When doing Ethereum signTypedData, and the primaryType="EIP712Domain",
we completely ignore the "message" part and only sign the domain.
According to the community, this is technically allowed by the spec,
and may be used by ETH smart contracts to save on gas.
Test case generated by @MetaMask/eth-sig-util's library.
See: https://ethereum-magicians.org/t/eip-712-standards-clarification-primarytype-as-domaintype/3286
Changes many fields to required -- as far as we were able to figure out,
signing would fail if these fields aren't provided anyway, so this
should not pose a compatibility problem.
Co-authored-by: matejcik <ja@matejcik.cz>
Based on original contribution by Max Kupriianov <xlab@hey.com>
Implemented EIP-712 typed data signatures in Ethereum app.
Add eth_abi into pyproject deps
device test for EIP 712
fixed hex decoding for address
fixup! fixed hex decoding for address
code quality, more pythonic code, removing unused imports
running black and isort on changed files
trezorctl file input for EIP 712 data signing
fixup! code quality, more pythonic code, removing unused imports
fixup! fixup! code quality, more pythonic code, removing unused imports
necessary changes after rebase to master
unit tests for sign_typed_data.py
new protobuf messages, working for nonarray types
simplified and verified solution for our simple data
support for simple arrays, without their confirmation
reverting protobuf value messages to bytes, appropriate changes
showing arrays in Trezor, code quality improvements
data validation on Trezor, minor improvements
using custom types for storing type data instead of dicts, addressing feedback from review
moving helper functions to its own file, tests for decode_data
additional overall tests
support for arrays of structs
adding support for metamask_v4_compat variable
using HashWriter object to collect the final hash continously
minor improvements in code quality
validate_field_type function
streaming values from client without saving them, missing UI
prototype of streamed UI using confirm_properties
accounting for bytes in data, more data types in integration tests
rebase on master, using f-strings
minor fixes and improvements from code review
StructHasher class for the whole hashing process
mypy and style changes
asking users whether to show structs and arrays
protobuf descriptions to fix make defs_check
unifying comments, mypy fix
unit tests for StructHasher class
UI fixtures, skipping device tests for T1
addressing majority of code review comments about code quality and structure
changing file structure - layouts, helpers, sign_typed_data
decode_data renaming and docstring, renaming unit test file
using tuples instead of lists in elifs
layout improvements
excluding core/src/apps/common/confirm.py file from the PR
True/False returning layout with Show more button
code review layout improvements
forgotten br_type argument to should_show_more
BREAKING CHANGE: StellarAssetType is renamed to StellarAsset.
The name StellarAssetType is reused for the corresponding enum.
Enums are introduced in several other places. Their values correspond to
allowed values of (previously int) fields so this should not pose a
compatibility problem.
Many fields are now required. We believe that this should not pose a
compatibility problem, because all known interfaces to Stellar signing
actually accept Stellar XDR on input, whose required fields match the
protobuf schema.
* Changes from original PR
* Now that we are rejecting chain_ids of 0, we need to have the tests set the chain_ids to at least 1.
* Ran 'make gen' and uploaded changed files.
* Ran make style_check and fixed reported errors
* Added changelog files
* Reverted changes concerning chain_id 0 being rejected.
* Adds tests for MAX_CHAIN_ID and MAX_CHAIN_ID+1. Also reverts MAX_CHAIN_ID to the previous value.
* Added missing whitespace around arithmetic operator.
Co-authored-by: Michael Hatton <michaelhatton@Michaels-Mini.fios-router.home>
Initial EIP1559 implementation
Fix a few small issues
Progress on Python lib implementation and firmware
Fix RLP length
Start fixing tests
Fix legacy transactions
Simplify API and logic
Add EIP1559 tests
Fix access list formatting
Fix UI visiblity issue
Fix commented out code
fix: correct linting issues
Fix access_list protobuf formatting
Remove unneeded code
Remove dead code
Check tx_type bounds for EIP 2718
Reduce code duplication
Prefer eip2718_type over re-using tx_type
Add more tests
Simplify format_access_list
Simplify sign_tx slightly
Change Access List format and add logic to encode it
Fix a bunch of small PR comments
Fix a linting issue
Move tests out of class and regenerate
Remove copy-pasted comments
Add access list to CLI
Simplify _parse_access_list_item
Fix small mistakes following rebase
Fix linting
Refactor to use a separate message for EIP 1559 tx
Simplify changed legacy code
Fix a few small PR comments
Fix linting
fix(legacy): recognize SignTxEIP1559 on legacy build
Fix PR comments
Add two new input and four output script types.
Decred ticket purchases consist of a stake submission, op returns, and
change addresses. Although change addresses are allowed by consensus,
they are no longer used in practice and so have been given the
restrictions of a null pubkey and no value. Stake scripts are almost
identical to p2pkh or p2sh except for an extra opcode in front. Inputs
are currently only used in the form of one input three outputs with the
first output, or stake submission, paying to a public key hash, or with
two inputs and five outputs with the stake submission paying to a
multisig script hash. The op returns are directed to the user in the
case of one and the voting service provider and user in the case of two.
One of the sstx commitment for a ticket must pay back to the trezor
wallet. This is checked and an error is thrown if we don't find the
expected public key hash.
Because this adds the ability to create new types of outputs once the
ticket votes, two new input script types are also needed. A successful
vote will lead to a stake generation script that must be spent, and an
unsuccessful vote will lead to a revocation script that must be spent.
If we allowed stake change scripts to have a valid pubkey, that too
would require another op code, but we disallow those for output.
Update protobuf
- Previous transactions don't need to be sent anymore, because fee is
included in the transaction now. Thus transactions_count can be
removed from CardanoSignTx message and the CardanoTxAck and
CardanoTxRequest messages can be removed altogether.
- CardanoTxInputType.type is unused so remove it
Add NULL (None type) serialisation to CBOR
- Transaction metada must either have a valid structure or CBOR NULL
must be used (if metadata is empty) - it can't be simply left out.
Add protocol_magics file
- Just to have a nicer way of representing protocol magics
Update transaction signing
- Previous transactions no longer need to be requested
- Output building is simplified, since fee doesn't need to be calculated
- Remove transaction class since it is no longer needed (only functions
remained)
- Reorder functions so it reads top to bottom
Add protocol magic to byron address on testnet
- This has always been a part of the spec, but it hasn't been
implemented before, because it wasn't really needed.
Update trezorlib
Update tests
- Transaction messages are no longer required
- Expected values are different since tx format changed
- Common values in test cases have been extracted
Remove unused file
- Progress was used when receiving previous transactions
Add CRC check to output address validation
The original wait_layout was unreliable, because there are no guarantees
re order of arrival of the respective events. Still, TT's event handling
is basically deterministic, so as long as the host sent its messages
close enough to each other, the order worked out.
This is no longer the case with the introduction of loop.spawn: TT's
behavior is still deterministic, but now ButtonAck is processed *before*
the corresponding wait_layout, so the waiting side waits forever.
In the new process, the host must first register to receive layout
events, and then receives all of them (so the number of calls to
wait_layout must match the number of layout changes).
DebugLinkWatchLayout message must be version-gated, because of an
unfortunate collection of bugs in previous versions wrt unknown message
handling; and this interests us because upgrade-tests are using
wait_layout feature.