[PB-5655] feat(recovery): send backup public keys for validation during account#1805
Open
douglas-xt wants to merge 7 commits intomasterfrom
Open
[PB-5655] feat(recovery): send backup public keys for validation during account#1805douglas-xt wants to merge 7 commits intomasterfrom
douglas-xt wants to merge 7 commits intomasterfrom
Conversation
Deploying drive-web with
|
| Latest commit: |
4e22e03
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://27969c7f.drive-web.pages.dev |
| Branch Preview URL: | https://feat-send-public-keys-on-rec.drive-web.pages.dev |
douglas-xt
changed the title
douglas-xt
force-pushed
the
feat/send-public-keys-on-recovery
branch
from
1a0901f to
59f430b
Compare
larryrider
approved these changes
Jan 8, 2026
CandelR
reviewed
Jan 8, 2026
src/utils/backupKeyUtils.ts
Outdated
Comment on lines
60
to
61
| ecc: user.keys?.ecc?.publicKey || '', | ||
| kyber: user.keys?.kyber?.publicKey || '', |
Collaborator
There was a problem hiding this comment.
I see that if for some reason the public keys are not there, empty strings will be exported.
When attempting to send this empty string, do we notify the user?
Shouldn't we notify them if empty strings are going to be exported?
Contributor
Author
There was a problem hiding this comment.
If both ecc and kyber public keys are not present, publicKeys shouldn't be exported at all. In order to keep backward compatibility, I've changed that.
src/services/auth.service.test.ts
Outdated
| }); | ||
|
|
||
| it('should successfully update credentials with token and with backup data (ECC only)', async () => { | ||
| it('should not send keys when backup data has no publicKeys (legacy backup)', async () => { |
Collaborator
There was a problem hiding this comment.
if doesn't mind, change the test that are modifying to "when X, then Y" format
CandelR
approved these changes
Jan 9, 2026
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
… recovery
Description
This PR adds support for sending public keys during account recovery. When users export their backup file, it now includes both private and public keys. During account recovery, these public keys are extracted from the backup file and forwarded to the backend, which validates that they match the account being recovered.
Related Issues
Related Pull Requests
Checklist
Testing Process
Additional Notes
Updated @internxt/sdk from v1.11.17 to v1.12.0. This version includes a breaking change in changePasswordWithLinkV2 the keys parameter changed from PrivateKeys to RecoveryKeys ({ private?, public? }), which allows sending public keys alongside private keys during recovery.