diff --git a/src/apps/wallet/sign_tx/scripts.py b/src/apps/wallet/sign_tx/scripts.py index 8ab546bb1..6f33211e3 100644 --- a/src/apps/wallet/sign_tx/scripts.py +++ b/src/apps/wallet/sign_tx/scripts.py @@ -42,6 +42,16 @@ def output_script_p2sh(scripthash: bytes) -> bytearray: return s +def script_replay_protection_bip115(block_hash: bytes, block_height: bytes) -> bytearray: + block_height_size = len(block_height) # SIZE in bytes block heigh (should be 3) + s = bytearray(38) + s[0] = 0x20 # 32 bytes for block hash + s[1:33] = block_hash # block hash + s[33] = 0x03 # 3 bytes for block height + s[34:37] = (block_height if (block_height_size == 3) else block_height[:3 - block_height_size]) # MUST BE ONLY 3 BYTES FOR BLOCKHEIGHT + s[37] = 0xB4 # OP_CHECKBLOCKHIGHT + return s + # SegWit: Native P2WPKH or P2WSH # === # https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#p2wpkh diff --git a/src/apps/wallet/sign_tx/signing.py b/src/apps/wallet/sign_tx/signing.py old mode 100644 new mode 100755 index 598196d00..697a8eae9 --- a/src/apps/wallet/sign_tx/signing.py +++ b/src/apps/wallet/sign_tx/signing.py @@ -275,8 +275,9 @@ async def sign_tx(tx: SignTx, root: bip32.HDNode): multisig_get_pubkeys(txi_sign.multisig), txi_sign.multisig.m) elif txi_sign.script_type == InputScriptType.SPENDADDRESS: - txi_sign.script_sig = output_script_p2pkh( - ecdsa_hash_pubkey(key_sign_pub)) + txi_sign.script_sig = output_script_p2pkh(ecdsa_hash_pubkey(key_sign_pub)) + if(coin.bip115 and txi_sign.prev_block_hash_bip115 is not None): + txi_sign.script_sig += script_replay_protection_bip115(txi_sign.prev_block_hash_bip115, txi_sign.prev_block_height_bip115) else: raise SigningError(FailureType.ProcessError, 'Unknown transaction type') @@ -513,12 +514,12 @@ def output_derive_script(o: TxOutputType, coin: CoinInfo, root: bip32.HDNode) -> if address_type.check(coin.address_type, raw_address): # p2pkh pubkeyhash = address_type.strip(coin.address_type, raw_address) - return output_script_p2pkh(pubkeyhash) + return (output_script_p2pkh(pubkeyhash) + script_replay_protection_bip115(o.block_hash_bip115, o.block_height_bip115) if coin.bip115 else output_script_p2pkh(pubkeyhash)) elif address_type.check(coin.address_type_p2sh, raw_address): # p2sh scripthash = address_type.strip(coin.address_type_p2sh, raw_address) - return output_script_p2sh(scripthash) + return (output_script_p2sh(scripthash) + script_replay_protection_bip115(o.block_hash_bip115, o.block_height_bip115) if coin.bip115 else output_script_p2sh(scripthash)) raise SigningError(FailureType.DataError, 'Invalid address type') diff --git a/src/trezor/messages/TxInputType.py b/src/trezor/messages/TxInputType.py old mode 100644 new mode 100755 diff --git a/tests/test_apps.wallet.signtx.py b/tests/test_apps.wallet.signtx.py index 4cf0dc4c6..96920aaa5 100644 --- a/tests/test_apps.wallet.signtx.py +++ b/tests/test_apps.wallet.signtx.py @@ -20,6 +20,7 @@ from apps.wallet.sign_tx import signing class TestSignTx(unittest.TestCase): # pylint: disable=C0301 + # signer.send(None) def test_one_one_fee(self): # tx: d5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882 @@ -97,7 +98,9 @@ class TestSignTx(unittest.TestCase): signer = signing.sign_tx(tx, root) for request, response in chunks(messages, 2): - self.assertEqualEx(signer.send(request), response) + req = signer.send(request) + self.assertEqualEx(req, response) + # print(req.details.tx_hash,response.details.tx_hash ) with self.assertRaises(StopIteration): signer.send(None)