Removed deprecated derivation paths (#118)

- Removed all references for the deprecated derivation paths - Updated reference to integration test v4.0.0-plus
rsksmart · Jan 18, 2023 · f827c6b · f827c6b
1 parent c4de47d
commit f827c6b
Show file tree

Hide file tree

Showing 12 changed files with 4 additions and 54 deletions.
diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml
@@ -70,7 +70,7 @@ jobs:
         uses: actions/checkout@v2
         with:
           repository: rootstock/hsm-integration-test
-          ref: 3.0.0.plus
+          ref: 4.0.0.plus
           path: hsm-integration-test
           ssh-key: ${{ secrets.HSM_INTEGRATION_TEST_SSH_KEY }}
 

diff --git a/docs/attestation.md b/docs/attestation.md
@@ -164,12 +164,9 @@ Installed UI hash: 17f2129265b071e3d8658a549cd60720c86e34c7a6b81d517ffef123c8425
 Signer verified with public keys:
 m/44'/0'/0'/0/0:   03198eb60255fefc3478d0a78c11f5124c938f66fdaa62f9e9c543c6ced031ef37
 m/44'/1'/0'/0/0:   0309fe4c9a803658c1d1c0c19f2d841e34306d172f0bb092431ace7bbda334e902
-m/44'/1'/0'/0/1:   03d396b2724a02f07630ce9e82499664f083cbcc0b4255281fbc9288186639996b
-m/44'/1'/0'/0/2:   0233a21bf1a2059101b78e7086cd042e07a7e21953c2ee150532a4e35febdfb687
 m/44'/1'/1'/0/0:   023ac8c77507fdcb7581ce3ee366a7b09791b54377af67f75e1a159737f4f77fe7
 m/44'/1'/2'/0/0:   02583d0dec06114cc0a19883398652d8f87af0175f7d7c2c97417622341e06560c
 m/44'/137'/0'/0/0: 03458e7f8f7885f0b0648a8e2e899fe838a7f93da0028634689438e460d3ba614f
-m/44'/137'/0'/0/1: 03b6ab3b207e3b37822d59778fefb43c9f7539100e8366effd648ed888dbe8a5a5
 m/44'/137'/1'/0/0: 03e27a65c9e6ff0d3fc4085aa84f8d7ec467edf6ae6b30ed40d96d4344b516f4c6
 
 Hash: a2316e4c4e07e77ae65c74574452f330ed62752ba4c66f9c2101836d7b36cef2

diff --git a/docs/protocol-v1.md b/docs/protocol-v1.md
@@ -108,11 +108,7 @@ only accepted BIP44 paths:
 
 - RSK key id - `m/44'/137'/0'/0/0` (\*)
 - MST key id - `m/44'/137'/1'/0/0` (\*)
-- MST key id - `m/44'/137'/0'/0/1` (\*) (\*\*)
 - tRSK key id - `m/44'/1'/1'/0/0` (\*)
-- tRSK key id - `m/44'/1'/0'/0/1` (\*) (\*\*)
 - tMST key id - `m/44'/1'/2'/0/0` (\*)
-- tMST key id - `m/44'/1'/0'/0/2` (\*) (\*\*)
 
 (\*) Sign operations using these keys don't require authorization.
-(\*\*) These keys are deprecated and will be removed in a future version.
diff --git a/docs/protocol.md b/docs/protocol.md
@@ -360,12 +360,8 @@ only accepted BIP44 paths:
 - BTC key id - `m/44'/0'/0'/0/0`
 - RSK key id - `m/44'/137'/0'/0/0` (\*)
 - MST key id - `m/44'/137'/1'/0/0` (\*)
-- MST key id - `m/44'/137'/0'/0/1` (\*) (\*\*)
 - tBTC key id - `m/44'/1'/0'/0/0`
 - tRSK key id - `m/44'/1'/1'/0/0` (\*)
-- tRSK key id - `m/44'/1'/0'/0/1` (\*) (\*\*)
 - tMST key id - `m/44'/1'/2'/0/0` (\*)
-- tMST key id - `m/44'/1'/0'/0/2` (\*) (\*\*)
 
