fix: loading an authenticator info in check_move_account

crates/iota-core/src/authority.rs

@@ -54,14 +54,14 @@ use iota_storage::{
 use iota_types::committee::CommitteeTrait;
 use iota_types::{
     IOTA_SYSTEM_ADDRESS, TypeTag,
-    account::{AUTHENTICATOR_DF_NAME, AuthenticatorInfoV1},
+    account::{self, AuthenticatorInfoV1},
     authenticator_state::get_authenticator_state,
     base_types::*,
     committee::{Committee, EpochId, ProtocolVersion},
     crypto::{AuthoritySignInfo, AuthoritySignature, RandomnessRound, Signer, default_hash},
     deny_list_v1::check_coin_deny_list_v1_during_signing,
     digests::{ChainIdentifier, TransactionEventsDigest},
-    dynamic_field::{DynamicFieldInfo, DynamicFieldName, visitor as DFV},
+    dynamic_field::{self, DynamicFieldInfo, DynamicFieldName, Field, visitor as DFV},
     effects::{
         InputSharedObject, SignedTransactionEffects, TransactionEffects, TransactionEffectsAPI,
         TransactionEvents, VerifiedCertifiedTransactionEffects, VerifiedSignedTransactionEffects,
@@ -5287,33 +5287,41 @@ impl AuthorityState {
             );
         }
 
-        let authenticator_id = self.get_dynamic_field_object_id(
+        let authenticator_info_field_id = dynamic_field::derive_dynamic_field_id(
             auth_account_object_id,
-            AuthenticatorInfoV1::tag().into(),
-            AUTHENTICATOR_DF_NAME.as_bytes(),
-        )?;
+            &account::authenticator_df_name_type_tag(),
+            &account::authenticator_df_name_as_bcs_bytes(),
+        )
+        .map_err(|_| UserInputError::UnableToGetMoveAuthenticatorId {
+            account_object_id: auth_account_object_id,
+        })?;
 
-        if let Some(authenticator_id) = authenticator_id {
-            let authenticator_info = self
-                .get_object_cache_reader()
-                .try_find_object_lt_or_eq_version(
-                    authenticator_id,
-                    auth_account_object_seq_number,
-                )?;
+        let authenticator_info_field = self
+            .get_object_cache_reader()
+            .try_find_object_lt_or_eq_version(
+                authenticator_info_field_id,
+                auth_account_object_seq_number,
+            )?;
 
-            if let Some(authenticator_info) = authenticator_info {
-                AuthenticatorInfoV1::try_from(authenticator_info)
-            } else {
-                Err(UserInputError::MoveAuthenticatorNotFound {
-                    authenticator_object_id: authenticator_id,
-                    account_object_id: auth_account_object_id,
-                    account_object_version: auth_account_object_seq_number,
-                }
-                .into())
-            }
+        if let Some(authenticator_info_field_obj) = authenticator_info_field {
+            let field_move_object = authenticator_info_field_obj
+                .data
+                .try_as_move()
+                .expect("dynamic field should never have be a package object");
+
+            let field: Field<Vec<u8>, AuthenticatorInfoV1> =
+                bcs::from_bytes(field_move_object.contents()).map_err(|_| {
+                    UserInputError::InvalidAuthenticatorInfoField {
+                        account_object_id: auth_account_object_id,
+                    }
+                })?;
+
+            Ok(field.value)
         } else {
-            Err(UserInputError::UnableToGetMoveAuthenticatorId {
+            Err(UserInputError::MoveAuthenticatorNotFound {
+                authenticator_info_id: authenticator_info_field_id,
                 account_object_id: auth_account_object_id,
+                account_object_version: auth_account_object_seq_number,
             }
             .into())
         }

crates/iota-types/src/account.rs

@@ -1,7 +1,11 @@
 // Copyright (c) 2025 IOTA Stiftung
 // SPDX-License-Identifier: Apache-2.0
 
-use move_core_types::{ident_str, identifier::IdentStr, language_storage::StructTag};
+use move_core_types::{
+    ident_str,
+    identifier::IdentStr,
+    language_storage::{StructTag, TypeTag},
+};
 use serde::{Deserialize, Serialize};
 
 use crate::{
@@ -63,3 +67,13 @@ impl TryFrom<Object> for AuthenticatorInfoV1 {
         })
     }
 }
+
+pub fn authenticator_df_name_type_tag() -> TypeTag {
+    TypeTag::Vector(Box::new(TypeTag::U8))
+}
+
+pub fn authenticator_df_name_as_bcs_bytes() -> Vec<u8> {
+    bcs::to_bytes(&AUTHENTICATOR_DF_NAME).expect(
+        "authenticator dynamic field name serialization is expected to be finished without any errors",
+    )
+}

crates/iota-types/src/crypto.rs

@@ -1735,6 +1735,7 @@ impl SignatureScheme {
             0x04 => Ok(SignatureScheme::BLS12381),
             0x05 => Ok(SignatureScheme::ZkLoginAuthenticator),
             0x06 => Ok(SignatureScheme::PasskeyAuthenticator),
+            0x07 => Ok(SignatureScheme::MoveAuthenticator),
             _ => Err(IotaError::KeyConversion("Invalid key scheme".to_string())),
         }
     }

crates/iota-types/src/error.rs

@@ -354,15 +354,17 @@ pub enum UserInputError {
     },
 
     #[error(
-        "Move authenticator object {authenticator_object_id:?} not found for account {account_object_id:?} with version {account_object_version:?}"
+        "AuthenticatorInfo {authenticator_info_id:?} not found for account {account_object_id:?} with version {account_object_version:?}"
     )]
     MoveAuthenticatorNotFound {
-        authenticator_object_id: ObjectID,
+        authenticator_info_id: ObjectID,
         account_object_id: ObjectID,
         account_object_version: SequenceNumber,
     },
     #[error("Unable to get a Move authenticator object ID for account {account_object_id:?}")]
     UnableToGetMoveAuthenticatorId { account_object_id: ObjectID },
+    #[error("Invalid authenticator field value found for the account {account_object_id:?}")]
+    InvalidAuthenticatorInfoField { account_object_id: ObjectID },
 
     #[error("Package {package_id:?} is in the `MoveAuthenticator` input that is unsupported")]
     PackageIsInMoveAuthenticatorInput { package_id: ObjectID },