Add swap support

ChangeLog.md

@@ -1,5 +1,9 @@
 # Change Log
 
+## 0.2.4
+* Add swap support
+* Bump SDK version
+
 ## 0.2.1
 
 * Update SDK

docs/apdu.md

@@ -145,4 +145,5 @@ Sign a Transaction, using the key for the given derivation path
 | 0x6D00 | `SW_ERROR`                    | Error has occured due to bad input or user rejectected     |
 | 0x6E00 | `SW_CLA_OR_INS_NOT_SUPPORTED` | No command exists for the `CLA` and `INS`                  |
 | 0x6E01 | `SW_BAD_LEN`                  | Length mismatch in inputs                                  |
+| 0x6E05 | `SW_SWAP_TX_PARAM_MISMATCH`   | Swap transaction parameters check failed                   |
 | 0x9000 | `SW_OK`                       | Success, or continue if more input from client is expected |

rust-app/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "sui"
-version = "0.2.3"
+version = "0.2.4"
 authors = ["Obsidian Systems"]
 edition = "2018"
 autobins = false
@@ -17,25 +17,27 @@ num_enum = { version = "0.5", default-features = false }
 pin-cell = "0.2.0"
 pin-project = "1.0.10"
 include_gif = "1.0.1"
+hex = { version = "0.4.3", default-features = false }
+defer = "0.2.1"
 
 # Pass --features speculos,ledger-log/log_info (or log_trace, etc) to enable
 # speculos logging and change log level.
 [features]
 default = [ ]
 # Pass --features speculos,ledger-log/log_info (or log_trace, etc) to enable speculos logging and change log level.
-speculos = [ "ledger_device_sdk/speculos", "ledger-log/speculos", "ledger-log/log_error", "ledger-parser-combinators/logging" ]
+speculos = [ "ledger_device_sdk/debug", "ledger_device_sdk/speculos", "ledger-log/speculos", "ledger-log/log_error", "ledger-parser-combinators/logging" ]
 extra_debug = ["ledger-log/log_trace"]
 pending_review_screen = []
 
 [target.'cfg(target_family = "bolos")'.dependencies]
-ledger_device_sdk = "1.19.5"
-ledger_secure_sdk_sys = "1.6.2"
+ledger_device_sdk = "1.20.1"
+ledger_secure_sdk_sys = "1.6.4"
 
 [target.'cfg(any(target_os = "nanosplus", target_os = "nanox"))'.dependencies]
 ledger-prompts-ui = { git = "https://github.com/alamgu/ledger-prompts-ui" }
 
 [target.'cfg(target_family = "bolos")'.dev-dependencies.ledger_device_sdk]
-version = "1.19.5"
+version = "1.20.1"
 features = [ "speculos" ]
 
 [[bin]]
@@ -52,6 +54,7 @@ overflow-checks = false
 [profile.release]
 opt-level = 3
 overflow-checks = false
+lto = "fat"
 
 [lints.rust]
 unexpected_cfgs = { level = "warn", check-cfg = ['cfg(target_os, values("nanos", "flex", "stax"))'] }

rust-app/bin-src/main.rs

@@ -10,9 +10,34 @@ use sui::main_nanos::*;
 #[cfg(any(target_os = "stax", target_os = "flex"))]
 use sui::main_stax::*;
 
-ledger_device_sdk::set_panic!(ledger_device_sdk::exiting_panic);
+use sui::{
+    ctx::RunCtx,
+    swap::{lib_main, panic_handler::get_swap_panic_handler},
+};
+
+pub fn custom_panic(info: &PanicInfo) -> ! {
+    use ledger_device_sdk::io;
+
+    if let Some(swap_panic_handler) = get_swap_panic_handler() {
+        // This handler is no-return
+        swap_panic_handler(info);
+    }
+
+    ledger_log::error!("Panic happened! {:#?}", info);
+
+    let mut comm = io::Comm::new();
+    comm.reply(io::StatusWords::Panic);
+
+    ledger_secure_sdk_sys::exit_app(0);
+}
+
+ledger_device_sdk::set_panic!(custom_panic);
 
