bump hwi

.github/workflows/master.yml

@@ -89,6 +89,6 @@ jobs:
       - uses: actions/checkout@v2
       - run: ./Build/CI/makerelease.sh
         env:
-          X_GITHUB_TOKEN: ${{ secrets.X_GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           AZURE_STORAGE_CONNECTION_STRING: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING }}
 

BTCPayServer.Hwi/Deployment/HwiVersions.cs

@@ -36,7 +36,28 @@ public class HwiVersions
                 Extractor = new TarExtractor()
             }
         };
-        public static HwiVersion Latest => v2_0_1;
+        public static HwiVersion v2_1_1 { get; } = new HwiVersion()
+        {
+            Windows = new HwiDownloadInfo()
+            {
+                Link = "https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-windows-amd64.zip",
+                Hash = "3efa5bcde386ca5523a4127f3a9802a7e9ef5320c2a8910ead343386c0b7dbfc",
+                Extractor = new ZipExtractor()
+            },
+            Linux = new HwiDownloadInfo()
+            {
+                Link = "https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-linux-amd64.tar.gz",
+                Hash = "7f4cbe4e5c2cd1ac892f9bd8ac35fb1f837b6a547b528b61aca895a212a90062",
+                Extractor = new TarExtractor()
+            },
+            Mac = new HwiDownloadInfo()
+            {
+                Link = "https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-mac-amd64.tar.gz",
+                Hash = "1b1a903b4a9884aa06593356e7a958c19ccb56a5bc97e0c6075f968310640fd2",
+                Extractor = new TarExtractor()
+            }
+        };
+        public static HwiVersion Latest => v2_1_1;
     }
 
     public class HwiVersion

BTCPayServer.Vault.Tests/HwiTester.cs

@@ -23,15 +23,16 @@ public class HwiTester
         private ILogger _logger;
         private ILogger _HwiLogger;
 
-        public HwiTester(ILoggerFactory loggerFactory, string hwiPath)
+        public HwiTester(Network network, ILoggerFactory loggerFactory, string hwiPath)
         {
             if (hwiPath == null)
                 throw new ArgumentNullException(nameof(hwiPath));
             if (loggerFactory == null)
                 throw new ArgumentNullException(nameof(loggerFactory));
             _logger = loggerFactory.CreateLogger("HwiTester");
             _HwiLogger = loggerFactory.CreateLogger("CliTransport");
-            Client = new HwiClient(Network)
+            Network = network;
+            Client = new HwiClient(network)
             {
                 IgnoreInvalidNetwork = true,
                 Transport = new LegacyCompatibilityTransport(new CliTransport(Path.GetDirectoryName(hwiPath))
@@ -41,10 +42,10 @@ public HwiTester(ILoggerFactory loggerFactory, string hwiPath)
             };
         }
 
-        public static async Task<HwiTester> CreateAsync(ILoggerFactory loggerFactory)
+        public static async Task<HwiTester> CreateAsync(Network network, ILoggerFactory loggerFactory)
         {
             var hwi = await HwiVersions.Latest.Current.EnsureIsDeployed();
-            return new HwiTester(loggerFactory, hwi);
+            return new HwiTester(network, loggerFactory, hwi);
         }
 
         public async Task EnsureHasDevice()
@@ -54,7 +55,7 @@ public async Task EnsureHasDevice()
                 throw new InvalidOperationException("No device supported by HWI has been plugged");
         }
 
-        public Network Network => NBitcoin.Network.RegTest;
+        public Network Network { get; }
 
         public HwiClient Client
         {
@@ -66,5 +67,21 @@ public HwiDeviceClient Device
             get;
             set;
         }
+
+        public KeyPath GetKeyPath(ScriptPubKeyType addressType)
+        {
+            var network = Network.ChainName == ChainName.Mainnet ? "0'" : "1'";
+            switch (addressType)
+            {
+                case ScriptPubKeyType.Legacy:
+                    return new KeyPath($"44'/{network}/0'");
+                case ScriptPubKeyType.Segwit:
+                    return new KeyPath($"84'/{network}/0'");
+                case ScriptPubKeyType.SegwitP2SH:
+                    return new KeyPath($"49'/{network}/0'");
+                default:
+                    throw new NotSupportedException(addressType.ToString());
+            }
+        }
     }
 }

