teddsa: add DTOs for key packages and signing commitments

apps/customer_dashboard/src/app/users/forgot_password/page.tsx

@@ -277,9 +277,7 @@ export default function ForgotPasswordPage() {
                     tagType="span"
                     size="sm"
                     weight="semibold"
-                    color={
-                      !isExpired || isResending ? "tertiary" : "primary"
-                    }
+                    color={!isExpired || isResending ? "tertiary" : "primary"}
                   >
                     Resend
                   </Typography>
@@ -352,7 +350,9 @@ export default function ForgotPasswordPage() {
                 className={styles.eyeButton}
                 onClick={() => setShowConfirm((prev) => !prev)}
                 aria-label={
-                  showConfirm ? "Hide confirm password" : "Show confirm password"
+                  showConfirm
+                    ? "Hide confirm password"
+                    : "Show confirm password"
                 }
               >
                 {showConfirm ? <EyeIcon /> : <EyeOffIcon />}

backend/openapi/src/tss/keygen_ed25519.ts

@@ -5,16 +5,12 @@ import { registry } from "../registry";
 const TeddsaKeygenOutputSchema = registry.register(
   "TeddsaKeygenOutput",
   z.object({
-    key_package: z
-      .array(z.number())
-      .openapi({
-        description: "FROST KeyPackage bytes (contains secret share)",
-      }),
-    public_key_package: z
-      .array(z.number())
-      .openapi({
-        description: "Public key package bytes (shared by all participants)",
-      }),
+    key_package: z.array(z.number()).openapi({
+      description: "FROST KeyPackage bytes (contains secret share)",
+    }),
+    public_key_package: z.array(z.number()).openapi({
+      description: "Public key package bytes (shared by all participants)",
+    }),
     identifier: z
       .array(z.number())
       .openapi({ description: "Participant identifier bytes" }),

backend/tss_api/src/api/presign_ed25519/index.ts

@@ -11,7 +11,7 @@ import {
   TssStageType,
   PresignEd25519StageStatus,
 } from "@oko-wallet/oko-types/tss";
-import type { TeddsaKeygenOutput } from "@oko-wallet/teddsa-interface";
+import type { KeygenEd25519Output } from "@oko-wallet/oko-types/tss";
 import type { OkoApiResponse } from "@oko-wallet/oko-types/api_response";
 import { Pool } from "pg";
 import { decryptDataAsync } from "@oko-wallet/crypto-js/node";
@@ -54,7 +54,7 @@ export async function runPresignEd25519(
       encryptedShare,
       encryptionSecret,
     );
-    const keygenOutput: TeddsaKeygenOutput = JSON.parse(decryptedShare);
+    const keygenOutput: KeygenEd25519Output = JSON.parse(decryptedShare);
 
     // Generate nonces and commitments (Round 1 without message)
     const round1Result = runSignRound1Ed25519(

backend/tss_api/src/api/sign_ed25519/index.ts

@@ -21,7 +21,7 @@ import {
   PresignEd25519StageStatus,
   TssSessionState,
 } from "@oko-wallet/oko-types/tss";
-import type { TeddsaKeygenOutput } from "@oko-wallet/teddsa-interface";
+import type { KeygenEd25519Output } from "@oko-wallet/oko-types/tss";
 import type { OkoApiResponse } from "@oko-wallet/oko-types/api_response";
 import { Pool } from "pg";
 import { decryptDataAsync } from "@oko-wallet/crypto-js/node";
@@ -73,7 +73,7 @@ export async function runSignEd25519Round1(
       encryptedShare,
       encryptionSecret,
     );
-    const keygenOutput: TeddsaKeygenOutput = JSON.parse(decryptedShare);
+    const keygenOutput: KeygenEd25519Output = JSON.parse(decryptedShare);
 
     const round1Result = runSignRound1Ed25519(
       new Uint8Array(keygenOutput.key_package),
@@ -219,7 +219,7 @@ export async function runSignEd25519Round2(
       encryptedShare,
       encryptionSecret,
     );
-    const keygenOutput: TeddsaKeygenOutput = JSON.parse(decryptedShare);
+    const keygenOutput: KeygenEd25519Output = JSON.parse(decryptedShare);
 
     const serverCommitment = {
       identifier,
@@ -360,7 +360,7 @@ export async function runSignEd25519(
       encryptedShare,
       encryptionSecret,
     );
-    const keygenOutput: TeddsaKeygenOutput = JSON.parse(decryptedShare);
+    const keygenOutput: KeygenEd25519Output = JSON.parse(decryptedShare);
 
