1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-11 16:00:57 +00:00

core/bitcoin: Add support for external inputs with proof of non-ownership.

This commit is contained in:
Andrew Kozlik 2020-06-15 17:12:36 +02:00 committed by Andrew Kozlik
parent 956ea9a94f
commit 712ec68c1b
2 changed files with 20 additions and 10 deletions

View File

@ -32,6 +32,8 @@ def get_namespaces_for_coin(coin: coininfo.CoinInfo):
# m/48'/slip44' (/account'/script_type'/change/addr) # m/48'/slip44' (/account'/script_type'/change/addr)
namespaces.append((curve, [48 | HARDENED, slip44_id])) namespaces.append((curve, [48 | HARDENED, slip44_id]))
namespaces.append(("slip21", [b"SLIP-0019"]))
if coin.segwit: if coin.segwit:
# BIP-49 - p2sh segwit: m/49'/slip44' (/account'/change/addr) # BIP-49 - p2sh segwit: m/49'/slip44' (/account'/change/addr)
namespaces.append((curve, [49 | HARDENED, slip44_id])) namespaces.append((curve, [49 | HARDENED, slip44_id]))

View File

@ -19,6 +19,7 @@ from apps.common.writers import write_bitcoin_varint
from .. import addresses, common, multisig, scripts, writers from .. import addresses, common, multisig, scripts, writers
from ..common import SIGHASH_ALL, ecdsa_sign from ..common import SIGHASH_ALL, ecdsa_sign
from ..ownership import verify_nonownership
from ..verification import SignatureVerifier from ..verification import SignatureVerifier
from . import helpers, progress, tx_weight from . import helpers, progress, tx_weight
from .matchcheck import MultisigFingerprintChecker, WalletPathChecker from .matchcheck import MultisigFingerprintChecker, WalletPathChecker
@ -51,7 +52,8 @@ class Bitcoin:
# Check fee, confirm lock_time and total. # Check fee, confirm lock_time and total.
await self.step3_confirm_tx() await self.step3_confirm_tx()
# Verify external inputs which have already been signed. # Verify external inputs which have already been signed or which come with
# a proof of non-ownership.
await self.step4_verify_external_inputs() await self.step4_verify_external_inputs()
# Check that inputs are unchanged. Serialize inputs and sign the non-segwit ones. # Check that inputs are unchanged. Serialize inputs and sign the non-segwit ones.
@ -169,6 +171,12 @@ class Bitcoin:
if prev_amount != txi.amount: if prev_amount != txi.amount:
raise wire.DataError("Invalid amount specified") raise wire.DataError("Invalid amount specified")
if txi.ownership_proof:
if not verify_nonownership(
txi.ownership_proof, script_pubkey, b"", self.keychain, self.coin
):
raise wire.DataError("Invalid external input")
else:
verifier = SignatureVerifier( verifier = SignatureVerifier(
script_pubkey, txi.script_sig, txi.witness, self.coin script_pubkey, txi.script_sig, txi.witness, self.coin
) )
@ -288,7 +296,7 @@ class Bitcoin:
if not input_is_external(txi): if not input_is_external(txi):
raise wire.ProcessError("Transaction has changed during signing") raise wire.ProcessError("Transaction has changed during signing")
self.write_tx_input(self.serialized_tx, txi, txi.script_sig) self.write_tx_input(self.serialized_tx, txi, txi.script_sig or bytes())
async def serialize_segwit_input(self, i: int) -> None: async def serialize_segwit_input(self, i: int) -> None:
# STAGE_REQUEST_SEGWIT_INPUT in legacy # STAGE_REQUEST_SEGWIT_INPUT in legacy