trezor-firmware/src/apps/wallet/sign_tx/addresses.py

from micropython import const

from trezor.crypto import base58, bech32, cashaddr
from trezor.crypto.hashlib import ripemd160, sha256
from trezor.messages import FailureType, InputScriptType
from trezor.utils import ensure

from apps.common import address_type
from apps.common.coininfo import CoinInfo
from apps.wallet.sign_tx.multisig import multisig_get_pubkeys, multisig_pubkey_index
from apps.wallet.sign_tx.scripts import (
    blake256_ripemd160_digest,
    output_script_multisig,
    output_script_native_p2wpkh_or_p2wsh,
    sha256_ripemd160_digest,
)

# supported witness version for bech32 addresses
_BECH32_WITVER = const(0x00)


class AddressError(Exception):
    pass


def get_address(
    script_type: InputScriptType, coin: CoinInfo, node, multisig=None
) -> str:

    if (
        script_type == InputScriptType.SPENDADDRESS
        or script_type == InputScriptType.SPENDMULTISIG
    ):
        if multisig:  # p2sh multisig
            pubkey = node.public_key()
            index = multisig_pubkey_index(multisig, pubkey)
            if index is None:
                raise AddressError(FailureType.ProcessError, "Public key not found")
            if coin.address_type_p2sh is None:
                raise AddressError(
                    FailureType.ProcessError, "Multisig not enabled on this coin"
                )

            pubkeys = multisig_get_pubkeys(multisig)
            address = address_multisig_p2sh(pubkeys, multisig.m, coin)
            if coin.cashaddr_prefix is not None:
                address = address_to_cashaddr(address, coin)
            return address
        if script_type == InputScriptType.SPENDMULTISIG:
            raise AddressError(FailureType.ProcessError, "Multisig details required")

        # p2pkh
        address = node.address(coin.address_type)
        if coin.cashaddr_prefix is not None:
            address = address_to_cashaddr(address, coin)
        return address

    elif script_type == InputScriptType.SPENDWITNESS:  # native p2wpkh or native p2wsh
        if not coin.segwit or not coin.bech32_prefix:
            raise AddressError(
                FailureType.ProcessError, "Segwit not enabled on this coin"
            )
        # native p2wsh multisig
        if multisig is not None:
            pubkeys = multisig_get_pubkeys(multisig)
            return address_multisig_p2wsh(pubkeys, multisig.m, coin.bech32_prefix)

        # native p2wpkh
        return address_p2wpkh(node.public_key(), coin)

    elif (
        script_type == InputScriptType.SPENDP2SHWITNESS
    ):  # p2wpkh or p2wsh nested in p2sh
        if not coin.segwit or coin.address_type_p2sh is None:
            raise AddressError(
                FailureType.ProcessError, "Segwit not enabled on this coin"
            )
        # p2wsh multisig nested in p2sh
        if multisig is not None:
            pubkeys = multisig_get_pubkeys(multisig)
            return address_multisig_p2wsh_in_p2sh(pubkeys, multisig.m, coin)

        # p2wpkh nested in p2sh
        return address_p2wpkh_in_p2sh(node.public_key(), coin)

    else:
        raise AddressError(FailureType.ProcessError, "Invalid script type")


def address_multisig_p2sh(pubkeys: bytes, m: int, coin: CoinInfo):
    if coin.address_type_p2sh is None:
        raise AddressError(
            FailureType.ProcessError, "Multisig not enabled on this coin"
        )
    redeem_script = output_script_multisig(pubkeys, m)
    if coin.decred:
        redeem_script_hash = blake256_ripemd160_digest(redeem_script)
    else:
        redeem_script_hash = sha256_ripemd160_digest(redeem_script)
    return address_p2sh(redeem_script_hash, coin)


def address_multisig_p2wsh_in_p2sh(pubkeys: bytes, m: int, coin: CoinInfo):
    if coin.address_type_p2sh is None:
        raise AddressError(
            FailureType.ProcessError, "Multisig not enabled on this coin"
        )
    witness_script = output_script_multisig(pubkeys, m)
    witness_script_hash = sha256(witness_script).digest()
    return address_p2wsh_in_p2sh(witness_script_hash, coin)


