Merge branch 'trezor:main' into refactor-stellar-sign-flow

Author: overcat

Makefile

@@ -6,6 +6,7 @@ help: ## show this help
 ## style commands:
 
 PY_FILES = $(shell find . -type f -name '*.py'   | sed 'sO^\./OO' | grep -f ./tools/style.py.include | grep -v -f ./tools/style.py.exclude ) common/protob/pb2py
+PY_FILES_LIMITED = $(shell find . -type f -name '*.py'   | sed 'sO^\./OO' | grep -f ./tools/style.py.include | grep -v -f ./tools/style.py.exclude | grep -v -f ./tools/style.py.typecheck.exclude ) common/protob/pb2py
 C_FILES =  $(shell find . -type f -name '*.[ch]' | grep -f ./tools/style.c.include  | grep -v -f ./tools/style.c.exclude )
 
 
@@ -22,7 +23,9 @@ pystyle_check: ## run code style check on application sources and tests
 	@echo [TYPECHECK]
 	@make -C core typecheck
 	@echo [FLAKE8]
-	@flake8 $(PY_FILES)
+	@flake8 $(PY_FILES_LIMITED)
+	@echo [FLAKE8 - limited]
+	@flake8 --extend-ignore=ANN $(PY_FILES)
 	@echo [ISORT]
 	@isort --check-only $(PY_FILES)
 	@echo [BLACK]
@@ -45,7 +48,9 @@ pystyle: ## apply code style on application sources and tests
 	@echo [TYPECHECK]
 	@make -C core typecheck
 	@echo [FLAKE8]
-	@flake8 $(PY_FILES)
+	@flake8 $(PY_FILES_LIMITED)
+	@echo [FLAKE8 - limited]
+	@flake8 --extend-ignore=ANN $(PY_FILES)
 	@echo [PYLINT]
 	@pylint $(PY_FILES)
 	@echo [PYTHON]

common/protob/messages-thp.proto

@@ -10,6 +10,44 @@ import "options.proto";
 option (include_in_bitcoin_only) = true;
 
 
+/**
+ * Mapping between Trezor wire identifier (uint) and a Thp protobuf message
+ */
+enum ThpMessageType {
+    option (wire_enum) = true;
+
+    reserved 0 to 19;  // Values reserved by other messages, see messages.proto
+    ThpMessageType_Cancel = 20;
+    reserved 21 to 25;
+    ThpMessageType_ButtonRequest = 26;
+    reserved 27 to 999;
+
+    reserved 1000;  // MessageType_ThpCreateNewSession
+    reserved 1001 to 1005;  // never appeared in a release, reserved for future use
+    ThpMessageType_ThpPairingRequest = 1006;
+    ThpMessageType_ThpPairingRequestApproved = 1007;
+    ThpMessageType_ThpSelectMethod = 1008;
+    ThpMessageType_ThpPairingPreparationsFinished = 1009;
+    ThpMessageType_ThpCredentialRequest = 1010;
+    ThpMessageType_ThpCredentialResponse = 1011;
+    ThpMessageType_ThpEndRequest = 1012;
+    ThpMessageType_ThpEndResponse = 1013;
+    reserved 1014 to 1015;  // reserved for future use
+    ThpMessageType_ThpCodeEntryCommitment = 1016;
+    ThpMessageType_ThpCodeEntryChallenge = 1017;
+    ThpMessageType_ThpCodeEntryCpaceTrezor = 1018;
+    ThpMessageType_ThpCodeEntryCpaceHostTag = 1019;
+    ThpMessageType_ThpCodeEntrySecret = 1020;
+    reserved 1021 to 1023;  // reserved for future use
+    ThpMessageType_ThpQrCodeTag = 1024;
+    ThpMessageType_ThpQrCodeSecret = 1025;
+    reserved 1026 to 1031;  // reserved for future use
+    ThpMessageType_ThpNfcTagHost = 1032;
+    ThpMessageType_ThpNfcTagTrezor = 1033;
+
+    reserved 1100 to 2147483647;  // Values reserved by other messages, see messages.proto
+}
+
 /**
  * Numeric identifiers of pairing methods.
  * @embed
@@ -25,10 +63,10 @@ enum ThpPairingMethod {
  * @embed
  */
 message ThpDeviceProperties {
-    optional string internal_model = 1;               // Internal model name e.g. "T2B1".
-    optional uint32 model_variant = 2;                // Encodes the device properties such as color.
-    optional uint32 protocol_version_major = 3;       // The major version of the communication protocol used by the firmware.
-    optional uint32 protocol_version_minor = 4;       // The minor version of the communication protocol used by the firmware.
+    required string internal_model = 1;               // Internal model name e.g. "T2B1".
+    optional uint32 model_variant = 2 [default=0];    // Encodes the device properties such as color.
+    required uint32 protocol_version_major = 3;       // The major version of the communication protocol used by the firmware.
+    required uint32 protocol_version_minor = 4;       // The minor version of the communication protocol used by the firmware.
     repeated ThpPairingMethod pairing_methods = 5;    // The pairing methods supported by the Trezor.
 }
 
