From 75b15acda2931647d9d688c3b031b07c47760985 Mon Sep 17 00:00:00 2001 From: hailin Date: Wed, 31 Dec 2025 06:23:39 -0800 Subject: [PATCH] docs: add BREAKING CHANGE warnings for co-sign modifications MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add detailed comments to warn about changes that affect persistent sign flow: - session_coordinator.go: ValidateSessionCreation now allows T <= count <= N for sign - mpc_session.go: CanStart/AllPartiesReady now check registered participants, not N - session_coordinator_client.go: ThresholdN now uses keygenThresholdN instead of len(parties) Each comment includes: - Original code behavior - New code behavior - How to revert if persistent sign breaks - Related files list 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- .../output/grpc/session_coordinator_client.go | 8 ++++++++ .../domain/entities/mpc_session.go | 15 +++++++++++++++ .../domain/services/session_coordinator.go | 8 ++++++++ 3 files changed, 31 insertions(+) diff --git a/backend/mpc-system/services/account/adapters/output/grpc/session_coordinator_client.go b/backend/mpc-system/services/account/adapters/output/grpc/session_coordinator_client.go index 2453409c..b4298419 100644 --- a/backend/mpc-system/services/account/adapters/output/grpc/session_coordinator_client.go +++ b/backend/mpc-system/services/account/adapters/output/grpc/session_coordinator_client.go @@ -138,6 +138,14 @@ type SigningPartyInfo struct { // Coordinator will select parties from the provided party info (from account shares) // delegateUserShare is required if any of the parties is a delegate party // keygenThresholdN is the original threshold_n from the keygen session (required for TSS math) +// +// BREAKING CHANGE WARNING (for co-sign feature, commit 042212ea): +// Original code: ThresholdN = int32(len(parties)) - used participant count as N +// New code: ThresholdN = keygenThresholdN - uses original N from keygen session +// This change affects PERSISTENT SIGN flow. The original approach made threshold_n +// equal to participant count (T+1), which worked with the old N-based validation. +// If issues arise with persistent sign, REVERT to: ThresholdN: int32(len(parties)) +// Related files: session_coordinator.go, mpc_session.go, account_handler.go func (c *SessionCoordinatorClient) CreateSigningSessionAuto( ctx context.Context, thresholdT int32, diff --git a/backend/mpc-system/services/session-coordinator/domain/entities/mpc_session.go b/backend/mpc-system/services/session-coordinator/domain/entities/mpc_session.go index b5f23c67..a6976405 100644 --- a/backend/mpc-system/services/session-coordinator/domain/entities/mpc_session.go +++ b/backend/mpc-system/services/session-coordinator/domain/entities/mpc_session.go @@ -142,6 +142,15 @@ func (s *MPCSession) UpdateParticipantStatus(partyID value_objects.PartyID, stat } // CanStart checks if all participants have joined and the session can start +// +// BREAKING CHANGE WARNING (for co-sign feature, commit 99fa003b): +// Original code: len(s.Participants) == s.Threshold.N() && readyCount == s.Threshold.N() +// New code: Check all registered participants are joined (no T/N check) +// This change affects PERSISTENT SIGN flow because we now pass keygenThresholdN +// instead of len(parties) as threshold_n. With original code, sign sessions with +// T+1 participants would fail because T+1 != N. +// If issues arise with persistent sign, REVERT to original N-based check. +// Related files: session_coordinator.go, session_coordinator_client.go, account_handler.go func (s *MPCSession) CanStart() bool { // Session can start when all registered participants have joined // The number of participants was determined at session creation time: @@ -263,6 +272,12 @@ func (s *MPCSession) MarkPartyReady(partyID string) error { } // AllPartiesReady checks if all participants are ready +// +// BREAKING CHANGE WARNING (for co-sign feature, commit 99fa003b): +// Original code: len(s.Participants) != s.Threshold.N() would return false +// New code: Check all registered participants are ready (no T/N check) +// This change affects PERSISTENT SIGN flow. See CanStart() for details. +// If issues arise with persistent sign, REVERT to original N-based check. func (s *MPCSession) AllPartiesReady() bool { // Check that all registered participants are ready or completed // The participant count was determined at session creation time diff --git a/backend/mpc-system/services/session-coordinator/domain/services/session_coordinator.go b/backend/mpc-system/services/session-coordinator/domain/services/session_coordinator.go index 333bd3ec..7c84c51c 100644 --- a/backend/mpc-system/services/session-coordinator/domain/services/session_coordinator.go +++ b/backend/mpc-system/services/session-coordinator/domain/services/session_coordinator.go @@ -32,6 +32,14 @@ func (s *SessionCoordinatorService) ValidateSessionCreation( // For sign: at least t parties required, can have up to n (participantCount >= t && <= n) // - Co-managed sign uses exactly T parties // - Persistent sign uses T+1 parties + // + // BREAKING CHANGE WARNING (for co-sign feature, commit 94ab63db): + // Original code: participantCount == threshold.N() for ALL session types + // New code: T <= participantCount <= N for sign sessions + // This change affects PERSISTENT SIGN flow because we now pass keygenThresholdN + // instead of len(parties) as threshold_n in CreateSigningSessionAuto. + // If issues arise with persistent sign, REVERT to: participantCount == threshold.N() + // Related files: session_coordinator_client.go, account_handler.go, mpc_session.go if participantCount != 0 { if sessionType == entities.SessionTypeSign { // Signing session: participant count must be at least t (threshold)