Merge pull request #203 from LedgerHQ/swap-improvements

Swap improvements
LedgerHQ · Nov 13, 2023 · 207d24a · 207d24a
2 parents 71f7dbe + 1a03d51
commit 207d24a
Show file tree

Hide file tree

Showing 6 changed files with 53 additions and 60 deletions.
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
@@ -12,56 +12,37 @@ on:
     types: [opened, synchronize, reopened]
 
 jobs:
-  build:
-    name: Build
+  sonarcloud:
     runs-on: ubuntu-latest
     container:
       image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-legacy:latest
+
     env:
-      SONAR_SCANNER_VERSION: 4.4.0.2170
-      SONAR_SERVER_URL: "https://sonarcloud.io"
       BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
     steps:
-      - uses: actions/checkout@v2
-        with:
-          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-      - name: Set up JDK 11
-        uses: actions/setup-java@v1
-        with:
-          java-version: 11
-      - name: Download and set up sonar-scanner
-        env:
-          SONAR_SCANNER_DOWNLOAD_URL: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip
-        run: |
-          apt-get update -y
-          apt-get upgrade -y
-          DEBIAN_FRONTEND=noninteractive apt-get install -y tzdata
-          apt-get install -y
-          curl -sL https://deb.nodesource.com/setup_16.x | bash -
-          apt-get install -y gcovr nodejs unzip libcmocka-dev lcov
-          mkdir -p $HOME/.sonar
-          curl -sSLo $HOME/.sonar/sonar-scanner.zip ${{ env.SONAR_SCANNER_DOWNLOAD_URL }} 
-          unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
-          echo "$HOME/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH
-      - name: Download and set up build-wrapper
-        env:
-          BUILD_WRAPPER_DOWNLOAD_URL: ${{ env.SONAR_SERVER_URL }}/static/cpp/build-wrapper-linux-x86.zip
-        run: |
-          curl -sSLo $HOME/.sonar/build-wrapper-linux-x86.zip ${{ env.BUILD_WRAPPER_DOWNLOAD_URL }}
-          unzip -o $HOME/.sonar/build-wrapper-linux-x86.zip -d $HOME/.sonar/
-          echo "$HOME/.sonar/build-wrapper-linux-x86" >> $GITHUB_PATH
-      - name: Generate code coverage
-        run: |
-          cd unit-tests/
-          cmake -Bbuild -H. && make -C build
-          make -C build test
-          gcovr --root .. --sonarqube coverage.xml
-      - name: Run build-wrapper
-        run: |
+    - uses: actions/checkout@v3
+      with:
+        # Disabling shallow clone is recommended for improving relevancy of reporting
+        fetch-depth: 0
+    - name: Install dependencies
+      run: |
+        apt-get update -y
+        apt-get upgrade -y
+        DEBIAN_FRONTEND=noninteractive apt-get install -y tzdata
+        apt-get install -y libcmocka-dev gcovr unzip
+    - name:  Install sonar-scanner and build-wrapper
+      uses: sonarsource/sonarcloud-github-c-cpp@v2
+    - name: Generate code coverage
+      run: |
+        cd unit-tests/
+        cmake -Bbuild -H. && make -C build
+        make -C build test
+        gcovr --root .. --sonarqube coverage.xml
+    - name: Run build-wrapper
+      run: |
           build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} make clean all
-      - name: Run sonar-scanner
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: |
-          sonar-scanner --define sonar.host.url="${{ env.SONAR_SERVER_URL }}" --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}"
+    - name: Run sonar-scanner
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      run: sonar-scanner --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}" #Consult https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarscanner-cli/ for more information and options
diff --git a/bitcoin_client/ledger_bitcoin/exception/device_exception.py b/bitcoin_client/ledger_bitcoin/exception/device_exception.py
@@ -12,6 +12,7 @@ class DeviceException(Exception):  # pylint: disable=too-few-public-methods
         0x6A82: NotSupportedError,
         0x6A86: WrongP1P2Error,
         0x6A87: WrongDataLengthError,
+        0x6B00: SwapError,
         0x6D00: InsNotSupportedError,
         0x6E00: ClaNotSupportedError,
         0xB000: WrongResponseLengthError,

diff --git a/bitcoin_client/ledger_bitcoin/exception/errors.py b/bitcoin_client/ledger_bitcoin/exception/errors.py
@@ -26,6 +26,10 @@ class WrongDataLengthError(Exception):
     pass
 
 
+class SwapError(Exception):
+    pass
+
+
 class InsNotSupportedError(Exception):
     pass
 

diff --git a/src/boilerplate/sw.h b/src/boilerplate/sw.h
@@ -36,6 +36,11 @@
  */
 #define SW_WRONG_DATA_LENGTH 0x6A87
 
