coldcard/ckcc-protocol
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3d1dfa858b
ckcc-protocol/ckcc/constants.py
scgbckbone 3d1dfa858b PSBT_GLOBAL_GENERIC_SIGNED_MESSAGE
2026-05-19 09:18:42 -04:00

174 lines
6.4 KiB
Python
Raw Blame History

# (c) Copyright 2021 by Coinkite Inc. This file is covered by license found in COPYING-CC.
#
# Constants and various "limits" shared between embedded and desktop USB protocol
#
try:
from micropython import const
except ImportError:
const = int
# USB encryption versions (default USB_NCRY_V1)
#
# This introduces a new ncry version to close a potential attack vector:
#
# A malicious program may re-initialize the connection encryption by sending the ncry command a second time during USB operation.
# This may prove particularly harmful in HSM mode.
#
# Sending version USB_NCRY_V2 changes the behavior in two ways:
# * All future commands must be encrypted
# * Returns an error if the ncry command is sent again for the duration of the power cycle
#
# USB_NCRY_V2 is most suitable for HSM mode as in case of any communication issue or simply by closing `ColdcardDevice`
# Coldcard will need to reboot to recover USB operation if USB_NCRY_V2.
USB_NCRY_V1 = const(0x01)
USB_NCRY_V2 = const(0x02)
# For upload/download this is the max size of the data block.
MAX_BLK_LEN = const(2048)
# Max total message length, excluding framing overhead (1 byte per 64).
# - includes args for upload command
MAX_MSG_LEN = const(4+4+4+MAX_BLK_LEN)
# Max PSBT txn we support (384k bytes as PSBT)
# - the max on the wire for mainnet is 100k
# - but a PSBT might contain a full txn for each input
MAX_TXN_LEN = const(384*1024)
MAX_TXN_LEN_MK4 = const(2*1024*1024)
# Max size of any upload (firmware.dfu files in particular)
MAX_UPLOAD_LEN = const(2*MAX_TXN_LEN)
MAX_UPLOAD_LEN_MK4 = const(2*MAX_TXN_LEN_MK4)
# Max length of text messages for signing
MSG_SIGNING_MAX_LENGTH = const(240)
# Bitcoin limitation: max number of signatures in P2SH redeem script (non-segwit)
# - 520 byte redeem script limit <= 15*34 bytes per pubkey == 510 bytes
# - serializations of M/N in redeem scripts assume this range
MAX_SIGNERS = const(15)
# taproot artificial multisig limit
MAX_TR_SIGNERS = const(34)
TAPROOT_LEAF_MASK = 0xfe
TAPROOT_LEAF_TAPSCRIPT = 0xc0
# Types of user auth we support
USER_AUTH_TOTP = const(1) # RFC6238
USER_AUTH_HOTP = const(2) # RFC4226
USER_AUTH_HMAC = const(3) # PBKDF2('hmac-sha512', scrt, sha256(psbt), PBKDF2_ITER_COUNT)[:32]
USER_AUTH_SHOW_QR = const(0x80) # show secret on Coldcard screen (best for TOTP enroll)
MAX_USERNAME_LEN = 16
PBKDF2_ITER_COUNT = 2500
# Max depth for derived keys, in PSBT files, and USB commands
MAX_PATH_DEPTH = const(12)
# Bitmask used in sign_transaction (stxn) command
STXN_FINALIZE = const(0x01)
STXN_VISUALIZE = const(0x02)
STXN_SIGNED = const(0x04)
STXN_FLAGS_MASK = const(0x07)
# Bit values for address types
AFC_PUBKEY = const(0x01) # pay to hash of pubkey
AFC_SEGWIT = const(0x02) # requires a witness to spend
AFC_BECH32 = const(0x04) # just how we're encoding it?
