Add ETH 2 deposit handling

Makefile

@@ -46,6 +46,10 @@ DEFINES += CHAINID_UPCASE=\"ETHEREUM\" CHAINID_COINNAME=\"ETH\" CHAIN_KIND=CHAIN
 APP_LOAD_PARAMS += --path "2645'/579218131'" 
 DEFINES += HAVE_STARKWARE
 DEFINES += STARK_BIP32_PATH_0=0x80000A55 STARK_BIP32_PATH_1=0xA2862AD3 
+# Allow to derive ETH 2 public keys
+# TODO : add curve reference on latest firmware
+APP_LOAD_PARAMS += --path "12381/3600"
+DEFINES += HAVE_ETH2
 APPNAME = "Ethereum"
 DEFINES_LIB=
 APP_LOAD_FLAGS=--appFlags 0xa40
@@ -58,6 +62,10 @@ DEFINES += HAVE_STARKWARE
 # Keep for Starkware Ropsten tests
 DEFINES += HAVE_TOKENS_EXTRA_LIST
 DEFINES += STARK_BIP32_PATH_0=0x80000A55 STARK_BIP32_PATH_1=0xA2862AD3
+# Allow to derive ETH 2 public keys
+# TODO : add curve reference on latest firmware
+APP_LOAD_PARAMS += --path "12381/3600"
+DEFINES += HAVE_ETH2
 APPNAME = "Eth Ropsten"
 DEFINES_LIB=
 APP_LOAD_FLAGS=--appFlags 0xa40

doc/ethapp.asc

@@ -18,6 +18,7 @@ Application version 1.5.0 - 25th of September 2020
 
 ## 1.5.0
   - Add SIGN ETH EIP 712  
+  - Add GET ETH2 PUBLIC KEY
 
 ## About
 
@@ -315,6 +316,79 @@ This command has been supported since firmware version 1.5.0
 | s                                                                                 | 32
 |==============================================================================================================================
 
+### GET ETH2 PUBLIC KEY
+
+#### Description
+
+This command returns an Ethereum 2 BLS12-381 public key derived following EIP 2333 specification (https://eips.ethereum.org/EIPS/eip-2333) 
+
+This command has been supported since firmware version 1.5.0
+
+#### Coding
+
+'Command'
+
+[width="80%"]
+|==============================================================================================================================
+| *CLA* | *INS*  | *P1*               | *P2*       | *Lc*     | *Le*   
+|   E0  |   0E   |  00 : return public key
+
+                    01 : display public key and confirm before returning
+                                      |   00      | variable | variable
+|==============================================================================================================================
+
+'Input data'
+
+[width="80%"]
+|==============================================================================================================================
+| *Description*                                                                     | *Length*
+| Number of BIP 32 derivations to perform (max 10)                                  | 1
+| First derivation index (big endian)                                               | 4
+| ...                                                                               | 4
+| Last derivation index (big endian)                                                | 4
+|==============================================================================================================================
+
+'Output data'
+
+[width="80%"]
+|==============================================================================================================================
+| *Description*                                                                     | *Length*
+| Public key                                                                        | 48
+|==============================================================================================================================
+
+### SET ETH2 WITHDRAWAL INDEX
+
+#### Description
+
+This command sets the index of the Withdrawal key used as withdrawal credentials in an ETH2 deposit contract call signature. The path of the Withdrawal key starts with 12381/3600/0 according to EIP 2333 (https://eips.ethereum.org/EIPS/eip-2333) 
+
+The default index used is 0 if this method isn't called before the deposit contract transaction is sent to the device to be signed
+
+This command has been supported since firmware version 1.5.0
+
+#### Coding
+
+'Command'
+
+[width="80%"]
+|==============================================================================================================================
+| *CLA* | *INS*  | *P1*               | *P2*       | *Lc*     | *Le*   
+|   E0  |   10   |  00
+                                      |   00      | variable | variable
+|==============================================================================================================================
+
+'Input data'
+
+[width="80%"]
+|==============================================================================================================================
+| *Description*                                                                     | *Length*
+| Withdrawal key index (big endian)                                                 | 4
+|==============================================================================================================================
+
+'Output data'
+
+None
+
 ## Transport protocol
 
