fix: branch keys

applications/minotari_ledger_wallet/wallet/src/handlers/get_dh_shared_secret.rs

@@ -27,7 +27,7 @@ pub fn handler_get_dh_shared_secret(comm: &mut Comm) -> Result<(), AppSW> {
     let mut key_bytes = [0u8; 8];
     key_bytes.clone_from_slice(&data[16..24]);
     let key_int = u64::from_le_bytes(key_bytes);
-    let key = KeyType::from_branch_key(key_int);
+    let key = KeyType::from_branch_key(key_int)?;
 
     let public_key: RistrettoPublicKey = get_key_from_canonical_bytes(&data[24..56])?;
 

applications/minotari_ledger_wallet/wallet/src/handlers/get_public_key.rs

@@ -20,7 +20,7 @@ pub fn handler_get_public_key(comm: &mut Comm) -> Result<(), AppSW> {
     let mut key_bytes = [0u8; 8];
     key_bytes.clone_from_slice(&data[16..24]);
     let key_int = u64::from_le_bytes(key_bytes);
-    let key = KeyType::from_branch_key(key_int);
+    let key = KeyType::from_branch_key(key_int)?;
 
     let pk = match derive_from_bip32_key(account, index, key) {
         Ok(k) => RistrettoPublicKey::from_secret_key(&k),

applications/minotari_ledger_wallet/wallet/src/handlers/get_public_alpha.rs → applications/minotari_ledger_wallet/wallet/src/handlers/get_public_spend_key.rs

@@ -4,16 +4,16 @@
 use ledger_device_sdk::io::Comm;
 use tari_crypto::{keys::PublicKey, ristretto::RistrettoPublicKey, tari_utilities::ByteArray};
 
-use crate::{utils::derive_from_bip32_key, AppSW, KeyType, RESPONSE_VERSION, STATIC_ALPHA_INDEX};
+use crate::{utils::derive_from_bip32_key, AppSW, KeyType, RESPONSE_VERSION, STATIC_SPEND_INDEX};
 
-pub fn handler_get_public_alpha(comm: &mut Comm) -> Result<(), AppSW> {
+pub fn handler_get_public_spend_key(comm: &mut Comm) -> Result<(), AppSW> {
     let data = comm.get_data().map_err(|_| AppSW::WrongApduLength)?;
 
     let mut account_bytes = [0u8; 8];
     account_bytes.clone_from_slice(&data[0..8]);
     let account = u64::from_le_bytes(account_bytes);
 
-    let pk = match derive_from_bip32_key(account, STATIC_ALPHA_INDEX, KeyType::Alpha) {
+    let pk = match derive_from_bip32_key(account, STATIC_SPEND_INDEX, KeyType::Spend) {
         Ok(k) => RistrettoPublicKey::from_secret_key(&k),
         Err(e) => return Err(e),
     };

applications/minotari_ledger_wallet/wallet/src/handlers/get_script_offset.rs

@@ -13,7 +13,7 @@ use crate::{
     AppSW,
     KeyType,
     RESPONSE_VERSION,
-    STATIC_ALPHA_INDEX,
+    STATIC_SPEND_INDEX,
 };
 
 const MIN_UNIQUE_KEYS: usize = 2;
@@ -110,7 +110,7 @@ pub fn handler_get_script_offset(
         index_bytes.clone_from_slice(&data[0..8]);
         let index = u64::from_le_bytes(index_bytes);
 
