dwallet-labs · ycscaly · Feb 23, 2026 · Feb 23, 2026 · Feb 23, 2026 · Feb 23, 2026
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -73,13 +73,13 @@ unexpected_cfgs = { level = "warn", check-cfg = [
 [workspace.dependencies]
 crypto-bigint = { version = "0.7.0-pre.9", default-features = false, features = ["serde"] }
 
-mpc = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "a204b2a3"}
-proof = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "a204b2a3"}
-class_groups = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "a204b2a3", features = ["threshold"] }
-commitment = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "a204b2a3" }
-twopc_mpc = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "a204b2a3"}
-group = { git = "https://github.com/dwallet-labs/cryptography-private", features = ["os_rng"], rev = "a204b2a3"}
-homomorphic_encryption = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "a204b2a3"}
+mpc = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "70092a93de2144d19f2c0744b289af58e0e4219c"}
+proof = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "70092a93de2144d19f2c0744b289af58e0e4219c"}
+class_groups = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "70092a93de2144d19f2c0744b289af58e0e4219c", features = ["threshold"] }
+commitment = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "70092a93de2144d19f2c0744b289af58e0e4219c" }
+twopc_mpc = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "70092a93de2144d19f2c0744b289af58e0e4219c"}
+group = { git = "https://github.com/dwallet-labs/cryptography-private", features = ["os_rng"], rev = "70092a93de2144d19f2c0744b289af58e0e4219c"}
+homomorphic_encryption = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "70092a93de2144d19f2c0744b289af58e0e4219c"}
 
 k256 = { version = "0.14.0-pre.11", default-features = false }
 p256 = { version = "0.14.0-pre.11", default-features = false }
@@ -336,5 +336,6 @@ ika-network = { path = "crates/ika-network" }
 ika-archival = { path = "crates/ika-archival" }
 
 [patch.crates-io]
-crypto-bigint = { git = "https://github.com/ycscaly/crypto-bigint.git", rev = "8aabcee5" }
-rfc6979 = { git = "https://github.com/RustCrypto/signatures", tag = "rfc6979/v0.5.0-rc.1" }
+crypto-bigint = { git = "https://github.com/ycscaly/crypto-bigint.git", rev = "8aabcee553b25f9f619722391de33edbe2f7412c" }
+rfc6979 = { git = "https://github.com/RustCrypto/signatures", tag = "rfc6979/v0.5.0-rc.1" }
+der = { git = "https://github.com/RustCrypto/formats", tag = "der/v0.8.0-rc.8" }
@@ -6,7 +6,7 @@ version.workspace = true
 [dependencies]
 mpc.workspace = true
 twopc_mpc.workspace = true
-commitment = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "a204b2a3" }
+commitment = { git = "https://github.com/dwallet-labs/cryptography-private", rev = "70092a93de2144d19f2c0744b289af58e0e4219c" }
 web-sys = "0.3.77"
 class_groups.workspace = true
 group.workspace = true
@@ -29,8 +29,4 @@ crypto-bigint.workspace = true
 wasm_js = ["group/wasm_js", "dep:getrandom"]
 
 [lints]
-workspace = true
-
-[patch.crates-io]
-crypto-bigint = { git = "https://github.com/ycscaly/crypto-bigint.git", rev = "8aabcee5" }
-rfc6979 = { git = "https://github.com/RustCrypto/signatures", tag = "rfc6979/v0.5.0-rc.1" }
+workspace = true
@@ -22,7 +22,4 @@ p256.workspace = true
 curve25519-dalek.workspace = true
 
 [lints]
-workspace = true
-
-[patch.crates-io]
-crypto-bigint = { git = "https://github.com/ycscaly/crypto-bigint.git", rev = "8aabcee5" }
+workspace = true
@@ -2424,8 +2424,8 @@ mod tests {
         SessionIdentifier::new(SessionType::InternalPresign, preimage)
     }
 
-    #[test]
-    fn test_insert_and_pop_presign() {
+    #[tokio::test]
+    async fn test_insert_and_pop_presign() {
         let tables = create_tables();
         let key_id = ObjectID::random();
         let algorithm = DWalletSignatureAlgorithm::ECDSASecp256k1;
@@ -2451,8 +2451,8 @@ mod tests {
         assert!(tables.pop_presign(algorithm, key_id).unwrap().is_none());
     }
 
-    #[test]
-    fn test_presign_pool_isolation_across_key_ids() {
+    #[tokio::test]
+    async fn test_presign_pool_isolation_across_key_ids() {
         let tables = create_tables();
         let key_id_a = ObjectID::random();
         let key_id_b = ObjectID::random();
@@ -2493,8 +2493,8 @@ mod tests {
         assert_eq!(presign, vec![21u8]);
     }
 
