arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-17 11:58:13 +00:00
Code Issues Releases Wiki Activity
14,115 Commits 366 Branches 206 Tags 194 MiB
75ee4dc7a7
Commit Graph

1905 Commits

Author SHA1 Message Date
matejcik
e66ed079b0 feat(core): show confirmation dialog before rebooting 2022-06-01 14:50:59 +02:00
Ondrej Mikle
c563c987e1 feat(core): jump back and stay in bootloader for TT via reverse SVC call trampoline 2022-06-01 14:50:59 +02:00
Pavol Rusnak
6589f020c6 fix(legacy,core): use sat/vB only for segwit and sat/B otherwise 
[no changelog]
 2022-05-30 10:51:47 +02:00
Martin Novak
85f0d3a741 feat(core,legacy): show fee rate when signing transaction 2022-05-25 14:43:45 +02:00
David Misiak
a1eaa465aa chore(cardano): remove legacy types 2022-05-23 11:08:52 +02:00
grdddj
14a0bc13ce chore(docs): mention that .mako files are rendered by make templates 
[no changelog]
 2022-05-19 14:09:16 +02:00
grdddj
6dc4426151 feat(ui): setup homescreen and label for model R 
[no changelog]
 2022-05-19 14:09:16 +02:00
Martin Milata
c5f1bec474 Merge branch 'release/22.05' 2022-05-18 12:43:53 +02:00
Martin Milata
31e63f688e fix(core/rust/ui): implement warning for PIN dialog 
[no changelog]
 2022-05-16 13:54:43 +02:00
Martin Milata
3dcdffe203 refactor(core/rust/ui): emit event when component tree is initialized 
[no changelog]
 2022-05-16 13:54:43 +02:00
Dusan Klinec
5e6582a3fe feat(xmr): add support for HF15, BP+ 2022-05-16 12:37:24 +02:00
Dusan Klinec
25d32a8144 feat(xmr): implement bp+, refactor, code cleanup 
- implement BulletProof plus verifier and prover
- use bulletproof exception to signalize proof generation failed and should be tried again. More robust, fixes bug that was not triggered yet (return tuple did not work properly in all situations)
- precomputed 2**i vector is removed as it can be easily computed
- BP code cleanup, minor optimizations, comments
 2022-05-16 12:37:24 +02:00
matejcik
221a7c9973 fix(core): drop support for __slots__ from obj_eq / obj_repr 
__slots__ are unsupported in micropython

[no changelog]
 2022-05-16 12:37:24 +02:00
Dusan Klinec
33c174491f refactor(core/monero): Monero code cleanup 
* remove support for HF12 and below
* remove MLSAG support
* clean up monero cryptography naming
* get rid of "optional first argument" pattern, in favor of mandatory argument that is allowed to be None
  (and fix several bugs related to this feature)

Co-authored-by: grdddj <jiri.musil06@seznam.cz>
Co-authored-by: Martin Milata <martin@martinmilata.cz>
Co-authored-by: matejcik <ja@matejcik.cz>
 2022-05-16 12:37:24 +02:00
grdddj
6b5f578d02 feat(core): implement basic R emulator 
Can be built by `TREZOR_MODEL=R make build_unix`, `make build_unix_frozen` does not work yet.

All the dialogs are not very pretty, they are just meant to work.
 2022-05-06 11:44:52 +02:00
Martin Milata
29bab9e8a4 chore(common): update chains and tokens 2022-05-03 23:00:25 +02:00
Andrew Kozlik
d16b44bad6 feat(core): Verify signatures of all original inputs in replacement transactions. 2022-05-03 22:14:40 +02:00
Andrew Kozlik
9bce153623 feat(core): Warn about unverified external inputs. 2022-05-03 22:14:40 +02:00
Andrew Kozlik
b1c6b42201 fix(core): Stricter Bitcoin transaction checks. 2022-05-03 22:14:40 +02:00
matejcik
e47bcee4a4 fix(core): streamline progress animation disabling 2022-05-03 19:00:04 +02:00
matejcik
37c61c1381 feat(core): implement firmware dumping 2022-05-03 19:00:04 +02:00
Andrew Kozlik
485ee6e209 feat(core): Show progress in GetFirmwareHash. 2022-05-03 19:00:04 +02:00
Andrew Kozlik
822b1c344f feat(core): Return fw_vendor in firmware Features message. 2022-05-03 19:00:04 +02:00
Andrew Kozlik
106ab65e21 feat(core): Implement GetFirmwareHash message. 2022-05-03 19:00:04 +02:00
Andrew Kozlik
6fe2d76dc1 feat(common): Add GetFirmwareHash message. 2022-05-03 19:00:04 +02:00
Tomas Krnak
9985a72c6a feat!(core): support Zcash v5 transaction format 
This implements:
- ZIP-225: Version 5 Transaction Format
- ZIP-244: Transaction Identifier Non-Malleability

BREAKING CHANGE: Zcash prevouts are not verified (as in Taproot). Zcash replacement transactions are not supported.
 2022-05-02 16:07:31 +02:00
Tomas Krnak
670d11d627 feat(core): add tx argument to create_sig_hasher method 2022-05-02 16:07:31 +02:00
Martin Milata
1f612580f7 feat(core): enable UI tests for redesigned UI 
[no changelog]
 2022-04-07 17:58:41 +02:00
Martin Milata
2f987c3c5e refactor(core/ui): remove dependencies on old layouts 
[no changelog]
 2022-04-07 17:58:41 +02:00
Martin Milata
38f4ab0983 feat(core/rust/ui): return Layout results as singleton objects 
[no changelog]
 2022-04-04 13:32:07 +02:00
Pavol Rusnak
334f7bbbe6 chore(common): defs cleanup 
- drop Gamecredits - they became an ERC-20 token in 2020
- drop Nix - dead coin
- drop Polis - coin became a BEP-20 token and later Olympus network in 2021
 2022-03-25 14:27:30 +01:00
Martin Milata
45276963c0 fix(core): fix timers for rust layouts 
[no changelog]
 2022-03-23 13:40:45 +01:00
Martin Milata
4eefaffac9 fix(core/rust/ui): recovery/passphrase keyboard fixes 
[no changelog]
 2022-03-23 13:40:45 +01:00
Martin Milata
efe25a6ab4 fix(core/rust/ui): pin keyboard tweaks 
[no changelog]
 2022-03-23 13:40:45 +01:00
David Misiak
fec4fa2257 refator(cardano): validate map key order in HashBuilderDict 2022-03-18 14:32:54 +01:00
David Misiak
a36fc6cadc fix(cardano): display tADA in testnet transactions 2022-03-18 14:32:54 +01:00
David Misiak
1f20c49536 feat(cardano): allow device-owned outputs in plutus txs 2022-03-18 14:32:54 +01:00
David Misiak
117c3c932f fix(cardano): update testnet protocol magic 2022-03-18 14:32:54 +01:00
David Misiak
962f689e8a feat(cardano): display tx id for plutus txs 2022-03-18 14:32:54 +01:00
David Misiak
f0e230642b fix(cardano): display reward addresses for withdrawals 2022-03-18 14:32:54 +01:00
David Misiak
9f9535abb3 feat(cardano): add key hash stake credentials 2022-03-18 14:32:54 +01:00
David Misiak
2262602967 feat(cardano): add support for plutus transactions 2022-03-18 14:32:54 +01:00
David Misiak
1388912762 fix(cardano): add map key canonical order validation 2022-03-18 14:32:54 +01:00
David Misiak
143af80aea fix(cardano): add input validation 2022-03-18 14:32:54 +01:00
David Misiak
48587d83fe feat(cardano): add support for output datum hash and script data hash 2022-03-18 14:32:54 +01:00
David Misiak
2b3a53a6ae feat(cardano): add support for network id in tx body 2022-03-18 14:32:54 +01:00
matejcik
cdca0bad9e fix(core): do not drop cashaddr prefix for QR code 
[no changelog]
 2022-03-18 11:59:04 +01:00
Andrew Kozlik
9e346b05da chore(core): Don't check fairness of mining fees in CoinJoin. 
[no changelog]
 2022-03-17 15:46:01 +01:00
Andrew Kozlik
94d1a49eea chore(core): Rework checking of CoinJoin parameters. 
[no changelog]
 2022-03-17 15:46:01 +01:00
Andrew Kozlik
8be6689150 chore(common): Rework AuthorizeCoinJoin message parameters. 
[no changelog]
 2022-03-17 15:46:01 +01:00
Andrew Kozlik
556e8a147a chore(core): Make CoinJoin checks more lenient. 
[no changelog]
 2022-03-17 15:46:01 +01:00
Andrew Kozlik
605e128ca0 chore(core): Simplify path warning UI. 2022-03-17 09:44:03 +01:00
Andrew Kozlik
94fa6d2515 feat(core): Guess weight of unverified external inputs. 2022-03-17 09:44:03 +01:00
Andrew Kozlik
43f1d67289 feat(core): Support unverified external inputs. 2022-03-17 09:44:03 +01:00
Andrew Kozlik
c9e6ca30c9 feat(core): Ensure input's script type and path match the scriptPubKey. 2022-03-17 09:44:03 +01:00
matejcik
0b9f7db742 fix(core): support structs as array elements (fixes #2167) 2022-03-10 13:04:54 +01:00
matejcik
4e2129e0a0 feat(core): automatically choose best QR encoding 2022-03-10 11:27:21 +01:00
grdddj
b9858f00c5 chore(tools): simplify build_protobuf file sources creation 2022-03-04 11:42:51 +01:00
grdddj
3d505874aa feat(ci): create pyright tool and include it in CI 
[no changelog]
 2022-03-02 15:43:50 +01:00
matejcik
bbf286e050 fix(core/debug): only wait for layout when _enabling_ watch_layout 2022-02-21 14:37:25 +01:00
Pavol Rusnak
c6667fa0c2 feat(core): verify bip340 pubkeys used in p2tr addresses 
Co-Authored-By: Ondřej Vejpustek <ondrej.vejpustek@satoshilabs.com>
 2022-02-16 10:25:15 +01:00
Pavol Rusnak
b9bbd5fcd7 chore: update dependencies 
[no changelog]

Co-Authored-By: Martin Milata <martin@martinmilata.cz>
 2022-02-15 13:28:03 +01:00
Andrew Kozlik
d52a59e37b feat(core): Show "signature is valid" dialog when VerifyMessage succeeds. 2022-02-11 15:36:00 +01:00
Andrew Kozlik
4d40d6dbfc feat(core): Support Electrum signatures in VerifyMessage. 2022-02-11 15:36:00 +01:00
Andrew Kozlik
473657fd44 chore(core): Tweak validation of pre-authorized GetOwnershipProof. 
In pre-authorized GetOwnershipProof requests ensure that the commitment data
starts with a length-prefixed name of the CoinJoin coordinator.

[no changelog]
 2022-02-11 13:56:27 +01:00
Martin Milata
f2b8822d76 refactor(core): improve build-time option for old/new UI 
[no changelog]
 2022-02-10 14:57:42 +01:00
Martin Milata
8fb28e4af5 feat(core/rust): impl Paginate for Paragraphs 
[no changelog]
 2022-02-08 15:40:37 +01:00
Martin Milata
7271606ca2 feat(core): smaller debug square on T1 
[no changelog]
 2022-02-08 15:40:37 +01:00
matejcik
c236dfc814 style(core): type object doesn't have __slots__ 2022-02-08 14:27:23 +01:00
matejcik
a1c62098e9 fix(core/ethereum): implement hold-to-confirm for eip1559 transactions 2022-02-08 14:27:23 +01:00
Jan Pochyla
3dd3d7f87b feat(core): Add HoldToConfirm example, improve Loader and animation frame support 2022-02-01 10:51:02 +01:00
Andrew Kozlik
83686d1be2 chore(core): Add HashContextInitable protocol class. 2022-01-31 18:00:22 +01:00
Andrew Kozlik
f17a435cdf refactor(core): Rename bitcoin_varint to compact_size. 2022-01-31 18:00:22 +01:00
Andrew Kozlik
0e58218f5f feat(core): Implement Bitcoin payment requests. 2022-01-31 18:00:22 +01:00
Andrew Kozlik
d0c3a6a2fa chore(core): Add mac field to Address message. 
[no changelog]
 2022-01-31 18:00:22 +01:00
Andrew Kozlik
2ac3d0acb4 feat(core): Implement GetNonce command. 2022-01-31 18:00:22 +01:00
Andrew Kozlik
0959947a88 chore(common): Add GetNonce, Nonce and TxAckPaymentRequest message. 
[no changelog]
 2022-01-31 18:00:22 +01:00
grdddj
8524f4b6ba feat(ui): InfoConfirm layout accepting DebugLinkDecision 
[no changelog]
 2022-01-27 13:15:04 +01:00
Andrew Kozlik
ba4f046d6f feat(common): Add INFO button to DebugLinkDecision. 
[no changelog]
 2022-01-27 13:15:04 +01:00
Martin Milata
98b1159b0b Merge branch 'release/22.01' 
Conflicts:
	core/src/apps/ethereum/tokens.py
 2022-01-19 15:24:51 +01:00
Alois Klink
5c4703c9bb fix(core,legacy): Fix domain-only ethTypedData 
When doing Ethereum signTypedData, and the primaryType="EIP712Domain",
we completely ignore the "message" part and only sign the domain.

