gabrielkerekes
54909681a8
feat(cardano): add support for 1854 and 1855 path roots
2021-10-11 15:16:24 +02:00
matejcik
c30091b9c5
refactor(core/stellar): replace confirm_timebounds_stellar with confirm_properties
2021-09-24 10:30:19 +02:00
matejcik
1dcfdebf7a
feat(all): make Stellar timebounds required
2021-09-24 10:30:19 +02:00
matejcik
98f0496b2c
feat(core/stellar): add type checking to Stellar app
2021-09-24 10:30:19 +02:00
matejcik
ae4dd42d18
refactor(core/ethereum): reorganize sanity checks, disallow chain_id 0
2021-09-10 15:09:03 +02:00
matejcik
8931450d21
chore(common): enable Palm network
2021-09-10 15:09:03 +02:00
matejcik
e80077e0a4
feat(core/ethereum): enable type-checking for Ethereum app
2021-09-10 15:09:03 +02:00
matejcik
0c2863fc8d
feat(core/ethereum): use TokenInfo object instead of tuples
2021-09-10 15:09:03 +02:00
matejcik
96ed53cc1c
refactor(core,legacy): remove Wanchain special handling
...
now that Wanchain has proper chainID and we don't need to detect it by
magic.
[no changelog]
2021-09-10 15:09:03 +02:00
matejcik
639406b01f
feat(all): make chain_id mandatory
2021-09-10 15:09:03 +02:00
arbitrarylink
f051225730
feat(core,legacy): add support for Ethereum 64-bit chain_id
...
* Changes from original PR
* Now that we are rejecting chain_ids of 0, we need to have the tests set the chain_ids to at least 1.
* Ran 'make gen' and uploaded changed files.
* Ran make style_check and fixed reported errors
* Added changelog files
* Reverted changes concerning chain_id 0 being rejected.
* Adds tests for MAX_CHAIN_ID and MAX_CHAIN_ID+1. Also reverts MAX_CHAIN_ID to the previous value.
* Added missing whitespace around arithmetic operator.
Co-authored-by: Michael Hatton <michaelhatton@Michaels-Mini.fios-router.home>
2021-09-10 15:09:03 +02:00
matejcik
eb34c0850e
fix(common): regenerate support data
...
[no changelog]
2021-08-27 13:38:45 +02:00
matejcik
174985619d
chore(common): bump chains and tokens for release
2021-08-24 13:14:06 +02:00
matejcik
7aed8d535d
feat(all): re-enable Firo ( fixes #1767 )
2021-08-23 11:43:57 +02:00
Martin Milata
f37ca13f1a
refactor(core): disable SD, SBU, fatfs for T1 build
2021-08-20 12:22:13 +02:00
gabrielkerekes
8e3bc39b56
chore(cardano): update and format README
2021-08-20 11:50:13 +02:00
gabrielkerekes
7c3b5c86a5
fix(cardano): forbid mixing paths from multiple accounts in a single transaction
2021-08-20 11:50:13 +02:00
gabrielkerekes
b0c8590f00
feat(cardano): streamed transaction signing
2021-08-20 11:50:13 +02:00
matejcik
d33d61d84e
chore(core): remove Lisk
2021-08-19 10:25:41 +02:00
Frederik Bolding
38fa9197ca
feat(core,python): support for Ethereum EIP1559 transactions
...
Initial EIP1559 implementation
Fix a few small issues
Progress on Python lib implementation and firmware
Fix RLP length
Start fixing tests
Fix legacy transactions
Simplify API and logic
Add EIP1559 tests
Fix access list formatting
Fix UI visiblity issue
Fix commented out code
fix: correct linting issues
Fix access_list protobuf formatting
Remove unneeded code
Remove dead code
Check tx_type bounds for EIP 2718
Reduce code duplication
Prefer eip2718_type over re-using tx_type
Add more tests
Simplify format_access_list
Simplify sign_tx slightly
Change Access List format and add logic to encode it
Fix a bunch of small PR comments
Fix a linting issue
Move tests out of class and regenerate
Remove copy-pasted comments
Add access list to CLI
Simplify _parse_access_list_item
Fix small mistakes following rebase
Fix linting
Refactor to use a separate message for EIP 1559 tx
Simplify changed legacy code
Fix a few small PR comments
Fix linting
fix(legacy): recognize SignTxEIP1559 on legacy build
Fix PR comments
2021-08-10 11:00:29 +02:00
Martin Milata
b5710b820a
docs(core): replace Purpose48 with BIP-48
...
https://github.com/bitcoin/bips/blob/master/bip-0048.mediawiki
2021-08-06 12:50:42 +02:00
matejcik
f78363ecdc
refactor(core/ui): do not use parameter for styling in get_next_u2f_counter
2021-08-04 15:03:11 +02:00
Martin Milata
2a91052b02
refactor(core/ui): move altcoin and webauthn layouts to separate file
...
Also fix types.
2021-08-04 15:03:11 +02:00
Martin Milata
31052007ff
refactor(core): enable mypy for apps.management
2021-08-04 15:03:11 +02:00
Martin Milata
e57027fc5c
refactor(core): convert apps.management.change_wipe_code to layouts
2021-08-04 15:03:11 +02:00
Martin Milata
5a0ea3f146
refactor(core): convert apps.management.recovery_device to layouts
2021-08-04 15:03:11 +02:00
Martin Milata
312876ab67
refactor(core): convert apps.management.reset_device to layouts
2021-08-04 15:03:11 +02:00
Martin Milata
574dcbc8a3
refactor(core): convert apps.common to layouts
2021-08-04 15:03:11 +02:00
Martin Milata
875cc0cb1a
refactor(core): convert apps.webauthn to layouts
2021-08-04 15:03:11 +02:00
matejcik
fcb5f88318
fix(core/bitcoin): nicer UI for ownership proofs
2021-07-26 14:48:35 +02:00
matejcik
b30c9f7584
refactor(core/stellar): use semantically appropriate layouts everywhere
2021-07-26 14:48:35 +02:00
matejcik
16b87e4d50
fix(core/stellar): fail cleanly when asset code has wrong length
2021-07-26 14:48:35 +02:00
matejcik
ad6976e01f
refactor(core): use confirm_blob instead of confirm_hex in apps
2021-07-26 14:48:35 +02:00
Andrew Kozlik
2964f2e855
refactor(core/cardano): Clean up variable_length_encode().
2021-07-22 10:54:49 +02:00
Andrew Kozlik
97ca1e3341
chore(core): Add offset parameter to cbor.decode().
2021-07-22 10:54:49 +02:00
Andrew Kozlik
7811204ed5
refactor(core/bitcoin): Use HashWriter in address derivation.
2021-07-22 10:54:49 +02:00
Andrew Kozlik
2c003052f5
refactor(core/bitcoin): Change CoinInfo.script_hash to be a HashContext.
2021-07-22 10:54:49 +02:00
Andrew Kozlik
27e6f35f78
refactor(core/bitcoin): Change scripts to use writer semantics.
2021-07-22 10:54:49 +02:00
Andrew Kozlik
8538f55edc
refactor(core/bitcoin): Use global static buffer for Tx serialization.
2021-07-22 10:54:49 +02:00
Andrew Kozlik
7277a49047
fix(common): Add new rpId to Binance's FIDO definition.
2021-07-21 13:19:16 +02:00
matejcik
cf15dce326
refactor(core/ethereum): improve API of the rlp module
2021-07-19 13:59:28 +02:00
Andrew Kozlik
24bb401638
fix(legacy,core): Fix operation source account encoding in Stellar.
2021-07-13 17:24:16 +02:00
matejcik
46e0530764
fix(tests): auto-swipe by using only ButtonRequest.pages
...
(cherry picked from commit f8bb90366a
)
2021-07-12 00:39:58 +02:00
Andrew Kozlik
c067618828
fix(common): Fix incorrect SLIP-44 coin type for Bgold and SmartCash Testnets.
