matejcik
2f665c8f84
core: add exception to GetPublicKey for PSBT master fingerprint ( fixes #999 )
2020-05-21 13:26:53 +02:00
Tomas Susanka
a2f790167d
core/bitcoin: fix step 1 and 2 comments in signing
2020-05-19 12:58:45 +00:00
Tomas Susanka
1ac0f60550
core: update isort config to place relative imports last
2020-05-18 14:31:51 +02:00
Tomas Susanka
aa115b6320
core: move decred writers to decred.py
2020-05-18 14:31:51 +02:00
Tomas Susanka
3084ee1eed
core/bitcoin: move write_bitcoin_varint to common writers
2020-05-18 14:31:51 +02:00
Tomas Susanka
445f56d387
core/bitcoin: finalize bitcoin refactor
...
- core/bitcoin: move common files to the app's root
- core/bitcoin: use require_confirm instead of confirm
- core: move bitcoin unrelated functions from 'bitcoin' to a new 'misc' app
- core/bitcoin: use relative imports inside the app
- core: rename wallet app to bitcoin
- core/wallet: replace SigningErrors and the other exception classes with wire.Errors
2020-05-18 14:31:51 +02:00
matejcik
aa52fc3903
core/extmod: drop unused rfc6979 module
2020-05-18 14:31:00 +02:00
matejcik
123b07e3ad
core: drop support for pre-registering keychain namespaces
2020-05-15 16:30:41 +02:00
matejcik
de9e73dcbc
core/tests: update unit tests for new keychain API
2020-05-15 14:08:29 +02:00
matejcik
f3f6e2101a
core/cardano: explanation about seed derivation
2020-05-15 14:08:29 +02:00
matejcik
a31b2cd1bc
core/wallet: implement keychain for apps.wallet
2020-05-15 14:08:29 +02:00
matejcik
0dff3853a7
core/ethereum: introduce custom keychain decorators
2020-05-15 14:08:29 +02:00
matejcik
b594248ac2
core: use new keychain decorators where appropriate
2020-05-15 14:08:29 +02:00
matejcik
fd9e945308
core/cardano: use caching decorators and new Keychain API for Cardano as well
2020-05-15 14:08:29 +02:00
matejcik
7541d529a3
core: refactor keychain API, introduce SLIP44 decorator
2020-05-15 14:08:29 +02:00
matejcik
8c4cb58098
core: introduce caching decorators
2020-05-15 14:08:29 +02:00
matejcik
63dfcb17a7
core: make mypy happy about importing fatfs
2020-05-15 14:08:29 +02:00
Dusan Klinec
6b8fc9c894
xmr: major protocol upgrade, CLSAG support added
...
- CLSAG signature scheme added
- type hints added
xmr: optimize protocol, send only required data
- real_out_additional_tx_keys contains only one element as nothing more is needed during signature
- only src_entr.outputs[index] is HMACed and always present. Other outputs are present only if needed which reduces comm and CPU overhead.
- getting rid of subaddresses dictionary (memory requirements), now subaddr indices are present per source entry so keys are computed when needed
xmr: prepare for permutation sending removal, specify index
- specify source entry ordering index prior sorting by key images as original HMAC keys are generated based on these.
- permutation checked just by valid HMACs, size of the set, key image sort order
- sending permutation is now deprecated, will be removed in the following protocol versions
- more strict state transition checks, guard strict check with respect to steps ordering
2020-05-13 11:13:19 +02:00
Andrew Kozlik
3de565c33c
core/sign_tx: In write_tx_header() rename has_segwit parameter to witness_marker and clarify usage.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
846116a666
core/sign_tx: Improve comments.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
7370077d0c
core/sign_tx: Get rid of internal TxOutputBinType messages.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
9f9618944a
core/sign_tx: Explicitly pass script to write_tx_input() instead of setting it in txi.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
04bdf1dc6c
core/sign_tx: Remove unused index parameters.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c9814e50ba
core/sign_tx: Set decred_script_version to 0 by default for decred coins.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
dccf415e0b
core/sign_tx: Add write_tx_output() to signer class and override it in Decred.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
bdd1d25979
core/sign_tx: Require change-outputs to be for a non-zero amount.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d5faeb3f51
core/sign_tx: Clarify sign_nonsegwit_input().