BTCPayServer.Vault.Tests/HwiTests.cs

@@ -96,7 +96,7 @@ public async Task CanGetVersionViaHttpTransport()
         public async Task CanGetXPub()
         {
             var tester = await CreateTester();
-            await tester.Device.GetXPubAsync(new KeyPath("1'"));
+            await tester.Device.GetXPubAsync(new KeyPath("44'/0'/0'/0/0"));
         }
 
 
@@ -105,8 +105,10 @@ public async Task CanGetXPub()
         public async Task CanSignMessage()
         {
             var tester = await CreateTester();
-            var signature = await tester.Device.SignMessageAsync("I am satoshi", new KeyPath("44'/1'/0'/0/0"));
-            var xpub = await tester.Device.GetXPubAsync(new KeyPath("44'/1'/0'/0/0"));
+            var accountPath = tester.GetKeyPath(ScriptPubKeyType.Legacy);
+            var addrPath = accountPath.Derive(new KeyPath("0/0"));
+            var signature = await tester.Device.SignMessageAsync("I am satoshi", addrPath);
+            var xpub = await tester.Device.GetXPubAsync(addrPath);
             Assert.True(xpub.GetPublicKey().VerifyMessage("I am satoshi", signature));
         }
 
@@ -115,11 +117,11 @@ public async Task CanSignMessage()
         public async Task CanDisplayAddress()
         {
             var tester = await CreateTester();
-            await tester.Device.DisplayAddressAsync(ScriptPubKeyType.Legacy, GetKeyPath(ScriptPubKeyType.Legacy).Derive("0/1"));
+            await tester.Device.DisplayAddressAsync(ScriptPubKeyType.Legacy, tester.GetKeyPath(ScriptPubKeyType.Legacy).Derive("0/1"));
             if (tester.Network.Consensus.SupportSegwit)
             {
-                await tester.Device.DisplayAddressAsync(ScriptPubKeyType.Segwit, GetKeyPath(ScriptPubKeyType.Segwit).Derive("0/1"));
-                await tester.Device.DisplayAddressAsync(ScriptPubKeyType.SegwitP2SH, GetKeyPath(ScriptPubKeyType.SegwitP2SH).Derive("0/1"));
+                await tester.Device.DisplayAddressAsync(ScriptPubKeyType.Segwit, tester.GetKeyPath(ScriptPubKeyType.Segwit).Derive("0/1"));
+                await tester.Device.DisplayAddressAsync(ScriptPubKeyType.SegwitP2SH, tester.GetKeyPath(ScriptPubKeyType.SegwitP2SH).Derive("0/1"));
             }
         }
 
@@ -128,7 +130,6 @@ public async Task CanDisplayAddress()
         public async Task CanSign()
         {
             var tester = await CreateTester();
-
             // Should show we are sending 2.0 BTC three time
             var psbt = await tester.Device.SignPSBTAsync(await CreatePSBT(tester, ScriptPubKeyType.Legacy));
             AssertFullySigned(tester, psbt);
@@ -151,7 +152,7 @@ private static void AssertFullySigned(HwiTester tester, PSBT psbt)
 
         private async Task<PSBT> CreatePSBT(HwiTester tester, ScriptPubKeyType addressType)
         {
-            var accountKeyPath = new RootedKeyPath(tester.Device.Fingerprint.Value, GetKeyPath(addressType));
+            var accountKeyPath = new RootedKeyPath(tester.Device.Fingerprint.Value, tester.GetKeyPath(addressType));
             var accountKey = await tester.Device.GetXPubAsync(accountKeyPath.KeyPath);
             Logger.LogInformation($"Signing with xpub {accountKeyPath}: {accountKey}...");
             List<Transaction> knownTransactions = new List<Transaction>();
@@ -168,21 +169,6 @@ private async Task<PSBT> CreatePSBT(HwiTester tester, ScriptPubKeyType addressTy
             return psbt;
         }
 