 ### General transport description

src/apdu_constants.h

@@ -11,6 +11,8 @@
 #define INS_SIGN_PERSONAL_MESSAGE 0x08
 #define INS_PROVIDE_ERC20_TOKEN_INFORMATION 0x0A
 #define INS_SIGN_EIP_712_MESSAGE 0x0C
+#define INS_GET_ETH2_PUBLIC_KEY 0x0E
+#define INS_SET_ETH2_WITHDRAWAL_INDEX 0x10
 #define P1_CONFIRM 0x01
 #define P1_NON_CONFIRM 0x00
 #define P2_NO_CHAINCODE 0x00
@@ -48,6 +50,14 @@ void handleProvideErc20TokenInformation(uint8_t p1, uint8_t p2, uint8_t *dataBuf
 void handleSign(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t dataLength, unsigned int *flags, unsigned int *tx);
 void handleGetAppConfiguration(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t dataLength, unsigned int *flags, unsigned int *tx);
 void handleSignPersonalMessage(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t dataLength, unsigned int *flags, unsigned int *tx);
+void handleSignEIP712Message(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t dataLength, unsigned int *flags, unsigned int *tx);
+
+#ifdef HAVE_ETH2
+
+void handleGetEth2PublicKey(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t dataLength, unsigned int *flags, unsigned int *tx);
+void handleSetEth2WinthdrawalIndex(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t dataLength, unsigned int *flags, unsigned int *tx);
+
+#endif
 
 #ifdef HAVE_STARKWARE
 

src/eth_plugin_handler.c

@@ -45,12 +45,16 @@ void eth_plugin_prepare_query_contract_UI(ethQueryContractUI_t *queryContractUI,
 
 int eth_plugin_perform_init(uint8_t *contractAddress, ethPluginInitContract_t *init) {
 	uint8_t i;
+	const uint8_t **selectors;
 	dataContext.tokenContext.pluginAvailable = 0;
 	// Handle hardcoded plugin list
 	PRINTF("Selector %.*H\n", 4, init->selector);
-	for (i=0; i<NUM_INTERNAL_PLUGINS; i++) {
-		const uint8_t **selectors = PIC(INTERNAL_ETH_PLUGINS[i].selectors);
+	for (i=0;; i++) {		
 		uint8_t j;
+		selectors = PIC(INTERNAL_ETH_PLUGINS[i].selectors);
+		if (selectors == NULL) {
+			break;
+		}
 		for (j=0; ((j<INTERNAL_ETH_PLUGINS[i].num_selectors) && (contractAddress != NULL)); j++) {			
 			if (memcmp(init->selector, PIC(selectors[j]), SELECTOR_SIZE) == 0) {
 				strcpy(dataContext.tokenContext.pluginName, INTERNAL_ETH_PLUGINS[i].alias);
@@ -96,6 +100,7 @@ int eth_plugin_call(uint8_t *contractAddress, int method, void *parameter) {
 	char tmp[PLUGIN_ID_LENGTH];
 	char *alias;
 	uint8_t i;
+	uint8_t internalPlugin = 0;
 
 	pluginRW.sha3 = &global_sha3;
 	pluginRO.txContent = &tmpContent.txContent;
@@ -154,14 +159,18 @@ int eth_plugin_call(uint8_t *contractAddress, int method, void *parameter) {
 
 	// Perform the call
 
-	for (i=0; i<NUM_INTERNAL_PLUGINS; i++) {
+	for (i=0;; i++) {
+		if (INTERNAL_ETH_PLUGINS[i].alias[0] == 0) {
+			break;
+		}		
 		if (strcmp(alias, INTERNAL_ETH_PLUGINS[i].alias) == 0) {
+			internalPlugin = 1;
 			((PluginCall)PIC(INTERNAL_ETH_PLUGINS[i].impl))(method, parameter);
 			break;
 		}
 	}
 
