Remove metadata sig and use difference key branch for offset

applications/minotari_ledger_wallet/wallet/src/main.rs

@@ -15,7 +15,6 @@ mod app_ui {
 }
 mod handlers {
     pub mod get_dh_shared_secret;
-    pub mod get_metadata_signature;
     pub mod get_public_alpha;
     pub mod get_public_key;
     pub mod get_script_offset;
@@ -31,7 +30,6 @@ use app_ui::menu::ui_menu_main;
 use critical_section::RawRestoreState;
 use handlers::{
     get_dh_shared_secret::handler_get_dh_shared_secret,
-    get_metadata_signature::handler_get_metadata_signature,
     get_public_alpha::handler_get_public_alpha,
     get_public_key::handler_get_public_key,
     get_script_offset::{handler_get_script_offset, ScriptOffsetCtx},
@@ -119,7 +117,6 @@ pub enum Instruction {
     GetPublicAlpha,
     GetScriptSignature,
     GetScriptOffset { chunk: u8, more: bool },
-    GetMetadataSignature,
     GetScriptSignatureFromChallenge,
     GetViewKey,
     GetDHSharedSecret,
@@ -147,7 +144,7 @@ impl KeyType {
     fn from_branch_key(n: u64) -> Self {
         match n {
             1 => Self::Alpha,
-            6 => Self::SenderOffset,
+            7 => Self::SenderOffset,
             5 | 2 | _ => Self::Nonce,
         }
     }
@@ -178,7 +175,6 @@ impl TryFrom<ApduHeader> for Instruction {
                 chunk: value.p1,
                 more: value.p2 == P2_MORE,
             }),
-            (0x07, 0, 0) => Ok(Instruction::GetMetadataSignature),
             (0x08, 0, 0) => Ok(Instruction::GetScriptSignatureFromChallenge),
             (0x09, 0, 0) => Ok(Instruction::GetViewKey),
             (0x10, 0, 0) => Ok(Instruction::GetDHSharedSecret),
@@ -227,7 +223,6 @@ fn handle_apdu(comm: &mut Comm, ins: Instruction, offset_ctx: &mut ScriptOffsetC
         Instruction::GetPublicAlpha => handler_get_public_alpha(comm),
         Instruction::GetScriptSignature => handler_get_script_signature(comm),
         Instruction::GetScriptOffset { chunk, more } => handler_get_script_offset(comm, chunk, more, offset_ctx),
-        Instruction::GetMetadataSignature => handler_get_metadata_signature(comm),
         Instruction::GetScriptSignatureFromChallenge => handler_get_script_signature_from_challenge(comm),
         Instruction::GetViewKey => handler_get_view_key(comm),
         Instruction::GetDHSharedSecret => handler_get_dh_shared_secret(comm),

base_layer/core/src/transactions/key_manager/inner.rs

@@ -50,8 +50,6 @@ use tari_crypto::{
     },
 };
 use tari_hashing::KeyManagerTransactionsHashDomain;
-#[cfg(feature = "ledger")]
-use tari_key_manager::error::KeyManagerError;
 use tari_key_manager::{
     cipher_seed::CipherSeed,
     key_manager::KeyManager,
@@ -204,9 +202,7 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
                 // SenderOffset than we fetch from the ledger, all other keys are fetched below.
                 #[allow(unused_variables)]
                 if let WalletType::Ledger(ledger) = &self.wallet_type {
-                    if branch == &TransactionKeyManagerBranch::MetadataEphemeralNonce.get_branch_key() ||
-                        branch == &TransactionKeyManagerBranch::SenderOffset.get_branch_key()
-                    {
+                    if branch == &TransactionKeyManagerBranch::SenderOffsetLedger.get_branch_key() {
                         #[cfg(not(feature = "ledger"))]
                         {
                             return Err(KeyManagerServiceError::LedgerError(
@@ -464,9 +460,9 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
 
