fixup! feat(core): Implement entropy check workflow in ResetDevice.

2025-01-16 18:30:57 +00:00 · 2024-12-27 19:12:51 +01:00 · 2024-12-27 19:12:51 +01:00 · 0ca958c6f1
commit 0ca958c6f1
parent dfb6210e7d
2 changed files with 11 additions and 15 deletions
--- a/core/src/apps/management/reset_device/init.py
+++ b/core/src/apps/management/reset_device/init.py
@ -105,7 +105,7 @@ async def reset_device(msg: ResetDevice) -> Success:
            # in BIP-39 we store mnemonic string instead of the secret
            secret = bip39.from_data(secret).encode()
-        if not msg.entropy_check or not await _entropy_check(secret):
+        if not msg.entropy_check or await _entropy_check(secret):
            break
        prev_int_entropy = int_entropy
@ -143,8 +143,8 @@ async def reset_device(msg: ResetDevice) -> Success:
 async def _entropy_check(secret: bytes) -> bool:
-    """Returns True to indicate that entropy check loop should continue."""
+    """Returns True to indicate that entropy check loop should end."""
-    from trezor.messages import GetPublicKey, Success
+    from trezor.messages import EntropyCheckContinue, EntropyCheckReady, GetPublicKey
    from trezor.wire.context import call_any
    from apps.bitcoin.get_public_key import get_public_key
@ -154,21 +154,17 @@ async def _entropy_check(secret: bytes) -> bool:
    seed = get_seed(mnemonic_secret=secret)
-    msg = Success()
+    msg = EntropyCheckReady()
    while True:
        req = await call_any(
            msg,
            MessageType.EntropyCheckContinue,
            MessageType.GetPublicKey,
            MessageType.ResetDeviceContinue,
            MessageType.ResetDeviceFinish,
        )
        assert req.MESSAGE_WIRE_TYPE is not None
-        if req.MESSAGE_WIRE_TYPE == MessageType.ResetDeviceContinue:
+        if EntropyCheckContinue.is_type_of(req):
-            return True
+            return req.finish
        if req.MESSAGE_WIRE_TYPE == MessageType.ResetDeviceFinish:
            return False
        assert GetPublicKey.is_type_of(req)
        req.show_display = False
--- a/docs/common/message-workflows.md
+++ b/docs/common/message-workflows.md
@ -289,18 +289,18 @@ The host chooses a small random number *n*, e.g. from 1 to 5, and proceeds as fo
 1. H -> T `ResetDevice` (Host specifies strength, backup type, etc.)
 2. H <- T `EntropyRequest` (Trezor commits to an internal entropy value.)
 3. H -> T `EntropyAck` (Host provides external entropy.)
-4. H <- T `Success` (Trezor stores the seed in storage cache.)
+4. H <- T `EntropyCheckReady` (Trezor stores the seed in storage cache.)
 5. Host obtains the XPUBs for several accounts that the user intends to use:
    1. H -> T `GetPublicKey`
    2. H <- T `PublicKey`
 6. If this step was executed less than *n* times, then:
-    1. H -> T `ResetDeviceContinue` (Host instructs Trezor to prove seed correctness.)
+    1. H -> T `EntropyCheckContinue(finish=False)` (Host instructs Trezor to prove seed correctness.)
    2. H <- T `EntropyRequest` (Trezor reveals previous internal entropy and commits to a new internal entropy value.)
    3. The host verifies that the entropy commitment is valid, derives the seed and checks that it produces the same XPUBs as Trezor provided in step 5.
    4. Go to step 3.
 7. Host instructs trezor to store the current seed in flash memory.
-    1. H <- T `ResetDeviceFinish`
+    1. H -> T `EntropyCheckContinue(finish=True)`
-    2. H -> T `Success`
+    2. H <- T `Success`
 The host should record the XPUBs that it received in the last repetition of
 step 5. Every time the user connects the Trezor to the host, it should verify