According to the community, this is technically allowed by the spec,
and may be used by ETH smart contracts to save on gas.

Test case generated by @MetaMask/eth-sig-util's library.

See: https://ethereum-magicians.org/t/eip-712-standards-clarification-primarytype-as-domaintype/3286
 2022-01-14 14:22:46 +01:00
Andrew Kozlik
cdf2129b73 fix(core): Fix proof of ownership sighash computation. 2022-01-10 11:14:36 +01:00
Andrew Kozlik
88a08e3512 chore(core): Increase maximum CoinJoin coordinator name length to 36 (2 lines). 2022-01-10 11:14:36 +01:00
matejcik
e20879189f style(core): remove old-style annotations (Set, Tuple, Union) 2022-01-07 21:41:17 +01:00
matejcik
5e1dce35b3 style(core): remove unused type:ignore comments 2022-01-07 21:41:17 +01:00
matejcik
80f6463799 style(core): define obj_eq and obj_repr so that they pass type-check 2022-01-07 21:41:17 +01:00
matejcik
228c4db646 style(core): improve types in rlp.py 2022-01-07 21:41:17 +01:00
matejcik
dec89ea59e refactor(core): convert if/elif chains to if-chains 
This way AST parsers won't get stack exceeded (because an elif counts as
an else { if {}} to an AST parser apparently?) and so automated tools
will like tokens.py and friends.
 2022-01-07 21:41:17 +01:00
matejcik
c3f2db3be5 refactor(core): improve type signature of bech32.convertbits 2022-01-07 21:41:17 +01:00
grdddj
9fc5bb546b style(core): full pyright-based type-checking 
Changes many fields to required -- as far as we were able to figure out,
signing would fail if these fields aren't provided anyway, so this
should not pose a compatibility problem.

Co-authored-by: matejcik <ja@matejcik.cz>
 2022-01-07 21:41:17 +01:00
matejcik
9c5945a888 chore(core): add fake typing module (not included in build) 2022-01-07 21:41:17 +01:00
FujiCoin
33c243be8d
feat(common): enable taproot for Fujicoin, fix xpub versions 
* fix fujicoin params

* add test_fujicoin/test_send_p2tr

* fix test

* fix serialized_tx.hex()

* Recreated based on a new transaction

* make gen, some fixes

Co-authored-by: matejcik <ja@matejcik.cz>
 2022-01-05 12:43:34 +01:00
Pavol Rusnak
b0e0280465 chore: drop obsolete fw_vendor_keys field from Features 
[no changelog]
 2022-01-03 14:23:58 +01:00
Martin Milata
3f12742669 chore(common): update coin support status 2021-12-28 12:42:43 +01:00
Martin Milata
c0dbcf37e4 chore(common): update chains and tokens 2021-12-28 12:42:43 +01:00
gruve-p
3ab036a1d1
feat(common): enable Taproot on Groestlcoin 
Add additional device tests for GRS

Add P2TR GetAddress for GRS mainnet and testnet

Add SignTX spending taproot UTXO (The resulting transaction from the SignTx device test was successfully mined on Testnet.)
 2021-12-20 22:49:36 +01:00
Alisina Bahadori
77ab865386 feat(legacy): Implement EIP-712 signing 2021-12-19 20:36:30 +01:00
Martin Milata
ff5f965c44 Merge branch 'release/21.12' 
Conflicts:
	tests/device_tests/test_msg_signtx_invalid_path.py
	tests/ui_tests/fixtures.json
 2021-12-08 14:53:56 +01:00
Andrew Kozlik
ef5994d9f3 feat(core): Support ownership proofs for Taproot addresses. 2021-12-06 18:23:48 +01:00
matejcik
949dfe1f5d docs(core/cardano): add derivation scheme docs 2021-11-29 13:34:01 +01:00
Martin Milata
7cc9f13605 refactor(core/rust): allow model_t1 and model_tt at once 
[no changelog]
 2021-11-24 15:36:34 +01:00
Martin Milata
afd7cb3b01 feat(core/rust): add example layout for T1 
[no changelog]
 2021-11-24 15:36:34 +01:00
Martin Milata
4d60c10330 feat(core/rust): add support for T1 UI 
[no changelog]
 2021-11-24 15:36:34 +01:00
Andrew Kozlik
9052133fca fix(core): Ensure user is warned about non-standard paths. 2021-11-23 14:57:25 +01:00
Andrew Kozlik
221977ad9d chore(core): Convert SIGHASH_* consts to SigHashType enum. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
aaceb5bcc6 chore(core): Remove USE_SECP256K1_ZKP_BIP340 build option. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
ae35086bb9 refactor(core): Rename Hash143 to SigHasher and replace preimage_hash() with two functions. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
03b1b3bc6b feat(core): Show path warning for SignMessage. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
ef2ad57ec8 fix(core): Fix CoinJoin approval check. 
After fixing the TxWeightCalculator the approver needs to account for the
weight of the coordinator's output.
 2021-11-13 13:33:46 +01:00
Andrew Kozlik
56ac799626 feat(core): Support external inputs in TxWeightCalculator. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
f9f0b517e2 feat(core): Support Taproot in TxWeightCalculator. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
9b579094c0 fix(core): Fix TxWeightCalculator. 
- Refactor TxWeightCalculator to count inputs and outputs itself.
- Fix witness data weight by adding the weight of the witness stack item count
  for each input in segwit transactions and removing the weight of the
  nonsensical extra inputs count.
- Get multisig pubkey count from multisig.nodes or multisig.pubkeys like in
  multisig_get_pubkeys().
- Fix size of multisig script length encoding in segwit (varint vs. OP_PUSH).
- Improve comments.
 2021-11-13 13:33:46 +01:00
Andrew Kozlik
a5bd1643fc fix(core): Fix OP_PUSH writing. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
7653efb415 chore(core): Disable Taproot for altcoins. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
c0f853dc78 chore(core): Disable ownership proof generation for Taproot. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
475b95b11e feat(core): Disable prevtx streaming for Taproot. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
84e31310a1 feat(core): Support Taproot in SignatureVerifier. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
a17cdb7cfa feat(core): Implement Taproot signing. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
381e8bc85a feat(core): Implement the BIP-341 common signature message computation. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
99e4ed6f42 chore(core): Support script_pubkey parameter for Bitcoin inputs. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
630c06e782 feat(core): Support Taproot scripts. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
68ad1b07d2 feat(core): Recognize Taproot inputs. 2021-11-13 13:33:46 +01:00
Pavol Rusnak
57fddcfd9d feat(core): recognize Taproot change-outputs 2021-11-13 13:33:46 +01:00
Andrew Kozlik
dd7ed61939 feat(core): Implement GetAddress for taproot. 2021-11-13 13:33:46 +01:00
Pavol Rusnak
6406f0640d feat(core): introduce PATTERN_BIP86 to keychain 2021-11-13 13:33:46 +01:00
Andrew Kozlik
bec0634bae feat(core): Improve message signing UI. 
- Add "Confirm message" subheader to SignMessage and VerifyMessage.
- Unify font for SignMessage and VerifyMessage to fixed-width font.
- Fix device tests.
 2021-11-10 17:35:57 +01:00
Andrew Kozlik
cf14e06aa0 feat(core): Show address confirmation in SignMessage. 2021-11-10 17:35:57 +01:00
Andrew Kozlik
bc4a56b2c0 feat(core): Support no_script_type option in SignMessage. 2021-11-10 17:35:57 +01:00
Andrew Kozlik
c2f1850abb feat(common): Add no_script_type option to SignMessage. 2021-11-10 17:35:57 +01:00
matejcik
c38efaa9a5 chore: make bitcoin-only checker happy 2021-11-10 13:57:57 +01:00
matejcik
10e338e005 feat(core/cardano): allow derivation type selection 2021-11-10 13:57:57 +01:00
matejcik
f6f52445bd feat(core/cardano): support Icarus, Icarus-Trezor, and Ledger derivations 2021-11-10 13:57:57 +01:00
matejcik
f0ae16069c fix(core): do not send passphrase_protection field when device is locked (fixes #1807) 2021-11-10 13:57:57 +01:00
matejcik
f818f4bc23 feat(core): derive Cardano seed together with normal seed, if requested 2021-11-10 13:57:57 +01:00
matejcik
387466e073 refactor(core): separate Cardano cryptography into its own module 2021-11-10 13:57:57 +01:00
matejcik
eacaffd079 fix(core/ethereum): use built-in ethereum_pubkeyhash() in get_address 2021-11-10 13:57:57 +01:00
matejcik
faa807f995 feat(core): show progress for SLIP39 derivation 
fixes #1842
 2021-11-10 13:57:57 +01:00
matejcik
8caac218ec feat(core/cardano): indicate whether Cardano seed should be derived 2021-11-10 13:57:57 +01:00
matejcik
bc75d05772 chore(common/defs/fido): add coinbase u2f 
[no changelog]
 2021-11-08 15:55:01 +01:00
Jun Luo
62b649ef5d refactor(common & core & legacy): Stellar, rename StellarCreatePassiveOfferOp to StellarCreatePassiveSellOfferOp. 2021-11-04 13:16:29 +01:00
Jun Luo
d064aae3f9 feat(common & core & legacy): Stellar, add support for StellarPathPaymentStrictSendOp. 2021-11-04 13:16:29 +01:00
Jun Luo
1dcb8e4913 feat(common & core & legacy): Stellar, add support for StellarManageBuyOfferOp. 2021-11-04 13:16:29 +01:00
Jun Luo
3a5768c4bf refactor(common & core & legacy): Stellar, rename StellarManageOfferOp to StellarManageSellOfferOp and rename StellarPathPaymentOp to StellarPathPaymentStrictReceiveOp. 2021-11-04 13:16:29 +01:00
Martin Milata
1979bcc39c chore(common): bring back eth:xDAI 2021-11-02 15:05:14 +01:00
grdddj
73238135d6 feat(core/ethereum): EIP-712 
Based on original contribution by Max Kupriianov <xlab@hey.com>

Implemented EIP-712 typed data signatures in Ethereum app.

Add eth_abi into pyproject deps

device test for EIP 712

fixed hex decoding for address

fixup! fixed hex decoding for address

code quality, more pythonic code, removing unused imports

running black and isort on changed files

trezorctl file input for EIP 712 data signing

fixup! code quality, more pythonic code, removing unused imports

fixup! fixup! code quality, more pythonic code, removing unused imports

necessary changes after rebase to master

unit tests for sign_typed_data.py

new protobuf messages, working for nonarray types

simplified and verified solution for our simple data

support for simple arrays, without their confirmation

reverting protobuf value messages to bytes, appropriate changes

showing arrays in Trezor, code quality improvements

data validation on Trezor, minor improvements

using custom types for storing type data instead of dicts, addressing feedback from review