@@ -44,10 +82,10 @@ message ThpHandshakeCompletionReqNoisePayload {
  * @start
  * @next Success
  */
-message ThpCreateNewSession{
+message ThpCreateNewSession {
     optional string passphrase = 1;
-    optional bool on_device = 2;       // User wants to enter passphrase on the device
-    optional bool derive_cardano = 3;  // If True, Cardano keys will be derived. Ignored with BTC-only
+    optional bool on_device = 2 [default=false];      // User wants to enter passphrase on the device
+    optional bool derive_cardano = 3 [default=false]; // If True, Cardano keys will be derived. Ignored with BTC-only
 }
 
 
@@ -56,7 +94,7 @@ message ThpCreateNewSession{
  * @start
  * @next ThpPairingRequestApproved
  */
-message ThpPairingRequest{
+message ThpPairingRequest {
     optional string host_name = 1;     // Human-readable host name
 }
 
@@ -65,7 +103,7 @@ message ThpPairingRequest{
  * @start
  * @next ThpSelectMethod
  */
-message ThpPairingRequestApproved{
+message ThpPairingRequestApproved {
 }
 
 /**
@@ -75,7 +113,7 @@ message ThpPairingRequestApproved{
  * @next ThpCodeEntryCommitment
  */
 message ThpSelectMethod {
-    optional ThpPairingMethod selected_pairing_method = 1;
+    required ThpPairingMethod selected_pairing_method = 1;
 }
 
 /**
@@ -84,40 +122,40 @@ message ThpSelectMethod {
  * @next ThpQrCodeTag
  * @next ThpNfcTagHost
  */
-message ThpPairingPreparationsFinished{
+message ThpPairingPreparationsFinished {
 }
 
 /**
  * Response: If Code Entry is an allowed pairing option, Trezor responds with a commitment.
  * @next ThpCodeEntryChallenge
  */
 message ThpCodeEntryCommitment {
-    optional bytes commitment = 1;     // SHA-256 of Trezor's random 32-byte secret
+    required bytes commitment = 1;     // SHA-256 of Trezor's random 32-byte secret
 }
 
 /**
  * Response: Host responds to Trezor's Code Entry commitment with a challenge.
  * @next ThpCodeEntryCpaceTrezor
  */
 message ThpCodeEntryChallenge {
-    optional bytes challenge = 1;      // Host's random 32-byte challenge
+    required bytes challenge = 1;      // Host's random 32-byte challenge
 }
 
 /**
  * Response: Trezor continues with the CPACE protocol.
  * @next ThpCodeEntryCpaceHostTag
  */
 message ThpCodeEntryCpaceTrezor {
-    optional bytes cpace_trezor_public_key = 1;  // Trezor's ephemeral CPace public key
+    required bytes cpace_trezor_public_key = 1;  // Trezor's ephemeral CPace public key
 }
 