2021-06-30 18:25:58 +02:00
Andrew Kozlik
3e9f8a32ac
fix(core): Fix insufficient BIP-32 path checks.
...
- Disable testnet coins from accessing Bitcoin paths.
- Restrict BIP-45 paths to Bitcoin and coins with strong replay protection.
2021-06-30 18:25:58 +02:00
Pavol Rusnak
8cfa5da1ce
docs: fix typos in comments
...
[skip_ci]
2021-06-30 15:41:55 +02:00
gabrielkerekes
db657615f4
fix(cardano): use OrderedMap for output tokens and withdrawals
2021-06-24 08:24:47 +02:00
gabrielkerekes
4e5772662c
fix(cardano): don't allow duplicate withdrawals
2021-06-24 08:24:42 +02:00
gabrielkerekes
3cd2182b69
feat(core): introduce OrderedMap into CBOR serialisation
...
Items of an OrderedMap are included in CBOR as they come without sorting them in any way.
2021-06-24 08:22:39 +02:00
matejcik
015c47d564
chore(core): export PropertyType to fix mypy errors
2021-06-23 11:51:18 +02:00
matejcik
da4442bbd7
feat(core): auto-hexlify in confirm_properties
2021-06-23 11:51:18 +02:00
Martin Milata
178b575465
refactor(core): convert apps.nem to layouts
2021-06-23 11:51:18 +02:00
Martin Milata
dd3b689ded
refactor(core): convert apps.eos to layouts
2021-06-23 11:51:18 +02:00
Martin Milata
3ffbae5d17
refactor(core): convert apps.binance to layouts
2021-06-23 11:51:18 +02:00
Martin Milata
ddac852acf
refactor(core): convert apps.cardano to layouts
2021-06-23 11:51:18 +02:00
Martin Milata
ffb400180d
refactor(core/ui): more consistent layout parameter names
2021-06-23 11:51:18 +02:00
Martin Milata
a143fe34d0
refactor(core): convert apps.lisk to layouts
2021-06-23 11:51:18 +02:00
Martin Milata
ebf6ef1666
refactor(core): convert apps.tezos to layouts
2021-06-23 11:51:18 +02:00
Martin Milata
12478b1716
refactor(core): convert apps.stellar to layouts
2021-06-23 11:51:18 +02:00
Martin Milata
6aeaadfe16
refactor(core): convert apps.ripple to layouts
2021-06-23 11:51:18 +02:00
Martin Milata
16094df0c5
refactor(core): convert most of apps.monero to layouts
...
Progress popups are not ported yet as they're unlike anything else.
Introduces paginate_paragraphs.
2021-06-23 11:51:18 +02:00
Martin Milata
6c926ad82e
refactor(core): convert apps.ethereum to layouts
2021-06-23 11:51:18 +02:00
matejcik
1012ee8497
feat(core): send ButtonRequests for paging events
2021-06-22 11:25:12 +02:00
matejcik
52c34c7364
fix(core): allow caching empty values ( fixes #1659 )
2021-06-11 12:32:13 +02:00
gabrielkerekes
b2de8909d1
fix(core/cardano): reintroduce max tx output size
...
Output size is currently limited to 4000 bytes at protocol level. Given the maximum transaction size Trezor can handle (~9kB), we also want to enforce this size limit here so that when the limit is raised at protocol level again, Trezor would still not be able to produce larger outputs than it could reliably spend. Once Cardano-transaction signing is refactored to be completely streamed and maximum supported transaction size is thus raised, this limit can be lifted.
2021-06-08 15:02:24 +02:00
gabrielkerekes
a92b5fc333
fix(core/cardano): forbid tx outputs with both address and address parameters
2021-06-08 15:02:24 +02:00
gabrielkerekes
597402eab8
refactor(core/cardano): decouple address parameters validation
2021-06-08 15:02:24 +02:00
matejcik
729414e606
fix(core): exclude get/set U2F counter from BITCOIN_ONLY
2021-06-08 09:55:19 +02:00
matejcik
da2ef8ed41
refactor(core): create and use protobuf uvarint writer
2021-06-08 09:55:19 +02:00
Jan Pochyla
a8623c4b59
refactor(core): fix imports and use new protobuf API in apps
2021-06-08 09:55:19 +02:00
Jan Pochyla
02aa14fc04
refactor(core): Switch to new Protobuf API
2021-06-08 09:55:19 +02:00
Pavol Rusnak
23aa69caea
fix(core): unify Features.revision reporting with legacy
2021-06-04 12:50:49 +02:00
matejcik
2fac964a29
chore(common): disable Firo support
2021-06-04 11:38:18 +02:00
Pavol Rusnak
fce3640848
fix(common): remove dead coin Hatch
2021-06-04 10:10:26 +02:00
matejcik
86089fa5ad
feat(core): avoid restarting session for select messages ( fixes #1631 )
2021-06-01 14:07:29 +02:00
Pavol Rusnak
155fc7ac67
fix(core): remove tcDisplay from metadata/trezor-ctap2.json
2021-05-19 14:49:54 +02:00
Pavol Rusnak
d358503676
fix(core): remove txAuthSimple from metadata/trezor-ctap2.json
2021-05-19 14:45:02 +02:00
Martin Milata
c54077a714
fix(core): imports needed for T1 startup
...
Now debug build booted on wiped T1 connects to USB and shows square in
top right corner.
2021-05-17 18:03:07 +02:00
matejcik
1e0a23c133
fix(core/paths): make sure containers are copied along with the numbers they contain
2021-05-06 13:14:21 +02:00
matejcik
ed5c357b78
fix(core): properly cache last successful unlock time
2021-05-06 13:14:21 +02:00
matejcik
959cf7d515
fix(core/homescreen): properly redraw when an outside process kills homescreen
...
This happens with FIDO which does not use the normal workflow management
and so `workflow.close_others()` is never called.
2021-05-06 13:14:21 +02:00
matejcik
f1a54f2108
refactor(core): remove more global imports
2021-05-06 13:14:21 +02:00
matejcik
2cb379108c
refactor(core/homescreen): load homescreen image on-demand
2021-05-06 13:14:21 +02:00
matejcik
f61d7fffa8
fix(core): fix top-level imports in apps.common.passphrase
2021-05-06 13:14:21 +02:00
matejcik
b1e4246b46
refactor(core/webauthn): make sure KEY_AGREEMENT_*KEY is generated once per power-up
...
This is what the spec recommends and it has been the case before
workflow-restarts, when `apps.webauthn.fido2` was imported exactly once
per lifetime.
With workflow-restarts, `fido2` is being imported repeatedly and the
keys regenerated. This does not seem to be a problem per the spec -- a
FIDO workflow will retain the same keys, and non-FIDO workflows can be
seen as unplugs/replugs as far as the FIDO functionality is concerned.
However, regenerating the keys is slow, which is a problem for the
hardware-based unit tests. We can avoid the slowness by returning to the
spec-mandated behavior and generating once per power-up.
