Completely remove old Starkware internal "plugin"
This commit is contained in:
Alexandre Paillier
@@ -5,8 +5,6 @@
|
||||
|
||||
#define APP_FLAG_DATA_ALLOWED 0x01
|
||||
#define APP_FLAG_EXTERNAL_TOKEN_NEEDED 0x02
|
||||
#define APP_FLAG_STARKWARE 0x04
|
||||
#define APP_FLAG_STARKWARE_V2 0x08
|
||||
|
||||
#define CLA 0xE0
|
||||
#define INS_GET_PUBLIC_KEY 0x02
|
||||
@@ -47,26 +45,6 @@
|
||||
#define APDU_RESPONSE_CONDITION_NOT_SATISFIED 0x6985
|
||||
#define APDU_RESPONSE_REF_DATA_NOT_FOUND 0x6a88
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
#define STARKWARE_CLA 0xF0
|
||||
#define STARKWARE_INS_GET_PUBLIC_KEY 0x02
|
||||
#define STARKWARE_INS_SIGN_MESSAGE 0x04
|
||||
#define STARKWARE_INS_PROVIDE_QUANTUM 0x08
|
||||
#define STARKWARE_INS_UNSAFE_SIGN 0x0A
|
||||
|
||||
#define P1_STARK_ORDER 0x01
|
||||
#define P1_STARK_TRANSFER 0x02
|
||||
#define P1_STARK_ORDER_V2 0x03
|
||||
#define P1_STARK_TRANSFER_V2 0x04
|
||||
#define P1_STARK_CONDITIONAL_TRANSFER 0x05
|
||||
|
||||
#define STARK_ORDER_TYPE 0
|
||||
#define STARK_TRANSFER_TYPE 1
|
||||
#define STARK_CONDITIONAL_TRANSFER_TYPE 2
|
||||
|
||||
#endif
|
||||
|
||||
enum { OFFSET_CLA = 0, OFFSET_INS, OFFSET_P1, OFFSET_P2, OFFSET_LC, OFFSET_CDATA };
|
||||
|
||||
#define ERR_APDU_EMPTY 0x6982
|
||||
@@ -151,35 +129,6 @@ void handleSetEth2WinthdrawalIndex(uint8_t p1,
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
void handleStarkwareGetPublicKey(uint8_t p1,
|
||||
uint8_t p2,
|
||||
const uint8_t *dataBuffer,
|
||||
uint8_t dataLength,
|
||||
unsigned int *flags,
|
||||
unsigned int *tx);
|
||||
void handleStarkwareSignMessage(uint8_t p1,
|
||||
uint8_t p2,
|
||||
uint8_t *dataBuffer,
|
||||
uint8_t dataLength,
|
||||
unsigned int *flags,
|
||||
unsigned int *tx);
|
||||
void handleStarkwareProvideQuantum(uint8_t p1,
|
||||
uint8_t p2,
|
||||
const uint8_t *dataBuffer,
|
||||
uint8_t dataLength,
|
||||
unsigned int *flags,
|
||||
unsigned int *tx);
|
||||
void handleStarkwareUnsafeSign(uint8_t p1,
|
||||
uint8_t p2,
|
||||
const uint8_t *dataBuffer,
|
||||
uint8_t dataLength,
|
||||
unsigned int *flags,
|
||||
unsigned int *tx);
|
||||
|
||||
#endif
|
||||
|
||||
extern uint16_t apdu_response_code;
|
||||
|
||||
#endif // _APDU_CONSTANTS_H_
|
||||
|
||||
@@ -11,12 +11,8 @@ void ui_display_privacy_public_key(void);
|
||||
void ui_display_privacy_shared_secret(void);
|
||||
void ui_display_public_key(const uint64_t *chain_id);
|
||||
void ui_sign_712_v0(void);
|
||||
void ui_display_stark_public(void);
|
||||
void ui_confirm_selector(void);
|
||||
void ui_confirm_parameter(void);
|
||||
void ui_stark_limit_order(void);
|
||||
void ui_stark_unsafe_sign(void);
|
||||
void ui_stark_transfer(bool selfTransfer, bool conditional);
|
||||
|
||||
// EIP-191
|
||||
void ui_191_start(void);
|
||||
|
||||
@@ -2,13 +2,8 @@
|
||||
#include "eth_plugin_internal.h"
|
||||
#include "plugin_utils.h"
|
||||
|
||||
bool erc20_plugin_available_check(void);
|
||||
|
||||
void erc20_plugin_call(int message, void* parameters);
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
void starkware_plugin_call(int message, void* parameters);
|
||||
#endif
|
||||
#ifdef HAVE_ETH2
|
||||
void eth2_plugin_call(int message, void* parameters);
|
||||
#endif
|
||||
@@ -27,83 +22,15 @@ const uint8_t* const ETH2_SELECTORS[NUM_ETH2_SELECTORS] = {ETH2_DEPOSIT_SELECTOR
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
static const uint8_t STARKWARE_REGISTER_ID[SELECTOR_SIZE] = {0xdd, 0x24, 0x14, 0xd4};
|
||||
static const uint8_t STARKWARE_DEPOSIT_TOKEN_ID[SELECTOR_SIZE] = {0x25, 0x05, 0xc3, 0xd9};
|
||||
static const uint8_t STARKWARE_DEPOSIT_ETH_ID[SELECTOR_SIZE] = {0x00, 0xae, 0xef, 0x8a};
|
||||
static const uint8_t STARKWARE_DEPOSIT_CANCEL_ID[SELECTOR_SIZE] = {0x7d, 0xf7, 0xdc, 0x04};
|
||||
static const uint8_t STARKWARE_DEPOSIT_RECLAIM_ID[SELECTOR_SIZE] = {0xae, 0x87, 0x38, 0x16};
