt page instead of finding the link
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForURL('**/sign-psbt');
+    expect(page.url()).toContain('sign-psbt');
+  });
+
+  test('should render Sign PSBT form correctly', async ({ page }) => {
+    // Navigate directly to sign-psbt page
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForLoadState('networkidle');
+
+    // Check that the form heading is visible
+    const heading = page.locator('h4:has-text("Sign Unsigned PSBT")');
+    await expect(heading).toBeVisible();
+  });
+
+  test('Sign PSBT form should render all required fields', async ({ page }) => {
+    // Navigate directly to sign-psbt page
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForLoadState('networkidle');
+
+    // Check for all form fields using more specific selectors
+    await expect(page.locator('label:has-text("Coin")')).toBeVisible();
+    await expect(page.locator('label:has-text("Unsigned PSBT")')).toBeVisible();
+    await expect(page.locator('label:has-text("User Key")')).toBeVisible();
+    await expect(page.locator('button:has-text("Sign PSBT")')).toBeVisible();
+    // Cancel is rendered as a Link component
+    await expect(page.locator('a:has-text("Cancel")')).toBeVisible();
+  });
+
+  test('Sign PSBT form should show optional recipient fields', async ({ page }) => {
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForLoadState('networkidle');
+
+    // Check optional fields using more specific selectors
+    await expect(page.locator('label:has-text("Recipient Address")')).toBeVisible();
+    await expect(page.locator('label:has-text("Fee Rate")')).toBeVisible();
+  });
+
+  test('Passphrase field should be hidden initially', async ({ page }) => {
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForLoadState('networkidle');
+
+    // Passphrase should not be visible when no userKey is entered
+    const passphraseLabel = page.locator('text=Wallet Passphrase');
+    await expect(passphraseLabel).not.toBeVisible();
+  });
+
+  test('Coin selector should have UTXO options', async ({ page }) => {
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForLoadState('networkidle');
+
+    // Find the coin selector
+    const coinSelect = page.locator('[name="coin"]');
+    await expect(coinSelect).toBeVisible();
+
+    // Check for expected coin options (option elements exist in DOM)
+    const tbtcOption = coinSelect.locator('option:has-text("TBTC")');
+    const btcOption = coinSelect.locator('option:has-text("BTC")');
+
+    // Options exist in DOM but may be hidden, so check they're attached
+    expect(await tbtcOption.count()).toBeGreaterThan(0);
+    expect(await btcOption.count()).toBeGreaterThan(0);
+  });
+
+  test('Form should accept PSBT and user key input', async ({ page }) => {
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForLoadState('networkidle');
+
+    // Fill in the form
+    const coinSelect = page.locator('[name="coin"]');
+    await coinSelect.selectOption('tbtc');
+
+    const psbtTextarea = page.locator('[name="psbt"]');
+    await psbtTextarea.fill('70736274ff010000');
+
+    const userKeyTextarea = page.locator('[name="userKey"]');
+    await userKeyTextarea.fill('tprvAA2oWoHxCkMDMedFAEgCAJEdSYq5vTTPZp9VuCFJnNxYQhGJxp7JGZoAZiXNkFsLXQtqeQFZefFxvTFSzz2kDCzKe3tKo8GJqQ4pA3mbMK');
+
+    // Verify values are set
+    const psbtValue = await psbtTextarea.inputValue();
+    expect(psbtValue).toBe('70736274ff010000');
+  });
+
+  test('Passphrase field should show when encrypted key is entered', async ({ page }) => {
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForLoadState('networkidle');
+
+    const userKeyTextarea = page.locator('[name="userKey"]');
+
+    // Enter an encrypted key (JSON format, not starting with xprv/tprv)
+    const encryptedKey = '{"iv":"abc123"}';
+    await userKeyTextarea.fill(encryptedKey);
+
+    // Passphrase field should now be visible
+    const passphraseField = page.locator('[name="walletPassphrase"]');
+    await expect(passphraseField).toBeVisible();
+  });
+
+  test('Sign button should be enabled initially', async ({ page }) => {
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForLoadState('networkidle');
+
+    // Get the sign button
+    const signButton = page.locator('button:has-text("Sign PSBT")');
+    await expect(signButton).toBeVisible();
+
+    // Button should be enabled initially
+    const isDisabled = await signButton.isDisabled();
+    expect(isDisabled).toBe(false);
+  });
+
+  test('Cancel button should navigate back to home', async ({ page }) => {
+    await page.goto('http://localhost:5173/#/test/sign-psbt');
+    await page.waitForLoadState('networkidle');
+
+    // Cancel is rendered as a Link component, not a button
+    const cancelLink = page.locator('a:has-text("Cancel")');
+    await expect(cancelLink).toBeVisible();
+
+    // Click cancel and wait for navigation
+    await cancelLink.click();
+    await page.waitForLoadState('networkidle');
+
+    // Verify we navigated away from sign-psbt
+    expect(page.url()).not.toContain('sign-psbt');
+  });
+});

