From 42d66f29d0b8459066ba7ddb80e21319a69e3259 Mon Sep 17 00:00:00 2001
From: schmanu <manu@safe.global>
Date: Fri, 6 Oct 2023 13:29:05 +0200
Subject: [PATCH 1/5] feat: enable manualSync, commit MFA changes in batches

---
 package.json                                  |  2 +-
 .../settings/SignerAccountMFA/helper.ts       |  5 +++
 .../mpc/__tests__/useMPCWallet.test.ts        |  3 +-
 .../mpc/recovery/DeviceShareRecovery.ts       | 12 +++++--
 src/hooks/wallets/mpc/useMPC.ts               |  1 +
 src/hooks/wallets/mpc/useMPCWallet.ts         |  1 +
 yarn.lock                                     | 36 +++++++++----------
 7 files changed, 37 insertions(+), 23 deletions(-)

diff --git a/package.json b/package.json
index 1000a072d2..cadb9b852e 100644
--- a/package.json
+++ b/package.json
@@ -68,7 +68,7 @@
     "@web3-onboard/ledger": "2.3.2",
     "@web3-onboard/trezor": "^2.4.2",
     "@web3-onboard/walletconnect": "^2.4.7",
-    "@web3auth/mpc-core-kit": "^1.0.2",
+    "@web3auth/mpc-core-kit": "^1.1.0",
     "blo": "^1.1.1",
     "bn.js": "^5.2.1",
     "classnames": "^2.3.1",
diff --git a/src/components/settings/SignerAccountMFA/helper.ts b/src/components/settings/SignerAccountMFA/helper.ts
index 9984df01cf..b9eb7a1f37 100644
--- a/src/components/settings/SignerAccountMFA/helper.ts
+++ b/src/components/settings/SignerAccountMFA/helper.ts
@@ -39,6 +39,9 @@ export const enableMFA = async (
     if (!securityQuestionFactor) {
       throw Error('Could not recover using the new password recovery')
     }
+    // We commit the new password separately
+    // It is necessary to be able to input the password factor before removing the (active) device factor
+    await mpcCoreKit.commitChanges()
 
     if (!isMFAEnabled(mpcCoreKit)) {
       // 2. enable MFA in mpcCoreKit
@@ -61,6 +64,8 @@ export const enableMFA = async (
       await mpcCoreKit.inputFactorKey(new BN(securityQuestionFactor, 'hex'))
       await deviceShareRecovery.removeDeviceFactor()
     }
+
+    await mpcCoreKit.commitChanges()
   } catch (e) {
     const error = asError(e)
     logError(ErrorCodes._304, error.message)
diff --git a/src/hooks/wallets/mpc/__tests__/useMPCWallet.test.ts b/src/hooks/wallets/mpc/__tests__/useMPCWallet.test.ts
index c6af1f84dd..29bd1c0248 100644
--- a/src/hooks/wallets/mpc/__tests__/useMPCWallet.test.ts
+++ b/src/hooks/wallets/mpc/__tests__/useMPCWallet.test.ts
@@ -190,8 +190,7 @@ describe('useMPCWallet', () => {
         } as unknown as UserInfo) as unknown as Web3AuthMPCCoreKit,
       )
 
-      // TODO: remove unnecessary cast if mpc core sdk gets updated
-      jest.spyOn(mpcCoreKit, 'getWebBrowserFactor').mockReturnValue(Promise.resolve(undefined as unknown as string))
+      jest.spyOn(mpcCoreKit, 'getWebBrowserFactor').mockReturnValue(Promise.resolve(undefined))
       jest.spyOn(mpcCoreKit, 'TssSecurityQuestion').mockReturnValue({
         getQuestion: () => 'SOME RANDOM QUESTION',
       } as unknown as TssSecurityQuestion)
diff --git a/src/hooks/wallets/mpc/recovery/DeviceShareRecovery.ts b/src/hooks/wallets/mpc/recovery/DeviceShareRecovery.ts
index 8a080ec626..e5a5fc4054 100644
--- a/src/hooks/wallets/mpc/recovery/DeviceShareRecovery.ts
+++ b/src/hooks/wallets/mpc/recovery/DeviceShareRecovery.ts
@@ -34,11 +34,19 @@ export class DeviceShareRecovery {
 