 #[no_mangle]
-extern "C" fn sample_main() {
-    app_main()
+extern "C" fn sample_main(arg0: u32) {
+    if arg0 == 0 {
+        app_main(&RunCtx::app());
+    } else {
+        lib_main(arg0);
+    }
 }

rust-app/src/ctx.rs

@@ -0,0 +1,66 @@
+use core::cell::Cell;
+
+use crate::swap::params::TxParams;
+
+#[derive(Clone, Copy)]
+#[repr(u8)]
+pub enum State {
+    App = 0x00,
+    LibSwapIdle,
+    LibSwapSignSuccess,
+    LibSwapSignFailure,
+}
+
+pub struct RunCtx {
+    state: Cell<State>,
+    tx_params: TxParams,
+}
+
+impl RunCtx {
+    pub fn app() -> Self {
+        RunCtx {
+            state: Cell::new(State::App),
+            tx_params: TxParams::default(),
+        }
+    }
+
+    pub fn lib_swap(tx_params: TxParams) -> Self {
+        RunCtx {
+            state: Cell::new(State::LibSwapIdle),
+            tx_params,
+        }
+    }
+
+    pub fn is_swap(&self) -> bool {
+        !matches!(self.state.get(), State::App)
+    }
+
+    pub fn is_swap_finished(&self) -> bool {
+        matches!(
+            self.state.get(),
+            State::LibSwapSignSuccess | State::LibSwapSignFailure,
+        )
+    }
+
+    pub fn is_swap_sign_succeeded(&self) -> bool {
+        matches!(self.state.get(), State::LibSwapSignSuccess)
+    }
+
+    pub fn set_swap_sign_success(&self) {
+        if self.is_swap() {
+            self.state.set(State::LibSwapSignSuccess);
+        }
+    }
+
+    pub fn set_swap_sign_failure(&self) {
+        if self.is_swap() {
+            self.state.set(State::LibSwapSignFailure);
+        }
+    }
+
+    // Panics if not in swap mode
+    pub fn get_swap_tx_params(&self) -> &TxParams {
+        assert!(self.is_swap(), "attempt to get swap tx params in app mode");
+        &self.tx_params
+    }
+}

rust-app/src/handle_apdu.rs

@@ -1,3 +1,4 @@
+use crate::ctx::RunCtx;
 use crate::implementation::*;
 use crate::interface::*;
 use crate::settings::*;
@@ -9,12 +10,13 @@ use arrayvec::ArrayVec;
 use core::future::Future;
 use ledger_log::trace;
 
-pub type APDUsFuture = impl Future<Output = ()>;
+pub type APDUsFuture<'ctx> = impl Future<Output = ()> + 'ctx;
 
 #[inline(never)]
 pub fn handle_apdu_async(
     io: HostIO,
     ins: Ins,
+    ctx: &RunCtx,
     settings: Settings,
     ui: UserInterface,
 ) -> APDUsFuture {
@@ -39,9 +41,10 @@ pub fn handle_apdu_async(
             }
             Ins::Sign => {
                 trace!("Handling sign");
-                NoinlineFut(sign_apdu(io, settings, ui)).await;
+                NoinlineFut(sign_apdu(io, ctx, settings, ui)).await;
             }
             Ins::GetVersionStr => {}
+            Ins::Exit if ctx.is_swap() => unsafe { ledger_secure_sdk_sys::os_lib_end() },
             Ins::Exit => ledger_device_sdk::exit_app(0),
         }
     }

rust-app/src/implementation.rs

@@ -1,5 +1,8 @@
+use crate::ctx::RunCtx;
 use crate::interface::*;
 use crate::settings::*;
+use crate::swap;
+use crate::swap::params::TxParams;
 use crate::ui::*;
 use crate::utils::*;
 use alamgu_async_block::*;
@@ -627,7 +630,38 @@ const fn tx_parser<BS: Clone + Readable>(
     Action((intent_parser(), TransactionData), |(_, d)| Some(d))
 }
 
