feat(cardano): allow required signers in more signing modes

2 years ago · ba7fb2cb54
parent 4017434cc1
commit ba7fb2cb54
4 changed files with 5 additions and 7 deletions
--- a/core/src/apps/cardano/README.md
+++ b/core/src/apps/cardano/README.md
@ -209,7 +209,7 @@ The signing mode intended for transactions containing Plutus script evaluation.

 Even though Plutus scripts cannot access collateral inputs and the collateral return output, we must show them to the user so that they can verify what collateral amount is at stake. However, if the client declares this amount in the total collateral field, collateral inputs and the collateral return output (if it contains an address governed by the device) can be hidden.

-Collateral inputs, required signers, collateral return output, total collateral and reference inputs are allowed only in Plutus transactions.
+Collateral inputs, collateral return output, total collateral and reference inputs are allowed only in Plutus transactions. Required signers are meant for Plutus transactions as well (from the blockchain point of view), but some applications utilize them for their own purposes, so we allow them in all signing modes (except for pool registration as owner).

 Since Plutus scripts may have many unforseen use cases, we put no further limitations on transactions (except forbidding pool registration certificates). Stake credentials in certificates and withdrawals may be given as key paths, key hashes or script hashes.

--- a/core/src/apps/cardano/sign_tx/multisig_signer.py
+++ b/core/src/apps/cardano/sign_tx/multisig_signer.py
@ -22,7 +22,6 @@ class MultisigSigner(Signer):
    def _validate_tx_init(self) -> None:
        super()._validate_tx_init()
        self._assert_tx_init_cond(self.msg.collateral_inputs_count == 0)
-        self._assert_tx_init_cond(self.msg.required_signers_count == 0)
        self._assert_tx_init_cond(not self.msg.has_collateral_return)
        self._assert_tx_init_cond(self.msg.total_collateral is None)
        self._assert_tx_init_cond(self.msg.reference_inputs_count == 0)
--- a/core/src/apps/cardano/sign_tx/ordinary_signer.py
+++ b/core/src/apps/cardano/sign_tx/ordinary_signer.py
@ -28,7 +28,6 @@ class OrdinarySigner(Signer):
    def _validate_tx_init(self) -> None:
        super()._validate_tx_init()
        self._assert_tx_init_cond(self.msg.collateral_inputs_count == 0)
-        self._assert_tx_init_cond(self.msg.required_signers_count == 0)
        self._assert_tx_init_cond(not self.msg.has_collateral_return)
        self._assert_tx_init_cond(self.msg.total_collateral is None)
        self._assert_tx_init_cond(self.msg.reference_inputs_count == 0)
--- a/python/src/trezorlib/cardano.py
+++ b/python/src/trezorlib/cardano.py
@ -683,11 +683,11 @@ def _get_witness_requests(
        for _, path in collateral_inputs:
            if path:
                paths.add(tuple(path))
-        for required_signer in required_signers:
-            if required_signer.key_path:
-                paths.add(tuple(required_signer.key_path))

-    # add additional_witness_requests in all cases (because of minting)
+    # add required_signers and additional_witness_requests in all cases
+    for required_signer in required_signers:
+        if required_signer.key_path:
+            paths.add(tuple(required_signer.key_path))
    for additional_witness_request in additional_witness_requests:
        paths.add(tuple(additional_witness_request))