diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index b5fb30c..ed4c0ac 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -89,6 +89,6 @@ jobs: - uses: actions/checkout@v2 - run: ./Build/CI/makerelease.sh env: - X_GITHUB_TOKEN: ${{ secrets.X_GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AZURE_STORAGE_CONNECTION_STRING: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING }} \ No newline at end of file diff --git a/BTCPayServer.Hwi/Deployment/HwiVersions.cs b/BTCPayServer.Hwi/Deployment/HwiVersions.cs index 9037d28..9d4f6f4 100644 --- a/BTCPayServer.Hwi/Deployment/HwiVersions.cs +++ b/BTCPayServer.Hwi/Deployment/HwiVersions.cs @@ -36,7 +36,28 @@ public class HwiVersions Extractor = new TarExtractor() } }; - public static HwiVersion Latest => v2_0_1; + public static HwiVersion v2_1_1 { get; } = new HwiVersion() + { + Windows = new HwiDownloadInfo() + { + Link = "https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-windows-amd64.zip", + Hash = "3efa5bcde386ca5523a4127f3a9802a7e9ef5320c2a8910ead343386c0b7dbfc", + Extractor = new ZipExtractor() + }, + Linux = new HwiDownloadInfo() + { + Link = "https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-linux-amd64.tar.gz", + Hash = "7f4cbe4e5c2cd1ac892f9bd8ac35fb1f837b6a547b528b61aca895a212a90062", + Extractor = new TarExtractor() + }, + Mac = new HwiDownloadInfo() + { + Link = "https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-mac-amd64.tar.gz", + Hash = "1b1a903b4a9884aa06593356e7a958c19ccb56a5bc97e0c6075f968310640fd2", + Extractor = new TarExtractor() + } + }; + public static HwiVersion Latest => v2_1_1; } public class HwiVersion diff --git a/BTCPayServer.Vault.Tests/HwiTester.cs b/BTCPayServer.Vault.Tests/HwiTester.cs index 75168d3..578a425 100644 --- a/BTCPayServer.Vault.Tests/HwiTester.cs +++ b/BTCPayServer.Vault.Tests/HwiTester.cs @@ -23,7 +23,7 @@ public class HwiTester private ILogger _logger; private ILogger _HwiLogger; - public HwiTester(ILoggerFactory loggerFactory, string hwiPath) + public HwiTester(Network network, ILoggerFactory loggerFactory, string hwiPath) { if (hwiPath == null) throw new ArgumentNullException(nameof(hwiPath)); @@ -31,7 +31,8 @@ public HwiTester(ILoggerFactory loggerFactory, string hwiPath) throw new ArgumentNullException(nameof(loggerFactory)); _logger = loggerFactory.CreateLogger("HwiTester"); _HwiLogger = loggerFactory.CreateLogger("CliTransport"); - Client = new HwiClient(Network) + Network = network; + Client = new HwiClient(network) { IgnoreInvalidNetwork = true, Transport = new LegacyCompatibilityTransport(new CliTransport(Path.GetDirectoryName(hwiPath)) @@ -41,10 +42,10 @@ public HwiTester(ILoggerFactory loggerFactory, string hwiPath) }; } - public static async Task CreateAsync(ILoggerFactory loggerFactory) + public static async Task CreateAsync(Network network, ILoggerFactory loggerFactory) { var hwi = await HwiVersions.Latest.Current.EnsureIsDeployed(); - return new HwiTester(loggerFactory, hwi); + return new HwiTester(network, loggerFactory, hwi); } public async Task EnsureHasDevice() @@ -54,7 +55,7 @@ public async Task EnsureHasDevice() throw new InvalidOperationException("No device supported by HWI has been plugged"); } - public Network Network => NBitcoin.Network.RegTest; + public Network Network { get; } public HwiClient