btc: convert pkscript_from_multisig() to Rust

Alternative implementation of this function based on rust-miniscript: ``` pub fn pkscript( multisig: &Multisig, keypath_change: u32, keypath_address: u32, ) -> Result<Vec<u8>, Error> { let pubkeys: Vec<bitcoin::PublicKey> = multisig .xpubs .iter() .map(|xpub| -> Result<bitcoin::PublicKey, ()> { bitcoin::PublicKey::from_slice( bip32::Xpub::from(xpub) .derive(&[keypath_change, keypath_address])? .public_key(), ) .map_err(|_| ()) }) .collect::<Result<_, _>>()?; let sorted_multi = miniscript::descriptor::SortedMultiVec::< bitcoin::PublicKey, miniscript::Legacy, >::new(multisig.threshold as _, pubkeys) .map_err(|_| Error::InvalidInput)?; Ok(sorted_multi.encode().into_bytes()) } ``` This cost about 10kB of binary space. The manual implementation of this commit costs nearly nothing.
BitBoxSwiss · Oct 25, 2023 · 4f7a1e3 · 4f7a1e3
1 parent 8f61406
commit 4f7a1e3
Show file tree

Hide file tree

Showing 8 changed files with 29 additions and 202 deletions.
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
@@ -38,7 +38,6 @@ set(DBB-FIRMWARE-SOURCES
   ${CMAKE_SOURCE_DIR}/src/workflow/blocking.c
   ${CMAKE_SOURCE_DIR}/src/workflow/idle_workflow.c
   ${CMAKE_SOURCE_DIR}/src/workflow/orientation_screen.c
-  ${CMAKE_SOURCE_DIR}/src/apps/btc/btc_common.c
   ${CMAKE_SOURCE_DIR}/src/queue.c
   ${CMAKE_SOURCE_DIR}/src/usb/usb_processing.c
 )
@@ -389,8 +388,6 @@ add_custom_target(rust-bindgen
     --rustified-enum simple_type_t
     --rustified-enum multisig_script_type_t
     --rustified-enum output_type_t
-    --allowlist-function btc_common_pkscript_from_payload
-    --allowlist-function btc_common_pkscript_from_multisig
     --allowlist-var MAX_VARINT_SIZE
     --allowlist-var MAX_PK_SCRIPT_SIZE
     --allowlist-function reboot

diff --git a/src/apps/btc/btc_common.c b/src/apps/btc/btc_common.c
diff --git a/src/apps/btc/btc_common.h b/src/apps/btc/btc_common.h
diff --git a/src/rust/bitbox02-rust/src/hww/api/bitcoin/multisig.rs b/src/rust/bitbox02-rust/src/hww/api/bitcoin/multisig.rs
@@ -32,25 +32,6 @@ use sha2::{Digest, Sha256};
 
 pub const MAX_SIGNERS: usize = 15;
 
-/// Converts a Rust protobuf multisig to a representation suitable to be passed to C functions.
-pub fn convert_multisig(multisig: &Multisig) -> Result<bitbox02::app_btc::Multisig, Error> {
-    Ok(bitbox02::app_btc::Multisig {
-        xpubs_count: multisig.xpubs.len() as _,
-        xpubs: {
-            let mut xpubs = [[0u8; 78]; MAX_SIGNERS];
-            for (i, xpub) in multisig.xpubs.iter().enumerate() {
-                xpubs[i] = bip32::Xpub::from(xpub)
-                    .serialize(Some(bip32::XPubType::Xpub))
-                    .or(Err(Error::InvalidInput))?
-                    .try_into()
-                    .or(Err(Error::Generic))?;
-            }
-            xpubs
-        },
-        threshold: multisig.threshold,
-    })
-}
-
 pub enum SortXpubs {
     No,
     Yes,
@@ -311,11 +292,35 @@ pub fn pkscript(
     keypath_change: u32,
     keypath_address: u32,
 ) -> Result<Vec<u8>, Error> {
-    Ok(bitbox02::app_btc::pkscript_from_multisig(
-        &convert_multisig(multisig)?,
-        keypath_change,
-        keypath_address,
-    )?)
+    if multisig.xpubs.len() < 2 || multisig.xpubs.len() > MAX_SIGNERS {
+        return Err(Error::InvalidInput);
+    }
+    if multisig.threshold == 0 || multisig.threshold > multisig.xpubs.len() as _ {
+        return Err(Error::InvalidInput);
+    }
+    let mut pubkeys: Vec<Vec<u8>> = multisig
+        .xpubs
+        .iter()
+        .map(|xpub| -> Result<Vec<u8>, ()> {
+            Ok(bip32::Xpub::from(xpub)
+                .derive(&[keypath_change, keypath_address])?
+                .public_key()
+                .to_vec())
+        })
+        .collect::<Result<_, _>>()?;
+    pubkeys.sort();
+
+    let mut script_builder = bitcoin::script::Builder::new().push_int(multisig.threshold as _);
+    for pk in pubkeys.iter() {
+        let pk: &bitcoin::script::PushBytes =
+            pk.as_slice().try_into().map_err(|_| Error::Generic)?;
+        script_builder = script_builder.push_slice(pk);
+    }
+    script_builder = script_builder
+        .push_int(pubkeys.len() as _)
+        .push_opcode(bitcoin::opcodes::all::OP_CHECKMULTISIG);
+
+    Ok(script_builder.into_bytes())
 }
 
 #[cfg(test)]

diff --git a/src/rust/bitbox02-sys/wrapper.h b/src/rust/bitbox02-sys/wrapper.h
@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-#include <apps/btc/btc_common.h>
 #include <apps/eth/eth_params.h>
 #include <bip32.h>
 #include <keystore.h>

diff --git a/src/rust/bitbox02/src/app_btc.rs b/src/rust/bitbox02/src/app_btc.rs
diff --git a/src/rust/bitbox02/src/lib.rs b/src/rust/bitbox02/src/lib.rs
@@ -30,8 +30,6 @@ extern crate lazy_static;
 #[cfg(feature = "testing")]
 pub mod testing;
 
-#[cfg(any(feature = "app-bitcoin", feature = "app-litecoin"))]
-pub mod app_btc;
 #[cfg(feature = "app-ethereum")]
 pub mod app_eth;
 pub mod bip32;

diff --git a/test/unit-test/test_keystore_functional.c b/test/unit-test/test_keystore_functional.c
@@ -19,7 +19,6 @@
 
 #include <keystore.h>
 
-#include <apps/btc/btc_common.h>
 #include <memory/bitbox02_smarteeprom.h>
 #include <memory/smarteeprom.h>
 #include <mock_memory.h>