Based on original contribution by Max Kupriianov <xlab@hey.com>
Implemented EIP-712 typed data signatures in Ethereum app.
Add eth_abi into pyproject deps
device test for EIP 712
fixed hex decoding for address
fixup! fixed hex decoding for address
code quality, more pythonic code, removing unused imports
running black and isort on changed files
trezorctl file input for EIP 712 data signing
fixup! code quality, more pythonic code, removing unused imports
fixup! fixup! code quality, more pythonic code, removing unused imports
necessary changes after rebase to master
unit tests for sign_typed_data.py
new protobuf messages, working for nonarray types
simplified and verified solution for our simple data
support for simple arrays, without their confirmation
reverting protobuf value messages to bytes, appropriate changes
showing arrays in Trezor, code quality improvements
data validation on Trezor, minor improvements
using custom types for storing type data instead of dicts, addressing feedback from review
moving helper functions to its own file, tests for decode_data
additional overall tests
support for arrays of structs
adding support for metamask_v4_compat variable
using HashWriter object to collect the final hash continously
minor improvements in code quality
validate_field_type function
streaming values from client without saving them, missing UI
prototype of streamed UI using confirm_properties
accounting for bytes in data, more data types in integration tests
rebase on master, using f-strings
minor fixes and improvements from code review
StructHasher class for the whole hashing process
mypy and style changes
asking users whether to show structs and arrays
protobuf descriptions to fix make defs_check
unifying comments, mypy fix
unit tests for StructHasher class
UI fixtures, skipping device tests for T1
addressing majority of code review comments about code quality and structure
changing file structure - layouts, helpers, sign_typed_data
decode_data renaming and docstring, renaming unit test file
using tuples instead of lists in elifs
layout improvements
excluding core/src/apps/common/confirm.py file from the PR
True/False returning layout with Show more button
code review layout improvements
forgotten br_type argument to should_show_more
All test cases are generated and verified in Stellar Laboratory.
Source XDR is also tested to match the vectors, and it is easy to verify
in Laboratory directly.
BREAKING CHANGE: StellarAssetType is renamed to StellarAsset.
The name StellarAssetType is reused for the corresponding enum.
Enums are introduced in several other places. Their values correspond to
allowed values of (previously int) fields so this should not pose a
compatibility problem.
Many fields are now required. We believe that this should not pose a
compatibility problem, because all known interfaces to Stellar signing
actually accept Stellar XDR on input, whose required fields match the
protobuf schema.
* Changes from original PR
* Now that we are rejecting chain_ids of 0, we need to have the tests set the chain_ids to at least 1.
* Ran 'make gen' and uploaded changed files.
* Ran make style_check and fixed reported errors
* Added changelog files
* Reverted changes concerning chain_id 0 being rejected.
* Adds tests for MAX_CHAIN_ID and MAX_CHAIN_ID+1. Also reverts MAX_CHAIN_ID to the previous value.
* Added missing whitespace around arithmetic operator.
Co-authored-by: Michael Hatton <michaelhatton@Michaels-Mini.fios-router.home>
Initial EIP1559 implementation
Fix a few small issues
Progress on Python lib implementation and firmware
Fix RLP length
Start fixing tests
Fix legacy transactions
Simplify API and logic
Add EIP1559 tests
Fix access list formatting
Fix UI visiblity issue
Fix commented out code
fix: correct linting issues
Fix access_list protobuf formatting
Remove unneeded code
Remove dead code
Check tx_type bounds for EIP 2718
Reduce code duplication
Prefer eip2718_type over re-using tx_type
Add more tests
Simplify format_access_list
Simplify sign_tx slightly
Change Access List format and add logic to encode it
Fix a bunch of small PR comments
Fix a linting issue
Move tests out of class and regenerate
Remove copy-pasted comments
Add access list to CLI
Simplify _parse_access_list_item
Fix small mistakes following rebase
Fix linting
Refactor to use a separate message for EIP 1559 tx
Simplify changed legacy code
Fix a few small PR comments
Fix linting
fix(legacy): recognize SignTxEIP1559 on legacy build
Fix PR comments
Output size is currently limited to 4000 bytes at protocol level. Given the maximum transaction size Trezor can handle (~9kB), we also want to enforce this size limit here so that when the limit is raised at protocol level again, Trezor would still not be able to produce larger outputs than it could reliably spend. Once Cardano-transaction signing is refactored to be completely streamed and maximum supported transaction size is thus raised, this limit can be lifted.
Add two new input and four output script types.
Decred ticket purchases consist of a stake submission, op returns, and
change addresses. Although change addresses are allowed by consensus,
they are no longer used in practice and so have been given the
restrictions of a null pubkey and no value. Stake scripts are almost
identical to p2pkh or p2sh except for an extra opcode in front. Inputs
are currently only used in the form of one input three outputs with the
first output, or stake submission, paying to a public key hash, or with
two inputs and five outputs with the stake submission paying to a
multisig script hash. The op returns are directed to the user in the
case of one and the voting service provider and user in the case of two.
One of the sstx commitment for a ticket must pay back to the trezor
wallet. This is checked and an error is thrown if we don't find the
expected public key hash.
Because this adds the ability to create new types of outputs once the
ticket votes, two new input script types are also needed. A successful
vote will lead to a stake generation script that must be spent, and an
unsuccessful vote will lead to a revocation script that must be spent.
If we allowed stake change scripts to have a valid pubkey, that too
would require another op code, but we disallow those for output.