tss_api: add user_identifier support to Ed25519 keygen

Ryz0nd · Ryz0nd · commit 6c94d5bfc2d5 · 2026-01-05T12:52:26.000+09:00
diff --git a/backend/tss_api/src/api/keygen_ed25519/index.test.ts b/backend/tss_api/src/api/keygen_ed25519/index.test.ts
@@ -46,16 +46,17 @@ async function setUpKeyShareNodeMeta(pool: Pool): Promise<void> {
 
 function generateKeygenRequest(
   keygenResult: ReturnType<typeof runKeygenCentralizedEd25519>,
-  email: string = TEST_EMAIL,
+  user_identifier: string = TEST_EMAIL,
 ): KeygenEd25519Request {
   const serverKeygenOutput = keygenResult.keygen_outputs[Participant.P1];
   return {
     auth_type: "google",
-    email,
+    user_identifier,
     keygen_2: {
       ...serverKeygenOutput,
       public_key: [...keygenResult.public_key],
     },
+    email: user_identifier,
   };
 }
 
@@ -214,11 +215,12 @@ describe("Ed25519 Keygen", () => {
 
       const request: KeygenEd25519Request = {
         auth_type: "google",
-        email: TEST_EMAIL,
+        user_identifier: TEST_EMAIL,
         keygen_2: {
           ...serverKeygenOutput,
           public_key: [...keygenResult.public_key],
         },
+        email: TEST_EMAIL,
         name: "Test User",
       };
 
@@ -247,11 +249,12 @@ describe("Ed25519 Keygen", () => {
 
         const request: KeygenEd25519Request = {
           auth_type: authTypes[i],
-          email: `authtype-test-${i}@test.com`,
+          user_identifier: `authtype-test-${i}@test.com`,
           keygen_2: {
             ...serverKeygenOutput,
             public_key: [...keygenResult.public_key],
           },
+          email: `authtype-test-${i}@test.com`,
         };
 
         const result = await runKeygenEd25519(
diff --git a/backend/tss_api/src/api/keygen_ed25519/index.ts b/backend/tss_api/src/api/keygen_ed25519/index.ts
@@ -33,9 +33,13 @@ export async function runKeygenEd25519(
   encryptionSecret: string,
 ): Promise<OkoApiResponse<SignInResponse>> {
   try {
-    const { auth_type, email, keygen_2, name } = keygenRequest;
+    const { auth_type, user_identifier, keygen_2, email, name } = keygenRequest;
 
-    const getUserRes = await getUserByEmailAndAuthType(db, email, auth_type);
+    const getUserRes = await getUserByEmailAndAuthType(
+      db,
+      user_identifier,
+      auth_type,
+    );
     if (getUserRes.success === false) {
       return {
         success: false,
@@ -68,7 +72,7 @@ export async function runKeygenEd25519(
         };
       }
     } else {
-      const createUserRes = await createUser(db, email, auth_type);
+      const createUserRes = await createUser(db, user_identifier, auth_type);
       if (createUserRes.success === false) {
         return {
           success: false,
@@ -219,9 +223,10 @@ export async function runKeygenEd25519(
       data: {
         token: tokenResult.data.token,
         user: {
-          email: email,
           wallet_id: wallet.wallet_id,
           public_key: publicKeyHex,
+          user_identifier,
+          email: email ?? null,
           name: name ?? null,
         },
       },
diff --git a/backend/tss_api/src/routes/keygen_ed25519.ts b/backend/tss_api/src/routes/keygen_ed25519.ts
@@ -91,11 +91,13 @@ export function setKeygenEd25519Routes(router: Router) {
       const auth_type = oauthUser.type as AuthType;
       const body = req.body;
 
-      if (!oauthUser?.email) {
+      const user_identifier = oauthUser.user_identifier;
+
+      if (!user_identifier) {
         res.status(401).json({
           success: false,
           code: "UNAUTHORIZED",
-          msg: "User email not found",
+          msg: "User identifier not found",
         });
         return;
       }
@@ -110,8 +112,9 @@ export function setKeygenEd25519Routes(router: Router) {
         jwtConfig,
         {
           auth_type,
-          email: oauthUser.email.toLowerCase(),
+          user_identifier,
           keygen_2: body.keygen_2,
+          email: oauthUser.email,
           name: oauthUser.name,
         },
         state.encryption_secret,
diff --git a/common/oko_types/src/tss/auth.ts b/common/oko_types/src/tss/auth.ts
@@ -1,5 +1,5 @@
 export interface UserTokenPayload {
-  email: string;
+  email?: string;
   wallet_id: string;
   wallet_id_ed25519?: string;
   type: "user";
@@ -8,7 +8,7 @@ export interface UserTokenPayload {
 export interface GenerateUserTokenArgs {
   wallet_id: string;
   wallet_id_ed25519?: string;
-  email: string;
+  email?: string;
   jwt_config: {
     secret: string;
     expires_in: string;
diff --git a/common/oko_types/src/tss/keygen_ed25519.ts b/common/oko_types/src/tss/keygen_ed25519.ts
@@ -8,8 +8,9 @@ export interface TeddsaKeygenOutputWithPublicKey extends TeddsaKeygenOutput {
 
 export interface KeygenEd25519Request {
   auth_type: AuthType;
-  email: string;
+  user_identifier: string;
   keygen_2: TeddsaKeygenOutputWithPublicKey;
+  email?: string;
   name?: string;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -8,8 +8,9 @@ export interface TeddsaKeygenOutputWithPublicKey extends TeddsaKeygenOutput {`
`8`	`8`
`9`	`9`	`export interface KeygenEd25519Request {`
`10`	`10`	`auth_type: AuthType;`
`11`		`- email: string;`
	`11`	`+ user_identifier: string;`
`12`	`12`	`keygen_2: TeddsaKeygenOutputWithPublicKey;`
	`13`	`+ email?: string;`
`13`	`14`	`name?: string;`
`14`	`15`	`}`
`15`	`16`