Merge pull request #1 from Zondax/main

Stax/Flex Support and Support for Coston Testnet (chain_id = 16) for ETH transactions

.github/workflows/codeql.yml

@@ -13,7 +13,7 @@ jobs:
     name: Analyse
     strategy:
       matrix:
-        sdk: ["$NANOS_SDK", "$NANOX_SDK", "$NANOSP_SDK", "$STAX_SDK"]
+        sdk: ["$NANOS_SDK", "$NANOX_SDK", "$NANOSP_SDK", "$STAX_SDK", "$FLEX_SDK"]
     runs-on: ubuntu-latest
     container:
       image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-legacy:latest

.github/workflows/main.yml

@@ -112,7 +112,7 @@ jobs:
       - name: Build NanoS
         shell: bash -l {0}
         run: |
-          make
+          PRODUCTION_BUILD=0 make
           mv ./app/pkg/installer_s.sh ./app/pkg/installer_nanos.sh
       - name: Set tag
         id: nanos
@@ -148,7 +148,7 @@ jobs:
       - name: Build NanoSP
         shell: bash -l {0}
         run: |
-          make
+          PRODUCTION_BUILD=0 make
           mv ./app/pkg/installer_s2.sh ./app/pkg/installer_nanos_plus.sh
       - name: Set tag
         id: nanosp
@@ -163,3 +163,71 @@ jobs:
           tag_name: ${{ steps.nanosp.outputs.tag_name }}
           draft: false
           prerelease: false
+
+  build_package_stax:
+    needs: [configure, build, build_ledger, test_zemu]
+    if: ${{ github.ref == 'refs/heads/main' }}
+    runs-on: ubuntu-latest
+    container:
+      image: zondax/ledger-app-builder:latest
+      options: --user ${{ needs.configure.outputs.uid_gid }}
+      env:
+        BOLOS_SDK: /opt/stax-secure-sdk
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          submodules: true
+      - name: Install deps
+        run: pip install ledgerblue
+
+      - name: Build Stax
+        shell: bash -l {0}
+        run: PRODUCTION_BUILD=0 make
+      - name: Set tag
+        id: stax
+        run: echo "tag_name=$(./app/pkg/installer_stax.sh version)" >> $GITHUB_OUTPUT
+      - name: Update Release
+        id: update_release_2
+        uses: softprops/action-gh-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+        with:
+          files: ./app/pkg/installer_stax.sh
+          tag_name: ${{ steps.stax.outputs.tag_name }}
+          draft: false
+          prerelease: false
+
+  build_package_flex:
+    needs: [configure, build, build_ledger, test_zemu]
+    if: ${{ github.ref == 'refs/heads/main' }}
+    runs-on: ubuntu-latest
+    container:
+      image: zondax/ledger-app-builder:latest
+      options: --user ${{ needs.configure.outputs.uid_gid }}
+      env:
+        BOLOS_SDK: /opt/flex-secure-sdk
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          submodules: true
+      - name: Install deps
+        run: pip install ledgerblue
+
+      - name: Build Flex
+        shell: bash -l {0}
+        run: PRODUCTION_BUILD=0 make
+      - name: Set tag
+        id: flex
+        run: echo "tag_name=$(./app/pkg/installer_flex.sh version)" >> $GITHUB_OUTPUT
+      - name: Update Release
+        id: update_release_2
+        uses: softprops/action-gh-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+        with:
+          files: ./app/pkg/installer_flex.sh
+          tag_name: ${{ steps.flex.outputs.tag_name }}
+          draft: false
+          prerelease: false

.gitmodules

@@ -1,21 +1,12 @@
-[submodule "deps/nanos-secure-sdk"]
-	path = deps/nanos-secure-sdk
-	url = https://github.com/LedgerHQ/ledger-secure-sdk
-[submodule "deps/nanosplus-secure-sdk"]
-	path = deps/nanosplus-secure-sdk
-	url = https://github.com/LedgerHQ/ledger-secure-sdk
-[submodule "deps/nanox-secure-sdk"]
-	path = deps/nanox-secure-sdk
-	url = https://github.com/LedgerHQ/ledger-secure-sdk
 [submodule "deps/ledger-zxlib"]
 	path = deps/ledger-zxlib
 	url = https://github.com/Zondax/ledger-zxlib.git
 [submodule "cmake/cmake-modules"]
 	path = cmake/cmake-modules
 	url = https://github.com/bilke/cmake-modules
-[submodule "deps/stax-secure-sdk"]
-	path = deps/stax-secure-sdk
-	url = https://github.com/LedgerHQ/ledger-secure-sdk
 [submodule "deps/picohash"]
 	path = deps/picohash
 	url = https://github.com/kazuho/picohash
+[submodule "deps/ledger-secure-sdk"]
+	path = deps/ledger-secure-sdk
+	url = https://github.com/LedgerHQ/ledger-secure-sdk