-        private KeyPath GetKeyPath(ScriptPubKeyType addressType)
-        {
-            switch (addressType)
-            {
-                case ScriptPubKeyType.Legacy:
-                    return new KeyPath("44'/1'/0'");
-                case ScriptPubKeyType.Segwit:
-                    return new KeyPath("84'/1'/0'");
-                case ScriptPubKeyType.SegwitP2SH:
-                    return new KeyPath("49'/1'/0'");
-                default:
-                    throw new NotSupportedException(addressType.ToString());
-            }
-        }
-
         private void CreateCoin(TransactionBuilder builder, List<Transaction> knownTransactions, ScriptPubKeyType addressType, Money money, BitcoinExtPubKey xpub, string path)
         {
             var pubkey = xpub.Derive(new KeyPath(path)).ExtPubKey.PubKey;
@@ -219,10 +205,13 @@ private static OutPoint RandomOutpoint()
         {
             return new OutPoint(RandomUtils.GetUInt256(), 0);
         }
-
-        async Task<HwiTester> CreateTester(bool needDevice = true)
+        Task<HwiTester> CreateTester(bool needDevice = true)
+        {
+            return CreateTester(Network.Main, needDevice);
+        }
+        async Task<HwiTester> CreateTester(Network network, bool needDevice = true)
         {
-            var tester = await HwiTester.CreateAsync(LoggerFactory);
+            var tester = await HwiTester.CreateAsync(network, LoggerFactory);
             if (needDevice)
                 await tester.EnsureHasDevice();
             return tester;

BTCPayServer.Vault/Version.csproj

@@ -1,5 +1,5 @@
 <Project>
   <PropertyGroup>
-    <Version>2.0.1</Version>
+    <Version>2.0.2</Version>
   </PropertyGroup>
 </Project>

Build/CI/makerelease.sh

@@ -6,11 +6,6 @@ if ! [[ "$AZURE_STORAGE_CONNECTION_STRING" ]] || ! [[ "$AZURE_STORAGE_CONTAINER"
     exit 0
 fi
 
-if ! [[ "$X_GITHUB_TOKEN" ]]; then
-    echo "Skipping github release (X_GITHUB_TOKEN is not set)"
-    exit 0
-fi
-
 if ! [[ "$GITHUB_REF" ]]; then
     echo "Skipping github release (GITHUB_REF is not set)"
     exit 0
@@ -68,7 +63,7 @@ for f in *; do
   echo "Uploading $f to github release"
   curl --fail -s -S \
     -H "Accept: application/vnd.github.v3+json" \
-    -H "Authorization: token $X_GITHUB_TOKEN" \
+    -H "Authorization: token $GITHUB_TOKEN" \
     -H "Content-Type: $media_type" \
     --data-binary @"$f" \
     "https://uploads.github.com/repos/$GITHUB_REPOSITORY/releases/$release_id/assets?name=$f"

Build/CI/pgpsign.sh

@@ -26,6 +26,7 @@ mv /tmp/SHA256SUMS SHA256SUMS
 curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
 
 echo "$PGP_KEY" | base64 --decode | gpg --import --no-tty
-gpg --no-tty --digest-algo sha256 --clearsign SHA256SUMS
+echo "PGP keys correctly imported"
+gpg --digest-algo sha256 --clearsign SHA256SUMS
 az storage blob upload -f "SHA256SUMS.asc" -c "$AZURE_STORAGE_CONTAINER" -n "$DIRECTORY_NAME/SHA256SUMS.asc"
 rm SHA256SUMS

Build/RELEASE.md

@@ -1,5 +1,5 @@
 ## Changelog
 
-* Update HWI to 2.0.1
+* Update HWI to 2.1.1
 
 You may want to follow the [documented](https://github.com/btcpayserver/BTCPayServer.Vault/blob/master/docs/HowToVerify.md) process to verify that the binaries are built by Nicolas Dorier.

