Merge pull request #9183 from JamieDriver/jade_native_psbt

Jade native psbt
1 year ago · 2f9ce3ff8c
5 changed files with 147 additions and 88 deletions
--- a/electrum/plugins/jade/jade.py
+++ b/electrum/plugins/jade/jade.py
@ -7,7 +7,7 @@ from electrum import bip32, constants
 from electrum.crypto import sha256
 from electrum.i18n import _
 from electrum.keystore import Hardware_KeyStore
-from electrum.transaction import Transaction
+from electrum.transaction import PartialTransaction, Transaction
 from electrum.wallet import Multisig_Wallet
 from electrum.util import UserFacingException
 from electrum.logging import get_logger
@ -26,14 +26,15 @@ _logger = get_logger(__name__)
 #import logging
 #LOGGING = logging.INFO
 #if LOGGING:
-#    logger = logging.getLogger('jade')
+#    logger = logging.getLogger('electrum.plugins.jade.jadepy.jade')
 #    logger.setLevel(LOGGING)
-#    device_logger = logging.getLogger('jade-device')
+#    device_logger = logging.getLogger('electrum.plugins.jade.jadepy.jade-device')
 #    device_logger.setLevel(LOGGING)
 try:
    # Do imports
    from .jadepy.jade import JadeAPI
    from .jadepy.jade_serial import JadeSerialImpl
    from serial.tools import list_ports
 except ImportError as e:
    _logger.exception('error importing Jade plugin deps')
@ -193,25 +194,11 @@ class Jade_Client(HardwareClientBase):
        return base64.b64decode(sig)
    @runs_in_hwd_thread
-    def sign_tx(self, txn_bytes, inputs, change):
+    def sign_psbt(self, psbt_bytes):
        self.authenticate()
-        # Add some host entropy for AE sigs (although we won't verify)
+        # Pass as PSBT to Jade for signing.  As of fw v0.1.47 Jade should handle PSBT natively.
-        for input in inputs:
+        return self.jade.sign_psbt(self._network(), psbt_bytes)
            if input['path'] is not None:
                input['ae_host_entropy'] = os.urandom(32)
                input['ae_host_commitment'] = os.urandom(32)
        # Map change script type
        for output in change:
            if output and output.get('variant') is not None:
                output['variant'] = self._convertAddrType(output['variant'], False)
        # Pass to Jade to generate signatures
        sig_data = self.jade.sign_tx(self._network(), txn_bytes, inputs, change, use_ae_signatures=True)
        # Extract signatures from returned data (sig[0] is the AE signer-commitment)
        return [sig[1] for sig in sig_data]
    @runs_in_hwd_thread
    def show_address(self, bip32_path_prefix, sequence, txin_type):
@ -260,64 +247,24 @@ class Jade_KeyStore(Hardware_KeyStore):
        self.handler.show_message(_("Preparing to sign transaction ..."))
        try:
            wallet = self.handler.get_wallet()
-            is_multisig = _is_multisig(wallet)
+            if _is_multisig(wallet):
-
+                # Register multisig on Jade using any change addresses
-            # Fetch inputs of the transaction to sign
+                for txout in tx.outputs():
-            jade_inputs = []
+                    if txout.is_mine and txout.is_change:
            for txin in tx.inputs():
                pubkey, path = self.find_my_pubkey_in_txinout(txin)
                witness_input = txin.is_segwit()
                redeem_script = Transaction.get_preimage_script(txin)
                input_tx = txin.utxo
                input_tx = bytes.fromhex(input_tx.serialize()) if input_tx is not None else None
                # Build the input and add to the list - include some host entropy for AE sigs (although we won't verify)
                jade_inputs.append({'is_witness': witness_input,
                                    'input_tx': input_tx,
                                    'script': redeem_script,
                                    'path': path})
            # Change detection
            change = [None] * len(tx.outputs())
            for index, txout in enumerate(tx.outputs()):
                if txout.is_mine and txout.is_change:
                    desc = txout.script_descriptor
                    assert desc
                    if is_multisig:
                        # Multisig - wallet details must be registered on Jade hw
-                        multisig_name = _register_multisig_wallet(wallet, self, txout.address)
+                        _register_multisig_wallet(wallet, self, txout.address)
-
+
-                        # Jade only needs the path suffix(es) and the multisig registration
+            # NOTE: sign_psbt() does not use AE signatures, so sticks with default (rfc6979)
                        # name to generate the address, as the fixed derivation part is
                        # embedded in the multisig wallet registration record
                        # NOTE: all cosigners have same path suffix
                        path_suffix = wallet.get_address_index(txout.address)
                        paths = [path_suffix] * wallet.n
                        change[index] = {'multisig_name': multisig_name, 'paths': paths}
                    else:
                        # Pass entire path
                        pubkey, path = self.find_my_pubkey_in_txinout(txout)
                        change[index] = {'path':path, 'variant': desc.to_legacy_electrum_script_type()}
            # The txn itself
            txn_bytes = bytes.fromhex(tx.serialize_to_network(include_sigs=False))
            # Request Jade generate the signatures for our inputs.
            # Change details are passed to be validated on the hw (user does not confirm)
            self.handler.show_message(_("Please confirm the transaction details on your Jade device..."))
