Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Removed deprecated derivation paths #118

Merged
merged 3 commits into from
Jan 18, 2023
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/run-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ jobs:
uses: actions/checkout@v2
with:
repository: rootstock/hsm-integration-test
ref: 3.0.0.plus
ref: feature/110-remove-deprecated-derivation-paths
path: hsm-integration-test
ssh-key: ${{ secrets.HSM_INTEGRATION_TEST_SSH_KEY }}

Expand Down
3 changes: 0 additions & 3 deletions docs/attestation.md
Original file line number Diff line number Diff line change
Expand Up @@ -164,12 +164,9 @@ Installed UI hash: 17f2129265b071e3d8658a549cd60720c86e34c7a6b81d517ffef123c8425
Signer verified with public keys:
m/44'/0'/0'/0/0: 03198eb60255fefc3478d0a78c11f5124c938f66fdaa62f9e9c543c6ced031ef37
m/44'/1'/0'/0/0: 0309fe4c9a803658c1d1c0c19f2d841e34306d172f0bb092431ace7bbda334e902
m/44'/1'/0'/0/1: 03d396b2724a02f07630ce9e82499664f083cbcc0b4255281fbc9288186639996b
m/44'/1'/0'/0/2: 0233a21bf1a2059101b78e7086cd042e07a7e21953c2ee150532a4e35febdfb687
m/44'/1'/1'/0/0: 023ac8c77507fdcb7581ce3ee366a7b09791b54377af67f75e1a159737f4f77fe7
m/44'/1'/2'/0/0: 02583d0dec06114cc0a19883398652d8f87af0175f7d7c2c97417622341e06560c
m/44'/137'/0'/0/0: 03458e7f8f7885f0b0648a8e2e899fe838a7f93da0028634689438e460d3ba614f
m/44'/137'/0'/0/1: 03b6ab3b207e3b37822d59778fefb43c9f7539100e8366effd648ed888dbe8a5a5
m/44'/137'/1'/0/0: 03e27a65c9e6ff0d3fc4085aa84f8d7ec467edf6ae6b30ed40d96d4344b516f4c6

Hash: a2316e4c4e07e77ae65c74574452f330ed62752ba4c66f9c2101836d7b36cef2
Expand Down
4 changes: 0 additions & 4 deletions docs/protocol-v1.md
Original file line number Diff line number Diff line change
Expand Up @@ -108,11 +108,7 @@ only accepted BIP44 paths:

- RSK key id - `m/44'/137'/0'/0/0` (\*)
- MST key id - `m/44'/137'/1'/0/0` (\*)
- MST key id - `m/44'/137'/0'/0/1` (\*) (\*\*)
- tRSK key id - `m/44'/1'/1'/0/0` (\*)
- tRSK key id - `m/44'/1'/0'/0/1` (\*) (\*\*)
- tMST key id - `m/44'/1'/2'/0/0` (\*)
- tMST key id - `m/44'/1'/0'/0/2` (\*) (\*\*)

(\*) Sign operations using these keys don't require authorization.
(\*\*) These keys are deprecated and will be removed in a future version.
4 changes: 0 additions & 4 deletions docs/protocol.md
Original file line number Diff line number Diff line change
Expand Up @@ -360,12 +360,8 @@ only accepted BIP44 paths:
- BTC key id - `m/44'/0'/0'/0/0`
- RSK key id - `m/44'/137'/0'/0/0` (\*)
- MST key id - `m/44'/137'/1'/0/0` (\*)
- MST key id - `m/44'/137'/0'/0/1` (\*) (\*\*)
- tBTC key id - `m/44'/1'/0'/0/0`
- tRSK key id - `m/44'/1'/1'/0/0` (\*)
- tRSK key id - `m/44'/1'/0'/0/1` (\*) (\*\*)
- tMST key id - `m/44'/1'/2'/0/0` (\*)
- tMST key id - `m/44'/1'/0'/0/2` (\*) (\*\*)

