Change outputs are confirmed without being received #68
Description
Description
When a transaction is divided in chunks and the last chunk only has change outputs, the change outputs on the last chunk are confirmed before being received by the device, which sends the signing to the next step.
When the client tries to send the next tx chunk it fails with BAD_STATE due to state protection.
Reproducing
A transaction that mimics this scenario without custom tokens (to make this simpler) was made, divided in chunks and added APDU headers.
The transaction was made with change protocol v1 but it also can happen with the old protocol since we only need 1 change output on the last chunk.
chunk 1
e0060000ff010400058000002c8000011880000000000000000000000002058000002c8000011880000000000000000000000203058000002c8000011880000000000000000000000304058000002c800001188000000000000000000000040001000205d57eff854a615612b5d089f667a32161b347344dd62dd7315f68dd508b17e1ddb300006d39806ee6bb56cc06b50723be09506b11ec11dde388a720ef1f68a9b2e6950aa200000000133800001976a91483d3ee6df8bee68f8043d3d7f7feba807a683dfe88ac000018f100001976a9142d9d5cc2969d59836204376a5c4927f84ca4c7b288ac0000113c00001976a91407a6e2e3c254b330de8d1b73bb3418e0
chunk 2
e0060001469466b45388ac0000206800001976a914279116ab46ab6111641fe2ad24bd8bf5b9636ad588ac000023b200001976a914d035b2d6e8663bbaa6c03e69df6953d5be25575288ac
Solution
Stop confirming outputs when we reach the last output received in the latest APDU call.
This means we need to keep track of the number of parsed outputs and only confirm outputs until the parsed ones, anything more should throw a request for more data.