moving helper functions to its own file, tests for decode_data

additional overall tests

support for arrays of structs

adding support for metamask_v4_compat variable

using HashWriter object to collect the final hash continously

minor improvements in code quality

validate_field_type function

streaming values from client without saving them, missing UI

prototype of streamed UI using confirm_properties

accounting for bytes in data, more data types in integration tests

rebase on master, using f-strings

minor fixes and improvements from code review

StructHasher class for the whole hashing process

mypy and style changes

asking users whether to show structs and arrays

protobuf descriptions to fix make defs_check

unifying comments, mypy fix

unit tests for StructHasher class

UI fixtures, skipping device tests for T1

addressing majority of code review comments about code quality and structure

changing file structure - layouts, helpers, sign_typed_data

decode_data renaming and docstring, renaming unit test file

using tuples instead of lists in elifs

layout improvements

excluding core/src/apps/common/confirm.py file from the PR

True/False returning layout with Show more button

code review layout improvements

forgotten br_type argument to should_show_more
 2021-11-02 14:27:01 +01:00
grdddj
082b7ecd91 feat(core): plural function supports "key/keys" string 
Previously function did not work for words ending with "y" and vowel before that
 2021-11-02 14:27:01 +01:00
grdddj
ecc0f6c445 fear(core/ui): add should_show_more layout function 
Also adding `hold` argument into confirm_blob function
 2021-11-02 14:27:01 +01:00
grdddj
b1a3618c17 refactor(core/ethereum): rename address.py to helpers.py 2021-11-02 14:27:01 +01:00
Martin Milata
9a7e6c2900 chore(common): update chains and tokens 2021-11-01 16:43:02 +01:00
Martin Milata
ea1b7fbd54 chore(common): update chains and tokens 2021-11-01 13:58:48 +01:00
Martin Milata
87cc44e73a chore(common): update coins support status 
[no changelog]
 2021-11-01 13:58:48 +01:00
matejcik
0e6669bd10 feat(core/stellar): show start/end timestamps in human readable format 2021-10-29 11:00:30 +02:00
matejcik
f7c340f333 feat(core/bitcoin): show lock_time as human readable datetime 2021-10-29 11:00:30 +02:00
matejcik
1d72085b5c feat(core): implement conversion from timestamp to datetime 2021-10-29 11:00:30 +02:00
matejcik
e972839ac7 style(all): fix pylint complaints 
[no changelog]
 2021-10-27 13:13:15 +02:00
matejcik
84c310a2ba chore(core): remove forgotten and unused apps/common/confirm.py 
[no changelog]
 2021-10-27 13:13:15 +02:00
Pavol Rusnak
b2ff86ff3a
fix(common): drop unusable coins BELL and ZNY (#1872) 
there are no wallets that support Trezor and these coins
 2021-10-26 13:09:34 +02:00
Pavol Rusnak
7b2825e68e fix(common): rebrand brhodium to xrhodium 2021-10-26 12:01:08 +02:00
Ondřej Vejpustek
29ce860d46 refactor(core,crypto): rename schnorr to BIP340 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
7ac0bdd215 feat(core): make core use Schnorr signatures 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
26463eb3ce feat(core): make core use ecdsa from secp256k1_zkp wherever possible 2021-10-25 14:41:28 +02:00
Martin Milata
3882b89be9 fix(core/ethereum): ask before showing paginated data field 2021-10-19 17:13:28 +02:00
Martin Milata
e6c42b7fa6 fix(core/ui): fix off-by-one in in_area 2021-10-19 17:13:28 +02:00
Martin Milata
8eb4bcff29 feat(core/ui): allow text without header 2021-10-19 17:13:28 +02:00
David Misiak
13c4fb97df fix(cardano): forbid multisig pool registration [no changelog] 2021-10-19 15:25:39 +02:00
Andrew Kozlik
13cbb59082 feat(common): Add script_pubkey field to TxInput message. 2021-10-18 19:58:56 +02:00
Andrew Kozlik
9d03112846 feat(core): Implement sending to taproot addresses. 2021-10-18 13:36:05 +02:00
Pavol Rusnak
ea0fb08fed feat(core): add witness version to encode_bech32_address() 2021-10-18 13:36:05 +02:00
Pavol Rusnak
dbc464750b feat(common): enable Taproot on Bitcoin 2021-10-18 13:36:05 +02:00
Pavol Rusnak
9aa07c7f96 feat(core): update bech32.py to support Bech32m 2021-10-18 13:36:05 +02:00
Pavol Rusnak
ac4cb88184 feat(common): add taproot field to coin definitions 
enable for Bitcoin Testnet and Bitcoin Regtest
 2021-10-18 13:36:05 +02:00
Pavol Rusnak
fea240ed40 feat(core): add support for Taproot descriptors 2021-10-18 13:36:05 +02:00
Pavol Rusnak
4ed9f00c73 feat(common): add support for Taproot input and output scripts 2021-10-18 13:36:05 +02:00
matejcik
b6837d19b7 fix(core/nem): fix NEM usage of format_amount 
[no changelog]
 2021-10-13 11:53:17 +02:00
amadejpapez
85ba7c12ba style(all): use f-strings for formatting 
[no changelog]
 2021-10-13 11:53:17 +02:00
gabrielkerekes
4aaf6db9a2 chore(cardano): update docs, changelog and ui test fixtures 2021-10-11 15:16:24 +02:00
gabrielkerekes
1f33ab420d feat(cardano): update transaction signing for multisig 2021-10-11 15:16:24 +02:00
gabrielkerekes
21281d7cf4 feat(cardano): add support for script addresses derivation 2021-10-11 15:16:24 +02:00
gabrielkerekes
dd9652cd07 feat(cardano): add get-native-script-hash call 2021-10-11 15:16:24 +02:00
gabrielkerekes
54909681a8 feat(cardano): add support for 1854 and 1855 path roots 2021-10-11 15:16:24 +02:00
Martin Milata
70bb0ee04f fix(core): bitcoin-only all_modules.py 2021-10-07 15:26:49 +02:00
Jan Pochyla
2703d714c2 feat(core): add Rust UI components, layouts, text rendering 
[no changelog]
 2021-10-07 15:01:55 +02:00
matejcik
c30091b9c5 refactor(core/stellar): replace confirm_timebounds_stellar with confirm_properties 2021-09-24 10:30:19 +02:00
matejcik
1dcfdebf7a feat(all): make Stellar timebounds required 2021-09-24 10:30:19 +02:00
matejcik
98f0496b2c feat(core/stellar): add type checking to Stellar app 2021-09-24 10:30:19 +02:00
matejcik
1b601b3e08 feat(common): strong typing for Stellar protobuf messages 
BREAKING CHANGE: StellarAssetType is renamed to StellarAsset.
The name StellarAssetType is reused for the corresponding enum.

Enums are introduced in several other places. Their values correspond to
allowed values of (previously int) fields so this should not pose a
compatibility problem.

Many fields are now required. We believe that this should not pose a
compatibility problem, because all known interfaces to Stellar signing
actually accept Stellar XDR on input, whose required fields match the
protobuf schema.
 2021-09-24 10:30:19 +02:00
Martin Milata
bd005e33df refactor(core): decouple T1 button handling from touch 
[no changelog]
 2021-09-23 12:30:13 +02:00
matejcik
b666895303 feat(core/rust): catch, handle and propagate uPy exceptions 2021-09-21 12:43:31 +02:00
matejcik
ae4dd42d18 refactor(core/ethereum): reorganize sanity checks, disallow chain_id 0 2021-09-10 15:09:03 +02:00
matejcik
8931450d21 chore(common): enable Palm network 2021-09-10 15:09:03 +02:00
matejcik
e80077e0a4 feat(core/ethereum): enable type-checking for Ethereum app 2021-09-10 15:09:03 +02:00
matejcik
0c2863fc8d feat(core/ethereum): use TokenInfo object instead of tuples 2021-09-10 15:09:03 +02:00
matejcik
30b08d949b feat(common): add default values to EthereumSignTx fields 
so that we can avoid Optional types for fields
 2021-09-10 15:09:03 +02:00
matejcik
96ed53cc1c refactor(core,legacy): remove Wanchain special handling 
now that Wanchain has proper chainID and we don't need to detect it by
magic.

[no changelog]
 2021-09-10 15:09:03 +02:00
matejcik
639406b01f feat(all): make chain_id mandatory 2021-09-10 15:09:03 +02:00
arbitrarylink
f051225730 feat(core,legacy): add support for Ethereum 64-bit chain_id 
* Changes from original PR

* Now that we are rejecting chain_ids of 0, we need to have the tests set the chain_ids to at least 1.

* Ran 'make gen' and uploaded changed files.

* Ran make style_check and fixed reported errors

* Added changelog files

* Reverted changes concerning chain_id 0 being rejected.

* Adds tests for MAX_CHAIN_ID and MAX_CHAIN_ID+1.  Also reverts MAX_CHAIN_ID to the previous value.

* Added missing whitespace around arithmetic operator.

Co-authored-by: Michael Hatton <michaelhatton@Michaels-Mini.fios-router.home>
 2021-09-10 15:09:03 +02:00
matejcik
eb34c0850e fix(common): regenerate support data 
[no changelog]
 2021-08-27 13:38:45 +02:00
matejcik
174985619d chore(common): bump chains and tokens for release 2021-08-24 13:14:06 +02:00
matejcik
7aed8d535d feat(all): re-enable Firo (fixes #1767) 2021-08-23 11:43:57 +02:00
Martin Milata
f37ca13f1a refactor(core): disable SD, SBU, fatfs for T1 build 2021-08-20 12:22:13 +02:00
gabrielkerekes
8e3bc39b56 chore(cardano): update and format README 2021-08-20 11:50:13 +02:00
gabrielkerekes
7c3b5c86a5 fix(cardano): forbid mixing paths from multiple accounts in a single transaction 2021-08-20 11:50:13 +02:00
gabrielkerekes
b0c8590f00 feat(cardano): streamed transaction signing 2021-08-20 11:50:13 +02:00
gabrielkerekes
d2a5be4e38 feat(cardano): prepare protobuf messages for streamed tx signing 2021-08-20 11:50:13 +02:00
matejcik
d33d61d84e chore(core): remove Lisk 2021-08-19 10:25:41 +02:00
Frederik Bolding
38fa9197ca feat(core,python): support for Ethereum EIP1559 transactions 
Initial EIP1559 implementation

Fix a few small issues

Progress on Python lib implementation and firmware

Fix RLP length

Start fixing tests

Fix legacy transactions

Simplify API and logic

Add EIP1559 tests

Fix access list formatting

Fix UI visiblity issue

Fix commented out code

fix: correct linting issues

Fix access_list protobuf formatting

Remove unneeded code

Remove dead code

Check tx_type bounds for EIP 2718

Reduce code duplication

Prefer eip2718_type over re-using tx_type

Add more tests

Simplify format_access_list

Simplify sign_tx slightly

Change Access List format and add logic to encode it

Fix a bunch of small PR comments

Fix a linting issue

Move tests out of class and regenerate

Remove copy-pasted comments

Add access list to CLI

Simplify _parse_access_list_item

Fix small mistakes following rebase

Fix linting

Refactor to use a separate message for EIP 1559 tx

Simplify changed legacy code

Fix a few small PR comments

Fix linting

fix(legacy): recognize SignTxEIP1559 on legacy build

Fix PR comments
 2021-08-10 11:00:29 +02:00
Martin Milata
b5710b820a docs(core): replace Purpose48 with BIP-48 
https://github.com/bitcoin/bips/blob/master/bip-0048.mediawiki
 2021-08-06 12:50:42 +02:00
gabrielkerekes
4f7c6b3586 feat(common): change all protobuf message type hints to strings 
In order to support recursive protobuf messages, which will be needed by Cardano's native scripts.
[no changelog]
 2021-08-05 12:10:30 +02:00
matejcik
f78363ecdc refactor(core/ui): do not use parameter for styling in get_next_u2f_counter 2021-08-04 15:03:11 +02:00
Martin Milata
2a91052b02 refactor(core/ui): move altcoin and webauthn layouts to separate file 
Also fix types.
 2021-08-04 15:03:11 +02:00
Martin Milata
31052007ff refactor(core): enable mypy for apps.management 2021-08-04 15:03:11 +02:00
Martin Milata
e57027fc5c refactor(core): convert apps.management.change_wipe_code to layouts 2021-08-04 15:03:11 +02:00
Martin Milata
5a0ea3f146 refactor(core): convert apps.management.recovery_device to layouts 2021-08-04 15:03:11 +02:00
Martin Milata
312876ab67 refactor(core): convert apps.management.reset_device to layouts 2021-08-04 15:03:11 +02:00
Martin Milata
574dcbc8a3 refactor(core): convert apps.common to layouts 2021-08-04 15:03:11 +02:00
Martin Milata
875cc0cb1a refactor(core): convert apps.webauthn to layouts 2021-08-04 15:03:11 +02:00
matejcik
9ab1891b22 feat(common): more required fields in messages-management 
[no changelog]
 2021-08-04 15:03:11 +02:00
matejcik
5dcb51458f chore(core/ui): drop no longer used confirm_proposals_tezos 2021-07-26 14:48:35 +02:00
matejcik
fcb5f88318 fix(core/bitcoin): nicer UI for ownership proofs 2021-07-26 14:48:35 +02:00
matejcik
b30c9f7584 refactor(core/stellar): use semantically appropriate layouts everywhere 2021-07-26 14:48:35 +02:00
matejcik
16b87e4d50 fix(core/stellar): fail cleanly when asset code has wrong length 2021-07-26 14:48:35 +02:00
matejcik
ad6976e01f refactor(core): use confirm_blob instead of confirm_hex in apps 2021-07-26 14:48:35 +02:00
matejcik
dcc38f5267 refactor(core/ui): replace confirm_hex, clarify API 
Truncation options were removed.

Subtitle distinct from description was removed.

confirm_hex was replaced by confirm_blob. You should use confirm_blob
when displaying data that is not human readable and can be broken at any
character.

Also it is now possible to pass bytes, which are automatically converted
to hex.