   async removeDeviceFactor() {
     const deviceFactor = await getWebBrowserFactor(this.mpcCoreKit)
+    if (!deviceFactor) {
+      // No device factor exists. Nothing to do
+      return
+    }
+    // Delete factor
     const key = new BN(deviceFactor, 'hex')
     const pubKey = getPubKeyPoint(key)
-    const pubKeyX = pubKey.x.toString('hex', 64)
     await this.mpcCoreKit.deleteFactor(pubKey)
+
+    // Remove from local storage
+    const metadata = this.mpcCoreKit.tKey.getMetadata()
+    const tkeyPubX = metadata.pubKey.x.toString(16, 64)
     const currentStorage = BrowserStorage.getInstance('mpc_corekit_store')
-    currentStorage.set(pubKeyX, undefined)
+    currentStorage.remove(tkeyPubX)
   }
 }
diff --git a/src/hooks/wallets/mpc/useMPC.ts b/src/hooks/wallets/mpc/useMPC.ts
index c7f4607c05..0e364d2454 100644
--- a/src/hooks/wallets/mpc/useMPC.ts
+++ b/src/hooks/wallets/mpc/useMPC.ts
@@ -45,6 +45,7 @@ export const useInitMPC = () => {
       uxMode: 'popup',
       enableLogging: true,
       chainConfig,
+      manualSync: true,
     })
 
     web3AuthCoreKit
diff --git a/src/hooks/wallets/mpc/useMPCWallet.ts b/src/hooks/wallets/mpc/useMPCWallet.ts
index 9fc69b4d06..c83312a9f5 100644
--- a/src/hooks/wallets/mpc/useMPCWallet.ts
+++ b/src/hooks/wallets/mpc/useMPCWallet.ts
@@ -118,6 +118,7 @@ export const useMPCWallet = (): MPCWalletHook => {
       if (storeDeviceShare) {
         const deviceShareRecovery = new DeviceShareRecovery(mpcCoreKit)
         await deviceShareRecovery.createAndStoreDeviceFactor()
+        await mpcCoreKit.commitChanges()
       }
 
       finalizeLogin()
diff --git a/yarn.lock b/yarn.lock
index 2f0dedda65..378a61bf00 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -5672,22 +5672,22 @@
     json-stable-stringify "^1.0.2"
     loglevel "^1.8.1"
 
-"@toruslabs/tss-client@^1.6.1-alpha.0":
-  version "1.6.1-alpha.0"
-  resolved "https://registry.yarnpkg.com/@toruslabs/tss-client/-/tss-client-1.6.1-alpha.0.tgz#876cdc3c1cae0889a29ad3ed7bf6460bf5055ee2"
-  integrity sha512-48nYPc/8v2LkbtgBJw3GRLM0Eb08ASFyK5i3nEDmLg1np7rDn/9TMovPckIKZNsqAb4Rwnsb6FmTNszg3UxYfw==
+"@toruslabs/tss-client@^1.7.1":
+  version "1.7.1"
+  resolved "https://registry.yarnpkg.com/@toruslabs/tss-client/-/tss-client-1.7.1.tgz#018511a75a1ee6094fbe74d2b7be968b92255e97"
+  integrity sha512-gaVjXy/eJKv59zdWW2lnAhjumw8DMMGlGHXEOipVywCylKqS8VvQVwwo+UyevR2VXUQsNkBr9deD5TGFH0OQHQ==
   dependencies:
-    "@toruslabs/eccrypto" "^2.1.1"
-    "@toruslabs/tss-lib" "^1.6.0-alpha.0"
+    "@toruslabs/eccrypto" "^4.0.0"
+    "@toruslabs/tss-lib" "^1.7.1"
     bn.js "^5.2.1"
     elliptic "^6.5.4"
     keccak256 "^1.0.6"
-    socket.io-client "^4.5.1"
+    socket.io-client "^4.7.2"
 
