apps/common/seed: refactor methods usage

src/apps/common/seed.py

@@ -5,20 +5,22 @@ from trezor.crypto import bip39
 _DEFAULT_CURVE = 'secp256k1'
 
 
-async def get_root(ctx: wire.Context, curve_name=_DEFAULT_CURVE):
-    seed = await get_seed(ctx)
-    root = bip32.from_seed(seed, curve_name)
-    return root
+async def derive_node(ctx: wire.Context, path=[], curve_name=_DEFAULT_CURVE):
+    seed = await _get_seed(ctx)
+    node = bip32.from_seed(seed, curve_name)
+    if len(path) > 0:
+        node.derive_path(path)
+    return node
 
 
-async def get_seed(ctx: wire.Context) -> bytes:
+async def _get_seed(ctx: wire.Context) -> bytes:
     from . import cache
     if cache.seed is None:
-        cache.seed = await compute_seed(ctx)
+        cache.seed = await _compute_seed(ctx)
     return cache.seed
 
 
-async def compute_seed(ctx: wire.Context) -> bytes:
+async def _compute_seed(ctx: wire.Context) -> bytes:
     from trezor.messages.FailureType import ProcessError
     from .request_passphrase import protect_by_passphrase
     from . import storage
@@ -30,10 +32,11 @@ async def compute_seed(ctx: wire.Context) -> bytes:
     return bip39.seed(storage.get_mnemonic(), passphrase)
 
 
-def get_root_without_passphrase(curve_name=_DEFAULT_CURVE):
+def derive_node_without_passphrase(path, curve_name=_DEFAULT_CURVE):
     from . import storage
     if not storage.is_initialized():
         raise Exception('Device is not initialized')
     seed = bip39.seed(storage.get_mnemonic(), '')
-    root = bip32.from_seed(seed, curve_name)
-    return root
+    node = bip32.from_seed(seed, curve_name)
+    node.derive_path(path)
+    return node

src/apps/ethereum/get_address.py

@@ -9,8 +9,7 @@ async def layout_ethereum_get_address(ctx, msg):
 
     address_n = msg.address_n or ()
 
-    node = await seed.get_root(ctx)
-    node.derive_path(address_n)
+    node = await seed.derive_node(ctx, address_n)
 
     seckey = node.private_key()
     public_key = secp256k1.publickey(seckey, False)  # uncompressed

src/apps/ethereum/sign_message.py

@@ -20,8 +20,7 @@ async def ethereum_sign_message(ctx, msg):
     from ..common import seed
 
     address_n = msg.address_n or ()
-    node = await seed.get_root(ctx)
-    node.derive_path(address_n)
+    node = await seed.derive_node(ctx, address_n)
 
     signature = secp256k1.sign(node.private_key(), message_digest(msg.message), False)
 

src/apps/ethereum/sign_tx.py

@@ -100,8 +100,7 @@ async def send_signature(ctx, msg: EthereumSignTx, digest):
     from ..common import seed
 
     address_n = msg.address_n or ()
-    node = await seed.get_root(ctx)
-    node.derive_path(address_n)
+    node = await seed.derive_node(ctx, address_n)
 
     signature = secp256k1.sign(node.private_key(), digest, False)
 

src/apps/fido_u2f/__init__.py

@@ -521,8 +521,7 @@ def msg_register_sign(challenge: bytes, app_id: bytes) -> bytes:
     nodepath = [_U2F_KEY_PATH] + keypath
 
     # prepare signing key from random path, compute decompressed public key
-    node = seed.get_root_without_passphrase('nist256p1')
-    node.derive_path(nodepath)
+    node = seed.derive_node_without_passphrase(nodepath, 'nist256p1')
     pubkey = nist256p1.publickey(node.private_key(), False)
 
     # first half of keyhandle is keypath
@@ -642,8 +641,7 @@ def msg_authenticate_genkey(app_id: bytes, keyhandle: bytes):
 
     # derive the signing key
     nodepath = [_U2F_KEY_PATH] + list(keypath)
-    node = seed.get_root_without_passphrase('nist256p1')
-    node.derive_path(nodepath)
+    node = seed.derive_node_without_passphrase(nodepath, 'nist256p1')
 
     # second half of keyhandle is a hmac of app_id and keypath
     keybase = hmac.Hmac(node.private_key(), app_id, hashlib.sha256)

src/apps/wallet/cipher_key_value.py

@@ -36,8 +36,7 @@ async def layout_cipher_key_value(ctx, msg):
                     ui.BOLD, ui.LIGHT_GREEN, ui.BG)
     ui.display.text(10, 60, msg.key, ui.MONO, ui.FG, ui.BG)
 
-    node = await seed.get_root(ctx)
-    node.derive_path(msg.address_n)
+    node = await seed.derive_node(ctx, msg.address_n)
 
     value = cipher_key_value(msg, node.private_key())
 

src/apps/wallet/get_address.py

@@ -15,8 +15,7 @@ async def layout_get_address(ctx, msg):
     coin_name = msg.coin_name or 'Bitcoin'
     coin = coins.by_name(coin_name)
 
-    node = await seed.get_root(ctx)
-    node.derive_path(address_n)
+    node = await seed.derive_node(ctx, address_n)
 
     address = addresses.get_address(msg.script_type, coin, node)
 

src/apps/wallet/get_public_key.py

@@ -8,8 +8,7 @@ async def layout_get_public_key(ctx, msg):
     address_n = msg.address_n or ()
     coin_name = msg.coin_name or 'Bitcoin'
 
-    node = await seed.get_root(ctx)
-    node.derive_path(address_n)
+    node = await seed.derive_node(ctx, address_n)
     coin = coins.by_name(coin_name)
 
     node_xpub = node.serialize_public(coin.xpub_magic)

src/apps/wallet/sign_identity.py

@@ -91,8 +91,7 @@ async def layout_sign_identity(ctx, msg):
     display_identity(identity, msg.challenge_visual)
 
     address_n = get_identity_path(identity, msg.identity.index or 0)
-    node = await seed.get_root(ctx, msg.ecdsa_curve_name)
-    node.derive_path(address_n)
+    node = await seed.derive_node(ctx, address_n, msg.ecdsa_curve_name)
 
     coin = coins.by_name('Bitcoin')
     if msg.ecdsa_curve_name == 'secp256k1':

src/apps/wallet/sign_message.py

@@ -15,8 +15,7 @@ async def sign_message(ctx, msg):
 
     await confirm_sign_message(ctx, message)
 
-    node = await seed.get_root(ctx)
-    node.derive_path(address_n)
+    node = await seed.derive_node(ctx, address_n)
     seckey = node.private_key()
 
     address = node.address(coin.address_type)

src/apps/wallet/sign_tx/__init__.py

@@ -9,7 +9,8 @@ async def sign_tx(ctx, msg):
     from . import signing
     from . import layout
 
-    root = await seed.get_root(ctx)
+    # TODO: rework this so we don't have to pass root to signing.sign_tx
+    root = await seed.derive_node(ctx, [])
 
     signer = signing.sign_tx(msg, root)
     res = None