def address_multisig_p2wsh(pubkeys: bytes, m: int, hrp: str):
    if not hrp:
        raise AddressError(
            FailureType.ProcessError, "Multisig not enabled on this coin"
        )
    witness_script = output_script_multisig(pubkeys, m)
    witness_script_hash = sha256(witness_script).digest()
    return address_p2wsh(witness_script_hash, hrp)


def address_pkh(pubkey: bytes, coin: CoinInfo) -> str:
    s = address_type.tobytes(coin.address_type) + sha256_ripemd160_digest(pubkey)
    return base58.encode_check(bytes(s), coin.b58_hash)


def address_p2sh(redeem_script_hash: bytes, coin: CoinInfo) -> str:
    s = address_type.tobytes(coin.address_type_p2sh) + redeem_script_hash
    return base58.encode_check(bytes(s), coin.b58_hash)


def address_p2wpkh_in_p2sh(pubkey: bytes, coin: CoinInfo) -> str:
    pubkey_hash = ecdsa_hash_pubkey(pubkey, coin)
    redeem_script = output_script_native_p2wpkh_or_p2wsh(pubkey_hash)
    redeem_script_hash = sha256_ripemd160_digest(redeem_script)
    return address_p2sh(redeem_script_hash, coin)


def address_p2wsh_in_p2sh(witness_script_hash: bytes, coin: CoinInfo) -> str:
    redeem_script = output_script_native_p2wpkh_or_p2wsh(witness_script_hash)
    redeem_script_hash = sha256_ripemd160_digest(redeem_script)
    return address_p2sh(redeem_script_hash, coin)


def address_p2wpkh(pubkey: bytes, coin: CoinInfo) -> str:
    pubkeyhash = ecdsa_hash_pubkey(pubkey, coin)
    address = bech32.encode(coin.bech32_prefix, _BECH32_WITVER, pubkeyhash)
    if address is None:
        raise AddressError(FailureType.ProcessError, "Invalid address")
    return address


def address_p2wsh(witness_script_hash: bytes, hrp: str) -> str:
    address = bech32.encode(hrp, _BECH32_WITVER, witness_script_hash)
    if address is None:
        raise AddressError(FailureType.ProcessError, "Invalid address")
    return address


def decode_bech32_address(prefix: str, address: str) -> bytes:
    witver, raw = bech32.decode(prefix, address)
    if witver != _BECH32_WITVER:
        raise AddressError(FailureType.ProcessError, "Invalid address witness program")
    return bytes(raw)


def address_to_cashaddr(address: str, coin: CoinInfo) -> str:
    raw = base58.decode_check(address, coin.b58_hash)
    version, data = raw[0], raw[1:]
    if version == coin.address_type:
        version = cashaddr.ADDRESS_TYPE_P2KH
    elif version == coin.address_type_p2sh:
        version = cashaddr.ADDRESS_TYPE_P2SH
    else:
        raise ValueError("Unknown cashaddr address type")
    return cashaddr.encode(coin.cashaddr_prefix, version, data)


def ecdsa_hash_pubkey(pubkey: bytes, coin: CoinInfo) -> bytes:
    if pubkey[0] == 0x04:
        ensure(len(pubkey) == 65)  # uncompressed format
    elif pubkey[0] == 0x00:
        ensure(len(pubkey) == 1)  # point at infinity
    else:
        ensure(len(pubkey) == 33)  # compresssed format

    if coin.decred:
        return blake256_ripemd160_digest(pubkey)

    h = sha256(pubkey).digest()
    h = ripemd160(h).digest()
    return h


def address_short(coin: CoinInfo, address: str) -> str:
    if coin.cashaddr_prefix is not None and address.startswith(
        coin.cashaddr_prefix + ":"
    ):
        return address[len(coin.cashaddr_prefix) + 1 :]
    else:
        return address
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`from micropython import const`

src/apps/wallet/sign_tx: implement cashaddr 2018-05-24 14:38:56 +00:00			`from trezor.crypto import base58, bech32, cashaddr`
src: run isort 2018-07-03 14:20:26 +00:00			`from trezor.crypto.hashlib import ripemd160, sha256`
			`from trezor.messages import FailureType, InputScriptType`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`from trezor.utils import ensure`