(\*) Sign operations using these keys don't require authorization.
(\*\*) These keys are deprecated and will be removed in a future version.
16 changes: 2 additions & 14 deletions ledger/src/signer/src/pathAuth.c
Original file line number Diff line number Diff line change
Expand Up @@ -41,27 +41,18 @@ const char authPaths[][SINGLE_PATH_SIZE_BYTES] = {
/* Paths that don't require authorization
m/44'/137'/0'/0/0 (RSK)
m/44'/137'/1'/0/0 (MST)
m/44'/137'/0'/0/1 (deprecated MST)
m/44'/1'/1'/0/0 (tRSK)
m/44'/1'/0'/0/1 (deprecated tRSK)
m/44'/1'/2'/0/0 (tMST)
m/44'/1'/0'/0/2 (deprecated tMST)
*/
const char noAuthPaths[][SINGLE_PATH_SIZE_BYTES] = {
"\x05\x2c\x00\x00\x80\x89\x00\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x00"
"\x00\x00\x00", // RSK
"\x05\x2c\x00\x00\x80\x89\x00\x00\x80\x01\x00\x00\x80\x00\x00\x00\x00\x00"
"\x00\x00\x00", // MST
"\x05\x2c\x00\x00\x80\x89\x00\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x01"
"\x00\x00\x00", // deprecated MST
"\x05\x2c\x00\x00\x80\x01\x00\x00\x80\x01\x00\x00\x80\x00\x00\x00\x00\x00"
"\x00\x00\x00", // tRSK
"\x05\x2c\x00\x00\x80\x01\x00\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x01"
"\x00\x00\x00", // deprecated tRSK
"\x05\x2c\x00\x00\x80\x01\x00\x00\x80\x02\x00\x00\x80\x00\x00\x00\x00\x00"
"\x00\x00\x00", // tMST
"\x05\x2c\x00\x00\x80\x01\x00\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x02"
"\x00\x00\x00" // deprecated tMST
};

// Derivation-path-lexicographically (and statically) ordered binary paths
Expand All @@ -72,12 +63,9 @@ const char noAuthPaths[][SINGLE_PATH_SIZE_BYTES] = {
const int ordered_paths[TOTAL_AUTHORIZED_PATHS] = {
0x0000, // BTC
0x0001, // tBTC
0x0104, // deprecated tRSK
0x0106, // deprecated tMST
0x0103, // tRSK
0x0105, // tMST
0x0102, // tRSK
0x0103, // tMST
0x0100, // RSK
0x0102, // deprecated MST
0x0101, // MST
};

Expand Down
2 changes: 1 addition & 1 deletion ledger/src/signer/src/pathAuth.h
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@

#include <stdbool.h>

#define TOTAL_AUTHORIZED_PATHS 9
#define TOTAL_AUTHORIZED_PATHS 6
#define SINGLE_PATH_SIZE_BYTES 21

// Paths
Expand Down
3 changes: 0 additions & 3 deletions ledger/src/tcpsigner/hsmsim_ecdsa.c
Original file line number Diff line number Diff line change
Expand Up @@ -53,12 +53,9 @@ static struct private_key_mapping_s private_keys[TOTAL_AUTHORIZED_PATHS];
const char bip32_paths[][20] = {
"m/44'/0'/0'/0/0", // BTC
"m/44'/1'/0'/0/0", // tBTC
"m/44'/1'/0'/0/1", // deprecated tRSK
"m/44'/1'/0'/0/2", // deprecated tMST
"m/44'/1'/1'/0/0", // tRSK
"m/44'/1'/2'/0/0", // tMST
"m/44'/137'/0'/0/0", // RSK
"m/44'/137'/0'/0/1", // deprecated MST
"m/44'/137'/1'/0/0", // MST
};

Expand Down
3 changes: 0 additions & 3 deletions ledger/test/cases/sign_noauth.py
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,8 @@ class SignUnauthorized(TestCase):
PATHS = {
"rsk": BIP32Path("m/44'/137'/0'/0/0"),
"mst": BIP32Path("m/44'/137'/1'/0/0"),
"dep_mst": BIP32Path("m/44'/137'/0'/0/1"),
"trsk": BIP32Path("m/44'/1'/1'/0/0"),
"dep_trsk": BIP32Path("m/44'/1'/0'/0/1"),
"tmst": BIP32Path("m/44'/1'/2'/0/0"),
"dep_tmst": BIP32Path("m/44'/1'/0'/0/2"),
}

