feat: adding resharing per-domain

crates/contract/src/dto_mapping.rs

@@ -25,7 +25,7 @@ use crate::{
         key_state::{AuthenticatedAccountId, AuthenticatedParticipantId, KeyForDomain, Keyset},
         participants::{ParticipantInfo, Participants},
         threshold_votes::ThresholdParametersVotes,
-        thresholds::ThresholdParameters,
+        thresholds::{ProposedThresholdParameters, ThresholdParameters},
     },
     state::{
         ProtocolContractState,
@@ -214,10 +214,28 @@ impl IntoContractType<Participants> for dtos::Participants {
 
 impl IntoContractType<ThresholdParameters> for dtos::ThresholdParameters {
     fn into_contract_type(self) -> ThresholdParameters {
+        // This conversion is intentionally infallible: `new_unvalidated` skips the
+        // absolute/relative (>= 60%) threshold checks. Validation is not the job of the
+        // DTO mapping — every contract entry point that accepts these parameters
+        // (`init`, `init_running`, `vote_new_parameters`) calls `validate()` /
+        // `validate_incoming_proposal` downstream, so production proposals are still
+        // rejected if they violate the threshold bounds. Deferring validation here also
+        // lets tests construct parameters with sub-production thresholds.
         ThresholdParameters::new_unvalidated(self.participants.into_contract_type(), self.threshold)
     }
 }
 
+impl IntoContractType<ProposedThresholdParameters> for dtos::ProposedThresholdParameters {
+    fn into_contract_type(self) -> ProposedThresholdParameters {
+        // Infallible for the same reason as `ThresholdParameters` above: the
+        // proposal is validated downstream in `process_new_parameters_proposal`.
+        ProposedThresholdParameters::new(
+            self.parameters.into_contract_type(),
+            self.per_domain_thresholds,
+        )
+    }
+}
+
 impl TryIntoContractType<EventLog> for dtos::EventLog {
     type Error = Error;
     fn try_into_contract_type(self) -> Result<EventLog, Self::Error> {
@@ -636,6 +654,12 @@ mod to_dto {
         }
     }
 
+    impl From<ProposedThresholdParameters> for dtos::ProposedThresholdParameters {
+        fn from(params: ProposedThresholdParameters) -> Self {
+            (&params).into_dto_type()
+        }
+    }
+
     impl From<ParticipantInfo> for dtos::ParticipantInfo {
         fn from(info: ParticipantInfo) -> Self {
             dtos::ParticipantInfo {
@@ -729,6 +753,15 @@ impl IntoInterfaceType<dtos::ThresholdParameters> for &ThresholdParameters {
     }
 }
 
+impl IntoInterfaceType<dtos::ProposedThresholdParameters> for &ProposedThresholdParameters {
+    fn into_dto_type(self) -> dtos::ProposedThresholdParameters {
+        dtos::ProposedThresholdParameters {
+            parameters: self.parameters().into_dto_type(),
+            per_domain_thresholds: self.per_domain_thresholds().clone(),
+        }
+    }
+}
+
 // --- Voting types ---
 
 impl IntoInterfaceType<dtos::ThresholdParametersVotes> for &ThresholdParametersVotes {
@@ -853,6 +886,7 @@ impl IntoInterfaceType<dtos::ResharingContractState> for &ResharingContractState
                 .iter()
                 .map(|a| a.into_dto_type())
                 .collect(),
+            per_domain_thresholds: self.per_domain_thresholds.clone(),
         }
     }
 }

crates/contract/src/errors.rs

@@ -261,6 +261,10 @@ pub enum DomainError {
         "Reconstruction threshold {threshold} overflowed when computing the DamgardEtAl bound."
     )]
     ReconstructionThresholdOverflow { threshold: u64 },
+    #[error(
+        "Resharing proposal references domain ID {domain_id}, which is not in the current registry."
+    )]
+    UnknownDomainInProposal { domain_id: DomainId },
     #[error("CaitSith threshold mismatch: expected {expected}, found {found}.")]
     CaitsithThresholdMismatch { expected: u64, found: u64 },
 }

crates/contract/src/lib.rs

@@ -79,7 +79,7 @@ use primitives::{
     domain::DomainRegistry,
     key_state::{AuthenticatedParticipantId, EpochId, KeyEventId, Keyset},
     signature::{SignRequestArgs, SignatureRequest, YieldIndex},
-    thresholds::{Threshold, ThresholdParameters},
+    thresholds::{ProposedThresholdParameters, Threshold, ThresholdParameters},
 };
 use tee::measurements::{ContractExpectedMeasurements, MeasurementVoteAction, MeasurementVotes};
 use tee::proposal::{CodeHashesVotes, LauncherHashVotes};
@@ -873,10 +873,10 @@ impl MpcContract {
     pub fn vote_new_parameters(
         &mut self,
         prospective_epoch_id: EpochId,
-        proposal: dtos::ThresholdParameters,
+        proposal: dtos::ProposedThresholdParameters,
     ) -> Result<(), Error> {
         Self::assert_caller_is_signer();
-        let proposal: ThresholdParameters = proposal.into_contract_type();
+        let proposal: ProposedThresholdParameters = proposal.into_contract_type();
         log!(
             "vote_new_parameters: signer={}, proposal={:?}",
             env::signer_account_id(),
@@ -1604,7 +1604,11 @@ impl MpcContract {
                 )
                 .expect("Require valid threshold parameters"); // this should never happen.
                 current_params.validate_incoming_proposal(&threshold_parameters)?;
-                let res = running_state.transition_to_resharing_no_checks(&threshold_parameters);
+                // TEE-driven resharing only changes the participant set, so the
+                // per-domain reconstruction-threshold overlay is empty.
+                let proposed_parameters =
+                    ProposedThresholdParameters::new(threshold_parameters, BTreeMap::new());
+                let res = running_state.transition_to_resharing_no_checks(&proposed_parameters);
                 if let Some(resharing) = res {
                     self.protocol_state = ProtocolContractState::Resharing(resharing);
                 }
@@ -3676,7 +3680,10 @@ mod tests {
             .build();
         testing_env!(voting_context);
 
-        let proposal = ThresholdParameters::new(participants, threshold).unwrap();
+        let proposal = ProposedThresholdParameters::new(
+            ThresholdParameters::new(participants, threshold).unwrap(),
+            BTreeMap::new(),
+        );
         contract.vote_new_parameters(EpochId::new(1), (&proposal).into_dto_type())
     }
 
@@ -3781,7 +3788,10 @@ mod tests {
         // so signer_account_id (the participant) != predecessor_account_id (the forwarder).
         let (mut contract, participants, first_participant_id) = setup_tee_test_contract(3, 2);
         let threshold = Threshold::new(2);
-        let proposal = ThresholdParameters::new(participants, threshold).unwrap();
+        let proposal = ProposedThresholdParameters::new(
+            ThresholdParameters::new(participants, threshold).unwrap(),
+            BTreeMap::new(),
+        );
 
         let ctx = VMContextBuilder::new()
             .signer_account_id(first_participant_id)
@@ -5169,6 +5179,7 @@ mod tests {
                 expected_params,
             ),
             cancellation_requests: HashSet::new(),
+            per_domain_thresholds: BTreeMap::new(),
         };
 
         assert_eq!(*resharing_state, expected_resharing_state);