 /**
  * Request: User selected Code Entry option in Host. Host starts CPACE protocol with Trezor.
  * @next ThpCodeEntrySecret
  */
  message ThpCodeEntryCpaceHostTag {
-    optional bytes cpace_host_public_key = 1;    // Host's ephemeral CPace public key
-    optional bytes tag = 2;                      // SHA-256 of shared secret
+    required bytes cpace_host_public_key = 1;    // Host's ephemeral CPace public key
+    required bytes tag = 2;                      // SHA-256 of shared secret
 
 }
 
@@ -127,15 +165,15 @@ message ThpCodeEntryCpaceTrezor {
  * @next ThpEndRequest
  */
 message ThpCodeEntrySecret {
-    optional bytes secret = 1;    // Trezor's secret
+    required bytes secret = 1;    // Trezor's secret
 }
 
 /**
  * Request: User selected QR Code pairing option. Host sends a QR Tag.
  * @next ThpQrCodeSecret
  */
 message ThpQrCodeTag {
-    optional bytes tag = 1;       // SHA-256 of shared secret
+    required bytes tag = 1;       // SHA-256 of shared secret
 }
 
 /**
@@ -144,15 +182,15 @@ message ThpQrCodeTag {
  * @next ThpEndRequest
  */
 message ThpQrCodeSecret {
-    optional bytes secret = 1;    // Trezor's secret
+    required bytes secret = 1;    // Trezor's secret
 }
 
 /**
  * Request: User selected Unidirectional NFC pairing option. Host sends an Unidirectional NFC Tag.
  * @next ThpNfcTagTrezor
  */
 message ThpNfcTagHost {
-    optional bytes tag = 1;       // Host's tag
+    required bytes tag = 1;       // Host's tag
 }
 
 /**
@@ -161,7 +199,7 @@ message ThpNfcTagHost {
  * @next ThpEndRequest
  */
 message ThpNfcTagTrezor {
-    optional bytes tag = 1;       // Trezor's tag
+    required bytes tag = 1;       // Trezor's tag
 }
 
 /**
@@ -170,9 +208,9 @@ message ThpNfcTagTrezor {
  * @next ThpCredentialResponse
  */
 message ThpCredentialRequest {
-    optional bytes host_static_pubkey = 1;       // Host's static public key identifying the credential.
-    optional bool autoconnect = 2;               // Whether host wants to autoconnect without user confirmation
-    optional bytes credential = 3;               // Host's previous credential
+    required bytes host_static_pubkey = 1;         // Host's static public key identifying the credential.
+    optional bool autoconnect = 2 [default=false]; // Whether host wants to autoconnect without user confirmation
+    optional bytes credential = 3;                 // Host's previous credential
 }
 
 /**
@@ -181,8 +219,8 @@ message ThpCredentialRequest {
  * @next ThpEndRequest
  */
 message ThpCredentialResponse {
-    optional bytes trezor_static_pubkey = 1;     // Trezor's static public key used in the handshake.
-    optional bytes credential = 2;               // The pairing credential issued by the Trezor to the host.
+    required bytes trezor_static_pubkey = 1;     // Trezor's static public key used in the handshake.
+    required bytes credential = 2;               // The pairing credential issued by the Trezor to the host.
 }
 
 /**
@@ -214,8 +252,8 @@ message ThpEndResponse {}
  */
  message ThpPairingCredential {
     option (internal_only) = true;
-    optional ThpCredentialMetadata cred_metadata = 1; // Credential metadata
-    optional bytes mac = 2;                           // Message authentication code generated by the Trezor
+    required ThpCredentialMetadata cred_metadata = 1; // Credential metadata
+    required bytes mac = 2;                           // Message authentication code generated by the Trezor
 }
 
