diff --git a/.github/workflows/coding_style_checks.yml b/.github/workflows/coding_style_checks.yml index 01b3795b..1bf6566d 100644 --- a/.github/workflows/coding_style_checks.yml +++ b/.github/workflows/coding_style_checks.yml @@ -16,7 +16,7 @@ on: jobs: check_linting: name: Check linting using the reusable workflow - uses: Zondax/ledger-app-workflows/.github/workflows/reusable_lint.yml@v1 + uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_lint.yml@v1 with: source: './app' diff --git a/.github/workflows/guidelines_enforcer.yml b/.github/workflows/guidelines_enforcer.yml new file mode 100644 index 00000000..4db0e32a --- /dev/null +++ b/.github/workflows/guidelines_enforcer.yml @@ -0,0 +1,24 @@ +name: Ensure compliance with Ledger guidelines + +# This workflow is mandatory in all applications +# It calls a reusable workflow guidelines_enforcer developed by Ledger's internal developer team. +# The successful completion of the reusable workflow is a mandatory step for an app to be available on the Ledger +# application store. +# +# More information on the guidelines can be found in the repository: +# LedgerHQ/ledger-app-workflows/ + +on: + workflow_dispatch: + push: + branches: + - master + - main + - develop + - dev # for safety reasons + pull_request: + +jobs: + guidelines_enforcer: + name: Call Ledger guidelines_enforcer + uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_guidelines_enforcer.yml@v1 diff --git a/app/src/app_ui/menu.rs b/app/src/app_ui/menu.rs index 8ded736e..287bb251 100644 --- a/app/src/app_ui/menu.rs +++ b/app/src/app_ui/menu.rs @@ -73,12 +73,11 @@ pub fn ui_menu_main(_: &mut Comm) -> Event { let production_build = option_env!("PRODUCTION_BUILD").unwrap_or("1"); let app_version = option_env!("APPVERSION_STR").unwrap_or("v0.0.0"); - let name: &str; - if production_build == "0" { - name = "Ironfish DKG DEMO"; + let name: &str = if production_build == "0" { + "Ironfish DKG DEMO" } else { - name = "Ironfish DKG"; - } + "Ironfish DKG" + }; // Display the home screen. NbglHomeAndSettings::new() diff --git a/app/src/app_ui/run_action.rs b/app/src/app_ui/run_action.rs index 8150cab6..bf15d793 100644 --- a/app/src/app_ui/run_action.rs +++ b/app/src/app_ui/run_action.rs @@ -97,7 +97,7 @@ pub fn ui_review_transaction<'a>( } #[inline(never)] -pub fn ui_review_get_identity<'a>(i_index: u8) -> Result { +pub fn ui_review_get_identity(i_index: u8) -> Result { zlog_stack("s review_get_identity\0"); app_canary(); @@ -112,7 +112,7 @@ pub fn ui_review_get_identity<'a>(i_index: u8) -> Result { } #[inline(never)] -pub fn ui_review_get_keys<'a>(data: &Vec, key_type: u8) -> Result { +pub fn ui_review_get_keys(data: &Vec, key_type: u8) -> Result { zlog_stack("s ui_review_get_keys\0"); app_canary(); @@ -178,7 +178,7 @@ pub fn ui_review_get_keys<'a>(data: &Vec, key_type: u8) -> Result(i_index: u8) -> Result { +pub fn ui_review_get_current_identity(i_index: u8) -> Result { zlog_stack("s review_current_identity\0"); app_canary(); @@ -199,11 +199,7 @@ pub fn ui_review_get_current_identity<'a>(i_index: u8) -> Result { } #[inline(never)] -pub fn ui_review_dkg_round1<'a>( - i_index: u8, - min_signers: u8, - participants: u8, -) -> Result { +pub fn ui_review_dkg_round1(i_index: u8, min_signers: u8, participants: u8) -> Result { zlog_stack("s review_dkg_round1\0"); let i_index_str = int_to_str(i_index); @@ -229,7 +225,7 @@ pub fn ui_review_dkg_round1<'a>( } #[inline(never)] -pub fn ui_review_dkg_round2<'a>(i_index: u8, round1_public_package_len: u8) -> Result { +pub fn ui_review_dkg_round2(i_index: u8, round1_public_package_len: u8) -> Result { zlog_stack("s review_dkg_round2\0"); app_canary(); @@ -251,7 +247,7 @@ pub fn ui_review_dkg_round2<'a>(i_index: u8, round1_public_package_len: u8) -> R } #[inline(never)] -pub fn ui_review_backup_keys<'a>( +pub fn ui_review_backup_keys( public_address: Vec, participants: u8, min_signers: u8, @@ -283,7 +279,7 @@ pub fn ui_review_backup_keys<'a>( } #[inline(never)] -pub fn ui_review_dkg_round3<'a>( +pub fn ui_review_dkg_round3( i_index: u8, round1_public_package_len: u8, round2_public_package_len: u8, @@ -326,7 +322,7 @@ pub fn ui_review_dkg_round3<'a>( } #[inline(never)] -pub fn ui_review_restore_keys<'a>( +pub fn ui_review_restore_keys( public_address: Vec, participants: u8, min_signers: u8, @@ -397,6 +393,6 @@ pub fn ui_review<'a>( .titles(title, _subtitle, _finish_title) .glyph(&ICON); - Ok(review.show(&fields)) + Ok(review.show(fields)) } } diff --git a/app/src/context.rs b/app/src/context.rs index 4f08b839..f1138559 100644 --- a/app/src/context.rs +++ b/app/src/context.rs @@ -25,3 +25,9 @@ impl TxContext { self.done = false; } } + +impl Default for TxContext { + fn default() -> Self { + Self::new() + } +} diff --git a/app/src/crypto/chacha20poly.rs b/app/src/crypto/chacha20poly.rs index 4ce17364..76a76c93 100644 --- a/app/src/crypto/chacha20poly.rs +++ b/app/src/crypto/chacha20poly.rs @@ -76,9 +76,9 @@ pub fn compute_key() -> EncryptionKeyGuard { let path_0: Vec = vec![ (0x80000000 | 0x2c), (0x80000000 | 0x53a), - (0x80000000 | 0x0), - (0x80000000 | 0x0), - (0x80000000 | 0x0), + (0x80000000), // (0x80000000 | 0x0) + (0x80000000), // (0x80000000 | 0x0) + (0x80000000), // (0x80000000 | 0x0) ]; let mut secret_key_0 = Secret::::new(); diff --git a/app/src/crypto/keys.rs b/app/src/crypto/keys.rs index a8c4a96d..8d87b700 100644 --- a/app/src/crypto/keys.rs +++ b/app/src/crypto/keys.rs @@ -111,15 +111,15 @@ pub(crate) fn compute_dkg_secret(index: u8) -> IronfishSecretGuard { let path_0: Vec = vec![ (0x80000000 | 0x2c), (0x80000000 | 0x53a), - (0x80000000 | 0x0), - (0x80000000 | 0x0), + (0x80000000), // (0x80000000 | 0x0) + (0x80000000), // (0x80000000 | 0x0) (0x80000000 | index_1), ]; let path_1: Vec = vec![ (0x80000000 | 0x2c), (0x80000000 | 0x53a), - (0x80000000 | 0x0), - (0x80000000 | 0x0), + (0x80000000), // (0x80000000 | 0x0) + (0x80000000), //(0x80000000 | 0x0) (0x80000000 | index_2), ]; diff --git a/app/src/handlers/dkg_backup_keys.rs b/app/src/handlers/dkg_backup_keys.rs index 8a395d4b..22ddbce9 100644 --- a/app/src/handlers/dkg_backup_keys.rs +++ b/app/src/handlers/dkg_backup_keys.rs @@ -42,7 +42,7 @@ pub fn handler_dkg_backup_keys(comm: &mut Comm, ctx: &mut TxContext) -> Result<( let data = DkgKeys.backup_keys()?; let key = compute_key(); - let resp = encrypt(&key, data.as_slice().as_ref())?; + let resp = encrypt(&key, data.as_slice())?; let total_chunks = save_result(ctx, resp.as_slice())?; comm.append(&total_chunks); diff --git a/app/src/handlers/dkg_round_1.rs b/app/src/handlers/dkg_round_1.rs index 206b8f3f..ab54d211 100644 --- a/app/src/handlers/dkg_round_1.rs +++ b/app/src/handlers/dkg_round_1.rs @@ -102,13 +102,13 @@ fn parse_tx(buffer: &Buffer) -> Result { fn compute_dkg_round_1(_comm: &mut Comm, secret: &Secret, tx: &mut Tx) -> Result, AppSW> { zlog("start compute_dkg_round_1\n\0"); - let mut rng = LedgerRng {}; + let rng = LedgerRng {}; let (mut round1_secret_package_vec, round1_public_package) = dkg::round1::round1( &secret.to_identity(), tx.min_signers as u16, &tx.identities, - &mut rng, + rng, ) .unwrap(); diff --git a/app/src/handlers/dkg_round_2.rs b/app/src/handlers/dkg_round_2.rs index 5f7ba5de..88005bd2 100644 --- a/app/src/handlers/dkg_round_2.rs +++ b/app/src/handlers/dkg_round_2.rs @@ -112,21 +112,21 @@ fn compute_dkg_round_2( ) -> Result<(Vec, CombinedPublicPackage), AppSW> { zlog_stack("start compute_dkg_round_2\0"); - let mut rng = LedgerRng {}; + let rng = LedgerRng {}; let secret = compute_dkg_secret(identity_index); dkg::round2::round2( &secret, round_1_secret_package, &round_1_public_packages, - &mut rng, + rng, ) .map_err(|_| AppSW::DkgRound2Fail) } #[inline(never)] fn generate_response( - mut round2_secret_package_vec: &mut Vec, + round2_secret_package_vec: &mut Vec, round2_public_package: &CombinedPublicPackage, ) -> Vec { let mut resp: Vec = Vec::new(); @@ -141,7 +141,7 @@ fn generate_response( ] .to_vec(), ); - resp.append(&mut round2_secret_package_vec); + resp.append(round2_secret_package_vec); resp.append( &mut [ (round2_public_package_len >> 8) as u8, diff --git a/app/src/ironfish/multisig.rs b/app/src/ironfish/multisig.rs index d6e2b2a1..96fea549 100644 --- a/app/src/ironfish/multisig.rs +++ b/app/src/ironfish/multisig.rs @@ -44,7 +44,7 @@ pub fn derive_account_keys( .expect("failied to derive authorizing key"); // Nullifier keys (nsk and nk), derived from the gsk - let proof_authorizing_key = Fr::from(group_secret_key.sapling_proof_generation_key().nsk); + let proof_authorizing_key = group_secret_key.sapling_proof_generation_key().nsk; let nullifier_deriving_key_ep = PROOF_GENERATION_KEY_GENERATOR.multiply_bits(&proof_authorizing_key.to_bytes()); let nullifier_deriving_key = AffinePoint::from(&nullifier_deriving_key_ep); diff --git a/app/src/ironfish/public_address.rs b/app/src/ironfish/public_address.rs index aaf44d32..22a37031 100644 --- a/app/src/ironfish/public_address.rs +++ b/app/src/ironfish/public_address.rs @@ -44,7 +44,7 @@ impl PublicAddress { pub fn new(bytes: &[u8; PUBLIC_ADDRESS_SIZE]) -> Result { Option::from(AffinePoint::from_bytes(*bytes)) .map(PublicAddress) - .ok_or_else(|| IronfishError::InvalidPaymentAddress) + .ok_or(IronfishError::InvalidPaymentAddress) } /// Initialize a public address from a sapling key. Typically constructed from diff --git a/app/src/nvm.rs b/app/src/nvm.rs index fd5f6728..b11d7f03 100644 --- a/app/src/nvm.rs +++ b/app/src/nvm.rs @@ -41,5 +41,5 @@ pub(crate) fn get_and_clear_tx_hash() -> Option<[u8; 