Merge pull request #262 from LedgerHQ/goodbye-nanos

Remove Nano S target

.github/workflows/ci-workflow.yml

@@ -13,19 +13,19 @@ on:
 
 jobs:
  job_build:
- name: Compilation for NanoS, X, S+, and Stax
+ name: Compilation for X, S+, Stax and Flex
 
  strategy:
  matrix:
  include:
- - model: nanos
- SDK: "$NANOS_SDK"
  - model: nanox
  SDK: "$NANOX_SDK"
  - model: nanosp
  SDK: "$NANOSP_SDK"
  - model: stax
  SDK: "$STAX_SDK"
+ - model: flex
+ SDK: "$FLEX_SDK"
 
  runs-on: ubuntu-latest
 
@@ -127,10 +127,10 @@ jobs:
  strategy:
  matrix:
  include:
- - model: nanos
  - model: nanox
  - model: nanosp
  - model: stax
+ - model: flex
 
  needs: job_build
  runs-on: ubuntu-latest
@@ -186,7 +186,7 @@ jobs:
  run: |
  cd bitcoin_client/tests
  pip install -r requirements.txt
- PYTHONPATH=$PYTHONPATH:/speculos pytest --headless --timeout=300
+ PYTHONPATH=$PYTHONPATH:/speculos pytest --headless --timeout=300 --model=nanos
 
  job_perftests:
  name: Performance report
@@ -258,7 +258,7 @@ jobs:
  - name: Download Bitcoin Testnet app binary
  uses: actions/download-artifact@v2
  with:
- name: bitcoin-testnet-app-nanos
+ name: bitcoin-testnet-app-nanosp
  path: bin
 
  - name: Run tests

.github/workflows/codeql-workflow.yml

@@ -17,8 +17,6 @@ jobs:
  strategy: 
  matrix:
  include:
- - SDK: "$NANOS_SDK"
- artifact: boilerplate-app-nanoS
  - SDK: "$NANOX_SDK"
  artifact: boilerplate-app-nanoX
  - SDK: "$NANOSP_SDK"

.github/workflows/sonarcloud.yml

@@ -40,7 +40,7 @@ jobs:
  gcovr --root .. --sonarqube coverage.xml
  - name: Run build-wrapper
  run: |
- build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} make clean all
+ build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} make TARGET=nanosp
  - name: Run sonar-scanner
  env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.vscode/settings.json

@@ -3,5 +3,8 @@
  "*.h": "c"
  },
  "C_Cpp.clang_format_path": "/usr/bin/clang-format",
- "editor.formatOnSave": true
+ "editor.formatOnSave": true,
+ "ledgerDevTools.appSettings": {
+ "selectedUseCase": "release"
+ }
 }

Makefile

@@ -113,9 +113,14 @@ else
  endif
 endif
 
+ifneq (,$(filter-out clean,$(MAKECMDGOALS)))
+ ifeq ($(TARGET_NAME),TARGET_NANOS)
+ $(error This branch is not compatible with the Nano S device. Checkout the 'nanos' branch for the latest code for Nano S.)
+ endif
+endif
+
 # Application icons following guidelines:
 # https://developers.ledger.com/docs/embedded-app/design-requirements/#device-icon
-ICON_NANOS = icons/nanos_app_bitcoin.gif
 ICON_NANOX = icons/nanox_app_bitcoin.gif
 ICON_NANOSP = icons/nanox_app_bitcoin.gif
 ICON_STAX = icons/stax_app_bitcoin.gif
@@ -144,19 +149,7 @@ DISABLE_DEFAULT_IO_SEPROXY_BUFFER_SIZE = 1
 DEFINES += HAVE_BOLOS_APP_STACK_CANARY
 
 
-ifeq ($(TARGET_NAME),TARGET_NANOS)
-DEFINES += IO_SEPROXYHAL_BUFFER_SIZE_B=72
-DEFINES += HAVE_WALLET_ID_SDK
-else
-DEFINES += IO_SEPROXYHAL_BUFFER_SIZE_B=300
-endif
-
-ifeq ($(TARGET_NAME),TARGET_NANOS)
- # enables optimizations using the shared 1K CXRAM region
- DEFINES += USE_CXRAM_SECTION
- # enables usage of the NVRAM to free up some RAM
- DEFINES += USE_NVRAM_STASH
-endif
+DEFINES += IO_SEPROXYHAL_BUFFER_SIZE_B=300
 
 # debugging helper functions and macros
 CFLAGS += -include debug-helpers/debug.h

bitcoin_client_js/src/__tests__/appClient.test.ts

@@ -102,8 +102,6 @@ describe("test AppClient", () => {
  beforeEach(async () => {
  sp = spawn(speculos_path, [
  repoRootPath + "/bin/app.elf",
- '-k', '2.1',
- '--model', 'nanos',
  '--display', 'headless'
  ]);
 

ledger_app.toml

@@ -1,7 +1,7 @@
 [app]
 build_directory = "./"
 sdk = "C"
-devices = ["nanos", "nanox", "nanos+", "stax", "flex"]
+devices = ["nanox", "nanos+", "stax", "flex"]
 
