mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-23 14:58:09 +00:00
feat(core): Allow coinjoin request debugging key for testnets.
[no changelog]
This commit is contained in:
parent
96b2d05d47
commit
2f9483f994
@ -88,10 +88,10 @@ PATTERN_UNCHAINED_DEPRECATED = "m/45'/coin_type'/account'/[0-1000000]/address_in
|
||||
PATTERN_SLIP26_T1_FW = "m/10026'/49'/2'/0'"
|
||||
|
||||
# SLIP-44 coin type for Bitcoin
|
||||
_SLIP44_BITCOIN = const(0)
|
||||
SLIP44_BITCOIN = const(0)
|
||||
|
||||
# SLIP-44 coin type for all Testnet coins
|
||||
_SLIP44_TESTNET = const(1)
|
||||
SLIP44_TESTNET = const(1)
|
||||
|
||||
|
||||
def validate_path_against_script_type(
|
||||
@ -118,7 +118,7 @@ def validate_path_against_script_type(
|
||||
|
||||
if script_type == InputScriptType.SPENDADDRESS and not multisig:
|
||||
append(PATTERN_BIP44)
|
||||
if slip44 == _SLIP44_BITCOIN:
|
||||
if slip44 == SLIP44_BITCOIN:
|
||||
append(PATTERN_GREENADDRESS_A)
|
||||
append(PATTERN_GREENADDRESS_B)
|
||||
|
||||
@ -127,11 +127,11 @@ def validate_path_against_script_type(
|
||||
and multisig
|
||||
):
|
||||
append(PATTERN_BIP48_RAW)
|
||||
if slip44 == _SLIP44_BITCOIN or (
|
||||
coin.fork_id is not None and slip44 != _SLIP44_TESTNET
|
||||
if slip44 == SLIP44_BITCOIN or (
|
||||
coin.fork_id is not None and slip44 != SLIP44_TESTNET
|
||||
):
|
||||
append(PATTERN_BIP45)
|
||||
if slip44 == _SLIP44_BITCOIN:
|
||||
if slip44 == SLIP44_BITCOIN:
|
||||
append(PATTERN_GREENADDRESS_A)
|
||||
append(PATTERN_GREENADDRESS_B)
|
||||
if coin.coin_name in BITCOIN_NAMES:
|
||||
@ -144,7 +144,7 @@ def validate_path_against_script_type(
|
||||
append(PATTERN_CASA)
|
||||
if multisig:
|
||||
append(PATTERN_BIP48_P2SHSEGWIT)
|
||||
if slip44 == _SLIP44_BITCOIN:
|
||||
if slip44 == SLIP44_BITCOIN:
|
||||
append(PATTERN_GREENADDRESS_A)
|
||||
append(PATTERN_GREENADDRESS_B)
|
||||
if coin.coin_name in BITCOIN_NAMES:
|
||||
@ -154,7 +154,7 @@ def validate_path_against_script_type(
|
||||
append(PATTERN_BIP84)
|
||||
if multisig:
|
||||
append(PATTERN_BIP48_SEGWIT)
|
||||
if slip44 == _SLIP44_BITCOIN:
|
||||
if slip44 == SLIP44_BITCOIN:
|
||||
append(PATTERN_GREENADDRESS_A)
|
||||
append(PATTERN_GREENADDRESS_B)
|
||||
|
||||
@ -183,12 +183,12 @@ def _get_schemas_for_coin(
|
||||
]
|
||||
|
||||
# patterns without coin_type field must be treated as if coin_type == 0
|
||||
if coin.slip44 == _SLIP44_BITCOIN or (
|
||||
coin.fork_id is not None and coin.slip44 != _SLIP44_TESTNET
|
||||
if coin.slip44 == SLIP44_BITCOIN or (
|
||||
coin.fork_id is not None and coin.slip44 != SLIP44_TESTNET
|
||||
):
|
||||
patterns.append(PATTERN_BIP45)
|
||||
|
||||
if coin.slip44 == _SLIP44_BITCOIN:
|
||||
if coin.slip44 == SLIP44_BITCOIN:
|
||||
patterns.extend(
|
||||
(
|
||||
PATTERN_GREENADDRESS_A,
|
||||
@ -243,9 +243,9 @@ def get_schemas_from_patterns(
|
||||
# cannot allow spending any testnet coins from Bitcoin paths, because
|
||||
# otherwise an attacker could trick the user into spending BCH on a Bitcoin
|
||||
# path by signing a seemingly harmless BCH Testnet transaction.
|
||||
if coin.fork_id is not None and coin.slip44 != _SLIP44_TESTNET:
|
||||
if coin.fork_id is not None and coin.slip44 != SLIP44_TESTNET:
|
||||
schemas.extend(
|
||||
PathSchema.parse(pattern, _SLIP44_BITCOIN) for pattern in patterns
|
||||
PathSchema.parse(pattern, SLIP44_BITCOIN) for pattern in patterns
|
||||
)
|
||||
|
||||
return schemas
|
||||
|
@ -10,7 +10,7 @@ from apps.common import safety_checks
|
||||
|
||||
from .. import writers
|
||||
from ..common import input_is_external_unverified
|
||||
from ..keychain import validate_path_against_script_type
|
||||
from ..keychain import SLIP44_TESTNET, validate_path_against_script_type
|
||||
from . import helpers, tx_weight
|
||||
from .sig_hasher import BitcoinSigHasher
|
||||
from .tx_info import OriginalTxInfo
|
||||
@ -347,10 +347,12 @@ class CoinJoinApprover(Approver):
|
||||
COINJOIN_FLAGS_SIGNABLE = const(0x01)
|
||||
COINJOIN_FLAGS_NO_FEE = const(0x02)
|
||||
|
||||
# The public key used for verifying coinjoin requests in production on mainnet.
|
||||
COINJOIN_REQ_PUBKEY = b"\x02W\x03\xbb\xe1[\xb0\x8e\x98!\xfed\xaf\xf6\xb2\xef\x1a1`\xe3y\x9d\xd8\xf0\xce\xbf,y\xe8g\xdd\x12]"
|
||||
if __debug__:
|
||||
# secp256k1 public key of m/0h for "all all ... all" seed.
|
||||
COINJOIN_REQ_PUBKEY_DEBUG = b"\x03\x0f\xdf^(\x9bZ\xefSb\x90\x95:\xe8\x1c\xe6\x0e\x84\x1f\xf9V\xf3f\xac\x12?\xa6\x9d\xb3\xc7\x9f!\xb0"
|
||||
|
||||
# The public key used for verifying coinjoin requests on testnet and in debug mode.
|
||||
# secp256k1 public key of m/0h for "all all ... all" seed.
|
||||
COINJOIN_REQ_PUBKEY_TEST = b"\x03\x0f\xdf^(\x9bZ\xefSb\x90\x95:\xe8\x1c\xe6\x0e\x84\x1f\xf9V\xf3f\xac\x12?\xa6\x9d\xb3\xc7\x9f!\xb0"
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
@ -454,9 +456,9 @@ class CoinJoinApprover(Approver):
|
||||
)
|
||||
|
||||
# Verify the CoinJoin request signature.
|
||||
if __debug__:
|
||||
if __debug__ or self.coin.slip44 == SLIP44_TESTNET:
|
||||
if secp256k1.verify(
|
||||
self.COINJOIN_REQ_PUBKEY_DEBUG,
|
||||
self.COINJOIN_REQ_PUBKEY_TEST,
|
||||
self.request.signature,
|
||||
self.h_request.get_digest(),
|
||||
):
|
||||
|
Loading…
Reference in New Issue
Block a user