-	if (i == NUM_INTERNAL_PLUGINS) {
+	if (!internalPlugin) {
 		 uint32_t params[3];
 		 params[0] = (uint32_t)alias;
 		 params[1] = method;

src/eth_plugin_internal.c

@@ -2,7 +2,12 @@
 
 void erc20_plugin_call(int message, void *parameters);
 void compound_plugin_call(int message, void *parameters);
+#ifdef HAVE_STARKWARE
 void starkware_plugin_call(int message, void *parameters);
+#endif
+#ifdef HAVE_ETH2
+void eth2_plugin_call(int message, void *parameters);
+#endif
 
 static const uint8_t const ERC20_TRANSFER_SELECTOR[SELECTOR_SIZE] = { 0xa9, 0x05, 0x9c, 0xbb };
 static const uint8_t const ERC20_APPROVE_SELECTOR[SELECTOR_SIZE] = { 0x09, 0x5e, 0xa7, 0xb3 };
@@ -21,6 +26,16 @@ const uint8_t* const COMPOUND_SELECTORS[NUM_COMPOUND_SELECTORS] = {
 	COMPOUND_MINT_SELECTOR, CETH_MINT_SELECTOR
 };
 
+#ifdef HAVE_ETH2
+
+static const uint8_t const ETH2_DEPOSIT_SELECTOR[SELECTOR_SIZE] = { 0x22, 0x89, 0x51, 0x18 };
+
+const uint8_t* const ETH2_SELECTORS[NUM_ETH2_SELECTORS] = {
+	ETH2_DEPOSIT_SELECTOR
+};
+
+#endif
+
 #ifdef HAVE_STARKWARE
 
 static const uint8_t const STARKWARE_REGISTER_ID[SELECTOR_SIZE] = { 0x76, 0x57, 0x18, 0xd7 };
@@ -45,21 +60,32 @@ const uint8_t* const STARKWARE_SELECTORS[NUM_STARKWARE_SELECTORS] = {
 
 // All internal alias names start with 'minus'
 
-const internalEthPlugin_t const INTERNAL_ETH_PLUGINS[NUM_INTERNAL_PLUGINS] =  {
+const internalEthPlugin_t const INTERNAL_ETH_PLUGINS[] =  {
 	{
 		ERC20_SELECTORS,
-		2,
+		NUM_ERC20_SELECTORS,
 		"-erc20",
 		erc20_plugin_call
 	},
 
 	{
 		COMPOUND_SELECTORS,
-		4,
+		NUM_COMPOUND_SELECTORS,
 		"-cmpd",
 		compound_plugin_call
 	},
 
+#ifdef HAVE_ETH2
+
+	{
+		ETH2_SELECTORS,
+		NUM_ETH2_SELECTORS,
+		"-eth2",
+		eth2_plugin_call
+	},
+
+#endif	
+
 #ifdef HAVE_STARKWARE
 
 	{
@@ -70,4 +96,11 @@ const internalEthPlugin_t const INTERNAL_ETH_PLUGINS[NUM_INTERNAL_PLUGINS] =  {
 	},
 
 #endif	
+
+	{
+		NULL,
+		0,
+		"",
+		NULL
+	}
 };

src/eth_plugin_internal.h

@@ -17,20 +17,20 @@ extern const uint8_t* const ERC20_SELECTORS[NUM_ERC20_SELECTORS];
 #define NUM_COMPOUND_SELECTORS 4
 extern const uint8_t* const COMPOUND_SELECTORS[NUM_COMPOUND_SELECTORS];
 
+#ifdef HAVE_ETH2
+
+#define NUM_ETH2_SELECTORS 1
+extern const uint8_t* const ETH2_SELECTORS[NUM_ETH2_SELECTORS];
+
+#endif
 
 #ifdef HAVE_STARKWARE
 
-#define NUM_INTERNAL_PLUGINS 3
-
 #define NUM_STARKWARE_SELECTORS 10
 extern const uint8_t* const STARKWARE_SELECTORS[NUM_STARKWARE_SELECTORS];
 
