Feat: admin subprotocol hardware wallet compatibility.

[irnb]

Description

the admin subprotocol now uses individual ECDSA signatures instead of MuSig2 aggregated Schnorr signatures for hardware wallet compatibility.

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature/Enhancement (non-breaking change which adds functionality or enhances an existing one)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Refactor
• New or updated tests
• Dependency Update

Notes to Reviewers

Checklist

• I have performed a self-review of my code.
• I have commented my code where necessary.
• I have updated the documentation if needed.
• My changes do not introduce new warnings.
• I have added (where necessary) tests that prove my changes are effective or that my feature works.
• New and existing tests pass with my changes.
• I have disclosed my use of AI in the body of this PR.

Related Issues

[barakshani]

Does the admin spec represent this change?

[irnb]

@barakshani

I'm not sure at the moment, but I'll make sure to update the spec accordingly before marking this PR as ready for merge.

[prajwolrg]

Good work! Looks clean! I just have some minor nits and feedbacks. As part of the PR, the spec docs also needs to be updated.

[barakshani]

Using threshold for naming is welcome!

[storopoli]

I really don't like having threshold as an u8 since it can include 0. We should use NonZero<u8> from Rust's standard library.

[codecov]

Codecov Report

❌ Patch coverage is 91.03535% with 71 lines in your changes missing coverage. Please review.
✅ Project coverage is 76.17%. Comparing base (2a072bc) to head (f758030).
⚠️ Report is 5 commits behind head on main.

Files with missing lines	Patch %	Lines
...s/crypto/src/threshold_signature/indexed/pubkey.rs	71.26%	25 Missing ⚠️
...s/crypto/src/threshold_signature/indexed/config.rs	87.74%	19 Missing ⚠️
...rypto/src/threshold_signature/indexed/signature.rs	89.21%	11 Missing ⚠️
...s/crypto/src/threshold_signature/indexed/errors.rs	0.00%	6 Missing ⚠️
crates/asm/subprotocols/admin/src/config.rs	25.00%	3 Missing ⚠️
...ates/asm/txs/admin/src/actions/updates/multisig.rs	0.00%	3 Missing ⚠️
crates/crypto/src/musig2/aggregation.rs	95.00%	2 Missing ⚠️
.../threshold_signature/indexed/verification/ecdsa.rs	98.01%	2 Missing ⚠️

@@            Coverage Diff             @@
##             main    #1163      +/-   ##
==========================================
+ Coverage   75.90%   76.17%   +0.27%     
==========================================
  Files         528      546      +18     
  Lines       43905    45087    +1182     
==========================================
+ Hits        33325    34345    +1020     
- Misses      10580    10742     +162     

Flag	Coverage Δ
functional	51.25% <5.41%> (+0.52%)	⬆️
unit	56.28% <91.03%> (+0.72%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
crates/asm/subprotocols/admin/src/authority.rs	90.00% <100.00%> (ø)
crates/asm/subprotocols/admin/src/handler.rs	93.93% <100.00%> (+1.09%)	⬆️
crates/asm/subprotocols/admin/src/state.rs	99.40% <100.00%> (+2.63%)	⬆️
...s/asm/subprotocols/bridge-v1/src/state/operator.rs	97.19% <ø> (-0.02%)	⬇️
crates/asm/txs/admin/src/parser.rs	100.00% <100.00%> (ø)
crates/asm/txs/admin/src/test_utils/mod.rs	100.00% <100.00%> (ø)
crates/crypto/src/test_utils/schnorr.rs	98.27% <100.00%> (+0.06%)	⬆️
...to/src/threshold_signature/indexed/verification.rs	100.00% <100.00%> (ø)
crates/l1tx/src/utils.rs	70.87% <ø> (ø)
crates/crypto/src/musig2/aggregation.rs	95.00% <95.00%> (ø)
... and 7 more

... and 122 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Commit: b691a8e

SP1 Execution Results

program	cycles	success
EVM EE STF	1,304,622	✅
CL STF	211,071	✅
Checkpoint	2,242	✅

[irnb]

@prajwolrg @barakshani @storopoli

Thanks for the review!
I’ve addressed most of the comments, improved the naming, fixed a potential issue with how the hardware wallet’s recovery_Id is handled, and updated the spec accordingly.

