Skip to content

Bug fixes 2026-02-18#425

Open
iartemov-ledger wants to merge 3 commits intodevelopfrom
bug_fixes_2026-02-18
Open

Bug fixes 2026-02-18#425
iartemov-ledger wants to merge 3 commits intodevelopfrom
bug_fixes_2026-02-18

Conversation

@iartemov-ledger
Copy link
Contributor

@iartemov-ledger iartemov-ledger commented Feb 18, 2026
edited
Loading

  • Fixing call_get_merkleized_map_value() return value checking
  • Zeroing out nonce-related stack buffers in musig part
  • Fix partial_data_len=0 case

AI-generated unit tests with a small added value, but with a lot of code lines have been removed finally.

@ledger-wiz-cspm-secret-detection
Copy link

ledger-wiz-cspm-secret-detection bot commented Feb 18, 2026
edited
Loading

Wiz Scan Summary

Scanner Findings
Data Finding Sensitive Data -
Secret Finding Secrets -
IaC Misconfiguration IaC Misconfigurations -
SAST Finding SAST Findings -
Software Management Finding Software Management Findings -
Total -

View scan details in Wiz

To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension.

@iartemov-ledger iartemov-ledger changed the base branch from develop to codespell February 18, 2026 16:28
@codecov-commenter
Copy link

codecov-commenter commented Feb 18, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.81%. Comparing base (7cf2c4d) to head (8ff2b62).

Additional details and impacted files 
@@           Coverage Diff            @@
##           develop     #425   +/-   ##
========================================
  Coverage    85.81%   85.81%           
========================================
  Files           18       18           
  Lines         2812     2812           
  Branches       426      427    +1     
========================================
  Hits          2413     2413           
  Misses         388      388           
  Partials        11       11
Flag Coverage Δ
unittests 85.81% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

iartemov-ledger
iartemov-ledger commented Feb 20, 2026
View reviewed changes
@iartemov-ledger iartemov-ledger marked this pull request as ready for review February 23, 2026 10:46
bigspider
bigspider reviewed Feb 23, 2026
View reviewed changes
src/musig/musig.c
explicit_bzero(secnonce->k_1, sizeof(secnonce->k_1));
explicit_bzero(secnonce->k_2, sizeof(secnonce->k_2));
return -1;
}
Copy link
Collaborator

@bigspider bigspider Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This isn't really a vulnerability because in case of musig2 signing failures, the signing is invalidated and it has to start over from Round 1. So we'd be leaving in memory a 'secret' that is just a randomly generated number that is no longer useful for anything - a new attempt at signing will generate a new random number.
However, I guess the hardening doesn't hurt.

In that case, however, we should therefore also do the same in the callers of musig_nonce_gen:

  • produce_and_yield_pubnonce doesn't need the secnonce at all, so it can delete it straight away
  • sign_sighash_musig_and_yield should delete it once done (both on success and error cases).

Copy link
Contributor Author

@iartemov-ledger iartemov-ledger Feb 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Added immediate secnonce zeroing out in produce_and_yield_pubnonce()
  • In sign_sighash_musig_and_yield() if I'm reading correctly that was already the case:
    • secnonce iz zeroed out in case of musig_nonce_gen() error
    • it is zeroed out right after the latest use as well

@iartemov-ledger iartemov-ledger force-pushed the codespell branch 2 times, most recently from fce67e2 to 9204806 Compare February 27, 2026 10:10
Base automatically changed from codespell to develop February 27, 2026 10:36
@iartemov-ledger iartemov-ledger changed the title Bug fixes 2026 02 18 Bug fixes 2026-02-18 Feb 27, 2026
Copilot AI reviewed Feb 27, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens PSBT signing and MuSig2 flows by improving negative-return checks from merkleized map accessors, tightening preimage streaming validation, and ensuring nonce-related secrets are explicitly zeroed on failure/cleanup paths.

Changes:

  • Replace == -1 checks with < 0 for functions that can return multiple negative error codes.
  • Add explicit zeroization/cleanup paths for MuSig2 nonce generation/signing intermediates.
  • Reject partial_data_len == 0 in call_stream_preimage() to avoid underflow/invalid buffer creation.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file
File Description
src/musig/musig.c Adds failure/cleanup labels to ensure nonce scalars and derived temporaries are explicitly wiped before returning.
src/handler/sign_psbt/txhashes.c Uses < 0 when validating call_get_merkleized_map_value() result to properly catch all negative error returns.
src/handler/sign_psbt/musig_signing.c Zeroes rand_i_j and secnonce buffers on all paths; refactors nonce-gen error handling to a cleanup pattern.
src/handler/sign_psbt.c Updates merkleized map value length checks from == -1 to < 0 for correctness across error codes.
src/handler/lib/stream_preimage.c Treats partial_data_len == 0 as invalid to prevent partial_data_len - 1 underflow when skipping the 0x00 prefix.
src/handler/lib/policy.c Updates negative error handling for key info retrieval to use < 0.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@bboilot-ledger bboilot-ledger bboilot-ledger approved these changes

@bigspider bigspider Awaiting requested review from bigspider

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@iartemov-ledger @codecov-commenter @bigspider @bboilot-ledger