2020-05-06 13:18:32 +02:00
matejcik
9005093435
core/sign_tx: improve documentation on MatchCheckers
2020-05-06 13:18:32 +02:00
matejcik
0209768ff2
core/sign_tx: improve type hints
2020-05-06 13:18:32 +02:00
matejcik
ff41e5c304
core/sign_tx: improve signer selection readability
2020-05-06 13:18:32 +02:00
Andrew Kozlik
8b89a30955
core/sign_tx: Remove get_prevouts_hash(), get_sequence_hash(), get_outputs_hash() methods from signer classes, because they are only used internally.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
22933587be
core/sign_tx: Merge bip143 classes into signer classes.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
6ad3baeab2
core/sign_tx: Refactor BIP-143 signing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d58cd3987b
core/sign_tx: Minor updates based on code review.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
be39f271b0
core/sign_tx: Rework transaction footer writing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
b60f267da9
core/sign_tx: Rework transaction header writing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c1effcc374
core/sign_tx: Updates based on code review.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c2a0f83558
core/sign_tx: Move script derivation to scripts module.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d0b80bddc8
core/tests: Fix unit tests after sign_tx refactor.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
be7e98aa47
core/sign_tx: Move Bitcoin class to bitcoin.py.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
a07e125793
core/sign_tx: Consolidate wallet path and multisig fingerprint checking.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
27e6720f3d
core/sign_tx: cleanup
2020-05-06 13:18:32 +02:00
Andrew Kozlik
987b70f1f5
core/sign_tx: Move header prepending up by one level.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
2ceb091d68
core/sign_tx: Use a preallocated buffer for transaction serialization.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
555259d6a9
core/sign_tx: Remove last_output_bytes in Decred, which is no longer needed.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
f1801764a1
core/sign_tx: Fix segwit/non-segwit input interleaving bug.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
514f2ac649
core/sign_tx: Refactor to use template method.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
95fad83024
core/sign_tx: Derive Zip143 and DecredPrefixHasher from Bip143.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
e9900df18d
core/sign_tx: Move Overwintered class to zcash.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
60dbec95ac
core/sign_tx: Reuse get_prevtx_output_value() in Decred.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
2b74513e49
core: Fix mypy.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
50c08274b9
core/sign_tx: Move overwintered functionality to separate class.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c190eed7fc
core/sign_tx: Move non-Bitcoin functionality to Bitcoinlike class.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
613c81ea66
core/sign_tx: Refactor wallet_path functions and input_check_multisig_fingerprint.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
0d9984671e
core/sign_tx: Fix typing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
79c60615de
core: Fix typing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
ba8b34b2d7
core: Refactor signing.
2020-05-06 13:18:32 +02:00
Tomas Susanka
20d66adddd
core: disable passphrase_always_on_device when turning off passphrase
2020-04-28 14:54:18 +02:00
matejcik
5885978c83
Merge branch 'release/2020-04'
2020-04-15 15:00:23 +02:00
Andrew Kozlik
9e4a8ca785
core/webauthn: Improve error codes for uninitialized device. Return ERR_OPERATION_DENIED only upon user decline or timeout, otherwise it cancels the operation on all connected authenticators.
2020-04-14 12:24:17 +02:00
Dusan Klinec
25b6e9058f
xmr: proto - add fields for protocol optimization
2020-04-13 22:19:56 +02:00
Andrew Kozlik
bc4e8eaa16
core/webauth: Update readme with Ed25519 algorithm and certificates.
2020-04-09 21:05:28 +02:00
matejcik
eec0615444
core: drop sys.pyi from mocks ( fixes #934 )
...
A change introduced in mypy 0.770 disallows overriding some system
modules, including `sys`.
We only need the override for `sys.print_exception`, and the simplest
solution is to make mypy ignore that particular call.
2020-04-08 11:19:26 +02:00
Andrew Kozlik
fca92d7344
core/webauthn: Update attestation certificate to comply with WebAuthn requirements.
2020-04-06 18:29:05 +02:00
Andrew Kozlik
25a39ea729
core/webauthn: Fix handling of interleaving frames to comply with the U2F HID specification.
2020-04-06 09:53:42 +02:00
jagdeep sidhu
e58c5f63d5
common/defs: update SYS ( #928 )
2020-04-02 00:22:47 +02:00
Tomas Susanka
0b7a8449f8
core: style
2020-03-30 16:04:05 +00:00
Tomas Susanka
bf20537f41
core: add option to omit cancel button in HoldToConfirm; add it to reset
2020-03-30 16:00:12 +00:00
Andrew Kozlik
8ae0535e69
core/webauthn: Fix attestation statement format to use a list in the x5c field.