 (\*) Sign operations using these keys don't require authorization.
-(\*\*) These keys are deprecated and will be removed in a future version.
diff --git a/ledger/src/signer/src/pathAuth.c b/ledger/src/signer/src/pathAuth.c
@@ -41,27 +41,18 @@ const char authPaths[][SINGLE_PATH_SIZE_BYTES] = {
 /* Paths that don't require authorization
     m/44'/137'/0'/0/0 (RSK)
     m/44'/137'/1'/0/0 (MST)
-    m/44'/137'/0'/0/1 (deprecated MST)
     m/44'/1'/1'/0/0 (tRSK)
-    m/44'/1'/0'/0/1 (deprecated tRSK)
     m/44'/1'/2'/0/0 (tMST)
-    m/44'/1'/0'/0/2 (deprecated tMST)
 */
 const char noAuthPaths[][SINGLE_PATH_SIZE_BYTES] = {
     "\x05\x2c\x00\x00\x80\x89\x00\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x00"
     "\x00\x00\x00", // RSK
     "\x05\x2c\x00\x00\x80\x89\x00\x00\x80\x01\x00\x00\x80\x00\x00\x00\x00\x00"
     "\x00\x00\x00", // MST
-    "\x05\x2c\x00\x00\x80\x89\x00\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x01"
-    "\x00\x00\x00", // deprecated MST
     "\x05\x2c\x00\x00\x80\x01\x00\x00\x80\x01\x00\x00\x80\x00\x00\x00\x00\x00"
     "\x00\x00\x00", // tRSK
-    "\x05\x2c\x00\x00\x80\x01\x00\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x01"
-    "\x00\x00\x00", // deprecated tRSK
     "\x05\x2c\x00\x00\x80\x01\x00\x00\x80\x02\x00\x00\x80\x00\x00\x00\x00\x00"
     "\x00\x00\x00", // tMST
-    "\x05\x2c\x00\x00\x80\x01\x00\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x02"
-    "\x00\x00\x00" // deprecated tMST
 };
 
 // Derivation-path-lexicographically (and statically) ordered binary paths
@@ -72,12 +63,9 @@ const char noAuthPaths[][SINGLE_PATH_SIZE_BYTES] = {
 const int ordered_paths[TOTAL_AUTHORIZED_PATHS] = {
     0x0000, // BTC
     0x0001, // tBTC
-    0x0104, // deprecated tRSK
-    0x0106, // deprecated tMST
-    0x0103, // tRSK
-    0x0105, // tMST
+    0x0102, // tRSK
+    0x0103, // tMST
     0x0100, // RSK
-    0x0102, // deprecated MST
     0x0101, // MST
 };
 

diff --git a/ledger/src/signer/src/pathAuth.h b/ledger/src/signer/src/pathAuth.h
@@ -27,7 +27,7 @@
 
 #include <stdbool.h>
 
-#define TOTAL_AUTHORIZED_PATHS 9
+#define TOTAL_AUTHORIZED_PATHS 6
 #define SINGLE_PATH_SIZE_BYTES 21
 
 // Paths

diff --git a/ledger/src/tcpsigner/hsmsim_ecdsa.c b/ledger/src/tcpsigner/hsmsim_ecdsa.c
@@ -53,12 +53,9 @@ static struct private_key_mapping_s private_keys[TOTAL_AUTHORIZED_PATHS];
 const char bip32_paths[][20] = {
     "m/44'/0'/0'/0/0",   // BTC
     "m/44'/1'/0'/0/0",   // tBTC
-    "m/44'/1'/0'/0/1",   // deprecated tRSK
-    "m/44'/1'/0'/0/2",   // deprecated tMST
     "m/44'/1'/1'/0/0",   // tRSK
     "m/44'/1'/2'/0/0",   // tMST
     "m/44'/137'/0'/0/0", // RSK
-    "m/44'/137'/0'/0/1", // deprecated MST
     "m/44'/137'/1'/0/0", // MST
 };
 

diff --git a/ledger/test/cases/sign_noauth.py b/ledger/test/cases/sign_noauth.py
@@ -30,11 +30,8 @@ class SignUnauthorized(TestCase):
     PATHS = {
         "rsk": BIP32Path("m/44'/137'/0'/0/0"),
         "mst": BIP32Path("m/44'/137'/1'/0/0"),
-        "dep_mst": BIP32Path("m/44'/137'/0'/0/1"),
         "trsk": BIP32Path("m/44'/1'/1'/0/0"),
-        "dep_trsk": BIP32Path("m/44'/1'/0'/0/1"),
         "tmst": BIP32Path("m/44'/1'/2'/0/0"),
-        "dep_tmst": BIP32Path("m/44'/1'/0'/0/2"),
     }
 