Build/debian-x64/Dockerfile

@@ -5,9 +5,9 @@ RUN apt-get update
 RUN apt-get install -y --no-install-recommends imagemagick
 ###
 
-RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.0.1/hwi-2.0.1-linux-amd64.tar.gz && \
+RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-linux-amd64.tar.gz && \
     tar -zxvf /tmp/hwi.tar.gz -C /tmp hwi && \
-    echo "ca1f91593b3c0a99269ecbc0f85aced08e2dec4bf263cfb25429e047e63e38d5 /tmp/hwi" | sha256sum -c - && \
+    echo "7f4cbe4e5c2cd1ac892f9bd8ac35fb1f837b6a547b528b61aca895a212a90062 /tmp/hwi" | sha256sum -c - && \
     rm /tmp/hwi.tar.gz
 
 SHELL ["/bin/bash", "-c"]

Build/linux-x64/Dockerfile

@@ -1,8 +1,8 @@
 FROM mcr.microsoft.com/dotnet/core/sdk:3.1.101 AS builder
 
-RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.0.1/hwi-2.0.1-linux-amd64.tar.gz && \
+RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-linux-amd64.tar.gz && \
     tar -zxvf /tmp/hwi.tar.gz -C /tmp hwi && \
-    echo "ca1f91593b3c0a99269ecbc0f85aced08e2dec4bf263cfb25429e047e63e38d5 /tmp/hwi" | sha256sum -c - && \
+    echo "7f4cbe4e5c2cd1ac892f9bd8ac35fb1f837b6a547b528b61aca895a212a90062 /tmp/hwi" | sha256sum -c - && \
     rm /tmp/hwi.tar.gz
 
 WORKDIR /source

Build/osx-x64/Dockerfile

@@ -7,9 +7,9 @@ RUN apt-get install -y --no-install-recommends imagemagick
 
 RUN apt-get install -y --no-install-recommends git icnsutils
 
-RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.0.1/hwi-2.0.1-mac-amd64.tar.gz && \
+RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-mac-amd64.tar.gz && \
     tar -zxvf /tmp/hwi.tar.gz -C /tmp hwi && \
-    echo "389afc3927cbc6ce01f464d8d6fa66bf050d2b7d17d7127d1c1e6ee89c5b5ec1 /tmp/hwi" | sha256sum -c - && \
+    echo "1b1a903b4a9884aa06593356e7a958c19ccb56a5bc97e0c6075f968310640fd2 /tmp/hwi" | sha256sum -c - && \
     rm /tmp/hwi.tar.gz
 
 WORKDIR /source

Build/win-x64/Dockerfile

@@ -6,9 +6,9 @@ RUN apt-get install -y --no-install-recommends imagemagick
 ###
 
 RUN apt-get install -y --no-install-recommends nsis unzip wine xxd osslsigncode openssl
-RUN wget -qO "/tmp/hwi.zip" https://github.com/bitcoin-core/HWI/releases/download/2.0.1/hwi-2.0.1-windows-amd64.zip && \
+RUN wget -qO "/tmp/hwi.zip" https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-windows-amd64.zip && \
     unzip "/tmp/hwi.zip" -d "/tmp" && \
-    echo "2cfdd6ae51e345f8c70214d626430c8d236336688a87f7d85fc6f3d6a8392da8 /tmp/hwi.exe" | sha256sum -c - && \
+    echo "3efa5bcde386ca5523a4127f3a9802a7e9ef5320c2a8910ead343386c0b7dbfc /tmp/hwi.exe" | sha256sum -c - && \
     rm "/tmp/hwi.zip" && \
     # Need to setup with rcedit because https://github.com/dotnet/sdk/issues/3943
     # I prebuild the binaries with VS 2019 on commit b807b34a644c86c0b0d89c7f073967e79202731a