2020-03-24 16:18:37 +01:00
Tomas Susanka
aa71c20f2c
core: require hold to confirm
2020-03-24 09:20:10 +00:00
Tomas Susanka
f786d75a6f
core: drop obsolete check for ANYONECANSPEND segwit outputs
2020-03-20 14:19:31 +00:00
Tomas Susanka
d0d41c884e
legacy: move script type checks to separate functions and unify with core
2020-03-20 14:19:31 +00:00
matejcik
da89a17ce5
all: add checks for prev_hash size
2020-03-20 14:19:31 +00:00
matejcik
c15519f707
core/sign_tx: modify get_tx_header to avoid writing unchecked bytes
2020-03-20 14:19:31 +00:00
matejcik
9cab61fbd3
core/sign_tx: remove write_bytes_unchecked where appropriate
2020-03-20 14:19:31 +00:00
matejcik
27f6306e1d
core: introduce safer write_bytes functions
2020-03-20 14:19:30 +00:00
matejcik
9a5f6b025a
core/tezos: factor out writing Michelson instructions
2020-03-20 14:19:30 +00:00
matejcik
694f714719
core/ripple: rename write_bytes to avoid name collision
2020-03-20 14:19:30 +00:00
Tomas Susanka
64584e271c
legacy, core: add and unify validation checks
2020-03-20 14:19:30 +00:00
matejcik
ffdb299c61
all: drop Capricoin support [NO BACKPORT]
2020-03-20 14:19:30 +00:00
matejcik
adea7d6b35
all: make timestamp mandatory on timestamp-enabled coins
2020-03-20 14:19:07 +00:00
matejcik
e2035b4972
all: drop Horizen and BIP-115 support [NO BACKPORT]
2020-03-20 14:19:07 +00:00
matejcik
6f9c6361ea
core: remove negative_fee and cashaddr_prefix from bitcoin-only fw
2020-03-20 14:18:27 +00:00
matejcik
7d5771911c
core: flip condition for force_bip143
...
this should be equivalent because Bitcoin does not have force_bip143 set
2020-03-20 14:18:27 +00:00
matejcik
ed464f3d47
all: ensure expiry, timestamp and extra_data are blocked as appropriate
2020-03-20 14:18:27 +00:00
matejcik
27803ee8c1
all: drop overwintered field from transaction
2020-03-20 14:18:27 +00:00
matejcik
c9fd3f77a5
all: add overwintered field to coin specification
2020-03-20 14:18:27 +00:00
Pavol Rusnak
817b922850
all: add extra_data and timestamp fields to coin specification
2020-03-20 14:18:27 +00:00
matejcik
136307bcae
core: propagate coin info to all sanitize functions
2020-03-20 14:17:44 +00:00
matejcik
303c05aba7
core/sign_tx: check if prev_tx has enough outputs to match prev_index
2020-03-20 14:17:44 +00:00
Andrew Kozlik
a34637c0f2
core/sign_tx: Check multisig fingerprint before signing inputs.
2020-03-20 14:17:44 +00:00
Tomas Susanka
163220e4b7
core/wallet: properly check decred input
2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
6274cfdf8b
core: remove unreachable zcash code
2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
d61181d7e8
core: fix transaction header for mixed segwit inputs
2020-03-20 14:17:44 +00:00
Tomas Susanka
f0a39df75d
core/wallet: check inputs and outputs right after receiving them
2020-03-20 14:17:44 +00:00
Tomas Susanka
0903159d9b
core, legacy: make sure OPRETURN ouput is not marked as change
2020-03-20 14:17:44 +00:00
Tomas Susanka
4af9aa547e
core: forbid unnecessary fields in OPRETURN output
2020-03-20 14:17:44 +00:00
Andrew Kozlik
d800fcbf9f
core/sign_tx: If there is a non-multisig input, then change output cannot be multisig.
...
(cherry picked from commit 8eb6ce0899
)
2020-03-20 14:17:44 +00:00
Andrew Kozlik
b3cd760df0
core/webauthn: Disable CTAPHID_WINK function.
2020-03-20 15:07:06 +01:00
Andrew Kozlik
e5008eb332
core/webauthn: Remove indistinguishable credentials from the allow list.
