[r2r] Hardware Wallet enhancements #1633
Conversation
* Add `MmCtx::shared_db_id` * Add `get_shared_db_id` RPC
* Add `MmCtx::shared_sqlite_conn` * Remove `mm2_rmd160` property from HD wallet storage * Refactor SQL queries by using named params
* TODO implement `task::get_new_address::cancel` * Add `MockableConfirmAddress` for tests
sergeyboyko0791
changed the title
sergeyboyko0791
changed the title
sergeyboyko0791
changed the title
* Add `trezor_connection_status` RPC * `HwCtx::trezor` should return `TrezorSession<'a>`
* Fix comments * Use `EnumFromInner`, `EnumFromStringify` derive macros
* Rename `NullStringPassphrase` to `EmptyPassphrase`
|
@shamardy @borngraced the PR is ready for the next review iteration! |
| @@ -44,14 +45,14 @@ struct WebUsbLink { | |||
| impl Link for WebUsbLink { | |||
| async fn write_chunk(&mut self, chunk: Vec<u8>) -> TrezorResult<()> { | |||
| if !self.device.is_open().await? { | |||
| self.reconnect().await?; | |||
| return MmError::err(TrezorError::DeviceDisconnected); | |||
There was a problem hiding this comment.
does this mean device can no longer try to reconnect?
There was a problem hiding this comment.
Yes, exactly. The main reason is this issue https://github.com/KomodoPlatform/WebDEX/issues/672.
Once the device is disconnected, we no longer need to try to reconnect as the GUI should notify the user to reinitialize Hardware Wallet via a Connect Hardware Wallet button.
| "RUSTSEC-2022-0084", | ||
| "RUSTSEC-2023-0004", |
There was a problem hiding this comment.
Can you please add small comments about these vulnerabilities like it's done for others?
There was a problem hiding this comment.
This will no longer be needed once I merge dev into my branch. Thank you!
| None => return HwConnectionStatus::Connected, | ||
| }; | ||
|
|
||
| #[cfg(target_arch = "wasm32")] |
There was a problem hiding this comment.
I believe this is not needed anymore
There was a problem hiding this comment.
You're right, will remove this compilation flag
| Some(inner) => TrezorSession { inner }, | ||
| None => return Ok(None), | ||
| }; | ||
| let features = session.initialize_device().await?; |
There was a problem hiding this comment.
Just a question to better understand what is happening, try_init_new_session_if_not_occupied is used only in trezor_connection_status, why do we have to initialize the device when we are getting the status?
There was a problem hiding this comment.
There are three ways to check if the device is still connected:
- Using
webusborlibusbAPIs that can provide such info.webusbprovides an easy way to check the status, butlibusbrequires to sanitize much more actions to use itshotplugfeature. It's also can be unimplemented on some OS. - Trying to ping the device and receive a pong. The problem with this approach is that if the HW device is locked (but still connected), it will require the user to enter a PIN. Even if we cancel the PIN request immediately once the device asked us about it, the device will draw the PIN matrix for a few milliseconds. This looks unfriendly.
- Trying to initialize a new session by sending
Initializepacket. It has little overhead since it returns the big Features response. But on the other hand, this request doesn't require the user to enter the PIN, so there is no any interaction on it.
I've chosen the last option as 1) requires more refactoring to implement the hotplug feature, and 2) looks unfriendly.
Btw, I just realized that is_connected is no more needed, will remove it.
https://github.com/KomodoPlatform/atomicDEX-API/blob/d28c11fb541dae04d1dcfb0200e9172676f309a6/mm2src/crypto/src/hw_ctx.rs#L100-L108
Also I'll add a comment that points to this discussion for better understanding.
There was a problem hiding this comment.
Thanks a lot for the detailed explanation
Btw, I just realized that is_connected is no more needed, will remove it.
I was actually asking this because I thought that part of this code can be removed/refactored :)
|
When the trezor security's option passphrase is enabled and i try to withdraw coin from WebDEX i got an error: |
|
All PR issues have been solved in #1672 |
|
Superseded by #1672 |
mm2_rmd160property from the HD account table. This is required so either Iguana or an HD account share the same HD account records. Fixes Hardware Wallet storage should be shared between Iguana and all HD accounts #1621task::get_new_address::*RPCs that should replace the legacyget_new_addressRPC. Fixes Possible to generate address on Trezor after disconnecting #1583trezor_connection_statusRPC to allow the GUI to poll the Trezor connection status Addtrezor_connection_statusRPC to allow the GUI to poll the Trezor connection status #1642