fix(platform-wallet): add TRANSFER key to default identity registration key set#3894
Conversation
…on key set App-created identities were provisioned with only AUTHENTICATION (+ optional DashPay ENCRYPTION/DECRYPTION) keys and no purpose=TRANSFER key, so IdentityCreditTransfer (ID-04) and IdentityCreditWithdrawal (ID-10) failed on-chain with "missing key: no transfer public key". The registration key-set policy lives in Rust in `dash_sdk_derive_and_persist_identity_keys`. Extend its per-slot table so keyId 3 = TRANSFER/CRITICAL/ECDSA_SECP256K1 alongside the existing AUTHENTICATION MASTER/CRITICAL/HIGH keys; slots 0/1/2 keep their bytes unchanged. TRANSFER keys take no contract bounds (only ENC/DEC do). Bump SwiftExampleApp's `defaultKeyCount` 3->4 and the funding floor (`minIdentityFundingDuffsForDefaultKeys` 221_500->228_000 duffs); the optional DashPay enc/dec pair auto-shifts to keyId 4/5 via the symbolic `firstKeyId: Self.defaultKeyCount`. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Warning Review limit reached
More reviews will be available in 2 minutes and 45 seconds. Learn how PR review limits work. Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file). ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## v3.1-dev #3894 +/- ##
=============================================
- Coverage 87.22% 71.20% -16.03%
=============================================
Files 2641 20 -2621
Lines 328569 2837 -325732
=============================================
- Hits 286597 2020 -284577
+ Misses 41972 817 -41155
🚀 New features to boost your workflow:
|
Issue being fixed or feature implemented
Identities created on-device by SwiftExampleApp were provisioned with only AUTHENTICATION keys (MASTER/CRITICAL/HIGH) plus the optional DashPay ENCRYPTION/DECRYPTION pair — but no key with
purpose=TRANSFER(purpose 3). Dash Platform requires apurpose=TRANSFER,security_level=CRITICALkey to signIdentityCreditTransfer(ID-04) andIdentityCreditWithdrawal(ID-10) state transitions, so those broadcasts failed on-chain withProtocol error: missing key: no transfer public key. This blocked the Essential-tier ID-04 / ID-10 flows for every app-created identity, regardless of the (correct) Transfer Credits UI added in #3891.What was done?
The registration key-set policy is owned by Rust (per
packages/swift-sdk/CLAUDE.md), indash_sdk_derive_and_persist_identity_keys. The fix extends the per-slot policy table so the default registration set includes a TRANSFER key:packages/rs-platform-wallet-ffi/src/identity_derive_and_persist.rs: addPURPOSE_TRANSFER; change the per-slotmatchto emit(purpose, security_level)instead of onlysecurity_level; slots 0/1/2 keep their previous bytes byte-for-byte (so any caller still passingkey_count = 3is unchanged). TRANSFER keys carry no contract bounds (only ENC/DEC require them). Docs/table updated and a new unit testkey_count_four_includes_transfer_critical_keyadded.packages/swift-sdk/SwiftExampleApp/.../CreateIdentityView.swift: bumpdefaultKeyCount3 → 4 and the asset-lock funding floorminIdentityFundingDuffsForDefaultKeys221_500 → 228_000 duffs. The optional DashPay enc/dec pair auto-shifts to keyId 4/5 via the symbolicfirstKeyId: Self.defaultKeyCount(no Swift-side policy added).How Has This Been Tested?
cargo fmt --all;cargo test -p platform-wallet-ffi(incl. the new test) andcargo check -p platform-wallet-ffi --all-targets/--all-features --testspass. The pre-existingkey_count == 3test is unchanged and still passes (slots 0/1/2 untouched).(keyId,purpose,secLvl)=(0,0,0)(1,0,1)(2,0,2)(3,3,1)(4,1,3)(5,2,3)— the purpose-3 / CRITICAL / ECDSA TRANSFER key is present at keyId 3, with the DashPay enc/dec pair correctly at keyId 4/5. The three pre-existing identities have no purpose-3 key.no transfer public keyrejection (build → sign → broadcast → proof verification). The original bug is fixed.Breaking Changes
None. This changes the default key set for newly created identities (SDK/example-app behavior); it is not consensus-breaking and does not alter any existing on-chain data. Pre-release, so no migration concerns.
Checklist:
For repository code-owners and collaborators only