2020-03-20 15:07:06 +01:00
Andrew Kozlik
cda9de8dd1
core/webauthn: Add maxCredentialCountInList and maxCredentialIdLength to authenticatorGetInfo response.
2020-03-20 15:07:06 +01:00
Andrew Kozlik
0af0e06d5b
core/webauthn: Truncate names in credential data to at most 100 bytes.
2020-03-20 15:07:06 +01:00
matejcik
ccffefd667
core/boot: do not catch OSError in boot wait
2020-03-20 14:03:28 +01:00
matejcik
f6f041e269
core/sdcard: also catch OSError in the formatting phase
2020-03-20 14:03:28 +01:00
matejcik
3a71a5a05c
core/sdcard: show "Wrong SD card" when unlocking SD protect with unformatted card
2020-03-20 14:03:28 +01:00
matejcik
3789a3372b
core/sdcard: modify exception handling in fatfs
...
expose ff.c constants, raise them as arguments to FatFSError
introduce NotMounted and NoFilesystem as subclasses of FatFSError with
the appropriate error code set
2020-03-20 14:03:28 +01:00
Andrew Kozlik
8ee0026637
core: Allow PIN entry even when SD protect is enabled and the card is not present.
2020-03-19 15:04:33 +01:00
Konnor Klashinsky
70a1f957ed
Fix BackupDevice layout on 18-word seed wallets
2020-03-13 13:41:04 +13:00
Andrew Kozlik
2f905a1157
core/webauthn: Add algorithm and curve to WebAuthnListResidentCredentials response.
2020-03-12 15:45:26 +01:00
Andrew Kozlik
f610787f8d
core/webauthn: Clean up bytes/bytearray typing around uctypes.
2020-03-12 15:45:26 +01:00
Andrew Kozlik
e378820f7f
core/webauthn: Implement support for Ed25519 signatures in FIDO2.
2020-03-12 15:45:26 +01:00
Pavol Rusnak
624b639ba8
Merge pull request #886 from trezor/onvej-sl/monero-optimizations-squashed
...
xmr/bp: memory optimizations and improvements, fixed style
2020-03-02 17:54:30 +01:00
Tomas Susanka
f8de140271
core: add cancel to hold to confirm dialogs
2020-03-02 13:58:41 +00:00
Dusan Klinec
2658e253fa
xmr/bp: memory optimizations and improvements
...
- different approach to vector manipulation - more on the fly operations. Prepared for fully offloaded operations, BP on Trezor with constant memory.
- memory requirements reduced from (4MN + const) to (2MN + const)
- more raw methods to avoid unnecessary encoding/decoding
- chunking improved, chunk size set as a constant, changed from 64 to 32, missing pieces implemented to cover also BP 16
- proof_v8 support discontinued, old hardfork, not needed anymore
- get_exponent register clash fixed (for large vectors)
- reduced heap fragmentation by removing some temporary allocations
- hashing with len and offset to reduce heap fragmentation by creating a sliced arrays
- use to() wherever possible to avoid allocations and return of mutable private object
- global functions start with _ prefix, reduce import footprint
- use __slots__ in classes to minimize footprint
2020-03-02 12:17:03 +01:00
Tomas Susanka
21676a0662
ore/tezos: better wording in delegation cancel
2020-03-02 08:49:34 +00:00
matejcik
7f91bc571c
core: ensure default task restarts after a passphrase workflow ( fixes #883 )
2020-02-28 15:55:40 +01:00
Tomas Susanka
5ee6e56f56
Merge pull request #880 from trezor/tsusanka/sign-verify-ui
...
Unify sign/verify message dialogs and fix text overflow
2020-02-28 15:47:48 +01:00
matejcik
bd9663af79
common/defs: update token reference, add new tokens to 2.3.0/1.9.0, regenerate coins_details
2020-02-27 19:13:17 +01:00
Tomas Susanka
86b010a18b
Merge pull request #878 from trezor/matejcik/fatfs-corruption
...
FatFS API rework
2020-02-27 15:58:38 +01:00
Tomas Susanka
a8af9feebe
core: fix text overflow in some dialogs
2020-02-27 12:43:33 +00:00
Tomas Susanka
744c32991f
core: unify sign/verify functions
...
The UI records are modified because of two changes:
- Added a coin name to the Sign/Verify screen (ETH/Lisk).
- Unified to use mono.
