From 4fd68b8f385bc8955ec747393adc30cc13db4f70 Mon Sep 17 00:00:00 2001 From: Marek Polak Date: Fri, 7 Jun 2024 11:56:26 +0200 Subject: [PATCH] chore(legacy): remove unused checks [no changelog] --- legacy/firmware/signing.c | 95 +-------------------------------------- 1 file changed, 1 insertion(+), 94 deletions(-) diff --git a/legacy/firmware/signing.c b/legacy/firmware/signing.c index ca8a7a2bf..4d7d700e1 100644 --- a/legacy/firmware/signing.c +++ b/legacy/firmware/signing.c @@ -166,7 +166,6 @@ static secbool is_coinjoin; // Is this a CoinJoin transaction? static uint64_t coinjoin_coordination_fee_base; static AuthorizeCoinJoin coinjoin_authorization; static CoinJoinRequest coinjoin_request; -static Hasher coinjoin_request_hasher; /* A marker for in_address_n_count to indicate a mismatch in bip32 paths in input */ @@ -1362,24 +1361,6 @@ static bool init_coinjoin(const SignTx *msg, sizeof(coinjoin_authorization)); memcpy(&coinjoin_request, &msg->coinjoin_request, sizeof(coinjoin_request)); - // Begin hashing the CoinJoin request. - hasher_Init(&coinjoin_request_hasher, HASHER_SHA2); - hasher_Update(&coinjoin_request_hasher, (const uint8_t *)"CJR1", 4); - size_t coordinator_len = - strnlen(authorization->coordinator, sizeof(authorization->coordinator)); - tx_script_hash(&coinjoin_request_hasher, coordinator_len, - (const uint8_t *)authorization->coordinator); - uint32_t slip44 = coin->coin_type & PATH_UNHARDEN_MASK; - hasher_Update(&coinjoin_request_hasher, (uint8_t *)&slip44, sizeof(slip44)); - hasher_Update(&coinjoin_request_hasher, - (const uint8_t *)&coinjoin_request.fee_rate, 4); - hasher_Update(&coinjoin_request_hasher, - (const uint8_t *)&coinjoin_request.no_fee_threshold, 8); - hasher_Update(&coinjoin_request_hasher, - (const uint8_t *)&coinjoin_request.min_registrable_amount, 8); - hasher_Update(&coinjoin_request_hasher, - coinjoin_request.mask_public_key.bytes, 33); - ser_length_hash(&coinjoin_request_hasher, msg->inputs_count); return true; } @@ -1440,7 +1421,6 @@ void signing_init(const SignTx *msg, const CoinInfo *_coin, const HDNode *_root, memzero(&resp, sizeof(TxRequest)); memzero(&coinjoin_authorization, sizeof(coinjoin_authorization)); memzero(&coinjoin_request, sizeof(coinjoin_request)); - memzero(&coinjoin_request_hasher, sizeof(coinjoin_request_hasher)); is_replacement = false; unlocked_schema = unlock; signing = true; @@ -1883,47 +1863,13 @@ static bool tx_info_check_outputs_hash(TxInfo *tx_info) { } static bool coinjoin_add_input(TxInputType *txi) { - // Masks for the signable and no_fee bits in coinjoin_flags. - const uint8_t COINJOIN_FLAGS_SIGNABLE = 0x01; + // Mask for the no_fee bits in coinjoin_flags. const uint8_t COINJOIN_FLAGS_NO_FEE = 0x02; - hasher_Update(&coinjoin_request_hasher, (uint8_t *)&txi->coinjoin_flags, 1); - if (txi->script_type == InputScriptType_EXTERNAL) { return true; } - // Compute the masking bit for the signable bit in coinjoin flags. - static CONFIDENTIAL uint8_t output_private_key[32] = {0}; - uint8_t shared_secret[65] = {0}; - bool res = (zkp_bip340_tweak_private_key(node.private_key, NULL, - output_private_key) == 0); - res = res && (ecdh_multiply(&secp256k1, output_private_key, - coinjoin_request.mask_public_key.bytes, - shared_secret) == 0); - memzero(&output_private_key, sizeof(output_private_key)); - if (!res) { - fsm_sendFailure(FailureType_Failure_ProcessError, - _("Failed to derive shared secret.")); - signing_abort(); - return false; - } - - Hasher mask_hasher = {0}; - uint8_t mask[SHA256_DIGEST_LENGTH] = {0}; - hasher_Init(&mask_hasher, HASHER_SHA2); - hasher_Update(&mask_hasher, shared_secret + 1, 32); - tx_prevout_hash(&mask_hasher, txi); - hasher_Final(&mask_hasher, mask); - - // Ensure that the input can be signed. - bool signable = (txi->coinjoin_flags ^ mask[0]) & COINJOIN_FLAGS_SIGNABLE; - if (!signable) { - fsm_sendFailure(FailureType_Failure_ProcessError, _("Unauthorized input")); - signing_abort(); - return false; - } - // Add to coordination_fee_base, except for remixes and small inputs which are // not charged a coordination fee. bool no_fee = txi->coinjoin_flags & COINJOIN_FLAGS_NO_FEE; @@ -2585,45 +2531,6 @@ static bool coinjoin_confirm_tx(void) { // Largest possible weight of an output supported by Trezor (P2TR or P2WSH). const uint64_t MAX_OUTPUT_WEIGHT = 4 * (8 + 1 + 1 + 1 + 32); - // The public key used for verifying coinjoin requests in production on - // mainnet. - const uint8_t COINJOIN_REQ_PUBKEY[] = { - 0x02, 0x57, 0x03, 0xbb, 0xe1, 0x5b, 0xb0, 0x8e, 0x98, 0x21, 0xfe, - 0x64, 0xaf, 0xf6, 0xb2, 0xef, 0x1a, 0x31, 0x60, 0xe3, 0x79, 0x9d, - 0xd8, 0xf0, 0xce, 0xbf, 0x2c, 0x79, 0xe8, 0x67, 0xdd, 0x12, 0x5d}; - - // The public key used for verifying coinjoin requests on testnet and in debug - // mode. secp256k1 public key of m/0h for "all all ... all" seed. - const uint8_t COINJOIN_REQ_PUBKEY_TEST[] = { - 0x03, 0x0f, 0xdf, 0x5e, 0x28, 0x9b, 0x5a, 0xef, 0x53, 0x62, 0x90, - 0x95, 0x3a, 0xe8, 0x1c, 0xe6, 0x0e, 0x84, 0x1f, 0xf9, 0x56, 0xf3, - 0x66, 0xac, 0x12, 0x3f, 0xa6, 0x9d, 0xb3, 0xc7, 0x9f, 0x21, 0xb0}; - - // Finish hashing the CoinJoin request. - hasher_Update(&coinjoin_request_hasher, info.hash_prevouts, - sizeof(info.hash_prevouts)); - hasher_Update(&coinjoin_request_hasher, info.hash_outputs, - sizeof(info.hash_outputs)); - - // Verify the CoinJoin request signature. - uint8_t coinjoin_request_digest[SHA256_DIGEST_LENGTH] = {0}; - hasher_Final(&coinjoin_request_hasher, coinjoin_request_digest); - if ((DEBUG_LINK || coin->coin_type == SLIP44_TESTNET) && - ecdsa_verify_digest(&secp256k1, COINJOIN_REQ_PUBKEY_TEST, - coinjoin_request.signature.bytes, - coinjoin_request_digest) == 0) { - // success - } else if (ecdsa_verify_digest(&secp256k1, COINJOIN_REQ_PUBKEY, - coinjoin_request.signature.bytes, - coinjoin_request_digest) == 0) { - // success - } else { - fsm_sendFailure(FailureType_Failure_DataError, - _("Invalid signature in coinjoin request.")); - signing_abort(); - return false; - } - if (has_unverified_external_input) { fsm_sendFailure(FailureType_Failure_ProcessError, _("Unverifiable external input."));