From 9a22d570f29cb1e7b33696ebce29022b84622578 Mon Sep 17 00:00:00 2001 From: Marek Polak Date: Fri, 7 Jun 2024 11:56:09 +0200 Subject: [PATCH] chore(core): remove unused checks [no changelog] (cherry picked from commit 8a7db4f1d3ac2ff2e8b154e8f10aeb56b5cd4fcd) --- core/src/apps/bitcoin/sign_tx/approvers.py | 79 +--------------------- 1 file changed, 2 insertions(+), 77 deletions(-) diff --git a/core/src/apps/bitcoin/sign_tx/approvers.py b/core/src/apps/bitcoin/sign_tx/approvers.py index 38078478ba..f7b37607ba 100644 --- a/core/src/apps/bitcoin/sign_tx/approvers.py +++ b/core/src/apps/bitcoin/sign_tx/approvers.py @@ -1,18 +1,13 @@ from micropython import const from typing import TYPE_CHECKING -from trezor.crypto.curve import bip340, secp256k1 -from trezor.crypto.hashlib import sha256 -from trezor.utils import HashWriter from trezor.wire import DataError, ProcessError from apps.common import safety_checks -from .. import writers from ..common import input_is_external_unverified -from ..keychain import SLIP44_TESTNET, validate_path_against_script_type +from ..keychain import validate_path_against_script_type from . import helpers, tx_weight -from .sig_hasher import BitcoinSigHasher from .tx_info import OriginalTxInfo if TYPE_CHECKING: @@ -409,17 +404,9 @@ class CoinJoinApprover(Approver): # Largest possible weight of an output supported by Trezor (P2TR or P2WSH). MAX_OUTPUT_WEIGHT = 4 * (8 + 1 + 1 + 1 + 32) - # Masks for the signable and no_fee bits in coinjoin_flags. - COINJOIN_FLAGS_SIGNABLE = const(0x01) + # Mask for the no_fee bits in coinjoin_flags. COINJOIN_FLAGS_NO_FEE = const(0x02) - # The public key used for verifying coinjoin requests in production on mainnet. - COINJOIN_REQ_PUBKEY = b"\x02W\x03\xbb\xe1[\xb0\x8e\x98!\xfed\xaf\xf6\xb2\xef\x1a1`\xe3y\x9d\xd8\xf0\xce\xbf,y\xe8g\xdd\x12]" - - # The public key used for verifying coinjoin requests on testnet and in debug mode. - # secp256k1 public key of m/0h for "all all ... all" seed. - COINJOIN_REQ_PUBKEY_TEST = b"\x03\x0f\xdf^(\x9bZ\xefSb\x90\x95:\xe8\x1c\xe6\x0e\x84\x1f\xf9V\xf3f\xac\x12?\xa6\x9d\xb3\xc7\x9f!\xb0" - def __init__( self, tx: SignTx, @@ -435,46 +422,14 @@ class CoinJoinApprover(Approver): self.authorization = authorization self.coordination_fee_base = 0 - # Begin hashing the coinjoin request. - self.h_request = HashWriter(sha256(b"CJR1")) # "CJR1" = Coinjoin Request v1. - writers.write_bytes_prefixed( - self.h_request, authorization.params.coordinator.encode() - ) - writers.write_uint32(self.h_request, coin.slip44) - writers.write_uint32(self.h_request, self.request.fee_rate) - writers.write_uint64(self.h_request, self.request.no_fee_threshold) - writers.write_uint64(self.h_request, self.request.min_registrable_amount) - writers.write_bytes_fixed(self.h_request, self.request.mask_public_key, 33) - writers.write_compact_size(self.h_request, tx.inputs_count) - # Upper bound on the user's contribution to the weight of the transaction. self.our_weight = tx_weight.TxWeightCalculator() - def _add_input(self, txi: TxInput) -> None: - super()._add_input(txi) - writers.write_uint8(self.h_request, txi.coinjoin_flags) - async def add_internal_input(self, txi: TxInput, node: bip32.HDNode) -> None: self.our_weight.add_input(txi) if not self.authorization.check_internal_input(txi): raise ProcessError("Unauthorized path") - # Compute the masking bit for the signable bit in coinjoin flags. - internal_private_key = node.private_key() - output_private_key = bip340.tweak_secret_key(internal_private_key) - shared_secret = secp256k1.multiply( - output_private_key, self.request.mask_public_key - ) - h_mask = HashWriter(sha256()) - writers.write_bytes_fixed(h_mask, shared_secret[1:33], 32) - writers.write_bytes_reversed(h_mask, txi.prev_hash, writers.TX_HASH_SIZE) - writers.write_uint32(h_mask, txi.prev_index) - mask = h_mask.get_digest()[0] & 1 - - # Ensure that the input can be signed. - if bool(txi.coinjoin_flags & self.COINJOIN_FLAGS_SIGNABLE) ^ mask != 1: - raise ProcessError("Unauthorized input") - # Add to coordination_fee_base, except for remixes and small inputs which are # not charged a coordination fee. no_fee = bool(txi.coinjoin_flags & self.COINJOIN_FLAGS_NO_FEE) @@ -509,33 +464,6 @@ class CoinJoinApprover(Approver): ) -> None: pass - def _verify_coinjoin_request(self, tx_info: TxInfo): - if not isinstance(tx_info.sig_hasher, BitcoinSigHasher): - raise ProcessError("Unexpected signature hasher.") - - # Finish hashing the coinjoin request. - writers.write_bytes_fixed( - self.h_request, tx_info.sig_hasher.h_prevouts.get_digest(), 32 - ) - writers.write_bytes_fixed( - self.h_request, tx_info.sig_hasher.h_outputs.get_digest(), 32 - ) - - # Verify the coinjoin request signature. - if __debug__ or self.coin.slip44 == SLIP44_TESTNET: - if secp256k1.verify( - self.COINJOIN_REQ_PUBKEY_TEST, - self.request.signature, - self.h_request.get_digest(), - ): - return True - - return secp256k1.verify( - self.COINJOIN_REQ_PUBKEY, - self.request.signature, - self.h_request.get_digest(), - ) - async def approve_tx( self, tx_info: TxInfo, @@ -546,9 +474,6 @@ class CoinJoinApprover(Approver): await super().approve_tx(tx_info, orig_txs, signer) - if not self._verify_coinjoin_request(tx_info): - raise DataError("Invalid signature in coinjoin request.") - # The mining fee of the transaction as a whole. mining_fee = self.total_in - self.total_out