Client { @@ -66,5 +67,21 @@ public HwiDeviceClient Device get; set; } + + public KeyPath GetKeyPath(ScriptPubKeyType addressType) + { + var network = Network.ChainName == ChainName.Mainnet ? "0'" : "1'"; + switch (addressType) + { + case ScriptPubKeyType.Legacy: + return new KeyPath($"44'/{network}/0'"); + case ScriptPubKeyType.Segwit: + return new KeyPath($"84'/{network}/0'"); + case ScriptPubKeyType.SegwitP2SH: + return new KeyPath($"49'/{network}/0'"); + default: + throw new NotSupportedException(addressType.ToString()); + } + } } } diff --git a/BTCPayServer.Vault.Tests/HwiTests.cs b/BTCPayServer.Vault.Tests/HwiTests.cs index 3b62617..bbfb476 100644 --- a/BTCPayServer.Vault.Tests/HwiTests.cs +++ b/BTCPayServer.Vault.Tests/HwiTests.cs @@ -96,7 +96,7 @@ public async Task CanGetVersionViaHttpTransport() public async Task CanGetXPub() { var tester = await CreateTester(); - await tester.Device.GetXPubAsync(new KeyPath("1'")); + await tester.Device.GetXPubAsync(new KeyPath("44'/0'/0'/0/0")); } @@ -105,8 +105,10 @@ public async Task CanGetXPub() public async Task CanSignMessage() { var tester = await CreateTester(); - var signature = await tester.Device.SignMessageAsync("I am satoshi", new KeyPath("44'/1'/0'/0/0")); - var xpub = await tester.Device.GetXPubAsync(new KeyPath("44'/1'/0'/0/0")); + var accountPath = tester.GetKeyPath(ScriptPubKeyType.Legacy); + var addrPath = accountPath.Derive(new KeyPath("0/0")); + var signature = await tester.Device.SignMessageAsync("I am satoshi", addrPath); + var xpub = await tester.Device.GetXPubAsync(addrPath); Assert.True(xpub.GetPublicKey().VerifyMessage("I am satoshi", signature)); } @@ -115,11 +117,11 @@ public async Task CanSignMessage() public async Task CanDisplayAddress() { var tester = await CreateTester(); - await tester.Device.DisplayAddressAsync(ScriptPubKeyType.Legacy, GetKeyPath(ScriptPubKeyType.Legacy).Derive("0/1")); + await tester.Device.DisplayAddressAsync(ScriptPubKeyType.Legacy, tester.GetKeyPath(ScriptPubKeyType.Legacy).Derive("0/1")); if (tester.Network.Consensus.SupportSegwit) { - await tester.Device.DisplayAddressAsync(ScriptPubKeyType.Segwit, GetKeyPath(ScriptPubKeyType.Segwit).Derive("0/1")); - await tester.Device.DisplayAddressAsync(ScriptPubKeyType.SegwitP2SH, GetKeyPath(ScriptPubKeyType.SegwitP2SH).Derive("0/1")); + await tester.Device.DisplayAddressAsync(ScriptPubKeyType.Segwit, tester.GetKeyPath(ScriptPubKeyType.Segwit).Derive("0/1")); + await tester.Device.DisplayAddressAsync(ScriptPubKeyType.SegwitP2SH, tester.GetKeyPath(ScriptPubKeyType.SegwitP2SH).Derive("0/1")); } } @@ -128,7 +130,6 @@ public async Task CanDisplayAddress() public async Task CanSign() { var tester = await CreateTester(); - // Should show we are sending 2.0 BTC three time var psbt = await tester.Device.SignPSBTAsync(await CreatePSBT(tester, ScriptPubKeyType.Legacy)); AssertFullySigned(tester, psbt); @@ -151,7 +152,7 @@ private static void AssertFullySigned(HwiTester tester, PSBT psbt) private async Task CreatePSBT(HwiTester tester, ScriptPubKeyType addressType) { - var accountKeyPath = new RootedKeyPath(tester.Device.Fingerprint.Value, GetKeyPath(addressType)); + var accountKeyPath = new RootedKeyPath(tester.Device.Fingerprint.Value, tester.GetKeyPath(addressType)); var accountKey = await