Makefile

@@ -25,7 +25,7 @@ ifeq ($(BOLOS_SDK),)
 # In this case, there is not predefined SDK and we run dockerized
 # When not using the SDK, we override and build the XL complete app
 
-ZXLIB_COMPILE_STAX ?= 1
+PRODUCTION_BUILD ?= 1
 include $(CURDIR)/deps/ledger-zxlib/dockerized_build.mk
 
 else

README.md

@@ -11,9 +11,9 @@ _Please visit our website at [zondax.ch](https://www.zondax.ch)_
 
 ---
 
-This project contains the Flare app for Ledger Nano S Nano S+ and X.
+This project contains the Flare app for Ledger Nano S, Nano S+, Nano X, Stax and Flex.
 
-- Ledger Nano S/S+/X Flare app
+- Ledger Nano S/S+/X, Stax and Flex Flare app
 - Specs / Documentation
 - C++ unit tests
 - Zemu tests

app/Makefile

@@ -30,6 +30,18 @@ $(info ************ TARGET_NAME  = [$(TARGET_NAME)])
 
 include $(CURDIR)/../deps/ledger-zxlib/makefiles/Makefile.app_testing
 
+# Display whether this is a production build or for internal use
+PRODUCTION_BUILD ?= 1
+ifeq ($(PRODUCTION_BUILD), 1)
+    $(info ************ PRODUCTION_BUILD  = [PRODUCTION BUILD])
+else
+    $(info ************ PRODUCTION_BUILD  = [INTERNAL USE])
+endif
+
+# Add the PRODUCTION_BUILD definition to the compiler flags
+DEFINES += PRODUCTION_BUILD=$(PRODUCTION_BUILD)
+
+
 ifndef COIN
 COIN=FLR
 endif

app/Makefile.version

@@ -1,6 +1,6 @@
 # This is the major version
 APPVERSION_M=2
 # This is the minor version
-APPVERSION_N=0
+APPVERSION_N=1
 # This is the patch version
-APPVERSION_P=0
+APPVERSION_P=2

app/src/common/tx.c

@@ -23,7 +23,7 @@
 #include "parser.h"
 #include "zxmacros.h"
 
-#if defined(TARGET_NANOX) || defined(TARGET_NANOS2) || defined(TARGET_STAX)
+#if defined(TARGET_NANOX) || defined(TARGET_NANOS2) || defined(TARGET_STAX) || defined(TARGET_FLEX)
 #define RAM_BUFFER_SIZE 8192
 #define FLASH_BUFFER_SIZE 16384
 #elif defined(TARGET_NANOS)
@@ -39,7 +39,7 @@ typedef struct {
     uint8_t buffer[FLASH_BUFFER_SIZE];
 } storage_t;
 
-#if defined(TARGET_NANOS) || defined(TARGET_NANOX) || defined(TARGET_NANOS2) || defined(TARGET_STAX)
+#if defined(TARGET_NANOS) || defined(TARGET_NANOX) || defined(TARGET_NANOS2) || defined(TARGET_STAX) || defined(TARGET_FLEX)
 storage_t NV_CONST N_appdata_impl __attribute__((aligned(64)));
 #define N_appdata (*(NV_VOLATILE storage_t *)PIC(&N_appdata_impl))
 #endif

app/src/crypto_helper.c

@@ -19,7 +19,7 @@
 #include "coin.h"
 #include "zxformat.h"
 
-#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX)
+#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) || defined(TARGET_FLEX)
 #include "cx.h"
 #else
 #include "picohash.h"
@@ -32,7 +32,7 @@ char bech32_hrp[MAX_BECH32_HRP_LEN + 1];
 uint8_t flr_chain_code;
 