|
||||
static const uint8_t STARKWARE_WITHDRAW_ID[SELECTOR_SIZE] = {0x44, 0x1a, 0x3e, 0x70};
|
||||
static const uint8_t STARKWARE_FULL_WITHDRAWAL_ID[SELECTOR_SIZE] = {0xa9, 0x33, 0x10, 0xc4};
|
||||
static const uint8_t STARKWARE_FREEZE_ID[SELECTOR_SIZE] = {0x93, 0xc1, 0xe4, 0x66};
|
||||
static const uint8_t STARKWARE_ESCAPE_ID[SELECTOR_SIZE] = {0x9e, 0x3a, 0xda, 0xc4};
|
||||
static const uint8_t STARKWARE_VERIFY_ESCAPE_ID[SELECTOR_SIZE] = {0x2d, 0xd5, 0x30, 0x06};
|
||||
|
||||
static const uint8_t STARKWARE_WITHDRAW_TO_ID[SELECTOR_SIZE] = {0x14, 0xcd, 0x70, 0xe4};
|
||||
static const uint8_t STARKWARE_DEPOSIT_NFT_ID[SELECTOR_SIZE] = {0xae, 0x1c, 0xdd, 0xe6};
|
||||
static const uint8_t STARKWARE_DEPOSIT_NFT_RECLAIM_ID[SELECTOR_SIZE] = {0xfc, 0xb0, 0x58, 0x22};
|
||||
static const uint8_t STARKWARE_WITHDRAW_AND_MINT_ID[SELECTOR_SIZE] = {0xd9, 0x14, 0x43, 0xb7};
|
||||
static const uint8_t STARKWARE_WITHDRAW_NFT_ID[SELECTOR_SIZE] = {0x01, 0x9b, 0x41, 0x7a};
|
||||
static const uint8_t STARKWARE_WITHDRAW_NFT_TO_ID[SELECTOR_SIZE] = {0xeb, 0xef, 0x0f, 0xd0};
|
||||
static const uint8_t STARKWARE_REGISTER_AND_DEPOSIT_TOKEN_ID[SELECTOR_SIZE] = {0x10,
|
||||
0x82,
|
||||
0x08,
|
||||
0xcf};
|
||||
static const uint8_t STARKWARE_REGISTER_AND_DEPOSIT_ETH_ID[SELECTOR_SIZE] = {0xa7,
|
||||
0x78,
|
||||
0xc0,
|
||||
0xc3};
|
||||
static const uint8_t STARKWARE_PROXY_DEPOSIT_TOKEN_ID[SELECTOR_SIZE] = {0xdc, 0xca, 0xd5, 0x24};
|
||||
static const uint8_t STARKWARE_PROXY_DEPOSIT_ETH_ID[SELECTOR_SIZE] = {0x6c, 0xe5, 0xd9, 0x57};
|
||||
|
||||
const uint8_t* const STARKWARE_SELECTORS[NUM_STARKWARE_SELECTORS] = {
|
||||
STARKWARE_REGISTER_ID,
|
||||
STARKWARE_DEPOSIT_TOKEN_ID,
|
||||
STARKWARE_DEPOSIT_ETH_ID,
|
||||
STARKWARE_DEPOSIT_CANCEL_ID,
|
||||
STARKWARE_DEPOSIT_RECLAIM_ID,
|
||||
STARKWARE_WITHDRAW_ID,
|
||||
STARKWARE_FULL_WITHDRAWAL_ID,
|
||||
STARKWARE_FREEZE_ID,
|
||||
STARKWARE_ESCAPE_ID,
|
||||
STARKWARE_VERIFY_ESCAPE_ID,
|
||||
STARKWARE_WITHDRAW_TO_ID,
|
||||
STARKWARE_DEPOSIT_NFT_ID,
|
||||
STARKWARE_DEPOSIT_NFT_RECLAIM_ID,
|
||||
STARKWARE_WITHDRAW_AND_MINT_ID,
|
||||
STARKWARE_WITHDRAW_NFT_ID,
|
||||
STARKWARE_WITHDRAW_NFT_TO_ID,
|
||||
STARKWARE_REGISTER_AND_DEPOSIT_TOKEN_ID,
|
||||
STARKWARE_REGISTER_AND_DEPOSIT_ETH_ID,
|
||||
STARKWARE_PROXY_DEPOSIT_TOKEN_ID,
|
||||
STARKWARE_PROXY_DEPOSIT_ETH_ID};
|
||||
|
||||
#endif
|
||||
|
||||
// All internal alias names start with 'minus'
|
||||
|
||||
const internalEthPlugin_t INTERNAL_ETH_PLUGINS[] = {
|
||||
{erc20_plugin_available_check,
|
||||
(const uint8_t**) ERC20_SELECTORS,
|
||||
NUM_ERC20_SELECTORS,
|
||||
"-erc20",
|
||||
erc20_plugin_call},
|
||||
{NULL, (const uint8_t**) ERC20_SELECTORS, NUM_ERC20_SELECTORS, "-erc20", erc20_plugin_call},
|
||||
|
||||
#ifdef HAVE_ETH2
|
||||
|
||||
{NULL, (const uint8_t**) ETH2_SELECTORS, NUM_ETH2_SELECTORS, "-eth2", eth2_plugin_call},
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
{NULL,
|
||||
(const uint8_t**) STARKWARE_SELECTORS,
|
||||
NUM_STARKWARE_SELECTORS,
|
||||
"-strk",
|
||||
starkware_plugin_call},
|
||||
|
||||
#endif
|
||||
|
||||
{NULL, NULL, 0, "", NULL}};
|
||||
|
||||
@@ -29,11 +29,4 @@ extern const uint8_t* const ETH2_SELECTORS[NUM_ETH2_SELECTORS];
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
#define NUM_STARKWARE_SELECTORS 20
|
||||
extern const uint8_t* const STARKWARE_SELECTORS[NUM_STARKWARE_SELECTORS];
|
||||
|
||||
#endif
|
||||
|
||||
extern internalEthPlugin_t const INTERNAL_ETH_PLUGINS[];
|
||||
|
||||
56
src/main.c
56
src/main.c
@@ -32,10 +32,6 @@
|
||||
#include "challenge.h"
|
||||
#include "domain_name.h"
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
#include "stark_crypto.h"
|
||||
#endif
|
||||
|
||||
unsigned char G_io_seproxyhal_spi_buffer[IO_SEPROXYHAL_BUFFER_SIZE_B];
|
||||
|
||||
void ui_idle(void);
|
||||
@@ -55,9 +51,6 @@ uint16_t apdu_response_code;