-#else
-
-#define NUM_INTERNAL_PLUGINS 2
-
 #endif
 
-extern internalEthPlugin_t const INTERNAL_ETH_PLUGINS[NUM_INTERNAL_PLUGINS];
+extern internalEthPlugin_t const INTERNAL_ETH_PLUGINS[];
 
 #endif

src/main.c

@@ -54,6 +54,9 @@ bool called_from_swap;
 #ifdef HAVE_STARKWARE
 bool quantumSet;
 #endif
+#ifdef HAVE_ETH2
+uint32_t eth2WithdrawalIndex;
+#endif
 
 #include "ux.h"
 ux_state_t G_ux;
@@ -70,6 +73,9 @@ void reset_app_context() {
   called_from_swap = false;
 #ifdef HAVE_STARKWARE
   quantumSet = false;
+#endif
+#ifdef HAVE_ETH2
+  eth2WithdrawalIndex = 0;
 #endif
   os_memset((uint8_t*)&txContext, 0, sizeof(txContext));
   os_memset((uint8_t*)&tmpContent, 0, sizeof(tmpContent));
@@ -426,6 +432,19 @@ void handleApdu(unsigned int *flags, unsigned int *tx) {
            handleSignEIP712Message(G_io_apdu_buffer[OFFSET_P1], G_io_apdu_buffer[OFFSET_P2], G_io_apdu_buffer + OFFSET_CDATA, G_io_apdu_buffer[OFFSET_LC], flags, tx);
            break;
 
+#ifdef HAVE_ETH2
+
+        case INS_GET_ETH2_PUBLIC_KEY:
+           os_memset(tmpCtx.transactionContext.tokenSet, 0, MAX_TOKEN);
+           handleGetEth2PublicKey(G_io_apdu_buffer[OFFSET_P1], G_io_apdu_buffer[OFFSET_P2], G_io_apdu_buffer + OFFSET_CDATA, G_io_apdu_buffer[OFFSET_LC], flags, tx);
+           break;
+
+        case INS_SET_ETH2_WITHDRAWAL_INDEX:
+            handleSetEth2WithdrawalIndex(G_io_apdu_buffer[OFFSET_P1], G_io_apdu_buffer[OFFSET_P2], G_io_apdu_buffer + OFFSET_CDATA, G_io_apdu_buffer[OFFSET_LC], flags, tx);
+            break;
+
+#endif
+
 #if 0
         case 0xFF: // return to dashboard
           goto return_to_dashboard;

src/shared_context.h

@@ -168,6 +168,9 @@ extern uint8_t appState;
 #ifdef HAVE_STARKWARE
 extern bool quantumSet;
 #endif
+#ifdef HAVE_ETH2
+extern uint32_t eth2WithdrawalIndex;
+#endif
 
 void reset_app_context(void);
 

src/ui_callbacks.h

@@ -12,6 +12,7 @@ unsigned int io_seproxyhal_touch_data_ok(const bagl_element_t *e);
 unsigned int io_seproxyhal_touch_data_cancel(const bagl_element_t *e);
 unsigned int io_seproxyhal_touch_signMessage712_v0_ok(const bagl_element_t *e);
 unsigned int io_seproxyhal_touch_signMessage712_v0_cancel(const bagl_element_t *e);
+unsigned int io_seproxyhal_touch_eth2_address_ok(const bagl_element_t *e);
 
 void ui_idle(void);
 

src/ui_flow.h

@@ -22,6 +22,8 @@ extern const ux_flow_step_t *        const ux_sign_flow [];
 
 extern const ux_flow_step_t *        const ux_sign_712_v0_flow [];
 