+/**
+ * Status word for fail in Swap
+ */
+#define SW_FAIL_SWAP 0x6B00
+
 /**
  * Status word for unknown command with this INS.
  */

diff --git a/src/handler/get_wallet_address.c b/src/handler/get_wallet_address.c
@@ -34,6 +34,7 @@
 #include "../ui/menu.h"
 
 #include "../swap/swap_globals.h"
+#include "../swap/handle_swap_sign_transaction.h"
 
 #include "lib/policy.h"
 #include "lib/get_preimage.h"
@@ -167,8 +168,8 @@ void handler_get_wallet_address(dispatcher_context_t *dc, uint8_t protocol_versi
     // Swap feature: check that the wallet policy is a default one
     if (G_swap_state.called_from_swap && !is_wallet_default) {
         PRINTF("Must be a default wallet policy for swap feature\n");
-        SEND_SW(dc, SW_INCORRECT_DATA);
-        return;
+        SEND_SW(dc, SW_FAIL_SWAP);
+        finalize_exchange_sign_transaction(false);
     }
 
     {

diff --git a/src/handler/sign_psbt.c b/src/handler/sign_psbt.c
@@ -53,6 +53,7 @@
 #include "sign_psbt/update_hashes_with_map_value.h"
 
 #include "../swap/swap_globals.h"
+#include "../swap/handle_swap_sign_transaction.h"
 
 // common info that applies to either the current input or the current output
 typedef struct {
@@ -649,8 +650,8 @@ init_global_state(dispatcher_context_t *dc, sign_psbt_state_t *st) {
     // Swap feature: check that wallet policy is a default one
     if (G_swap_state.called_from_swap && !st->is_wallet_default) {
         PRINTF("Must be a default wallet policy for swap feature\n");
-        SEND_SW(dc, SW_INCORRECT_DATA);
-        return false;
+        SEND_SW(dc, SW_FAIL_SWAP);
+        finalize_exchange_sign_transaction(false);
     }
 
     // If it's not a default wallet policy, ask the user for confirmation, and abort if they deny
@@ -1032,8 +1033,8 @@ show_alerts(dispatcher_context_t *dc,
             // Swap feature: no external inputs allowed
             if (G_swap_state.called_from_swap) {
                 PRINTF("External inputs not allowed in swap transactions\n");
-                SEND_SW(dc, SW_INCORRECT_DATA);
-                return false;
+                SEND_SW(dc, SW_FAIL_SWAP);
+                finalize_exchange_sign_transaction(false);
             }
 
             // some internal and some external inputs, warn the user first
@@ -1135,8 +1136,8 @@ static bool __attribute__((noinline)) display_output(dispatcher_context_t *dc,
             0 != strncmp(G_swap_state.destination_address, output_address, address_len)) {
             // address did not match
             PRINTF("Mismatching address for swap\n");
-            SEND_SW(dc, SW_INCORRECT_DATA);
-            return false;
+            SEND_SW(dc, SW_FAIL_SWAP);
+            finalize_exchange_sign_transaction(false);
         }
     } else {
         // Show address to the user
@@ -1311,21 +1312,21 @@ confirm_transaction(dispatcher_context_t *dc, sign_psbt_state_t *st) {
         // Swap feature: there must be only one external output
         if (st->outputs.n_external != 1) {
             PRINTF("Swap transaction must have exactly 1 external output\n");
-            SEND_SW(dc, SW_INCORRECT_DATA);
-            return false;
+            SEND_SW(dc, SW_FAIL_SWAP);
+            finalize_exchange_sign_transaction(false);
         }
 
         // Swap feature: check total amount and fees are as expected
         if (fee != G_swap_state.fees) {
             PRINTF("Mismatching fee for swap\n");
-            SEND_SW(dc, SW_INCORRECT_DATA);
-            return false;
+            SEND_SW(dc, SW_FAIL_SWAP);
+            finalize_exchange_sign_transaction(false);
         }
         uint64_t spent_amount = st->outputs.total_amount - st->outputs.change_total_amount;
         if (spent_amount != G_swap_state.amount) {
             PRINTF("Mismatching spent amount for swap\n");
-            SEND_SW(dc, SW_INCORRECT_DATA);
-            return false;
+            SEND_SW(dc, SW_FAIL_SWAP);
+            finalize_exchange_sign_transaction(false);
         }
     } else {
         // if the value of fees is 10% or more of the amount, and it's more than 10000
-Original file line number
+Diff line change
@@ Expand Up / @@ -26,6 +26,10 @@ class WrongDataLengthError(Exception): @@
         pass
+    class SwapError(Exception):
+        pass
     class InsNotSupportedError(Exception):
         pass
@@ Expand Down @@