-
-
Notifications
You must be signed in to change notification settings - Fork 673
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Entropy check workflow in ResetDevice #4155
Conversation
78fe225
to
ddb3640
Compare
|
The protocol seems secure with two reservations highlighted in bold in the following text. My first question was: What kind of probability distribution the suite should use to generate First, let's look at the problem from the perspective of a fake Trezor. Assume the attacker knows the probability distribution used to generate Now, let's examine the problem from the suite's perspective. Assume that the suite wants the attack probability to be at most It can be shown that if It follows that if the attack's success probability needs to be at most My second question was: Does the protocol protects against an attacker who honestly generates the seed but generates addresses dishonestly? The answer is that it can only protect those addresses for which the passphrase and all parts of the path up to the last hardened index are known at the time this protocol runs. This typically means the passphrase, purpose, coin_type, and account. |
high-level flow looks fine to me instead of messing with the root sources for |
ddb3640
to
ce803a5
Compare
Rebased on top of
Done in 2a5d8f2.
Done in 0fed6cc, but I have to say I am not entirely convinced it's for the better. If at some point we wanted to use In terms of implementation complexity at this moment I don't see much difference between the two options. In terms extensibility and avoiding code duplication in the future, I think the original solution which messes with the root source for |
Let's get this review moving, please. |
ce803a5
to
294661e
Compare
squashed & rebased your work, with minimal changes so far, so that we can get the CI going. i intend to make some changes for your review that will be easier to do this way |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK on functionality.
I have more comments on Python library side, but I tried to implement my own suggestions and decided to spin it off into a separate PR with somewhat larger refactorings. Good to be merged in this PR as-is.
While reading the code in detail, I realized that there is a slightly better way to do the protobuf data structures:
- Trezor should not be returning
Success
when the entropy check is not finished. That's simply misleading. Instead, I introduced a special messageEntropyCheckReady
for this state. - With that, I decided to fold
ResetDeviceContinue
andResetDeviceFinish
into a single messageEntropyCheckContinue(finish: bool)
, which seems slightly tidier: this way, the overall number of MessageTypes does not need to grow.
Implementing these changes leads to a more readable docs section in the .proto files, which now e.g. allows us to document that we support GetPublicKey in the check phase (and we can extend that if we add more messages).
Modification in firmware is very simple, and the same thing is trivial in trezorlib too, so even if Connect already started to work on this, they should be able to adapt.
@andrewkozlik please look over the branch and comment, we can merge into this PR if you're OK with it.
entropy is broken for all tests for reset_device -- i assume that is expected, due to (probably??) changed order of storage writes? |
we'll also need some tests that validate |
Merged @matejcik's fixups and updated |
Correct. This is because |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
spun off a separate issue #4464 for the outstanding items, let's merge this
[no changelog]
f78335c
to
38557d4
Compare
This PR implements an automated workflow that allows the host to verify that when Trezor generates the seed, it correctly includes the external entropy from the host. The host performs a randomized test asking Trezor to generate several seeds, checking that they were generated correctly and using the last one as the final seed.
Documentation:
TODO:
Each iteration of the entropy check adds about 2 seconds to the ResetDevice workflow on Trezor T with SLIP-39. A lot of that time is taken up by the seed derivation, so we probably can't do much better.
@onvej-sl please review the security of the proposed workflow.
@matejcik please do a high-level review of the workflow, namely the protobuf messages and how they are handled. Let's discuss what's the best way to pass the staged seed to the
get_public_key()
handler. Currently I use the storage cache (APP_STAGED_MNEMONIC_SECRET).Let's leave the detailed code review until after we are happy with the security and design of the workflow.