feat(SOLNENG-27): here we go

Author: MnrGreg

.gitignore

@@ -1,3 +1,4 @@
 *.crt
 *.key
-.vscode
+.vscode
+init

README.md

@@ -8,35 +8,54 @@ sequenceDiagram
     participant StakeClient as Sample stake<br> client application
     participant StakeAPI as Stake Intent API
     participant Blockchain as Blockchain
-    participant TSM as Sender Wallet Vault<br>(private key)
+    box Builder Vault
+      participant TSM1 as MPC Wallet <br>(private key share 1)
+      participant TSM2 as MPC Wallet <br>(private key share 2)
+      participant TSM3 as MPC Wallet <br>(private key share 3)
+    end
 
     StakeClient ->> StakeAPI: get StakeIntent unsigned tx data <br>(amount, withdrawal & recipient address)
     StakeClient ->> Blockchain: get blockchain inputs for new tx<br>(gas fee, chainID, sender wallet nonce)
     StakeClient ->> StakeClient: construct unsigned tx
-    StakeClient ->> TSM: request signature of unsigned tx
-    TSM -->> StakeClient: return tx signature
+    StakeClient ->> TSM1: request signature of unsigned tx
+    TSM1 -->> StakeClient: return partial signature
+    StakeClient ->> TSM2: request signature of unsigned tx
+    TSM2 -->> StakeClient: return partial signature
+    StakeClient ->> TSM3: request signature of unsigned tx
+    TSM3 -->> StakeClient: return partial signature
+    StakeClient ->> StakeClient: combine partial signatures
     StakeClient ->> Blockchain: broadcast signed tx<br>(signed tx, deposit contract)
 ```
 
-
 <!--
- - ToDo:
-     - use AWS Builder Vault environment (remove all code needed for mTLS with BDApp Builder Vault)
 
 # Get Plans
-http -b GET https://svc.blockdaemon.com/boss/v1/plans?protocols=ethereum&networks=holesky \
-  X-API-KEY:$XAPIKEY \
-  X-Client-ID:demo-organization
+http -b GET https://svc.blockdaemon.com/boss/v1/plans \
+  X-API-KEY:$STAKE_API_KEY \
 
 # Post Intent
 http -b POST https://svc.blockdaemon.com/boss/v1/ethereum/holesky/stake-intents \
-  X-API-KEY:$XAPIKEY \
+  X-API-KEY:$STAKE_API_KEY \
   accept:application/json \
   content-type:application/json \
   stakes:='[{"amount":"32000000000","withdrawal_address":"0x00000000219ab540356cBB839Cbe05303d7705Fa","fee_recipient":"0x93247f2209abcacf57b75a51dafae777f9dd38bc"}]'
 
 # Get Intents
-http GET https://svc.blockdaemon.com/boss/v1/stake-intents?protocols=ethereum&networks=holesky \
-  X-API-KEY:$XAPIKEY 
+http -b GET https://svc.blockdaemon.com/boss/v1/stake-intents?protocols=ethereum&networks=holesky \
+  X-API-KEY:$STAKE_API_KEY 
 ```
+
+sequenceDiagram
+    autonumber
+    participant StakeClient as Sample stake<br> client application
+    participant StakeAPI as Stake Intent API
+    participant Blockchain as Blockchain
+    participant TSM as Sender Wallet Vault<br>(private key)
+
+    StakeClient ->> StakeAPI: get StakeIntent unsigned tx data <br>(amount, withdrawal & recipient address)
+    StakeClient ->> Blockchain: get blockchain inputs for new tx<br>(gas fee, chainID, sender wallet nonce)
+    StakeClient ->> StakeClient: construct unsigned tx
+    StakeClient ->> TSM: request signature of unsigned tx
+    TSM ->> StakeClient: return tx signature
+    StakeClient ->> Blockchain: broadcast signed tx<br>(signed tx, deposit contract)
 --!>