-        let offset = derive_from_bip32_key(offset_ctx.account, index, KeyType::SenderOffset)?;
+        let offset = derive_from_bip32_key(offset_ctx.account, index, KeyType::OneSidedSenderOffset)?;
         offset_ctx.add_unique_key(offset.clone());
         offset_ctx.total_sender_offset_private_key =
             Zeroizing::new(offset_ctx.total_sender_offset_private_key.deref() + offset.deref());
@@ -119,7 +119,7 @@ pub fn handler_get_script_offset(
     let end_commitment_keys = end_offset_indexes + offset_ctx.total_commitment_keys;
 
     if (end_offset_indexes..end_commitment_keys).contains(&(chunk as u64)) {
-        let alpha = derive_from_bip32_key(offset_ctx.account, STATIC_ALPHA_INDEX, KeyType::Alpha)?;
+        let alpha = derive_from_bip32_key(offset_ctx.account, STATIC_SPEND_INDEX, KeyType::Spend)?;
         let blinding_factor: Zeroizing<RistrettoSecretKey> =
             get_key_from_canonical_bytes::<RistrettoSecretKey>(&data[0..32])?.into();
 

applications/minotari_ledger_wallet/wallet/src/handlers/get_script_signature.rs

@@ -26,7 +26,7 @@ use crate::{
     AppSW,
     KeyType,
     RESPONSE_VERSION,
-    STATIC_ALPHA_INDEX,
+    STATIC_SPEND_INDEX,
 };
 
 pub fn handler_get_script_signature(comm: &mut Comm) -> Result<(), AppSW> {
@@ -44,7 +44,7 @@ pub fn handler_get_script_signature(comm: &mut Comm) -> Result<(), AppSW> {
     txi_version_bytes.clone_from_slice(&data[16..24]);
     let txi_version = u64::from_le_bytes(txi_version_bytes);
 
-    let alpha = derive_from_bip32_key(account, STATIC_ALPHA_INDEX, KeyType::Alpha)?;
+    let alpha = derive_from_bip32_key(account, STATIC_SPEND_INDEX, KeyType::Spend)?;
     let blinding_factor: Zeroizing<RistrettoSecretKey> =
         get_key_from_canonical_bytes::<RistrettoSecretKey>(&data[24..56])?.into();
     let script_private_key = alpha_hasher(alpha, blinding_factor)?;

applications/minotari_ledger_wallet/wallet/src/main.rs

@@ -15,8 +15,8 @@ mod app_ui {
 }
 mod handlers {
     pub mod get_dh_shared_secret;
-    pub mod get_public_alpha;
     pub mod get_public_key;
+    pub mod get_public_spend_key;
     pub mod get_script_offset;
     pub mod get_script_signature;
     pub mod get_version;
@@ -29,8 +29,8 @@ use app_ui::menu::ui_menu_main;
 use critical_section::RawRestoreState;
 use handlers::{
     get_dh_shared_secret::handler_get_dh_shared_secret,
-    get_public_alpha::handler_get_public_alpha,
     get_public_key::handler_get_public_key,
+    get_public_spend_key::handler_get_public_spend_key,
     get_script_offset::{handler_get_script_offset, ScriptOffsetCtx},
     get_script_signature::handler_get_script_signature,
     get_version::handler_get_version,
@@ -94,6 +94,7 @@ pub enum AppSW {
     ScriptSignatureFail = 0xB001,
     MetadataSignatureFail = 0xB002,
     ScriptOffsetNotUnique = 0xB004,
+    BadBranchKey = 0xB005,
     KeyDeriveFail = 0xB009,
     KeyDeriveFromCanonical = 0xB010,
     KeyDeriveFromUniform = 0xB011,
@@ -114,7 +115,7 @@ pub enum Instruction {
     GetVersion,
     GetAppName,
     GetPublicKey,
-    GetPublicAlpha,
+    GetPublicSpendKey,
     GetScriptSignature,
     GetScriptOffset { chunk: u8, more: bool },
     GetScriptSignatureFromChallenge,
@@ -123,29 +124,30 @@ pub enum Instruction {
 }
 
 const P2_MORE: u8 = 0x01;
-const STATIC_ALPHA_INDEX: u64 = 42;
+const STATIC_SPEND_INDEX: u64 = 42;
 const STATIC_VIEW_INDEX: u64 = 57311; // No significance, just a random number by large dice roll
 const MAX_PAYLOADS: u8 = 250;
 
