Merge branch 'data-warn'

benma · benma · commit 847f45cefe7d · 2021-03-10T16:19:46.000+01:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,7 @@
 - RestoreFrommnemonic: ported to Rust. Will now return UserAbortError on user abort instead of GenericError.
 - Anti-klepto support for ETH transaction signing and for BTC and ETH message signing.
 - Add Uniswap ERC-20 token.
+- Display warning before confirming raw ETH data.
 
 ## 9.4.0 [released 2021-01-20]
 - ETHPubRequest api call now fails if a an invalid contract address is provided also if `display` is
diff --git a/src/rust/bitbox02-rust/src/hww/api/ethereum/sign.rs b/src/rust/bitbox02-rust/src/hww/api/ethereum/sign.rs
@@ -138,6 +138,21 @@ async fn verify_standard_transaction(
     let recipient = parse_recipient(&request.recipient)?;
 
     if !request.data.is_empty() {
+        confirm::confirm(&confirm::Params {
+            title: "Unknown\ncontract",
+            body: "You will be shown\nthe raw\ntransaction data.",
+            accept_is_nextarrow: true,
+            ..Default::default()
+        })
+        .await?;
+        confirm::confirm(&confirm::Params {
+            title: "Unknown\ncontract",
+            body: "Only proceed if you\nunderstand exactly\nwhat the data means.",
+            accept_is_nextarrow: true,
+            ..Default::default()
+        })
+        .await?;
+
         confirm::confirm(&confirm::Params {
             title: "Transaction\ndata",
             body: &hex::encode(&request.data),
@@ -367,14 +382,21 @@ mod tests {
         let _guard = MUTEX.lock().unwrap();
 
         const KEYPATH: &[u32] = &[44 + HARDENED, 60 + HARDENED, 0 + HARDENED, 0, 0];
-
+        static mut CONFIRM_COUNTER: u32 = 0;
         mock(Data {
             ui_confirm_create: Some(Box::new(|params| {
-                assert_eq!(params.title, "Transaction\ndata");
-                assert_eq!(params.body, "666f6f20626172"); // "foo bar" in hex.
-                assert!(params.scrollable);
-                assert_eq!(params.display_size, 7); // length of "foo bar"
-                assert!(params.accept_is_nextarrow);
+                match unsafe { CONFIRM_COUNTER } {
+                    0 | 1 => assert_eq!(params.title, "Unknown\ncontract"),
+                    2 => {
+                        assert_eq!(params.title, "Transaction\ndata");
+                        assert_eq!(params.body, "666f6f20626172"); // "foo bar" in hex.
+                        assert!(params.scrollable);
+                        assert_eq!(params.display_size, 7); // length of "foo bar"
+                        assert!(params.accept_is_nextarrow);
+                    }
+                    _ => panic!("too many user confirmations"),
+                }
+                unsafe { CONFIRM_COUNTER += 1 }
                 true
             })),
             ui_transaction_address_create: Some(Box::new(|amount, address| {