+extern const ux_flow_step_t *        const ux_display_public_eth2_flow [];
+
 #ifdef HAVE_STARKWARE
 
 extern const ux_flow_step_t *        const ux_display_stark_public_flow [];

src_features/getEth2PublicKey/cmd_getEth2PublicKey.c

@@ -0,0 +1,82 @@
+#ifdef HAVE_ETH2
+
+#include "shared_context.h"
+#include "apdu_constants.h"
+
+#include "ui_flow.h"
+#include "feature_getEth2PublicKey.h"
+
+static const uint8_t BLS12_381_FIELD_MODULUS[] = { 0x1a, 0x01, 0x11, 0xea, 0x39, 0x7f, 0xe6, 0x9a, 0x4b, 0x1b, 0xa7, 0xb6, 0x43, 0x4b, 0xac, 0xd7, 0x64, 0x77, 0x4b, 0x84, 0xf3, 0x85, 0x12, 0xbf, 0x67, 0x30, 0xd2, 0xa0, 0xf6, 0xb0, 0xf6, 0x24, 0x1e, 0xab, 0xff, 0xfe, 0xb1, 0x53, 0xff, 0xff, 0xb9, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xaa, 0xab };
+
+void getEth2PublicKey(uint32_t *bip32Path, uint8_t bip32PathLength, uint8_t *out) {
+#if 0  
+  uint8_t privateKeyData[32];
+  cx_ecfp_256_extended_private_key_t privateKey;
+  cx_ecfp_384_public_key_t publicKey;
+  uint8_t yFlag = 0;
+  uint8_t tmp[96];
+
+  io_seproxyhal_io_heartbeat();
+  os_perso_derive_eip2333(bip32Path, bip32PathLength, privateKeyData);
+  io_seproxyhal_io_heartbeat();
+  memset(tmp, 0, 48);
+  memmove(tmp + 16, privateKeyData, 32);
+  cx_ecfp_init_private_key(CX_CURVE_BLS12_381_G1, tmp, 48, &privateKey);
+  cx_ecfp_generate_pair(CX_CURVE_BLS12_381_G1, &publicKey, &privateKey, 1);
+  memset(tmp, 0, 96);
+  memset((void*)&privateKey, 0, sizeof(cx_ecfp_256_extended_private_key_t));
+  tmp[47] = 2;
+  cx_math_mult(tmp, publicKey.W + 1 + 48, tmp, 48);
+  if (cx_math_cmp(tmp + 48, BLS12_381_FIELD_MODULUS, 48) > 0) {
+    yFlag = 0x20;
+  }
+  publicKey.W[1] &= 0x1f;
+  publicKey.W[1] |= 0x80 | yFlag;
+  memmove(out, publicKey.W + 1, 48);
+#endif  
+}
+
+void handleGetEth2PublicKey(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t dataLength, unsigned int *flags, unsigned int *tx) {
+  UNUSED(dataLength);  
+  uint32_t bip32Path[MAX_BIP32_PATH];
+  uint32_t i;
+  uint8_t bip32PathLength = *(dataBuffer++);
+
+  if(!called_from_swap){
+    reset_app_context();
+  }
+  if ((bip32PathLength < 0x01) ||
+      (bip32PathLength > MAX_BIP32_PATH)) {
+    PRINTF("Invalid path\n");
+    THROW(0x6a80);
+  }
+  if ((p1 != P1_CONFIRM) && (p1 != P1_NON_CONFIRM)) {
+    THROW(0x6B00);
+  }
+  if (p2 != 0) {
+    THROW(0x6B00);
+  }
+  for (i = 0; i < bip32PathLength; i++) {
+    bip32Path[i] = U4BE(dataBuffer, 0);
+    dataBuffer += 4;
+  }
+  getEth2PublicKey(bip32Path, bip32PathLength, tmpCtx.publicKeyContext.publicKey.W);
+
+#ifndef NO_CONSENT
+  if (p1 == P1_NON_CONFIRM)
+#endif // NO_CONSENT
+  {
+    *tx = set_result_get_eth2_publicKey();
+    THROW(0x9000);
+  }
+#ifndef NO_CONSENT
+  else
+  {    
+    ux_flow_init(0, ux_display_public_eth2_flow, NULL);
+
+    *flags |= IO_ASYNCH_REPLY;
+  }
+#endif // NO_CONSENT
+}
+
+#endif