2020-02-27 12:43:33 +00:00
Tomas Susanka
495a59c282
core: use wire errors instead of ValueErrors where applicable
2020-02-27 10:46:01 +00:00
matejcik
18ac4fc9ca
core: update Python facing APIs
2020-02-27 10:56:23 +01:00
matejcik
b916072389
common: restore PassphraseAck.state
2020-02-24 15:15:09 +01:00
matejcik
d7b9582386
core/sdcard: add ensure_filesystem option ( fixes #868 )
...
It is possible to call `ensure_sdcard` in a way that requires only SD
card be inserted, but not necessarily formatted.
This is useful for SD-protect and possibly other use-cases where the SD
card is read-only, and "not formatted" is identical to "not containing
the right files".
2020-02-24 13:28:44 +01:00
matejcik
e9c275c24f
core/sdcard: fix invalid state when filesystem mounting fails
2020-02-24 13:28:44 +01:00
Tomas Susanka
6c47bf8230
core: store multiple sessions/caches at the same time
2020-02-21 14:40:42 +01:00
Pavol Rusnak
562671401e
Merge pull request #860 from trezor/prusnak/multisig-show-yours-others
...
core: show yours/others in get_address for multisig
2020-02-20 13:49:13 +01:00
matejcik
ddee77ecb6
core: add SD clearing via debuglink
2020-02-20 12:51:48 +01:00
matejcik
1e9352b9e0
core: add SD format dialog, generalize sdcard usage
2020-02-20 12:51:48 +01:00
matejcik
5bac85f260
core: use filesystem wrapper instead of the ensure_filesystem decorator
2020-02-20 12:51:48 +01:00
matejcik
d08942be4a
core: introduce filesystem wrapper
2020-02-20 12:51:48 +01:00
Tomas Susanka
ff1bb67abc
common: return the PasshraseType button request
2020-02-20 08:04:35 +00:00
Pavol Rusnak
581e46ff87
Merge pull request #845 from trezor/prusnak/webusb-popup
...
Don't show WebUSB popup in firmware, in bootloader only if no firmware present
2020-02-19 18:18:01 +01:00
Pavol Rusnak
7944c1a837
core/monero: add confirmation dialog for unlock_time
2020-02-19 14:31:45 +00:00
Pavol Rusnak
a808cc9190
core/apps: await require_confirm should be called without return
2020-02-19 14:31:45 +00:00
Pavol Rusnak
b9486c0b33
core: show yours/others in get_address for multisig
2020-02-18 22:39:55 +00:00
matejcik
e61b7d28e9
all: do not send state in PassphraseAck (not needed for compatibility)
2020-02-13 15:44:50 +01:00
Pavol Rusnak
07cd73ce57
core: show webusb popup only in bootloader and only if firmware is not installed
2020-02-12 20:47:05 +00:00
matejcik
d3b88a37be
core: do not catch SystemExit in handle_session ( #826 )
2020-02-12 10:36:42 +01:00
Tomas Susanka
f947fe97cc
core: fix style
2020-02-11 16:41:43 +01:00
Tomas Susanka
0a13f7a441
core: properly limit passphrase to 50 bytes
2020-02-11 15:39:08 +00:00
Tomas Susanka
2c0504ad1c
Merge pull request #803 from trezor/passphrase
...
Passphrase Redesign
2020-02-11 16:01:59 +01:00
matejcik
05a1d6f771
core/debug: add "show arbitrary screen" capability, for easier prototyping
2020-02-11 11:53:34 +01:00
matejcik
c01d04f26e
common/protob: drop a default field declaration
...
which triggers nanopb bug https://github.com/nanopb/nanopb/issues/487
2020-02-11 11:53:34 +01:00
matejcik
4c9689d7a7
common: return deprecated fields to protobuf, to allow cross-version compatible code
2020-02-10 12:35:28 +01:00
Pavol Rusnak
e58225fe02
core/boot: don't call mkfs in emulator
2020-02-07 15:30:21 +00:00
Pavol Rusnak
fdfa64ac2a
core/ui: fix HoldToConfirm redraw
2020-02-07 15:21:16 +00:00
Tomas Susanka
56dc952495
common: fix PassphraseAck.on_device id
2020-02-07 14:19:01 +00:00
Pavol Rusnak
73ed2f3450
legacy: small nitpicks related to the new passphrase handling
2020-02-07 11:41:03 +00:00