|
||||
bool G_called_from_swap;
|
||||
bool G_swap_response_ready;
|
||||
pluginType_t pluginType;
|
||||
#ifdef HAVE_STARKWARE
|
||||
bool quantumSet;
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ETH2
|
||||
uint32_t eth2WithdrawalIndex;
|
||||
@@ -81,9 +74,6 @@ void reset_app_context() {
|
||||
G_called_from_swap = false;
|
||||
G_swap_response_ready = false;
|
||||
pluginType = OLD_INTERNAL;
|
||||
#ifdef HAVE_STARKWARE
|
||||
quantumSet = false;
|
||||
#endif
|
||||
#ifdef HAVE_ETH2
|
||||
eth2WithdrawalIndex = 0;
|
||||
#endif
|
||||
@@ -232,52 +222,6 @@ void handleApdu(unsigned int *flags, unsigned int *tx) {
|
||||
|
||||
#endif // HAVE_WALLET_ID_SDK
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
if (G_io_apdu_buffer[OFFSET_CLA] == STARKWARE_CLA) {
|
||||
switch (G_io_apdu_buffer[OFFSET_INS]) {
|
||||
case STARKWARE_INS_GET_PUBLIC_KEY:
|
||||
handleStarkwareGetPublicKey(G_io_apdu_buffer[OFFSET_P1],
|
||||
G_io_apdu_buffer[OFFSET_P2],
|
||||
G_io_apdu_buffer + OFFSET_CDATA,
|
||||
G_io_apdu_buffer[OFFSET_LC],
|
||||
flags,
|
||||
tx);
|
||||
break;
|
||||
case STARKWARE_INS_SIGN_MESSAGE:
|
||||
handleStarkwareSignMessage(G_io_apdu_buffer[OFFSET_P1],
|
||||
G_io_apdu_buffer[OFFSET_P2],
|
||||
G_io_apdu_buffer + OFFSET_CDATA,
|
||||
G_io_apdu_buffer[OFFSET_LC],
|
||||
flags,
|
||||
tx);
|
||||
break;
|
||||
case STARKWARE_INS_PROVIDE_QUANTUM:
|
||||
handleStarkwareProvideQuantum(G_io_apdu_buffer[OFFSET_P1],
|
||||
G_io_apdu_buffer[OFFSET_P2],
|
||||
G_io_apdu_buffer + OFFSET_CDATA,
|
||||
G_io_apdu_buffer[OFFSET_LC],
|
||||
flags,
|
||||
tx);
|
||||
break;
|
||||
case STARKWARE_INS_UNSAFE_SIGN:
|
||||
handleStarkwareUnsafeSign(G_io_apdu_buffer[OFFSET_P1],
|
||||
G_io_apdu_buffer[OFFSET_P2],
|
||||
G_io_apdu_buffer + OFFSET_CDATA,
|
||||
G_io_apdu_buffer[OFFSET_LC],
|
||||
flags,
|
||||
tx);
|
||||
break;
|
||||
default:
|
||||
THROW(0x6D00);
|
||||
break;
|
||||
}
|
||||
CLOSE_TRY;
|
||||
return;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
if (G_io_apdu_buffer[OFFSET_CLA] != CLA) {
|
||||
THROW(0x6E00);
|
||||
}
|
||||
|
||||
@@ -1,43 +0,0 @@
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
#include "poorstream.h"
|
||||
|
||||
void poorstream_init(poorstream_t *stream, uint8_t *buffer) {
|
||||
memset((void *) stream, 0, sizeof(poorstream_t));
|
||||
stream->pointer = buffer;
|
||||
}
|
||||
|
||||
void poorstream_flush(poorstream_t *stream) {
|
||||
// PRINTF("Flush\n");
|
||||
*(stream->pointer + 0) = (stream->accumulator >> 56);
|
||||
*(stream->pointer + 1) = (stream->accumulator >> 48);
|
||||
*(stream->pointer + 2) = (stream->accumulator >> 40);
|
||||
*(stream->pointer + 3) = (stream->accumulator >> 32);
|
||||
*(stream->pointer + 4) = (stream->accumulator >> 24);
|
||||
*(stream->pointer + 5) = (stream->accumulator >> 16);
|
||||
*(stream->pointer + 6) = (stream->accumulator >> 8);
|
||||
*(stream->pointer + 7) = (stream->accumulator >> 0);
|
||||
}
|
||||
|
||||
void poorstream_write_bits(poorstream_t *stream, uint64_t bits, uint32_t num_bits) {
|
||||
stream->offset += num_bits;
|
||||
if (stream->offset < 64) {
|
||||
stream->accumulator |= (bits << (64 - stream->offset));
|
||||
// PRINTF("ACC |= << %d\n", (64 - stream->offset));
|
||||
} else {
|
||||
stream->offset -= 64;
|
||||
stream->mask = ((1 << (num_bits - stream->offset)) - 1);
|
||||
// PRINTF("Mask %lx\n", stream->mask);
|
||||
// PRINTF("Offset %d\n", stream->offset);
|
||||
stream->accumulator |= ((bits >> stream->offset) & stream->mask);
|
||||
poorstream_flush(stream);
|
||||
stream->accumulator = 0;
|
||||
stream->pointer += 8;
|
||||
if (stream->offset) {
|
||||
stream->mask = ((1 << stream->offset) - 1);
|
||||
stream->accumulator |= ((bits & stream->mask) << (64 - stream->offset));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#endif
|
||||
@@ -1,21 +0,0 @@
|
||||
#ifndef _POORSTREAM_H_
