Satochip Plugin Support (#1668)

[cculianu]

Electron Cash (regular) now has support for this hardware wallet.

I thought I would also add it to the SLP version here just so the codebases don't diverge too much.

I tested it and it works great. Also I'm about to test the SLP builds with this branch here to make sure the Linux/Wine/OSX builds are still copasetic. On EC Regular everything builds ok.

Anyway since this is a big merge (but the plugin is self-contained and doesn't touch the rest of the app), I thought I'd make a PR of it so @jcramer and others can make sure they want this in SLP.

Note that unless you hack the code to allow it -- right now the wallet wizard disallows this wallet since EC SLP only supports 1 hard-coded wallet.

Note that this HW wallet can indeed sign OP_RETURN tx's so perhaps it should be added to the include list of EC SLP.

Let me know!

---

• Satochip merge from Toporin/electrum branch electron-cash-satochip-pr4.0.11-0.8

This resolves some of the conflicts that arose since Toporin forked his
branch in early September and EC has changed since then. It's basically
rebased off latest EC master, adding Toporin's commits, with minor
whitespace and/or comment nits.

Still a work in progress.

Original commits:

---

Squashed commit of the following:

commit b9ba208e21cc28d25fac24a701d4eb6307e71fb2
Author: Calin Culianu calin.culianu@gmail.com
Date: Wed Nov 6 13:05:24 2019 +0200

Whitespace and other nits

commit 0a05d94829b7de0711eb930091cdc6ba8f84fc88
Author: Toporin satochip.wallet@gmail.com
Date: Wed Oct 2 12:04:44 2019 +0200

Buil appImage and install swig+pcsd package in docker file
Add pyscard in requirements

commit b91714b637f4a228d0c1afbb15ef4bc199dd8720
Author: Toporin satochip.wallet@gmail.com
Date: Wed Oct 2 12:01:30 2019 +0200

Build Swig (needed to build pyscard)

commit e2ff56d461f3b27a8fc10f4f2f39cc288762dd7f
Author: Toporin satochip.wallet@gmail.com
Date: Wed Oct 2 10:03:40 2019 +0200

Add pyscard 1.9.9 in deterministic hardware requirements

commit b34815a9dfde8117865ef26c0e2d5b514c020f4f
Author: Toporin satochip.wallet@gmail.com
Date: Sat Sep 28 16:26:55 2019 +0200

minor changes: clean up code

commit 83cbdca805ed5d7d46a98f5fc5cdf722e5bdf45f
Author: Toporin satochip.wallet@gmail.com
Date: Fri Sep 27 16:17:01 2019 +0200

Patch windows build: in deterministic.spec

binaries += [(C:/python*/Lib/site-packages/smartcard/scard/_scard.cp36-win32.pyd, '.')]

commit ed0439418b6647ebe3415ce9018d32516b0c2d70
Author: Toporin satochip.wallet@gmail.com
Date: Fri Sep 27 15:14:30 2019 +0200

removed constant PYHOME = 'c:/python3.6.8' in deterministic.spec

use constant defined in _build.sh

commit 63da13e4a7e80a6a32d7f2cfd9652c6d93429cd6
Author: Toporin satochip.wallet@gmail.com
Date: Mon Sep 23 21:15:34 2019 +0200

minor changes in packaging scripts

commit 1dfed0331187275131e4fe251a06f4be93f44b7f
Author: Toporin satochip.wallet@gmail.com
Date: Mon Sep 23 21:08:48 2019 +0200

minor change: removed old readme file

commit a0235aaa8868a782d6e1393ff793f20f7be7ad26
Author: Alcofribas4 bcollard@gmail.com
Date: Mon Sep 23 14:03:51 2019 +0200

Merge branch 'master' of https://github.com/Electron-Cash/Electron-Cash into HEAD

# Conflicts:
#	README.rst
#	contrib/build-wine/_build.sh
#	gui/qt/icons.py

commit d69fd5ce5008c2022c290210804eaf6edc935e41
Author: Toporin satochip.wallet@gmail.com
Date: Fri Sep 20 12:34:49 2019 +0200

Electron Cash 4.0.8-0.8: support for Satochip v0.8-0.1

Merge branch 'pin-seed-mgmt'
* Add support for PIN change and seed reset
* 2FA required to sign tx/msg and reset seed/eckey/2FA.
* 2FA can only be disabled when all privkeys are cleared.

A new setting menu is available when clicking on the satochip logo in the low right corner of the window.
If 2FA is enabled, resetting the seed requires approval on the second device!