            client = self.get_client()
-            signatures = client.sign_tx(txn_bytes, jade_inputs, change)
+
-            assert len(signatures) == len(tx.inputs())
+            psbt_bytes = tx.serialize_as_bytes()
-
+            psbt_bytes = client.sign_psbt(psbt_bytes)
-            # Inject signatures into tx
+            signed_tx = PartialTransaction.from_raw_psbt(psbt_bytes)
-            for index, (txin, signature) in enumerate(zip(tx.inputs(), signatures)):
+
-                pubkey, path = self.find_my_pubkey_in_txinout(txin)
+            # Copy signatures into original tx
-                if pubkey is not None and signature is not None:
+            tx.combine_with_other_psbt(signed_tx)
-                    tx.add_signature_to_txin(
+
                        txin_idx=index,
                        signing_pubkey=pubkey,
                        sig=signature,
                    )
        finally:
            self.handler.finished()
@ -353,12 +300,9 @@ class Jade_KeyStore(Hardware_KeyStore):
 class JadePlugin(HW_PluginBase):
    keystore_class = Jade_KeyStore
    minimum_library = (0, 0, 1)
-    DEVICE_IDS = [(0x10c4, 0xea60), # Development Jade device
+    DEVICE_IDS = JadeSerialImpl.JADE_DEVICE_IDS
                  (0x1a86, 0x55d4), # Retail Blockstream Jade (And some DIY devices)
                  (0x0403, 0x6001), # DIY FTDI Based Devices (Eg: M5StickC-Plus)
                  (0x1a86, 0x7523)] # DIY CH340 Based devices (Eg: ESP32-Wrover)
    SUPPORTED_XTYPES = ('standard', 'p2wpkh-p2sh', 'p2wpkh', 'p2wsh-p2sh', 'p2wsh')
-    MIN_SUPPORTED_FW_VERSION = (0, 1, 32)
+    MIN_SUPPORTED_FW_VERSION = (0, 1, 47)
    # For testing with qemu simulator (experimental)
    SIMULATOR_PATH = None  # 'tcp:127.0.0.1:2222'
--- a/electrum/plugins/jade/jadepy/README.md
+++ b/electrum/plugins/jade/jadepy/README.md
@ -2,10 +2,9 @@
 This is a slightly modified version of the official [Jade](https://github.com/Blockstream/Jade) python library.
-This modified version was made from tag [1.0.29](https://github.com/Blockstream/Jade/releases/tag/1.0.29).
+This modified version was made from tag [1.0.31](https://github.com/Blockstream/Jade/releases/tag/1.0.31).
 Intention is to fold these modifications back into Jade repo, for future api release.
 ## Changes
 - Removed BLE module, reducing transitive dependencies
 - _http_request() function removed, so cannot be used as unintentional fallback
--- a/electrum/plugins/jade/jadepy/init.py
+++ b/electrum/plugins/jade/jadepy/init.py
@ -1,4 +1,4 @@
 from .jade import JadeAPI
 from .jade_error import JadeError
-__version__ = "0.2.0"
+__version__ = "1.0.31"
--- a/electrum/plugins/jade/jadepy/jade.py
+++ b/electrum/plugins/jade/jadepy/jade.py
@ -7,6 +7,7 @@ import collections
 import collections.abc
 import traceback
 import random
 import socket
 import sys
 # JadeError
@ -24,7 +25,7 @@ device_logger = logging.getLogger(f'{__name__}-device')
 # It relies on the BLE dependencies being available
 try:
    from .jade_ble import JadeBleImpl
-except ImportError as e:
+except (ImportError, FileNotFoundError) as e:
    logger.warning(e)
    logger.warning('BLE scanning/connectivity will not be available')
@ -123,6 +124,32 @@ def _hexlify(data):
 #     logger.info(e)
 #     logger.info('Default _http_requests() function will not be available')
 def generate_dump():
    while True:
        try:
            with socket.create_connection(("localhost", 4444)) as s:
                output = b""
                while b"Open On-Chip Debugger" not in output:
                    data = s.recv(1024)
                    if not data:
                        continue
                    output += data
                s.sendall(b"esp gcov dump\n")
                output = b""
                while b"Targets disconnected." not in output:
                    data = s.recv(1024)
                    if not data:
                        continue
                    output += data
                s.sendall(b"resume\n")
                time.sleep(1)
            return
        except ConnectionRefusedError:
            pass
 class JadeAPI:
    """
    High-Level Jade Client API
@ -431,7 +458,8 @@ class JadeAPI:
        """
        return self._jadeRpc('logout')
-    def ota_update(self, fwcmp, fwlen, chunksize, fwhash=None, patchlen=None, cb=None):
+    def ota_update(self, fwcmp, fwlen, chunksize, fwhash=None, patchlen=None, cb=None,
                   gcov_dump=False):
        """
        RPC call to attempt to update the unit's firmware.