For displaying addresses, a separate confirm_address is introduced,
which simply delegates to confirm_blob, but has a more limited
signature.

Analogously, there is confirm_text for text data (should maybe be used
in many places where we currently use confirm_metadata) and a
specialized confirm_amount.
 2021-07-26 14:48:35 +02:00
matejcik
6d15e90ed3 refactor(core/ui): reorganize line width constants 2021-07-26 14:48:35 +02:00
matejcik
cb882df100 feat(core): in debug mode, dump contents of received protobuf messages 
[no changelog]
 2021-07-23 11:46:24 +02:00
Martin Milata
8da978981e perf(core): share wire buffer between wire and debuglink 
[no changelog]
 2021-07-22 15:12:22 +02:00
Andrew Kozlik
334103b089 refactor(core/crypto): Optimize DER encoding of signatures. 2021-07-22 10:54:49 +02:00
Andrew Kozlik
2964f2e855 refactor(core/cardano): Clean up variable_length_encode(). 2021-07-22 10:54:49 +02:00
Andrew Kozlik
97ca1e3341 chore(core): Add offset parameter to cbor.decode(). 2021-07-22 10:54:49 +02:00
Andrew Kozlik
7811204ed5 refactor(core/bitcoin): Use HashWriter in address derivation. 2021-07-22 10:54:49 +02:00
Andrew Kozlik
2c003052f5 refactor(core/bitcoin): Change CoinInfo.script_hash to be a HashContext. 2021-07-22 10:54:49 +02:00
Andrew Kozlik
27e6f35f78 refactor(core/bitcoin): Change scripts to use writer semantics. 2021-07-22 10:54:49 +02:00
Andrew Kozlik
8538f55edc refactor(core/bitcoin): Use global static buffer for Tx serialization. 2021-07-22 10:54:49 +02:00
Andrew Kozlik
7277a49047 fix(common): Add new rpId to Binance's FIDO definition. 2021-07-21 13:19:16 +02:00
Martin Milata
ceaf4da617 fix(core): explicitly refresh display on T1 
[no changelog]
 2021-07-20 22:00:42 +02:00
matejcik
2b3c75c4de fix(core): properly respond to USB events while on a paginated screen 2021-07-20 12:59:26 +02:00
matejcik
cf15dce326 refactor(core/ethereum): improve API of the rlp module 2021-07-19 13:59:28 +02:00
Martin Milata
0d251fc01a Merge branch 'release/21.07' 2021-07-16 14:34:20 +02:00
matejcik
b41d4c71f0 feat(core/emulator): JSON memory map dump 
use `trezor.utils.mem_dump("somefile.json")` in a key place, then
`analyze.py src/somefile.json` to look at what is going on
 2021-07-14 13:50:24 +02:00
Andrew Kozlik
24bb401638 fix(legacy,core): Fix operation source account encoding in Stellar. 2021-07-13 17:24:16 +02:00
matejcik
46e0530764 fix(tests): auto-swipe by using only ButtonRequest.pages 
(cherry picked from commit f8bb90366a)
 2021-07-12 00:39:58 +02:00
matejcik
8e6a647e89 fix(core): do not send ButtonRequest on every paging event 
partial revert of 54db2291f2 from #1671

(cherry picked from commit 1e1963f1ee)
 2021-07-12 00:39:54 +02:00
matejcik
f8bb90366a fix(tests): auto-swipe by using only ButtonRequest.pages 2021-07-09 21:01:07 +02:00
matejcik
1e1963f1ee fix(core): do not send ButtonRequest on every paging event 
partial revert of 54db2291f2 from #1671
 2021-07-09 15:00:29 +02:00
Andrew Kozlik
c067618828 fix(common): Fix incorrect SLIP-44 coin type for Bgold and SmartCash Testnets. 2021-06-30 18:25:58 +02:00
Andrew Kozlik
3e9f8a32ac fix(core): Fix insufficient BIP-32 path checks. 
- Disable testnet coins from accessing Bitcoin paths.

- Restrict BIP-45 paths to Bitcoin and coins with strong replay protection.
 2021-06-30 18:25:58 +02:00
Pavol Rusnak
8cfa5da1ce
docs: fix typos in comments 
[skip_ci]
 2021-06-30 15:41:55 +02:00
gabrielkerekes
db657615f4 fix(cardano): use OrderedMap for output tokens and withdrawals 2021-06-24 08:24:47 +02:00
gabrielkerekes
4e5772662c fix(cardano): don't allow duplicate withdrawals 2021-06-24 08:24:42 +02:00
gabrielkerekes
3cd2182b69 feat(core): introduce OrderedMap into CBOR serialisation 
Items of an OrderedMap are included in CBOR as they come without sorting them in any way.
 2021-06-24 08:22:39 +02:00
matejcik
015c47d564 chore(core): export PropertyType to fix mypy errors 2021-06-23 11:51:18 +02:00
matejcik
da4442bbd7 feat(core): auto-hexlify in confirm_properties 2021-06-23 11:51:18 +02:00
matejcik
41c5d773e2 refactor(core): put property key+value on the same screen 2021-06-23 11:51:18 +02:00
Martin Milata
178b575465 refactor(core): convert apps.nem to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
dd3b689ded refactor(core): convert apps.eos to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
3ffbae5d17 refactor(core): convert apps.binance to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
ddac852acf refactor(core): convert apps.cardano to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
ffb400180d refactor(core/ui): more consistent layout parameter names 2021-06-23 11:51:18 +02:00
Martin Milata
a143fe34d0 refactor(core): convert apps.lisk to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
ebf6ef1666 refactor(core): convert apps.tezos to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
12478b1716 refactor(core): convert apps.stellar to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
6aeaadfe16 refactor(core): convert apps.ripple to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
16094df0c5 refactor(core): convert most of apps.monero to layouts 
Progress popups are not ported yet as they're unlike anything else.

Introduces paginate_paragraphs.
 2021-06-23 11:51:18 +02:00
Martin Milata
6c926ad82e refactor(core): convert apps.ethereum to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
b7cab90e3c refactor(core/ui): use new_lines=False in layouts 2021-06-23 11:51:18 +02:00
matejcik
1012ee8497 feat(core): send ButtonRequests for paging events 2021-06-22 11:25:12 +02:00
matejcik
52c34c7364 fix(core): allow caching empty values (fixes #1659) 2021-06-11 12:32:13 +02:00
gabrielkerekes
b2de8909d1 fix(core/cardano): reintroduce max tx output size 
Output size is currently limited to 4000 bytes at protocol level. Given the maximum transaction size Trezor can handle (~9kB), we also want to enforce this size limit here so that when the limit is raised at protocol level again, Trezor would still not be able to produce larger outputs than it could reliably spend. Once Cardano-transaction signing is refactored to be completely streamed and maximum supported transaction size is thus raised, this limit can be lifted.
 2021-06-08 15:02:24 +02:00
gabrielkerekes
a92b5fc333 fix(core/cardano): forbid tx outputs with both address and address parameters 2021-06-08 15:02:24 +02:00
gabrielkerekes
597402eab8 refactor(core/cardano): decouple address parameters validation 2021-06-08 15:02:24 +02:00
matejcik
cbe4e0e725 fix(core): properly exclude altcoins from all_modules 2021-06-08 09:55:19 +02:00
matejcik
729414e606 fix(core): exclude get/set U2F counter from BITCOIN_ONLY 2021-06-08 09:55:19 +02:00
matejcik
da2ef8ed41 refactor(core): create and use protobuf uvarint writer 2021-06-08 09:55:19 +02:00
Jan Pochyla
a8623c4b59 refactor(core): fix imports and use new protobuf API in apps 2021-06-08 09:55:19 +02:00
Jan Pochyla
02aa14fc04 refactor(core): Switch to new Protobuf API 2021-06-08 09:55:19 +02:00
matejcik
8a5cb41060 chore(core): regenerate with new templates 2021-06-08 09:55:19 +02:00
matejcik
d42bc8a4c0 refactor(core): prepare new templates for enums and messages 2021-06-08 09:55:19 +02:00
Pavol Rusnak
23aa69caea fix(core): unify Features.revision reporting with legacy 2021-06-04 12:50:49 +02:00
matejcik
2fac964a29 chore(common): disable Firo support 2021-06-04 11:38:18 +02:00
Pavol Rusnak
fce3640848 fix(common): remove dead coin Hatch 2021-06-04 10:10:26 +02:00
Martin Milata
767e7b8e8d fix(core): spaces in Shamir info texts 2021-06-03 16:54:42 +02:00
matejcik
86089fa5ad feat(core): avoid restarting session for select messages (fixes #1631) 2021-06-01 14:07:29 +02:00
Pavol Rusnak
155fc7ac67
fix(core): remove tcDisplay from metadata/trezor-ctap2.json 2021-05-19 14:49:54 +02:00
Pavol Rusnak
d358503676
fix(core): remove txAuthSimple from metadata/trezor-ctap2.json 2021-05-19 14:45:02 +02:00
Martin Milata
c54077a714 fix(core): imports needed for T1 startup 
Now debug build booted on wiped T1 connects to USB and shows square in
top right corner.
 2021-05-17 18:03:07 +02:00
matejcik
1e0a23c133 fix(core/paths): make sure containers are copied along with the numbers they contain 2021-05-06 13:14:21 +02:00
matejcik
ed5c357b78 fix(core): properly cache last successful unlock time 2021-05-06 13:14:21 +02:00
matejcik
959cf7d515 fix(core/homescreen): properly redraw when an outside process kills homescreen 
This happens with FIDO which does not use the normal workflow management
and so `workflow.close_others()` is never called.
 2021-05-06 13:14:21 +02:00
matejcik
411a7bb802 fix(core/wire): handle codec errors better 2021-05-06 13:14:21 +02:00
matejcik
231a1fe229 refactor(core): do not cache reverse-mapping of message types in RAM 
Instead, walk the module for every message.

Also remove the custom wire type registration facility, which is not
used.
 2021-05-06 13:14:21 +02:00
matejcik
f1a54f2108 refactor(core): remove more global imports 2021-05-06 13:14:21 +02:00
matejcik
2cb379108c refactor(core/homescreen): load homescreen image on-demand 2021-05-06 13:14:21 +02:00
matejcik
f61d7fffa8 fix(core): fix top-level imports in apps.common.passphrase 2021-05-06 13:14:21 +02:00
matejcik
93db39ad70 fix(core/wire): drop unused reader, clarify writer usage 2021-05-06 13:14:21 +02:00
matejcik
5ee85b6ed9 refactor(core): improve clarity in main.py 2021-05-06 13:14:21 +02:00
matejcik
94521a2065 feat(core): presize some modules to account for their sub-imports 2021-05-06 13:14:21 +02:00
matejcik
5f4240d93c feat(core): preallocate sys.modules to an appropriate size 2021-05-06 13:14:21 +02:00
matejcik
b1e4246b46 refactor(core/webauthn): make sure KEY_AGREEMENT_*KEY is generated once per power-up 
This is what the spec recommends and it has been the case before
workflow-restarts, when `apps.webauthn.fido2` was imported exactly once
per lifetime.

With workflow-restarts, `fido2` is being imported repeatedly and the
keys regenerated. This does not seem to be a problem per the spec -- a
FIDO workflow will retain the same keys, and non-FIDO workflows can be
seen as unplugs/replugs as far as the FIDO functionality is concerned.