                     // If we're trying to access any of the private keys, just say no bueno
                     if &TransactionKeyManagerBranch::Alpha.get_branch_key() == branch ||
-                        &TransactionKeyManagerBranch::SenderOffset.get_branch_key() == branch ||
-                        &TransactionKeyManagerBranch::MetadataEphemeralNonce.get_branch_key() == branch
+                        &TransactionKeyManagerBranch::SenderOffsetLedger.get_branch_key() == branch
                     {
+                        debug!(target: LOG_TARGET, "Attempted to access private key for branch {branch:?}");
                         return Err(KeyManagerServiceError::LedgerPrivateKeyInaccessible);
                     }
                 };
@@ -551,7 +547,7 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
         #[allow(unused_variables)]
         if let WalletType::Ledger(ledger) = &self.wallet_type {
             if let KeyId::Managed { branch, index } = secret_key_id {
-                if branch == &TransactionKeyManagerBranch::SenderOffset.get_branch_key() {
+                if branch == &TransactionKeyManagerBranch::SenderOffsetLedger.get_branch_key() {
                     #[cfg(not(feature = "ledger"))]
                     {
                         return Err(TransactionError::LedgerNotSupported);
@@ -578,7 +574,7 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
         #[allow(unused_variables)]
         if let WalletType::Ledger(ledger) = &self.wallet_type {
             if let KeyId::Managed { branch, index } = secret_key_id {
-                if branch == &TransactionKeyManagerBranch::SenderOffset.get_branch_key() {
+                if branch == &TransactionKeyManagerBranch::SenderOffsetLedger.get_branch_key() {
                     #[cfg(not(feature = "ledger"))]
                     {
                         return Err(TransactionError::LedgerNotSupported);
@@ -1271,98 +1267,31 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
         txo_version: &TransactionOutputVersion,
         metadata_signature_message: &[u8; 32],
     ) -> Result<ComAndPubSignature, TransactionError> {
-        match &self.wallet_type {
-            WalletType::Software => {
-                let ephemeral_private_key = self.get_private_key(ephemeral_private_nonce_id).await?;
-                let ephemeral_pubkey = PublicKey::from_secret_key(&ephemeral_private_key);
-                let sender_offset_private_key = self.get_private_key(sender_offset_key_id).await?; // Take the index and use it to find the key from ledger
-                let sender_offset_public_key = PublicKey::from_secret_key(&sender_offset_private_key);
-
-                let challenge = TransactionOutput::finalize_metadata_signature_challenge(
-                    txo_version,
-                    &sender_offset_public_key,
-                    ephemeral_commitment,
-                    &ephemeral_pubkey,
-                    commitment,
-                    metadata_signature_message,
-                );
-
-                let metadata_signature = ComAndPubSignature::sign(
-                    &PrivateKey::default(),
-                    &PrivateKey::default(),
-                    &sender_offset_private_key,
-                    &PrivateKey::default(),
-                    &PrivateKey::default(),
-                    &ephemeral_private_key,
-                    &challenge,
-                    &*self.crypto_factories.commitment,
-                )?;
-                Ok(metadata_signature)
-            },
-            #[allow(unused_variables)]
-            WalletType::Ledger(ledger) => {
-                #[cfg(not(feature = "ledger"))]
-                {
-                    Err(TransactionError::LedgerNotSupported)
-                }
-
-                #[cfg(feature = "ledger")]
-                {
-                    let ephemeral_private_nonce_index =
-                        ephemeral_private_nonce_id
-                            .managed_index()
-                            .ok_or(TransactionError::KeyManagerError(
-                                KeyManagerError::InvalidKeyID.to_string(),
-                            ))?;
-                    let sender_offset_key_index =
-                        sender_offset_key_id
-                            .managed_index()
-                            .ok_or(TransactionError::KeyManagerError(
-                                KeyManagerError::InvalidKeyID.to_string(),
-                            ))?;
+        let ephemeral_private_key = self.get_private_key(ephemeral_private_nonce_id).await?;
+        let ephemeral_pubkey = PublicKey::from_secret_key(&ephemeral_private_key);
+        let sender_offset_private_key = self.get_private_key(sender_offset_key_id).await?; // Take the index and use it to find the key from ledger
+        let sender_offset_public_key = PublicKey::from_secret_key(&sender_offset_private_key);
 
-                    let mut data = u64::from(ledger.network.as_byte()).to_le_bytes().to_vec();
-                    data.extend_from_slice(&u64::from(txo_version.as_u8()).to_le_bytes());
-                    data.extend_from_slice(&ephemeral_private_nonce_index.to_le_bytes());
-                    data.extend_from_slice(&sender_offset_key_index.to_le_bytes());
-                    data.extend_from_slice(&commitment.to_vec());
-                    data.extend_from_slice(&ephemeral_commitment.to_vec());
-                    data.extend_from_slice(&metadata_signature_message.to_vec());
-
-                    let command = ledger.build_command(Instruction::GetMetadataSignature, data);
-                    let transport = get_transport()?;
+        let challenge = TransactionOutput::finalize_metadata_signature_challenge(
+            txo_version,
+            &sender_offset_public_key,
+            ephemeral_commitment,
+            &ephemeral_pubkey,
+            commitment,
+            metadata_signature_message,
+        );
 