e2e/sol/nested-ata-recovery.spec.ts

@@ -0,0 +1,93 @@
+import { test, expect, _electron as electron } from '@playwright/test';
+import type { ElectronApplication, Page } from '@playwright/test';
+
+const MOCK_TX_ID = 'mockTxId1234567890abcdef';
+
+function stubNestedAtaHandlers(app: ElectronApplication) {
+  return app.evaluate(
+    ({ ipcMain }, txId) => {
+      for (const ch of ['setBitGoEnvironment', 'recoverNestedAta'])
+        ipcMain.removeHandler(ch);
+      ipcMain.handle('setBitGoEnvironment', () => undefined);
+      ipcMain.handle('recoverNestedAta', () => ({ txId }));
+    },
+    MOCK_TX_ID
+  );
+}
+
+test.describe('Solana nested ATA recovery', () => {
+  let app: ElectronApplication;
+  let page: Page;
+
+  test.beforeEach(async () => {
+    app = await electron.launch({ args: ['.', '--no-sandbox'] });
+    page = await app.firstWindow();
+    await page.waitForSelector('#root');
+    await stubNestedAtaHandlers(app);
+  });
+
+  test.afterEach(async () => {
+    await app.close();
+  });
+
+  test('renders NestedATAForm for solNestedATA coin', async () => {
+    await page.evaluate(() => {
+      window.location.hash = '/prod/non-bitgo-recovery/solNestedATA';
+    });
+
+    await page.waitForSelector('[name="nestedAtaAddress"]');
+
+    await expect(page.locator('[name="userKey"]')).toBeVisible();
+    await expect(page.locator('[name="backupKey"]')).toBeVisible();
+    await expect(page.locator('[name="bitgoKey"]')).toBeVisible();
+    await expect(page.locator('[name="walletPassphrase"]')).toBeVisible();
+    await expect(page.locator('[name="recoveryDestination"]')).toBeVisible();
+    await expect(page.locator('[name="nestedAtaAddress"]')).toBeVisible();
+    await expect(page.locator('[name="ownerAtaAddress"]')).toBeVisible();
+    await expect(page.locator('[name="tokenMintAddress"]')).toBeVisible();
+  });
+
+  test('shows validation errors when submitted empty', async () => {
+    await page.evaluate(() => {
+      window.location.hash = '/prod/non-bitgo-recovery/solNestedATA';
+    });
+    await page.waitForSelector('[name="nestedAtaAddress"]');
+
+    await page.click('button[type="submit"]');
+
+    // Formik marks fields as touched on submit — the Textarea component signals
+    // errors via tw-border-red-500 (not aria-invalid)
+    await expect(page.locator('[name="userKey"]')).toHaveClass(/tw-border-red-500/);
+    await expect(page.locator('[name="nestedAtaAddress"]')).toHaveClass(/tw-border-red-500/);
+  });
+
+  test('completes recovery and shows txId on success page', async () => {
+    await page.evaluate(() => {
+      window.location.hash = '/prod/non-bitgo-recovery/solNestedATA';
+    });
+    await page.waitForSelector('[name="nestedAtaAddress"]');
+
+    await page.fill('[name="userKey"]',            '{"iv":"abc","v":1,"iter":10000,"ks":256,"ts":64,"mode":"ccm","adata":"","cipher":"aes","ct":"encryptedUserKey"}');
+    await page.fill('[name="backupKey"]',           '{"iv":"def","v":1,"iter":10000,"ks":256,"ts":64,"mode":"ccm","adata":"","cipher":"aes","ct":"encryptedBackupKey"}');
+    await page.fill('[name="bitgoKey"]',            'xpub661MyMwAqRbcGHoJePkfLFqgzNBjqAqMjZaRVPMd3su2mTJ7HJQNFVkBkzVHBG7yWVZvLgXSZDmDj8mqqVFnzWijVhKanGj6ygSWfzFQ6eB');
+    await page.fill('[name="walletPassphrase"]',    'test-passphrase-123');
+    await page.fill('[name="recoveryDestination"]', '7YbcLmVorrH7KCKMj38rFidsruisWi2CmvCTs4cygf8K');
+    await page.fill('[name="nestedAtaAddress"]',    'FGuZSBhtreqSUsE86xokyjKz2i8VBtJzy6uMXXKyGHug');
+    await page.fill('[name="ownerAtaAddress"]',     'Zfm98ZpVafydhFTYcsY6bHgubhB4cFgWFvbdEJxYhTA');
+    await page.fill('[name="tokenMintAddress"]',    'ZBCNpuD7YMXzTHB2fhGkGi78MNsHGLRXUhRewNRm9RU');
+
+    await page.click('button[type="submit"]');
+
+    await page.waitForURL(/non-bitgo-recovery\/solNestedATA\/success/, { timeout: 10_000 });
+    await expect(page.getByText(MOCK_TX_ID)).toBeVisible();
+    await expect(page.getByText('View on Solscan')).toBeVisible();
+  });
+
+  test('renders NestedATAForm for tsolNestedATA coin (testnet)', async () => {
+    await page.evaluate(() => {
+      window.location.hash = '/test/non-bitgo-recovery/tsolNestedATA';
+    });
+    await page.waitForSelector('[name="nestedAtaAddress"]');
+    await expect(page.locator('[name="nestedAtaAddress"]')).toBeVisible();
+  });
+});