     const serverCommitment = {
       identifier,
@@ -454,7 +454,7 @@ export async function runSignEd25519Aggregate(
       encryptedShare,
       encryptionSecret,
     );
-    const keygenOutput: TeddsaKeygenOutput = JSON.parse(decryptedShare);
+    const keygenOutput: KeygenEd25519Output = JSON.parse(decryptedShare);
 
     const aggregateResult = runAggregateEd25519(
       new Uint8Array(msg),

backend/tss_api/src/api/wallet_ed25519/index.ts

@@ -34,7 +34,11 @@ export async function getWalletEd25519PublicInfo(
     const { user_identifier, auth_type } = request;
 
     // Get user
-    const getUserRes = await getUserByEmailAndAuthType(db, user_identifier, auth_type);
+    const getUserRes = await getUserByEmailAndAuthType(
+      db,
+      user_identifier,
+      auth_type,
+    );
     if (getUserRes.success === false) {
       return {
         success: false,

common/oko_types/src/tss/keygen_ed25519.ts

@@ -1,21 +1,26 @@
-import type { TeddsaKeygenOutput } from "@oko-wallet/teddsa-interface";
-
 import type { AuthType, OAuthRequest } from "../auth";
 
-export interface TeddsaKeygenOutputWithPublicKey extends TeddsaKeygenOutput {
+// NOTE: This matches NAPI addon's KeygenOutput structure (serialized bytes)
+export interface KeygenEd25519Output {
+  key_package: number[];
+  public_key_package: number[];
+  identifier: number[];
+}
+
+export interface KeygenEd25519OutputWithPublicKey extends KeygenEd25519Output {
   public_key: number[];
 }
 
 export interface KeygenEd25519Request {
   auth_type: AuthType;
   user_identifier: string;
-  keygen_2: TeddsaKeygenOutputWithPublicKey;
+  keygen_2: KeygenEd25519OutputWithPublicKey;
   email?: string;
   name?: string;
 }
 
 export type KeygenEd25519Body = {
-  keygen_2: TeddsaKeygenOutputWithPublicKey;
+  keygen_2: KeygenEd25519OutputWithPublicKey;
 };
 
 export type KeygenEd25519RequestBody = OAuthRequest<KeygenEd25519Body>;

common/oko_types/src/tss/sign_ed25519.ts

@@ -1,8 +1,6 @@
 import type {
-  TeddsaSignRound1Output,
-  TeddsaSignRound2Output,
-  TeddsaCommitmentEntry,
-  TeddsaSignatureShareEntry,
+  CommitmentEntry,
+  SignatureShareEntry,
 } from "@oko-wallet/teddsa-interface";
 
 export interface SignEd25519Round1Request {
@@ -14,7 +12,7 @@ export interface SignEd25519Round1Request {
 
 export interface SignEd25519Round1Response {
   session_id: string;
-  commitments_0: TeddsaCommitmentEntry;
+  commitments_0: CommitmentEntry;
 }
 
 export type SignEd25519Round1Body = {
@@ -25,24 +23,24 @@ export interface SignEd25519Round2Request {
   email: string;
   wallet_id: string;
   session_id: string;
-  commitments_1: TeddsaCommitmentEntry;
+  commitments_1: CommitmentEntry;
 }
 
 export interface SignEd25519Round2Response {
-  signature_share_0: TeddsaSignatureShareEntry;
+  signature_share_0: SignatureShareEntry;
 }
 
 export type SignEd25519Round2Body = {
   session_id: string;
-  commitments_1: TeddsaCommitmentEntry;
+  commitments_1: CommitmentEntry;
 };
 
 export interface SignEd25519AggregateRequest {
   email: string;
   wallet_id: string;
   msg: number[];
-  all_commitments: TeddsaCommitmentEntry[];
-  all_signature_shares: TeddsaSignatureShareEntry[];
+  all_commitments: CommitmentEntry[];
+  all_signature_shares: SignatureShareEntry[];
 }
 
 export interface SignEd25519AggregateResponse {
@@ -51,19 +49,15 @@ export interface SignEd25519AggregateResponse {
 
 export type SignEd25519AggregateBody = {
   msg: number[];
-  all_commitments: TeddsaCommitmentEntry[];
-  all_signature_shares: TeddsaSignatureShareEntry[];
+  all_commitments: CommitmentEntry[];
+  all_signature_shares: SignatureShareEntry[];
 };
 
 export interface SignEd25519ServerState {
   nonces: number[];
   identifier: number[];
 }
 