-"@toruslabs/tss-lib@^1.6.0-alpha.0":
-  version "1.6.0-alpha.0"
-  resolved "https://registry.yarnpkg.com/@toruslabs/tss-lib/-/tss-lib-1.6.0-alpha.0.tgz#3c896c3cd7cec04bc66f4bb240f65c5f4ffe4400"
-  integrity sha512-sCkAFRZYMDYDWDkMEo73fyz1NnPdXZTRiQWaUCywmtV8fWQBFgneq3bVZGIMAhUNYY62PD0BubW3XaV6mqMYTg==
+"@toruslabs/tss-lib@^1.7.1":
+  version "1.7.1"
+  resolved "https://registry.yarnpkg.com/@toruslabs/tss-lib/-/tss-lib-1.7.1.tgz#758c62b72b41450de5df90acb42d6c2ba5df0482"
+  integrity sha512-kdjBO95cPq4i7RaRMkjUJFH0aiSHrMZV/A4I42oUr0FkBd7e/RYyn1e1QH1pAAyidCIKbMkwqTxgPg4nuHEcDg==
 
 "@trezor/analytics@1.0.2":
   version "1.0.2"
@@ -7071,10 +7071,10 @@
     loglevel "^1.8.1"
     ts-custom-error "^3.3.1"
 
-"@web3auth/mpc-core-kit@^1.0.2":
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/@web3auth/mpc-core-kit/-/mpc-core-kit-1.0.2.tgz#0d6ee19df4c30449d8e283532c1c4d8c8a034f5f"
-  integrity sha512-68qp8vwydpsZa9c7YCOSbFJ/HulgauSTMymJiNFQ0q/gssAK+rzUMi7GJq/1gWlY8DOozO9C+u5MJnt9XG3JDw==
+"@web3auth/mpc-core-kit@^1.1.0":
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/@web3auth/mpc-core-kit/-/mpc-core-kit-1.1.0.tgz#b122a1ad2644e19f563679ee33c8cb6a9948d1a0"
+  integrity sha512-T7I9BB9hrZbpY9fwYXe7l0qNbKbbLlMvU4Gl1aPAyWXrnIP+bma9qqq0pVZaAx0DFehz023Yf5zgiwt6GR2F/g==
   dependencies:
     "@tkey-mpc/chrome-storage" "^8.2.2"
     "@tkey-mpc/common-types" "^8.2.2"
@@ -7091,8 +7091,8 @@
     "@toruslabs/metadata-helpers" "^5.x"
     "@toruslabs/openlogin-session-manager" "^3.0.0"
     "@toruslabs/torus.js" "^11.0.5"
-    "@toruslabs/tss-client" "^1.6.1-alpha.0"
-    "@toruslabs/tss-lib" "^1.6.0-alpha.0"
+    "@toruslabs/tss-client" "^1.7.1"
+    "@toruslabs/tss-lib" "^1.7.1"
     "@web3auth-mpc/ethereum-provider" "^2.3.0"
     "@web3auth/base" "^7.0.1"
     "@web3auth/base-provider" "^7.0.1"
@@ -15691,7 +15691,7 @@ smart-buffer@^4.2.0:
   resolved "https://registry.yarnpkg.com/smart-buffer/-/smart-buffer-4.2.0.tgz#6e1d71fa4f18c05f7d0ff216dd16a481d0e8d9ae"
   integrity sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==
 