go.mod

@@ -4,6 +4,7 @@ go 1.21.0
 
 require (
 	github.com/ethereum/go-ethereum v1.13.14
+	github.com/fatih/structs v1.1.0
 	gitlab.com/Blockdaemon/go-tsm-sdkv2 v0.0.0-20240227205306-65d60d978f8d
 	golang.org/x/sync v0.6.0
 )

go.sum

@@ -52,6 +52,8 @@ github.com/ethereum/c-kzg-4844 v0.4.0 h1:3MS1s4JtA868KpJxroZoepdV0ZKBp3u/O5HcZ7R
 github.com/ethereum/c-kzg-4844 v0.4.0/go.mod h1:VewdlzQmpT5QSrVhbBuGoCdFJkpaJlO1aQputP83wc0=
 github.com/ethereum/go-ethereum v1.13.14 h1:EwiY3FZP94derMCIam1iW4HFVrSgIcpsu0HwTQtm6CQ=
 github.com/ethereum/go-ethereum v1.13.14/go.mod h1:TN8ZiHrdJwSe8Cb6x+p0hs5CxhJZPbqB7hHkaUXcmIU=
+github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
+github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
 github.com/fjl/memsize v0.0.2 h1:27txuSD9or+NZlnOWdKUxeBzTAUkWCVh+4Gf2dWFOzA=
 github.com/fjl/memsize v0.0.2/go.mod h1:VvhXpOYNQvB+uIk2RvXzuaQtkQJzzIx6lSBe1xv7hi0=
 github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=

main.go

@@ -3,10 +3,7 @@ package main
 import (
 	"bytes"
 	"context"
-	"crypto/x509"
-	"encoding/base64"
 	"encoding/json"
-	"encoding/pem"
 	"fmt"
 	"log"
 	"math/big"
@@ -21,9 +18,9 @@ import (
 	"github.com/ethereum/go-ethereum/rpc"
 	"gitlab.com/Blockdaemon/go-tsm-sdkv2/tsm"
 	"golang.org/x/sync/errgroup"
-)
 
-var gwei = new(big.Int).Exp(big.NewInt(10), big.NewInt(9), nil)
+	"github.com/fatih/structs"
+)
 
 type Stake struct {
 	WithdrawalAddress string `json:"withdrawal_address"`
@@ -52,12 +49,14 @@ type Response struct {
 // ! Create stake intent
 func createStakeIntent(stakeApiKey string, stakeRequest *Request) (string, string, *big.Int) {
 	requestJson, _ := json.Marshal(stakeRequest)
-	fmt.Println("Stake request json:", stakeRequest)
+
+	fmt.Println("\nStake request:\n", structs.Map(stakeRequest))
 
 	req, _ := http.NewRequest("POST", "https://svc.blockdaemon.com/boss/v1/ethereum/holesky/stake-intents", bytes.NewBuffer(requestJson))
 	req.Header.Set("Content-Type", "application/json")
 	req.Header.Set("Accept", "application/json")
 	req.Header.Set("X-API-Key", stakeApiKey)
+	//req.Header.Set("Idempotency-Key", "E96E9CE5-A81E-4178-AAA7-4BDC7ED1BCC2") // ToDo - remove for demos
 
 	client := &http.Client{}
 	resp, err := client.Do(req)
@@ -77,14 +76,16 @@ func createStakeIntent(stakeApiKey string, stakeRequest *Request) (string, strin
 	totalAmount := new(big.Int)
 	for _, stake := range stakes {
 		amount, _ := new(big.Int).SetString(stake.Amount, 10)
+		amount = amount.Mul(amount, new(big.Int).SetInt64(1000000000))
 		totalAmount.Add(totalAmount, amount)
 	}
+	fmt.Println("\nStake response:\n", structs.Map(stakeResponse))
 
 	return stakeResponse.Ethereum.UnsignedTransaction, stakeResponse.Ethereum.ContractAddress, totalAmount
 }
 