However, regenerating the keys is slow, which is a problem for the
hardware-based unit tests. We can avoid the slowness by returning to the
spec-mandated behavior and generating once per power-up.
 2021-05-06 13:14:21 +02:00
matejcik
f6f3c7ffcf fix(core): prevent flickering when homescreen does not need to redraw 2021-05-06 13:14:21 +02:00
matejcik
5d12b943b3 feat(core): ensure all module names are interned 2021-05-06 13:14:21 +02:00
matejcik
96fd347ca8 fix(core): keep value of experimental_features cached across workflow restarts 2021-05-06 13:14:21 +02:00
matejcik
aaa3ce6117 fix(core/bitcoin): fix CoinJoin authorization with new cache 2021-05-06 13:14:21 +02:00
matejcik
dd655422f1 refactor(core/wire): simplify the message handling loop 2021-05-06 13:14:21 +02:00
matejcik
b387970468 refactor(core/debug): move "wipe with debug build" to boot.py 
otherwise it gets wiped after every workflow
 2021-05-06 13:14:21 +02:00
matejcik
1822aebdb4 feat(core): prefill field_cache in bitcoin app 2021-05-06 13:14:21 +02:00
matejcik
f3db4f2dd3 refactor(core): defragment PathSchema memory usage 2021-05-06 13:14:21 +02:00
matejcik
b1ca6ca848 refactor(core/debug): offload debug configuration from apps.debug 2021-05-06 13:14:21 +02:00
matejcik
e859c13d70 refactor(core): limit global imports in key places 
so that by importing `apps.base`, we don't pull in the whole circus
 2021-05-06 13:14:21 +02:00
matejcik
7ca67cc4d9 feat(core): clear out memory space after every workflow 
A small fixed list of modules is kept pre-loaded in the GC arena.
These must not keep references to anything else, as all other modules
are unloaded and the memory is cleared.
 2021-05-06 13:14:21 +02:00
matejcik
e629a72c3a refactor(core): move app registrations to a single handler function 
apps.webauthn.boot() does not need an if-condition because it's only
called from session.py when the usb interface is enabled

This means that they do not need to be stored in RAM at all. The obvious
drawback is that we need to hand-edit the if/elif sequence, but we don't
register new handlers all that often so 🤷
 2021-05-06 13:14:21 +02:00
matejcik
391976bcda refactor(core/usb): do not require serial number on instantiaton of USB 
On a cleanly wiped device, storage must be unlocked in order to create
and retrieve the serial number. However, storage unlocking happens in
boot.py, which is imported _after_ usb.py

We must therefore sidestep asking for the serial number.
 2021-05-06 13:14:21 +02:00
matejcik
276bb59dba refactor(core/cardano): update caching mechanism 2021-05-06 13:14:21 +02:00
matejcik
3cdb09c294 refactor(core): modify cache to preallocate all its data 
also get rid of expensive "wire" import
 2021-05-06 13:14:21 +02:00
matejcik
ea505b592c refactor(core): move empty_bytearray to trezor.utils 2021-05-06 13:14:21 +02:00
matejcik
b0116d0bdc refactor(core): modify wire to preallocate its buffers 2021-05-06 13:14:21 +02:00
gabrielkerekes
bf3e64ff20 fix(common): add isort:skip_file to files generated by pb2py 2021-04-23 11:09:29 +02:00
gabrielkerekes
6f59892824 refactor(core/cardano): introduce derive_public_key to simplify pub key derivation 2021-04-23 11:09:29 +02:00
gabrielkerekes
905970fd6a refactor(core/cardano): generalise _paginate_lines 2021-04-23 11:09:29 +02:00
gabrielkerekes
2313293477 feat(core/cardano): add support for catalyst voting registration 2021-04-23 11:09:29 +02:00
gabrielkerekes
2c503b16f5 fix(common): fix one value enums in pb2py 2021-04-23 11:09:29 +02:00
mcudev
6137a55b06 core/embed/usb: use all available usb endpoints and update the usb fifo sizing 2021-04-09 12:50:40 +02:00
Pavol Rusnak
2852b947ec
chore(core): regenerate coins 2021-04-08 14:17:43 +02:00
Martin Milata
ac711fb8ee style(core): use more recent type annotation syntax 
https://www.python.org/dev/peps/pep-0585/ - Type Hinting Generics In Standard Collections
https://www.python.org/dev/peps/pep-0604/ - Allow writing union types as X | Y
 2021-04-01 11:12:30 +02:00
Martin Milata
0278998f72 style(common): mypy: disable implicit Optional for function arguments 2021-04-01 11:12:30 +02:00
Martin Milata
8b3ac659a0 style(core): mypy: disable implicit Optional for function arguments 
https://www.python.org/dev/peps/pep-0484/#union-types
 2021-04-01 11:12:30 +02:00
Martin Milata
f97af2af1b chore(core/ui): typing: no implicit Optional 2021-03-30 22:34:01 +02:00
Martin Milata
da72482c2f refactor(core/ui): get rid of confirm_wipe 2021-03-30 22:34:01 +02:00
Martin Milata
c0174ff217 refactor(core/ui): raise exception on dialog cancel by default 2021-03-30 22:34:01 +02:00
Martin Milata
2b6ea25712 refactor(core): convert rest of apps.bitcoin to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
b1e38fe382 refactor(core): no implicit spaces in render_text 2021-03-30 22:34:01 +02:00
Martin Milata
2a5f5c1c20 refactor(core): convert parts of apps.monero to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
6668921a4f refactor(core): convert apps.common.request_pin to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
01900b8536 refactor(core): convert parts of apps.webauthn to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
ffe6d65f72 refactor(core): convert parts of apps.management to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
c09a142e2a refactor(core): convert apps.misc.* to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
0b5d17bf49 refactor(core/ui): merge confirm_hexdata and show_pubkey 2021-03-30 22:34:01 +02:00
Martin Milata
6ded531f8f refactor(core): convert apps.common.sdcard to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
035f114125 fix(core/ui): don't return CONFIRMED/CANCELLED from layouts 2021-03-30 22:34:01 +02:00
Rafael Korbas
a9b8b0e119 feat(core/cardano): chunked serialization of signed transaction 2021-03-26 11:15:19 +01:00
gabrielkerekes
3cb686d452 fix(core/cardano): make witnesses order deterministic 2021-03-26 11:15:19 +01:00
Andrew Kozlik
2836bfc64c fix(core): Improve error handling and range checking in modtrezorconfig. 2021-03-26 10:54:56 +01:00
Andrew Kozlik
3084d1196d feat(core): Support 50 digit PIN and wipe code. 2021-03-25 14:24:41 +01:00
Pavol Rusnak
da7214d82f
fix(common): update support.json to include Firo 2021-03-25 13:39:59 +01:00
Pavol Rusnak
4649b80b44
feat(core): allow secp256k1-zkp for bitcoin-only build 
(but keep it disabled)
 2021-03-18 15:42:52 +01:00
matejcik
cb7152542d feat: drop DebugLinkShowText functionality 2021-03-18 10:59:51 +01:00
Rafael Korbas
74ed5b7018 feat(core/cardano): Implement bech32 asset ids based on CIP-0014 2021-03-18 09:53:33 +01:00
Rafael Korbas
bd4512b53a fix(core/cardano): Allow stake pool registrations with zero margin 2021-03-18 09:35:08 +01:00
Andrew Kozlik
b10acbe153 feat(core): Allow decreasing output amount in RBF transactions. 2021-03-17 15:15:50 +01:00
Andrew Kozlik
5593862dc1 fix(core): Disable hold-to-confirm animation when animations are disabled. 2021-03-17 15:15:50 +01:00
Andrew Kozlik
6de20a7dcd chore(core/bitcoin): Add DecredApprover. 2021-03-17 12:16:08 +01:00
Andrew Kozlik
523b1051c5 chore(core/bitcoin): Add stricter script_type checks in sanitizers. 2021-03-17 12:16:08 +01:00
Andrew Kozlik
6e8eebfc9c chore(core/bitcoin): Separate Decred-specific scripts from Bitcoin scripts. 2021-03-17 12:16:08 +01:00
JoeGruff
e3ea32a986 multi: Add decred staking. 
Add two new input and four output script types.

Decred ticket purchases consist of a stake submission, op returns, and
change addresses. Although change addresses are allowed by consensus,
they are no longer used in practice and so have been given the
restrictions of a null pubkey and no value. Stake scripts are almost
identical to p2pkh or p2sh except for an extra opcode in front. Inputs
are currently only used in the form of one input three outputs with the
first output, or stake submission, paying to a public key hash, or with
two inputs and five outputs with the stake submission paying to a
multisig script hash. The op returns are directed to the user in the
case of one and the voting service provider and user in the case of two.

One of the sstx commitment for a ticket must pay back to the trezor
wallet. This is checked and an error is thrown if we don't find the
expected public key hash.

Because this adds the ability to create new types of outputs once the
ticket votes, two new input script types are also needed. A successful
vote will lead to a stake generation script that must be spent, and an
unsuccessful vote will lead to a revocation script that must be spent.
If we allowed stake change scripts to have a valid pubkey, that too
would require another op code, but we disallow those for output.
 2021-03-17 12:16:08 +01:00
Pavol Rusnak
6c11bc60d7
common/defs/fido: add namecheap 2021-03-15 17:22:12 +01:00
Martin Milata
ee2ec85983 fix(core): fix title shown for multisig address 2021-03-11 14:21:03 +01:00
Andrew Kozlik
850aa56691 docs(core): Add references to SLIPs in the code. 2021-03-09 20:01:59 +01:00
Andrew Kozlik
a8c500bffd feat(core): Ensure that WebAuthn runs on port 21326 by default for both production and debug emulator. 2021-03-09 16:13:21 +01:00
Roman Zeyde
7ce4e13bcf feat(core): add public_key to ECDHSessionKey 2021-03-08 15:59:00 +01:00
Roman Zeyde
b2877afa7f feat(common): add public_key to ECDHSessionKey 2021-03-08 15:59:00 +01:00
Pavol Rusnak
4b0f41d41e
fix(common): change msg_id of RebootToBootloader from 804 to 87 2021-03-03 12:07:00 +01:00
Ondrej Mikle
77e99078c3
chore(trezorlib): add generated message files 2021-03-03 12:07:00 +01:00
Ondrej Mikle
1579c62332
chore(legacy): reboot to bootloader protobuf generated messages 2021-03-03 12:06:59 +01:00
matejcik
ed0ac98970 fix(common/tools): strip "mainnet" from Ethereum network names 2021-03-01 12:05:54 +01:00
Pavol Rusnak
17fa6ab4ec chore(common): update chains+tokens 2021-03-01 12:05:54 +01:00
Rafael Korbas
ceea21ec1f feat(cardano): Format stake pool ids as bech32 instead of hex 2021-02-25 16:49:19 +01:00
Rafael Korbas
3197741795 fix(core/Cardano): account index validation in _should_hide_output() 2021-02-25 16:41:12 +01:00
Rafael Korbas
cf871ee754 fix(core/Cardano): do not show change output in byron-shelley transfers 2021-02-25 16:41:12 +01:00
Martin Milata
c28763c169 refactor(core): use reload_settings_from_storage on boot 2021-02-24 00:10:10 +01:00
Martin Milata
9b60cc0098 feat(core): restart loader from current position 
On "hold to confirm" dialogs, when you hold your finger, lift it, and
quickly hold again, the progress bar jumps to the beginning. This commit
changes the behavior so the progress continues from its current position
of the reverse animation.
 2021-02-24 00:10:10 +01:00
Martin Milata
06b9d1314d fix(core): do not autolock when already locked 
Gets rid of unnecessary screen redraw.
 2021-02-24 00:10:10 +01:00
Martin Milata
192d0dcf87 feat(core): hold homescreen to lock 2021-02-24 00:10:10 +01:00
Martin Milata
db2db8e6f3 feat(common): add hold_ms to DebugLinkDecision 2021-02-24 00:10:10 +01:00
Pavol Rusnak
b4daf2f3e3
chore(core): run make gen to regenerate fido2 icons 
updated here - https://github.com/trezor/trezor-firmware/pull/1456
 2021-02-16 11:20:21 +01:00
Buck Perley
682298d7bb
fix(core): add exceptions for unchained capital paths 2021-02-12 21:56:03 +01:00
gabrielkerekes
d4dcd7bff9 fix(core/cardano): allow staking accounts beyond 100' 2021-02-11 09:55:23 +01:00
Andrew Kozlik
e5741ac308 chore(core): Use BufferReader for CBOR decoding. 2021-02-10 23:20:56 +01:00
Andrew Kozlik
ac939c94aa fix(core/tezos): Implement strict length checking. 
(cherry picked from commit e7f44ebee8)
 2021-02-10 16:37:26 +01:00
matejcik
6fd355756c fix(core/stellar): review usages of write_bytes_unchecked 
(cherry picked from commit 781e9f4db8)
 2021-02-10 16:37:26 +01:00
matejcik
08edbca428 fix(core/eos): review usages of write_bytes_unchecked 
(cherry picked from commit 5b5ed8cce1)
 2021-02-10 16:37:26 +01:00
matejcik
2231fe6842 feat(core): make protobuf.dump_uvarint more reusable 
(cherry picked from commit 6acc1cd6ab)
 2021-02-10 16:37:26 +01:00
Andrew Kozlik
78a2ff16d4 fix(core): In apps.bitcoin ensure that get_address() fails for multisig if user's public key is not included. 
(cherry picked from commit 77f5e90466)
 2021-02-10 16:37:26 +01:00
Martin Milata
391602ae99 refactor(core): turn show_address, show_pubkey, show_xpub into layouts 2021-02-10 13:57:19 +01:00
Martin Milata
03699f5639 refactor(core): turn show_success, show_warning into layouts 2021-02-10 13:57:19 +01:00
Martin Milata
f38abf9d89 refactor(core): introduce layouts 
Layouts can be used by the application code to interact with user using
small number of dialogs or other groups of UI components. Each layout is
identified by name and takes some parameters. Most layouts will have an
implementation for each hardware model, mechanism is provided to import
the correct version so that application code can be oblivious to the
model.

