wallet keychain: cache ga service path roots for network in use

Should improve performance of generating Green multisig addresses, which
should in turn improve change detection and hence the signing operation.

Author: Jamie C. Driver

main/keychain.c

@@ -242,6 +242,27 @@ bool keychain_is_network_type_consistent(const char* network)
     return network_type_restriction == NETWORK_TYPE_NONE || network_type == network_type_restriction;
 }
 
+const struct ext_key* keychain_cached_service(const struct ext_key* const service, const bool subaccount_root)
+{
+    JADE_ASSERT(keychain_data);
+
+    // If no service passed, invalidate cache
+    if (!service) {
+        keychain_data->cached_service = NULL;
+        return NULL;
+    }
+
+    // Recompute cached values if service mismatch
+    if (service != keychain_data->cached_service) {
+        wallet_get_gaservice_root_key(service, false, &keychain_data->cached_gaservice_main_root);
+        wallet_get_gaservice_root_key(service, true, &keychain_data->cached_gaservice_subact_root);
+        keychain_data->cached_service = service;
+    }
+
+    // Return cached value
+    return subaccount_root ? &keychain_data->cached_gaservice_subact_root : &keychain_data->cached_gaservice_main_root;
+}
+
 void keychain_get_new_mnemonic(char** mnemonic, const size_t nwords)
 {
     JADE_INIT_OUT_PPTR(mnemonic);
@@ -284,6 +305,9 @@ void keychain_derive_from_seed(const uint8_t* seed, const size_t seed_len, keych
 
     // Compute and cache the path the GA server will use to sign
     wallet_calculate_gaservice_path(&keydata->xpriv, keydata->gaservice_path, GASERVICE_PATH_LEN);
+
+    // Ensure cached green-multisig service path roots are unset
+    keydata->cached_service = NULL;
 }
 
 // Derive master key from mnemonic if passed a valid mnemonic

main/keychain.h

@@ -15,6 +15,9 @@ typedef struct {
     uint8_t master_unblinding_key[HMAC_SHA512_LEN];
     uint8_t seed[BIP32_ENTROPY_LEN_512];
     struct ext_key xpriv;
+    struct ext_key cached_gaservice_main_root;
+    struct ext_key cached_gaservice_subact_root;
+    const struct ext_key* cached_service;
     size_t seed_len;
 } keychain_t;
 
@@ -24,6 +27,7 @@ typedef enum { PASSPHRASE_WORDLIST, PASSPHRASE_FREETEXT } passphrase_type_t;
 void keychain_init_cache(void);
 bool keychain_init_unit_key(void);
 void keychain_set(const keychain_t* src, uint8_t userdata, bool temporary);
+const struct ext_key* keychain_cached_service(const struct ext_key* service, bool subaccount_root);
 void keychain_clear(void);
 
 const keychain_t* keychain_get(void);

main/wallet.c

@@ -654,6 +654,22 @@ bool wallet_get_gaservice_path(
     return true;
 }
 
+bool wallet_get_gaservice_root_key(
+    const struct ext_key* const service, const bool subaccount_root, struct ext_key* gakey)
+{
+    if (!service || !gakey) {
+        return false;
+    }
+
+    uint32_t root_path[GASERVICE_ROOT_PATH_LEN];
+    wallet_get_gaservice_path_root(subaccount_root, root_path, GASERVICE_ROOT_PATH_LEN);
+
+    JADE_WALLY_VERIFY(
+        bip32_key_from_parent_path(service, root_path, GASERVICE_ROOT_PATH_LEN, BIP32_FLAG_KEY_PUBLIC, gakey));
+
+    return true;
+}
+
 // Helper to validate the user-path, and fetch the wallet's relevant gait service pubkey
 static bool wallet_get_gaservice_key(
     const char* network, const uint32_t* path, const size_t path_len, struct ext_key* gakey)
@@ -663,37 +679,28 @@ static bool wallet_get_gaservice_key(
     JADE_ASSERT(path_len);
     JADE_ASSERT(gakey);
 
-    uint32_t ga_path[MAX_GASERVICE_PATH_LEN]; // 32 + 3 max
-    size_t ga_path_len = 0;
-    if (!wallet_get_gaservice_path(path, path_len, ga_path, MAX_GASERVICE_PATH_LEN, &ga_path_len)) {
-        // Cannot get ga service path from user path
-        return false;
-    }
+    const keychain_t* const keychain = keychain_get();
+    JADE_ASSERT(keychain);
 
-    // Derive ga account pubkey for the path, except the ptr (so we can log it).
     const struct ext_key* const service = networkToGaService(network);
     if (!service) {
         JADE_LOGE("Unknown network: %s", network);
         return false;
     }
-    /*
-        // This outputs the parent service xpub to match what the gdk has in its txn data
-        struct ext_key garoot;
-        JADE_WALLY_VERIFY(bip32_key_from_parent_path(service, ga_path, ga_path_len-1, BIP32_FLAG_KEY_PUBLIC |
-       BIP32_FLAG_SKIP_HASH, &garoot));
 
-        // Log this xpub
-        char *logbuf;
-        JADE_WALLY_VERIFY(bip32_key_to_base58(&garoot, BIP32_FLAG_KEY_PUBLIC, &logbuf));
-        JADE_LOGI("service xpub: %s", logbuf);
-        JADE_WALLY_VERIFY(wally_free_string(logbuf));
+    uint32_t ga_path_tail[MAX_GASERVICE_PATH_TAIL_LEN];
+    size_t ga_path_tail_len = 0;
+    bool is_subaccount_path = false;
+    if (!wallet_get_gaservice_path_tail(
+            path, path_len, ga_path_tail, MAX_GASERVICE_PATH_TAIL_LEN, &ga_path_tail_len, &is_subaccount_path)) {
+        // Path pattern not recognised
+        return false;
+    }
+
+    const struct ext_key* const cached_service_root = keychain_cached_service(service, is_subaccount_path);
+    JADE_WALLY_VERIFY(bip32_key_from_parent_path(
+        cached_service_root, ga_path_tail, ga_path_tail_len, BIP32_FLAG_KEY_PUBLIC | BIP32_FLAG_SKIP_HASH, gakey));
 
-        // Derive final part of the path into the output
-        JADE_WALLY_VERIFY(bip32_key_from_parent_path(&garoot, &ga_path[ga_path_len-1], 1, BIP32_FLAG_KEY_PUBLIC |
-       BIP32_FLAG_SKIP_HASH, gakey));
-     */
-    JADE_WALLY_VERIFY(
-        bip32_key_from_parent_path(service, ga_path, ga_path_len, BIP32_FLAG_KEY_PUBLIC | BIP32_FLAG_SKIP_HASH, gakey));
     return true;
 }
 

main/wallet.h

@@ -99,6 +99,7 @@ bool wallet_unserialize_gaservice_path(
 bool wallet_get_gaservice_fingerprint(const char* network, uint8_t* output, size_t output_len);
 bool wallet_get_gaservice_path(
     const uint32_t* path, size_t path_len, uint32_t* ga_path, size_t ga_path_len, size_t* written);
+bool wallet_get_gaservice_root_key(const struct ext_key* service, bool subaccount_root, struct ext_key* gakey);
 
 bool wallet_get_message_hash(const uint8_t* bytes, size_t bytes_len, uint8_t* output, size_t output_len);
 bool wallet_sign_message_hash(const uint8_t* signature_hash, size_t signature_hash_len, const uint32_t* path,