Skip to content

Commit 45ce563

Browse files
benmabenma
committed
ethereum: allow fetching xpub at m/44'/60'/0' and m/44'/1'/0'
NuFi wants to fetch the xpub at the hardened prefix only and derive children from there on the host for consitency with other HWWs. The BitBox still only allows displaying addresses and signing txs at `m/44'/coin'/0'/0/*`.
1 parent 5e708ad commit 45ce563

File tree

2 files changed

+23
-8
lines changed

2 files changed

+23
-8
lines changed

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ customers cannot upgrade their bootloader, its changes are recorded separately.
99
### [Unreleased]
1010
- Ethereum: add confirmation screen for known networks, change base unit to ETH for Arbitrum and Optimism
1111
- Ethereum: add Base and Gnosis Chain to known networks
12+
- Ethereum: allow fetching xpub at m/44'/60'/0' and m/44'/1'/0'
1213
- Bitcoin: enable message signing on testnet and regtest
1314
- Enable Litecoin in the simulator
1415

src/rust/bitbox02-rust/src/hww/api/ethereum/keypath.rs

Lines changed: 22 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -59,14 +59,16 @@ pub async fn warn_unusual_keypath(
5959
}
6060

6161
/// Does limit checks the keypath, whitelisting bip44 purpose, account and change.
62-
/// Only allows the well-known xpubs of m'/44'/60'/0'/0 and m'/44'/1'/0'/0 for now.
62+
/// Only allows the well-known xpubs of m/44'/60'/0'/0 and m/44'/1'/0'/0 for now,
63+
/// as well m/44'/60'/0' and m/44'/1'/0' (same but only the hardened prefix).
6364
/// Since ethereum doesn't use the "change" path part it is always 0 and have become part of the
6465
/// xpub keypath.
65-
/// @return true if the keypath is valid, false if it is invalid.
66+
/// Returns true if the keypath is valid, false if it is invalid.
6667
pub fn is_valid_keypath_xpub(keypath: &[u32]) -> bool {
67-
keypath.len() == 4
68-
&& (keypath[..4] == [44 + HARDENED, 60 + HARDENED, 0 + HARDENED, 0]
69-
|| keypath[..4] == [44 + HARDENED, 1 + HARDENED, 0 + HARDENED, 0])
68+
keypath == [44 + HARDENED, 60 + HARDENED, 0 + HARDENED, 0]
69+
|| keypath == [44 + HARDENED, 1 + HARDENED, 0 + HARDENED, 0]
70+
|| keypath == [44 + HARDENED, 60 + HARDENED, 0 + HARDENED]
71+
|| keypath == [44 + HARDENED, 1 + HARDENED, 0 + HARDENED]
7072
}
7173

7274
/// Does limit checks the keypath, whitelisting bip44 purpose, account and change.
@@ -96,25 +98,37 @@ mod tests {
9698
0 + HARDENED,
9799
0
98100
]));
101+
assert!(is_valid_keypath_xpub(&[
102+
44 + HARDENED,
103+
60 + HARDENED,
104+
0 + HARDENED,
105+
]));
99106
assert!(is_valid_keypath_xpub(&[
100107
44 + HARDENED,
101108
1 + HARDENED,
102109
0 + HARDENED,
103110
0
104111
]));
112+
113+
assert!(is_valid_keypath_xpub(&[
114+
44 + HARDENED,
115+
1 + HARDENED,
116+
0 + HARDENED,
117+
]));
105118
// wrong coin.
106119
assert!(!is_valid_keypath_xpub(&[
107120
44 + HARDENED,
108121
0 + HARDENED,
109122
0 + HARDENED,
110123
0
111124
]));
112-
// too short
113125
assert!(!is_valid_keypath_xpub(&[
114126
44 + HARDENED,
115-
60 + HARDENED,
116-
0 + HARDENED
127+
0 + HARDENED,
128+
0 + HARDENED,
117129
]));
130+
// too short
131+
assert!(!is_valid_keypath_xpub(&[44 + HARDENED, 60 + HARDENED]));
118132
// too long
119133
assert!(!is_valid_keypath_xpub(&[
120134
44 + HARDENED,

0 commit comments

Comments
 (0)