2021-12-08 09:10:58 +00:00
|
|
|
from typing import TYPE_CHECKING
|
2020-07-14 10:15:18 +00:00
|
|
|
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
from trezor.crypto import bip32
|
2022-09-19 09:17:36 +00:00
|
|
|
from trezor.wire import DataError
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
2020-07-14 10:15:18 +00:00
|
|
|
from . import paths, safety_checks
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
2021-12-08 09:10:58 +00:00
|
|
|
if TYPE_CHECKING:
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
from typing import (
|
|
|
|
Any,
|
|
|
|
Awaitable,
|
|
|
|
Callable,
|
2020-07-14 10:15:18 +00:00
|
|
|
Iterable,
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
TypeVar,
|
|
|
|
)
|
|
|
|
from typing_extensions import Protocol
|
|
|
|
|
2021-03-23 12:35:27 +00:00
|
|
|
from trezor.protobuf import MessageType
|
2022-09-19 09:17:36 +00:00
|
|
|
from .seed import Slip21Node
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
|
|
|
T = TypeVar("T")
|
|
|
|
|
|
|
|
class NodeProtocol(Protocol[paths.PathType]):
|
|
|
|
def derive_path(self, path: paths.PathType) -> None:
|
|
|
|
...
|
|
|
|
|
|
|
|
def clone(self: T) -> T:
|
|
|
|
...
|
|
|
|
|
|
|
|
def __del__(self) -> None:
|
|
|
|
...
|
|
|
|
|
|
|
|
NodeType = TypeVar("NodeType", bound=NodeProtocol)
|
|
|
|
|
|
|
|
MsgIn = TypeVar("MsgIn", bound=MessageType)
|
|
|
|
MsgOut = TypeVar("MsgOut", bound=MessageType)
|
|
|
|
|
2023-06-26 11:42:10 +00:00
|
|
|
Handler = Callable[[MsgIn], Awaitable[MsgOut]]
|
|
|
|
HandlerWithKeychain = Callable[[MsgIn, "Keychain"], Awaitable[MsgOut]]
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
|
|
|
class Deletable(Protocol):
|
|
|
|
def __del__(self) -> None:
|
|
|
|
...
|
|
|
|
|
|
|
|
|
2022-09-19 09:17:36 +00:00
|
|
|
FORBIDDEN_KEY_PATH = DataError("Forbidden key path")
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
|
|
|
|
|
|
|
class LRUCache:
|
|
|
|
def __init__(self, size: int) -> None:
|
|
|
|
self.size = size
|
2021-03-18 09:48:50 +00:00
|
|
|
self.cache_keys: list[Any] = []
|
|
|
|
self.cache: dict[Any, Deletable] = {}
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
|
|
|
def insert(self, key: Any, value: Deletable) -> None:
|
2022-09-19 09:17:36 +00:00
|
|
|
cache_keys = self.cache_keys # local_cache_attribute
|
|
|
|
|
|
|
|
if key in cache_keys:
|
|
|
|
cache_keys.remove(key)
|
|
|
|
cache_keys.insert(0, key)
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
self.cache[key] = value
|
|
|
|
|
2022-09-19 09:17:36 +00:00
|
|
|
if len(cache_keys) > self.size:
|
|
|
|
dropped_key = cache_keys.pop()
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
self.cache[dropped_key].__del__()
|
|
|
|
del self.cache[dropped_key]
|
|
|
|
|
|
|
|
def get(self, key: Any) -> Any:
|
|
|
|
if key not in self.cache:
|
|
|
|
return None
|
|
|
|
|
|
|
|
self.cache_keys.remove(key)
|
|
|
|
self.cache_keys.insert(0, key)
|
|
|
|
return self.cache[key]
|
|
|
|
|
|
|
|
def __del__(self) -> None:
|
|
|
|
for value in self.cache.values():
|
|
|
|
value.__del__()
|
|
|
|
self.cache.clear()
|
|
|
|
self.cache_keys.clear()
|
|
|
|
del self.cache
|
|
|
|
|
|
|
|
|
|
|
|
class Keychain:
|
|
|
|
def __init__(
|
|
|
|
self,
|
|
|
|
seed: bytes,
|