 // ! Craft transaction
-func craftTx(client *ethclient.Client, ethereumSenderAddress string, contractAddress string, totalAmount *big.Int, txData string) (*types.Transaction, *big.Int) {
+func craftTx(client *ethclient.Client, ethereumSenderAddress string, contractAddress string, totalAmount *big.Int, txData string) (*types.Transaction, []byte, *big.Int) {
 	nonce, err := client.PendingNonceAt(context.Background(), common.HexToAddress(ethereumSenderAddress))
 	if err != nil {
 		log.Fatal(err)
@@ -107,98 +108,61 @@ func craftTx(client *ethclient.Client, ethereumSenderAddress string, contractAdd
 		To:       &decodedContactAddress,
 		GasPrice: gasPrice,
 		Value:    totalAmount,
-		Data:     common.Hex2Bytes(txData),
+		Data:     common.FromHex(txData),
 	}
+
 	gasLimit, err := client.EstimateGas(context.Background(), msg)
 	if err != nil {
 		log.Fatal(err)
 	}
 
-	unsignedTx := types.NewTx(&types.DynamicFeeTx{
-		ChainID: chainID,
-		Nonce:   nonce,
-		To:      &decodedContactAddress,
-		Value:   totalAmount,
-		Gas:     gasLimit,
-		Data:    common.Hex2Bytes(txData),
+	unsignedTx := types.NewTx(&types.LegacyTx{
+		Nonce:    nonce,
+		To:       &decodedContactAddress,
+		Value:    totalAmount,
+		Gas:      gasLimit,
+		GasPrice: gasPrice,
+		Data:     common.FromHex(txData),
 	})
 
-	return unsignedTx, chainID
-}
-
-// ! Sign transaction
-func signTx(unsignedTx *types.Transaction) []byte {
+	fmt.Println("\nCrafted unsigned transaction:\n", "Nonce:", unsignedTx.Nonce(), "\n GasPrice:", unsignedTx.GasPrice(), "\n Gas:", unsignedTx.Gas(), "\n To:", unsignedTx.To().String(), "\n Value:", unsignedTx.Value())
 
-	// Builder Vault server TLS public keys (self-signed)
-	var serverMtlsPublicKeys = map[int]string{
-		0: "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaWLFxRxgLQHJ662gcd2LfPFYKDmI\n8AlzFUu/MFR0Pb5d0JYSBL/HAUR5/1OXfEV18riJZJCeOa1gxNocwzqZ9Q==\n-----END PUBLIC KEY-----\n",
-		1: "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAErPzIZwRgiFpBgIDYCzfRxEgvasus\nHa4qlwWnJ0TnlGgjcfD5Bp40J9HnOdlBkzhtVWq5PiLEMaFWdApTkRBT9Q==\n-----END PUBLIC KEY-----\n",
-		2: "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEyaLwUY4A99EDvqGMjBT2Q/M3zydm\nOniFOZicnwdvnJTMgXw8LAqLee+0VFIUZbxRPTvN1c1ORoD8+2xJ0VPglg==\n-----END PUBLIC KEY-----\n",
-	}
+	signer := types.NewEIP155Signer(chainID)
 
-	// Decode server public keys to bytes for use in TLS client authentication
-	serverPKIXPublicKeys := make([][]byte, len(serverMtlsPublicKeys))
-	for i := range serverMtlsPublicKeys {
-		block, rest := pem.Decode([]byte(serverMtlsPublicKeys[i]))
-		if block == nil || len(rest) != 0 {
-			panic("error decoding server public key (no block data)")
-		}
-		serverPublicKey, err := x509.ParsePKIXPublicKey(block.Bytes)
-		if err != nil {
-			panic(err)
-		}
-		serverPKIXPublicKeys[i], err = x509.MarshalPKIXPublicKey(serverPublicKey)
-		if err != nil {
-			panic(err)
-		}
-	}
+	return unsignedTx, signer.Hash(unsignedTx).Bytes(), chainID
+}
 
