feat(root): enable passing apiKey for recovery on eth likes

[mohammadalfaiyazbitgo]

Ticket: WP-5348

[margueriteblair]

Remove TICKET: [WP-000000](https://bitgoinc.atlassian.net/browse/WP-000000) from PR desc?

[Copilot]

Pull Request Overview

This PR enables passing a custom API key for recovery operations on Ethereum-like blockchain networks instead of relying solely on environment-configured API keys. The changes provide more flexibility for recovery operations by allowing users to specify their own blockchain explorer API keys.

• Adds optional apiKey parameter to recoveryBlockchainExplorerQuery methods across all ETH-like coin implementations
• Updates recovery logic to propagate the custom API key through all blockchain explorer queries
• Adds comprehensive test coverage to verify custom API key usage during recovery operations

Reviewed Changes

Copilot reviewed 20 out of 20 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
modules/abstract-eth/src/abstractEthLikeNewCoins.ts	Core implementation adding apiKey parameter to recovery methods and explorer queries
modules/sdk-coin-eth/src/eth.ts	ETH coin implementation with apiKey support and updated recovery logic
modules/sdk-coin-eth/src/erc20Token.ts	ERC20 token recovery with apiKey propagation
modules/sdk-coin-/src/.ts	Individual coin implementations adding apiKey parameter to recoveryBlockchainExplorerQuery
modules/bitgo/test/v2/unit/recovery.ts	Comprehensive test coverage for API key usage in recovery
modules/sdk-coin-eth/test/unit/eth.ts	Unit tests verifying API key override functionality

Comments suppressed due to low confidence (1)

modules/sdk-coin-eth/test/unit/eth.ts:1076

• The test mocks the global request.get function which could affect other tests if not properly isolated. Consider using a more targeted mocking approach like sinon.stub to avoid potential test interference.

      request.get = function (url: string) {

[Copilot]

[nitpick] Use consistent operator choice with other implementations. Other files use || operator for the same pattern, but this file uses ??. Consider using || for consistency across the codebase.

Suggested change

	const apiToken = apiKey ?? common.Environments[this.bitgo.getEnv()][this.getFamily().toLowerCase() + 'ApiToken'];
	const apiToken = apiKey || common.Environments[this.bitgo.getEnv()][this.getFamily().toLowerCase() + 'ApiToken'];

[Copilot]

The change from _.isUndefined() to strict equality checks removes the lodash dependency but may have different behavior for null values. Consider using == null to check for both undefined and null, or ensure this change is intentional.

[Copilot]

The validation logic now includes !params.isUnsignedSweep condition but this parameter is optional and may be undefined. Consider using params.isUnsignedSweep !== true to be more explicit about falsy values.

Suggested change

	!params.isUnsignedSweep &&
	params.isUnsignedSweep !== true &&

[mullapudipruthvik]

may I know why are we adding apikey here instead of doingnew BitGoAPI({ env: environment, etherscanApiToken: apiKey });

[mohammadalfaiyazbitgo]

The motivation is to make recoveries have a similar interface across coins. If you look at UTXO recoveries,

BitGoJS/modules/abstract-utxo/src/recovery/crossChainRecovery.ts

Line 397 in 7f0604a

type RecoverParams = {

they expose an API key param as well. Which to me makes sense as you only need the api key at time of recovery, which may not be when the bitgo object is initiated, so this flow is more flexible when it comes to usage.

[zahin-mohammad]

This is relevant for applications like WRW