|
||||
#define _POORSTREAM_H_
|
||||
|
||||
#include <stdbool.h>
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "os.h"
|
||||
|
||||
typedef struct poorstream_t {
|
||||
uint8_t *pointer;
|
||||
uint32_t offset;
|
||||
uint64_t mask;
|
||||
uint64_t accumulator;
|
||||
} poorstream_t;
|
||||
|
||||
void poorstream_init(poorstream_t *stream, uint8_t *buffer);
|
||||
void poorstream_flush(poorstream_t *stream);
|
||||
void poorstream_write_bits(poorstream_t *stream, uint64_t bits, uint32_t num_bits);
|
||||
|
||||
#endif // _POORSTREAM_H_
|
||||
@@ -40,21 +40,6 @@ typedef struct internalStorage_t {
|
||||
bool initialized;
|
||||
} internalStorage_t;
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
typedef enum starkQuantumType_e {
|
||||
|
||||
STARK_QUANTUM_LEGACY = 0x00,
|
||||
STARK_QUANTUM_ETH,
|
||||
STARK_QUANTUM_ERC20,
|
||||
STARK_QUANTUM_ERC721,
|
||||
STARK_QUANTUM_MINTABLE_ERC20,
|
||||
STARK_QUANTUM_MINTABLE_ERC721
|
||||
|
||||
} starkQuantumType_e;
|
||||
|
||||
#endif
|
||||
|
||||
typedef struct tokenContext_t {
|
||||
char pluginName[PLUGIN_ID_LENGTH];
|
||||
|
||||
@@ -78,13 +63,6 @@ typedef struct tokenContext_t {
|
||||
|
||||
uint8_t pluginStatus;
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
uint8_t quantum[32];
|
||||
uint8_t mintingBlob[32];
|
||||
uint8_t quantumIndex;
|
||||
uint8_t quantumType;
|
||||
#endif
|
||||
|
||||
} tokenContext_t;
|
||||
|
||||
_Static_assert((offsetof(tokenContext_t, pluginContext) % 4) == 0, "Plugin context not aligned");
|
||||
@@ -129,27 +107,8 @@ typedef union {
|
||||
char tmp[100];
|
||||
} tmpContent_t;
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
typedef struct starkContext_t {
|
||||
uint8_t w1[32];
|
||||
uint8_t w2[32];
|
||||
uint8_t w3[32];
|
||||
uint8_t w4[32];
|
||||
uint8_t conditional;
|
||||
uint8_t transferDestination[32];
|
||||
uint8_t fact[32];
|
||||
uint8_t conditionAddress[20];
|
||||
} starkContext_t;
|
||||
|
||||
#endif
|
||||
|
||||
typedef union {
|
||||
tokenContext_t tokenContext;
|
||||
|
||||
#ifdef HAVE_STARKWARE
|
||||
starkContext_t starkContext;
|
||||
#endif
|
||||
} dataContext_t;
|
||||
|
||||
typedef enum { APP_STATE_IDLE, APP_STATE_SIGNING_TX, APP_STATE_SIGNING_MESSAGE } app_state_t;
|
||||
@@ -158,18 +117,6 @@ typedef enum {
|
||||
CONTRACT_NONE,
|
||||
CONTRACT_ERC20,
|
||||
CONTRACT_ALLOWANCE,
|
||||
#ifdef HAVE_STARKWARE
|
||||
CONTRACT_STARKWARE_REGISTER,
|
||||
CONTRACT_STARKWARE_DEPOSIT_TOKEN,
|
||||
CONTRACT_STARKWARE_DEPOSIT_ETH,
|
||||
CONTRACT_STARKWARE_WITHDRAW,
|
||||
CONTRACT_STARKWARE_DEPOSIT_CANCEL,
|
||||
CONTRACT_STARKWARE_DEPOSIT_RECLAIM,
|
||||
CONTRACT_STARKWARE_FULL_WITHDRAWAL,
|
||||
CONTRACT_STARKWARE_FREEZE,
|
||||
CONTRACT_STARKWARE_ESCAPE,
|
||||
CONTRACT_STARKWARE_VERIFY_ESCAPE
|
||||
#endif
|
||||
} contract_call_t;
|
||||
|
||||
// must be able to hold in decimal up to : floor(MAX_UINT64 / 2) - 36
|
||||
@@ -223,9 +170,6 @@ typedef enum {
|
||||
extern pluginType_t pluginType;
|
||||
|
||||
extern uint8_t appState;
|
||||
#ifdef HAVE_STARKWARE
|
||||
extern bool quantumSet;
|
||||
#endif
|
||||
#ifdef HAVE_ETH2
|
||||
extern uint32_t eth2WithdrawalIndex;
|
||||
#endif
|
||||
|
||||
@@ -1,17 +0,0 @@
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
#include "shared_context.h"
|
||||
|
||||
void stark_sign_display_master_account() {
|
||||
snprintf(strings.tmp.tmp,
|
||||
sizeof(strings.tmp.tmp),
|
||||
"0x%.*H",
|
||||
32,
|
||||
dataContext.starkContext.transferDestination);
|
||||
}
|
||||
|
||||
void stark_sign_display_condition_fact() {
|
||||
snprintf(strings.tmp.tmp, sizeof(strings.tmp.tmp), "0x%.*H", 32, dataContext.starkContext.fact);
|
||||
}
|
||||
|
||||
#endif
|
||||
@@ -1,6 +0,0 @@
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
void stark_sign_display_master_account();
|
||||
void stark_sign_display_condition_fact();
|
||||
|
||||
#endif