-// ============================================
-// Presign Ed25519 Types (message-independent)
-// ============================================
-
 export interface PresignEd25519Request {
   email: string;
   wallet_id: string;
@@ -72,29 +66,25 @@ export interface PresignEd25519Request {
 
 export interface PresignEd25519Response {
   session_id: string;
-  commitments_0: TeddsaCommitmentEntry;
+  commitments_0: CommitmentEntry;
 }
 
 export type PresignEd25519Body = Record<string, never>;
 
-// ============================================
-// Sign Ed25519 Types (using presign session)
-// ============================================
-
 export interface SignEd25519Request {
   email: string;
   wallet_id: string;
   session_id: string;
   msg: number[];
-  commitments_1: TeddsaCommitmentEntry;
+  commitments_1: CommitmentEntry;
 }
 
 export interface SignEd25519Response {
-  signature_share_0: TeddsaSignatureShareEntry;
+  signature_share_0: SignatureShareEntry;
 }
 
 export type SignEd25519Body = {
   session_id: string;
   msg: number[];
-  commitments_1: TeddsaCommitmentEntry;
+  commitments_1: CommitmentEntry;
 };

crypto/teddsa/teddsa_addon/src/server/index.ts

@@ -1,10 +1,7 @@
+// NOTE: NAPI addon returns serialized bytes, different from WASM Raw types
 import type {
-  TeddsaCentralizedKeygenOutput,
-  TeddsaSignRound1Output,
-  TeddsaSignRound2Output,
-  TeddsaAggregateOutput,
-  TeddsaCommitmentEntry,
-  TeddsaSignatureShareEntry,
+  CommitmentEntry,
+  SignatureShareEntry,
 } from "@oko-wallet/teddsa-interface";
 
 import {
@@ -16,28 +13,56 @@ import {
   napiVerifyEd25519,
 } from "../../addon/index.js";
 
-export function runKeygenCentralizedEd25519(): TeddsaCentralizedKeygenOutput {
+// NOTE: NAPI-specific types (serialized bytes format)
+export interface NapiKeygenOutput {
+  key_package: number[];
+  public_key_package: number[];
+  identifier: number[];
+}
+
+export interface NapiCentralizedKeygenOutput {
+  private_key: number[];
+  keygen_outputs: NapiKeygenOutput[];
+  public_key: number[];
+}
+
+export interface NapiSigningCommitmentOutput {
+  nonces: number[];
+  commitments: number[];
+  identifier: number[];
+}
+
+export interface NapiSignatureShareOutput {
+  signature_share: number[];
+  identifier: number[];
+}
+
+export interface NapiSignatureOutput {
+  signature: number[];
+}
+
+export function runKeygenCentralizedEd25519(): NapiCentralizedKeygenOutput {
   return napiKeygenCentralizedEd25519();
 }
 
 export function runKeygenImportEd25519(
   secretKey: Uint8Array,
-): TeddsaCentralizedKeygenOutput {
+): NapiCentralizedKeygenOutput {
   return napiKeygenImportEd25519(Array.from(secretKey));
 }
 
 export function runSignRound1Ed25519(
   keyPackage: Uint8Array,
-): TeddsaSignRound1Output {
+): NapiSigningCommitmentOutput {
   return napiSignRound1Ed25519(Array.from(keyPackage));
 }
 
 export function runSignRound2Ed25519(
   message: Uint8Array,
   keyPackage: Uint8Array,
   nonces: Uint8Array,
-  allCommitments: TeddsaCommitmentEntry[],
-): TeddsaSignRound2Output {
+  allCommitments: CommitmentEntry[],
+): NapiSignatureShareOutput {
   return napiSignRound2Ed25519(
     Array.from(message),
     Array.from(keyPackage),
@@ -48,10 +73,10 @@ export function runSignRound2Ed25519(
 
 export function runAggregateEd25519(
   message: Uint8Array,
-  allCommitments: TeddsaCommitmentEntry[],
-  allSignatureShares: TeddsaSignatureShareEntry[],
+  allCommitments: CommitmentEntry[],
+  allSignatureShares: SignatureShareEntry[],
   publicKeyPackage: Uint8Array,
-): TeddsaAggregateOutput {
+): NapiSignatureOutput {
   return napiAggregateEd25519(
     Array.from(message),
     allCommitments,