Skip to content

feat(passkey-crypto): add @bitgo/passkey-crypto package#8596

Merged
derranW26 merged 1 commit intomasterfrom
WCN-186/passkey-crypto-package
May 1, 2026
Merged

feat(passkey-crypto): add @bitgo/passkey-crypto package#8596
derranW26 merged 1 commit intomasterfrom
WCN-186/passkey-crypto-package

Conversation

@derranW26
Copy link
Copy Markdown
Contributor

@derranW26 derranW26 commented Apr 22, 2026

Summary

  • Adds new modules/passkey-crypto/ package (@bitgo/passkey-crypto) as the cryptographic foundation for the passkey feature (Ticket 1 of 9)
  • derivePassword(prfResult: ArrayBuffer): string — converts WebAuthn PRF output to a hex walletPassphrase for SJCL encryption
  • deriveEnterpriseSalt(baseSalt: string, enterpriseId: string): string — HMAC-SHA256 enterprise-scoped salt to prevent cross-enterprise key reuse

Test plan

  • yarn unit-test in modules/passkey-crypto/ — 11 tests passing (known vectors for both functions)
  • No any types
  • Package builds via yarn build in the module

@linear
Copy link
Copy Markdown

linear Bot commented Apr 22, 2026

WCN-186 Create `@bitgo/passkey-crypto` shared package

@derranW26 derranW26 force-pushed the WCN-186/passkey-crypto-package branch 2 times, most recently from e57cafc to 8708c6e Compare April 22, 2026 15:20
@derranW26 derranW26 marked this pull request as ready for review April 22, 2026 16:57
@derranW26 derranW26 requested review from a team as code owners April 22, 2026 16:57
@derranW26 derranW26 requested a review from lokesh-bitgo April 22, 2026 16:57
mohammadalfaiyazbitgo
mohammadalfaiyazbitgo requested changes Apr 22, 2026
View reviewed changes
Comment thread modules/passkey-crypto/package.json Outdated
Comment thread modules/passkey-crypto/src/deriveEnterpriseSalt.ts
@derranW26 derranW26 force-pushed the WCN-186/passkey-crypto-package branch 4 times, most recently from e993fc3 to 6a6ee30 Compare April 22, 2026 21:53
mohammadalfaiyazbitgo
mohammadalfaiyazbitgo reviewed Apr 23, 2026
View reviewed changes
Comment thread modules/passkey-crypto/src/derivePassword.ts Outdated
Comment thread modules/passkey-crypto/src/deriveEnterpriseSalt.ts Outdated
@derranW26 derranW26 force-pushed the WCN-186/passkey-crypto-package branch from 6a6ee30 to 9ca1f7d Compare April 23, 2026 19:37
@derranW26
feat(passkey-crypto): add @bitgo/passkey-crypto package
727a8e1 
Pure cryptographic primitives for WebAuthn PRF-based key derivation:
- derivePassword: converts ArrayBuffer PRF result to hex walletPassphrase
- deriveEnterpriseSalt: HMAC-SHA256 via SJCL matching retail implementation exactly

TICKET: WCN-186
@derranW26 derranW26 force-pushed the WCN-186/passkey-crypto-package branch from 9ca1f7d to 727a8e1 Compare May 1, 2026 19:01
@derranW26 derranW26 merged commit 41a9575 into master May 1, 2026
22 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mohammadalfaiyazbitgo mohammadalfaiyazbitgo mohammadalfaiyazbitgo approved these changes

@lokesh-bitgo lokesh-bitgo Awaiting requested review from lokesh-bitgo lokesh-bitgo is a code owner automatically assigned from BitGo/wallet-core-india

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@derranW26 @mohammadalfaiyazbitgo