-    #[test]
-    fn test_pop_presign_ordering_across_sessions() {
+    #[tokio::test]
+    async fn test_pop_presign_ordering_across_sessions() {
         let tables = create_tables();
         let key_id = ObjectID::random();
         let algorithm = DWalletSignatureAlgorithm::ECDSASecp256k1;
@@ -2543,8 +2543,8 @@ mod tests {
         assert!(tables.pop_presign(algorithm, key_id).unwrap().is_none());
     }
 
-    #[test]
-    fn test_pop_from_empty_pool() {
+    #[tokio::test]
+    async fn test_pop_from_empty_pool() {
         let tables = create_tables();
         let key_id = ObjectID::random();
         let algorithm = DWalletSignatureAlgorithm::ECDSASecp256k1;
@@ -2553,8 +2553,8 @@ mod tests {
         assert_eq!(tables.presign_pool_size(algorithm, key_id).unwrap(), 0);
     }
 
-    #[test]
-    fn test_multiple_presigns_per_session() {
+    #[tokio::test]
+    async fn test_multiple_presigns_per_session() {
         let tables = create_tables();
         let key_id = ObjectID::random();
         let algorithm = DWalletSignatureAlgorithm::ECDSASecp256k1;
@@ -2582,8 +2582,8 @@ mod tests {
         assert!(tables.pop_presign(algorithm, key_id).unwrap().is_none());
     }
 
-    #[test]
-    fn test_presign_pool_isolation_across_algorithms() {
+    #[tokio::test]
+    async fn test_presign_pool_isolation_across_algorithms() {
         let tables = create_tables();
         let key_id = ObjectID::random();
         let ecdsa = DWalletSignatureAlgorithm::ECDSASecp256k1;

@@ -43,8 +43,7 @@ use ika_types::message::{
 };
 use ika_types::messages_consensus::ConsensusTransaction;
 use ika_types::messages_dwallet_mpc::{
-    DWalletNetworkEncryptionKeyState, InternalSessionsStatusUpdate, SessionIdentifier,
-    UserSecretKeyShareEventType,
+    InternalSessionsStatusUpdate, SessionIdentifier, UserSecretKeyShareEventType,
 };
 use ika_types::sui::EpochStartSystem;
 use ika_types::sui::{EpochStartSystemTrait, EpochStartValidatorInfoTrait};
@@ -174,7 +173,7 @@ impl DWalletMPCService {
     ) -> Self {
         DWalletMPCService {
             last_read_consensus_round: Some(0),
-            epoch_store,
+            epoch_store: epoch_store.clone(),
             dwallet_submit_to_consensus,
             state: authority_state,
             dwallet_checkpoint_service: checkpoint_service,
@@ -351,12 +350,7 @@ impl DWalletMPCService {
             all_key_data
                 .values()
                 .filter(|data| !self.sent_network_key_ids.contains(&data.id))
-                .filter(|data| {
-                    !matches!(
-                        data.state,
-                        AwaitingNetworkDKG
-                    )
-                })
+                .filter(|data| !matches!(&data.state, ika_types::messages_dwallet_mpc::DWalletNetworkEncryptionKeyState::AwaitingNetworkDKG))
                 .cloned()
                 .collect()
         };

@@ -112,7 +112,7 @@ async fn test_status_updates_distributed_through_consensus() {
         test_state.consensus_round += 1;
 
         for service in test_state.dwallet_mpc_services.iter_mut() {
-            service.run_service_loop_iteration().await;
+            service.run_service_loop_iteration(vec![]).await;
         }
 
         // Check status updates in epoch stores
@@ -205,7 +205,7 @@ async fn test_weighted_majority_voting_on_idle_status() {
         test_state.consensus_round += 1;
 
         for service in test_state.dwallet_mpc_services.iter_mut() {
-            service.run_service_loop_iteration().await;
+            service.run_service_loop_iteration(vec![]).await;
         }
     }
 