tester.Device.GetXPubAsync(accountKeyPath.KeyPath); Logger.LogInformation($"Signing with xpub {accountKeyPath}: {accountKey}..."); List knownTransactions = new List(); @@ -168,21 +169,6 @@ private async Task CreatePSBT(HwiTester tester, ScriptPubKeyType addressTy return psbt; } - private KeyPath GetKeyPath(ScriptPubKeyType addressType) - { - switch (addressType) - { - case ScriptPubKeyType.Legacy: - return new KeyPath("44'/1'/0'"); - case ScriptPubKeyType.Segwit: - return new KeyPath("84'/1'/0'"); - case ScriptPubKeyType.SegwitP2SH: - return new KeyPath("49'/1'/0'"); - default: - throw new NotSupportedException(addressType.ToString()); - } - } - private void CreateCoin(TransactionBuilder builder, List knownTransactions, ScriptPubKeyType addressType, Money money, BitcoinExtPubKey xpub, string path) { var pubkey = xpub.Derive(new KeyPath(path)).ExtPubKey.PubKey; @@ -219,10 +205,13 @@ private static OutPoint RandomOutpoint() { return new OutPoint(RandomUtils.GetUInt256(), 0); } - - async Task CreateTester(bool needDevice = true) + Task CreateTester(bool needDevice = true) + { + return CreateTester(Network.Main, needDevice); + } + async Task CreateTester(Network network, bool needDevice = true) { - var tester = await HwiTester.CreateAsync(LoggerFactory); + var tester = await HwiTester.CreateAsync(network, LoggerFactory); if (needDevice) await tester.EnsureHasDevice(); return tester; diff --git a/BTCPayServer.Vault/Version.csproj b/BTCPayServer.Vault/Version.csproj index a83f182..c7f5ff3 100644 --- a/BTCPayServer.Vault/Version.csproj +++ b/BTCPayServer.Vault/Version.csproj @@ -1,5 +1,5 @@  - 2.0.1 + 2.0.2 diff --git a/Build/CI/makerelease.sh b/Build/CI/makerelease.sh index 8027a37..f278ab1 100755 --- a/Build/CI/makerelease.sh +++ b/Build/CI/makerelease.sh @@ -6,11 +6,6 @@ if ! [[ "$AZURE_STORAGE_CONNECTION_STRING" ]] || ! [[ "$AZURE_STORAGE_CONTAINER" exit 0 fi -if ! [[ "$X_GITHUB_TOKEN" ]]; then - echo "Skipping github release (X_GITHUB_TOKEN is not set)" - exit 0 -fi - if ! [[ "$GITHUB_REF" ]]; then echo "Skipping github release (GITHUB_REF is not set)" exit 0 @@ -68,7 +63,7 @@ for f in *; do echo "Uploading $f to github release" curl --fail -s -S \ -H "Accept: application/vnd.github.v3+json" \ - -H "Authorization: token $X_GITHUB_TOKEN" \ + -H "Authorization: token $GITHUB_TOKEN" \ -H "Content-Type: $media_type" \ --data-binary @"$f" \ "https://uploads.github.com/repos/$GITHUB_REPOSITORY/releases/$release_id/assets?name=$f" diff --git a/Build/CI/pgpsign.sh b/Build/CI/pgpsign.sh index 8f655cc..8c6bd49 100755 --- a/Build/CI/pgpsign.sh +++ b/Build/CI/pgpsign.sh @@ -26,6 +26,7 @@ mv /tmp/SHA256SUMS SHA256SUMS curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash echo "$PGP_KEY" | base64 --decode | gpg --import --no-tty -gpg --no-tty --digest-algo sha256 --clearsign SHA256SUMS +echo "PGP keys correctly imported" +gpg --digest-algo sha256 --clearsign SHA256SUMS az storage blob upload -f "SHA256SUMS.asc" -c "$AZURE_STORAGE_CONTAINER" -n "$DIRECTORY_NAME/SHA256SUMS.asc" rm SHA256SUMS diff --git a/Build/RELEASE.md b/Build/RELEASE.md index b711ede..7cdad01 100644 --- a/Build/RELEASE.md +++ b/Build/RELEASE.md @@ -1,5 +1,5 @@ ## Changelog -* Update HWI to 2.0.1 +* Update HWI to 2.1.1 You may want to follow the [documented](https://github.com/btcpayserver/BTCPayServer.Vault/blob/master/docs/HowToVerify.md) process