AFC_SCRIPT = const(0x08) # paying into a script
AFC_WRAPPED = const(0x10) # for transition/compat types for segwit vs. old
AFC_BECH32M = const(0x20) # no difference between script/key path in taproot
# Numeric codes for specific address types
AF_BARE_PK = const(0x00) # p2pk bare public key address
AF_CLASSIC = AFC_PUBKEY # 1addr
AF_P2SH = AFC_SCRIPT # classic multisig / simple P2SH / 3hash
AF_P2WPKH = AFC_PUBKEY | AFC_SEGWIT | AFC_BECH32 # bc1qsdklfj
AF_P2WSH = AFC_SCRIPT | AFC_SEGWIT | AFC_BECH32 # segwit multisig
AF_P2WPKH_P2SH = AFC_WRAPPED | AFC_PUBKEY | AFC_SEGWIT # looks classic P2SH, but p2wpkh inside
AF_P2WSH_P2SH = AFC_WRAPPED | AFC_SCRIPT | AFC_SEGWIT # looks classic P2SH, segwit multisig
AF_P2TR = AFC_PUBKEY | AFC_SEGWIT | AFC_BECH32M # bc1p
SUPPORTED_ADDR_FORMATS = frozenset([
AF_CLASSIC,
AF_P2SH,
AF_P2WPKH,
AF_P2TR,
AF_P2WSH,
AF_P2WPKH_P2SH,
AF_P2WSH_P2SH,
])
# BIP-174 aka PSBT defined values
#
# GLOBAL ===
PSBT_GLOBAL_UNSIGNED_TX = const(0x00)
PSBT_GLOBAL_XPUB = const(0x01)
PSBT_GLOBAL_VERSION = const(0xfb)
PSBT_GLOBAL_PROPRIETARY = const(0xfc)
# BIP-370
PSBT_GLOBAL_TX_VERSION = const(0x02)
PSBT_GLOBAL_FALLBACK_LOCKTIME = const(0x03)
PSBT_GLOBAL_INPUT_COUNT = const(0x04)
PSBT_GLOBAL_OUTPUT_COUNT = const(0x05)
PSBT_GLOBAL_TX_MODIFIABLE = const(0x06)
# BIP-322
PSBT_GLOBAL_GENERIC_SIGNED_MESSAGE = const(0x09)
# INPUTS ===
PSBT_IN_NON_WITNESS_UTXO = const(0x00)
PSBT_IN_WITNESS_UTXO = const(0x01)
PSBT_IN_PARTIAL_SIG = const(0x02)
PSBT_IN_SIGHASH_TYPE = const(0x03)
PSBT_IN_REDEEM_SCRIPT = const(0x04)
PSBT_IN_WITNESS_SCRIPT = const(0x05)
PSBT_IN_BIP32_DERIVATION = const(0x06)
PSBT_IN_FINAL_SCRIPTSIG = const(0x07)
PSBT_IN_FINAL_SCRIPTWITNESS = const(0x08)
PSBT_IN_POR_COMMITMENT = const(0x09)
PSBT_IN_RIPEMD160 = const(0x0a)
PSBT_IN_SHA256 = const(0x0b)
PSBT_IN_HASH160 = const(0x0c)
PSBT_IN_HASH256 = const(0x0d)
# BIP-370
PSBT_IN_PREVIOUS_TXID = const(0x0e)
PSBT_IN_OUTPUT_INDEX = const(0x0f)
PSBT_IN_SEQUENCE = const(0x10)
PSBT_IN_REQUIRED_TIME_LOCKTIME = const(0x11)
PSBT_IN_REQUIRED_HEIGHT_LOCKTIME = const(0x12)
# BIP-371
PSBT_IN_TAP_KEY_SIG = const(0x13)
PSBT_IN_TAP_SCRIPT_SIG = const(0x14)
PSBT_IN_TAP_LEAF_SCRIPT = const(0x15)
PSBT_IN_TAP_BIP32_DERIVATION = const(0x16)
PSBT_IN_TAP_INTERNAL_KEY = const(0x17)
PSBT_IN_TAP_MERKLE_ROOT = const(0x18)
PSBT_IN_MUSIG2_PARTICIPANT_PUBKEYS = const(0x1a)
PSBT_IN_MUSIG2_PUB_NONCE = const(0x1b)
PSBT_IN_MUSIG2_PARTIAL_SIG = const(0x1c)
# OUTPUTS ===
PSBT_OUT_REDEEM_SCRIPT = const(0x00)
PSBT_OUT_WITNESS_SCRIPT = const(0x01)
PSBT_OUT_BIP32_DERIVATION = const(0x02)
# BIP-370
PSBT_OUT_AMOUNT = const(0x03)
PSBT_OUT_SCRIPT = const(0x04)
# BIP-371
PSBT_OUT_TAP_INTERNAL_KEY = const(0x05)
PSBT_OUT_TAP_TREE = const(0x06)
PSBT_OUT_TAP_BIP32_DERIVATION = const(0x07)
PSBT_OUT_MUSIG2_PARTICIPANT_PUBKEYS = const(0x08)
RFC_SIGNATURE_TEMPLATE = '''\
-----BEGIN BITCOIN SIGNED MESSAGE-----
{msg}
-----BEGIN BITCOIN SIGNATURE-----
{addr}
{sig}
-----END BITCOIN SIGNATURE-----
'''
# EOF
Reference in New Issue View Git Blame Copy Permalink