Changes:
 - card_sign_message(): support 2FA
 - card_sign_short_message(): support 2FA
 - add card_set_2FA_key()
 - add card_reset_2FA_key()
 - reset_seed(): request 2FA is required
 - setup_device(): separate setup from 2FA initialisation

Patch: in sign-message: hmac should be of type bytes, not list

commit 1c55add58ca86bf3677eb916c649f458a6f7205c
Author: Toporin satochip.wallet@gmail.com
Date: Thu Sep 19 11:42:44 2019 +0200

Support for Satochip v0.8-0.1: reset the seed/eckey/2FA.
2FA required to sign tx/msg and reset seed/eckey/2FA.
2FA can only be disabled when all privkeys are cleared.

Changes:
- card_sign_message(): support 2FA
- card_sign_short_message(): support 2FA
- add card_set_2FA_key()
- add def card_reset_2FA_key()
- removed card_get_counter_2FA(): reset seed is based on authentikey instead of counter
- reset_seed(): request 2FA is required
- setup_device(): separate setup from 2FA initialisation

commit 575d29262f43c9aa4bd44d366e9b6955742525cb
Author: Toporin satochip.wallet@gmail.com
Date: Thu Sep 12 13:39:37 2019 +0200

Add support for PIN change and seed reset

A new setting menu is available when clicking on the satochip logo in the low right corner of the window.
If 2FA is enabled, resetting the seed requires approval on the second device!

commit 3ae32bd607a4bde717f6cd48d289e48535d8391a
Author: Toporin Toporin@users.noreply.github.com
Date: Wed Aug 28 14:00:35 2019 +0200

Toporin patch 1 (#1)

Minor patch for packaging application to Windows executable.

* Update deterministic.spec set PYHOME value
* Update _build.sh Pyscard module: use full filename instead of pyscard.whl

commit 617c04ced1e803076e69a5dfdc3ead1d1b22ab49
Author: Toporin satochip.wallet@gmail.com
Date: Mon Sep 9 11:22:34 2019 +0200

patch error on card removal as described in https://pastebin.com/WGSWCqap

When the card is removed and then inserted again, Electrum fails to transmit commands to the card (PIN missing).
Patch: after card removal and reinsertion, the client retransmits commands and asks user for PIN if necessary.

commit 7bd3e0ef2b77a0df3dc827a9c8b0ee38cc7536ce
Author: Toporin satochip.wallet@gmail.com
Date: Mon Aug 26 13:21:16 2019 +0200

Electron-Cash-Satochip - Lightweight Bitcoin Cash client for the Satochip Hardware Wallet

Initial(beta) version

• Satochip: Minor nits and fixups

Tried to clean the code a little to use the PrintError mixin class for
debug prints (which is less boilerplatey).

Also tried to clean up the code slightly.

Can't get it to talk to the SatoChip card on my mac.. will try Windows
next.

Plugins seems a bit fragile, and also it hangs the hw wizard for a while
trying to talk to the card reader. FIXME

• Updated pyscard wheel to v1.9.9

• Satochip: Added macOS packaging (pyscard module, etc) for Satochip

This relies on a pre-built wheel pyscard-1.9.9-cp36-cp36m-macosx_10_11_x86_64.whl
which we host at https://github.com/cculianu/Electron-Cash-Build-Tools/releases/tag/v1.0

I built this myself on an El Capitan system and it appears to work with
newer systems too.

We did it this way because building the pyscard module off of PyPI
requires some annoying prerequisites (such as swig3) which I would
rather not add to the build scripts.

This is not unlike a lot of our other packaging stuff where we don't
feel like re-building the world and are ok with downloading some
binaries.

• Satochip: We moved the location of the hosted pyscard wheel to our repo

This should make the WINE build more reliable. It was failing as
appveyor would sometimes be down.

• Satochip: Bumped pyscard module we download to 1.9.9 for WINE build

• Satochip follow-up: Forgot to set the PYSCARD_FILENAME in the ...

... WINE _build.sh script.

• Minor changes: reduced smartcard timout and updated satochip version support

• Rebuilt icons.py for paranoia's sake after SatoChip additions

[jcramer]

It would be nice to be able to test this before the merge. I'll try to get one of these wallets and give it a go.

[cculianu]

Yeah, no rush. Ok, cool. Let me know if you need help -- you need a smartcard reader too (not to be confused with an SD card reader). I think they sell/ship you both if you buy the hw wallet. It's basically a bank card looking thing with a chip on it. They likely can send you one for free. Ask Bastien about it in telegram.