src_features/getEth2PublicKey/feature_getEth2PublicKey.h

@@ -0,0 +1,4 @@
+#include "shared_context.h"
+
+uint32_t set_result_get_eth2_publicKey(void);
+

src_features/getEth2PublicKey/logic_getEth2PublicKey.c

@@ -0,0 +1,13 @@
+#ifdef HAVE_ETH2
+
+#include "shared_context.h"
+
+uint32_t set_result_get_eth2_publicKey() {
+    uint32_t tx = 0;
+    os_memmove(G_io_apdu_buffer + tx, tmpCtx.publicKeyContext.publicKey.W, 48);
+    tx += 48;
+    return tx;
+}
+
+#endif
+

src_features/getEth2PublicKey/ui_common_getEth2PublicKey.c

@@ -0,0 +1,32 @@
+#ifdef HAVE_ETH2
+
+#include "shared_context.h"
+#include "feature_getEth2PublicKey.h"
+#include "ui_callbacks.h"
+
+unsigned int io_seproxyhal_touch_eth2_address_ok(const bagl_element_t *e) {
+    uint32_t tx = set_result_get_eth2_publicKey();
+    G_io_apdu_buffer[tx++] = 0x90;
+    G_io_apdu_buffer[tx++] = 0x00;
+    reset_app_context();
+    // Send back the response, do not restart the event loop
+    io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, tx);
+    // Display back the original UX
+    ui_idle();
+    return 0; // do not redraw the widget
+}
+
+#if 0
+unsigned int io_seproxyhal_touch_eth2_address_cancel(const bagl_element_t *e) {
+    G_io_apdu_buffer[0] = 0x69;
+    G_io_apdu_buffer[1] = 0x85;
+    reset_app_context();
+    // Send back the response, do not restart the event loop
+    io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
+    // Display back the original UX
+    ui_idle();
+    return 0; // do not redraw the widget
+}
+#endif
+
+#endif

src_features/getEth2PublicKey/ui_flow_getEth2PublicKey.c

@@ -0,0 +1,50 @@
+#ifdef HAVE_ETH2
+
+#include "shared_context.h"
+#include "ui_callbacks.h"
+
+void prepare_eth2_public_key() {
+   snprintf(strings.tmp.tmp, 100, "0x%.*H", 48, tmpCtx.publicKeyContext.publicKey.W);
+}
+
+UX_STEP_NOCB(
+    ux_display_public_eth2_flow_1_step,
+    pnn,
+    {
+      &C_icon_eye,
+      "Verify ETH2",
+      "public key",
+    });
+UX_STEP_NOCB_INIT(
+    ux_display_public_eth2_flow_2_step,
+    bnnn_paging,
+    prepare_eth2_public_key(),
+    {
+      .title = "Public Key",
+      .text = strings.tmp.tmp,
+    });
+UX_STEP_CB(
+    ux_display_public_eth2_flow_3_step,
+    pb,
+    io_seproxyhal_touch_eth2_address_ok(NULL),
+    {
+      &C_icon_validate_14,
+      "Approve",
+    });
+UX_STEP_CB(
+    ux_display_public_eth2_flow_4_step,
+    pb,
+    io_seproxyhal_touch_address_cancel(NULL),
+    {
+      &C_icon_crossmark,
+      "Reject",
+    });
+
+UX_FLOW(ux_display_public_eth2_flow,
+  &ux_display_public_eth2_flow_1_step,
+  &ux_display_public_eth2_flow_2_step,
+  &ux_display_public_eth2_flow_3_step,
+  &ux_display_public_eth2_flow_4_step
+);
+
+#endif