|
||||
@@ -1,91 +0,0 @@
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
#include "shared_context.h"
|
||||
#include "stark_utils.h"
|
||||
#include "uint256.h"
|
||||
#include "common_utils.h"
|
||||
|
||||
extraInfo_t *getKnownToken(uint8_t *contractAddress);
|
||||
|
||||
static unsigned char const C_cx_Stark256_n[] = {
|
||||
// n: 0x0800000000000010ffffffffffffffffb781126dcae7b2321e66a241adc64d2f
|
||||
0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xb7, 0x81, 0x12, 0x6d, 0xca, 0xe7, 0xb2, 0x32, 0x1e, 0x66, 0xa2, 0x41, 0xad, 0xc6, 0x4d, 0x2f};
|
||||
|
||||
// C_cx_secp256k1_n - (C_cx_secp256k1_n % C_cx_Stark256_n)
|
||||
static unsigned char const STARK_DERIVE_BIAS[] = {
|
||||
0xf8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x0e, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xf7,
|
||||
0x38, 0xa1, 0x3b, 0x4b, 0x92, 0x0e, 0x94, 0x11, 0xae, 0x6d, 0xa5, 0xf4, 0x0b, 0x03, 0x58, 0xb1};
|
||||
|
||||
void starkDerivePrivateKey(uint32_t *bip32Path, uint32_t bip32PathLength, uint8_t *privateKeyData) {
|
||||
#if 0
|
||||
// Sanity check
|
||||
if (bip32Path[0] != STARK_BIP32_PATH_0) {
|
||||
PRINTF("Invalid Stark derivation path %d\n", bip32Path[0]);
|
||||
THROW(0x6a80);
|
||||
}
|
||||
os_perso_derive_node_bip32(CX_CURVE_256K1, bip32Path, bip32PathLength, privateKeyData, NULL);
|
||||
PRINTF("Private key before processing %.*H\n", 32, privateKeyData);
|
||||
// TODO - support additional schemes
|
||||
cx_math_modm(privateKeyData, 32, C_cx_Stark256_n, 32);
|
||||
PRINTF("Private key after processing %.*H\n", 32, privateKeyData);
|
||||
#else
|
||||
uint8_t tmp[33];
|
||||
uint8_t index = 0;
|
||||
// Sanity check
|
||||
if ((bip32PathLength < 2) || (bip32Path[0] != STARK_BIP32_PATH_0) ||
|
||||
(bip32Path[1] != STARK_BIP32_PATH_1)) {
|
||||
PRINTF("Invalid Stark derivation path %d %d\n", bip32Path[0], bip32Path[1]);
|
||||
THROW(0x6a80);
|
||||
}
|
||||
os_perso_derive_node_bip32(CX_CURVE_256K1, bip32Path, bip32PathLength, tmp, NULL);
|
||||
PRINTF("Private key before processing %.*H\n", 32, tmp);
|
||||
for (;;) {
|
||||
tmp[32] = index;
|
||||
cx_hash_sha256(tmp, 33, privateKeyData, 32);
|
||||
PRINTF("Key hash %.*H\n", 32, privateKeyData);
|
||||
if (cx_math_cmp(privateKeyData, STARK_DERIVE_BIAS, 32) < 0) {
|
||||
cx_math_modm(privateKeyData, 32, C_cx_Stark256_n, 32);
|
||||
break;
|
||||
}
|
||||
index++;
|
||||
}
|
||||
PRINTF("Key result %.*H\n", 32, privateKeyData);
|
||||
|
||||
#endif
|
||||
}
|
||||
|
||||
void stark_get_amount_string(uint8_t *contractAddress,
|
||||
uint8_t *quantum256,
|
||||
uint8_t *amount64,
|
||||
char *tmp100,
|
||||
char *target100) {
|
||||
uint256_t amountPre, quantum, amount;
|
||||
uint8_t decimals;
|
||||
char *ticker = chainConfig->coinName;
|
||||
|
||||
PRINTF("stark_get_amount_string %.*H\n", 20, contractAddress);
|
||||
|
||||
if (allzeroes(contractAddress, 20)) {
|
||||
decimals = WEI_TO_ETHER;
|
||||
PRINTF("stark_get_amount_string - ETH\n");
|
||||
} else {
|
||||
tokenDefinition_t *token = &getKnownToken(contractAddress)->token;
|
||||
if (token == NULL) { // caught earlier
|
||||
THROW(0x6A80);
|
||||
}
|
||||
decimals = token->decimals;
|
||||
ticker = (char *) token->ticker;
|
||||
PRINTF("stark_get_amount_string - decimals %d ticker %s\n", decimals, ticker);
|
||||
}
|
||||
convertUint256BE(amount64, 8, &amountPre);
|
||||
readu256BE(quantum256, &quantum);
|
||||
mul256(&amountPre, &quantum, &amount);
|
||||
tostring256(&amount, 10, tmp100, 100);
|
||||
PRINTF("stark_get_amount_string - mul256 %s\n", tmp100);
|
||||
strlcpy(target100, ticker, 100);
|
||||
adjustDecimals(tmp100, strlen(tmp100), target100 + strlen(ticker), 100, decimals);
|
||||
PRINTF("get_amount_string %s\n", target100);
|
||||
}
|
||||
|
||||
#endif // HAVE_STARK
|
||||
@@ -1,21 +0,0 @@
|
||||
#ifndef _STARK_CRYPTO_H_
|
||||
#define _STARK_CRYPTO_H_
|
||||
|
||||
