fix(core): update SLIP-26 signing paths

1 year ago · 3ed84a84e9
parent 32d5beb762
commit 3ed84a84e9
5 changed files with 38 additions and 7 deletions
--- a/core/src/apps/bitcoin/keychain.py
+++ b/core/src/apps/bitcoin/keychain.py
@ -85,7 +85,8 @@ PATTERN_UNCHAINED_UNHARDENED = (
 PATTERN_UNCHAINED_DEPRECATED = "m/45'/coin_type'/account'/[0-1000000]/address_index"

 # Model 1 firmware signing.
-PATTERN_SLIP26_T1_FW = "m/10026'/49'/2'/0'"
+# 826421588 is ASCII string "T1B1" as a little-endian 32-bit integer.
+PATTERN_SLIP26_T1_FW = "m/10026'/826421588'/2'/0'"

 # SLIP-44 coin type for Bitcoin
 SLIP44_BITCOIN = const(0)
--- a/core/src/apps/misc/cosi_commit.py
+++ b/core/src/apps/misc/cosi_commit.py
@ -16,10 +16,12 @@ if TYPE_CHECKING:

 SCHEMA_SLIP18 = PathSchema.parse("m/10018'/address_index'/*'", slip44_id=())
 # SLIP-26: m/10026'/model'/type'/rotation_index'
-# - `model`: ASCII for 1, T, or R, or 0 for common things (keep the ASCII range open for future models).
+# - `model`: typically ASCII string T1B1 etc. parsed as little-endian number,
+#            but can also be 0 or other values. Maximum allowed value is 0x7F7F7F7F,
+#            the maximum 4-byte ASCII string.
 # - `type`: 0 = bootloader, 1 = vendorheader, 2 = firmware, 3 = definitions, 4 = reserved
 # - `rotation_index`: a fixed 0' for now
-SCHEMA_SLIP26 = PathSchema.parse("m/10026'/[0-127]'/[0-4]'/0'", slip44_id=())
+SCHEMA_SLIP26 = PathSchema.parse("m/10026'/[0-2139062143]'/[0-4]'/0'", slip44_id=())


 async def cosi_commit(ctx: Context, msg: CosiCommit) -> CosiSignature:
--- a/tests/device_tests/bitcoin/test_signmessage.py
+++ b/tests/device_tests/bitcoin/test_signmessage.py
@ -160,12 +160,12 @@ VECTORS = (  # case name, coin_name, path, script_type, address, message, signat
    case(
        "t1 firmware path",
        "Bitcoin",
-        "m/10026'/49'/2'/0'",
+        "m/10026'/826421588'/2'/0'",
        S.SPENDADDRESS,
        False,
-        "1Cykx69qc6WPukP6V1BhBfRi4zt8PgzcP6",
+        "1FoHjQT6bAEu2FQGzTgqj4PBneoiCAk4ZN",
        b"BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
-        "1fd240d06000fb0854446ca08dfa8f6ca51b2d3c194c7a655d940aab8b7c727c6459276fe44d70c88e5c56d60ff2fa1b8682ca01d203f4fcad37b58f9ed98ad0d2",
+        "1f40ae58dd68480a2f39eecf4decfe79ceacde3f865502db67c083b8465b33535c0750d5377b7ac62e534f71c922cd029f659761f8ac99e859df36322c5b320eff",
        skip_t1=True,
    ),
    # ==== Testnet script types ====
--- a/tests/device_tests/misc/test_cosi.py
+++ b/tests/device_tests/misc/test_cosi.py
@ -21,7 +21,7 @@ import pytest
 from trezorlib import cosi
 from trezorlib.debuglink import TrezorClientDebugLink as Client
 from trezorlib.exceptions import TrezorFailure
-from trezorlib.tools import parse_path
+from trezorlib.tools import H_, Address, parse_path

 DIGEST = sha256(b"this is not a pipe").digest()

@ -116,3 +116,23 @@ def test_cosi_different_key(client: Client):
        cosi.sign(
            client, parse_path("m/10018h/1h"), DIGEST, commit.commitment, commit.pubkey
        )
+
+
+@pytest.mark.parametrize(
+    "model",
+    (
+        b"T1B1",
+        b"T2T1",
+        b"T2B1",
+        b"T3W1",
+        b"\xfe\xfe\xfe\xfe",
+        b"\x00",
+        b"dog",
+        b"42",
+    ),
+)
+@pytest.mark.skip_t1
+def test_slip26_paths(client: Client, model: bytes):
+    slip26_model = int.from_bytes(model, "little")
+    path = Address([H_(10026), H_(slip26_model), H_(0), H_(0)])
+    cosi.commit(client, path)
--- a/tests/ui_tests/fixtures.json
+++ b/tests/ui_tests/fixtures.json
@ -1441,6 +1441,14 @@
 "TT_misc-test_cosi.py::test_cosi_sign1": "92799c53459f2a735a145bde35943967265d2411e766e5597d7f614f9ef1827c",
 "TT_misc-test_cosi.py::test_cosi_sign2": "59071f9bac86b8666b28c53178fbe76249af0878a5d9eafe4b40ea7b63a2a9e7",
 "TT_misc-test_cosi.py::test_cosi_sign3": "264dcf0ee58b1cc5a580ab5ab567a7450776c12002a87ea56c071b83a85bfc9c",
+"TT_misc-test_cosi.py::test_slip26_paths[42]": "bd83a31d0fc4c23953dfd0d138e4441984e34698ace96aad5308a4ae51b712ae",
+"TT_misc-test_cosi.py::test_slip26_paths[T1B1]": "bd83a31d0fc4c23953dfd0d138e4441984e34698ace96aad5308a4ae51b712ae",
+"TT_misc-test_cosi.py::test_slip26_paths[T2B1]": "bd83a31d0fc4c23953dfd0d138e4441984e34698ace96aad5308a4ae51b712ae",
+"TT_misc-test_cosi.py::test_slip26_paths[T2T1]": "bd83a31d0fc4c23953dfd0d138e4441984e34698ace96aad5308a4ae51b712ae",
+"TT_misc-test_cosi.py::test_slip26_paths[T3W1]": "bd83a31d0fc4c23953dfd0d138e4441984e34698ace96aad5308a4ae51b712ae",
+"TT_misc-test_cosi.py::test_slip26_paths[\\x00]": "bd83a31d0fc4c23953dfd0d138e4441984e34698ace96aad5308a4ae51b712ae",
+"TT_misc-test_cosi.py::test_slip26_paths[\\xfe\\xfe\\xfe\\xfe]": "bd83a31d0fc4c23953dfd0d138e4441984e34698ace96aad5308a4ae51b712ae",
+"TT_misc-test_cosi.py::test_slip26_paths[dog]": "bd83a31d0fc4c23953dfd0d138e4441984e34698ace96aad5308a4ae51b712ae",
 "TT_misc-test_msg_cipherkeyvalue.py::test_decrypt": "4e4eaf26e8f9cb7187049cb0d718e2ad3f2c5d83ab91b3d0ed3257f6271dfe5e",
 "TT_misc-test_msg_cipherkeyvalue.py::test_decrypt_badlen": "bd83a31d0fc4c23953dfd0d138e4441984e34698ace96aad5308a4ae51b712ae",
 "TT_misc-test_msg_cipherkeyvalue.py::test_encrypt": "dcfe4d2f73405d8a08c006200e75fc84fd77af58e77cdc8a476933e69288868d",