src_features/setEth2WithdrawalIndex/cmd_setEth2WithdrawalIndex.c

@@ -0,0 +1,23 @@
+#ifdef HAVE_ETH2
+
+#include "shared_context.h"
+#include "apdu_constants.h"
+
+
+void handleSetEth2WithdrawalIndex(uint8_t p1, uint8_t p2, uint8_t *dataBuffer, uint16_t dataLength, unsigned int *flags, unsigned int *tx) {
+  UNUSED(dataLength);
+
+  if (dataLength != 4) {
+    THROW(0x6700);
+  }
+
+  if ((p1 != 0) || (p2 != 0)) {
+    THROW(0x6B00);
+  }
+
+  eth2WithdrawalIndex = U4BE(dataBuffer, 0);
+
+  THROW(0x9000);
+}
+
+#endif

src_plugins/eth2/eth2_plugin.c

@@ -0,0 +1,167 @@
+#ifdef HAVE_ETH2
+
+#include <string.h>
+#include "eth_plugin_internal.h"
+#include "eth_plugin_handler.h"
+#include "shared_context.h"
+#include "ethUtils.h"
+#include "utils.h"
+
+void getEth2PublicKey(uint32_t *bip32Path, uint8_t bip32PathLength, uint8_t *out);
+
+#define WITHDRAWAL_KEY_PATH_1 12381
+#define WITHDRAWAL_KEY_PATH_2 3600
+#define WITHDRAWAL_KEY_PATH_3 0
+
+#define ETH2_DEPOSIT_PUBKEY_OFFSET 0x80
+#define ETH2_WITHDRAWAL_CREDENTIALS_OFFSET 0xE0
+#define ETH2_SIGNATURE_OFFSET 0x120
+#define ETH2_DEPOSIT_PUBKEY_LENGTH 0x30
+#define ETH2_WITHDRAWAL_CREDENTIALS_LENGTH 0x20
+#define ETH2_SIGNATURE_LENGTH 0x60
+
+typedef struct eth2_deposit_parameters_t {
+	uint8_t valid;
+} eth2_deposit_parameters_t;
+
+void eth2_plugin_call(int message, void *parameters) {
+
+	switch(message) {
+		case ETH_PLUGIN_INIT_CONTRACT: {
+			ethPluginInitContract_t *msg = (ethPluginInitContract_t*)parameters;
+			eth2_deposit_parameters_t *context = (eth2_deposit_parameters_t*)msg->pluginContext;
+			context->valid = 1;
+			msg->result = ETH_PLUGIN_RESULT_OK;
+		}
+			break;
+
+		case ETH_PLUGIN_PROVIDE_PARAMETER : {
+			ethPluginProvideParameter_t *msg = (ethPluginProvideParameter_t*)parameters;
+			eth2_deposit_parameters_t *context = (eth2_deposit_parameters_t*)msg->pluginContext;
+			uint32_t index;
+			PRINTF("eth2 plugin provide parameter %d %.*H\n", msg->parameterOffset, 32, msg->parameter);
+			switch(msg->parameterOffset) {
+				case 4 + (32 * 0): // pubkey offset					
+				case 4 + (32 * 1):  // withdrawal credentials offset
+				case 4 + (32 * 2): // signature offset
+				case 4 + (32 * 4): // deposit pubkey length
+				case 4 + (32 * 7): // withdrawal credentials length
+				case 4 + (32 * 9): // signature length 
+				{
+					uint32_t check = 0;
+					switch(msg->parameterOffset) {
+						case 4 + (32 * 0):
+							check = ETH2_DEPOSIT_PUBKEY_OFFSET;
+							break;
+						case 4 + (32 * 1):
+							check = ETH2_WITHDRAWAL_CREDENTIALS_OFFSET;
+							break;
+						case 4 + (32 * 2):
+							check = ETH2_SIGNATURE_OFFSET;
+							break;
+						case 4 + (32 * 4):
+							check = ETH2_DEPOSIT_PUBKEY_LENGTH;
+							break;
+						case 4 + (32 * 7):
+							check = ETH2_WITHDRAWAL_CREDENTIALS_LENGTH;
+							break;
+						case 4 + (32 * 9):
+							check = ETH2_SIGNATURE_LENGTH;