#include <stdbool.h>
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "os.h"
|
||||
#include "cx.h"
|
||||
|
||||
/* EC points */
|
||||
#define FIELD_ELEMENT_SIZE (32)
|
||||
#define EC_POINT_SIZE (2 * FIELD_ELEMENT_SIZE + 1)
|
||||
typedef unsigned char FieldElement[FIELD_ELEMENT_SIZE];
|
||||
typedef unsigned char ECPoint[EC_POINT_SIZE];
|
||||
|
||||
void pedersen(FieldElement res, /* out */
|
||||
FieldElement a,
|
||||
FieldElement b);
|
||||
|
||||
#endif // _STARK_CRYPTO_H_
|
||||
@@ -1,245 +0,0 @@
|
||||
#ifdef HAVE_STARKWARE
|
||||
|
||||
#include "stark_crypto.h"
|
||||
#include "shared_context.h"
|
||||
#include "uint256.h"
|
||||
#include "uint_common.h"
|
||||
|
||||
#include "os_io_seproxyhal.h"
|
||||
|
||||
#define SIGNATURE_MAX_LEN (72)
|
||||
|
||||
static const ECPoint PEDERSEN_SHIFT[] = {{
|
||||
0x04,
|
||||
|
||||
0x04, 0x9e, 0xe3, 0xeb, 0xa8, 0xc1, 0x60, 0x07, 0x00, 0xee, 0x1b, 0x87, 0xeb, 0x59, 0x9f, 0x16,
|
||||
0x71, 0x6b, 0x0b, 0x10, 0x22, 0x94, 0x77, 0x33, 0x55, 0x1f, 0xde, 0x40, 0x50, 0xca, 0x68, 0x04,
|
||||
|
||||
0x03, 0xca, 0x0c, 0xfe, 0x4b, 0x3b, 0xc6, 0xdd, 0xf3, 0x46, 0xd4, 0x9d, 0x06, 0xea, 0x0e, 0xd3,
|
||||
0x4e, 0x62, 0x10, 0x62, 0xc0, 0xe0, 0x56, 0xc1, 0xd0, 0x40, 0x5d, 0x26, 0x6e, 0x10, 0x26, 0x8a,
|
||||
}};
|
||||
|
||||
static const ECPoint PEDERSEN_POINTS[4] = {
|
||||
{
|
||||
0x04,
|
||||
|
||||
0x02, 0x34, 0x28, 0x7d, 0xcb, 0xaf, 0xfe, 0x7f, 0x96, 0x9c, 0x74,
|
||||
0x86, 0x55, 0xfc, 0xa9, 0xe5, 0x8f, 0xa8, 0x12, 0x0b, 0x6d, 0x56,
|
||||
0xeb, 0x0c, 0x10, 0x80, 0xd1, 0x79, 0x57, 0xeb, 0xe4, 0x7b,
|
||||
|
||||
0x03, 0xb0, 0x56, 0xf1, 0x00, 0xf9, 0x6f, 0xb2, 0x1e, 0x88, 0x95,
|
||||
0x27, 0xd4, 0x1f, 0x4e, 0x39, 0x94, 0x01, 0x35, 0xdd, 0x7a, 0x6c,
|
||||
0x94, 0xcc, 0x6e, 0xd0, 0x26, 0x8e, 0xe8, 0x9e, 0x56, 0x15,
|
||||
},
|
||||
{
|
||||
0x04,
|
||||
|
||||
0x04, 0xfa, 0x56, 0xf3, 0x76, 0xc8, 0x3d, 0xb3, 0x3f, 0x9d, 0xab,
|
||||
0x26, 0x56, 0x55, 0x8f, 0x33, 0x99, 0x09, 0x9e, 0xc1, 0xde, 0x5e,
|
||||
0x30, 0x18, 0xb7, 0xa6, 0x93, 0x2d, 0xba, 0x8a, 0xa3, 0x78,
|
||||
|
||||
0x03, 0xfa, 0x09, 0x84, 0xc9, 0x31, 0xc9, 0xe3, 0x81, 0x13, 0xe0,
|
||||
0xc0, 0xe4, 0x7e, 0x44, 0x01, 0x56, 0x27, 0x61, 0xf9, 0x2a, 0x7a,
|
||||
0x23, 0xb4, 0x51, 0x68, 0xf4, 0xe8, 0x0f, 0xf5, 0xb5, 0x4d,
|
||||
},
|
||||
{
|
||||
0x04,
|
||||
|
||||
0x04, 0xba, 0x4c, 0xc1, 0x66, 0xbe, 0x8d, 0xec, 0x76, 0x49, 0x10,
|
||||
0xf7, 0x5b, 0x45, 0xf7, 0x4b, 0x40, 0xc6, 0x90, 0xc7, 0x47, 0x09,
|
||||
0xe9, 0x0f, 0x3a, 0xa3, 0x72, 0xf0, 0xbd, 0x2d, 0x69, 0x97,
|
||||
|
||||
0x00, 0x40, 0x30, 0x1c, 0xf5, 0xc1, 0x75, 0x1f, 0x4b, 0x97, 0x1e,
|
||||
0x46, 0xc4, 0xed, 0xe8, 0x5f, 0xca, 0xc5, 0xc5, 0x9a, 0x5c, 0xe5,
|
||||
0xae, 0x7c, 0x48, 0x15, 0x1f, 0x27, 0xb2, 0x4b, 0x21, 0x9c,
|
||||
},
|
||||
{
|
||||
0x04,
|
||||
|
||||
0x05, 0x43, 0x02, 0xdc, 0xb0, 0xe6, 0xcc, 0x1c, 0x6e, 0x44, 0xcc,
|
||||
0xa8, 0xf6, 0x1a, 0x63, 0xbb, 0x2c, 0xa6, 0x50, 0x48, 0xd5, 0x3f,
|
||||
0xb3, 0x25, 0xd3, 0x6f, 0xf1, 0x2c, 0x49, 0xa5, 0x82, 0x02,
|
||||
|
||||
0x01, 0xb7, 0x7b, 0x3e, 0x37, 0xd1, 0x35, 0x04, 0xb3, 0x48, 0x04,
|
||||
0x62, 0x68, 0xd8, 0xae, 0x25, 0xce, 0x98, 0xad, 0x78, 0x3c, 0x25,
|
||||
0x56, 0x1a, 0x87, 0x9d, 0xcc, 0x77, 0xe9, 0x9c, 0x24, 0x26,
|
||||
}};
|
||||
|
||||
void accum_ec_mul(ECPoint *hash, uint8_t *buf, int len, int pedersen_idx) {
|
||||
ECPoint tmp;
|
||||
if (!allzeroes(buf, len)) {
|
||||
uint8_t pad[32];
|
||||
memcpy(tmp, PEDERSEN_POINTS[pedersen_idx], sizeof(ECPoint));
|
||||
io_seproxyhal_io_heartbeat();
|
||||
memset(pad, 0, sizeof(pad));
|
||||
memmove(pad + 32 - len, buf, len);
|
||||
cx_ecfp_scalar_mult(CX_CURVE_Stark256, tmp, sizeof(ECPoint), pad, sizeof(pad));
|
||||
io_seproxyhal_io_heartbeat();
|
||||
cx_ecfp_add_point(CX_CURVE_Stark256, *hash, *hash, tmp, sizeof(ECPoint));
|
||||
}
|
||||
}
|
||||
|
||||
void pedersen(FieldElement res, /* out */
|
||||
FieldElement a,
|
||||