[jcramer]

Note that unless you hack the code to allow it -- right now the wallet wizard disallows this wallet since EC SLP only supports 1 hard-coded wallet.

Ok I just commented out these two lines: https://github.com/simpleledger/Electron-Cash-SLP/blob/master/lib/base_wizard.py#L252

However it seems I cannot detect satochip device when running from source. The builds do detect the device.

[jcramer]

It doesn't work with SLP edition. There are two errors that come up when trying to "create a new seed" after selecting Satoship device:

1. %d format: a number is required, not str
2. 'Plugin' object has no attribute 'bip32_seed'

[jcramer]

Now there are 3 remaining issues I am aware of:

• The "Skip this step" option for Seed phrase backup confirmation should be hidden for the satochip, as it doesn't make sense in this context. Also, clicking it causes an error. I can take care of this in the morning.

• There are two other bugs with this Satochip implementation which are also reproducible in EC 4.0.11 (reported as TypeError: 'NoneType' object is not iterable Electron-Cash/Electron-Cash#1713 and AttributeError: 'NoneType' object has no attribute 'encode' Electron-Cash/Electron-Cash#1712).

[cculianu]

OK, I'll look at this and hopefully fix. Thanks for testing.

[Toporin]

I made a PR that fixes Electron-Cash#1713 and Electron-Cash#1712

Electron-Cash#1715

[jcramer]

When using passphrase with seed, I am sometimes getting an error: Recovered authentikey does not correspond to registered authentikey!

Also this happened once after I reset my seed when using passphrase: Hard crash: https://pastebin.com/66s4ZrQN

[cculianu]

Yay! thanks for taking care of this man. w00

[cculianu]

I'm ok with it being flaky -- but maybe for SLP you waned something more rock solid. As it stands the HW wallets on EC regular are flaky too. This is pretty much your average level of quality of all our HW wallet plugins, sadly.

Some of our HW wallets are more solid and can cope with errors.. this one.. it's about like the median ones.. ha.

Maybe over time the satochip guys can plug the holes. I'd suggest poking and prodding them about it if it bugs you... :/

[Toporin]

When using passphrase with seed, I am sometimes getting an error: Recovered authentikey does not correspond to registered authentikey!

I was able to reproduce the bug with the following setup:

• create a wallet 'w1' using a seed1 stored on Satochip.
• reset seed1 on Satochip and close wallet (and EC)
• when Electron Cash is run again, old wallet w1 opens by default, however this wallet is not valid anymore since it is related to an old seed
• when creating a new wallet w2 from wizard with a new seed2, EC will however check compatibility with w1, thus raising an error.

Rationale:
The file w1 contains a reference (the 'authentikey') that links it to the satochip card with seed1: if you try to connect another card with w1, it will legitimately display the error " Recovered authentikey does not correspond to registered authentikey!"
However, when creating a new wallet w2 after reset, it still compares the old authentikey stored in w1 with the authentikey newly generated by the card.
I think it does that because at that time, the wizard still uses the old authentikey from w1 in storage as reference.

Correction (draft):

def setup_device(self, device_info, wizard):
        self.print_error("setup_device()")#debugSatochip
        if not LIBS_AVAILABLE:
            raise RuntimeError("No libraries available")

        devmgr = self.device_manager()
        device_id = device_info.device.id_
        client = devmgr.client_by_id(device_id)
        if client is None:
            raise Exception(_('Failed to create a client for this device.') + '\n' +
                            _('Make sure it is in the correct state.'))
        client.handler = self.create_handler(wizard)
+		client.cc.parser.authentikey_from_storage=None

This corrects the error but I still have to test it thoroughly

[Toporin]

Ideally, when a user reset the seed in the satochip, one should close the wallet (or EC) and remove the corresponding wallet file from the ./electron-cash/wallets/ folder since it is not valid anymore.

[jcramer]

Ok thanks, this does make sense based on how I was experiencing the error. Let me know once you think it is resolved. I hope we can release this today.

Ideally, when a user reset the seed in the satochip, one should close the wallet (or EC) and remove the corresponding wallet file from the ./electron-cash/wallets/ folder since it is not valid anymore.

It would be hard to make this happen safely so I'm thinking we should just make sure it works with the old files. I don't have my card on me, what is the message displayed to the user when they open wallet file with old seed? Does it say something like The seed used to create this wallet file no longer matches the seed of the Satochip device?