e2e/utxo/blockchain-recovery.spec.ts

@@ -1,5 +1,6 @@
-import { test, expect, _electron as electron } from '@playwright/test';
+import { test, expect } from '@playwright/test';
 import type { ElectronApplication, Page } from '@playwright/test';
+import { launchApp } from './helpers';
 
 function stubRecoveryHandlers(app: ElectronApplication) {
   return app.evaluate(({ ipcMain }) => {
@@ -18,9 +19,7 @@ test.describe('UTXO blockchain recovery', () => {
   let page: Page;
 
   test.beforeEach(async () => {
-    app = await electron.launch({ args: ['.', '--no-sandbox'] });
-    page = await app.firstWindow();
-    await page.waitForSelector('#root');
+    ({ app, page } = await launchApp());
     await stubRecoveryHandlers(app);
   });
 

e2e/utxo/helpers.ts

@@ -0,0 +1,15 @@
+import { _electron as electron } from '@playwright/test';
+import type { ElectronApplication, Page } from '@playwright/test';
+
+export async function launchApp(): Promise<{ app: ElectronApplication; page: Page }> {
+  const app = await electron.launch({
+    args: ['.', '--no-sandbox'],
+    env: { ...process.env, ELECTRON_RUN_AS_NODE: '' },
+  });
+  const page = await app.firstWindow();
+  await app.evaluate(({ BrowserWindow }) => {
+    BrowserWindow.getAllWindows()[0].setSize(1440, 900);
+  });
+  await page.waitForSelector('#root');
+  return { app, page };
+}

