test(frost): real-crypto multi-process libp2p e2e — shape-B + distributed DKG

[mswilkison]

Stacks on the FROST/ROAST readiness branch (#3866). Adds two separate-process ("shape B") real-crypto e2es over real libp2p, complementing the in-process shape-A multinode test. Each re-execs the test binary as N worker processes that each link libfrost_tbtc.

What's added

• shape-B (roast_shapeb_libp2p_multiproc_e2e_…): dealer DKG run once in a bootstrap subprocess, the encrypted key group copied into each worker's own state dir; every worker drives the ROAST interactive-signing runner over real libp2p and independently aggregates the same BIP-340 signature (n winners, vs the shared-engine shape-A's one). Covers per-node engine/state isolation + the libp2p outer framing for the runner + ROAST + transport seam.
• distributed-DKG (roast_distributed_dkg_libp2p_multiproc_e2e_…): every worker runs the real distributed FROST DKG (part1/2/3) over libp2p, with round-2 per-recipient secret shares sealed via secp256k1 ECDH + AES-256-GCM (cleartext round-2 over a broadcast bus would let any node sum f_i(j) and reconstruct a peer's share), so each node holds only its own key package; then threshold-signs via the stateless low-level path. Closes the dealer-DKG key-custody gap end to end.

Verification

Both green standalone (stable across repeated runs) and under the full cgo gate, linking libfrost_tbtc built from the pinned signer ref (ci/frost-signer-pin.env = 6e3718ba0, unchanged):

CGO_ENABLED=1 KEEP_CORE_FROST_REQUIRE_CGO=true \
  go test -tags "frost_native frost_tbtc_signer" -run TestRealCgoInteractiveSigning ./pkg/frost/signing/

All 6 real-crypto tests pass together on this branch (4 shape-A + shape-B + distributed-DKG).

CI

The frost-cgo-integration gate already exercises both new tests — its -run 'TestRealCgoInteractiveSigning' matches them by prefix, and the pinned crate already exports the dkg_part1/2/3 + low-level sign FFI they use. No workflow change needed. (Heads-up: these are multi-process + gossipsub tests; robust locally via retransmission + warmup, but mesh-convergence time varies — if shape-B ever flakes on a slow runner, move it to a non-blocking job.)

Note

Building the distributed-DKG test confirmed dkg_part1/2/3 interoperate over the transport — but the node's DKG path (executeTBTCSignerFROSTDKG) still uses the dealer RunDKGWithSeed. Wiring distributed DKG into the node remains the readiness-gate-blocking work.

🤖 Generated with Claude Code

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: f0d45536-e355-460e-ae48-cc54e781491e

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/frost-shapeb-distributed-dkg-libp2p-e2e

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}