-
-
Notifications
You must be signed in to change notification settings - Fork 662
/
paths.py
344 lines (262 loc) · 11.6 KB
/
paths.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
from micropython import const
from typing import TYPE_CHECKING
HARDENED = const(0x8000_0000)
if TYPE_CHECKING:
from typing import (
Any,
Callable,
Collection,
Container,
Iterable,
Sequence,
TypeVar,
)
from typing_extensions import Protocol
from trezor import wire
Bip32Path = Sequence[int]
Slip21Path = Sequence[bytes]
PathType = TypeVar("PathType", Bip32Path, Slip21Path, contravariant=True)
class PathSchemaType(Protocol):
def match(self, path: Bip32Path) -> bool:
...
class KeychainValidatorType(Protocol):
def is_in_keychain(self, path: Bip32Path) -> bool:
...
def verify_path(self, path: Bip32Path) -> None:
...
class Interval:
"""Helper for testing membership in an interval."""
def __init__(self, min: int, max: int) -> None:
self.min = min
self.max = max
def __contains__(self, x: object) -> bool:
if not isinstance(x, int):
return False
return self.min <= x <= self.max
class PathSchema:
"""General BIP-32 path schema.
Loosely based on the BIP-32 path template proposal [1].
Each path component can be one of the following:
- constant, e.g., `7`
- list of constants, e.g., `[1,2,3]`
- range, e.g., `[0-19]`
Brackets are recommended but not enforced.
The following substitutions are available:
- `coin_type` is substituted with the coin's SLIP-44 identifier
- `account` is substituted with `[0-100]`, Trezor's default range of accounts
- `change` is substituted with `[0,1]`
- `address_index` is substituted with `[0-1000000]`, Trezor's default range of
addresses
Hardened flag is indicated by an apostrophe and applies to the whole path component.
It is impossible to specify both hardened and non-hardened values for the same
component.
See examples of valid path formats below and in `apps.bitcoin.keychain`.
E.g. the following are equivalent definitions of a BIP-84 schema:
m/84'/coin_type'/[0-100]'/[0,1]/[0-1000000]
m/84'/coin_type'/0-100'/0,1/0-1000000
m/84'/coin_type'/account'/change/address_index
Adding an asterisk at the end of the pattern acts as a wildcard for zero or more
path components:
- m/* can be followed by any number of _unhardened_ path components
- m/*' can be followed by any number of _hardened_ path components
- m/** can be followed by any number of _any_ path components
The following is a BIP-44 generic `GetPublicKey` schema:
m/44'/coin_type'/account'/*
The asterisk expression can only appear at end of pattern.
[1] https://github.com/dgpv/bip32_template_parse_tplaplus_spec/blob/master/bip-path-templates.mediawiki
"""
REPLACEMENTS = {
"account": "0-100",
"change": "0,1",
"address_index": "0-1000000",
}
WILDCARD_RANGES = {
"*": Interval(0, HARDENED - 1),
"*'": Interval(HARDENED, 0xFFFF_FFFF),
"**": Interval(0, 0xFFFF_FFFF),
}
_EMPTY_TUPLE = ()
@staticmethod
def _parse_hardened(s: str | int) -> int:
return int(s) | HARDENED
@staticmethod
def _copy_container(container: Container[int]) -> Container[int]:
# On hardware, hardened indices do not fit into smallint.
# The n+0 operation ensures that a new instance of a longint is created.
if isinstance(container, Interval):
return Interval(container.min + 0, container.max + 0)
if isinstance(container, set):
return set(i + 0 for i in container)
if isinstance(container, tuple):
return tuple(i + 0 for i in container)
raise RuntimeError("Unsupported container for copy")
def __init__(
self,
schema: list[Container[int]],
trailing_components: Container[int] = (),
compact: bool = False,
) -> None:
"""Create a new PathSchema from a list of containers and trailing components.
Mainly for internal use in `PathSchema.parse`, which is the method you should
be using.
Can be used to create a schema manually without parsing a path string:
>>> SCHEMA_MINE = PathSchema([
>>> (44 | HARDENED,),
>>> (0 | HARDENED,),
>>> Interval(0 | HARDENED, 10 | HARDENED),
>>> ],
>>> trailing_components=Interval(0, 0xFFFF_FFFF),
>>> )
Setting `compact=True` creates a compact copy of the provided components, so
as to prevent memory fragmentation.
"""
if compact:
self.schema: list[Container[int]] = [self._EMPTY_TUPLE] * len(schema)
for i in range(len(schema)):
self.schema[i] = self._copy_container(schema[i])
self.trailing_components = self._copy_container(trailing_components)
else:
self.schema = schema
self.trailing_components = trailing_components
@classmethod
def parse(cls, pattern: str, slip44_id: int | Iterable[int]) -> "PathSchema":
"""Parse a path schema string into a PathSchema instance.
The parsing process trashes the memory layout, so at the end a compact-allocated
copy of the resulting structures is returned.