     @classmethod

diff --git a/ledger/test/misc/genPaths.py b/ledger/test/misc/genPaths.py
@@ -43,9 +43,6 @@ def bip44tobin(path):
     "m/44'/0'/0'/0/0",
     "m/44'/1'/0'/0/0",
     "m/44'/137'/0'/0/0",
-    "m/44'/137'/0'/0/1",
-    "m/44'/1'/0'/0/1",
-    "m/44'/1'/0'/0/2",
 ]
 
 for i in keyIds:

diff --git a/middleware/admin/pubkeys.py b/middleware/admin/pubkeys.py
@@ -34,12 +34,9 @@
     "btc": BIP32Path("m/44'/0'/0'/0/0"),
     "rsk": BIP32Path("m/44'/137'/0'/0/0"),
     "mst": BIP32Path("m/44'/137'/1'/0/0"),
-    "dep_mst": BIP32Path("m/44'/137'/0'/0/1"),
     "tbtc": BIP32Path("m/44'/1'/0'/0/0"),
     "trsk": BIP32Path("m/44'/1'/1'/0/0"),
-    "dep_trsk": BIP32Path("m/44'/1'/0'/0/1"),
     "tmst": BIP32Path("m/44'/1'/2'/0/0"),
-    "dep_tmst": BIP32Path("m/44'/1'/0'/0/2"),
 }
 
 

diff --git a/middleware/key.secp256.sample b/middleware/key.secp256.sample
@@ -2,10 +2,7 @@
   "m/44'/0'/0'/0/0": "ddc4a121df4d5081d444f9aae86fbaba85767ae15015c6e630d1a397be8173ab",
   "m/44'/137'/0'/0/0": "f6723495abf97bac0b3cead86cd9f9ede59bf7f726c6fe007d9caf5769bea792",
   "m/44'/137'/1'/0/0": "8a82c93908048ba6498030e85942f47b83aadaca78421bf8a537ffd8e90c6f0f",
-  "m/44'/137'/0'/0/1": "2ddd31599a78db275ae2f7004943a4d40003a53519714a2b5a2069e46522c756",
   "m/44'/1'/0'/0/0": "062b331476d2a9d737488af9fe48736eff37e598700d037b9f793e52c6c45a4c",
   "m/44'/1'/1'/0/0": "045bcb5f1930daa8cb83c2ff9a1cc31cdda1854225a3bbf363816c210d7a1718",
-  "m/44'/1'/0'/0/1": "e17fd622b314b94f6060ec1c52c34b970c6b294cdd739d2de5321614f08b6661",
   "m/44'/1'/2'/0/0": "130e71f37821154a54d2c1290751a62518f999a3976e532d847eecf189845e6f",
-  "m/44'/1'/0'/0/2": "7f582130fc3f5dabf8ab4f0238cd98cc6146d21c95f2b82d7f243e4ce8042bb0"
 }
diff --git a/middleware/tests/comm/test_bip32.py b/middleware/tests/comm/test_bip32.py
@@ -75,7 +75,6 @@ def test_spec_invalid(self):
 class TestBIP32Path(TestCase):
     def test_paths(self):
         self.assertEqual("m/44'/137'/0'/0/0", str(BIP32Path("m/44'/137'/0'/0/0")))
-        self.assertEqual("m/44'/137'/0'/0/1", str(BIP32Path("m/44'/137'/0'/0/1")))
         self.assertEqual("m/44'/0'/0'/0/0", str(BIP32Path("m/44'/0'/0'/0/0")))
 
     def test_to_binary(self):
@@ -87,14 +86,6 @@ def test_to_binary(self):
             "058000002c80000089800000000000000000000000",
             BIP32Path("m/44'/137'/0'/0/0").to_binary("big").hex(),
         )
-        self.assertEqual(
-            "052c00008089000080000000800000000001000000",
-            BIP32Path("m/44'/137'/0'/0/1").to_binary().hex(),
-        )
-        self.assertEqual(
-            "058000002c80000089800000000000000000000001",
-            BIP32Path("m/44'/137'/0'/0/1").to_binary("big").hex(),
-        )
         self.assertEqual(
             "052c00008000000080000000800000000000000000",
             BIP32Path("m/44'/0'/0'/0/0").to_binary().hex(),
@@ -112,9 +103,6 @@ def test_spec_invalid(self):
     def test_equality(self):
         self.assertEqual(BIP32Path("m/44'/0'/0'/0/0"), BIP32Path("m/44'/0'/0'/0/0"))
         self.assertEqual(BIP32Path("m/44'/137'/0'/0/0"), BIP32Path("m/44'/137'/0'/0/0"))
-        self.assertEqual(BIP32Path("m/44'/137'/0'/0/1"), BIP32Path("m/44'/137'/0'/0/1"))
-        self.assertNotEqual(BIP32Path("m/44'/137'/0'/0/1"),
-                            BIP32Path("m/44'/137'/0'/0/0"))
         self.assertNotEqual(BIP32Path("m/44'/137'/0'/0/0'"),
                             BIP32Path("m/44'/137'/0'/0/0"))
         self.assertNotEqual(BIP32Path("m/45'/137'/0'/0/0"),