@ -507,6 +535,9 @@ class JadeAPI:
            if (cb):
                cb(written, cmplen)
        if gcov_dump:
            self.run_remote_gcov_dump()
        # All binary data uploaded
        return self._jadeRpc('ota_complete')
@ -523,6 +554,22 @@ class JadeAPI:
        """
        return self._jadeRpc('debug_selfcheck', long_timeout=True)
    def run_remote_gcov_dump(self):
        """
        RPC call to run in-built gcov-dump.
        NOTE: Only available in a DEBUG build of the firmware.
        Returns
        -------
        bool
            Always True.
        """
        result = self._jadeRpc('debug_gcov_dump', long_timeout=True)
        time.sleep(0.5)
        generate_dump()
        time.sleep(2)
        return result
    def capture_image_data(self, check_qr=False):
        """
        RPC call to capture raw image data from the camera.
@ -951,6 +998,42 @@ class JadeAPI:
        params = {'multisig_file': multisig_file}
        return self._jadeRpc('register_multisig', params)
    def get_registered_descriptors(self):
        """
        RPC call to fetch brief summaries of any descriptor wallets registered to this signer.
        Returns
        -------
        dict
            Brief description of registered descriptor, keyed by registration name.
            Each entry contains keys:
                descriptor_len - int, length of descriptor output script
                num_datavalues - int, total number of substitution placeholders passed with script
                master_blinding_key - 32-bytes, any liquid master blinding key for this wallet
        """
        return self._jadeRpc('get_registered_descriptors')
    def get_registered_descriptor(self, descriptor_name):
        """
        RPC call to fetch details of a named descriptor wallet registered to this signer.
        Parameters
        ----------
        descriptor_name : string
            Name of descriptor registration record to return.
        Returns
        -------
        dict
            Description of registered descriptor wallet identified by registration name.
            Contains keys:
                descriptor_name - str, name of descritpor registration
                descriptor - str, descriptor output script, may contain substitution placeholders
                datavalues - dict containing placeholders for substitution into script
        """
        params = {'descriptor_name': descriptor_name}
        return self._jadeRpc('get_registered_descriptor', params)
    def register_descriptor(self, network, descriptor_name, descriptor_script, datavalues=None):
        """
        RPC call to register a new descriptor wallet, which must contain the hw signer.
@ -959,7 +1042,7 @@ class JadeAPI:
        Parameters
        ----------
        network : string
-            Network to which the multisig should apply - eg. 'mainnet', 'liquid', 'testnet', etc.
+            Network to which the descriptor should apply - eg. 'mainnet', 'liquid', 'testnet', etc.
        descriptor_name : string
            Name to use to identify this descriptor wallet registration record.
@ -1221,6 +1304,35 @@ class JadeAPI:
        params = {'identity': identity, 'curve': curve, 'index': index, 'challenge': challenge}
        return self._jadeRpc('sign_identity', params)
    def sign_attestation(self, challenge):
        """
        RPC call to sign passed challenge with embedded hw RSA-4096 key, such that the caller
        can check the authenticity of the hardware unit.  eg. whether it is a genuine
        Blockstream production Jade unit.
        Caller must have the public key of the external verifying authority they wish to validate
        against (eg. Blockstream's Jade verification public key).
        NOTE: only supported by ESP32S3-based hardware units.
        Parameters
        ----------
        challenge : bytes
            Challenge bytes to sign
        Returns
        -------
        dict
            Contains keys:
            signature - 512-bytes, hardware RSA signature of the SHA256 hash of the passed
                        challenge bytes.
            pubkey_pem - str, PEM export of RSA pubkey of the hardware unit, to verify the returned
            RSA signature.
            ext_signature - bytes, RSA signature of the verifying authority over the returned
            pubkey_pem data.
            (Caller can verify this signature with the public key of the verifying authority.)
        """
        params = {'challenge': challenge}
        return self._jadeRpc('sign_attestation', params)
    def get_master_blinding_key(self, only_if_silent=False):
        """
        RPC call to fetch the master (SLIP-077) blinding key for the hw signer.
--- a/electrum/plugins/jade/jadepy/jade_serial.py
+++ b/electrum/plugins/jade/jadepy/jade_serial.py
@ -2,6 +2,7 @@ import serial
 import logging
 from serial.tools import list_ports
 from .jade_error import JadeError
 logger = logging.getLogger(__name__)
@ -53,7 +54,10 @@ class JadeSerialImpl:
        assert self.ser is not None
        if not self.ser.is_open:
-            self.ser.open()
+            try:
                self.ser.open()
            except serial.serialutil.SerialException:
                raise JadeError(1, "Unable to open port", self.device)
        # Ensure RTS and DTR are not set (as this can cause the hw to reboot)
        self.ser.setRTS(False)