This commit introduces the layout concept and converts a couple of
dialogs to use it.
 2021-02-10 13:57:19 +01:00
Martin Milata
18cb429610 feat(core): introduce Text.format_parametrized() 2021-02-10 13:57:19 +01:00
Martin Milata
f1382bf892 refactor(core): model-dependent UI component directories 
They now live under trezor.ui.components.tt. Later
trezor.ui.components.t1 will be added and application code will be
rewritten to not use them directly in order to work on both TT and T1.
 2021-02-10 13:57:19 +01:00
matejcik
73a28e12f2 fix(core): create protobuf messages correctly 2021-02-10 10:56:52 +01:00
matejcik
14037d0c31 chore: regenerate protobuf classes 2021-02-10 10:56:52 +01:00
matejcik
bf562cfd4b feat(core/misc): enable typing for misc app 2021-02-10 10:56:52 +01:00
matejcik
ccd241fe55 feat(core/cardano): enable typing for Cardano app 2021-02-10 10:56:52 +01:00
Pavol Rusnak
18b51b856b
common/fido: update icons for github, mojeid and slushpool (#1456) 2021-02-08 16:51:49 +01:00
matejcik
637ccadcb6 style(core): remove unused type:ignore comment after mypy upgrade 2021-02-05 10:44:09 +01:00
Rafael Korbas
e4c406822c Add multiasset sending and min validity to Cardano transactions 2021-01-27 18:26:40 +01:00
Andrew Kozlik
79fad70b05 fix: Improve wording when showing multisig XPUBS. 2021-01-26 15:09:37 +01:00
Rafael Korbas
44c7d23741 Cardano: map account paths to account numbers 2021-01-22 14:45:29 +01:00
Pavol Rusnak
7f0e939359 feat(core): implement amount_unit for AuthorizeCoinJoin and SignTx 2021-01-22 14:07:36 +01:00
Pavol Rusnak
345ef52949 feat(proto): add amount_unit to AuthorizeCoinJoin and SignTx 2021-01-22 14:07:36 +01:00
Pavol Rusnak
f3d5de15ef refactor(core): turn SECP256K1_ZKP into a firmware feature flag 2021-01-22 14:06:29 +01:00
Pavol Rusnak
e85ed74f8f core: implement GetAddress.ignore_xpub_magic 2021-01-21 23:46:29 +01:00
Pavol Rusnak
4ed714ba47 common/defs: add xpub_magic_multisig_segwit_{native,p2sh} fields to coins 2021-01-21 23:46:29 +01:00
Pavol Rusnak
6689b9c22f common/protob: add GetAddress.ignore_xpub_magic field 2021-01-21 23:46:29 +01:00
Rafael Korbas
3a7a8e4d77 Disable "at least one output" restriction for Cardano, warn instead 2021-01-20 16:00:30 +01:00
mcudev
b8ffcadf94
common/defs/fido: add gemini webauthn (#1416) 2021-01-19 14:15:19 +01:00
matejcik
ed628ac4ba feat(core): make usb endpoints registration nicer 2021-01-12 14:18:13 +01:00
matejcik
fc4e15fe77 feat(core): introduce and enforce limit on label length (fixes #1399) 2021-01-12 11:22:58 +01:00
matejcik
2d3a4d15fa fix(core/ui): render_text uses correct font and color with item_offset 2021-01-11 16:47:59 +01:00
matejcik
24195d7c3e fix(core/ui): use full line_width for content 2021-01-11 16:47:59 +01:00
matejcik
e4b113b4bb fix(core/monero): make sure to pass strings to rendering 2021-01-11 16:47:59 +01:00
matejcik
fd502f122f feat(core): implement pagination for sign/verify 2021-01-11 16:47:59 +01:00
matejcik
bbef9c650b refactor(core): improve render_text behavior 
* use less memory due to copy-less rendering
* implement linebreaking on embedded \n
 2021-01-11 16:47:59 +01:00
Martin Milata
fa2e672f98 chore(core): monero: drop extraneous async/await 2021-01-11 12:14:13 +01:00
Pavol Rusnak
5728f54b78 core: return root_fingerprint in PublicKey 2021-01-08 14:17:09 +01:00
Pavol Rusnak
92452d54e5 feat(core): implement GetPublicKey.ignore_xpub_magic behaviour 2021-01-08 14:17:09 +01:00
Pavol Rusnak
e660a518c6 fix(core): show xpub instead of pubkey in GetPublicKey dialog 2021-01-08 14:17:09 +01:00
Pavol Rusnak
edb1243f64 feat(proto): add descriptors related fields to GetPublicKey/PublicKey 2021-01-08 14:17:09 +01:00
Andrew Kozlik
a609eb5e90 docs(core): Add comment about "Invalid original TXID" message. 2020-12-17 16:33:33 +01:00
Andrew Kozlik
06ce14096c chore(core): Reject replacement transactions which involve negative 
fees.
 2020-12-17 16:33:33 +01:00
Andrew Kozlik
aeb021b159 chore(core): Improve naming of SLIP39's T9 mask lookup. 2020-12-15 13:41:42 +01:00
Pavol Rusnak
1187e4ddaf style(common): use new syntax for typing in autogenerated protobuf enums 2020-12-01 15:52:29 +01:00
Pavol Rusnak
1e8673bf5f style(core/apps): use new syntax for typing 2020-12-01 15:52:29 +01:00
Pavol Rusnak
a1dda836ec style(core/src): use new syntax for typing 2020-12-01 15:52:29 +01:00
Martin Milata
ee64b65b26 refactor(core): call super().__init__() in subclasses 2020-11-30 14:48:08 +01:00
Martin Milata
fa1566cb71 refactor(core): call super().__init__() in Component and Layout subclasses 2020-11-30 14:48:08 +01:00
Pavol Rusnak
952adc5961
style(core): use PEP515 Underscores in Numeric Literals 2020-11-23 14:30:16 +01:00
matejcik
faa57e29db build(core): include generated resources.py in repo 2020-11-20 18:55:35 +01:00
matejcik
58387a5f04 fix(common): drop Zilliqa token (fixes #1318) 2020-11-20 18:55:35 +01:00
matejcik
a89494f60c chore(core): regenerate network and tokens lists 2020-11-20 18:55:35 +01:00
matejcik
4628c774aa feat(core): re-allow unknown Ethereum networks, using Ethereum or Testnet paths (fixes #1335) 2020-11-20 18:55:35 +01:00
matejcik
7abe70e484 feat(core): improve ethereum tokens ui (fixes #800) 2020-11-20 18:55:35 +01:00
Rafael Korbas
b311bd4d4a Add displaying of TTL to cardano transaction, align url validation with Ledger 2020-11-20 15:58:50 +01:00
Rafael Korbas
b261f789f3 Add support for stakepool registration to Cardano 2020-11-20 15:58:50 +01:00
Martin Milata
93d45f1aba fix(core): increase minimum auto-lock delay to 1 minute 2020-11-20 13:57:51 +01:00
Andrew Kozlik
f421a213fd feat(core): Inform user about transaction finalization in Bitcoin replacement transactions. 2020-11-20 13:52:48 +01:00
Pavol Rusnak
c6e78e525a
fix: remove PIVX (#1359) 2020-11-20 12:12:42 +01:00
matejcik
e6a1bf840f fix(core): do not subclass range 
micropython on real hw dislikes it for some reason

also it's completely unnecessary
 2020-11-13 16:01:35 +01:00
Pavol Rusnak
50fdd183c2
ci: enable editorconfig checks, fix whitespace issues 2020-11-11 14:43:50 +01:00
matejcik
37d3bf56fa fix(core): make sure run-time settings are reset after wipe (fixes #1322) 2020-11-05 15:33:38 +01:00
matejcik
50e648636f doc(core): add references to schema specifications, add Purpose48 document 2020-11-05 14:30:11 +01:00
matejcik
665abe1e02 fix(core/bitcoin): validate path before asking to sign message (which could otherwise fail) 2020-11-05 14:30:11 +01:00
matejcik
f10084117b feat(core/bitcoin): do not show path warning when GetAddress is called silently (fixes #1206) 2020-11-05 14:30:11 +01:00
matejcik
5a97a5111b feat(core/ethereum): add SEP5 path schema as well as the compat schema 2020-11-05 14:30:11 +01:00
matejcik
a367426480 feat(core/bitcoin): use path schemas 2020-11-05 14:30:11 +01:00
matejcik
c0879f8625 feat(core/cardano): use path schemas 2020-11-05 14:30:11 +01:00
matejcik
f5c8138df6 feat(core): update most apps to use path schemas 2020-11-05 14:30:11 +01:00
matejcik
4ca8f7b0d6 style(core): use relative imports everywhere 
except Monero, which has a rather complex structure and I don't want to
search&replace mess with it in case some of the things break memory
layout
 2020-11-05 14:30:11 +01:00
matejcik
7fe5c804ff feat(core): implement BIP-32 path schemas 2020-11-05 14:30:11 +01:00
Andrew Kozlik
70975008cd chore (core): In apps.bitcoin skip confirmation of fee in PayJoin if the user is not increasing their contribution. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
9e5d5bd5f9 feat: Add support for experimental field flag in protobuf. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
b213a55428 chore(core): In apps.bitcoin move h_inputs back to bitcoin class. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
4a0c5c371a feat(core): In apps.bitcoin implement replacement transaction flow. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
bd3fe1d789 chore(core): In apps.bitcoin create a separate class for transaction information. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
469c131678 chore(core): In apps.bitcoin add confirm_replacement and confirm_modify_fee layouts. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
7c2d690e45 chore(core): In apps.bitcoin allow get_tx_digest() to be used for original transactions. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
ad6a0bc2a2 chore(common): Add new request types TXORIGINPUT and TXORIGOUTPUT. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
5fc491c597 chore(core): In apps.bitcoin move BIP143 hashing back to a separate class. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
443e0c101e chore(common): Add orig_hash and orig_index fields to TxInput and TxOutput. 2020-10-23 15:07:15 +02:00
Andrew Kozlik
9a594f4784 fix(core): Fix CoinJoin anonymity gain check in bitcoin approver. 2020-10-16 19:16:37 +02:00
Martin Milata
830592f2d9 feat(core): add experimental_features setting 
The setting is off by default. When it is enabled protobuf messages
marked UNSTABLE are rejected after decoding.
 2020-10-16 13:53:31 +02:00
Martin Milata
0376670404 feat(common): expose 'unstable' option in generated code 2020-10-16 13:53:31 +02:00
Martin Milata
314cd260eb feat(common): add experimental_features setting 2020-10-16 13:53:31 +02:00
Pavol Rusnak
d8534b5ee6
perf(core/extmod): replace HMAC Python implementation with C 
We keep Python implementation of HMAC for Monero in
core/src/apps/monero/xmr/crypto/__init__.py
 2020-10-12 16:33:13 +02:00
Andrew Kozlik
d90c3af6ea docs(core): Fix typos in slip39.py. 2020-10-11 00:31:24 +02:00
Martin Milata
542f32d3b1 feat(core): add auto_lock_delay and display_rotation to Features 2020-10-02 11:06:16 +02:00
Martin Milata
b2c4bbdaa2 feat(common): add auto_lock_delay and display_rotation to Features 2020-10-02 11:06:16 +02:00
matejcik
e4785d47e0 style: apply black 20.8b1 2020-09-29 11:30:40 +02:00
Rafael Korbas
2173ad97bc Refactor t<page number> to page<page_number> in cardano get_address call 2020-09-29 08:55:28 +02:00
Rafael Korbas
66dbdc2462 Enforce network id/protocol magic consistency for cardano show address 2020-09-29 08:55:28 +02:00
Juraj Muravsky
638977db7d Swap path with address type on screen in cardano get address 2020-09-29 08:55:28 +02:00
matejcik
0eed360037 chore: make tx type names shorter 
as suggested by @andrewkozlik:
TxAckInputType -> TxInput
TxAckOutputType -> TxOutput
TxAckPrevTxType -> PrevTx
TxAckPrevInputType -> PrevInput
TxAckPrevOutputType -> PrevOutput
 2020-09-23 16:00:10 +02:00
matejcik
244b264b47 chore(core): fix typing and kwargs usage 2020-09-23 16:00:10 +02:00
matejcik
ef4022fbf5 auto: regenerate protobuf classes 2020-09-23 16:00:10 +02:00
matejcik
37025e2a84 feat(core): use specialized protobufs in apps.bitcoin, enable typing 2020-09-23 16:00:10 +02:00
matejcik
b0a2297b14 feat(core): convert protobuf decoding errors to DataErrors 2020-09-23 16:00:10 +02:00
matejcik
6ba08526e1 fix(core): fix type annotations on CoinInfo 2020-09-23 16:00:10 +02:00
matejcik
90ee5f3d38 feat!: implement protobuf required fields and default values 
BREAKING CHANGE: this makes arguments to protobuf constructors
keyword-only, and arguments corresponding to required fields are now
mandatory
 2020-09-23 16:00:10 +02:00
Pavol Rusnak
f8489f16e4 fix(common/defs): remove FSN, ICX which migrated to mainnet 2020-09-23 11:31:09 +02:00
Martin Milata
cff4955f93 core: implement SafetyChecks.PromptTemporarily 
Also reword safety checks confirmation dialogs.
 2020-09-18 09:02:40 +02:00
Martin Milata
7d37b2c90f common: add PromptTemporarily to SafetyChecks enum 2020-09-18 09:02:40 +02:00
Martin Milata
9d2ad96ad4 core: add SafetyCheckLevel to Features 2020-09-18 09:02:40 +02:00
Martin Milata
9f066e877d common: add SafetyCheckLevel to Features 2020-09-18 09:02:40 +02:00
Andrew Kozlik
295710c37d core/bitcoin: Check ownership proofs using the provided commitment data. 2020-09-08 19:36:10 +02:00
Andrew Kozlik
5d745d5d04 common/protob: Add commitment_data to TxInputType. 2020-09-08 19:36:10 +02:00
Dusan Klinec
9d7b0bf50c xmr: fix new transaction type for CLSAG, HF=13 2020-09-07 17:50:38 +02:00
Andrew Kozlik
dad2852db9 core/bitcoin: Stream prev_tx after confirmation. 2020-09-04 14:36:39 +02:00
Tomas Susanka
ebc99435ab Revert "core: remove ownership messages from the public api for now" 
This reverts commit 0d5f00668f.
 2020-09-03 14:56:27 +02:00
Tomas Susanka
b99b8b3df3 Merge remote-tracking branch 'origin/release/2020-09' 2020-09-03 13:17:23 +02:00
Martin Milata
b8bb63fbef core: drop unused FONT_SIZE constant 2020-09-01 19:57:46 +02:00
Tomas Susanka
19461398d7 core/cardano: reuse derived Shamir seed (fixes #1007) 2020-09-01 16:14:41 +02:00
Tomas Susanka
0d5f00668f
core: remove ownership messages from the public api for now 2020-09-01 15:56:57 +02:00
matejcik
e0583dd5cb all: use a specific error code for "invalid session" 2020-08-28 15:37:06 +02:00
matejcik
4909821f35 core: implement EndSession 2020-08-28 15:37:06 +02:00
Martin Milata
df5421e7d6 common/defs: update maxfee_kb to 10USD/tx 
Except bitcoin.