to verify that the binaries are built by Nicolas Dorier. diff --git a/Build/debian-x64/Dockerfile b/Build/debian-x64/Dockerfile index aabc1e5..46f104b 100644 --- a/Build/debian-x64/Dockerfile +++ b/Build/debian-x64/Dockerfile @@ -5,9 +5,9 @@ RUN apt-get update RUN apt-get install -y --no-install-recommends imagemagick ### -RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.0.1/hwi-2.0.1-linux-amd64.tar.gz && \ +RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-linux-amd64.tar.gz && \ tar -zxvf /tmp/hwi.tar.gz -C /tmp hwi && \ - echo "ca1f91593b3c0a99269ecbc0f85aced08e2dec4bf263cfb25429e047e63e38d5 /tmp/hwi" | sha256sum -c - && \ + echo "7f4cbe4e5c2cd1ac892f9bd8ac35fb1f837b6a547b528b61aca895a212a90062 /tmp/hwi" | sha256sum -c - && \ rm /tmp/hwi.tar.gz SHELL ["/bin/bash", "-c"] diff --git a/Build/linux-x64/Dockerfile b/Build/linux-x64/Dockerfile index c915d18..f40b4b3 100644 --- a/Build/linux-x64/Dockerfile +++ b/Build/linux-x64/Dockerfile @@ -1,8 +1,8 @@ FROM mcr.microsoft.com/dotnet/core/sdk:3.1.101 AS builder -RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.0.1/hwi-2.0.1-linux-amd64.tar.gz && \ +RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-linux-amd64.tar.gz && \ tar -zxvf /tmp/hwi.tar.gz -C /tmp hwi && \ - echo "ca1f91593b3c0a99269ecbc0f85aced08e2dec4bf263cfb25429e047e63e38d5 /tmp/hwi" | sha256sum -c - && \ + echo "7f4cbe4e5c2cd1ac892f9bd8ac35fb1f837b6a547b528b61aca895a212a90062 /tmp/hwi" | sha256sum -c - && \ rm /tmp/hwi.tar.gz WORKDIR /source diff --git a/Build/osx-x64/Dockerfile b/Build/osx-x64/Dockerfile index b3accc0..3cffebd 100644 --- a/Build/osx-x64/Dockerfile +++ b/Build/osx-x64/Dockerfile @@ -7,9 +7,9 @@ RUN apt-get install -y --no-install-recommends imagemagick RUN apt-get install -y --no-install-recommends git icnsutils -RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.0.1/hwi-2.0.1-mac-amd64.tar.gz && \ +RUN wget -qO /tmp/hwi.tar.gz https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-mac-amd64.tar.gz && \ tar -zxvf /tmp/hwi.tar.gz -C /tmp hwi && \ - echo "389afc3927cbc6ce01f464d8d6fa66bf050d2b7d17d7127d1c1e6ee89c5b5ec1 /tmp/hwi" | sha256sum -c - && \ + echo "1b1a903b4a9884aa06593356e7a958c19ccb56a5bc97e0c6075f968310640fd2 /tmp/hwi" | sha256sum -c - && \ rm /tmp/hwi.tar.gz WORKDIR /source diff --git a/Build/win-x64/Dockerfile b/Build/win-x64/Dockerfile index 9c2a9e4..4a21c3f 100644 --- a/Build/win-x64/Dockerfile +++ b/Build/win-x64/Dockerfile @@ -6,9 +6,9 @@ RUN apt-get install -y --no-install-recommends imagemagick ### RUN apt-get install -y --no-install-recommends nsis unzip wine xxd osslsigncode openssl -RUN wget -qO "/tmp/hwi.zip" https://github.com/bitcoin-core/HWI/releases/download/2.0.1/hwi-2.0.1-windows-amd64.zip && \ +RUN wget -qO "/tmp/hwi.zip" https://github.com/bitcoin-core/HWI/releases/download/2.1.1/hwi-2.1.1-windows-amd64.zip && \ unzip "/tmp/hwi.zip" -d "/tmp" && \ - echo "2cfdd6ae51e345f8c70214d626430c8d236336688a87f7d85fc6f3d6a8392da8 /tmp/hwi.exe" | sha256sum -c - && \ + echo "3efa5bcde386ca5523a4127f3a9802a7e9ef5320c2a8910ead343386c0b7dbfc /tmp/hwi.exe" | sha256sum -c - && \ rm "/tmp/hwi.zip" && \ # Need to setup with rcedit because https://github.com/dotnet/sdk/issues/3943 # I prebuild the binaries with VS 2019 on commit b807b34a644c86c0b0d89c7f073967e79202731a