|
|
|
curve: str,
|
2020-07-14 10:15:18 +00:00
|
|
|
schemas: Iterable[paths.PathSchemaType],
|
|
|
|
slip21_namespaces: Iterable[paths.Slip21Path] = (),
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
) -> None:
|
|
|
|
self.seed = seed
|
|
|
|
self.curve = curve
|
2020-07-14 10:15:18 +00:00
|
|
|
self.schemas = tuple(schemas)
|
|
|
|
self.slip21_namespaces = tuple(slip21_namespaces)
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
|
|
|
self._cache = LRUCache(10)
|
2021-03-18 09:48:50 +00:00
|
|
|
self._root_fingerprint: int | None = None
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
|
|
|
def __del__(self) -> None:
|
|
|
|
self._cache.__del__()
|
|
|
|
del self._cache
|
|
|
|
del self.seed
|
|
|
|
|
|
|
|
def verify_path(self, path: paths.Bip32Path) -> None:
|
|
|
|
if "ed25519" in self.curve and not paths.path_is_hardened(path):
|
2022-09-19 09:17:36 +00:00
|
|
|
raise DataError("Non-hardened paths unsupported on Ed25519")
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
2020-09-17 12:27:04 +00:00
|
|
|
if not safety_checks.is_strict():
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
return
|
|
|
|
|
2020-07-14 10:15:18 +00:00
|
|
|
if self.is_in_keychain(path):
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
return
|
|
|
|
|
|
|
|
raise FORBIDDEN_KEY_PATH
|
|
|
|
|
2020-07-14 10:15:18 +00:00
|
|
|
def is_in_keychain(self, path: paths.Bip32Path) -> bool:
|
|
|
|
return any(schema.match(path) for schema in self.schemas)
|
|
|
|
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
def _derive_with_cache(
|
2020-09-25 11:59:16 +00:00
|
|
|
self,
|
|
|
|
prefix_len: int,
|
|
|
|
path: paths.PathType,
|
|
|
|
new_root: Callable[[], NodeType],
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
) -> NodeType:
|
|
|
|
cached_prefix = tuple(path[:prefix_len])
|
2021-03-18 09:48:50 +00:00
|
|
|
cached_root: NodeType | None = self._cache.get(cached_prefix)
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
if cached_root is None:
|
|
|
|
cached_root = new_root()
|
|
|
|
cached_root.derive_path(cached_prefix)
|
|
|
|
self._cache.insert(cached_prefix, cached_root)
|
|
|
|
|
|
|
|
node = cached_root.clone()
|
|
|
|
node.derive_path(path[prefix_len:])
|
|
|
|
return node
|
|
|
|
|
2021-01-05 14:41:26 +00:00
|
|
|
def root_fingerprint(self) -> int:
|
|
|
|
if self._root_fingerprint is None:
|
|
|
|
# derive m/0' to obtain root_fingerprint
|
|
|
|
n = self._derive_with_cache(
|
2022-09-19 09:17:36 +00:00
|
|
|
0,
|
|
|
|
[0 | paths.HARDENED],
|
2021-01-05 14:41:26 +00:00
|
|
|
new_root=lambda: bip32.from_seed(self.seed, self.curve),
|
|
|
|
)
|
|
|
|
self._root_fingerprint = n.fingerprint()
|
|
|
|
return self._root_fingerprint
|
|
|
|
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
def derive(self, path: paths.Bip32Path) -> bip32.HDNode:
|
|
|
|
self.verify_path(path)
|
|
|
|
return self._derive_with_cache(
|
2022-09-19 09:17:36 +00:00
|
|
|
3,
|
|
|
|
path,
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
new_root=lambda: bip32.from_seed(self.seed, self.curve),
|
|
|
|
)
|
|
|
|
|
|
|
|
def derive_slip21(self, path: paths.Slip21Path) -> Slip21Node:
|
2022-09-19 09:17:36 +00:00
|
|
|
from .seed import Slip21Node
|
|
|
|
|