2021-05-06 13:14:21 +02:00
matejcik
f6f3c7ffcf
fix(core): prevent flickering when homescreen does not need to redraw
2021-05-06 13:14:21 +02:00
matejcik
aaa3ce6117
fix(core/bitcoin): fix CoinJoin authorization with new cache
2021-05-06 13:14:21 +02:00
matejcik
b387970468
refactor(core/debug): move "wipe with debug build" to boot.py
...
otherwise it gets wiped after every workflow
2021-05-06 13:14:21 +02:00
matejcik
1822aebdb4
feat(core): prefill field_cache in bitcoin app
2021-05-06 13:14:21 +02:00
matejcik
f3db4f2dd3
refactor(core): defragment PathSchema memory usage
2021-05-06 13:14:21 +02:00
matejcik
b1ca6ca848
refactor(core/debug): offload debug configuration from apps.debug
2021-05-06 13:14:21 +02:00
matejcik
e859c13d70
refactor(core): limit global imports in key places
...
so that by importing `apps.base`, we don't pull in the whole circus
2021-05-06 13:14:21 +02:00
matejcik
e629a72c3a
refactor(core): move app registrations to a single handler function
...
apps.webauthn.boot() does not need an if-condition because it's only
called from session.py when the usb interface is enabled
This means that they do not need to be stored in RAM at all. The obvious
drawback is that we need to hand-edit the if/elif sequence, but we don't
register new handlers all that often so 🤷
2021-05-06 13:14:21 +02:00
matejcik
276bb59dba
refactor(core/cardano): update caching mechanism
2021-05-06 13:14:21 +02:00
matejcik
3cdb09c294
refactor(core): modify cache to preallocate all its data
...
also get rid of expensive "wire" import
2021-05-06 13:14:21 +02:00
matejcik
ea505b592c
refactor(core): move empty_bytearray to trezor.utils
2021-05-06 13:14:21 +02:00
gabrielkerekes
6f59892824
refactor(core/cardano): introduce derive_public_key to simplify pub key derivation
2021-04-23 11:09:29 +02:00
gabrielkerekes
905970fd6a
refactor(core/cardano): generalise _paginate_lines
2021-04-23 11:09:29 +02:00
gabrielkerekes
2313293477
feat(core/cardano): add support for catalyst voting registration
2021-04-23 11:09:29 +02:00
Pavol Rusnak
2852b947ec
chore(core): regenerate coins
2021-04-08 14:17:43 +02:00
Martin Milata
ac711fb8ee
style(core): use more recent type annotation syntax
...
https://www.python.org/dev/peps/pep-0585/ - Type Hinting Generics In Standard Collections
https://www.python.org/dev/peps/pep-0604/ - Allow writing union types as X | Y
2021-04-01 11:12:30 +02:00
Martin Milata
8b3ac659a0
style(core): mypy: disable implicit Optional for function arguments
...
https://www.python.org/dev/peps/pep-0484/#union-types
2021-04-01 11:12:30 +02:00
Martin Milata
da72482c2f
refactor(core/ui): get rid of confirm_wipe
2021-03-30 22:34:01 +02:00
Martin Milata
c0174ff217
refactor(core/ui): raise exception on dialog cancel by default
2021-03-30 22:34:01 +02:00
Martin Milata
2b6ea25712
refactor(core): convert rest of apps.bitcoin to layouts
2021-03-30 22:34:01 +02:00
Martin Milata
b1e38fe382
refactor(core): no implicit spaces in render_text
2021-03-30 22:34:01 +02:00
Martin Milata
2a5f5c1c20
refactor(core): convert parts of apps.monero to layouts
2021-03-30 22:34:01 +02:00
Martin Milata
6668921a4f
refactor(core): convert apps.common.request_pin to layouts
2021-03-30 22:34:01 +02:00
Martin Milata
01900b8536
refactor(core): convert parts of apps.webauthn to layouts
2021-03-30 22:34:01 +02:00
Martin Milata
ffe6d65f72
refactor(core): convert parts of apps.management to layouts
2021-03-30 22:34:01 +02:00
Martin Milata
c09a142e2a
refactor(core): convert apps.misc.* to layouts
2021-03-30 22:34:01 +02:00
Martin Milata
6ded531f8f
refactor(core): convert apps.common.sdcard to layouts
2021-03-30 22:34:01 +02:00
Rafael Korbas
a9b8b0e119
feat(core/cardano): chunked serialization of signed transaction
2021-03-26 11:15:19 +01:00
gabrielkerekes
3cb686d452
fix(core/cardano): make witnesses order deterministic
2021-03-26 11:15:19 +01:00
Andrew Kozlik
3084d1196d
feat(core): Support 50 digit PIN and wipe code.
2021-03-25 14:24:41 +01:00
Pavol Rusnak
da7214d82f
fix(common): update support.json to include Firo
2021-03-25 13:39:59 +01:00
matejcik
cb7152542d
feat: drop DebugLinkShowText functionality
2021-03-18 10:59:51 +01:00
Rafael Korbas
74ed5b7018
feat(core/cardano): Implement bech32 asset ids based on CIP-0014
2021-03-18 09:53:33 +01:00
Rafael Korbas
bd4512b53a
fix(core/cardano): Allow stake pool registrations with zero margin
2021-03-18 09:35:08 +01:00
Andrew Kozlik
b10acbe153
feat(core): Allow decreasing output amount in RBF transactions.
2021-03-17 15:15:50 +01:00
Andrew Kozlik
6de20a7dcd
chore(core/bitcoin): Add DecredApprover.
2021-03-17 12:16:08 +01:00
Andrew Kozlik
523b1051c5
chore(core/bitcoin): Add stricter script_type checks in sanitizers.
2021-03-17 12:16:08 +01:00
Andrew Kozlik
6e8eebfc9c
chore(core/bitcoin): Separate Decred-specific scripts from Bitcoin scripts.
2021-03-17 12:16:08 +01:00
JoeGruff
e3ea32a986
multi: Add decred staking.
...
Add two new input and four output script types.
Decred ticket purchases consist of a stake submission, op returns, and
change addresses. Although change addresses are allowed by consensus,
they are no longer used in practice and so have been given the
restrictions of a null pubkey and no value. Stake scripts are almost
identical to p2pkh or p2sh except for an extra opcode in front. Inputs
are currently only used in the form of one input three outputs with the
first output, or stake submission, paying to a public key hash, or with
two inputs and five outputs with the stake submission paying to a
multisig script hash. The op returns are directed to the user in the
case of one and the voting service provider and user in the case of two.
One of the sstx commitment for a ticket must pay back to the trezor
wallet. This is checked and an error is thrown if we don't find the
expected public key hash.
Because this adds the ability to create new types of outputs once the
ticket votes, two new input script types are also needed. A successful
vote will lead to a stake generation script that must be spent, and an
unsuccessful vote will lead to a revocation script that must be spent.
If we allowed stake change scripts to have a valid pubkey, that too
would require another op code, but we disallow those for output.
2021-03-17 12:16:08 +01:00
Pavol Rusnak
6c11bc60d7
common/defs/fido: add namecheap
2021-03-15 17:22:12 +01:00
Andrew Kozlik
850aa56691
docs(core): Add references to SLIPs in the code.
2021-03-09 20:01:59 +01:00
Roman Zeyde
7ce4e13bcf
feat(core): add public_key to ECDHSessionKey
2021-03-08 15:59:00 +01:00
matejcik
ed0ac98970
fix(common/tools): strip "mainnet" from Ethereum network names
2021-03-01 12:05:54 +01:00
Pavol Rusnak
17fa6ab4ec
chore(common): update chains+tokens
2021-03-01 12:05:54 +01:00
Rafael Korbas
ceea21ec1f
feat(cardano): Format stake pool ids as bech32 instead of hex
2021-02-25 16:49:19 +01:00
Rafael Korbas
3197741795
fix(core/Cardano): account index validation in _should_hide_output()
2021-02-25 16:41:12 +01:00
Rafael Korbas
cf871ee754
fix(core/Cardano): do not show change output in byron-shelley transfers
2021-02-25 16:41:12 +01:00
Martin Milata
c28763c169
refactor(core): use reload_settings_from_storage on boot
2021-02-24 00:10:10 +01:00
Martin Milata
9b60cc0098
feat(core): restart loader from current position
...
On "hold to confirm" dialogs, when you hold your finger, lift it, and
quickly hold again, the progress bar jumps to the beginning. This commit
changes the behavior so the progress continues from its current position
of the reverse animation.
2021-02-24 00:10:10 +01:00
Martin Milata
06b9d1314d
fix(core): do not autolock when already locked
...
Gets rid of unnecessary screen redraw.
2021-02-24 00:10:10 +01:00
Martin Milata
192d0dcf87
feat(core): hold homescreen to lock
2021-02-24 00:10:10 +01:00
Buck Perley
682298d7bb
fix(core): add exceptions for unchained capital paths
2021-02-12 21:56:03 +01:00
gabrielkerekes
d4dcd7bff9
fix(core/cardano): allow staking accounts beyond 100'
2021-02-11 09:55:23 +01:00
Andrew Kozlik
e5741ac308
chore(core): Use BufferReader for CBOR decoding.
