Audit fixes (#44)

* update zxlib

* remove unused function

* update dependencies

* update snapshots

app/Makefile.version

@@ -3,4 +3,4 @@ APPVERSION_M=1
 # This is the minor version
 APPVERSION_N=1
 # This is the patch version
-APPVERSION_P=1
+APPVERSION_P=2

app/src/crypto_helper.c

@@ -19,9 +19,9 @@
 
 #include "coin.h"
 #include "keys_personalizations.h"
+#include "parser_common.h"
 #include "rslib.h"
 #include "zxformat.h"
-#include "parser_common.h"
 
 #if defined(LEDGER_SPECIFIC)
 #include "cx.h"
@@ -129,7 +129,7 @@ parser_error_t transaction_signature_hash(parser_tx_t *txObj, uint8_t output[HAS
     const uint16_t MINTLEN = 32 + 192 + 193 + 8;
     uint16_t tmpOffset = 0;
     for (uint64_t i = 0; i < txObj->mints.elements; i++) {
-        const uint8_t *mint_i = txObj->mints.data.ptr + tmpOffset;  // + 32;
+        const uint8_t *mint_i = txObj->mints.data.ptr + tmpOffset;
         const int8_t transferOwnershipToLen = txObj->transactionVersion == V1 ? (-32) : mint_i[MINTLEN] == 1 ? 33 : 1;
         const uint16_t tmpMintLen = MINTLEN + transferOwnershipToLen + 64;
 
@@ -247,7 +247,7 @@ parser_error_t crypto_decrypt_merkle_note(parser_tx_t *txObj, const uint8_t *m_n
     uint8_t plain_text[ENCRYPTED_NOTE_SIZE] = {0};
     const uint8_t *ephemeral_public_key = m_note + VALUE_COMMITMENT_SIZE + NOTE_COMMITMENT_SIZE;
     if (decrypt_note(m_note, note_encryption_key + PUBLIC_ADDRESS_SIZE, note_encryption_key, ephemeral_public_key,
-                             plain_text) != parser_ok) {
+                     plain_text) != parser_ok) {
         MEMZERO(note_encryption_key, sizeof(note_encryption_key));
         MEMZERO(plain_text, sizeof(plain_text));
         return parser_unexpected_error;

app/src/parser.c

@@ -38,16 +38,6 @@ static const asset_id_lookpup_t asset_id_lookups[] = {
      " IRON"},
 };
 
-bool parser_verify_asset_id(uint8_t *asset_id, uint8_t *index) {
-    for (size_t i = 0; i < sizeof(asset_id_lookups) / sizeof(asset_id_lookups[0]); i++) {
-        if (MEMCMP(asset_id, PIC(asset_id_lookups[i].identifier), 32) == 0) {
-            *index = i;
-            return true;
-        }
-    }
-    return false;
-}
-
 parser_error_t parser_check_outputs(parser_tx_t *tx_obj) {
     for (size_t i = 0; i < tx_obj->outputs.elements; i++) {
         // Decrypt the output

app/src/parser_txdef.h

@@ -98,8 +98,6 @@ typedef struct {
     uint8_t metadata[METADATA_LENGTH];
     public_address_t creator;
     uint8_t nonce;
-    /// The byte representation of a blake2s hash of the asset info
-    // uint8_t id[32];
 } asset_t;
 
 typedef struct {

tests_zemu/package.json

@@ -25,32 +25,32 @@
   },
   "dependencies": {
     "@zondax/ledger-ironfish": "../js",
-    "@zondax/zemu": "^0.51.0"
+    "@zondax/zemu": "^0.53.0"
   },
   "devDependencies": {
     "@ledgerhq/hw-transport-node-hid": "^6.29.5",
     "@ledgerhq/logs": "^6.12.0",
-    "@noble/curves": "^1.4.0",
+    "@noble/curves": "^1.7.0",
     "@trivago/prettier-plugin-sort-imports": "^4.3.0",
     "@types/jest": "^29.5.14",
     "@types/ledgerhq__hw-transport": "^4.21.8",
-    "@typescript-eslint/eslint-plugin": "^8.13.0",
-    "@typescript-eslint/parser": "^8.13.0",
+    "@typescript-eslint/eslint-plugin": "^8.17.0",
+    "@typescript-eslint/parser": "^8.17.0",
     "blakejs": "^1.2.1",
     "crypto-js": "4.2.0",
     "eslint": "^9.14.0",
     "eslint-config-prettier": "^9.1.0",
     "eslint-plugin-import": "^2.31.0",
     "eslint-plugin-jest": "^28.9.0",
     "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-promise": "^7.1.0",
-    "eslint-plugin-tsdoc": "^0.3.0",
+    "eslint-plugin-promise": "^7.2.1",
+    "eslint-plugin-tsdoc": "^0.4.0",
     "eslint-plugin-unused-imports": "^4.0.0",
     "jest": "29.7.0",
     "jssha": "^3.3.1",
-    "prettier": "^3.3.2",
+    "prettier": "^3.4.2",
     "ts-jest": "^29.1.5",
     "ts-node": "^10.9.2",
-    "typescript": "^5.6.3"
+    "typescript": "^5.7.2"
   }
 }