@classmethod
Expand Down
3 changes: 0 additions & 3 deletions ledger/test/misc/genPaths.py
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,6 @@ def bip44tobin(path):
"m/44'/0'/0'/0/0",
"m/44'/1'/0'/0/0",
"m/44'/137'/0'/0/0",
"m/44'/137'/0'/0/1",
"m/44'/1'/0'/0/1",
"m/44'/1'/0'/0/2",
]

for i in keyIds:
Expand Down
3 changes: 0 additions & 3 deletions middleware/admin/pubkeys.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,12 +34,9 @@
"btc": BIP32Path("m/44'/0'/0'/0/0"),
"rsk": BIP32Path("m/44'/137'/0'/0/0"),
"mst": BIP32Path("m/44'/137'/1'/0/0"),
"dep_mst": BIP32Path("m/44'/137'/0'/0/1"),
"tbtc": BIP32Path("m/44'/1'/0'/0/0"),
"trsk": BIP32Path("m/44'/1'/1'/0/0"),
"dep_trsk": BIP32Path("m/44'/1'/0'/0/1"),
"tmst": BIP32Path("m/44'/1'/2'/0/0"),
"dep_tmst": BIP32Path("m/44'/1'/0'/0/2"),
}


Expand Down
3 changes: 0 additions & 3 deletions middleware/key.secp256.sample
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,7 @@
"m/44'/0'/0'/0/0": "ddc4a121df4d5081d444f9aae86fbaba85767ae15015c6e630d1a397be8173ab",
"m/44'/137'/0'/0/0": "f6723495abf97bac0b3cead86cd9f9ede59bf7f726c6fe007d9caf5769bea792",
"m/44'/137'/1'/0/0": "8a82c93908048ba6498030e85942f47b83aadaca78421bf8a537ffd8e90c6f0f",
"m/44'/137'/0'/0/1": "2ddd31599a78db275ae2f7004943a4d40003a53519714a2b5a2069e46522c756",
"m/44'/1'/0'/0/0": "062b331476d2a9d737488af9fe48736eff37e598700d037b9f793e52c6c45a4c",
"m/44'/1'/1'/0/0": "045bcb5f1930daa8cb83c2ff9a1cc31cdda1854225a3bbf363816c210d7a1718",
"m/44'/1'/0'/0/1": "e17fd622b314b94f6060ec1c52c34b970c6b294cdd739d2de5321614f08b6661",
"m/44'/1'/2'/0/0": "130e71f37821154a54d2c1290751a62518f999a3976e532d847eecf189845e6f",
"m/44'/1'/0'/0/2": "7f582130fc3f5dabf8ab4f0238cd98cc6146d21c95f2b82d7f243e4ce8042bb0"
}
12 changes: 0 additions & 12 deletions middleware/tests/comm/test_bip32.py
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,6 @@ def test_spec_invalid(self):
class TestBIP32Path(TestCase):
def test_paths(self):
self.assertEqual("m/44'/137'/0'/0/0", str(BIP32Path("m/44'/137'/0'/0/0")))
self.assertEqual("m/44'/137'/0'/0/1", str(BIP32Path("m/44'/137'/0'/0/1")))
self.assertEqual("m/44'/0'/0'/0/0", str(BIP32Path("m/44'/0'/0'/0/0")))

def test_to_binary(self):
Expand All @@ -87,14 +86,6 @@ def test_to_binary(self):
"058000002c80000089800000000000000000000000",
BIP32Path("m/44'/137'/0'/0/0").to_binary("big").hex(),
)
self.assertEqual(
"052c00008089000080000000800000000001000000",
BIP32Path("m/44'/137'/0'/0/1").to_binary().hex(),
)
self.assertEqual(
"058000002c80000089800000000000000000000001",
BIP32Path("m/44'/137'/0'/0/1").to_binary("big").hex(),
)
self.assertEqual(
"052c00008000000080000000800000000000000000",
BIP32Path("m/44'/0'/0'/0/0").to_binary().hex(),
Expand All @@ -112,9 +103,6 @@ def test_spec_invalid(self):
def test_equality(self):
self.assertEqual(BIP32Path("m/44'/0'/0'/0/0"), BIP32Path("m/44'/0'/0'/0/0"))
self.assertEqual(BIP32Path("m/44'/137'/0'/0/0"), BIP32Path("m/44'/137'/0'/0/0"))
self.assertEqual(BIP32Path("m/44'/137'/0'/0/1"), BIP32Path("m/44'/137'/0'/0/1"))
self.assertNotEqual(BIP32Path("m/44'/137'/0'/0/1"),
BIP32Path("m/44'/137'/0'/0/0"))
self.assertNotEqual(BIP32Path("m/44'/137'/0'/0/0'"),
BIP32Path("m/44'/137'/0'/0/0"))
self.assertNotEqual(BIP32Path("m/45'/137'/0'/0/0"),
Expand Down