2021-02-10 23:20:56 +01:00
Andrew Kozlik
ac939c94aa
fix(core/tezos): Implement strict length checking.
...
(cherry picked from commit e7f44ebee8
)
2021-02-10 16:37:26 +01:00
matejcik
6fd355756c
fix(core/stellar): review usages of write_bytes_unchecked
...
(cherry picked from commit 781e9f4db8
)
2021-02-10 16:37:26 +01:00
matejcik
08edbca428
fix(core/eos): review usages of write_bytes_unchecked
...
(cherry picked from commit 5b5ed8cce1
)
2021-02-10 16:37:26 +01:00
Andrew Kozlik
78a2ff16d4
fix(core): In apps.bitcoin ensure that get_address() fails for multisig if user's public key is not included.
...
(cherry picked from commit 77f5e90466
)
2021-02-10 16:37:26 +01:00
Martin Milata
391602ae99
refactor(core): turn show_address, show_pubkey, show_xpub into layouts
2021-02-10 13:57:19 +01:00
Martin Milata
03699f5639
refactor(core): turn show_success, show_warning into layouts
2021-02-10 13:57:19 +01:00
Martin Milata
f38abf9d89
refactor(core): introduce layouts
...
Layouts can be used by the application code to interact with user using
small number of dialogs or other groups of UI components. Each layout is
identified by name and takes some parameters. Most layouts will have an
implementation for each hardware model, mechanism is provided to import
the correct version so that application code can be oblivious to the
model.
This commit introduces the layout concept and converts a couple of
dialogs to use it.
2021-02-10 13:57:19 +01:00
Martin Milata
f1382bf892
refactor(core): model-dependent UI component directories
...
They now live under trezor.ui.components.tt. Later
trezor.ui.components.t1 will be added and application code will be
rewritten to not use them directly in order to work on both TT and T1.
2021-02-10 13:57:19 +01:00
matejcik
73a28e12f2
fix(core): create protobuf messages correctly
2021-02-10 10:56:52 +01:00
matejcik
bf562cfd4b
feat(core/misc): enable typing for misc app
2021-02-10 10:56:52 +01:00
matejcik
ccd241fe55
feat(core/cardano): enable typing for Cardano app
2021-02-10 10:56:52 +01:00
Pavol Rusnak
18b51b856b
common/fido: update icons for github, mojeid and slushpool ( #1456 )
2021-02-08 16:51:49 +01:00
Rafael Korbas
e4c406822c
Add multiasset sending and min validity to Cardano transactions
2021-01-27 18:26:40 +01:00
Andrew Kozlik
79fad70b05
fix: Improve wording when showing multisig XPUBS.
2021-01-26 15:09:37 +01:00
Rafael Korbas
44c7d23741
Cardano: map account paths to account numbers
2021-01-22 14:45:29 +01:00
Pavol Rusnak
7f0e939359
feat(core): implement amount_unit for AuthorizeCoinJoin and SignTx
2021-01-22 14:07:36 +01:00
Pavol Rusnak
e85ed74f8f
core: implement GetAddress.ignore_xpub_magic
2021-01-21 23:46:29 +01:00
Pavol Rusnak
4ed714ba47
common/defs: add xpub_magic_multisig_segwit_{native,p2sh} fields to coins
2021-01-21 23:46:29 +01:00
Rafael Korbas
3a7a8e4d77
Disable "at least one output" restriction for Cardano, warn instead
2021-01-20 16:00:30 +01:00
mcudev
b8ffcadf94
common/defs/fido: add gemini webauthn ( #1416 )
2021-01-19 14:15:19 +01:00
matejcik
ed628ac4ba
feat(core): make usb endpoints registration nicer
2021-01-12 14:18:13 +01:00
matejcik
fc4e15fe77
feat(core): introduce and enforce limit on label length ( fixes #1399 )
2021-01-12 11:22:58 +01:00
matejcik
e4b113b4bb
fix(core/monero): make sure to pass strings to rendering
2021-01-11 16:47:59 +01:00
matejcik
fd502f122f
feat(core): implement pagination for sign/verify
2021-01-11 16:47:59 +01:00
matejcik
bbef9c650b
refactor(core): improve render_text behavior
...
* use less memory due to copy-less rendering
* implement linebreaking on embedded \n
2021-01-11 16:47:59 +01:00
Martin Milata
fa2e672f98
chore(core): monero: drop extraneous async/await
2021-01-11 12:14:13 +01:00
Pavol Rusnak
5728f54b78
core: return root_fingerprint in PublicKey
2021-01-08 14:17:09 +01:00
Pavol Rusnak
92452d54e5
feat(core): implement GetPublicKey.ignore_xpub_magic behaviour
2021-01-08 14:17:09 +01:00
Pavol Rusnak
e660a518c6
fix(core): show xpub instead of pubkey in GetPublicKey dialog
2021-01-08 14:17:09 +01:00
Andrew Kozlik
a609eb5e90
docs(core): Add comment about "Invalid original TXID" message.
2020-12-17 16:33:33 +01:00
Andrew Kozlik
06ce14096c
chore(core): Reject replacement transactions which involve negative
...
fees.
2020-12-17 16:33:33 +01:00
Andrew Kozlik
aeb021b159
chore(core): Improve naming of SLIP39's T9 mask lookup.
2020-12-15 13:41:42 +01:00
Pavol Rusnak
1e8673bf5f
style(core/apps): use new syntax for typing
2020-12-01 15:52:29 +01:00
Martin Milata
ee64b65b26
refactor(core): call super().__init__() in subclasses
2020-11-30 14:48:08 +01:00
Martin Milata
fa1566cb71
refactor(core): call super().__init__() in Component and Layout subclasses
2020-11-30 14:48:08 +01:00
Pavol Rusnak
952adc5961
style(core): use PEP515 Underscores in Numeric Literals
2020-11-23 14:30:16 +01:00
matejcik
58387a5f04
fix(common): drop Zilliqa token ( fixes #1318 )
2020-11-20 18:55:35 +01:00
matejcik
a89494f60c
chore(core): regenerate network and tokens lists
2020-11-20 18:55:35 +01:00
matejcik
4628c774aa
feat(core): re-allow unknown Ethereum networks, using Ethereum or Testnet paths ( fixes #1335 )
2020-11-20 18:55:35 +01:00
matejcik
7abe70e484
feat(core): improve ethereum tokens ui ( fixes #800 )
2020-11-20 18:55:35 +01:00
Rafael Korbas
b311bd4d4a
Add displaying of TTL to cardano transaction, align url validation with Ledger
2020-11-20 15:58:50 +01:00
Rafael Korbas
b261f789f3
Add support for stakepool registration to Cardano
2020-11-20 15:58:50 +01:00
Andrew Kozlik
f421a213fd
feat(core): Inform user about transaction finalization in Bitcoin replacement transactions.