-socket.io-client@^4.5.1, socket.io-client@^4.6.1, socket.io-client@^4.7.2:
+socket.io-client@^4.6.1, socket.io-client@^4.7.2:
   version "4.7.2"
   resolved "https://registry.yarnpkg.com/socket.io-client/-/socket.io-client-4.7.2.tgz#f2f13f68058bd4e40f94f2a1541f275157ff2c08"
   integrity sha512-vtA0uD4ibrYD793SOIAwlo8cj6haOeMHrGvwPxJsxH7CeIksqJ+3Zc06RvWTIFgiSqx4A3sOnTXpfAEE2Zyz6w==

From b0f22380625c45ed09f3af2b35e12d6ae1358df1 Mon Sep 17 00:00:00 2001
From: schmanu <manu@safe.global>
Date: Mon, 9 Oct 2023 12:11:42 +0200
Subject: [PATCH 2/5] fix: simplify MFA setup

---
 .../SignerAccountMFA/PasswordForm.tsx         | 32 ++++---------------
 .../settings/SignerAccountMFA/helper.ts       | 28 +---------------
 2 files changed, 8 insertions(+), 52 deletions(-)

diff --git a/src/components/settings/SignerAccountMFA/PasswordForm.tsx b/src/components/settings/SignerAccountMFA/PasswordForm.tsx
index 0f4d905974..f40e2e0522 100644
--- a/src/components/settings/SignerAccountMFA/PasswordForm.tsx
+++ b/src/components/settings/SignerAccountMFA/PasswordForm.tsx
@@ -1,40 +1,33 @@
-import { DeviceShareRecovery } from '@/hooks/wallets/mpc/recovery/DeviceShareRecovery'
 import { SecurityQuestionRecovery } from '@/hooks/wallets/mpc/recovery/SecurityQuestionRecovery'
-import { Typography, TextField, FormControlLabel, Checkbox, Button, Box } from '@mui/material'
+import { Typography, TextField, Button, Box } from '@mui/material'
 import { type Web3AuthMPCCoreKit } from '@web3auth/mpc-core-kit'
 import { useState, useMemo } from 'react'
-import { Controller, useForm } from 'react-hook-form'
+import { useForm } from 'react-hook-form'
 import { enableMFA } from './helper'
 
 enum PasswordFieldNames {
   oldPassword = 'oldPassword',
   newPassword = 'newPassword',
   confirmPassword = 'confirmPassword',
-  storeDeviceShare = 'storeDeviceShare',
 }
 
 type PasswordFormData = {
   [PasswordFieldNames.oldPassword]: string | undefined
   [PasswordFieldNames.newPassword]: string
   [PasswordFieldNames.confirmPassword]: string
-  [PasswordFieldNames.storeDeviceShare]: boolean
 }
 
 export const PasswordForm = ({ mpcCoreKit }: { mpcCoreKit: Web3AuthMPCCoreKit }) => {
   const formMethods = useForm<PasswordFormData>({
     mode: 'all',
-    defaultValues: async () => {
-      const isDeviceShareStored = await new DeviceShareRecovery(mpcCoreKit).isEnabled()
-      return {
-        [PasswordFieldNames.confirmPassword]: '',
-        [PasswordFieldNames.oldPassword]: undefined,
-        [PasswordFieldNames.newPassword]: '',
-        [PasswordFieldNames.storeDeviceShare]: isDeviceShareStored,
-      }
+    defaultValues: {
+      [PasswordFieldNames.confirmPassword]: '',
+      [PasswordFieldNames.oldPassword]: undefined,
+      [PasswordFieldNames.newPassword]: '',
     },
   })
 
-  const { register, formState, getValues, control, handleSubmit } = formMethods
+  const { register, formState, getValues, handleSubmit } = formMethods
 
   const [enablingMFA, setEnablingMFA] = useState(false)
 
@@ -100,17 +93,6 @@ export const PasswordForm = ({ mpcCoreKit }: { mpcCoreKit: Web3AuthMPCCoreKit })
           })}
         />
 