 [tests]
 unit_directory = "./unit-tests/"

src/common/base58.c

@@ -21,31 +21,19 @@
 
 #include "base58.h"
 
-#include "../cxram_stash.h"
-
-// uint8_t const BASE58_TABLE[] = {
-// 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
-// 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
-// 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
-// 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
-// 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0xFF, 0xFF, //
-// 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, //
-// 0x10, 0xFF, 0x11, 0x12, 0x13, 0x14, 0x15, 0xFF, 0x16, 0x17, 0x18, 0x19, //
-// 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
-// 0xFF, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, //
-// 0xFF, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, //
-// 0x37, 0x38, 0x39, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF //
-// };
-
-// optimization: skip the first 49 and the last 5 bytes that are all identically 0xFF
-uint8_t const BASE58_TABLE_TRIMMED[] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0xFF, 0xFF, //
+uint8_t const BASE58_TABLE[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
+ 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0xFF, 0xFF, //
  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, //
  0x10, 0xFF, 0x11, 0x12, 0x13, 0x14, 0x15, 0xFF, 0x16, 0x17, 0x18, 0x19, //
  0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, //
  0xFF, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, //
  0xFF, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, //
- 0x37, 0x38, 0x39};
+ 0x37, 0x38, 0x39, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF //
+};
 
 char const BASE58_ALPHABET[] = {
  '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F', //
@@ -77,33 +65,18 @@ int base58_decode(const char *in, size_t in_len, uint8_t *out, size_t out_len) {
 
  memmove(tmp, in, in_len);
 
- // uses a trimmed version of BASE58_TABLE to save space, while staying functionally equivalent
  for (uint8_t i = 0; i < in_len; i++) {
- int pos_trimmed = (in[i]) - 49;
- if (pos_trimmed < 0 || pos_trimmed >= (int) sizeof(BASE58_TABLE_TRIMMED)) {
+ if (in[i] >= sizeof(BASE58_TABLE)) {
  return -1;
  }
 
- tmp[i] = BASE58_TABLE_TRIMMED[pos_trimmed];
+ tmp[i] = BASE58_TABLE[(int) in[i]];
 
  if (tmp[i] == 0xFF) {
  return -1;
  }
  }
 
- // // original code for reference
- // for (uint8_t i = 0; i < in_len; i++) {
- // if (in[i] >= sizeof(BASE58_TABLE)) {
- // return -1;
- // }
-
- // tmp[i] = BASE58_TABLE[(int) in[i]];
-
- // if (tmp[i] == 0xFF) {
- // return -1;
- // }
- // }
-
  while ((zero_count < in_len) && (tmp[zero_count] == 0)) {
  ++zero_count;
  }

src/common/wallet.c

@@ -9,8 +9,6 @@
 #include "../common/segwit_addr.h"
 #include "../common/wallet.h"
 
-#include "../cxram_stash.h"
-
 #include "../boilerplate/sw.h"
 
 #include "../debug-helpers/debug.h"
@@ -1976,15 +1974,8 @@ static int16_t maxcheck(int16_t a, int16_t b) {
 static int compute_thresh_ops(const policy_node_thresh_t *node,
  miniscript_ops_t *out,
  MiniscriptContext ctx) {
-#ifdef USE_CXRAM_SECTION
- // allocate buffers inside the cxram section; safe as there are no syscalls here
- uint16_t *sats = (uint16_t *) get_cxram_buffer();
- uint16_t *next_sats =
- (uint16_t *) (get_cxram_buffer() + sizeof(uint16_t) * (MAX_N_IN_THRESH + 1 + 1));
-#else
  uint16_t sats[MAX_N_IN_THRESH + 1 + 1] = {0};
  uint16_t next_sats[MAX_N_IN_THRESH + 1 + 1] = {0}; // it temporarily uses an extra element
-#endif
 
  if (node->n > MAX_N_IN_THRESH) return -1;
 
@@ -2024,15 +2015,8 @@ static int compute_thresh_ops(const policy_node_thresh_t *node,
 static int compute_thresh_stacksize(const policy_node_thresh_t *node,
  miniscript_stacksize_t *out,
  MiniscriptContext ctx) {
-#ifdef USE_CXRAM_SECTION
- // allocate buffers inside the cxram section; safe as there are no syscalls here
- uint16_t *sats = (uint16_t *) get_cxram_buffer();
- uint16_t *next_sats =
- (uint16_t *) (get_cxram_buffer() + sizeof(uint16_t) * (MAX_N_IN_THRESH + 1 + 1));
-#else
  uint16_t sats[MAX_N_IN_THRESH + 1 + 1] = {0};
  uint16_t next_sats[MAX_N_IN_THRESH + 1 + 1] = {0}; // it temporarily uses an extra element
-#endif
 
  if (node->n > MAX_N_IN_THRESH) return -1;
 

src/common/wallet.h

@@ -37,24 +37,11 @@
 // longest supported policy in V1 is "sh(wsh(sortedmulti(5,@0,@1,@2,@3,@4)))", 38 bytes
 #define MAX_DESCRIPTOR_TEMPLATE_LENGTH_V1 40
 