2020-11-20 13:52:48 +01:00
Pavol Rusnak
c6e78e525a
fix: remove PIVX ( #1359 )
2020-11-20 12:12:42 +01:00
matejcik
e6a1bf840f
fix(core): do not subclass range
...
micropython on real hw dislikes it for some reason
also it's completely unnecessary
2020-11-13 16:01:35 +01:00
Pavol Rusnak
50fdd183c2
ci: enable editorconfig checks, fix whitespace issues
2020-11-11 14:43:50 +01:00
matejcik
37d3bf56fa
fix(core): make sure run-time settings are reset after wipe ( fixes #1322 )
2020-11-05 15:33:38 +01:00
matejcik
50e648636f
doc(core): add references to schema specifications, add Purpose48 document
2020-11-05 14:30:11 +01:00
matejcik
665abe1e02
fix(core/bitcoin): validate path before asking to sign message (which could otherwise fail)
2020-11-05 14:30:11 +01:00
matejcik
f10084117b
feat(core/bitcoin): do not show path warning when GetAddress is called silently ( fixes #1206 )
2020-11-05 14:30:11 +01:00
matejcik
5a97a5111b
feat(core/ethereum): add SEP5 path schema as well as the compat schema
2020-11-05 14:30:11 +01:00
matejcik
a367426480
feat(core/bitcoin): use path schemas
2020-11-05 14:30:11 +01:00
matejcik
c0879f8625
feat(core/cardano): use path schemas
2020-11-05 14:30:11 +01:00
matejcik
f5c8138df6
feat(core): update most apps to use path schemas
2020-11-05 14:30:11 +01:00
matejcik
4ca8f7b0d6
style(core): use relative imports everywhere
...
except Monero, which has a rather complex structure and I don't want to
search&replace mess with it in case some of the things break memory
layout
2020-11-05 14:30:11 +01:00
matejcik
7fe5c804ff
feat(core): implement BIP-32 path schemas
2020-11-05 14:30:11 +01:00
Andrew Kozlik
70975008cd
chore (core): In apps.bitcoin skip confirmation of fee in PayJoin if the user is not increasing their contribution.
2020-10-23 15:07:15 +02:00
Andrew Kozlik
b213a55428
chore(core): In apps.bitcoin move h_inputs back to bitcoin class.
2020-10-23 15:07:15 +02:00
Andrew Kozlik
4a0c5c371a
feat(core): In apps.bitcoin implement replacement transaction flow.
2020-10-23 15:07:15 +02:00
Andrew Kozlik
bd3fe1d789
chore(core): In apps.bitcoin create a separate class for transaction information.
2020-10-23 15:07:15 +02:00
Andrew Kozlik
469c131678
chore(core): In apps.bitcoin add confirm_replacement and confirm_modify_fee layouts.
2020-10-23 15:07:15 +02:00
Andrew Kozlik
7c2d690e45
chore(core): In apps.bitcoin allow get_tx_digest() to be used for original transactions.
2020-10-23 15:07:15 +02:00
Andrew Kozlik
5fc491c597
chore(core): In apps.bitcoin move BIP143 hashing back to a separate class.
2020-10-23 15:07:15 +02:00
Andrew Kozlik
9a594f4784
fix(core): Fix CoinJoin anonymity gain check in bitcoin approver.
2020-10-16 19:16:37 +02:00
Martin Milata
830592f2d9
feat(core): add experimental_features setting
...
The setting is off by default. When it is enabled protobuf messages
marked UNSTABLE are rejected after decoding.
2020-10-16 13:53:31 +02:00
Pavol Rusnak
d8534b5ee6
perf(core/extmod): replace HMAC Python implementation with C
...
We keep Python implementation of HMAC for Monero in
core/src/apps/monero/xmr/crypto/__init__.py
2020-10-12 16:33:13 +02:00
Martin Milata
542f32d3b1
feat(core): add auto_lock_delay and display_rotation to Features
2020-10-02 11:06:16 +02:00
matejcik
e4785d47e0
style: apply black 20.8b1
2020-09-29 11:30:40 +02:00
Rafael Korbas
2173ad97bc
Refactor t<page number> to page<page_number> in cardano get_address call
2020-09-29 08:55:28 +02:00
Rafael Korbas
66dbdc2462
Enforce network id/protocol magic consistency for cardano show address
2020-09-29 08:55:28 +02:00
Juraj Muravsky
638977db7d
Swap path with address type on screen in cardano get address
2020-09-29 08:55:28 +02:00
matejcik
0eed360037
chore: make tx type names shorter
...
as suggested by @andrewkozlik:
TxAckInputType -> TxInput
TxAckOutputType -> TxOutput
TxAckPrevTxType -> PrevTx
TxAckPrevInputType -> PrevInput
TxAckPrevOutputType -> PrevOutput
2020-09-23 16:00:10 +02:00
matejcik
244b264b47
chore(core): fix typing and kwargs usage
2020-09-23 16:00:10 +02:00
matejcik
37025e2a84
feat(core): use specialized protobufs in apps.bitcoin, enable typing
2020-09-23 16:00:10 +02:00
matejcik
6ba08526e1
fix(core): fix type annotations on CoinInfo
2020-09-23 16:00:10 +02:00
Pavol Rusnak
f8489f16e4
fix(common/defs): remove FSN, ICX which migrated to mainnet
2020-09-23 11:31:09 +02:00
Martin Milata
cff4955f93
core: implement SafetyChecks.PromptTemporarily
...
Also reword safety checks confirmation dialogs.
2020-09-18 09:02:40 +02:00
Martin Milata
9d2ad96ad4
core: add SafetyCheckLevel to Features
2020-09-18 09:02:40 +02:00
Andrew Kozlik
295710c37d
core/bitcoin: Check ownership proofs using the provided commitment data.
2020-09-08 19:36:10 +02:00
Dusan Klinec
9d7b0bf50c
xmr: fix new transaction type for CLSAG, HF=13
2020-09-07 17:50:38 +02:00
Andrew Kozlik
dad2852db9
core/bitcoin: Stream prev_tx after confirmation.
2020-09-04 14:36:39 +02:00
Tomas Susanka
ebc99435ab
Revert "core: remove ownership messages from the public api for now"
...
This reverts commit 0d5f00668f
.
2020-09-03 14:56:27 +02:00
Tomas Susanka
b99b8b3df3
Merge remote-tracking branch 'origin/release/2020-09'
2020-09-03 13:17:23 +02:00
Tomas Susanka
19461398d7
core/cardano: reuse derived Shamir seed ( fixes #1007 )
2020-09-01 16:14:41 +02:00
Tomas Susanka
0d5f00668f
core: remove ownership messages from the public api for now
2020-09-01 15:56:57 +02:00
matejcik
4909821f35
core: implement EndSession
2020-08-28 15:37:06 +02:00
Martin Milata
df5421e7d6
common/defs: update maxfee_kb to 10USD/tx
...
Except bitcoin.
(cherry picked from commit f51fac3410
)
2020-08-25 18:06:54 +02:00
Martin Milata
f51fac3410
common/defs: update maxfee_kb to 10USD/tx
...
Except bitcoin.
2020-08-25 18:05:29 +02:00
Pavol Rusnak
41f5237967
common/defs: enable extra_data for FLO
...
(cherry picked from commit 534695313c
)
2020-08-24 11:08:02 +02:00
Pavol Rusnak
534695313c
common/defs: enable extra_data for FLO
2020-08-24 11:06:12 +02:00
Andrew Kozlik
f2d669ecdc
core/bitcoin: Use dynamic dispatch for confirmation dialogs in sign_tx.
2020-08-21 21:30:15 +02:00
Andrew Kozlik
02da5b7593
core/bitcoin: Show warning if nLockTime is set but ineffective due to all nSequence values being 0xffffffff.
2020-08-21 21:30:15 +02:00
Pavol Rusnak
cdf0f68bb0
core: show passphrase on device
2020-08-21 21:30:15 +02:00
Martin Milata
1b982659c4
core: fix boot loop after uploading invalid homescreen ( #1205 )
2020-08-21 12:00:42 +02:00
Pavol Rusnak
0620911e46
core: allow spending coins from Bitcoin paths if the coin ...
...
has implemented strong replay protection via SIGHASH_FORKID
2020-08-21 11:49:03 +02:00
Alexis Hernandez
96c38315df
common/defs: enable extra_data for XSN ( #1208 )
2020-08-20 20:40:30 +02:00
gabrielkerekes
431a25b119
Add Cardano README.md
2020-08-20 16:02:10 +02:00
Pavol Rusnak
c3ce9de3ea
core: regenerate coins+tokens
2020-08-19 19:29:18 +02:00
Martin Milata
3f21e8f400
core: display coin name when signing message
...
Also when verifying message.
2020-08-18 13:45:49 +02:00
Martin Milata
927ee0812b
core: add hard limit for transaction fees
...