 __Z_INLINE zxerr_t keccak_hash(const unsigned char *in, unsigned int inLen, unsigned char *out, unsigned int outLen) {
-#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX)
+#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) || defined(TARGET_FLEX)
     // return actual size using value from signatureLength
     cx_sha3_t keccak;
     if (cx_keccak_init_no_throw(&keccak, outLen * 8) != CX_OK) return zxerr_unknown;
@@ -52,7 +52,7 @@ zxerr_t crypto_sha256(const uint8_t *input, uint16_t inputLen, uint8_t *output,
 
     MEMZERO(output, outputLen);
 
-#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX)
+#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) || defined(TARGET_FLEX)
     cx_sha256_t ctx;
     memset(&ctx, 0, sizeof(ctx));
     cx_sha256_init_no_throw(&ctx);
@@ -67,7 +67,7 @@ zxerr_t crypto_sha256(const uint8_t *input, uint16_t inputLen, uint8_t *output,
 }
 
 zxerr_t ripemd160_32(uint8_t *out, uint8_t *in) {
-#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX)
+#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) || defined(TARGET_FLEX)
     cx_ripemd160_t rip160 = {0};
     cx_ripemd160_init(&rip160);
     CHECK_CX_OK(cx_hash_no_throw(&rip160.header, CX_LAST, in, CX_SHA256_SIZE, out, CX_RIPEMD160_SIZE));

app/src/parser_impl_common.c

@@ -23,18 +23,47 @@
 
 static const chain_lookup_table_t chain_lookup_table[] = {
 
+    // Flare
+    {{0x77, 0xd3, 0x07, 0x4d, 0xc5, 0x10, 0xf4, 0x3b, 0x09, 0xac, 0x5b, 0xe7, 0x7e, 0xde, 0xe2, 0x76,
+      0xef, 0x3b, 0x55, 0xf0, 0x09, 0x7d, 0x50, 0x48, 0x46, 0xaa, 0x8e, 0xec, 0x61, 0x3f, 0xc6, 0x25},
+     c_chain,
+     'C'},
+    {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+     p_chain,
+     'P'},
+
+    // Coston2
     {{0x78, 0xdb, 0x5c, 0x30, 0xbe, 0xd0, 0x4c, 0x05, 0xce, 0x20, 0x91, 0x79, 0x81, 0x28, 0x50, 0xbb,
       0xb3, 0xfe, 0x6d, 0x46, 0xd7, 0xee, 0xf3, 0x74, 0x4d, 0x81, 0x4c, 0x0d, 0xa5, 0x55, 0x24, 0x79},
      c_chain,
      'C'},
-    {{0x77, 0xd3, 0x07, 0x4d, 0xc5, 0x10, 0xf4, 0x3b, 0x09, 0xac, 0x5b, 0xe7, 0x7e, 0xde, 0xe2, 0x76,
-      0xef, 0x3b, 0x55, 0xf0, 0x09, 0x7d, 0x50, 0x48, 0x46, 0xaa, 0x8e, 0xec, 0x61, 0x3f, 0xc6, 0x25},
+    {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+     p_chain,
+     'P'},
+
+    // Songbird
+    {{0x55, 0xf0, 0x77, 0xed, 0x33, 0x88, 0x89, 0x8d, 0x7c, 0x52, 0xc1, 0xa1, 0x0c, 0xae, 0x70, 0xe8,
+      0x34, 0x50, 0xc3, 0x34, 0x99, 0xf4, 0xeb, 0x1a, 0xe8, 0x18, 0x77, 0xb6, 0xf8, 0xfd, 0xa4, 0x02},
+     c_chain,
+     'C'},
+    {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+     p_chain,
+     'P'},
+
+    // Coston
+    {{0xff, 0xb1, 0x19, 0xb4, 0x04, 0xc1, 0x35, 0x6b, 0x6b, 0xfd, 0xb8, 0x00, 0x45, 0xe2, 0x7b, 0xa1,
+      0x3c, 0x37, 0x89, 0xb5, 0xb3, 0x68, 0x4f, 0x00, 0x1d, 0xa0, 0x71, 0xcd, 0x4e, 0x6d, 0xb0, 0x9c},
      c_chain,
      'C'},
     {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
      p_chain,
-     'P'}};
+     'P'},
+
+};
 