FieldElement b) {
|
||||
ECPoint hash;
|
||||
|
||||
memcpy(hash, PEDERSEN_SHIFT, sizeof(hash));
|
||||
|
||||
accum_ec_mul(&hash, a, 1, 1);
|
||||
accum_ec_mul(&hash, a + 1, FIELD_ELEMENT_SIZE - 1, 0);
|
||||
accum_ec_mul(&hash, b, 1, 3);
|
||||
accum_ec_mul(&hash, b + 1, FIELD_ELEMENT_SIZE - 1, 2);
|
||||
|
||||
memcpy(res, hash + 1, FIELD_ELEMENT_SIZE);
|
||||
}
|
||||
|
||||
void shift_stark_hash(FieldElement hash) {
|
||||
uint256_t hash256, final_hash256;
|
||||
readu256BE(hash, &hash256);
|
||||
uint32_t bits_count = bits256(&hash256);
|
||||
if (bits_count < 248) {
|
||||
return;
|
||||
} else if (bits_count >= 248 && bits_count % 8 >= 1 && bits_count % 8 <= 4) {
|
||||
shiftl256(&hash256, 4, &final_hash256);
|
||||
write_u64_be(hash, UPPER(UPPER_P((&final_hash256))));
|
||||
write_u64_be(hash + 8, LOWER(UPPER_P((&final_hash256))));
|
||||
write_u64_be(hash + 16, UPPER(LOWER_P((&final_hash256))));
|
||||
write_u64_be(hash + 24, LOWER(LOWER_P((&final_hash256))));
|
||||
return;
|
||||
} else {
|
||||
THROW(0x6A80);
|
||||
}
|
||||
}
|
||||
|
||||
int stark_sign(uint8_t *signature, /* out */
|
||||
uint8_t *privateKeyData,
|
||||
FieldElement token1,
|
||||
FieldElement token2,
|
||||
FieldElement msg,
|
||||
FieldElement condition) {
|
||||
unsigned int info = 0;
|
||||
FieldElement hash;
|
||||
cx_ecfp_private_key_t privateKey;
|
||||
PRINTF("Stark sign msg w1 %.*H\n", 32, token1);
|
||||
PRINTF("Stark sign msg w2 %.*H\n", 32, token2);
|
||||
PRINTF("Stark sign w3 %.*H\n", 32, msg);
|
||||
if (condition != NULL) {
|
||||
PRINTF("Stark sign w4 %.*H\n", 32, condition);
|
||||
}
|
||||
pedersen(hash, token1, token2);
|
||||
PRINTF("Pedersen hash 1 %.*H\n", 32, hash);
|
||||
if (condition != NULL) {
|
||||
pedersen(hash, hash, condition);
|
||||
PRINTF("Pedersen hash condition %.*H\n", 32, hash);
|
||||
}
|
||||
pedersen(hash, hash, msg);
|
||||
PRINTF("Pedersen hash 2 %.*H\n", 32, hash);
|
||||
shift_stark_hash(hash);
|
||||
cx_ecfp_init_private_key(CX_CURVE_Stark256, privateKeyData, 32, &privateKey);
|
||||
io_seproxyhal_io_heartbeat();
|
||||
int signatureLength = cx_ecdsa_sign(&privateKey,
|
||||
CX_RND_RFC6979 | CX_LAST,
|
||||
CX_SHA256,
|
||||
hash,
|
||||
sizeof(hash),
|
||||
signature,
|
||||
SIGNATURE_MAX_LEN,
|
||||
&info);
|
||||
PRINTF("Stark signature %.*H\n", signatureLength, signature);
|
||||
return signatureLength;
|
||||
}
|
||||
|
||||
// ERC20Token(address)
|
||||
static const uint8_t ERC20_SELECTOR[] = {0xf4, 0x72, 0x61, 0xb0};
|
||||
// ETH()
|
||||
static const uint8_t ETH_SELECTOR[] = {0x83, 0x22, 0xff, 0xf2};
|
||||
// ERC721Token(address, uint256)
|
||||
static const uint8_t ERC721_SELECTOR[] = {0x02, 0x57, 0x17, 0x92};
|
||||
// MintableERC20Token(address)
|
||||
static const uint8_t MINTABLE_ERC20_SELECTOR[] = {0x68, 0x64, 0x6e, 0x2d};
|
||||
// MintableERC721Token(address,uint256)
|
||||
static const uint8_t MINTABLE_ERC721_SELECTOR[] = {0xb8, 0xb8, 0x66, 0x72};
|
||||
static const char NFT_ASSET_ID_PREFIX[] = {'N', 'F', 'T', ':', 0};
|
||||
static const char MINTABLE_ASSET_ID_PREFIX[] = {'M', 'I', 'N', 'T', 'A', 'B', 'L', 'E', ':', 0};
|
||||
|
||||
void compute_token_id(cx_sha3_t *sha3,
|
||||
uint8_t *contractAddress,
|
||||
uint8_t quantumType,
|
||||
uint8_t *quantum,
|
||||
uint8_t *mintingBlob,
|
||||
bool assetTypeOnly,
|
||||
uint8_t *output) {
|
||||
uint8_t tmp[36];
|
||||
cx_keccak_init(sha3, 256);
|
||||
if ((contractAddress != NULL) && (!allzeroes(contractAddress, 20))) {
|
||||
const uint8_t *selector = NULL;
|
||||
switch (quantumType) {
|
||||
case STARK_QUANTUM_ERC20:
|
||||
case STARK_QUANTUM_LEGACY:
|
||||
selector = ERC20_SELECTOR;
|
||||
break;
|
||||
case STARK_QUANTUM_ERC721:
|
||||
selector = ERC721_SELECTOR;
|
||||
break;
|
||||
case STARK_QUANTUM_MINTABLE_ERC20:
|
||||
selector = MINTABLE_ERC20_SELECTOR;
|
||||
break;
|
||||
case STARK_QUANTUM_MINTABLE_ERC721:
