test(abstract-utxo): add integration tests for custom change wallet

OttoAllmendinger · llm-git · OttoAllmendinger · commit afce442f15a0 · 2026-02-20T13:38:22.000+01:00
Add parseTransaction tests to verify custom change wallet key fetching, signature verification, and proper handling of transactions without customChangeWalletId. Tests cover both valid and invalid signatures. BTC-2650 Co-authored-by: llm-git <llm-git@ttll.de>
diff --git a/modules/abstract-utxo/src/transaction/fixedScript/parseTransaction.ts b/modules/abstract-utxo/src/transaction/fixedScript/parseTransaction.ts
@@ -209,6 +209,7 @@ export async function parseTransaction<TNumber extends bigint | number>(
   const explanation: TransactionExplanation = await coin.explainTransaction<TNumber>({
     txHex: txPrebuild.txHex,
     txInfo: txPrebuild.txInfo,
+    decodeWith: txPrebuild.decodeWith,
     pubs: keychainArray.map((k) => k.pub) as Triple<string>,
     customChangeXpubs,
   });
diff --git a/modules/abstract-utxo/test/unit/customChangeWallet.ts b/modules/abstract-utxo/test/unit/customChangeWallet.ts
@@ -1,13 +1,18 @@
 import assert from 'node:assert/strict';
 
+import nock = require('nock');
 import { CoinName, fixedScriptWallet, BIP32, message } from '@bitgo/wasm-utxo';
 import * as utxolib from '@bitgo/utxo-lib';
 import { testutil } from '@bitgo/utxo-lib';
+import { common, Wallet } from '@bitgo/sdk-core';
+import { getSeed } from '@bitgo/sdk-test';
 
 import { explainPsbt as explainPsbtUtxolib, explainPsbtWasm } from '../../src/transaction/fixedScript';
 import { verifyKeySignature } from '../../src/verifyKey';
 import { SdkBackend } from '../../src/transaction';
 
+import { defaultBitGo, getUtxoCoin } from './util';
+
 function explainPsbt(
   psbt: utxolib.bitgo.UtxoPsbt | fixedScriptWallet.BitGoPsbt,
   walletKeys: utxolib.bitgo.RootWalletKeys,
@@ -28,9 +33,25 @@ function explainPsbt(
 
 function describeWithBackend(sdkBackend: SdkBackend) {
   describe(`Custom Change Wallets (sdkBackend=${sdkBackend})`, function () {
+    const coin = getUtxoCoin('btc');
     const network = utxolib.networks.bitcoin;
+    const bgUrl = common.Environments[defaultBitGo.getEnv()].uri;
     const rootWalletKeys = testutil.getDefaultWalletKeys();
     const customChangeWalletKeys = testutil.getWalletKeysForSeed('custom change');
+    const userPrivateKey = BIP32.fromBase58(rootWalletKeys.triple[0].toBase58()).privateKey!;
+
+    const mainKeyIds = rootWalletKeys.triple.map((k) => getSeed(k.neutered().toBase58()).toString('hex'));
+    const customChangeKeyIds = customChangeWalletKeys.triple.map((k) =>
+      getSeed(k.neutered().toBase58()).toString('hex')
+    );
+    const customChangeKeySignatures = Object.fromEntries(
+      (['user', 'backup', 'bitgo'] as const).map((name, i) => [
+        name,
+        Buffer.from(
+          message.signMessage(customChangeWalletKeys.triple[i].neutered().toBase58(), userPrivateKey)
+        ).toString('hex'),
+      ])
+    ) as Record<'user' | 'backup' | 'bitgo', string>;
 
     const inputs: testutil.Input[] = [{ scriptType: 'p2sh', value: BigInt(10000) }];
     const outputs: testutil.Output[] = [
@@ -42,21 +63,34 @@ function describeWithBackend(sdkBackend: SdkBackend) {
       { scriptType: 'p2sh', value: BigInt(3000), walletKeys: null },
     ];
 
-    let psbt: utxolib.bitgo.UtxoPsbt | fixedScriptWallet.BitGoPsbt = testutil.constructPsbt(
-      inputs,
-      outputs,
-      network,
-      rootWalletKeys,
-      'unsigned',
-      {
-        addGlobalXPubs: true,
-      }
-    );
+    const utxolibPsbt = testutil.constructPsbt(inputs, outputs, network, rootWalletKeys, 'unsigned', {
+      addGlobalXPubs: true,
+    });
+    const psbt: utxolib.bitgo.UtxoPsbt | fixedScriptWallet.BitGoPsbt =
+      sdkBackend === 'wasm-utxo' ? fixedScriptWallet.BitGoPsbt.fromBytes(utxolibPsbt.toBuffer(), 'btc') : utxolibPsbt;
+
+    const externalAddress = utxolib.address.fromOutputScript(utxolibPsbt.txOutputs[2].script, network);
+    const customChangeWalletId = 'custom-change-wallet-id';
+    const mainWalletId = 'main-wallet-id';
+
+    function nockKeyFetch(keyIds: string[], keys: utxolib.bitgo.RootWalletKeys): nock.Scope[] {
+      return keyIds.map((id, i) =>
+        nock(bgUrl)
+          .get(`/api/v2/${coin.getChain()}/key/${id}`)
+          .reply(200, { pub: keys.triple[i].neutered().toBase58() })
+      );
+    }
 