e2e/utxo/sign-psbt.spec.ts

@@ -0,0 +1,86 @@
+import { test, expect } from '@playwright/test';
+import type { ElectronApplication, Page } from '@playwright/test';
+import { fixedScriptWallet, BIP32 } from '@bitgo/wasm-utxo';
+import { launchApp } from './helpers';
+
+const { BitGoPsbt, RootWalletKeys, ChainCode } = fixedScriptWallet;
+
+const RECIPIENT = 'tb1qw508d6qejxtdg4y5r3zarvary0c5xw7kxpjzsx';
+const FEE_RATE = '10';
+
+function buildFixture() {
+  const userKey   = BIP32.fromSeedSha256('default.0');
+  const backupKey = BIP32.fromSeedSha256('default.1');
+  const bitgoKey  = BIP32.fromSeedSha256('default.2');
+
+  const walletKeys = RootWalletKeys.from({
+    triple: [userKey, backupKey, bitgoKey],
+    derivationPrefixes: ['m/0/0', 'm/0/0', 'm/0/0'],
+  });
+
+  const psbt = BitGoPsbt.createEmpty('tbtc', walletKeys, { version: 2, lockTime: 0 });
+
+  const externalChain = ChainCode.value('p2wsh', 'external');
+  psbt.addWalletInput(
+    { txid: '0'.repeat(64), vout: 0, value: BigInt(1_000_000) },
+    walletKeys,
+    { scriptId: { chain: externalChain, index: 0 }, signPath: { signer: 'user', cosigner: 'bitgo' } },
+  );
+  // No outputs — the backend derives the output from inputs + fee rate.
+
+  return {
+    psbtBase64: Buffer.from(psbt.serialize()).toString('base64'),
+    userXprv: userKey.toBase58(),
+  };
+}
+
+function stubFileHandlers(app: ElectronApplication) {
+  return app.evaluate(({ ipcMain }) => {
+    for (const ch of ['showSaveDialog', 'writeFile']) ipcMain.removeHandler(ch);
+    ipcMain.handle('showSaveDialog', () => ({ filePath: '/tmp/test-signed.psbt', canceled: false }));
+    ipcMain.handle('writeFile', () => undefined);
+  });
+}
+
+test.describe('Sign PSBT – real signing', () => {
+  let app: ElectronApplication;
+  let page: Page;
+
+  test.beforeEach(async () => {
+    ({ app, page } = await launchApp());
+    await stubFileHandlers(app);
+  });
+
+  test.afterEach(async () => {
+    await app.close();
+  });
+
+  test('signs a tbtc p2wsh PSBT with the user key', async () => {
+    const { psbtBase64, userXprv } = buildFixture();
+
+    await page.evaluate(() => { window.location.hash = '/test/sign-psbt'; });
+    await page.waitForSelector('[name="coin"]');
+    await page.screenshot({ path: 'test-results/sign-psbt-1-form-loaded.png' });
+
+    await page.selectOption('[name="coin"]', 'tbtc');
+    await page.fill('[name="psbt"]', psbtBase64);
+    await page.fill('[name="userKey"]', userXprv);
+    await page.fill('[name="recipientAddress"]', RECIPIENT);
+    await page.fill('[name="feeRateSatVB"]', FEE_RATE);
+    await page.screenshot({ path: 'test-results/sign-psbt-2-filled.png' });
+
+    await page.click('button[type="submit"]');
+    await page.screenshot({ path: 'test-results/sign-psbt-3-submitted.png' });
+
+    const errorDiv = page.locator('.tw-text-red-700');
+    await Promise.race([
+      page.waitForURL(/sign-psbt\/success/, { timeout: 20_000 }),
+      errorDiv.waitFor({ state: 'visible', timeout: 20_000 }).then(async () => {
+        const msg = await errorDiv.textContent();
+        throw new Error(`Sign PSBT failed: ${msg}`);
+      }),
+    ]);
+
+    await expect(page.getByText('We recommend')).toBeVisible();
+  });
+});