-                    match command.execute_with_transport(&transport) {
-                        Ok(result) => {
-                            if result.data().len() < 161 {
-                                debug!(target: LOG_TARGET, "result less than 161");
-                                return Err(LedgerDeviceError::Processing(format!(
-                                    "'get_metadata_signature' insufficient data - expected 161 got {} bytes ({:?})",
-                                    result.data().len(),
-                                    result
-                                ))
-                                .into());
-                            }
-                            let data = result.data();
-                            debug!(target: LOG_TARGET, "result length: {}, data: {:?}", result.data().len(), result.data());
-                            Ok(ComAndPubSignature::new(
-                                Commitment::from_canonical_bytes(&data[1..33])
-                                    .map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
-                                PublicKey::from_canonical_bytes(&data[33..65])
-                                    .map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
-                                PrivateKey::from_canonical_bytes(&data[65..97])
-                                    .map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
-                                PrivateKey::from_canonical_bytes(&data[97..129])
-                                    .map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
-                                PrivateKey::from_canonical_bytes(&data[129..161])
-                                    .map_err(|e| TransactionError::InvalidSignatureError(e.to_string()))?,
-                            ))
-                        },
-                        Err(e) => Err(LedgerDeviceError::Instruction(format!("GetMetadataSignature: {}", e)).into()),
-                    }
-                }
-            },
-        }
+        let metadata_signature = ComAndPubSignature::sign(
+            &PrivateKey::default(),
+            &PrivateKey::default(),
+            &sender_offset_private_key,
+            &PrivateKey::default(),
+            &PrivateKey::default(),
+            &ephemeral_private_key,
+            &challenge,
+            &*self.crypto_factories.commitment,
+        )?;
+        Ok(metadata_signature)
     }
 
     // -----------------------------------------------------------------------------------------------------------------

base_layer/core/src/transactions/key_manager/interface.rs

@@ -63,6 +63,7 @@ pub enum TransactionKeyManagerBranch {
     Nonce = 0x04,
     KernelNonce = 0x05,
     SenderOffset = 0x06,
+    SenderOffsetLedger = 0x07,
 }
 
 impl TransactionKeyManagerBranch {
@@ -77,6 +78,7 @@ impl TransactionKeyManagerBranch {
             TransactionKeyManagerBranch::MetadataEphemeralNonce => "metadata ephemeral nonce".to_string(),
             TransactionKeyManagerBranch::KernelNonce => "kernel nonce".to_string(),
             TransactionKeyManagerBranch::SenderOffset => "sender offset".to_string(),
+            TransactionKeyManagerBranch::SenderOffsetLedger => "sender offset ledger".to_string(),
         }
     }
 
@@ -88,6 +90,7 @@ impl TransactionKeyManagerBranch {
             "metadata ephemeral nonce" => TransactionKeyManagerBranch::MetadataEphemeralNonce,
             "kernel nonce" => TransactionKeyManagerBranch::KernelNonce,
             "sender offset" => TransactionKeyManagerBranch::SenderOffset,
+            "sender offset ledger" => TransactionKeyManagerBranch::SenderOffsetLedger,
             "nonce" => TransactionKeyManagerBranch::Nonce,
             _ => TransactionKeyManagerBranch::Nonce,
         }

base_layer/core/src/transactions/transaction_protocol/sender.rs

@@ -342,6 +342,22 @@ impl SenderTransactionProtocol {
         }
     }
 
+    pub fn change_recipient_sender_offset_private_key(&mut self, key_id: TariKeyId) -> Result<(), TPE> {
+        match &mut self.state {
+            SenderState::Initializing(ref mut info) |
+            SenderState::Finalizing(ref mut info) |
+            SenderState::SingleRoundMessageReady(ref mut info) |
+            SenderState::CollectingSingleSignature(ref mut info) => {
+                if let Some(ref mut v) = info.recipient_data {
+                    v.recipient_sender_offset_key_id = key_id;
+                }
+            },
+            SenderState::FinalizedTransaction(_) | SenderState::Failed(_) => return Err(TPE::InvalidStateError),
+        }
+
+        Ok(())
+    }
+
     /// This function will return the value of the fee of this transaction
     pub fn get_fee_amount(&self) -> Result<MicroMinotari, TPE> {
         match &self.state {