 static const uint32_t chain_lookup_len = sizeof(chain_lookup_table) / sizeof(chain_lookup_table[0]);
 

app/src/parser_impl_eth.c

@@ -31,6 +31,7 @@
 
 eth_tx_t eth_tx_obj;
 #define FLARE_MAINNET_CHAINID 14
+#define COSTON_CHAINID 16
 #define SONG_BIRD_CHAINID 19
 #define COSTON2_CHAINID 114
 #define DATA_BYTES_TO_PRINT 10
@@ -52,7 +53,8 @@ static parser_error_t readChainID(parser_context_t *ctx, rlp_t *chainId) {
     }
 
     // Check allowed values for chain id
-    if (tmpChainId != FLARE_MAINNET_CHAINID && tmpChainId != SONG_BIRD_CHAINID && tmpChainId != COSTON2_CHAINID) {
+    if (tmpChainId != FLARE_MAINNET_CHAINID && tmpChainId != COSTON_CHAINID && tmpChainId != SONG_BIRD_CHAINID &&
+        tmpChainId != COSTON2_CHAINID) {
         return parser_invalid_chain_id;
     }
 
@@ -186,7 +188,7 @@ static parser_error_t printEthHash(const parser_context_t *ctx, char *outKey, ui
                                    uint16_t outValLen, uint8_t pageIdx, uint8_t *pageCount) {
     // we need to get keccak hash of the transaction data
     uint8_t hash[32] = {0};
-#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX)
+#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) || defined(TARGET_FLEX)
     keccak_digest(ctx->buffer, ctx->bufferLen, hash, 32);
 #endif
 

app/src/parser_print_common.c

@@ -22,7 +22,7 @@
 #include "zxformat.h"
 #include "zxmacros.h"
 
-#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX)
+#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) || defined(TARGET_FLEX)
 #include "cx.h"
 #else
 #include "picohash.h"
@@ -106,7 +106,7 @@ parser_error_t printAddress(const uint8_t *pubkey, network_id_e network_id, char
             hrp = "song";
             break;
         case coston:
-            hrp = "costwo";
+            hrp = "coston";
             break;
         case coston2:
             hrp = "costwo";
@@ -157,7 +157,7 @@ parser_error_t printNodeId(const uint8_t *nodeId, char *outVal, uint16_t outValL
 
     // Calculate SHA256 checksum
     uint8_t checksum[CX_SHA256_SIZE] = {0};
-#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX)
+#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) || defined(TARGET_FLEX)
     cx_sha256_t ctx;
     memset(&ctx, 0, sizeof(ctx));
     cx_sha256_init_no_throw(&ctx);
@@ -190,7 +190,7 @@ parser_error_t printHash(const parser_context_t *ctx, char *outVal, uint16_t out
                          uint8_t *pageCount) {
     unsigned char hash[CX_SHA256_SIZE] = {0};
 
-#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX)
+#if defined(TARGET_NANOS) || defined(TARGET_NANOS2) || defined(TARGET_NANOX) || defined(TARGET_STAX) || defined(TARGET_FLEX)
     cx_sha256_t hash_ctx;
     memset(&hash_ctx, 0, sizeof(hash_ctx));
     CHECK_CX_PARSER_OK(cx_sha256_init_no_throw(&hash_ctx));

app/src/parser_txdef.h

@@ -55,9 +55,9 @@ extern "C" {
 #define ADD_VALIDATOR_TX 0x0000000c
 
 #define MAINNET_ID 14
-#define COSTON_ID 16
+#define COSTON_ID 7
 #define COSTON2_ID 114
-#define SONGBIRD_ID 19
+#define SONGBIRD_ID 5
 
 #define MAX_OUTPUTS 64
 #define MAX_INPUTS 64

ledger_app.toml

@@ -1,7 +1,7 @@
 [app]
 build_directory = "./app/"
 sdk = "C"
-devices = ["nanos", "nanox", "nanos+", "stax"]
+devices = ["nanos", "nanox", "nanos+", "stax", "flex"]
 
 [tests]
 unit_directory = ""