 #[repr(u8)]
 pub enum KeyType {
-    Alpha = 0x01,
+    Spend = 0x01,
     Nonce = 0x02,
-    Recovery = 0x03,
-    SenderOffset = 0x04,
-    ViewKey = 0x05,
+    ViewKey = 0x03,
+    OneSidedSenderOffset = 0x04,
 }
 
 impl KeyType {
     pub fn as_byte(self) -> u8 {
         self as u8
     }
 
-    fn from_branch_key(n: u64) -> Self {
+    fn from_branch_key(n: u64) -> Result<Self, AppSW> {
+        // These numbers need to match the TransactionKeyManagerBranches in:
+        // base_layer/core/src/transactions/key_manager/interface.rs
         match n {
-            1 => Self::Alpha,
-            7 => Self::SenderOffset,
-            5 | 2 | _ => Self::Nonce,
+            7 => Ok(Self::Spend),
+            6 => Ok(Self::OneSidedSenderOffset),
+            _ => Err(AppSW::BadBranchKey),
         }
     }
 }
@@ -168,7 +170,7 @@ impl TryFrom<ApduHeader> for Instruction {
         match (value.ins, value.p1, value.p2) {
             (0x01, 0, 0) => Ok(Instruction::GetVersion),
             (0x02, 0, 0) => Ok(Instruction::GetAppName),
-            (0x03, 0, 0) => Ok(Instruction::GetPublicAlpha),
+            (0x03, 0, 0) => Ok(Instruction::GetPublicSpendKey),
             (0x04, 0, 0) => Ok(Instruction::GetPublicKey),
             (0x05, 0, 0) => Ok(Instruction::GetScriptSignature),
             (0x06, 0..=MAX_PAYLOADS, 0 | P2_MORE) => Ok(Instruction::GetScriptOffset {
@@ -220,7 +222,7 @@ fn handle_apdu(comm: &mut Comm, ins: Instruction, offset_ctx: &mut ScriptOffsetC
             Ok(())
         },
         Instruction::GetPublicKey => handler_get_public_key(comm),
-        Instruction::GetPublicAlpha => handler_get_public_alpha(comm),
+        Instruction::GetPublicSpendKey => handler_get_public_spend_key(comm),
         Instruction::GetScriptSignature => handler_get_script_signature(comm),
         Instruction::GetScriptOffset { chunk, more } => handler_get_script_offset(comm, chunk, more, offset_ctx),
         Instruction::GetScriptSignatureFromChallenge => handler_get_script_signature_from_challenge(comm),

base_layer/core/src/transactions/key_manager/inner.rs

@@ -458,11 +458,28 @@ where TBackend: KeyManagerBackend<PublicKey> + 'static
     }
 
     async fn get_private_comms_key(&self) -> Result<PrivateKey, KeyManagerServiceError> {
-        self.get_private_key(&TariKeyId::Managed {
-            branch: TransactionKeyManagerBranch::Spend.get_branch_key(),
-            index: 0,
-        })
-        .await
+        let branch = TransactionKeyManagerBranch::Spend.get_branch_key();
+        let index = 0;
+
+        match self.wallet_type {
+            WalletType::Software | WalletType::Imported(_) => {
+                self.get_private_key(&TariKeyId::Managed {
+                    branch: branch.clone(),
+                    index,
+                })
+                .await
+            },
+            WalletType::Ledger(_) => {
+                let km = self
+                    .key_managers
+                    .get(&branch)
+                    .ok_or(KeyManagerServiceError::UnknownKeyBranch)?
+                    .read()
+                    .await;
+                let key = km.get_private_key(index)?;
+                Ok(key)
+            },
+        }
     }
 
     fn get_domain_hasher(

base_layer/core/src/transactions/key_manager/interface.rs

@@ -59,6 +59,8 @@ pub enum TxoStage {
 
 #[repr(u8)]
 #[derive(Clone, Copy, EnumIter)]
+// These byte reps must stay in sync with the ledger representations at:
+// applications/minotari_ledger_wallet/wallet/src/main.rs
 pub enum TransactionKeyManagerBranch {
     DataEncryption = 0x00,
     MetadataEphemeralNonce = 0x01,