Krux Apps, small utility programs to enhance Krux

[tadeubas]

What is this PR for?

Create a new Tool to enable the execution of developer's signed Krux apps (Kapps) as .mpy files in the SD card.

To test on the simulator, copy the .mpy file and its corresponding .mpy.sig into the simulator/sd folder. When executed, both files are automatically copied to simulator/flash. The simulator then emulates the execution of the selected Kapp by running the corresponding .py file from the simulator’s root directory. To avoid duplication, it’s recommended to create symbolic links to these .py files instead of copying them.

In any case you will need to generate a .mpy file using the tool firmware/MaixPy/components/micropython/core/mpy-cross. Follow its README.md instructions in order to make and then compile a .py file into .mpy. It is implied that all Kapps must implement the run() function to be executed.

You will also need to create a .sig file based on the .mpy. Remember to change the contents of the SIGNER_PUBKEY inside src\krux\metadata.py following instructions here To generate a keypair and Signing the firmware (firmware will be your .mpy file) in order to sign and verify the signature within Krux code (Ex: ./krux sign kapps/nostr.mpy privkey.pem).

Use this nice tool from @kdmukai to test Nostr Kapp: https://nostrtool.com/

It’s also implied (though we can change this later) that Kapps won’t be translated - existing firmware strings will be, but new ones won’t. I also think we need to distribute the .mpy files (and their signatures) with each release.

It is possible to keep more than one Kapp in flash memory. There is a security setting to enable the startup execution of a Kapp (before Krux firmware for OPSec), only Kapps that have the const ALLOW_STARTUP = True are listed there.

Other changes

• New Kapp - k_QR: QR scanner for inconspicuous startup (OPSec) [scan QR with text: krux]
• New Kapp - Steganography: Capture photos as bmp, view them and hide and revel data in the pixels of the img
• Krux script: signing now produces only compact 70-byte signatures, preventing the 71- or 72-byte variants that embit would flag as invalid
• pyproject.toml: New tasks to handle mpy generation (poetry run poe mpy-all)
• Simulator: flash folder now simulates device's user flash space
• firmaware.py: Refactored code to allow reuse of get_pubkey and check_signature
• New settings: allow_kapp and startup_kapp

Changes made to:

• Code
• Tests
• Docs
• CHANGELOG

Did you build the code and tested on device?

• Yes, build and tested on yahboom and others

What is the purpose of this pull request?

• Bug fix
• New feature
• Docs update
• Other

TODO LIST:

• Create the Nostr Krux app for airgap signing (idea from @odudex) .
• Reformulate Nostr Kapp to use NIP06 (mnemonic to nostr key) and NIP19 (nsec1...).
  • Allow Nostr Kapp to sign a Nostr event.
• Create a C function in Maixpy to allow the Python code to change SPIFFS VFS exec_allowed attr.
  • Merge micropython PR: Creating Micropython module vfs micropython#6
  • Merge MaixPy PR: Allow vfs changes in maixpy_main.c MaixPy#26
• Create test cases for Kapps:
  • Tests for kapp Nostr.
• Create docs.
• Add info to CHANGELOG.

[codecov]

Codecov Report

❌ Patch coverage is 89.39394% with 21 lines in your changes missing coverage. Please review.
✅ Project coverage is 97.17%. Comparing base (5ae4ff5) to head (104b03f).

Files with missing lines	Patch %	Lines
src/krux/pages/kapps.py	90.06%	15 Missing ⚠️
src/krux/krux_settings.py	45.45%	6 Missing ⚠️

❌ Your patch check has failed because the patch coverage (89.39%) is below the target coverage (95.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop     #485      +/-   ##
===========================================
- Coverage    97.31%   97.17%   -0.15%     
===========================================
  Files           83       84       +1     
  Lines        10568    10749     +181     
===========================================
+ Hits         10284    10445     +161     
- Misses         284      304      +20     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[tadeubas]

Use my PUBKEY to test the signed apps (kapp, nostr) more easily, just change your metadata.py and flash the device:

SIGNER_PUBKEY = "0473d0a15dd45c336749dd548f73a2d3e4d4eb35a63bed31339959616a8b9d9e6e0060acc43bb915e89dc0d7f2b1c480be36d4f9883f1be1e525cddcd01d495805"

[joaozinhom]

This idea (krux apps) seems great to solve some open issues like this one #203 , krux devices have limited hardware in general, and probably for the future of the project we will need changes like this to allow continuous addition of features. some tests are broken in my machine, a notebook nix os ryzen 7 with 16 gb ram(I can run the krux main branch), i try by poetry and get some lib import errors, "No module named..."

