d-bis/app-ethereum
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

New blind-signing flow for Stax/Flex

Browse Source
This commit is contained in:
Alexandre Paillier
2024-06-21 18:12:26 +02:00
parent c171b7640c
commit cd563a21db
2 changed files with 34 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src_nbgl/ui_approve_tx.c
View File

@@ -1,5 +1,5 @@
#include <ctype.h>
#include <nbgl_page.h>
#include "nbgl_page.h"
#include "shared_context.h"
#include "ui_callbacks.h"
#include "ui_nbgl.h"
@@ -25,7 +25,6 @@ static char msg_buffer[MAX_PLUGIN_ITEMS][VALUE_MAX_LEN];
struct tx_approval_context_t {
bool fromPlugin;
bool blindSigning;
bool displayNetwork;
#ifdef HAVE_DOMAIN_NAME
bool domain_name_match;
@@ -174,7 +173,11 @@ static void reviewCommon(void) {
pairsList.nbPairs = setTagValuePairs();
pairsList.pairs = pairs;
nbgl_operationType_t op = TYPE_TRANSACTION;
if (tmpContent.txContent.dataPresent) {
op |= BLIND_OPERATION;
}
if (tx_approval_context.fromPlugin) {
uint32_t buf_size = SHARED_BUFFER_SIZE / 2;
char op_name[sizeof(strings.common.fullAmount)];
@@ -195,7 +198,7 @@ static void reviewCommon(void) {
(pluginType == EXTERNAL ? "on " : ""),
strings.common.toAddress);
nbgl_useCaseReview(TYPE_TRANSACTION,
nbgl_useCaseReview(op,
&pairsList,
get_tx_icon(),
g_stax_shared_buffer,
@@ -203,7 +206,7 @@ static void reviewCommon(void) {
g_stax_shared_buffer + buf_size,
reviewChoice);
} else {
nbgl_useCaseReview(TYPE_TRANSACTION,
nbgl_useCaseReview(op,
&pairsList,
get_tx_icon(),
REVIEW("transaction"),
@@ -224,8 +227,6 @@ void blind_confirm_cb(bool confirm) {
void ux_approve_tx(bool fromPlugin) {
memset(&tx_approval_context, 0, sizeof(tx_approval_context));
tx_approval_context.blindSigning =
!fromPlugin && tmpContent.txContent.dataPresent && !N_storage.contractDetails;
tx_approval_context.fromPlugin = fromPlugin;
tx_approval_context.displayNetwork = false;
@@ -234,16 +235,5 @@ void ux_approve_tx(bool fromPlugin) {
tx_approval_context.displayNetwork = true;
}
if (tx_approval_context.blindSigning) {
nbgl_useCaseChoice(&C_Important_Circle_64px,
"Blind Signing",
"This transaction cannot be securely interpreted by "
"your Ledger device.\nIt might put "
"your assets at risk.",
"Continue",
"Cancel",
blind_confirm_cb);
} else {
reviewCommon();
}
reviewCommon();
}

35
src_nbgl/ui_warning_contract_data.c
View File

@@ -2,20 +2,37 @@
#include "shared_context.h"
#include "ui_callbacks.h"
#include "ui_nbgl.h"
#include "feature_signTx.h"
static void ui_warning_contract_data_choice(bool confirm) {
static void ui_warning_contract_data_choice2(bool confirm) {
if (confirm) {
ui_idle();
start_signature_flow();
} else {
ui_menu_settings();
report_finalize_error();
}
}
static void ui_warning_contract_data_choice1(bool confirm) {
if (confirm) {
report_finalize_error();
} else {
nbgl_useCaseChoice(
NULL,
"The transaction cannot be trusted",
"Your Ledger cannot decode this transaction. If you sign it, you could be authorizing "
"malicious actions that can drain your wallet.\n\nLearn more: ledger.com/e8",
"I accept the risk",
"Reject transaction",
ui_warning_contract_data_choice2);
}
}
void ui_warning_contract_data(void) {
nbgl_useCaseChoice(&C_Warning_64px,
"This message cannot\nbe clear-signed",
"Enable blind-signing in\nthe settings to sign\nthis transaction.",
"Exit",
"Go to settings",
ui_warning_contract_data_choice);
nbgl_useCaseChoice(
&C_Warning_64px,
"Security risk detected",
"It may not be safe to sign this transaction. To continue, you'll need to review the risk.",
"Back to safety",
"Review risk",
ui_warning_contract_data_choice1);
}