"""
if not pattern.startswith("m/"):
raise ValueError # unsupported path template
components = pattern[2:].split("/")
if isinstance(slip44_id, int):
slip44_id = (slip44_id,)
schema: list[Container[int]] = []
trailing_components: Container[int] = ()
for component in components:
if component in cls.WILDCARD_RANGES:
if len(schema) != len(components) - 1:
# every component should have resulted in extending schema
# so if schema does not have the appropriate length (yet),
# the asterisk is not the last item
raise ValueError # asterisk is not last item of pattern
trailing_components = cls.WILDCARD_RANGES[component]
break
# figure out if the component is hardened
if component[-1] == "'":
component = component[:-1]
parse: Callable[[Any], int] = cls._parse_hardened
else:
parse = int
# strip brackets
if component[0] == "[" and component[-1] == "]":
component = component[1:-1]
# optionally replace a keyword
component = cls.REPLACEMENTS.get(component, component)
if "-" in component:
# parse as a range
a, b = [parse(s) for s in component.split("-", 1)]
schema.append(Interval(a, b))
elif "," in component:
# parse as a list of values
schema.append(set(parse(s) for s in component.split(",")))
elif component == "coin_type":
# substitute SLIP-44 ids
schema.append(set(parse(s) for s in slip44_id))
else:
# plain constant
schema.append((parse(component),))
return cls(schema, trailing_components, compact=True)
def copy(self) -> "PathSchema":
"""Create a compact copy of the schema.
Useful when creating multiple schemas in a row. The following code ensures
that the set of schemas is allocated in a contiguous block of memory:
>>> some_schemas = make_multiple_schemas()
>>> some_schemas = [s.copy() for s in some_schemas]
"""
return PathSchema(self.schema, self.trailing_components, compact=True)
def match(self, path: Bip32Path) -> bool:
# The path must not be _shorter_ than schema. It may be longer.
if len(path) < len(self.schema):
return False
path_iter = iter(path)
# iterate over length of schema, consuming path components
for expected in self.schema:
value = next(path_iter)
if value not in expected:
return False
# iterate over remaining path components
for value in path_iter:
if value not in self.trailing_components:
return False
return True
if __debug__:
def __repr__(self) -> str:
components = ["m"]
def unharden(item: int) -> int:
return item ^ (item & HARDENED)
for component in self.schema:
if isinstance(component, Interval):
a, b = component.min, component.max
prime = "'" if a & HARDENED else ""
components.append(f"[{unharden(a)}-{unharden(b)}]{prime}")
else:
# typechecker thinks component is a Contanier but we're using it
# as a Collection.
# Which in practice it is, the only non-Collection is Interval.
# But we're not going to introduce an additional type requirement
# for the sake of __repr__ that doesn't exist in production anyway
collection: Collection[int] = component # type: ignore [Expression of type "Container[int]" cannot be assigned to declared type "Collection[int]"]
component_str = ",".join(str(unharden(i)) for i in collection)
if len(collection) > 1:
component_str = "[" + component_str + "]"
if next(iter(collection)) & HARDENED:
component_str += "'"
components.append(component_str)
if self.trailing_components:
for key, val in self.WILDCARD_RANGES.items():
if self.trailing_components is val:
components.append(key)
break
else:
components.append("???")
return "<schema:" + "/".join(components) + ">"
class AlwaysMatchingSchema:
@staticmethod
def match(path: Bip32Path) -> bool:
return True
class NeverMatchingSchema:
@staticmethod
def match(path: Bip32Path) -> bool:
return False
# BIP-44 for basic (legacy) Bitcoin accounts, and widely used for other currencies:
# https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki
PATTERN_BIP44 = "m/44'/coin_type'/account'/change/address_index"
# BIP-44 public key export, starting at end of the hardened part
PATTERN_BIP44_PUBKEY = "m/44'/coin_type'/account'/*"
# SEP-0005 for non-UTXO-based currencies, defined by Stellar:
# https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0005.md
PATTERN_SEP5 = "m/44'/coin_type'/account'"
async def validate_path(
ctx: wire.Context,
keychain: KeychainValidatorType,
path: Bip32Path,
*additional_checks: bool,
) -> None:
keychain.verify_path(path)
if not keychain.is_in_keychain(path) or not all(additional_checks):
await show_path_warning(ctx, path)
async def show_path_warning(ctx: wire.Context, path: Bip32Path) -> None:
from trezor.ui.layouts import confirm_path_warning
await confirm_path_warning(ctx, address_n_to_str(path))
def is_hardened(i: int) -> bool:
return bool(i & HARDENED)
def path_is_hardened(address_n: Bip32Path) -> bool:
return all(is_hardened(n) for n in address_n)
def address_n_to_str(address_n: Iterable[int]) -> str:
def path_item(i: int) -> str:
if i & HARDENED:
return str(i ^ HARDENED) + "'"
else:
return str(i)
if not address_n:
return "m"
return "m/" + "/".join(path_item(i) for i in address_n)