Wookong hardware wallet support

[gavofyork]

Rework (mostly a rewrite) of #3667.

[gavofyork]

@chesterliliang i'm having trouble getting this to work on linux. are there specific drivers needed? here's the output:

gav@pop-os:~/Core/substrate$ sudo ./target/release/subkey --wookong inspect
[sudo] password for gav: 
U��1---------init--g_dev=0------
                                ----------!multi part!------------
                                                                  ----------!multi part!------------
                                                                                                    ----------!multi part!------------
              ----------!multi part!------------
                                                ----------!multi part!------------
                                                                                  ----------!multi part!------------
                                                                                                                    Public Key URI `` is account:
                           Network ID/version: substrate
                                                          Public key (hex): 0x0000000000000000000000000000000000000000000000000000000000000000
                        Address (SS58): 5C4hrfjw9DjXZTzV3MwzrrAr9P1MJhSrvWGWqi1eSuyUpnhM

note that it leave the terminal in a broken state after running, too.

[chesterliliang]

@gavofyork Linux should have CP2102 driver. The port could be listed by 'mesg | grep ttyS*'
Here is the C code to init uart in solo crate

int uart_init(int *dev)
{
    int fd; 
#ifdef __linux__git
    fd = open("/dev/ttyUSB0", O_RDWR | O_NOCTTY | O_NONBLOCK); 
#elif TARGET_OS_MAC
    fd = open("/dev/tty.SLAB_USBtoUART", O_RDWR | O_NOCTTY | O_NONBLOCK); 
#else
#   //error "Unsupport platform for uart"
#endif

I will try to figure out why.

[gavofyork]

it looks a bit like it's opening & writing to the standard i/o instead of the UART.

[gavofyork]

gav@pop-os:~/Core/substrate/scripts$ mesg | grep ttyS*
gav@pop-os:~/Core/substrate/scripts$ 

[chesterliliang]

Device not in the list.. well, do you use ubuntu 18.x? And just for a remind, plz plug the usb connector to the blue board. I put it into another one sometimes..

[gavofyork]

ubuntu 19.04

[chesterliliang]

Here is a reference to see if the device works on linux:
https://www.silabs.com/community/interface/knowledge-base.entry.html/2018/07/31/how_to_check_if_the-5tUc
and try to install the driver may help:
https://www.silabs.com/products/development-tools/software/usb-to-uart-bridge-vcp-drivers

The product will switch to USB-HID finally, so it will not need driver for every platform. I thought UART is simple enough for early use but it seems it's not ture. T_T

[chesterliliang]

@gavofyork is your 19.04 the desktop or server version?

[gavofyork]

desktop; i'm back to working on macos and it's ok again

[gavofyork]

@chesterliliang this needs implementing

[chesterliliang]

Okay. I am on it. But for the password.. the hardware wallet always has one password for all accounts and the device will keep the password for verify. Device api functions like

fn verify_password(password);
fn change_password(old, new);

could be provided. And we could call verify function here. But the derive will not depend on password as salt but just the path. Is that OK?

[gavofyork]

yeah - sorry the _password is old and doesn't need to be implemented at all.

[gavofyork]

@chesterliliang this needs implementing

[chesterliliang]

Should we verify password as well when do the sign?

[gavofyork]

no - can ignore _password - it's part of an old design and not relevant any more.

[gavofyork]

@chesterliliang if the device can be made to support multiple root keys (which would be nice, i think) then this could be changed thus:

pub struct Wookong {
  account: sr25519::Public,
}
impl Wookong {
  fn with_account(account: sr25519::Public) -> Self { Wookong { account } }
}

the Wallet functions for it would then feed self.account through to the hardware to ensure it operated on the right account.

[chesterliliang]

If they are root keys(seed? before derive), we could find them by index, it seems hardware can not know which one is the right by account.

[gavofyork]

hmm, then they can be enumerated which isn't so great for privacy.

couldn't it just store the public keys along with the roots and cycle through those that it know until it either finds the correct one or returns some KeyNotFound error?

[chesterliliang]

It's possible but must under the same derive path or same rule to manage the path. Seems not a big trouble. Will try to give an implementation for further discussion.

[burdges]

Just fyi @chesterliliang we'll eventually "repair" the missuse of i and the chain code by SURI. See w3f/schnorrkel#45 and #3396 We'll play some tricks to keep all current derivations the same, which requires a coordinated upgrade of both subkey and schnorrkel, but I wanted to warn you. :)

[chesterliliang]

@burdges Thanks Jeff. Don't worry about us since we just start to work on derive part. Could you plz provide one, just one test vector if the issue is fixed?

[burdges]

We'll avoid currently allowable test vectors changing. Yet, subkey will continue to not use chaincodes for the questionable purpose for which bip32 added them, so maybe some future wallets will use it in incompatible ways. I'm just warning about this future interface change on schnorrkel

[gnunicorn]

is this still being worked on?

[chesterliliang]

No... Team has financial problem.. plz close it...