-    if (sdkBackend === 'wasm-utxo') {
-      psbt = fixedScriptWallet.BitGoPsbt.fromBytes(psbt.toBuffer(), 'btc');
+    function nockCustomChangeWallet(): nock.Scope {
+      return nock(bgUrl).get(`/api/v2/${coin.getChain()}/wallet/${customChangeWalletId}`).reply(200, {
+        id: customChangeWalletId,
+        keys: customChangeKeyIds,
+        coin: coin.getChain(),
+      });
     }
 
+    afterEach(() => nock.cleanAll());
+
     it('classifies custom change output when customChangePubs is provided', function () {
       const explanation = explainPsbt(psbt, rootWalletKeys, customChangeWalletKeys, 'btc');
 
@@ -85,7 +119,6 @@ function describeWithBackend(sdkBackend: SdkBackend) {
     });
 
     it('verifies valid custom change key signatures', function () {
-      const userPrivateKey = BIP32.fromBase58(rootWalletKeys.triple[0].toBase58()).privateKey!;
       const userPub = rootWalletKeys.triple[0].neutered().toBase58();
 
       for (const key of customChangeWalletKeys.triple) {
@@ -110,6 +143,97 @@ function describeWithBackend(sdkBackend: SdkBackend) {
         );
       }
     });
+
+    describe('parseTransaction', function () {
+      it('fetches custom change wallet keys and verifies signatures', async function () {
+        const wallet = new Wallet(defaultBitGo, coin, {
+          id: mainWalletId,
+          keys: mainKeyIds,
+          coin: coin.getChain(),
+          coinSpecific: { customChangeWalletId },
+          customChangeKeySignatures,
+        });
+
+        const nocks = [
+          ...nockKeyFetch(mainKeyIds, rootWalletKeys),
+          nockCustomChangeWallet(),
+          ...nockKeyFetch(customChangeKeyIds, customChangeWalletKeys),
+        ];
+
+        const parsed = await coin.parseTransaction({
+          txParams: { recipients: [{ address: externalAddress, amount: '3000' }] },
+          txPrebuild: { txHex: utxolibPsbt.toHex(), decodeWith: sdkBackend },
+          wallet: wallet as unknown as import('../../src').UtxoWallet,
+        });
+
+        for (const n of nocks) assert.ok(n.isDone());
+
+        assert.ok(parsed.customChange);
+        assert.strictEqual(parsed.customChange.keys.length, 3);
+        for (let i = 0; i < 3; i++) {
+          assert.strictEqual(parsed.customChange.keys[i].pub, customChangeWalletKeys.triple[i].neutered().toBase58());
+        }
+
+        assert.strictEqual(parsed.explicitExternalOutputs.length, 1);
+        assert.strictEqual(parsed.explicitExternalOutputs[0].amount, '3000');
+      });
+
+      it('has no custom change when wallet lacks customChangeWalletId', async function () {
+        const wallet = new Wallet(defaultBitGo, coin, {
+          id: mainWalletId,
+          keys: mainKeyIds,
+          coin: coin.getChain(),
+          coinSpecific: {},
+        });
+
+        const nocks = nockKeyFetch(mainKeyIds, rootWalletKeys);
+
+        const parsed = await coin.parseTransaction({
+          txParams: { recipients: [{ address: externalAddress, amount: '3000' }] },
+          txPrebuild: { txHex: utxolibPsbt.toHex(), decodeWith: sdkBackend },
+          wallet: wallet as unknown as import('../../src').UtxoWallet,
+        });
+
+        for (const n of nocks) assert.ok(n.isDone());
+
+        assert.strictEqual(parsed.customChange, undefined);
+        assert.strictEqual(parsed.needsCustomChangeKeySignatureVerification, false);
+      });
+
+      it('rejects invalid custom change key signatures', async function () {
+        const wrongKey = BIP32.fromBase58(testutil.getWalletKeysForSeed('wrong').triple[0].toBase58());
+        const badSignatures = Object.fromEntries(
+          (['user', 'backup', 'bitgo'] as const).map((name, i) => [
+            name,
+            Buffer.from(
+              message.signMessage(customChangeWalletKeys.triple[i].neutered().toBase58(), wrongKey.privateKey!)
+            ).toString('hex'),
+          ])
+        ) as Record<'user' | 'backup' | 'bitgo', string>;
+
+        const wallet = new Wallet(defaultBitGo, coin, {
+          id: mainWalletId,
+          keys: mainKeyIds,
+          coin: coin.getChain(),
+          coinSpecific: { customChangeWalletId },
+          customChangeKeySignatures: badSignatures,
+        });
+
+        nockKeyFetch(mainKeyIds, rootWalletKeys);
+        nockCustomChangeWallet();
+        nockKeyFetch(customChangeKeyIds, customChangeWalletKeys);
+
+        await assert.rejects(
+          () =>
+            coin.parseTransaction({
+              txParams: { recipients: [{ address: externalAddress, amount: '3000' }] },
+              txPrebuild: { txHex: utxolibPsbt.toHex(), decodeWith: sdkBackend },
+              wallet: wallet as unknown as import('../../src').UtxoWallet,
+            }),
+          /failed to verify custom change .* key signature/
+        );
+      });
+    });
   });
 }
 
