fixup! fix(core): disallow per-node paths in getaddress

2024-11-29 10:58:21 +00:00 · 2024-11-27 15:57:22 +01:00 · 2024-11-27 15:57:22 +01:00 · c703cacdcc
commit c703cacdcc
parent edd0fcab3d
1 changed files with 9 additions and 1 deletions
--- a/core/src/apps/bitcoin/sign_tx/change_detector.py
+++ b/core/src/apps/bitcoin/sign_tx/change_detector.py
@ -64,7 +64,15 @@ class ChangeDetector:
                and self.multisig_fingerprint.output_matches(txo)
                and common.multisig_uses_single_path(
                    txo.multisig
-                )  # An output that uses different derivation paths for different xpubs could be difficult to discover
+                )  # An address that uses different derivation paths for different xpubs
+                # could be difficult to discover if the user did not note all the paths.
+                # The reason is that each path ends with an address index, which can
+                # have 1,000,000 possible values. If the address is a t-out-of-n
+                # multisig, the total number of possible paths is 1,000,000^n. This can
+                # be exploited by an attacker who has compromised the user's computer.
+                # The attacker could randomize the address indices and then demand a
+                # ransom from the user to reveal the paths. To prevent this, we require
+                # that all xpubs use the same derivation path.
            ):
                return False