The hard limit is set to 10*fee_warning_threshold. The limit is not
enforced when `safety_checks` is set to "Prompt".
2020-08-17 16:12:33 +02:00
Tomas Susanka
c9dc38c9f3
core: allow 49/x not 49/x' for Casa
2020-08-17 08:54:08 +02:00
Pavol Rusnak
4e11735d22
core/modtrezorui: remove prefill from text functions
...
use display.bar where needed to prefill the areas
2020-08-07 15:08:14 +02:00
matejcik
51ea8ccecd
common: update token support
2020-08-07 11:49:26 +02:00
matejcik
cea634158a
core: make sure Homescreen is properly initialized ( fixes #1095 )
2020-08-05 14:22:06 +02:00
Tomas Susanka
16827c3135
core: make templates
2020-08-05 13:55:36 +02:00
gabrielkerekes
afa26e7560
Use correct paths for Cardano Byron witnesses
2020-08-04 20:35:13 +02:00
Andrew Kozlik
292d909235
core/base: Implement CancelAuthorization message.
2020-08-04 17:32:44 +02:00
matejcik
cd86f9f477
core/bitcoin: make change check more robust against short paths
2020-08-04 17:32:44 +02:00
Andrew Kozlik
07d9b780a6
core/bitcoin: Change CoinJoin round ID length to 32 bytes and remove rate limiting.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
377bff68f4
core/bitcoin: Implement DoPreauthorized message.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
b9cfecb8b8
core/bitcoin: Support preauthorization in SignTx message for CoinJoin.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
97fc9b74ab
core/bitcoin: Implement CoinJoinApprover.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
d6ee542deb
core/bitcoin: Move transaction confirmation logic from Bitcoin to BasicApprover class.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
00258f2d4d
core/bitcoin: Support preauthorization in GetOwnershipProof message.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
c772de9d3c
core/bitcoin: Support preauthorization in @with_keychain decorator.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
208283e13e
core/bitcoin: Implement AuthorizeCoinJoin message.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
48a331aa1d
core/bitcoin: Add CoinJoinAuthorization class.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
dc32a17335
core/bitcoin: Move BIP32_WALLET_DEPTH to common.
2020-08-04 17:32:44 +02:00
gabrielkerekes
683d7420ff
Fix Cardano Shelley public key validation
...
In Shelley Cardano started using the purpose 1852'. Unfortunately,
we completely missed that the public key path validation fuction checks
for purpose 44' explicitly, which means that the user is shown a warning
when deriving public key with the purpose 1852'. Which is always when
"logging in" to a wallet. This commit should fix that.
I've also updated type hinting in get_public_key.
2020-08-04 13:03:57 +02:00
Gabriel Kerekeš
c0eba979c6
Fix bare 'except' style error - catch Exception instead
...
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
2020-07-30 17:17:03 +02:00
gabrielkerekes
7a1e773b49
Validate transaction metadata
2020-07-30 17:17:03 +02:00
gabrielkerekes
f2ee450410
Include metadata in transaction signing
2020-07-30 17:17:03 +02:00
gabrielkerekes
0438f318b4
Bring back cbor.Raw - to be used for metadata
2020-07-30 17:17:03 +02:00
gabrielkerekes
1ed8b56b7c
Include Byron witness once for each input path
2020-07-30 17:17:03 +02:00
gabrielkerekes
7bf5cab840
Update sign_tx
...
Add certificates, withdrawals and metadata hash
2020-07-30 17:17:03 +02:00
gabrielkerekes
a25444efd1
Move to_account_path() to utils
2020-07-30 17:17:03 +02:00
Andrew Kozlik
7d07161efe
common/fido: Unify application labeling between U2F and FIDO2.
2020-07-30 15:29:54 +02:00
Martin Milata
d955e3f1e5
core: rename class Overwintered to Zcashlike
2020-07-30 15:14:18 +02:00
Martin Milata
10387e1869
core: drop zcash v3 tx signing support
2020-07-30 15:14:18 +02:00
gabrielkerekes
6d02aa23d9
Raise wire.DataError when deriving invalid address type
2020-07-30 14:43:32 +02:00
gabrielkerekes
b5f3511c1c
Add support for script addresses in tx outputs
2020-07-30 14:43:32 +02:00
gabrielkerekes
f1b6056edb
Fix staking key hash message
...
When deriving an address with a foreign staking key Trezor would crash
due to forgotten `decode()` on hexlified staking key hash which was to
be displayed.
This wasn't discovered while testing because it weirdly would pass with
a `aaff00` string, but not with longer ones.
2020-07-30 14:43:32 +02:00
matejcik
c008600d08
core/debug: fail if wait_layout is sent without watch_layout
2020-07-29 11:50:47 +02:00
Martin Milata
3021233eaf
core: remove unimports from bitcoin sign_tx layouts
2020-07-28 10:51:28 +02:00
Pavol Rusnak
cec87bba50
core: remove mono bold font variant (not used anywhere)
2020-07-27 23:22:34 +02:00
matejcik
4eb5b927c0
core/cardano: simplify keychain implementation
2020-07-27 13:24:51 +02:00
Gabriel Kerekeš
d2c1624602
Cardano shelley update 2/3 ( #1112 )
2020-07-27 13:11:23 +02:00
gabrielkerekes
e1615e60ec
Update Cardano to support Shelley era 1/3
...
Update protobuf
- Previous transactions don't need to be sent anymore, because fee is
included in the transaction now. Thus transactions_count can be
removed from CardanoSignTx message and the CardanoTxAck and
CardanoTxRequest messages can be removed altogether.
- CardanoTxInputType.type is unused so remove it
Add NULL (None type) serialisation to CBOR
- Transaction metada must either have a valid structure or CBOR NULL
must be used (if metadata is empty) - it can't be simply left out.
Add protocol_magics file
- Just to have a nicer way of representing protocol magics
Update transaction signing
- Previous transactions no longer need to be requested
- Output building is simplified, since fee doesn't need to be calculated
- Remove transaction class since it is no longer needed (only functions
remained)
- Reorder functions so it reads top to bottom
Add protocol magic to byron address on testnet
- This has always been a part of the spec, but it hasn't been
implemented before, because it wasn't really needed.
Update trezorlib
Update tests
- Transaction messages are no longer required
- Expected values are different since tx format changed
- Common values in test cases have been extracted
Remove unused file
- Progress was used when receiving previous transactions
Add CRC check to output address validation
2020-07-27 13:04:49 +02:00
matejcik
fdcb64ac24
all: rename protobuf unsafe_prompts
to safety_checks
2020-07-24 16:37:58 +02:00
matejcik
19ad1dae8b
core/bitcoin: allow compatibility namespaces for Casa/Greenaddress
2020-07-24 16:37:58 +02:00
matejcik
b741560997
core/bitcoin: drop unused validate_path_for_bitcoin_public_key
2020-07-24 16:37:58 +02:00
matejcik
407375b0c4
core/bitcoin: move BITCOIN_NAMES to common
2020-07-24 16:37:58 +02:00
matejcik
fd8cb0e061
core/keychain: differentiate error message for ed25519 derivation
2020-07-24 16:37:58 +02:00
matejcik
57b08c98ed
core: raise error on setting passphrase-on-device without passphrase
2020-07-24 16:37:58 +02:00
matejcik
c85d768b81
core: update references to keychain everywhere
2020-07-24 16:37:58 +02:00
matejcik
ff4ec2185e
core: refactor keychain to only support one curve at a time
...
