Skip to content

feat!: MultisigAccount and LogicSig with signer interfaces #465

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 12 commits into
base: decoupling
Choose a base branch
from
Draft

feat!: MultisigAccount and LogicSig with signer interfaces #465

wants to merge 12 commits into from

Conversation

@joe-p
Copy link
Contributor

@joe-p joe-p commented Nov 25, 2025
edited
Loading

This PR started as just multisig, but now also includes logic signatures since they are partly intertwined. Both the lsig and msig abstractions present in algosdk and utils require direct usage of secret keys. The abstractions in this PR work entirely based on signing callbacks. This improves security (secret keys are no longer passed around) and makes multisigs and logicsigs compatible with external KMS.

The following function was also added to make it easy for anyone without Algorand knowledge to generate Algorand-specific signing functions with type safety, auth address handling, and proper domain separation:

const keypair = nacl.sign.keyPair()
const rawSigner = async (bytesToSign: Uint8Array): Promise<Uint8Array> => {
  return nacl.sign.detached(bytesToSign, keypair.secretKey)
}

const addressWithSigners = generateAddressWithSigners(keypair.publicKey, rawSigner)

expect(addressWithSigners.addr.publicKey).toEqual(keypair.publicKey)
expect(addressWithSigners.signer).toBeDefined()
expect(addressWithSigners.lsigSigner).toBeDefined()
expect(addressWithSigners.programDataSigner).toBeDefined()
expect(addressWithSigners.mxBytesSigner).toBeDefined()

It should be noted that this is a fairly significant breaking change for lsigs and msigs but the changes only affect those using in-memory secret keys with these abstractions whcih should hopefully be a small percentage of production code.

TODOs in this PR

  • Test coverage
  • Assess stateless functions for overlap and distill class functionalities as functions

Related TODOs in follow up PRs

  • Refactor Account abstraction
  • Separate algod25 package for working with 25-word mnemonics
  • Refactor environment mnemonic logic within utils
  • HD wallet package
  • Determine how to handle test account generation

@joe-p joe-p changed the base branch from main to decoupling November 25, 2025 19:38
@joe-p joe-p changed the title feat: MultisigAccount without secret keys feat!: MultisigAccount without secret keys Nov 25, 2025
@joe-p joe-p marked this pull request as draft November 25, 2025 20:04
@joe-p joe-p marked this pull request as ready for review November 25, 2025 21:21
@joe-p
Copy link
Contributor Author

joe-p commented Nov 26, 2025

Putting this in draft because I realized lsig and msig are a bit intertwined, so I wil update this PR with lsig changes as well

@joe-p joe-p marked this pull request as draft November 26, 2025 17:28
@joe-p joe-p force-pushed the decoupling-feat/secretless_msig branch from 354dd4b to 3a4d746 Compare November 26, 2025 19:54
@joe-p joe-p changed the title feat!: MultisigAccount without secret keys feat!: MultisigAccount and LogicSig with signer interfaces Nov 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@joe-p