adds ledger flag to participant creation

ironfish-cli/src/commands/wallet/multisig/dkg/round1.ts

@@ -1,6 +1,7 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+import { RpcClient } from '@ironfish/sdk'
 import { Flags } from '@oclif/core'
 import { IronfishCommand } from '../../../../command'
 import { RemoteFlags } from '../../../../flags'
@@ -71,7 +72,7 @@ export class DkgRound1Command extends IronfishCommand {
     }
 
     if (flags.ledger) {
-      await this.performRound1WithLedger()
+      await this.performRound1WithLedger(client, participantName, identities, minSigners)
       return
     }
 
@@ -93,16 +94,42 @@ export class DkgRound1Command extends IronfishCommand {
     this.log('Send the round 1 public package to each participant')
   }
 
-  async performRound1WithLedger(): Promise<void> {
+  async performRound1WithLedger(
+    client: RpcClient,
+    participantName: string,
+    identities: string[],
+    minSigners: number,
+  ): Promise<void> {
     const ledger = new Ledger(this.logger)
     try {
-      await ledger.connect()
+      await ledger.connect(true)
     } catch (e) {
       if (e instanceof Error) {
         this.error(e.message)
       } else {
         throw e
       }
     }
+
+    const identityResponse = await client.wallet.multisig.getIdentity({ name: participantName })
+    const identity = identityResponse.content.identity
+
+    if (!identities.includes(identity)) {
+      identities.push(identity)
+    }
+
+    // TODO(hughy): determine how to handle multiple identities using index
+    const { publicPackage, secretPackage } = await ledger.dkgRound1(0, identities, minSigners)
+
+    this.log('\nRound 1 Encrypted Secret Package:\n')
+    this.log(secretPackage.toString('hex'))
+    this.log()
+
+    this.log('\nRound 1 Public Package:\n')
+    this.log(publicPackage.toString('hex'))
+    this.log()
+
+    this.log('Next step:')
+    this.log('Send the round 1 public package to each participant')
   }
 }

ironfish-cli/src/commands/wallet/multisig/dkg/round2.ts

@@ -70,7 +70,7 @@ export class DkgRound2Command extends IronfishCommand {
     round1PublicPackages = round1PublicPackages.map((i) => i.trim())
 
     if (flags.ledger) {
-      await this.performRound2WithLedger()
+      await this.performRound2WithLedger(round1PublicPackages, round1SecretPackage)
       return
     }
 
@@ -93,16 +93,38 @@ export class DkgRound2Command extends IronfishCommand {
     this.log('Send the round 2 public package to each participant')
   }
 
-  async performRound2WithLedger(): Promise<void> {
+  async performRound2WithLedger(
+    round1PublicPackages: string[],
+    round1SecretPackage: string,
+  ): Promise<void> {
     const ledger = new Ledger(this.logger)
     try {
-      await ledger.connect()
+      await ledger.connect(true)
     } catch (e) {
       if (e instanceof Error) {
         this.error(e.message)
       } else {
         throw e
       }
     }
+
+    // TODO(hughy): determine how to handle multiple identities using index
+    const { publicPackage, secretPackage } = await ledger.dkgRound2(
+      0,
+      round1PublicPackages,
+      round1SecretPackage,
+    )
+
+    this.log('\nRound 2 Encrypted Secret Package:\n')
+    this.log(secretPackage.toString('hex'))
+    this.log()
+
+    this.log('\nRound 2 Public Package:\n')
+    this.log(publicPackage.toString('hex'))
+    this.log()
+
+    this.log()
+    this.log('Next step:')
+    this.log('Send the round 2 public package to each participant')
   }
 }

ironfish-cli/src/commands/wallet/multisig/dkg/round3.ts

@@ -1,6 +1,11 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+import {
+  deserializePublicPackage,
+  deserializeRound2CombinedPublicPackage,
+} from '@ironfish/rust-nodejs'
+import { AccountFormat, encodeAccountImport, RpcClient } from '@ironfish/sdk'
 import { Flags } from '@oclif/core'
 import { IronfishCommand } from '../../../../command'
 import { RemoteFlags } from '../../../../flags'
@@ -107,7 +112,13 @@ export class DkgRound3Command extends IronfishCommand {
     round2PublicPackages = round2PublicPackages.map((i) => i.trim())
 
     if (flags.ledger) {
-      await this.performRound3WithLedger()
+      await this.performRound3WithLedger(
+        client,
+        participantName,
+        round1PublicPackages,
+        round2PublicPackages,
+        round2SecretPackage,
+      )
       return
     }
 
@@ -125,16 +136,93 @@ export class DkgRound3Command extends IronfishCommand {
     )
   }
 