-	// Create TSM SDK clients with mTLS authentication and public key pinning
-	clients := make([]*tsm.Client, len(serverMtlsPublicKeys))
-	for i := range clients {
-		config, err := tsm.Configuration{URL: fmt.Sprintf("https://tsm-sandbox.prd.wallet.blockdaemon.app:%v", 8080+i)}.WithMTLSAuthentication("../client.key", "../client.crt", serverPKIXPublicKeys[i])
-		if err != nil {
-			panic(err)
-		}
-		clients[i], err = tsm.NewClient(config)
-		if err != nil {
-			panic(err)
-		}
-	}
+// ! Sign transaction
+func signTx(unsignedTxHash []byte) []byte {
+	// Create clients for each of the nodes
 
-	// The public keys of the other players to encrypt MPC protocol data end-to-end
-	playerB64Pubkeys := []string{
-		"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtDFBfanInAMHNKKDG2RW/DiSnYeI7scVvfHIwUIRdbPH0gBrsilqxlvsKZTakN8om/Psc6igO+224X8T0J9eMg==",
-		"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqvSkhonTeNhlETse8v3X7g4p100EW9xIqg4aRpD8yDXgB0UYjhd+gFtOCsRT2lRhuqNForqqC+YnBsJeZ4ANxg==",
-		"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBaHCIiViexaVaPuER4tE6oJE3IBA0U//GlB51C1kXkT07liVc51uWuYk78wi4e1unxC95QbeIfnDCG2i43fW3g==",
+	configs := []*tsm.Configuration{
+		tsm.Configuration{URL: "https://node-1-prod.tsm-test-greg.dev.wallet.blockdaemon.app"}.WithAPIKeyAuthentication(os.Getenv("BV_NODE1_KEY")),
+		tsm.Configuration{URL: "https://node-2-prod.tsm-test-greg.dev.wallet.blockdaemon.app"}.WithAPIKeyAuthentication(os.Getenv("BV_NODE2_KEY")),
 	}
 
-	playerPubkeys := map[int][]byte{}
-	playerIds := []int{0, 1, 2}
-	// iterate over other players public keys and convert them
-	for i := range playerIds {
-		pubkey, err := base64.StdEncoding.DecodeString(playerB64Pubkeys[i])
-		if err != nil {
+	clients := make([]*tsm.Client, len(configs))
+	for i, config := range configs {
+		var err error
+		if clients[i], err = tsm.NewClient(config); err != nil {
 			panic(err)
 		}
-		playerPubkeys[playerIds[i]] = pubkey
 	}
 
-	// Use the TSM to sign via the existing derived key for chain m/44/1
-	masterKeyID := "JWEcnWmbdncdBOCpMyRW4EldUZyL"
-	chainPath := []uint32{44, 551, 0, 0}
+	// Use the TSM to sign via the existing derived key for chain m/44/60
+	keyID := "r6mMzrh85Oel0QvpT0VsXdKJs9A4"
+	derivationPath := []uint32{44, 60, 0, 0}
 
 	partialSignaturesLock := sync.Mutex{}
-	partialSignatures := make([][]byte, 0)
-	//sessionConfig := tsm.NewStaticSessionConfig(tsm.GenerateSessionID(),3)
-	Players := []int{0, 1, 2}
-	sessionConfig := tsm.NewSessionConfig(tsm.GenerateSessionID(), Players, playerPubkeys)
+	var partialSignatures [][]byte
+	signPlayers := []int{1, 2}
+	signSessionConfig := tsm.NewSessionConfig(tsm.GenerateSessionID(), signPlayers, nil)
 	ctx := context.Background()
 	var eg errgroup.Group
 	for _, client := range clients {
 		client := client
 		eg.Go(func() error {
-			partialSignResult, err := client.ECDSA().Sign(ctx, sessionConfig, masterKeyID, chainPath, unsignedTx.Hash().Bytes())
+			partialSignResult, err := client.ECDSA().Sign(ctx, signSessionConfig, keyID, derivationPath, unsignedTxHash)
 			if err != nil {
 				return err
 			}
@@ -213,18 +177,18 @@ func signTx(unsignedTx *types.Transaction) []byte {
 		panic(err)
 	}
 