-        <Controller
-          control={control}
-          name={PasswordFieldNames.storeDeviceShare}
-          render={({ field: { value, ...field } }) => (
-            <FormControlLabel
-              control={<Checkbox checked={value ?? false} {...field} />}
-              label="Do not ask for second factor on this device"
-            />
-          )}
-        />
-
         <Button
           sx={{ justifySelf: 'flex-start' }}
           disabled={!formMethods.formState.isValid || enablingMFA}
diff --git a/src/components/settings/SignerAccountMFA/helper.ts b/src/components/settings/SignerAccountMFA/helper.ts
index b9eb7a1f37..4c39a02a49 100644
--- a/src/components/settings/SignerAccountMFA/helper.ts
+++ b/src/components/settings/SignerAccountMFA/helper.ts
@@ -1,11 +1,8 @@
-import { DeviceShareRecovery } from '@/hooks/wallets/mpc/recovery/DeviceShareRecovery'
 import { SecurityQuestionRecovery } from '@/hooks/wallets/mpc/recovery/SecurityQuestionRecovery'
 import { logError } from '@/services/exceptions'
 import ErrorCodes from '@/services/exceptions/ErrorCodes'
 import { asError } from '@/services/exceptions/utils'
-import { getPubKeyPoint } from '@tkey-mpc/common-types'
 import { type Web3AuthMPCCoreKit } from '@web3auth/mpc-core-kit'
-import BN from 'bn.js'
 
 export const isMFAEnabled = (mpcCoreKit: Web3AuthMPCCoreKit) => {
   if (!mpcCoreKit) {
@@ -20,18 +17,15 @@ export const enableMFA = async (
   {
     newPassword,
     oldPassword,
-    storeDeviceShare,
   }: {
     newPassword: string
     oldPassword: string | undefined
-    storeDeviceShare: boolean
   },
 ) => {
   if (!mpcCoreKit) {
     return
   }
   const securityQuestions = new SecurityQuestionRecovery(mpcCoreKit)
-  const deviceShareRecovery = new DeviceShareRecovery(mpcCoreKit)
   try {
     // 1. setup device factor with password recovery
     await securityQuestions.upsertPassword(newPassword, oldPassword)
@@ -39,30 +33,10 @@ export const enableMFA = async (
     if (!securityQuestionFactor) {
       throw Error('Could not recover using the new password recovery')
     }
-    // We commit the new password separately
-    // It is necessary to be able to input the password factor before removing the (active) device factor
-    await mpcCoreKit.commitChanges()
 
     if (!isMFAEnabled(mpcCoreKit)) {
       // 2. enable MFA in mpcCoreKit
-      const recoveryFactor = await mpcCoreKit.enableMFA({})
-
-      // 3. remove the recovery factor the mpcCoreKit creates
-      const recoverKey = new BN(recoveryFactor, 'hex')
-      const recoverPubKey = getPubKeyPoint(recoverKey)
-      await mpcCoreKit.deleteFactor(recoverPubKey, recoverKey)
-    }
-
-    const hasDeviceShare = await deviceShareRecovery.isEnabled()
-
-    if (!hasDeviceShare && storeDeviceShare) {
-      await deviceShareRecovery.createAndStoreDeviceFactor()
-    }
-
-    if (hasDeviceShare && !storeDeviceShare) {
-      // Switch to password recovery factor such that we can delete the device factor
-      await mpcCoreKit.inputFactorKey(new BN(securityQuestionFactor, 'hex'))
-      await deviceShareRecovery.removeDeviceFactor()
+      await mpcCoreKit.enableMFA({}, false)
     }
 
     await mpcCoreKit.commitChanges()

From d214e09e50c879a92a73d0ef0762a9e830af92ce Mon Sep 17 00:00:00 2001
From: schmanu <manu@safe.global>
Date: Mon, 9 Oct 2023 16:03:56 +0200
Subject: [PATCH 3/5] fix: commitChanges after login