2020-09-17 12:27:04 +00:00
|
|
|
if safety_checks.is_strict() and not any(
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
ns == path[: len(ns)] for ns in self.slip21_namespaces
|
|
|
|
):
|
|
|
|
raise FORBIDDEN_KEY_PATH
|
|
|
|
|
|
|
|
return self._derive_with_cache(
|
2022-09-19 09:17:36 +00:00
|
|
|
1,
|
|
|
|
path,
|
2020-09-25 11:59:16 +00:00
|
|
|
new_root=lambda: Slip21Node(seed=self.seed),
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
def __enter__(self) -> "Keychain":
|
|
|
|
return self
|
|
|
|
|
|
|
|
def __exit__(self, exc_type: Any, exc_val: Any, tb: Any) -> None:
|
|
|
|
self.__del__()
|
|
|
|
|
|
|
|
|
|
|
|
async def get_keychain(
|
|
|
|
curve: str,
|
2020-07-14 10:15:18 +00:00
|
|
|
schemas: Iterable[paths.PathSchemaType],
|
|
|
|
slip21_namespaces: Iterable[paths.Slip21Path] = (),
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
) -> Keychain:
|
2022-09-19 09:17:36 +00:00
|
|
|
from .seed import get_seed
|
|
|
|
|
2023-06-26 11:42:10 +00:00
|
|
|
seed = await get_seed()
|
2020-07-14 10:15:18 +00:00
|
|
|
keychain = Keychain(seed, curve, schemas, slip21_namespaces)
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
return keychain
|
|
|
|
|
|
|
|
|
|
|
|
def with_slip44_keychain(
|
2020-07-14 10:15:18 +00:00
|
|
|
*patterns: str,
|
|
|
|
slip44_id: int,
|
|
|
|
curve: str = "secp256k1",
|
|
|
|
allow_testnet: bool = True,
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
) -> Callable[[HandlerWithKeychain[MsgIn, MsgOut]], Handler[MsgIn, MsgOut]]:
|
2020-07-14 10:15:18 +00:00
|
|
|
if not patterns:
|
|
|
|
raise ValueError # specify a pattern
|
|
|
|
|
2022-09-19 09:17:36 +00:00
|
|
|
slip_44_ids = (slip44_id, 1) if allow_testnet else slip44_id
|
2020-07-14 10:15:18 +00:00
|
|
|
|
|
|
|
schemas = []
|
|
|
|
for pattern in patterns:
|
2022-09-19 09:17:36 +00:00
|
|
|
schemas.append(paths.PathSchema.parse(pattern, slip_44_ids))
|
2021-03-19 15:32:55 +00:00
|
|
|
schemas = [s.copy() for s in schemas]
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
|
|
|
def decorator(func: HandlerWithKeychain[MsgIn, MsgOut]) -> Handler[MsgIn, MsgOut]:
|
2023-06-26 11:42:10 +00:00
|
|
|
async def wrapper(msg: MsgIn) -> MsgOut:
|
|
|
|
keychain = await get_keychain(curve, schemas)
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
with keychain:
|
2023-06-26 11:42:10 +00:00
|
|
|
return await func(msg, keychain)
|
core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-14 10:15:05 +00:00
|
|
|
|
|
|
|
return wrapper
|
|
|
|
|
|
|
|
return decorator
|
2020-07-14 10:15:18 +00:00
|
|
|
|
|
|
|
|
|
|
|
def auto_keychain(
|
|
|
|
modname: str, allow_testnet: bool = True
|
|
|
|
) -> Callable[[HandlerWithKeychain[MsgIn, MsgOut]], Handler[MsgIn, MsgOut]]:
|
2022-09-19 09:17:36 +00:00
|
|
|
import sys
|
|
|
|
|
2020-07-14 10:15:18 +00:00
|
|
|
rdot = modname.rfind(".")
|
|
|
|
parent_modname = modname[:rdot]
|
|
|
|
parent_module = sys.modules[parent_modname]
|
|
|
|
|
|
|
|
pattern = getattr(parent_module, "PATTERN")
|
|
|
|
curve = getattr(parent_module, "CURVE")
|
|
|
|
slip44_id = getattr(parent_module, "SLIP44_ID")
|
|
|
|
return with_slip44_keychain(
|
|
|
|
pattern, slip44_id=slip44_id, curve=curve, allow_testnet=allow_testnet
|
|
|
|
)
|