-	signature, err := tsm.ECDSAFinalizeSignature(unsignedTx.Hash().Bytes(), partialSignatures)
+	signature, err := tsm.ECDSAFinalizeSignature(unsignedTxHash, partialSignatures)
 	if err != nil {
 		panic(err)
 	}
 
-	// Add signature to transaction
+	// Construct Ethereum V R S signature format
 
 	sigBytes := make([]byte, 2*32+1)
 	copy(sigBytes[0:32], signature.R())
 	copy(sigBytes[32:64], signature.S())
 	sigBytes[64] = byte(signature.RecoveryID())
-	fmt.Println("Signed transaction:", sigBytes)
+	fmt.Println("\nTransaction signature:\n", sigBytes)
 
 	return sigBytes
 }
@@ -236,6 +200,7 @@ func sendTx(client *ethclient.Client, chainID *big.Int, unsignedTx *types.Transa
 	if err != nil {
 		panic(err)
 	}
+	fmt.Println("\nSigned raw transaction:\n", signedTx.Data())
 
 	err = client.SendTransaction(context.Background(), signedTx)
 	if err != nil {
@@ -248,9 +213,9 @@ func sendTx(client *ethclient.Client, chainID *big.Int, unsignedTx *types.Transa
 func main() {
 	stakeApiKey := os.Getenv("STAKE_API_KEY")
 	rpcApiKey := os.Getenv("RPC_API_KEY")
-	ethereumSenderAddress := "0x5C7168F2D1243A75B5970a9d0bBDBDFD8836eb2f" // Set your Ethereum sender address here. E.g. "0x71Bff5FFeF6408dAe06c055caB770D76E04831d2"
-	stakeWithdrawalAddress := "0x5C7168F2D1243A75B5970a9d0bBDBDFD8836eb2f"
-	stakeFeeRecipientAddress := "0x5C7168F2D1243A75B5970a9d0bBDBDFD8836eb2f"
+	ethereumSenderAddress := "0xE8fE1C1058b34d5152f2B23908dD8c65715F2D3A" // Set your Ethereum sender address here. E.g. "0x71Bff5FFeF6408dAe06c055caB770D76E04831d2"
+	stakeWithdrawalAddress := "0xE8fE1C1058b34d5152f2B23908dD8c65715F2D3A"
+	stakeFeeRecipientAddress := "0xE8fE1C1058b34d5152f2B23908dD8c65715F2D3A"
 
 	// Create go-ethereum/rpc client with heaader-based authentication
 	rpcClient, err := rpc.Dial("https://svc.blockdaemon.com/ethereum/holesky/native")
@@ -265,7 +230,7 @@ func main() {
 	if err != nil {
 		panic(err)
 	}
-	fmt.Println("Balance at account:", ethereumSenderAddress, "=", balance.Int64(), "wei")
+	fmt.Println("Balance at account:", ethereumSenderAddress, "=", (balance), "wei")
 
 	// Define stake intent request: 1x32ETH
 	stakeRequest := &Request{
@@ -279,11 +244,11 @@ func main() {
 	}
 
 	txData, contractAddress, totalAmount := createStakeIntent(stakeApiKey, stakeRequest)
-	totalAmount.Mul(totalAmount, gwei)
 
-	unsignedTx, chainID := craftTx(client, ethereumSenderAddress, contractAddress, totalAmount, txData)
-	signature := signTx(unsignedTx)
-	txHash := sendTx(client, chainID, unsignedTx, signature)
+	unsignedTx, unsignedTxHash, chainID := craftTx(client, ethereumSenderAddress, contractAddress, totalAmount, txData)
+
+	signature := signTx(unsignedTxHash)
 
-	fmt.Println(txHash)
+	txHash := sendTx(client, chainID, unsignedTx, signature)
+	fmt.Println("\nTransaction hash:", txHash)
 }