+							break;
+						default:
+							break;
+					}
+					index = U4BE(msg->parameter,  32 - 4);
+					if (index != check) {
+						PRINTF("eth2 plugin parameter check %d failed, expected %d got %d\n", msg->parameterOffset, check, index);
+						context->valid = 0;
+					}
+					msg->result = ETH_PLUGIN_RESULT_OK;
+				}
+					break;
+
+				case 4 + (32 * 3): // deposit data root
+				case 4 + (32 * 5): // deposit pubkey
+				case 4 + (32 * 6):
+				case 4 + (32 * 10): // signature
+				case 4 + (32 * 11):
+				case 4 + (32 * 12):
+					msg->result = ETH_PLUGIN_RESULT_OK;
+					break;
+
+				case 4 + (32 * 8): // withdrawal credentials
+				{
+					 uint8_t tmp[48];
+					 uint32_t withdrawalKeyPath[4];
+					 withdrawalKeyPath[0] = WITHDRAWAL_KEY_PATH_1;
+					 withdrawalKeyPath[1] = WITHDRAWAL_KEY_PATH_2;
+					 withdrawalKeyPath[2] = WITHDRAWAL_KEY_PATH_3;
+					 withdrawalKeyPath[3] = eth2WithdrawalIndex;
+					 getEth2PublicKey(withdrawalKeyPath, 4, tmp);
+					 PRINTF("eth2 plugin computed withdrawal public key %.*H\n", 48, tmp);
+					 cx_hash_sha256(tmp, 48, tmp, 32);
+					 tmp[0] = 0;
+					 if (memcmp(tmp, msg->parameter, 32) != 0) {
+					 	PRINTF("eth2 plugin invalid withdrawal credentials\n");
+					 	PRINTF("Got %.*H\n", 32, msg->parameter);
+					 	PRINTF("Expected %.*H\n", 32, tmp);
+					 	context->valid = 0;
+					 }
+					 msg->result = ETH_PLUGIN_RESULT_OK;
+				}
+					break;
+
+				default:
+					PRINTF("Unhandled parameter offset\n");
+					break;
+			}
+		}
+		break;
+
+		case ETH_PLUGIN_FINALIZE: {
+			ethPluginFinalize_t *msg = (ethPluginFinalize_t*)parameters;
+			eth2_deposit_parameters_t *context = (eth2_deposit_parameters_t*)msg->pluginContext;
+			PRINTF("eth2 plugin finalize\n");
+			if (context->valid) {
+				msg->numScreens = 1;
+				msg->uiType = ETH_UI_TYPE_GENERIC;
+				msg->result = ETH_PLUGIN_RESULT_OK;
+			}
+			else {
+				msg->result = ETH_PLUGIN_RESULT_FALLBACK;
+			}
+		}
+		break;
+
+		case ETH_PLUGIN_QUERY_CONTRACT_ID: {
+			ethQueryContractID_t *msg = (ethQueryContractID_t*)parameters;
+			strcpy(msg->name, "ETH2");
+			strcpy(msg->version, "Deposit");
+			msg->result = ETH_PLUGIN_RESULT_OK;
+		}
+		break;
+
+		case ETH_PLUGIN_QUERY_CONTRACT_UI: {
+			ethQueryContractUI_t *msg = (ethQueryContractUI_t*)parameters;
+			//eth2_deposit_parameters_t *context = (eth2_deposit_parameters_t*)msg->pluginContext;
+			switch(msg->screenIndex) {
+				case 0: {
+				  uint8_t decimals = WEI_TO_ETHER;
+  				uint8_t *ticker = (uint8_t *)PIC(chainConfig->coinName);
+					strcpy(msg->title, "Amount");
+					amountToString(tmpContent.txContent.value.value, tmpContent.txContent.value.length, decimals, (char*)ticker, msg->msg, 100);
+					msg->result = ETH_PLUGIN_RESULT_OK;
+				}
+					break;
+				default:
+					break;
+			}
+		}
+		break;
+
+		default:
+			PRINTF("Unhandled message %d\n", message);			
+	}
+}
+
+#endif