Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
The basic approach it to delegate all sensitive data (master key, secret
ephemeral key, key derivation, ....) and related operations to the device.
As device has low memory, it does not keep itself the values
(except for view/spend keys) but once computed there are encrypted (with AES
are equivalent) and return back to monero-wallet-cli. When they need to be
manipulated by the device, they are decrypted on receive.
Moreover, using the client for storing the value in encrypted form limits
the modification in the client code. Those values are transfered from one
C-structure to another one as previously.
The code modification has been done with the wishes to be open to any
other hardware wallet. To achieve that a C++ class hw::Device has been
introduced. Two initial implementations are provided: the "default", which
remaps all calls to initial Monero code, and the "Ledger", which delegates
all calls to Ledger device.
|
|
851bd057 call _exit instead of abort in release mode (moneromooo-monero)
|
|
Avoids cores being created, as they're nowadays often piped
to some call home system
|
|
|
|
|
|
|
|
|
|
not the actual tx secret key
|
|
|
|
- It builds but no further testing has been done.
|
|
This allows the key to be not the same for two outputs sent to
the same address (eg, if you pay yourself, and also get change
back). Also remove the key amounts lists and return parameters
since we don't actually generate random ones, so we don't need
to save them as we can recalculate them when needed if we have
the correct keys.
|
|
|
|
Btw, the warning 4200 remains disabled, but it did not get triggered
(GCC 6.1.1, ARM). But, perhaps a better way than disabling
the warning would be to do what is suggested here:
http://stackoverflow.com/questions/3350852/how-to-correctly-fix-zero-sized-array-in-struct-union-warning-c4200-without%3E
|
|
And add a thread safe version to encourage proper use
|
|
and all other associated IPC
|
|
|
|
|
|
|
|
|
|
|
|
implemented (but not tested\!)
|
|
|
|
|
|
|