The most part of the poetry commands return this warning probably the problem are in this location

if you want some help or i type some wrong information please let me know.

[tadeubas]

Hi @j-moreno-c-r
It appears that you don't have the dependencies installed. In order to test the project plz follow the instructions here: https://github.com/selfcustody/krux?tab=readme-ov-file#development

I think you have to use this cmd before trying to execute tests: git submodule update --init --recursive

[joaozinhom]

ok sorry for the innatention, everithing run fine now

[tadeubas]

I’ve opened an issue for the Amber mobile app.
Another issue for nos2x Chrome Extension.
And other for nostr-login javascript lib for clients.

[tadeubas]

Example of steganography app usage: https://excalidraw.com/#json=3C163DUVqLssMRl1_rl8A,nfbdz4uv1AY95q725OaZ-g

KEF-BMP.txt

[tadeubas]

I’ve tested this extensively and believe the PR is ready to merge. I know that @jdlcdl has tested both the Nostr and Steganography Kapps, and another person has successfully tested only the Steganography Kapp without any issues.

This PR does not yet include the inconspicuous startup feature #203 ; we’ll need to discuss the best approach for implementing that separately.

[Pentecost1]

In the NosTR app, the fingerprint keeps blinking. I’m not sure if this is intentional behavior or if there’s something I haven’t understood yet

IMG_0614.MOV

[tadeubas]

Thx @Pentecost1 you found a bug 👍 will fix ASAP

[tadeubas]

I discussed inconspicuous startup (#203) with other devs on Telegram. Since Kapps can do anything, it’s hard to guarantee the firmware remains intact after they run. I initially suggested disabling Kapp startup and forcing a reboot before entering the firmware, which would require users to re-enable the Kapp each time.

On further thought, we could instead allow only specific Kapps, those that don’t access or modify firmware code, to run at startup, and then safely continue to the firmware without disabling the Kapp or rebooting.

I’ll update this PR accordingly and add a small, simple Kapp for inconspicuous startup.

[qlrd]

Pleeeeaase 🙏🏽 squash commits so i can review, is confusing to me 🥺.

Also we need to edit commits compliant to CI and appear to have some tests to make.

[tadeubas]

I understand the concern 🙂
Given that we already have around ~90% test coverage, I think the most valuable step at this point would be to go through the PR description and test the PR on the device to gather initial feedback.

Once that’s done, we can move on to refining commit messages, addressing CI expectations, and doing a more detailed code review if needed 😉

[qlrd]

In any case you will need to generate a .mpy file using the tool firmware/MaixPy/components/micropython/core/mpy-cross. Follow its README.md instructions in order to make and then compile a .py file into .mpy. It is implied that all Kapps must implement the run() function to be executed.

It's worth to add some detailed information in #821 or followup?

[qlrd]

Needs rebase and squash commits

[qlrd]

Just some doc nits. Also wdyt about have more commits, but organized like as follow?

• docs: CHANGELOG, images, md files;
• chore(i18n): i18n files and scripts;
• feat(simulator): simulator scripts, sequences;
• feat: kapps files;
• feat(test): tests;
• feat(src): source files
• feat(build): pyproject.toml, krux, .gitignore.

[tadeubas]

Maybe the commits could be separated as follow, wdyt?

Thank you for the suggestion. At this point, the changes are complete, so I'll leave it as is.

[qlrd]

Suggested change

	sing_message = SignMessage(self.ctx)
	data, qr_format, message_filename = sing_message._load_message()
	sign_message = SignMessage(self.ctx)
	data, qr_format, message_filename = sign_message._load_message()

[tadeubas]

nice typo, will fix asap

[qlrd]

Maybe the commits could be separated as follow, wdyt?

Thank you for the suggestion. At this point, the changes are complete, so I'll leave it as is.

Nice, is very neat work. Congrats!
It's better to resolve the suggestions so when merge they will not appear anymore.