(cherry picked from commit f51fac3410)
 2020-08-25 18:06:54 +02:00
Martin Milata
f51fac3410 common/defs: update maxfee_kb to 10USD/tx 
Except bitcoin.
 2020-08-25 18:05:29 +02:00
Pavol Rusnak
41f5237967
common/defs: enable extra_data for FLO 
(cherry picked from commit 534695313c)
 2020-08-24 11:08:02 +02:00
Pavol Rusnak
534695313c
common/defs: enable extra_data for FLO 2020-08-24 11:06:12 +02:00
Andrew Kozlik
f2d669ecdc core/bitcoin: Use dynamic dispatch for confirmation dialogs in sign_tx. 2020-08-21 21:30:15 +02:00
Andrew Kozlik
02da5b7593 core/bitcoin: Show warning if nLockTime is set but ineffective due to all nSequence values being 0xffffffff. 2020-08-21 21:30:15 +02:00
Pavol Rusnak
cdf0f68bb0 core: show passphrase on device 2020-08-21 21:30:15 +02:00
Martin Milata
1b982659c4
core: fix boot loop after uploading invalid homescreen (#1205) 2020-08-21 12:00:42 +02:00
Pavol Rusnak
0620911e46 core: allow spending coins from Bitcoin paths if the coin ... 
has implemented strong replay protection via SIGHASH_FORKID
 2020-08-21 11:49:03 +02:00
Alexis Hernandez
96c38315df
common/defs: enable extra_data for XSN (#1208) 2020-08-20 20:40:30 +02:00
Andrew Kozlik
dd540a2ccd core/ui: Initialize Qr class properly. 2020-08-20 18:13:09 +02:00
gabrielkerekes
431a25b119 Add Cardano README.md 2020-08-20 16:02:10 +02:00
Pavol Rusnak
c3ce9de3ea core: regenerate coins+tokens 2020-08-19 19:29:18 +02:00
Martin Milata
3f21e8f400 core: display coin name when signing message 
Also when verifying message.
 2020-08-18 13:45:49 +02:00
Martin Milata
927ee0812b core: add hard limit for transaction fees 
The hard limit is set to 10*fee_warning_threshold. The limit is not
enforced when `safety_checks` is set to "Prompt".
 2020-08-17 16:12:33 +02:00
Tomas Susanka
c9dc38c9f3 core: allow 49/x not 49/x' for Casa 2020-08-17 08:54:08 +02:00
Pavol Rusnak
d1973b7486
pipenv: update Pipfile 2020-08-08 18:03:32 +02:00
Pavol Rusnak
4e11735d22 core/modtrezorui: remove prefill from text functions 
use display.bar where needed to prefill the areas
 2020-08-07 15:08:14 +02:00
matejcik
51ea8ccecd common: update token support 2020-08-07 11:49:26 +02:00
Pavol Rusnak
65805c9145
core: fix non-determinism in resources.py.mako 2020-08-05 17:10:22 +02:00
matejcik
cea634158a core: make sure Homescreen is properly initialized (fixes #1095) 2020-08-05 14:22:06 +02:00
Tomas Susanka
16827c3135 core: make templates 2020-08-05 13:55:36 +02:00
gabrielkerekes
afa26e7560 Use correct paths for Cardano Byron witnesses 2020-08-04 20:35:13 +02:00
Andrew Kozlik
292d909235 core/base: Implement CancelAuthorization message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
8bcb3d8fb6 core/storage: Add delete() method to storage.cache. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
5c1f197602 common/protob: Add CancelAuthorization message. 2020-08-04 17:32:44 +02:00
matejcik
cd86f9f477 core/bitcoin: make change check more robust against short paths 2020-08-04 17:32:44 +02:00
Andrew Kozlik
07d9b780a6 core/bitcoin: Change CoinJoin round ID length to 32 bytes and remove rate limiting. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
377bff68f4 core/bitcoin: Implement DoPreauthorized message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
2c30dd62fc common: Add DoPreauthorized message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
b9cfecb8b8 core/bitcoin: Support preauthorization in SignTx message for CoinJoin. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
97fc9b74ab core/bitcoin: Implement CoinJoinApprover. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
d6ee542deb core/bitcoin: Move transaction confirmation logic from Bitcoin to BasicApprover class. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
00258f2d4d core/bitcoin: Support preauthorization in GetOwnershipProof message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
c772de9d3c core/bitcoin: Support preauthorization in @with_keychain decorator. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
208283e13e core/bitcoin: Implement AuthorizeCoinJoin message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
48a331aa1d core/bitcoin: Add CoinJoinAuthorization class. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
dc32a17335 core/bitcoin: Move BIP32_WALLET_DEPTH to common. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
bbab13f6e7 common/protob: Add AuthorizeCoinJoin message. 2020-08-04 17:32:44 +02:00
gabrielkerekes
683d7420ff Fix Cardano Shelley public key validation 
In Shelley Cardano started using the purpose 1852'. Unfortunately,
we completely missed that the public key path validation fuction checks
for purpose 44' explicitly, which means that the user is shown a warning
when deriving public key with the purpose 1852'. Which is always when
"logging in" to a wallet. This commit should fix that.

I've also updated type hinting in get_public_key.
 2020-08-04 13:03:57 +02:00
Gabriel Kerekeš
c0eba979c6 Fix bare 'except' style error - catch Exception instead 
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
 2020-07-30 17:17:03 +02:00
gabrielkerekes
7a1e773b49 Validate transaction metadata 2020-07-30 17:17:03 +02:00
gabrielkerekes
f2ee450410 Include metadata in transaction signing 2020-07-30 17:17:03 +02:00
gabrielkerekes
0438f318b4 Bring back cbor.Raw - to be used for metadata 2020-07-30 17:17:03 +02:00
gabrielkerekes
1ed8b56b7c Include Byron witness once for each input path 2020-07-30 17:17:03 +02:00
gabrielkerekes
7bf5cab840 Update sign_tx 
Add certificates, withdrawals and metadata hash
 2020-07-30 17:17:03 +02:00
gabrielkerekes
a25444efd1 Move to_account_path() to utils 2020-07-30 17:17:03 +02:00
gabrielkerekes
e92baf5b02 Update protobuf 2020-07-30 17:17:03 +02:00
Andrew Kozlik
7d07161efe common/fido: Unify application labeling between U2F and FIDO2. 2020-07-30 15:29:54 +02:00
Martin Milata
d955e3f1e5 core: rename class Overwintered to Zcashlike 2020-07-30 15:14:18 +02:00
Martin Milata
10387e1869 core: drop zcash v3 tx signing support 2020-07-30 15:14:18 +02:00
gabrielkerekes
6d02aa23d9 Raise wire.DataError when deriving invalid address type 2020-07-30 14:43:32 +02:00
gabrielkerekes
b5f3511c1c Add support for script addresses in tx outputs 2020-07-30 14:43:32 +02:00
gabrielkerekes
f1b6056edb Fix staking key hash message 
When deriving an address with a foreign staking key Trezor would crash
due to forgotten `decode()` on hexlified staking key hash which was to
be displayed.

This wasn't discovered while testing because it weirdly would pass with
a `aaff00` string, but not with longer ones.
 2020-07-30 14:43:32 +02:00
matejcik
c008600d08 core/debug: fail if wait_layout is sent without watch_layout 2020-07-29 11:50:47 +02:00
Martin Milata
3021233eaf core: remove unimports from bitcoin sign_tx layouts 2020-07-28 10:51:28 +02:00
Pavol Rusnak
cec87bba50
core: remove mono bold font variant (not used anywhere) 2020-07-27 23:22:34 +02:00
matejcik
4eb5b927c0 core/cardano: simplify keychain implementation 2020-07-27 13:24:51 +02:00
Gabriel Kerekeš
d2c1624602 Cardano shelley update 2/3 (#1112) 2020-07-27 13:11:23 +02:00
gabrielkerekes
e1615e60ec Update Cardano to support Shelley era 1/3 
Update protobuf

- Previous transactions don't need to be sent anymore, because fee is
  included in the transaction now. Thus transactions_count can be
  removed from CardanoSignTx message and the CardanoTxAck and
  CardanoTxRequest messages can be removed altogether.
- CardanoTxInputType.type is unused so remove it

Add NULL (None type) serialisation to CBOR

- Transaction metada must either have a valid structure or CBOR NULL
  must be used (if metadata is empty) - it can't be simply left out.

Add protocol_magics file

- Just to have a nicer way of representing protocol magics

Update transaction signing

- Previous transactions no longer need to be requested
- Output building is simplified, since fee doesn't need to be calculated
- Remove transaction class since it is no longer needed (only functions
  remained)
- Reorder functions so it reads top to bottom

Add protocol magic to byron address on testnet

- This has always been a part of the spec, but it hasn't been
  implemented before, because it wasn't really needed.

Update trezorlib

Update tests

- Transaction messages are no longer required
- Expected values are different since tx format changed
- Common values in test cases have been extracted

Remove unused file

- Progress was used when receiving previous transactions

Add CRC check to output address validation
 2020-07-27 13:04:49 +02:00
matejcik
fdcb64ac24 all: rename protobuf unsafe_prompts to safety_checks 2020-07-24 16:37:58 +02:00
matejcik
19ad1dae8b core/bitcoin: allow compatibility namespaces for Casa/Greenaddress 2020-07-24 16:37:58 +02:00
matejcik
b741560997 core/bitcoin: drop unused validate_path_for_bitcoin_public_key 2020-07-24 16:37:58 +02:00
matejcik
407375b0c4 core/bitcoin: move BITCOIN_NAMES to common 2020-07-24 16:37:58 +02:00
matejcik
fd8cb0e061 core/keychain: differentiate error message for ed25519 derivation 2020-07-24 16:37:58 +02:00
matejcik
0438f83a94 core: use public as named argument instead of comment 2020-07-24 16:37:58 +02:00
matejcik
57b08c98ed core: raise error on setting passphrase-on-device without passphrase 2020-07-24 16:37:58 +02:00
matejcik
c85d768b81 core: update references to keychain everywhere 2020-07-24 16:37:58 +02:00
matejcik
ff4ec2185e core: refactor keychain to only support one curve at a time 
also make a cleaner distinction between keychain, seed, path

This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.