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-24 16:37:58 +02:00
matejcik
8e44132d3c
core: replace load_settings with individual setters
2020-07-24 16:37:58 +02:00
matejcik
1109250dcf
core: add option to allow unsafe prompts
2020-07-24 16:37:58 +02:00
Martin Milata
03f2dab6bc
core: reduce gc.collect calls during bitcon sign_tx
2020-07-24 15:35:09 +02:00
matejcik
5e7fd3aea6
core: use utils.BufferReader instead of apps.common.BytearrayReader
2020-07-24 14:09:31 +02:00
matejcik
a000ea5ec8
core/monero: update Monero app to use synchronous protobuf
2020-07-24 14:09:31 +02:00
matejcik
d568afa80d
core: improve protobuf field caching
2020-07-24 14:09:31 +02:00
Martin Milata
fd117a0c9f
core: raise error on auto-lock value out of range
2020-07-22 21:38:42 +02:00
matejcik
051763575d
core: touch idle timer in keyboards ( fixes #1099 )
2020-07-10 14:05:52 +02:00
Andrew Kozlik
eb28998f98
core/bitcoin: Support multiple change-outputs.
2020-07-09 15:51:23 +02:00
Andrew Kozlik
37f4dcc7e5
core/bitcoin: Rename witness_p2wsh() to witness_multisig().
2020-07-03 11:17:19 +02:00
Andrew Kozlik
9cd600f79e
core/bitcoin: Add special confirmation screen for transactions with external inputs.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
64d9350de2
core/bitcoin: Implement GetOwnershipId message.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
712ec68c1b
core/bitcoin: Add support for external inputs with proof of non-ownership.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
d4317d1536
core/bitcoin: Implement generation and verification of SLIP-0019 proofs of ownership.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
d52de28704
core/bitcoin: Implement BIP-322 SignatureProof container.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
d48a372ca7
core/sign_tx: Implement support for signed external inputs.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
78f14d286e
core/sign_tx: Factor out get_legacy_tx_digest() from sign_nonsegwit_input().
2020-07-03 11:17:19 +02:00
Andrew Kozlik
61e2d4d5e5
core/bitcoin: Implement signature verifier.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
5378e12ba2
core/bitcoin: Clarify hash_type vs. sighash_type terminology.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
d1e043f417
core/bitcoin: Implement parsing of scripts and witnesses for signature verification.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
173bb7ed13
core/bitcoin: Replace TxInputType parameter in input_derive_script.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
a901573ea2
core/bitcoin: Move script types from helpers to common.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
3b6c1e5e6b
core/crypto: Add functions for verifying DER encoded signatures.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
9459c5a5c2
core/common: Add BytearrayReader and basic reader functions.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
99f01cd316
core/sign_tx: Check script_pubkeys of inputs.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
e7f230d66e
core/sign_tx: Use varint length encoding for witness stack items.
2020-07-03 11:17:19 +02:00
Tomas Susanka
0f9a2459d3
core: make QR code smaller for Monero
2020-07-01 17:20:04 +00:00
matejcik
e6e3043096
all: implement support for pre-overwinter prevtx ( fixes #1030 )
2020-06-30 15:19:31 +02:00
Tomas Susanka
e534ae3ad7
legacy, core: rename Features.pin_cached to unlocked and unify
2020-06-19 21:26:36 +02:00
Tomas Susanka
a6acefbdf5
core: wipe before reset and recovery; introduce 'intialized' field
2020-06-16 11:31:29 +02:00
Andrey
1eeaa1e5cf
Enable extra_data for Zcoin. Changed coininfo.py
2020-06-15 09:53:00 +02:00
Tomas Susanka
b67be7dd9e
core: forbid all settings if not initialized
2020-06-11 18:47:01 +02:00
Tomas Susanka
981d079d7f
core/signverify: add failsafe for an empty message header
2020-06-11 09:08:50 +02:00
Tomas Susanka
56fe5adcfc
Merge branch 'release/2020-06'
2020-06-10 06:51:18 +00:00
Pavol Rusnak
5262ef84cf
common/defs/fido: add aws and tutanota
2020-06-05 14:53:13 +02:00
matejcik
7579ac5274
core: fix rendering issues in homescreens
2020-06-04 16:18:46 +02:00
matejcik
872e0fb0e0
core: lower scheduler resolution to milliseconds
...
This avoids problems with large timeouts causing the scheduler queue to
think the time counter has overflown, and ordering the autolock task before
immediate tasks.
The maximum reasonable time difference is 0x20000000, which in
microseconds is ~8 minutes, but in milliseconds a more reasonable ~6
days.
2020-06-04 16:18:46 +02:00
matejcik
847691798b
core: simplify homescreen and lockscreen implementations
2020-06-04 16:18:46 +02:00
matejcik
4bc865794f
core: only unlock storage if it is locked (solves determinism issue in tests)
2020-06-04 16:18:46 +02:00
matejcik
70f67883c5
core: fix artifacts in click-based UI tests
2020-06-04 16:18:46 +02:00
matejcik
bc9247e18d
core: add Cancel to a list of allowed messages while locked
2020-06-04 16:18:46 +02:00
matejcik
f32c2f9e23
core: replace workflow.kill_default with workflow.close_others
2020-06-04 16:18:46 +02:00
matejcik
01832d5ae9
core: call close_others() in place of ButtonRequest
...
this makes sense, really: close_others() requests UI exclusivity, and
that is something that generally happens at the same places we emit a
ButtonRequest
2020-06-04 16:18:46 +02:00
matejcik
6f53ca0ac6
core: rework wait_layout()
...
The original wait_layout was unreliable, because there are no guarantees
re order of arrival of the respective events. Still, TT's event handling
is basically deterministic, so as long as the host sent its messages
close enough to each other, the order worked out.
This is no longer the case with the introduction of loop.spawn: TT's
behavior is still deterministic, but now ButtonAck is processed *before*
the corresponding wait_layout, so the waiting side waits forever.
In the new process, the host must first register to receive layout
events, and then receives all of them (so the number of calls to
wait_layout must match the number of layout changes).
DebugLinkWatchLayout message must be version-gated, because of an
unfortunate collection of bugs in previous versions wrt unknown message
handling; and this interests us because upgrade-tests are using
wait_layout feature.
2020-06-04 16:18:46 +02:00
matejcik
5d823ff5ea
core: use ButtonRequestType.PinEntry for PIN entry
2020-06-04 16:18:46 +02:00
matejcik
42e7c43c7c
core: make sure that auto-lock shuts down running workflows
2020-06-04 16:18:46 +02:00
matejcik
2d0206c043
core: replace workflow.on_start/on_close with workflow.spawn
2020-06-04 16:18:46 +02:00
matejcik
a4f47ddd21
core/lockscreen: ignore exception when user taps "unlock" and then cancels
2020-06-04 16:18:46 +02:00
matejcik
7ff1251ee1
core: dim lockscreen ( fixes #974 )
2020-06-04 16:18:46 +02:00
matejcik
4035aad51b
core: implement auto-lock after a configurable timeout ( fixes #75 )
2020-06-04 16:18:46 +02:00
Andrew Kozlik
5469acfabf
core/webauthn: Cache user verification for 3 minutes.
2020-06-04 16:18:46 +02:00
Andrew Kozlik
b867ac1d01
core/webauthn: Implement FIDO2 unlocking from softlock.
2020-06-04 16:18:46 +02:00
Andrew Kozlik
0f81886c9f
core/webauthn: Allow confirm_dialog() to return a new state as an alternative to the user response.
2020-06-04 16:18:46 +02:00
Andrew Kozlik
c8ae5c157e
core/webauthn: Implement U2F unlocking from softlock.
2020-06-04 16:18:46 +02:00
matejcik
06aed7135a
core: do not prompt for PIN just to lock the device again
2020-06-04 16:18:46 +02:00
matejcik
246998910a
core: refactor usage of input_signals
...
this prevents a certain class of UI test failure. It also localizes the
use of debuglink signals into the layout classes instead of call sites,
which is a design we were already using for confirm_signals
2020-06-04 16:18:46 +02:00
matejcik
afeeafd5cd
core: hide some fields when softlocked
2020-06-04 16:18:46 +02:00
matejcik
b9bd9ea3d0
core: only softlock when PIN is set
2020-06-04 16:18:46 +02:00
matejcik
a9ddc2a8e2
core/boot: modify initial lockscreen label
2020-06-04 16:18:46 +02:00
matejcik
09af8aed4e
core: consider lockscreen to be a separate homescreen
...
this involves some changes to the workflow defaults:
* workflow.start_default() takes no arguments
* workflow.set_default() (originally replace_default) configures the
default that will be started by next call to start_default().
