- Remove Address field from PartyEndpoint (parties connect to router themselves)
- Update K8s Discovery to only manage PartyID and Role labels
- Add Party registration and SessionEvent protobuf definitions
- Implement PartyRegistry and SessionEventBroadcaster domain logic
- Add RegisterParty and SubscribeSessionEvents gRPC handlers
- Prepare infrastructure for party-driven MPC coordination
This is the first phase of migrating from coordinator-driven to party-driven
architecture following international MPC system design patterns.
Changes:
- Modified CreateAccountRequest to make email optional (omitempty)
- Changed Account.Email from string to *string pointer type
- Updated PostgreSQL repository to handle nullable email with sql.NullString
- Username remains required and auto-generated by identity-service
This supports anonymous account creation without requiring email registration.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added debug logging to track participant details including party_index in:
- account service MPC keygen handler
- session coordinator gRPC client
- session coordinator gRPC handler
This helps debug the party index assignment issue where all parties
were receiving index 0 instead of unique indices (0, 1, 2).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Update account_handler to use real gRPC calls instead of placeholders
- Add sessionCoordinatorClient field to AccountHTTPHandler
- Modify CreateKeygenSession to call session coordinator via gRPC
- Modify CreateSigningSession to call session coordinator via gRPC
- Modify GetSessionStatus to query real session data via gRPC
- Update main.go to initialize and pass sessionCoordinatorClient
- Remove separate mpc_handler.go (consolidated into account_handler)
- Regenerate protobuf files with gRPC service definitions
- Add proper imports for context, time, and grpc adapter
All MPC endpoints now create real sessions with JWT tokens and
can query actual session status from the session coordinator service.
Tested end-to-end: keygen session creation and status query working.
Major changes:
- Add TSS core library (pkg/tss) with keygen and signing protocols
- Implement gRPC clients for Server Party service
- Add MPC session endpoints to Account service
- Deploy 3 Server Party instances in docker-compose
- Add MarkPartyReady and StartSession to proto definitions
- Complete integration tests for 2-of-3, 3-of-5, 4-of-7 thresholds
- Add comprehensive documentation (architecture, API, testing, deployment)
Test results:
- 2-of-3: PASSED (keygen 93s, signing 80s)
- 3-of-5: PASSED (keygen 198s, signing 120s)
- 4-of-7: PASSED (keygen 221s, signing 150s)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix CreateAccount to decode hex-encoded public key before storage
- Fix Login signature verification to hash challenge before verifying
- Return 401 instead of 400 for invalid hex format in login credentials
- Fix CompleteRecovery to handle direct transition from requested state
All 8 E2E tests now pass (100% pass rate):
- TestAccountRecoveryFlow, TestCompleteAccountFlow, TestDuplicateUsername, TestInvalidLogin
- TestCompleteKeygenFlow, TestExceedParticipantLimit, TestGetNonExistentSession, TestJoinSessionWithInvalidToken
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add encoding/hex import to account handler
- Encode challenge as hex string in GenerateChallenge handler
- Decode hex-encoded challenge and signature in Login handler
- Decode hex-encoded public key in CompleteRecovery handler
This fixes compatibility between the test client (which uses hex encoding)
and the server handlers.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
hailin
Developer