 /**
@@ -224,6 +262,6 @@ message ThpEndResponse {}
  */
  message ThpAuthenticatedCredentialData {
     option (internal_only) = true;
-    optional bytes host_static_pubkey = 1;            // Host's static public key used in the handshake
-    optional ThpCredentialMetadata cred_metadata = 2; // Credential metadata
+    required bytes host_static_pubkey = 1;            // Host's static public key used in the handshake
+    required ThpCredentialMetadata cred_metadata = 2; // Credential metadata
 }

common/protob/messages.proto

@@ -18,6 +18,7 @@ option (include_in_bitcoin_only) = true;
  */
 enum MessageType {
     option (has_bitcoin_only_values) = true;
+    option (wire_enum) = true;
 
     // Management
     MessageType_Initialize = 0 [(bitcoin_only) = true, (wire_in) = true, (wire_tiny) = true];
@@ -319,28 +320,11 @@ enum MessageType {
     MessageType_SolanaTxSignature = 905 [(wire_out) = true];
 
     // THP
-    MessageType_ThpCreateNewSession = 1000 [(bitcoin_only) = true, (wire_in) = true];
-    reserved 1001 to 1005;  // never appeared in a release, reserved for future use
-    MessageType_ThpPairingRequest = 1006 [(bitcoin_only) = true];
-    MessageType_ThpPairingRequestApproved = 1007 [(bitcoin_only) = true];
-    MessageType_ThpSelectMethod = 1008 [(bitcoin_only) = true];
-    MessageType_ThpPairingPreparationsFinished = 1009 [(bitcoin_only) = true];
-    MessageType_ThpCredentialRequest = 1010 [(bitcoin_only) = true];
-    MessageType_ThpCredentialResponse = 1011 [(bitcoin_only) = true];
-    MessageType_ThpEndRequest = 1012 [(bitcoin_only) = true];
-    MessageType_ThpEndResponse = 1013 [(bitcoin_only) = true];
-    reserved 1014 to 1015;
-    MessageType_ThpCodeEntryCommitment = 1016 [(bitcoin_only) = true];
-    MessageType_ThpCodeEntryChallenge = 1017 [(bitcoin_only) = true];
-    MessageType_ThpCodeEntryCpaceTrezor = 1018 [(bitcoin_only) = true];
-    MessageType_ThpCodeEntryCpaceHostTag = 1019 [(bitcoin_only) = true];
-    MessageType_ThpCodeEntrySecret = 1020 [(bitcoin_only) = true];
-    reserved 1021 to 1023;
-    MessageType_ThpQrCodeTag = 1024 [(bitcoin_only) = true];
-    MessageType_ThpQrCodeSecret = 1025 [(bitcoin_only) = true];
-    reserved 1026 to 1031;
-    MessageType_ThpNfcTagHost = 1032 [(bitcoin_only) = true];
-    MessageType_ThpNfcTagTrezor = 1033 [(bitcoin_only) = true];
+    MessageType_ThpCreateNewSession = 1000;
+    reserved 1001 to 1009;  // see ThpMessageType in messages-thp.proto
+    MessageType_ThpCredentialRequest = 1010;
+    MessageType_ThpCredentialResponse = 1011;
+    reserved 1012 to 1099;  // see ThpMessageType in messages-thp.proto
 
     // Nostr
     MessageType_NostrGetPubkey = 2001 [(wire_in) = true];

common/protob/options.proto

@@ -45,6 +45,7 @@ The convention to achieve this is as follows:
 /** Options for tagging enum types */
 extend google.protobuf.EnumOptions {
     optional bool has_bitcoin_only_values = 51001;  // indicate that some values should be excluded on BITCOIN_ONLY builds
+    optional bool wire_enum = 51002;                // this enum is used for mapping wire type integer to message type, it cannot be used as normal enum
 }
 
 /** Options for tagging message types */