docs: add BREAKING CHANGE warnings for co-sign modifications

Add detailed comments to warn about changes that affect persistent sign flow: - session_coordinator.go: ValidateSessionCreation now allows T <= count <= N for sign - mpc_session.go: CanStart/AllPartiesReady now check registered participants, not N - session_coordinator_client.go: ThresholdN now uses keygenThresholdN instead of len(parties) Each comment includes: - Original code behavior - New code behavior - How to revert if persistent sign breaks - Related files list 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-31 06:23:39 -08:00 · 2025-12-31 06:23:39 -08:00 · 75b15acda2
parent 94ab63db30
commit 75b15acda2
3 changed files with 31 additions and 0 deletions
--- a/backend/mpc-system/services/account/adapters/output/grpc/session_coordinator_client.go
+++ b/backend/mpc-system/services/account/adapters/output/grpc/session_coordinator_client.go
@ -138,6 +138,14 @@ type SigningPartyInfo struct {
 // Coordinator will select parties from the provided party info (from account shares)
 // delegateUserShare is required if any of the parties is a delegate party
 // keygenThresholdN is the original threshold_n from the keygen session (required for TSS math)
+//
+// BREAKING CHANGE WARNING (for co-sign feature, commit 042212ea):
+// Original code: ThresholdN = int32(len(parties)) - used participant count as N
+// New code: ThresholdN = keygenThresholdN - uses original N from keygen session
+// This change affects PERSISTENT SIGN flow. The original approach made threshold_n
+// equal to participant count (T+1), which worked with the old N-based validation.
+// If issues arise with persistent sign, REVERT to: ThresholdN: int32(len(parties))
+// Related files: session_coordinator.go, mpc_session.go, account_handler.go
 func (c *SessionCoordinatorClient) CreateSigningSessionAuto(
 	ctx context.Context,
 	thresholdT int32,
--- a/backend/mpc-system/services/session-coordinator/domain/entities/mpc_session.go
+++ b/backend/mpc-system/services/session-coordinator/domain/entities/mpc_session.go
@ -142,6 +142,15 @@ func (s *MPCSession) UpdateParticipantStatus(partyID value_objects.PartyID, stat
 }

 // CanStart checks if all participants have joined and the session can start
+//
+// BREAKING CHANGE WARNING (for co-sign feature, commit 99fa003b):
+// Original code: len(s.Participants) == s.Threshold.N() && readyCount == s.Threshold.N()
+// New code: Check all registered participants are joined (no T/N check)
+// This change affects PERSISTENT SIGN flow because we now pass keygenThresholdN
+// instead of len(parties) as threshold_n. With original code, sign sessions with
+// T+1 participants would fail because T+1 != N.
+// If issues arise with persistent sign, REVERT to original N-based check.
+// Related files: session_coordinator.go, session_coordinator_client.go, account_handler.go
 func (s *MPCSession) CanStart() bool {
 	// Session can start when all registered participants have joined
 	// The number of participants was determined at session creation time:
@ -263,6 +272,12 @@ func (s *MPCSession) MarkPartyReady(partyID string) error {
 }

 // AllPartiesReady checks if all participants are ready
+//
+// BREAKING CHANGE WARNING (for co-sign feature, commit 99fa003b):
+// Original code: len(s.Participants) != s.Threshold.N() would return false
+// New code: Check all registered participants are ready (no T/N check)
+// This change affects PERSISTENT SIGN flow. See CanStart() for details.
+// If issues arise with persistent sign, REVERT to original N-based check.
 func (s *MPCSession) AllPartiesReady() bool {
 	// Check that all registered participants are ready or completed
 	// The participant count was determined at session creation time
--- a/backend/mpc-system/services/session-coordinator/domain/services/session_coordinator.go
+++ b/backend/mpc-system/services/session-coordinator/domain/services/session_coordinator.go
@ -32,6 +32,14 @@ func (s *SessionCoordinatorService) ValidateSessionCreation(
 	// For sign: at least t parties required, can have up to n (participantCount >= t && <= n)
 	//   - Co-managed sign uses exactly T parties
 	//   - Persistent sign uses T+1 parties
+	//
+	// BREAKING CHANGE WARNING (for co-sign feature, commit 94ab63db):
+	// Original code: participantCount == threshold.N() for ALL session types
+	// New code: T <= participantCount <= N for sign sessions
+	// This change affects PERSISTENT SIGN flow because we now pass keygenThresholdN
+	// instead of len(parties) as threshold_n in CreateSigningSessionAuto.
+	// If issues arise with persistent sign, REVERT to: participantCount == threshold.N()
+	// Related files: session_coordinator_client.go, account_handler.go, mpc_session.go
 	if participantCount != 0 {
 		if sessionType == entities.SessionTypeSign {
 			// Signing session: participant count must be at least t (threshold)