-pub async fn sign_apdu(io: HostIO, settings: Settings, ui: UserInterface) {
+async fn prompt_tx_params(
+    ui: &UserInterface,
+    path: &[u32],
+    TxParams {
+        amount,
+        fee,
+        destination_address,
+    }: TxParams,
+) {
+    if with_public_keys(path, true, |_, address: &SuiPubKeyAddress| {
+        try_option(ui.confirm_sign_tx(address, destination_address, amount, fee))
+    })
+    .ok()
+    .is_none()
+    {
+        reject::<()>(StatusWords::UserCancelled as u16).await;
+    };
+}
+async fn check_tx_params(expected: &TxParams, received: &TxParams) {
+    if !swap::check_tx_params(expected, received) {
+        reject::<()>(SW_SWAP_TX_PARAM_MISMATCH).await;
+    }
+}
+
+pub async fn sign_apdu(io: HostIO, ctx: &RunCtx, settings: Settings, ui: UserInterface) {
+    let _on_failure = defer::defer(|| {
+        // In case of a swap, we need to communicate that signing failed
+        if ctx.is_swap() && !ctx.is_swap_sign_succeeded() {
+            ctx.set_swap_sign_failure();
+        }
+    });
+
     let mut input = match io.get_params::<2>() {
         Some(v) => v,
         None => reject(SyscallError::InvalidParameter as u16).await,
@@ -655,16 +689,20 @@ pub async fn sign_apdu(io: HostIO, settings: Settings, ui: UserInterface) {
             reject::<()>(SyscallError::InvalidParameter as u16).await;
         }
 
-        // Show prompts after all inputs have been parsed
-        if with_public_keys(&path, true, |_, address: &SuiPubKeyAddress| {
-            try_option(ui.confirm_sign_tx(address, recipient, total_amount, gas_budget))
-        })
-        .ok()
-        .is_none()
-        {
-            reject::<()>(StatusWords::UserCancelled as u16).await;
+        let tx_params = TxParams {
+            amount: total_amount,
+            fee: gas_budget,
+            destination_address: recipient,
         };
-    } else if !settings.get_blind_sign() {
+
+        if ctx.is_swap() {
+            let expected = ctx.get_swap_tx_params();
+            check_tx_params(expected, &tx_params).await;
+        } else {
+            // Show prompts after all inputs have been parsed
+            prompt_tx_params(&ui, path.as_slice(), tx_params).await;
+        }
+    } else if !settings.get_blind_sign() || ctx.is_swap() {
         ui.warn_tx_not_recognized();
         reject::<()>(SyscallError::NotSupported as u16).await;
     }
@@ -701,5 +739,8 @@ pub async fn sign_apdu(io: HostIO, settings: Settings, ui: UserInterface) {
             reject::<()>(SyscallError::Unspecified as u16).await;
         }
     })
-    .await
+    .await;
+
+    // Does nothing if not a swap mode
+    ctx.set_swap_sign_success();
 }

rust-app/src/interface.rs

@@ -1,10 +1,19 @@
 use core::convert::TryFrom;
+use core::marker::ConstParamTy;
 use ledger_device_sdk::io::{ApduHeader, StatusWords};
 use ledger_parser_combinators::bcs::async_parser::*;
 use ledger_parser_combinators::core_parsers::*;
 use ledger_parser_combinators::endianness::*;
 use num_enum::TryFromPrimitive;
 
+#[derive(ConstParamTy, PartialEq, Eq)]
+#[repr(u8)]
+pub enum ParseChecks {
+    None,
+    PromptUser,
+    CheckSwapTx,
+}
+
 // Payload for a public key request
 pub type Bip32Key = DArray<Byte, U32<{ Endianness::Little }>, 10>;
 
@@ -134,3 +143,6 @@ impl TryFrom<ApduHeader> for Ins {
         }
     }
 }
+
+// Status word used when swap transaction parameters check failed
+pub const SW_SWAP_TX_PARAM_MISMATCH: u16 = 0x6e05;