-#ifdef TARGET_NANOS
-// this amount should be enough for many useful policies
-#define MAX_DESCRIPTOR_TEMPLATE_LENGTH_V2 192
-// As the in-memory representation of wallet policy is implementation-specific, we would like
-// this limit not to be hit for descriptor templates below the maximum length
-// MAX_DESCRIPTOR_TEMPLATE_LENGTH_V2.
-// A policy requiring about 300 bytes after parsing was reported by developers working on the Liana
-// miniscript wallet. 320 = 64*5, so that it is a multiple of the NVRAM page size and fits all known
-// cases.
-#define MAX_WALLET_POLICY_BYTES 320
-#else
-// On larger devices, we can afford to reserve a lot more memory.
-// We do not expect these limits to be reached in practice any time soon, and the value
-// of MAX_WALLET_POLICY_BYTES is chosen so that MAX_DESCRIPTOR_TEMPLATE_LENGTH_V2 and
-// MAX_WALLET_POLICY_BYTES are approximately in the same proportion as defined on NanoS.
+// This amount should be enough for many useful policies
+// We do not expect these limits to be reached in practice any time soon, but they can
+// be further increased if necessary.
 #define MAX_DESCRIPTOR_TEMPLATE_LENGTH_V2 512
 #define MAX_WALLET_POLICY_BYTES 896
-#endif
 
 #define MAX_DESCRIPTOR_TEMPLATE_LENGTH \
  MAX(MAX_DESCRIPTOR_TEMPLATE_LENGTH_V1, MAX_DESCRIPTOR_TEMPLATE_LENGTH_V2)
@@ -85,11 +72,7 @@
 
 // maximum depth of a taproot tree that we support
 // (here depth 1 means only the root of the taptree)
-#ifdef TARGET_NANOS
-#define MAX_TAPTREE_POLICY_DEPTH 4
-#else
 #define MAX_TAPTREE_POLICY_DEPTH 9
-#endif
 
 typedef struct {
  uint32_t master_key_derivation[MAX_BIP32_PATH_STEPS];

src/crypto.c

@@ -35,7 +35,6 @@
 #include "common/read.h"
 #include "common/write.h"
 
-#include "cxram_stash.h"
 #include "debug-helpers/debug.h"
 
 #include "crypto.h"

src/handler/lib/get_merkle_preimage.c

@@ -9,8 +9,6 @@
 
 #include "debug-helpers/debug.h"
 
-#include "cxram_stash.h"
-
 // TODO: refactor common code with stream_preimage.c
 
 int call_get_merkle_preimage(dispatcher_context_t *dispatcher_context,
@@ -60,19 +58,12 @@ int call_get_merkle_preimage(dispatcher_context_t *dispatcher_context,
  uint8_t *data_ptr =
  dispatcher_context->read_buffer.ptr + dispatcher_context->read_buffer.offset;
 
-#ifdef USE_CXRAM_SECTION
- // allocate buffers inside the cxram section to save memory
- // this is safe as there are no syscalls here that use the cxram
- cx_sha256_t *hash_context = (cx_sha256_t *) get_cxram_buffer();
-#else
- cx_sha256_t hash_context_obj;
- cx_sha256_t *hash_context = &hash_context_obj;
-#endif
+ cx_sha256_t hash_context;
 
- cx_sha256_init(hash_context);
+ cx_sha256_init(&hash_context);
 
  // update hash
- crypto_hash_update(&hash_context->header, data_ptr, partial_data_len);
+ crypto_hash_update(&hash_context.header, data_ptr, partial_data_len);
 
  buffer_t out_buffer = buffer_create(out_ptr, out_ptr_len);
 
@@ -108,7 +99,7 @@ int call_get_merkle_preimage(dispatcher_context_t *dispatcher_context,
 
  // update hash
  crypto_hash_update(
- &hash_context->header,
+ &hash_context.header,
  dispatcher_context->read_buffer.ptr + dispatcher_context->read_buffer.offset,
  n_bytes);
 
@@ -120,9 +111,9 @@ int call_get_merkle_preimage(dispatcher_context_t *dispatcher_context,
 
  // hack: we pass the address of the final accumulator inside cx_sha256_t, so we don't need
  // an additional variable in the stack to store the final hash.
- crypto_hash_digest(&hash_context->header, (uint8_t *) &hash_context->acc, 32);
+ crypto_hash_digest(&hash_context.header, (uint8_t *) &hash_context.acc, 32);
 
- if (memcmp(hash_context->acc, hash, 32) != 0) {
+ if (memcmp(hash_context.acc, hash, 32) != 0) {
  PRINTF("Hash mismatch.\n");
  return -10;
  }