-  async performRound3WithLedger(): Promise<void> {
+  async performRound3WithLedger(
+    client: RpcClient,
+    participantName: string,
+    round1PublicPackagesStr: string[],
+    round2PublicPackagesStr: string[],
+    round2SecretPackage: string,
+  ): Promise<void> {
     const ledger = new Ledger(this.logger)
     try {
-      await ledger.connect()
+      await ledger.connect(true)
     } catch (e) {
       if (e instanceof Error) {
         this.error(e.message)
       } else {
         throw e
       }
     }
+
+    const identityResponse = await client.wallet.multisig.getIdentity({ name: participantName })
+    const identity = identityResponse.content.identity
+
+    // Sort packages by identity
+    const round1PublicPackages = round1PublicPackagesStr
+      .map(deserializePublicPackage)
+      .sort((a, b) => a.identity.localeCompare(b.identity))
+
+    // Filter out packages not intended for participant and sort by sender identity
+    const round2CombinedPublicPackages = round2PublicPackagesStr.map(
+      deserializeRound2CombinedPublicPackage,
+    )
+    const round2PublicPackages = round2CombinedPublicPackages
+      .flatMap((combined) =>
+        combined.packages.filter((pkg) => pkg.recipientIdentity === identity),
+      )
+      .sort((a, b) => a.senderIdentity.localeCompare(b.senderIdentity))
+
+    // Extract raw parts from round1 and round2 public packages
+    const participants = []
+    const round1FrostPackages = []
+    const gskBytes = []
+    for (const pkg of round1PublicPackages) {
+      // Exclude participant's own identity and round1 public package
+      if (pkg.identity !== identity) {
+        participants.push(pkg.identity)
+        round1FrostPackages.push(pkg.frostPackage)
+      }
+
+      gskBytes.push(pkg.groupSecretKeyShardEncrypted)
+    }
+
+    const round2FrostPackages = round2PublicPackages.map((pkg) => pkg.frostPackage)
+
+    // Perform round3 with Ledger
+    await ledger.dkgRound3(
+      0,
+      participants,
+      round1FrostPackages,
+      round2FrostPackages,
+      round2SecretPackage,
+      gskBytes,
+    )
+
+    // Retrieve all multisig account keys and publicKeyPackage
+    const dkgKeys = await ledger.dkgRetrieveKeys()
+
+    const publicKeyPackage = await ledger.dkgGetPublicPackage()
+
+    const accountImport = {
+      ...dkgKeys,
+      multisigKeys: {
+        publicKeyPackage: publicKeyPackage.toString('hex'),
+        identity,
+      },
+      version: 4,
+      name: participantName,
+      spendingKey: null,
+      createdAt: null,
+    }
+
+    // Import multisig account
+    const response = await client.wallet.importAccount({
+      account: encodeAccountImport(accountImport, AccountFormat.Base64Json),
+    })
+
+    this.log()
+    this.log(
+      `Account ${response.content.name} imported with public address: ${dkgKeys.publicAddress}`,
+    )
   }
 }

ironfish-cli/src/commands/wallet/multisig/participant/create.ts

@@ -6,6 +6,7 @@ import { Flags } from '@oclif/core'
 import { IronfishCommand } from '../../../../command'
 import { RemoteFlags } from '../../../../flags'
 import * as ui from '../../../../ui'
+import { Ledger } from '../../../../utils/ledger'
 
 export class MultisigIdentityCreate extends IronfishCommand {
   static description = `Create a multisig participant identity`
@@ -16,6 +17,11 @@ export class MultisigIdentityCreate extends IronfishCommand {
       char: 'n',
       description: 'Name to associate with the identity',
     }),
+    ledger: Flags.boolean({
+      default: false,
+      description: 'Perform operation with a ledger device',
+      hidden: true,
+    }),
   }
 
   async start(): Promise<void> {
@@ -29,14 +35,27 @@ export class MultisigIdentityCreate extends IronfishCommand {
       name = await ui.inputPrompt('Enter a name for the identity', true)
     }
 
+    let identity
+    if (flags.ledger) {
+      identity = await this.getIdentityFromLedger()
+    }
+
     let response
     while (!response) {
       try {
-        response = await client.wallet.multisig.createParticipant({ name })
+        if (identity) {
+          response = await client.wallet.multisig.importParticipant({
+            name,
+            identity: identity.toString('hex'),
+          })
+        } else {
+          response = await client.wallet.multisig.createParticipant({ name })
+        }
       } catch (e) {
         if (
           e instanceof RpcRequestError &&
-          e.code === RPC_ERROR_CODES.DUPLICATE_ACCOUNT_NAME.toString()
+          (e.code === RPC_ERROR_CODES.DUPLICATE_ACCOUNT_NAME.toString() ||
+            e.code === RPC_ERROR_CODES.DUPLICATE_IDENTITY_NAME.toString())
         ) {
           this.log()
           this.log(e.codeMessage)
@@ -50,4 +69,20 @@ export class MultisigIdentityCreate extends IronfishCommand {
     this.log('Identity:')
     this.log(response.content.identity)
   }
+
+  async getIdentityFromLedger(): Promise<Buffer> {
+    const ledger = new Ledger(this.logger)
+    try {
+      await ledger.connect(true)
+    } catch (e) {
+      if (e instanceof Error) {
+        this.error(e.message)
+      } else {
+        throw e
+      }
+    }
+
+    // TODO(hughy): support multiple identities using index
+    return ledger.dkgGetIdentity(0)
+  }
 }