apps.common: simplify address_type 2018-07-04 12:32:34 +00:00			`from apps.common import address_type`
src: run isort 2018-07-03 14:20:26 +00:00			`from apps.common.coininfo import CoinInfo`
			`from apps.wallet.sign_tx.multisig import multisig_get_pubkeys, multisig_pubkey_index`
			`from apps.wallet.sign_tx.scripts import (`
src/apps/wallet/sign_tx: re-enable Decred 2018-10-08 12:34:51 +00:00			`blake256_ripemd160_digest,`
src: run isort 2018-07-03 14:20:26 +00:00			`output_script_multisig,`
			`output_script_native_p2wpkh_or_p2wsh,`
			`sha256_ripemd160_digest,`
			`)`
signing: multisig addresses (p2sh, p2wsh in p2sh) 2018-01-24 15:12:54 +00:00
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`# supported witness version for bech32 addresses`
			`_BECH32_WITVER = const(0x00)`


			`class AddressError(Exception):`
			`pass`


src: run black 2018-07-03 14:20:58 +00:00			`def get_address(`
			`script_type: InputScriptType, coin: CoinInfo, node, multisig=None`
			`) -> str:`

			`if (`
			`script_type == InputScriptType.SPENDADDRESS`
			`or script_type == InputScriptType.SPENDMULTISIG`
			`):`
signing/addresses: SPENDADDRESS can be multisig too 2018-02-24 17:32:36 +00:00			`if multisig: # p2sh multisig`
			`pubkey = node.public_key()`
			`index = multisig_pubkey_index(multisig, pubkey)`
			`if index is None:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(FailureType.ProcessError, "Public key not found")`
signing/addresses: SPENDADDRESS can be multisig too 2018-02-24 17:32:36 +00:00			`if coin.address_type_p2sh is None:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(`
			`FailureType.ProcessError, "Multisig not enabled on this coin"`
			`)`
signing/addresses: SPENDADDRESS can be multisig too 2018-02-24 17:32:36 +00:00
src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`pubkeys = multisig_get_pubkeys(multisig)`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`address = address_multisig_p2sh(pubkeys, multisig.m, coin)`
src/apps/wallet/sign_tx: implement cashaddr 2018-05-24 14:38:56 +00:00			`if coin.cashaddr_prefix is not None:`
			`address = address_to_cashaddr(address, coin)`
			`return address`
signing/addresses: SPENDADDRESS can be multisig too 2018-02-24 17:32:36 +00:00			`if script_type == InputScriptType.SPENDMULTISIG:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(FailureType.ProcessError, "Multisig details required")`
signing/addresses: SPENDADDRESS can be multisig too 2018-02-24 17:32:36 +00:00
			`# p2pkh`
src/apps/wallet/sign_tx: implement cashaddr 2018-05-24 14:38:56 +00:00			`address = node.address(coin.address_type)`
			`if coin.cashaddr_prefix is not None:`
			`address = address_to_cashaddr(address, coin)`
			`return address`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00
wallet/address: native p2wsh multisig get_address 2018-02-12 13:08:43 +00:00			`elif script_type == InputScriptType.SPENDWITNESS: # native p2wpkh or native p2wsh`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`if not coin.segwit or not coin.bech32_prefix:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(`
			`FailureType.ProcessError, "Segwit not enabled on this coin"`
			`)`
wallet/address: native p2wsh multisig get_address 2018-02-12 13:08:43 +00:00			`# native p2wsh multisig`
			`if multisig is not None:`
src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`pubkeys = multisig_get_pubkeys(multisig)`
			`return address_multisig_p2wsh(pubkeys, multisig.m, coin.bech32_prefix)`
wallet/address: native p2wsh multisig get_address 2018-02-12 13:08:43 +00:00
			`# native p2wpkh`
src/apps/wallet/sign_tx: re-enable Decred 2018-10-08 12:34:51 +00:00			`return address_p2wpkh(node.public_key(), coin)`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00
src: run black 2018-07-03 14:20:58 +00:00			`elif (`
			`script_type == InputScriptType.SPENDP2SHWITNESS`
			`): # p2wpkh or p2wsh nested in p2sh`
signing: p2sh and witness native addresses 2018-01-24 10:07:31 +00:00			`if not coin.segwit or coin.address_type_p2sh is None:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(`
			`FailureType.ProcessError, "Segwit not enabled on this coin"`
			`)`
wallet/address: native p2wsh multisig get_address 2018-02-12 13:08:43 +00:00			`# p2wsh multisig nested in p2sh`
wallet/address: p2wsh get_address 2018-02-12 12:35:41 +00:00			`if multisig is not None:`
src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`pubkeys = multisig_get_pubkeys(multisig)`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`return address_multisig_p2wsh_in_p2sh(pubkeys, multisig.m, coin)`
wallet/address: p2wsh get_address 2018-02-12 12:35:41 +00:00
wallet/address: native p2wsh multisig get_address 2018-02-12 13:08:43 +00:00			`# p2wpkh nested in p2sh`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`return address_p2wpkh_in_p2sh(node.public_key(), coin)`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00
			`else:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(FailureType.ProcessError, "Invalid script type")`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00

Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`def address_multisig_p2sh(pubkeys: bytes, m: int, coin: CoinInfo):`
			`if coin.address_type_p2sh is None:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(`
			`FailureType.ProcessError, "Multisig not enabled on this coin"`
			`)`
src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`redeem_script = output_script_multisig(pubkeys, m)`
src/apps/wallet/sign_tx: re-enable Decred 2018-10-08 12:34:51 +00:00			`if coin.decred:`
			`redeem_script_hash = blake256_ripemd160_digest(redeem_script)`
			`else:`
			`redeem_script_hash = sha256_ripemd160_digest(redeem_script)`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`return address_p2sh(redeem_script_hash, coin)`
signing: multisig addresses (p2sh, p2wsh in p2sh) 2018-01-24 15:12:54 +00:00

Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`def address_multisig_p2wsh_in_p2sh(pubkeys: bytes, m: int, coin: CoinInfo):`
			`if coin.address_type_p2sh is None:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(`
			`FailureType.ProcessError, "Multisig not enabled on this coin"`
			`)`
src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`witness_script = output_script_multisig(pubkeys, m)`
			`witness_script_hash = sha256(witness_script).digest()`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`return address_p2wsh_in_p2sh(witness_script_hash, coin)`
signing: multisig addresses (p2sh, p2wsh in p2sh) 2018-01-24 15:12:54 +00:00

wallet/address: native p2wsh multisig get_address 2018-02-12 13:08:43 +00:00			`def address_multisig_p2wsh(pubkeys: bytes, m: int, hrp: str):`
src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`if not hrp:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(`
			`FailureType.ProcessError, "Multisig not enabled on this coin"`
			`)`
src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`witness_script = output_script_multisig(pubkeys, m)`
			`witness_script_hash = sha256(witness_script).digest()`
			`return address_p2wsh(witness_script_hash, hrp)`
signing: multisig addresses (p2sh, p2wsh in p2sh) 2018-01-24 15:12:54 +00:00

Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`def address_pkh(pubkey: bytes, coin: CoinInfo) -> str:`
apps.common: simplify address_type 2018-07-04 12:32:34 +00:00			`s = address_type.tobytes(coin.address_type) + sha256_ripemd160_digest(pubkey)`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`return base58.encode_check(bytes(s), coin.b58_hash)`
src/apps/wallet: implement SignMessage/VerifyMessage for Segwit 2018-02-27 16:25:09 +00:00

Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`def address_p2sh(redeem_script_hash: bytes, coin: CoinInfo) -> str:`
apps.common: simplify address_type 2018-07-04 12:32:34 +00:00			`s = address_type.tobytes(coin.address_type_p2sh) + redeem_script_hash`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`return base58.encode_check(bytes(s), coin.b58_hash)`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00

Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`def address_p2wpkh_in_p2sh(pubkey: bytes, coin: CoinInfo) -> str:`
src/apps/wallet/sign_tx: re-enable Decred 2018-10-08 12:34:51 +00:00			`pubkey_hash = ecdsa_hash_pubkey(pubkey, coin)`
src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`redeem_script = output_script_native_p2wpkh_or_p2wsh(pubkey_hash)`
			`redeem_script_hash = sha256_ripemd160_digest(redeem_script)`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`return address_p2sh(redeem_script_hash, coin)`
signing: p2sh and witness native addresses 2018-01-24 10:07:31 +00:00

Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`def address_p2wsh_in_p2sh(witness_script_hash: bytes, coin: CoinInfo) -> str:`
src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`redeem_script = output_script_native_p2wpkh_or_p2wsh(witness_script_hash)`
			`redeem_script_hash = sha256_ripemd160_digest(redeem_script)`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`return address_p2sh(redeem_script_hash, coin)`
signing: p2sh and witness native addresses 2018-01-24 10:07:31 +00:00

src/apps/wallet/sign_tx: re-enable Decred 2018-10-08 12:34:51 +00:00			`def address_p2wpkh(pubkey: bytes, coin: CoinInfo) -> str:`
			`pubkeyhash = ecdsa_hash_pubkey(pubkey, coin)`
			`address = bech32.encode(coin.bech32_prefix, _BECH32_WITVER, pubkeyhash)`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`if address is None:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(FailureType.ProcessError, "Invalid address")`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`return address`


src/apps/wallet/sign_tx: cleanup and split scripts/addresses 2018-02-24 22:23:19 +00:00			`def address_p2wsh(witness_script_hash: bytes, hrp: str) -> str:`
			`address = bech32.encode(hrp, _BECH32_WITVER, witness_script_hash)`
signing: p2sh and witness native addresses 2018-01-24 10:07:31 +00:00			`if address is None:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(FailureType.ProcessError, "Invalid address")`
signing: p2sh and witness native addresses 2018-01-24 10:07:31 +00:00			`return address`


wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`def decode_bech32_address(prefix: str, address: str) -> bytes:`
			`witver, raw = bech32.decode(prefix, address)`
			`if witver != _BECH32_WITVER:`
src: run black 2018-07-03 14:20:58 +00:00			`raise AddressError(FailureType.ProcessError, "Invalid address witness program")`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`return bytes(raw)`


src/apps/wallet/sign_tx: implement cashaddr 2018-05-24 14:38:56 +00:00			`def address_to_cashaddr(address: str, coin: CoinInfo) -> str:`
Introduce coininfo.b58_hash 2018-07-01 16:47:43 +00:00			`raw = base58.decode_check(address, coin.b58_hash)`
src/apps/wallet/sign_tx: implement cashaddr 2018-05-24 14:38:56 +00:00			`version, data = raw[0], raw[1:]`
			`if version == coin.address_type:`
			`version = cashaddr.ADDRESS_TYPE_P2KH`
			`elif version == coin.address_type_p2sh:`
			`version = cashaddr.ADDRESS_TYPE_P2SH`
			`else:`
src: run black 2018-07-03 14:20:58 +00:00			`raise ValueError("Unknown cashaddr address type")`
src/apps/wallet/sign_tx: implement cashaddr 2018-05-24 14:38:56 +00:00			`return cashaddr.encode(coin.cashaddr_prefix, version, data)`


src/apps/wallet/sign_tx: re-enable Decred 2018-10-08 12:34:51 +00:00			`def ecdsa_hash_pubkey(pubkey: bytes, coin: CoinInfo) -> bytes:`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`if pubkey[0] == 0x04:`
			`ensure(len(pubkey) == 65) # uncompressed format`
			`elif pubkey[0] == 0x00:`
src: run black 2018-07-03 14:20:58 +00:00			`ensure(len(pubkey) == 1) # point at infinity`
wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`else:`
			`ensure(len(pubkey) == 33) # compresssed format`
src/apps/wallet/sign_tx: re-enable Decred 2018-10-08 12:34:51 +00:00
			`if coin.decred:`
			`return blake256_ripemd160_digest(pubkey)`

wallet/signing: extract addresses.py 2017-11-23 16:30:43 +00:00			`h = sha256(pubkey).digest()`
			`h = ripemd160(h).digest()`
			`return h`
src/apps/wallet/sign_tx: refactor address_short function 2018-06-28 09:21:07 +00:00

			`def address_short(coin: CoinInfo, address: str) -> str:`
src: run black 2018-07-03 14:20:58 +00:00			`if coin.cashaddr_prefix is not None and address.startswith(`
			`coin.cashaddr_prefix + ":"`
			`):`
			`return address[len(coin.cashaddr_prefix) + 1 :]`
src/apps/wallet/sign_tx: refactor address_short function 2018-06-28 09:21:07 +00:00			`else:`
			`return address`