The intended usecase is to set_default() first and then start it
separately.
* apps.base.set_homescreen() factors out the logic originally in
main.py, that decides which homescreen should be launched. This uses
set_default() call. start_default() is then used explicitly in main.py
2020-06-04 16:18:46 +02:00
matejcik
d73480bc9d
core: introduce PIN soft-locking
2020-06-04 16:18:46 +02:00
matejcik
04c8b2803d
core: refactor homescreen app, include lockscreen in it
2020-06-04 16:18:46 +02:00
matejcik
9197623d83
core: factor out the decision whether to lock the device
2020-06-04 16:18:46 +02:00
matejcik
32fcc4ad9c
core: make verify_user_pin accept a Context argument
2020-06-04 16:18:46 +02:00
matejcik
8ca7ffc3b8
core: use wire.PinCancelled/PinInvalid instead of custom versions
...
also refactor show_pin_invalid and its usages so that it raises directly
note that we are now using PinCancelled instead of ActionCancelled where
appropriate
2020-06-04 16:18:46 +02:00
matejcik
eabfcab9b9
core: add default messages to some error codes
2020-06-04 16:18:46 +02:00
matejcik
341c5b7d10
core/wire: make handler lookup pluggable
2020-06-04 16:18:46 +02:00
matejcik
d5e45c02bb
core: move base functions from "homescreen" app to "base"
2020-06-04 16:18:46 +02:00
matejcik
bd5b3a3f21
common: drop Theta and VeChain ERC tokens, refresh market caps
...
fixes #1022
fixes #1023
2020-05-29 12:12:30 +02:00
matejcik
5209804fc3
core: relax path checks on GetPublicKey
...
(cherry picked from commit 554d8949f5
)
2020-05-27 06:58:30 +00:00
matejcik
554d8949f5
core: relax path checks on GetPublicKey
2020-05-27 08:56:50 +02:00
matejcik
d59ffe553f
make gen
2020-05-25 16:14:05 +02:00
Andrew Kozlik
42eddf8e04
core/sign_tx: validate prevout amount in all cases
2020-05-24 14:36:38 +00:00
Andrew Kozlik
7db3e930d4
core/sign_tx: Add further message sanitization checks.
2020-05-24 14:36:37 +00:00
matejcik
72ef86d79a
all: enable extra_data for komodo
2020-05-24 14:36:37 +00:00
matejcik
7a3637d5b0
core/sign_tx: add checks for version_group_id and branch_id fields
2020-05-24 14:36:37 +00:00
Tomas Susanka
9dfc08ca61
core/bitcoin: drop decred_script_version
2020-05-21 19:14:39 +02:00
matejcik
eeb46eabca
common: refresh token list
2020-05-21 13:29:13 +02:00
matejcik
2f665c8f84
core: add exception to GetPublicKey for PSBT master fingerprint ( fixes #999 )
2020-05-21 13:26:53 +02:00
Tomas Susanka
a2f790167d
core/bitcoin: fix step 1 and 2 comments in signing
2020-05-19 12:58:45 +00:00
Tomas Susanka
1ac0f60550
core: update isort config to place relative imports last
2020-05-18 14:31:51 +02:00
Tomas Susanka
aa115b6320
core: move decred writers to decred.py
2020-05-18 14:31:51 +02:00
Tomas Susanka
3084ee1eed
core/bitcoin: move write_bitcoin_varint to common writers
2020-05-18 14:31:51 +02:00
Tomas Susanka
445f56d387
core/bitcoin: finalize bitcoin refactor
...
- core/bitcoin: move common files to the app's root
- core/bitcoin: use require_confirm instead of confirm
- core: move bitcoin unrelated functions from 'bitcoin' to a new 'misc' app
- core/bitcoin: use relative imports inside the app
- core: rename wallet app to bitcoin
- core/wallet: replace SigningErrors and the other exception classes with wire.Errors
2020-05-18 14:31:51 +02:00
matejcik
de9e73dcbc
core/tests: update unit tests for new keychain API
2020-05-15 14:08:29 +02:00
matejcik
f3f6e2101a
core/cardano: explanation about seed derivation
2020-05-15 14:08:29 +02:00
matejcik
a31b2cd1bc
core/wallet: implement keychain for apps.wallet
2020-05-15 14:08:29 +02:00
matejcik
0dff3853a7
core/ethereum: introduce custom keychain decorators
2020-05-15 14:08:29 +02:00
matejcik
b594248ac2
core: use new keychain decorators where appropriate
2020-05-15 14:08:29 +02:00
matejcik
fd9e945308
core/cardano: use caching decorators and new Keychain API for Cardano as well
2020-05-15 14:08:29 +02:00
matejcik
7541d529a3
core: refactor keychain API, introduce SLIP44 decorator
2020-05-15 14:08:29 +02:00
Dusan Klinec
6b8fc9c894
xmr: major protocol upgrade, CLSAG support added
...
- CLSAG signature scheme added
- type hints added
xmr: optimize protocol, send only required data
- real_out_additional_tx_keys contains only one element as nothing more is needed during signature
- only src_entr.outputs[index] is HMACed and always present. Other outputs are present only if needed which reduces comm and CPU overhead.
- getting rid of subaddresses dictionary (memory requirements), now subaddr indices are present per source entry so keys are computed when needed
xmr: prepare for permutation sending removal, specify index
- specify source entry ordering index prior sorting by key images as original HMAC keys are generated based on these.
- permutation checked just by valid HMACs, size of the set, key image sort order
- sending permutation is now deprecated, will be removed in the following protocol versions
- more strict state transition checks, guard strict check with respect to steps ordering
2020-05-13 11:13:19 +02:00
Andrew Kozlik
3de565c33c
core/sign_tx: In write_tx_header() rename has_segwit parameter to witness_marker and clarify usage.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
846116a666
core/sign_tx: Improve comments.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
7370077d0c
core/sign_tx: Get rid of internal TxOutputBinType messages.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
9f9618944a
core/sign_tx: Explicitly pass script to write_tx_input() instead of setting it in txi.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
04bdf1dc6c
core/sign_tx: Remove unused index parameters.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c9814e50ba
core/sign_tx: Set decred_script_version to 0 by default for decred coins.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
dccf415e0b
core/sign_tx: Add write_tx_output() to signer class and override it in Decred.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
bdd1d25979
core/sign_tx: Require change-outputs to be for a non-zero amount.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d5faeb3f51
core/sign_tx: Clarify sign_nonsegwit_input().
2020-05-06 13:18:32 +02:00
matejcik
9005093435
core/sign_tx: improve documentation on MatchCheckers
2020-05-06 13:18:32 +02:00
matejcik
0209768ff2
core/sign_tx: improve type hints
2020-05-06 13:18:32 +02:00
matejcik
ff41e5c304
core/sign_tx: improve signer selection readability
2020-05-06 13:18:32 +02:00
Andrew Kozlik
8b89a30955
core/sign_tx: Remove get_prevouts_hash(), get_sequence_hash(), get_outputs_hash() methods from signer classes, because they are only used internally.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
22933587be
core/sign_tx: Merge bip143 classes into signer classes.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
6ad3baeab2
core/sign_tx: Refactor BIP-143 signing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d58cd3987b
core/sign_tx: Minor updates based on code review.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
be39f271b0
core/sign_tx: Rework transaction footer writing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
b60f267da9
core/sign_tx: Rework transaction header writing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c1effcc374
core/sign_tx: Updates based on code review.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c2a0f83558
core/sign_tx: Move script derivation to scripts module.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
be7e98aa47
core/sign_tx: Move Bitcoin class to bitcoin.py.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
a07e125793
core/sign_tx: Consolidate wallet path and multisig fingerprint checking.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
27e6720f3d
core/sign_tx: cleanup
2020-05-06 13:18:32 +02:00