For reference, here’s the signature format I used while verifying the fix:

┌─────────────────────────────────────────────────────────────────┐
│                    SIGNATURE FORMAT                             │
├─────────────────────────────────────────────────────────────────┤
│                                                                 │
│  Hardware Wallet Output (BIP-137 Bitcoin Message Signing):      │
│  ┌────────┬──────────────────────┬──────────────────────┐      │
│  │ Header │         R            │         S            │      │
│  │ 1 byte │      32 bytes        │      32 bytes        │      │
│  │ 27-42  │                      │                      │      │
│  └────────┴──────────────────────┴──────────────────────┘      │
│                                                                 │
│  secp256k1 library expects:                                     │
│  ┌────────┬──────────────────────┬──────────────────────┐      │
│  │ recid  │         R            │         S            │      │
│  │ 0-3    │      32 bytes        │      32 bytes        │      │
│  └────────┴──────────────────────┴──────────────────────┘      │
│                                                                 │
│  NORMALIZATION NEEDED:                                          │
│  ───────────────────────────────────────────────────────        │
│  27-30 → subtract 27 → recid 0-3 (uncompressed P2PKH)           │
│  31-34 → subtract 31 → recid 0-3 (compressed P2PKH)             │
│  35-38 → subtract 35 → recid 0-3 (SegWit P2SH)                  │
│  39-42 → subtract 39 → recid 0-3 (Native SegWit)                │
│  0-3   → use as-is   → recid 0-3 (raw format)                   │
│                                                                 │
│  NOTE:                                                          │
│  The address-type hint (27 vs 31 vs 35 vs 39 base) is just      │
│  "noise" that hardware wallets add for Bitcoin specific         │
│  workflows where an address is derived and shown to users.      │
│                                                                 │
└─────────────────────────────────────────────────────────────────┘

I’ll do another review pass to ensure everything is fully addressed.

[storopoli]

ACK 5cf0e39

From my side OK. Note that we have other review comments. Especially the trait-based one from @barakshani.

[irnb]

Especially the trait-based

#1163 (comment)

@storopoli

[storopoli]

Ooops removed from the queue. @AaronFeickert can you please take a look at the cryptographic functions in strata-crypto please?

[AaronFeickert]

This comment seems a bit off. Is it not the case that a SignatureSet is already guaranteed not to contain duplicates? If so, this function's caller does not need to concern itself with this.

[AaronFeickert]

Recommend using an internal hash set to check for duplicates instead. It's a very clean approach.

[AaronFeickert]

This comment seems a bit wonky. Since the constructor enforces uniqueness, why not change to indicate that a SignatureSet will not contain duplicates?

[barakshani]

Suggested change

	/// This function performs the actual ECDSA signature recovery and verification.
	/// This function performs pk extraction from the ECDSA signature, and matches with the config.

[barakshani]

Suggested change

	// Hardware wallets emit recoverable signatures (with a header). Recover first so we
	// Hardware wallets support recoverable public key from signatures. Recover first so we

[barakshani]

Suggested change

	/// a seqno.
	/// a sequence number.

[barakshani]

Convert to a comment rather than a docstring.

[barakshani]

Suggested change

	/// Creates an ECDSA recoverable signature for a message hash.
	/// Creates an ECDSA signature with recoverable pk for a message hash.

[barakshani]

What does "individual" mean here? I think we can omit this word.

[barakshani]

ditto

[barakshani]

Suggested change

	/// An individual ECDSA signature with its signer index.
	/// An ECDSA signature with its signer index.