|
||||
selector = MINTABLE_ERC721_SELECTOR;
|
||||
break;
|
||||
default:
|
||||
PRINTF("Unsupported quantum type %d\n", quantumType);
|
||||
return;
|
||||
}
|
||||
PRINTF("compute_token_id for %.*H\n", 20, contractAddress);
|
||||
memset(tmp, 0, sizeof(tmp));
|
||||
memmove(tmp, selector, 4);
|
||||
memmove(tmp + 16, contractAddress, 20);
|
||||
cx_hash((cx_hash_t *) sha3, 0, tmp, sizeof(tmp), NULL, 0);
|
||||
} else {
|
||||
PRINTF("compute_token_id for ETH\n");
|
||||
cx_hash((cx_hash_t *) sha3, 0, ETH_SELECTOR, sizeof(ETH_SELECTOR), NULL, 0);
|
||||
}
|
||||
if ((quantumType == STARK_QUANTUM_ERC721) || (quantumType == STARK_QUANTUM_MINTABLE_ERC721)) {
|
||||
memset(tmp, 0, 32);
|
||||
tmp[31] = 1;
|
||||
PRINTF("compute_token_id quantum %.*H\n", 32, tmp);
|
||||
cx_hash((cx_hash_t *) sha3, CX_LAST, tmp, 32, output, 32);
|
||||
} else {
|
||||
PRINTF("compute_token_id quantum %.*H\n", 32, quantum);
|
||||
cx_hash((cx_hash_t *) sha3, CX_LAST, quantum, 32, output, 32);
|
||||
}
|
||||
if (!assetTypeOnly &&
|
||||
((quantumType != STARK_QUANTUM_LEGACY) && (quantumType != STARK_QUANTUM_ETH) &&
|
||||
(quantumType != STARK_QUANTUM_ERC20))) {
|
||||
const char *prefix = NULL;
|
||||
output[0] &= 0x03;
|
||||
cx_keccak_init(sha3, 256);
|
||||
switch (quantumType) {
|
||||
case STARK_QUANTUM_ERC721:
|
||||
prefix = NFT_ASSET_ID_PREFIX;
|
||||
break;
|
||||
case STARK_QUANTUM_MINTABLE_ERC20:
|
||||
case STARK_QUANTUM_MINTABLE_ERC721:
|
||||
prefix = MINTABLE_ASSET_ID_PREFIX;
|
||||
break;
|
||||
default:
|
||||
PRINTF("Unsupported non default quantum type %d\n", quantumType);
|
||||
return;
|
||||
}
|
||||
cx_hash((cx_hash_t *) sha3, 0, (const uint8_t *) prefix, strlen(prefix), NULL, 0);
|
||||
cx_hash((cx_hash_t *) sha3, 0, output, 32, NULL, 0);
|
||||
cx_hash((cx_hash_t *) sha3, CX_LAST, mintingBlob, 32, output, 32);
|
||||
}
|
||||
if (!assetTypeOnly && ((quantumType == STARK_QUANTUM_MINTABLE_ERC20) ||
|
||||
(quantumType == STARK_QUANTUM_MINTABLE_ERC721))) {
|
||||
output[0] = 0x04;
|
||||
output[1] = 0x00;
|
||||
} else {
|
||||
output[0] &= 0x03;
|
||||
}
|
||||
PRINTF("compute_token_id computed token %.*H\n", 32, output);
|
||||
}
|
||||
|
||||
#endif // HAVE_STARK
|
||||
@@ -1,35 +0,0 @@
|
||||
#ifndef _STARK_UTILS_H_
|
||||
#define _STARK_UTILS_H_
|
||||
|
||||
#include <stdbool.h>
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "os.h"
|
||||
#include "cx.h"
|
||||
#include "stark_crypto.h"
|
||||
|
||||
void compute_token_id(cx_sha3_t *sha3,
|
||||
uint8_t *contractAddress,
|
||||
uint8_t quantumType,
|
||||
uint8_t *quantum,
|
||||
uint8_t *mintingBlob,
|
||||
bool assetTypeOnly,
|
||||
uint8_t *output);
|
||||
|
||||
void starkDerivePrivateKey(uint32_t *bip32Path, uint32_t bip32PathLength, uint8_t *privateKeyData);
|
||||
|
||||
void stark_get_amount_string(uint8_t *contractAddress,
|
||||
uint8_t *quantum256,
|
||||
uint8_t *amount64,
|
||||
char *tmp100,
|
||||
char *target100);
|
||||
|
||||
int stark_sign(uint8_t *signature, /* out */
|
||||
uint8_t *privateKeyData,
|
||||
FieldElement token1,
|
||||
FieldElement token2,
|
||||
FieldElement msg,
|
||||
FieldElement condition);
|
||||
|
||||
#endif // _STARK_UTILS_H_
|
||||
@@ -21,9 +21,6 @@ unsigned int io_seproxyhal_touch_data_cancel(const bagl_element_t *e);
|
||||
unsigned int io_seproxyhal_touch_eth2_address_ok(const bagl_element_t *e);
|
||||
unsigned int io_seproxyhal_touch_privacy_ok(const bagl_element_t *e);
|
||||
unsigned int io_seproxyhal_touch_privacy_cancel(const bagl_element_t *e);
|
||||
unsigned int io_seproxyhal_touch_stark_unsafe_sign_ok(const bagl_element_t *e);
|
||||
unsigned int io_seproxyhal_touch_stark_pubkey_ok(const bagl_element_t *e);
|
||||
unsigned int io_seproxyhal_touch_stark_ok(const bagl_element_t *e);
|
||||
|
||||
void ui_warning_contract_data(void);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user