feat(pxe): recipient-side interactive handshake registration#24514
feat(pxe): recipient-side interactive handshake registration#24514nchamo wants to merge 1 commit into
Conversation
| export type RegisteredTaggingSecretSource = | ||
| | Exclude<TaggingSecretSource, { kind: 'handshake' }> | ||
| /** A handshake's resolved shared secret, derived at registration from the handshake's ephemeral key. */ | ||
| | { kind: 'handshake'; recipient: AztecAddress; secret: Point }; |
There was a problem hiding this comment.
See that handshake secrets are not symmetrical. When they are added, they are a ephPk. But then we derive the secret and store that.
So when we list secrets via getTaggingSecretSources, we return the already derived secret. And if you want to remove the secret via removeTaggingSecretSource, you specify the derived secret too. I thought that would be the best way to do that because if someone forgot the ephPk, they wouldn't be able to unregister the secret
| for await (const existing of this.#sharedSecretsByRecipient.getValuesAsync(recipient.toString())) { | ||
| if (existing === secretStr) { | ||
| if (existing.secret === secretStr) { | ||
| if (existing.kind !== kind) { |
There was a problem hiding this comment.
Like the error message says. If you try to register the same secret twice, but with a different type, we'll fail. I'm not sure if this is the best way to handle this scenario, but overwriting felt off. And silently ignoring the secret didn't seem like a good solution either
Motivation
An interactive handshake emits no announcement log. The recipient learns the ephemeral key while authorizing it, but PXE had no way to use that knowledge: handshake discovery only scans announcements, so messages sent under an interactive handshake could never be found. The registry's
interactive_handshakeentrypoint landed in #24473.The change
handshakevariant onTaggingSecretSource. It takes the ephemeral key's x-coordinate (the value the recipient signs, y is positive by protocol construction). PXE reconstructs the point and derives the shared secret internally, so only the resolved secret is kept.RegisteredTaggingSecretSourcecarries the resolved secret for handshake entries, and removal matches kind + secret.PXE_DATA_SCHEMA_VERSIONis bumped.Since there is no announcement to re-scan, re-registration is the recovery path on a fresh PXE. The end-to-end interactive flow (signing + wallet helpers) lands with F-787.
Fixes F-660