For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".

SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.

Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
 2020-07-24 16:37:58 +02:00
matejcik
8e44132d3c core: replace load_settings with individual setters 2020-07-24 16:37:58 +02:00
matejcik
1109250dcf core: add option to allow unsafe prompts 2020-07-24 16:37:58 +02:00
Martin Milata
03f2dab6bc core: reduce gc.collect calls during bitcon sign_tx 2020-07-24 15:35:09 +02:00
matejcik
c3a61998cb core: generate resdata by Mako, use if/elif trick to save RAM 2020-07-24 14:09:31 +02:00
matejcik
5e7fd3aea6 core: use utils.BufferReader instead of apps.common.BytearrayReader 2020-07-24 14:09:31 +02:00
matejcik
1ff4a0d239 core: separate BufferIO into Reader (read-only) and Writer 
also integrates BytearrayReader API into BufferReader
 2020-07-24 14:09:31 +02:00
matejcik
3514a31bc9 core: make USB codec resilient to OOM conditions 2020-07-24 14:09:31 +02:00
matejcik
31e2170766 core: make protobuf buffer smaller, dynamically allocate bigger if necessary 2020-07-24 14:09:31 +02:00
matejcik
a000ea5ec8 core/monero: update Monero app to use synchronous protobuf 2020-07-24 14:09:31 +02:00
matejcik
01d695283f core: make protobuf buffer bigger 2020-07-24 14:09:31 +02:00
matejcik
0c3bc53aee core: clean up types for field caching, fix count_message 2020-07-24 14:09:31 +02:00
matejcik
d568afa80d core: improve protobuf field caching 2020-07-24 14:09:31 +02:00
matejcik
85d74ece76 core: implement synchronous v1 codec 2020-07-24 14:09:31 +02:00
Martin Milata
fd117a0c9f core: raise error on auto-lock value out of range 2020-07-22 21:38:42 +02:00
matejcik
051763575d core: touch idle timer in keyboards (fixes #1099) 2020-07-10 14:05:52 +02:00
matejcik
2c4ecff0a4 core: fix synthetic events breaking io.poll delay calculation 2020-07-10 14:05:52 +02:00
Andrew Kozlik
eb28998f98 core/bitcoin: Support multiple change-outputs. 2020-07-09 15:51:23 +02:00
Andrew Kozlik
37f4dcc7e5 core/bitcoin: Rename witness_p2wsh() to witness_multisig(). 2020-07-03 11:17:19 +02:00
Andrew Kozlik
9cd600f79e core/bitcoin: Add special confirmation screen for transactions with external inputs. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
64d9350de2 core/bitcoin: Implement GetOwnershipId message. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
533de50588 common/protob: Add GetOwnershipId message. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
712ec68c1b core/bitcoin: Add support for external inputs with proof of non-ownership. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
956ea9a94f common: Add ownership_proof field to TxInputType. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d4317d1536 core/bitcoin: Implement generation and verification of SLIP-0019 proofs of ownership. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d52de28704 core/bitcoin: Implement BIP-322 SignatureProof container. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
c723c78529 common/protob: Add GetOwnershipProof message. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d48a372ca7 core/sign_tx: Implement support for signed external inputs. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
78f14d286e core/sign_tx: Factor out get_legacy_tx_digest() from sign_nonsegwit_input(). 2020-07-03 11:17:19 +02:00
Andrew Kozlik
61e2d4d5e5 core/bitcoin: Implement signature verifier. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
5378e12ba2 core/bitcoin: Clarify hash_type vs. sighash_type terminology. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d1e043f417 core/bitcoin: Implement parsing of scripts and witnesses for signature verification. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
173bb7ed13 core/bitcoin: Replace TxInputType parameter in input_derive_script. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
a901573ea2 core/bitcoin: Move script types from helpers to common. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
3b6c1e5e6b core/crypto: Add functions for verifying DER encoded signatures. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
9459c5a5c2 core/common: Add BytearrayReader and basic reader functions. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
99f01cd316 core/sign_tx: Check script_pubkeys of inputs. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
cc655575c8 common: Add witness field to TxInputType. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
872768928b core/crypto: Fix endianity in DER length encoding. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
e7f230d66e core/sign_tx: Use varint length encoding for witness stack items. 2020-07-03 11:17:19 +02:00
Tomas Susanka
0f9a2459d3 core: make QR code smaller for Monero 2020-07-01 17:20:04 +00:00
Tomas Susanka
ca3dd2bfb9 common: skip deprecated fields during generation; deprecate overwintered field in Zcash 2020-06-30 16:02:21 +02:00
matejcik
e6e3043096 all: implement support for pre-overwinter prevtx (fixes #1030) 2020-06-30 15:19:31 +02:00
Andrew Kozlik
f382f77c89 core/ui: Fix repaint bug in QR code rendering #1067. 2020-06-25 12:25:41 +02:00
Tomas Susanka
e534ae3ad7 legacy, core: rename Features.pin_cached to unlocked and unify 2020-06-19 21:26:36 +02:00
Tomas Susanka
a6acefbdf5 core: wipe before reset and recovery; introduce 'intialized' field 2020-06-16 11:31:29 +02:00
Andrey
1eeaa1e5cf Enable extra_data for Zcoin. Changed coininfo.py 2020-06-15 09:53:00 +02:00
Tomas Susanka
b67be7dd9e core: forbid all settings if not initialized 2020-06-11 18:47:01 +02:00
Tomas Susanka
981d079d7f core/signverify: add failsafe for an empty message header 2020-06-11 09:08:50 +02:00
Tomas Susanka
56fe5adcfc Merge branch 'release/2020-06' 2020-06-10 06:51:18 +00:00
Pavol Rusnak
5262ef84cf common/defs/fido: add aws and tutanota 2020-06-05 14:53:13 +02:00
Andrew Kozlik
9c61257e8e core: Use the Lock icon in the PIN entry dialog only when the device is actually locked. 2020-06-05 11:52:56 +02:00
matejcik
7579ac5274 core: fix rendering issues in homescreens 2020-06-04 16:18:46 +02:00
matejcik
9df7c84c56 core/ui: lower lockscreen brightness 2020-06-04 16:18:46 +02:00
matejcik
8fa7684a9c core: set a scheduler-safe maximum for autolock 2020-06-04 16:18:46 +02:00
matejcik
872e0fb0e0 core: lower scheduler resolution to milliseconds 
This avoids problems with large timeouts causing the scheduler queue to
think the time counter has overflown, and ordering the autolock task before
immediate tasks.

The maximum reasonable time difference is 0x20000000, which in
microseconds is ~8 minutes, but in milliseconds a more reasonable ~6
days.
 2020-06-04 16:18:46 +02:00
matejcik
847691798b core: simplify homescreen and lockscreen implementations 2020-06-04 16:18:46 +02:00
matejcik
4bc865794f core: only unlock storage if it is locked (solves determinism issue in tests) 2020-06-04 16:18:46 +02:00
matejcik
ffa7790ed5 core: start USB after booting apps 
This prevents a race condition where sometimes an Initialize message
could arrive before the homescreen was fully booted -- and Recovery
homescreen would cancel it as part of its bootup sequence.
 2020-06-04 16:18:46 +02:00
matejcik
70f67883c5 core: fix artifacts in click-based UI tests 2020-06-04 16:18:46 +02:00
matejcik
a9d8fd3992 core: debuglink interface avoids workflow management 
This will have unintended consequences if you call a wirelink function
on the debulink interface. TT allows this ... and will behave badly.
 2020-06-04 16:18:46 +02:00
matejcik
bc9247e18d core: add Cancel to a list of allowed messages while locked 2020-06-04 16:18:46 +02:00
matejcik
f32c2f9e23 core: replace workflow.kill_default with workflow.close_others 2020-06-04 16:18:46 +02:00
matejcik
01832d5ae9 core: call close_others() in place of ButtonRequest 
this makes sense, really: close_others() requests UI exclusivity, and
that is something that generally happens at the same places we emit a
ButtonRequest
 2020-06-04 16:18:46 +02:00
matejcik
6f53ca0ac6 core: rework wait_layout() 
The original wait_layout was unreliable, because there are no guarantees
re order of arrival of the respective events. Still, TT's event handling
is basically deterministic, so as long as the host sent its messages
close enough to each other, the order worked out.

This is no longer the case with the introduction of loop.spawn: TT's
behavior is still deterministic, but now ButtonAck is processed *before*
the corresponding wait_layout, so the waiting side waits forever.

In the new process, the host must first register to receive layout
events, and then receives all of them (so the number of calls to
wait_layout must match the number of layout changes).

DebugLinkWatchLayout message must be version-gated, because of an
unfortunate collection of bugs in previous versions wrt unknown message
handling; and this interests us because upgrade-tests are using
wait_layout feature.
 2020-06-04 16:18:46 +02:00
matejcik
5d823ff5ea core: use ButtonRequestType.PinEntry for PIN entry 2020-06-04 16:18:46 +02:00
matejcik
bbfce4e303 common: introduce ButtonRequestType.PinEntry 2020-06-04 16:18:46 +02:00
matejcik
3dbd9c9eca core/loop: prevent finalizers from doing things when task is closed externally 2020-06-04 16:18:46 +02:00
matejcik
42e7c43c7c core: make sure that auto-lock shuts down running workflows 2020-06-04 16:18:46 +02:00
matejcik
2d0206c043 core: replace workflow.on_start/on_close with workflow.spawn 2020-06-04 16:18:46 +02:00
matejcik
02565f3bfb core/loop: introduce spawn syscall 2020-06-04 16:18:46 +02:00
matejcik
a4f47ddd21 core/lockscreen: ignore exception when user taps "unlock" and then cancels 2020-06-04 16:18:46 +02:00
matejcik
7ff1251ee1 core: dim lockscreen (fixes #974) 2020-06-04 16:18:46 +02:00
matejcik
4035aad51b core: implement auto-lock after a configurable timeout (fixes #75) 2020-06-04 16:18:46 +02:00
matejcik
67b723e4ca core: add a global idle timer 2020-06-04 16:18:46 +02:00
Andrew Kozlik
5469acfabf core/webauthn: Cache user verification for 3 minutes. 2020-06-04 16:18:46 +02:00
Andrew Kozlik
b867ac1d01 core/webauthn: Implement FIDO2 unlocking from softlock. 2020-06-04 16:18:46 +02:00
Andrew Kozlik
0f81886c9f core/webauthn: Allow confirm_dialog() to return a new state as an alternative to the user response. 2020-06-04 16:18:46 +02:00
Andrew Kozlik
c8ae5c157e core/webauthn: Implement U2F unlocking from softlock. 2020-06-04 16:18:46 +02:00
matejcik
06aed7135a core: do not prompt for PIN just to lock the device again 2020-06-04 16:18:46 +02:00
matejcik
246998910a core: refactor usage of input_signals 
this prevents a certain class of UI test failure. It also localizes the
use of debuglink signals into the layout classes instead of call sites,
which is a design we were already using for confirm_signals
 2020-06-04 16:18:46 +02:00
matejcik
afeeafd5cd core: hide some fields when softlocked 2020-06-04 16:18:46 +02:00
matejcik
b9bd9ea3d0 core: only softlock when PIN is set 2020-06-04 16:18:46 +02:00
matejcik
a9ddc2a8e2 core/boot: modify initial lockscreen label 2020-06-04 16:18:46 +02:00
matejcik
09af8aed4e core: consider lockscreen to be a separate homescreen 
this involves some changes to the workflow defaults:

* workflow.start_default() takes no arguments
* workflow.set_default() (originally replace_default) configures the
  default that will be started by next call to start_default().
  The intended usecase is to set_default() first and then start it
  separately.
* apps.base.set_homescreen() factors out the logic originally in
  main.py, that decides which homescreen should be launched. This uses
  set_default() call. start_default() is then used explicitly in main.py
 2020-06-04 16:18:46 +02:00
matejcik
d73480bc9d core: introduce PIN soft-locking 2020-06-04 16:18:46 +02:00
matejcik
04c8b2803d core: refactor homescreen app, include lockscreen in it 2020-06-04 16:18:46 +02:00
matejcik
9197623d83 core: factor out the decision whether to lock the device 2020-06-04 16:18:46 +02:00
matejcik
0600d87c8c common: rename ClearSession to LockDevice, introduce EndSession 2020-06-04 16:18:46 +02:00
matejcik
32fcc4ad9c core: make verify_user_pin accept a Context argument 2020-06-04 16:18:46 +02:00
matejcik
8ca7ffc3b8 core: use wire.PinCancelled/PinInvalid instead of custom versions 
also refactor show_pin_invalid and its usages so that it raises directly

note that we are now using PinCancelled instead of ActionCancelled where
appropriate
 2020-06-04 16:18:46 +02:00