def render_backup_contents():
# simple text format:
# key = value
# or #comments
# but value is JSON
from main import settings, pa
rv = StringIO()
def COMMENT(val=None):
if val:
rv.write('\n# %s\n' % val)
else:
rv.write('\n')
def ADD(key, val):
rv.write('%s = %s\n' % (key, ujson.dumps(val)))
rv.write('# Coldcard backup file! DO NOT CHANGE.\n')
chain = chains.current_chain()
COMMENT('Private key details: ' + chain.name)
with stash.SensitiveValues(for_backup=True) as sv:
if sv.mode == 'words':
ADD('mnemonic', tcc.bip39.from_data(sv.raw))
if sv.mode == 'master':
ADD('bip32_master_key', b2a_hex(sv.raw))
ADD('chain', chain.ctype)
ADD('xprv', chain.serialize_private(sv.node))
ADD('xpub', chain.serialize_public(sv.node))
# BTW: everything is really a duplicate of this value
ADD('raw_secret', b2a_hex(sv.secret).rstrip(b'0'))
if pa.has_duress_pin():
COMMENT('Duress Wallet (informational)')
dpk = sv.duress_root()
ADD('duress_xprv', chain.serialize_private(dpk))
ADD('duress_xpub', chain.serialize_public(dpk))
if version.has_608:
# save the so-called long-secret
ADD('long_secret', b2a_hex(pa.ls_fetch()))
COMMENT('Firmware version (informational)')
date, vers, timestamp = version.get_mpy_version()[0:3]
ADD('fw_date', date)
ADD('fw_version', vers)
ADD('fw_timestamp', timestamp)
ADD('serial', version.serial_number())
COMMENT('User preferences')
# user preferences
for k, v in settings.current.items():
if k[0] == '_': continue # debug stuff in simulator
if k == 'xpub': continue # redundant, and wrong if bip39pw
if k == 'xfp': continue # redundant, and wrong if bip39pw
ADD('setting.' + k, v)
if version.has_fatram:
import hsm
if hsm.hsm_policy_available():
ADD('hsm_policy', hsm.capture_backup())
rv.write('\n# EOF\n')
return rv.getvalue()
async def test_7z():
# test full 7z round-trip
# Altho cleartext mode is not for real, if the code is written, I must test it.
from backups import write_complete_backup, restore_complete_doit
from sffile import SFFile
import ngu, version, uos
from glob import numpad
from pincodes import pa
from nvstore import settings
if version.has_fatram:
import hsm
had_policy = hsm.hsm_policy_available()
else:
had_policy = False
today = ngu.random.uniform(1000000)
import machine
machine.reset = lambda: None
for chain in ['BTC', 'XTN']:
for words in ([], ['abc', 'def']):
settings.set('check', today)
settings.set('chain', chain)
if version.has_608:
ls = b'%416d' % today
pa.ls_change(ls)
ll, sha = await write_complete_backup(words, None, True)
result = SFFile(0, ll).read()
if words:
#open('debug.7z', 'wb').write(result)
assert ll > 800
assert len(sha) == 32
assert result[0:6] == b"7z\xbc\xaf'\x1c"
assert ngu.hash.sha256s(result) == sha
assert len(set(result)) >= 240 # encrypted
else:
sr = str(result, 'ascii')
print("Backup contents:\n" + sr)
assert sr[0] == '#', result
assert 'Coldcard' in sr
assert len(set(sr)) < 100 # cleartext, english
assert ('chain = "%s"' % chain) in result
# test restore
# - cant wipe flash, since the backup file is there
# - cant wipe all settings becuase PIN and stuff is simulated there
del settings.current['check']
if had_policy:
from hsm import POLICY_FNAME
uos.unlink(POLICY_FNAME)
assert not hsm.hsm_policy_available()
with SFFile(0, ll) as fd:
numpad.inject('y') # for 'success' message
await restore_complete_doit(fd, words)
assert settings.get('check') == today, \
(settings.get('check'), '!=', today)
assert settings.get('chain') == chain, \
(settings.get('chain'), '!=', chain)
if version.has_608:
assert pa.ls_fetch() == ls
if had_policy:
assert had_policy == hsm.hsm_policy_available()
today += 3
import ux
ux.restore_menu()
async def start_login_sequence():
# Boot up login sequence here.
#
from main import pa, settings, dis, loop, numpad
from ux import idle_logout
if pa.is_blank():
# Blank devices, with no PIN set all, can continue w/o login
# Do green-light set immediately after firmware upgrade
if version.is_fresh_version():
pa.greenlight_firmware()
dis.show()
goto_top_menu()
return
# maybe show a nickname before we do anything
nickname = settings.get('nick', None)
if nickname:
try:
await show_nickname(nickname)
except: pass
# Allow impatient devs and crazy people to skip the PIN
guess = settings.get('_skip_pin', None)
if guess is not None:
try:
dis.fullscreen("(Skip PIN)")
pa.setup(guess)
pa.login()
except: pass
# if that didn't work, or no skip defined, force
# them to login succefully.
while not pa.is_successful():
# always get a PIN and login first
await block_until_login()
# Must re-read settings after login
settings.set_key()
settings.load()
# implement "login countdown" feature
delay = settings.get('lgto', 0)
if delay:
pa.reset()
await login_countdown(delay)
await block_until_login()
# implement idle timeout now that we are logged-in
loop.create_task(idle_logout())
# Do green-light set immediately after firmware upgrade
if not pa.is_secondary:
if version.is_fresh_version():
pa.greenlight_firmware()
dis.show()
# Populate xfp/xpub values, if missing.
# - can happen for first-time login of duress wallet
# - may indicate lost settings, which we can easily recover from
# - these values are important to USB protocol
if not (settings.get('xfp', 0) and settings.get('xpub', 0)) and not pa.is_secret_blank():
try:
import stash
# Recalculate xfp/xpub values (depends both on secret and chain)
with stash.SensitiveValues() as sv:
sv.capture_xpub()
except Exception as exc:
# just in case, keep going; we're not useless and this
# is early in boot process
print("XFP save failed: %s" % exc)
# If HSM policy file is available, offer to start that,
# **before** the USB is even enabled.
if version.has_fatram:
try:
import hsm, hsm_ux
if hsm.hsm_policy_available():
ar = await hsm_ux.start_hsm_approval(usb_mode=False, startup_mode=True)
if ar:
await ar.interact()
except: pass
# Allow USB protocol, now that we are auth'ed
from usb import enable_usb
enable_usb(loop, False)
goto_top_menu()