---
 src/hooks/wallets/mpc/useMPCWallet.ts | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/hooks/wallets/mpc/useMPCWallet.ts b/src/hooks/wallets/mpc/useMPCWallet.ts
index c83312a9f5..d3cb6b1826 100644
--- a/src/hooks/wallets/mpc/useMPCWallet.ts
+++ b/src/hooks/wallets/mpc/useMPCWallet.ts
@@ -88,10 +88,13 @@ export const useMPCWallet = (): MPCWalletHook => {
     }
   }
 
-  const finalizeLogin = () => {
+  const finalizeLogin = async () => {
     if (!mpcCoreKit || !onboard) {
       return
     }
+
+    await mpcCoreKit.commitChanges()
+
     if (mpcCoreKit.status === COREKIT_STATUS.LOGGED_IN) {
       connectWallet(onboard, {
         autoSelect: {

From ba25c0a81f4df2f26357352a7da8fcba7e4f702b Mon Sep 17 00:00:00 2001
From: schmanu <manu@safe.global>
Date: Mon, 9 Oct 2023 16:06:02 +0200
Subject: [PATCH 4/5] fix: commit changes only if logged in

---
 src/hooks/wallets/mpc/useMPCWallet.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/hooks/wallets/mpc/useMPCWallet.ts b/src/hooks/wallets/mpc/useMPCWallet.ts
index d3cb6b1826..03a4b3efc4 100644
--- a/src/hooks/wallets/mpc/useMPCWallet.ts
+++ b/src/hooks/wallets/mpc/useMPCWallet.ts
@@ -93,9 +93,9 @@ export const useMPCWallet = (): MPCWalletHook => {
       return
     }
 
-    await mpcCoreKit.commitChanges()
-
     if (mpcCoreKit.status === COREKIT_STATUS.LOGGED_IN) {
+      await mpcCoreKit.commitChanges()
+
       connectWallet(onboard, {
         autoSelect: {
           label: ONBOARD_MPC_MODULE_LABEL,

From c8d519c0c00631c6b8398d25560cd8ea686d0e7e Mon Sep 17 00:00:00 2001
From: Usame Algan <usame@safe.global>
Date: Mon, 9 Oct 2023 16:17:35 +0200
Subject: [PATCH 5/5] fix: Remove redundant commitChanges, fix test mock

---
 src/hooks/wallets/mpc/__tests__/useMPCWallet.test.ts | 4 ++++
 src/hooks/wallets/mpc/useMPCWallet.ts                | 1 -
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/hooks/wallets/mpc/__tests__/useMPCWallet.test.ts b/src/hooks/wallets/mpc/__tests__/useMPCWallet.test.ts
index 29bd1c0248..acc38f6592 100644
--- a/src/hooks/wallets/mpc/__tests__/useMPCWallet.test.ts
+++ b/src/hooks/wallets/mpc/__tests__/useMPCWallet.test.ts
@@ -63,6 +63,10 @@ class MockMPCCoreKit {
       Promise.reject()
     }
   }
+
+  commitChanges() {
+    return Promise.resolve()
+  }
 }
 
 describe('useMPCWallet', () => {
diff --git a/src/hooks/wallets/mpc/useMPCWallet.ts b/src/hooks/wallets/mpc/useMPCWallet.ts
index 03a4b3efc4..62479fc66a 100644
--- a/src/hooks/wallets/mpc/useMPCWallet.ts
+++ b/src/hooks/wallets/mpc/useMPCWallet.ts
@@ -121,7 +121,6 @@ export const useMPCWallet = (): MPCWalletHook => {
       if (storeDeviceShare) {
         const deviceShareRecovery = new DeviceShareRecovery(mpcCoreKit)
         await deviceShareRecovery.createAndStoreDeviceFactor()
-        await mpcCoreKit.commitChanges()
       }
 
       finalizeLogin()