@@ -67,13 +67,25 @@ async fn test_some_malicious_validators_flows_succeed() {
 
     for malicious_party_index in malicious_parties {
         // Create a malicious message for round 1, and set it as the patty's message.
+        // Find the first DWalletMPCMessage by type, skipping any InternalSessionsStatusUpdate
+        // entries that may precede it.
+        let message_index = {
+            let submitted = sent_consensus_messages_collectors[malicious_party_index]
+                .submitted_messages
+                .lock()
+                .unwrap();
+            submitted
+                .iter()
+                .position(|msg| matches!(msg.kind, ConsensusTransactionKind::DWalletMPCMessage(_)))
+                .expect("Network DKG first round should produce a DWalletMPCMessage")
+        };
         let mut original_message = sent_consensus_messages_collectors[malicious_party_index]
             .submitted_messages
             .lock()
             .unwrap()
-            .remove(0);
+            .remove(message_index);
         let ConsensusTransactionKind::DWalletMPCMessage(ref mut msg) = original_message.kind else {
-            panic!("Network DKG first round should produce a DWalletMPCMessage");
+            unreachable!("index was verified to be a DWalletMPCMessage above");
         };
         let mut new_message: Vec<u8> = vec![0];
         new_message.extend(bcs::to_bytes::<u64>(&1).unwrap());
@@ -250,28 +262,40 @@ pub(crate) fn replace_party_message_with_other_party_message(
     other_party: usize,
     sent_consensus_messages_collectors: &mut [Arc<TestingSubmitToConsensus>],
 ) {
-    let original_message = sent_consensus_messages_collectors[party_to_replace]
-        .submitted_messages
-        .lock()
-        .unwrap()
-        .pop()
-        .unwrap();
+    // The DWalletMPCMessage is the last DWalletMPCMessage in the submitted messages
+    // (status updates may follow it, but we want the most recent computation result).
+    let original_message = {
+        let mut submitted = sent_consensus_messages_collectors[party_to_replace]
+            .submitted_messages
+            .lock()
+            .unwrap();
+        let index = submitted
+            .iter()
+            .rposition(|msg| matches!(msg.kind, ConsensusTransactionKind::DWalletMPCMessage(_)))
+            .expect("party_to_replace should have a DWalletMPCMessage to replace");
+        submitted.remove(index)
+    };
 
-    let mut other_party_message = sent_consensus_messages_collectors[other_party]
-        .submitted_messages
-        .lock()
-        .unwrap()
-        .first()
-        .unwrap()
-        .clone();
+    // The other party's DWalletMPCMessage may be preceded by status updates; find it by type.
+    let mut other_party_message = {
+        let submitted = sent_consensus_messages_collectors[other_party]
+            .submitted_messages
+            .lock()
+            .unwrap();
+        submitted
+            .iter()
+            .find(|msg| matches!(msg.kind, ConsensusTransactionKind::DWalletMPCMessage(_)))
+            .expect("other_party should have a DWalletMPCMessage to copy")
+            .clone()
+    };
     let ConsensusTransactionKind::DWalletMPCMessage(ref mut other_party_message_content) =
         other_party_message.kind
     else {
-        panic!("Only DWalletMPCMessage messages can be replaced with other party messages");
+        unreachable!("index was verified to be a DWalletMPCMessage above");
     };
     let ConsensusTransactionKind::DWalletMPCMessage(original_message) = original_message.kind
     else {
-        panic!("Only DWalletMPCMessage messages can be replaced with other party messages");
+        unreachable!("index was verified to be a DWalletMPCMessage above");
     };
     other_party_message_content.authority = original_message.authority;
     sent_consensus_messages_collectors[party_to_replace]

@@ -49,7 +49,7 @@ async fn some_parties_receive_mpc_message_before_session_start_event() {
         consensus_round,
     );
     for dwallet_mpc_service in dwallet_mpc_services.iter_mut() {
-        dwallet_mpc_service.run_service_loop_iteration().await;
+        dwallet_mpc_service.run_service_loop_iteration(vec![]).await;
     }
     consensus_round += 1;
     for i in &parties_that_receive_session_message_before_start_event {

@@ -102,7 +102,7 @@ async fn network_key_received_after_start_event() {
         key_id.unwrap(),
     );
     for dwallet_mpc_service in test_state.dwallet_mpc_services.iter_mut() {
-        dwallet_mpc_service.run_service_loop_iteration().await;
+        dwallet_mpc_service.run_service_loop_iteration(vec![]).await;
     }
     for i in &parties_that_receive_network_key_after_start_event {
         let dwallet_mpc_service = &mut test_state.dwallet_mpc_services[*i];

@@ -169,10 +169,25 @@ pub(crate) async fn create_network_key_test(
                     },
                 )])));
         });
+    // Generate status updates containing the key data from each party's service loop.
     for service in test_state.dwallet_mpc_services.iter_mut() {
-        service.run_service_loop_iteration().await;
+        service.run_service_loop_iteration(vec![]).await;
     }
-    (consensus_round, network_key_bytes, key_id.unwrap())
+    // Distribute the key data status updates as a new consensus round so that
+    // `handle_status_updates` can vote on them and `instantiate_agreed_keys_from_voted_data`
+    // can populate `network_keys` in each party's manager.
+    utils::send_advance_results_between_parties(
+        &test_state.committee,
+        &mut test_state.sent_consensus_messages_collectors,
+        &mut test_state.epoch_stores,
+        consensus_round,
+    );
+    // Process the new round to instantiate the agreed network key in every party.
+    for service in test_state.dwallet_mpc_services.iter_mut() {
+        service.run_service_loop_iteration(vec![]).await;
+    }
+    // Return incremented consensus round so callers start from the correct round.
+    (consensus_round + 1, network_key_bytes, key_id.unwrap())
 }
 
 pub(crate) fn send_start_network_key_reconfiguration_event(