32]> { pub(crate) fn get_tx_hash() -> Option<[u8; 32]> { zlog_stack("copy tx hash\0"); let global = GLOBAL.lock(); - global.clone() + *global } diff --git a/app/src/nvm/dkg_keys.rs b/app/src/nvm/dkg_keys.rs index 6c24a51f..1acf13f6 100644 --- a/app/src/nvm/dkg_keys.rs +++ b/app/src/nvm/dkg_keys.rs @@ -172,7 +172,7 @@ impl DkgKeys { self.set_u16(pos, (identities.len() * IDENTITY_LEN) as u16)?; pos += 2; - for i in identities.into_iter() { + for i in identities.iter() { let slice = i.serialize(); self.set_slice(pos, slice.as_slice())?; pos += IDENTITY_LEN; diff --git a/app/src/parser/asset_identifier.rs b/app/src/parser/asset_identifier.rs index 1872e2e9..99eed701 100644 --- a/app/src/parser/asset_identifier.rs +++ b/app/src/parser/asset_identifier.rs @@ -23,7 +23,7 @@ impl AssetIdentifier { impl Display for AssetIdentifier { fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result { - write!(f, "{}", hex::encode(&self.0)) + write!(f, "{}", hex::encode(self.0)) } } diff --git a/app/src/parser/merkle_note.rs b/app/src/parser/merkle_note.rs index cfd8724d..ce9cac52 100644 --- a/app/src/parser/merkle_note.rs +++ b/app/src/parser/merkle_note.rs @@ -112,7 +112,7 @@ impl<'a> MerkleNote<'a> { let encryption_key = calculate_key_for_encryption_keys( spender_key, &self.value_commitment, - &self.note_commitment, + self.note_commitment, &self.ephemeral_public_key.to_bytes(), ); @@ -125,7 +125,7 @@ impl<'a> MerkleNote<'a> { read_fr(¬e_encryption_keys[32..]).map_err(|_| IronfishError::InvalidScalar)?; let shared_key = shared_secret(&secret_key, &public_address.0, &self.ephemeral_public_key); let note = - Note::from_spender_encrypted(public_address.0, &shared_key, &self.encrypted_note)?; + Note::from_spender_encrypted(public_address.0, &shared_key, self.encrypted_note)?; // FIXME: Verify the node commitment // note.verify_commitment(self.note_commitment)?; diff --git a/app/src/parser/transaction.rs b/app/src/parser/transaction.rs index 0c8f991b..f22fd536 100644 --- a/app/src/parser/transaction.rs +++ b/app/src/parser/transaction.rs @@ -146,7 +146,7 @@ impl<'a> Transaction<'a> { zlog_stack("Transaction::review_fields\n"); let mut fields = Vec::new(); - let mut buffer = [b'0'; INT_BUFFER_SIZE as usize]; + let mut buffer = [b'0'; INT_BUFFER_SIZE]; // Add transaction version fields.push(( @@ -210,26 +210,26 @@ impl<'a> Transaction<'a> { hasher.update(&[self.tx_version as u8]); let expiration = self.expiration.to_le_bytes(); - let fee = (self.fee as i64).to_le_bytes(); + let fee = (self.fee).to_le_bytes(); hasher.update(&expiration); hasher.update(&fee); hasher.update(self.random_pubkey); for spend in self.spends.iter() { - spend.hash(&mut hasher); + spend.run_hash(&mut hasher); } for output in self.outputs.iter() { - output.hash(&mut hasher); + output.run_hash(&mut hasher); } for mint in self.mints.iter() { - mint.hash(&mut hasher); + mint.run_hash(&mut hasher); } for burn in self.burns.iter() { - burn.hash(&mut hasher); + burn.run_hash(&mut hasher); } let mut hash_result = [0; 32]; diff --git a/app/src/parser/transaction/burns.rs b/app/src/parser/transaction/burns.rs index 670eabad..9f9c36a1 100644 --- a/app/src/parser/transaction/burns.rs +++ b/app/src/parser/transaction/burns.rs @@ -35,7 +35,7 @@ impl<'a> FromBytes<'a> for Burn<'a> { impl<'a> Burn<'a> { #[inline(never)] - pub fn hash(&self, hasher: &mut State) { + pub fn run_hash(&self, hasher: &mut State) { // both serialization and // hashing uses the same serialize_signature_fields // function so we can be sure inner data is correctly passed diff --git a/app/src/parser/transaction/mints.rs b/app/src/parser/transaction/mints.rs index 2a487c91..f87b6f64 100644 --- a/app/src/parser/transaction/mints.rs +++ b/app/src/parser/transaction/mints.rs @@ -45,8 +45,7 @@ impl<'a> MintList<'a> { let rem = Mint::parse_into(remaining, version, &mut mint)?; let obj_ptr = mint.as_mut_ptr(); unsafe { - if !version.has_mint_transfer_ownership_to() - && (&*obj_ptr).has_transfer_ownership_to + if !version.has_mint_transfer_ownership_to() && (*obj_ptr).has_transfer_ownership_to { return Err(ParserError::InvalidMint.into()); } @@ -140,7 +139,7 @@ impl<'a> Mint<'a> { } #[inline(never)] - pub fn hash(&self, hasher: &mut State) { + pub fn run_hash(&self, hasher: &mut State) { // both serialization and // hashing uses the same serialize_signature_fields // function so we can be sure inner data is correctly passed diff --git a/app/src/parser/transaction/outputs.rs b/app/src/parser/transaction/outputs.rs index daaa3648..9e94f06f 100644 --- a/app/src/parser/transaction/outputs.rs +++ b/app/src/parser/transaction/outputs.rs @@ -71,7 +71,7 @@ impl<'a> Output<'a> { } #[inline(never)] - pub fn hash(&self, hasher: &mut State) { + pub fn run_hash(&self, hasher: &mut State) { // both serialization and // hashing uses the same serialize_signature_fields // function so we can be sure inner data is correctly passed diff --git a/app/src/parser/transaction/spends.rs b/app/src/parser/transaction/spends.rs index f92a2339..9bc700c1 100644 --- a/app/src/parser/transaction/spends.rs +++ b/app/src/parser/transaction/spends.rs @@ -34,7 +34,7 @@ impl<'a> FromBytes<'a> for Spend<'a> { impl<'a> Spend<'a> { #[inline(never)] - pub fn hash(&self, hasher: &mut State) { + pub fn run_hash(&self, hasher: &mut State) { const PUBLIC_KEY_RANDOMNESS_LEN: usize = 32; const AUTHORIZING_SIGNATURE_LEN: usize = 64; diff --git a/app/src/utils.rs b/app/src/utils.rs index 5ca1cca6..5026509c 100644 --- a/app/src/utils.rs +++ b/app/src/utils.rs @@ -18,11 +18,11 @@ pub fn str_to_array(string: &str) -> [u8; SIZE] { } #[inline(never)] -pub fn int_to_str<'a>(num: u8) -> String { +pub fn int_to_str(num: u8) -> String { use lexical_core::BUFFER_SIZE as INT_BUFFER_SIZE; zlog_stack("start int_to_str\0"); - let mut buffer = [b'0'; INT_BUFFER_SIZE as usize]; + let mut buffer = [b'0'; INT_BUFFER_SIZE]; let raw = lexical_core::write(num, &mut buffer); let num_str = core::str::from_utf8(raw).unwrap(); zlog_stack("after int_to_str\0"); diff --git a/ledger_app.toml b/ledger_app.toml index e5c3c3a5..2a4e3bed 100644 --- a/ledger_app.toml +++ b/ledger_app.toml @@ -1,7 +1,4 @@ [app] build_directory = "./app" sdk = "Rust" -devices = ["nanox", "nanos+", "stax", "flex"] - -[tests] -pytest_directory = "./tests/" +devices = ["nanos+", "stax", "flex"]