From 02ec8a41ab498d7645a50bf38413c8b8cdecc5eb Mon Sep 17 00:00:00 2001
From: Charles-Edouard de la Vergne <charles-edouard.delavergne@ledger.fr>
Date: Thu, 12 Sep 2024 11:16:15 +0200
Subject: [PATCH] Update eip712 blind signing friction

---
 src/common_ui.h                           |  3 ++-
 src_bagl/ui_flow_signMessage712.c         |  3 ++-
 src_features/signMessageEIP712/ui_logic.c |  4 ++--
 src_features/signMessageEIP712/ui_logic.h |  3 +++
 src_nbgl/ui_blind_signing.c               |  3 +++
 src_nbgl/ui_sign_712.c                    | 26 +++++++++++++++++------
 6 files changed, 32 insertions(+), 10 deletions(-)

diff --git a/src/common_ui.h b/src/common_ui.h
index 677863d475..f1ededceb9 100644
--- a/src/common_ui.h
+++ b/src/common_ui.h
@@ -3,6 +3,7 @@
 
 #include <stdbool.h>
 #include <stdint.h>
+#include "ui_logic.h"
 
 void ui_idle(void);
 void ui_warning_blind_signing(void);
@@ -23,7 +24,7 @@ void ui_191_switch_to_sign(void);
 void ui_191_switch_to_question(void);
 
 // EIP-712
-void ui_712_start(void);
+void ui_712_start(e_eip712_filtering_mode filtering);
 void ui_712_switch_to_message(void);
 void ui_712_switch_to_sign(void);
 
diff --git a/src_bagl/ui_flow_signMessage712.c b/src_bagl/ui_flow_signMessage712.c
index 7a52baa4ae..b0bea8b3ff 100644
--- a/src_bagl/ui_flow_signMessage712.c
+++ b/src_bagl/ui_flow_signMessage712.c
@@ -89,7 +89,8 @@ UX_FLOW(ux_712_flow,
         &ux_712_step_approve,
         &ux_712_step_reject);
 
-void ui_712_start(void) {
+void ui_712_start(e_eip712_filtering_mode filtering) {
+    UNUSED(filtering);
     ux_flow_init(0, ux_712_flow, NULL);
     ui_pos = UI_712_POS_REVIEW;
 }
diff --git a/src_features/signMessageEIP712/ui_logic.c b/src_features/signMessageEIP712/ui_logic.c
index 1914506dbe..bedc3cbcda 100644
--- a/src_features/signMessageEIP712/ui_logic.c
+++ b/src_features/signMessageEIP712/ui_logic.c
@@ -52,7 +52,7 @@ typedef struct {
 typedef struct {
     bool shown;
     bool end_reached;
-    uint8_t filtering_mode;
+    e_eip712_filtering_mode filtering_mode;
     uint8_t filters_to_process;
     uint8_t field_flags;
     uint8_t structs_to_review;
@@ -151,7 +151,7 @@ void ui_712_set_value(const char *str, size_t length) {
  */
 void ui_712_redraw_generic_step(void) {
     if (!ui_ctx->shown) {  // Initialize if it is not already
-        ui_712_start();
+        ui_712_start(ui_ctx->filtering_mode);
         ui_ctx->shown = true;
     } else {
         ui_712_switch_to_message();
diff --git a/src_features/signMessageEIP712/ui_logic.h b/src_features/signMessageEIP712/ui_logic.h
index d04c8db100..7352b51d48 100644
--- a/src_features/signMessageEIP712/ui_logic.h
+++ b/src_features/signMessageEIP712/ui_logic.h
@@ -50,6 +50,9 @@ const char *ui_712_get_discarded_path(uint8_t *length);
 char *get_ui_pairs_buffer(size_t *size);
 #endif
 
+#else
+// Define empty structs to avoid compilation errors
+#define e_eip712_filtering_mode uint8_t
 #endif  // HAVE_EIP712_FULL_SUPPORT
 
 #endif  // UI_LOGIC_712_H_
diff --git a/src_nbgl/ui_blind_signing.c b/src_nbgl/ui_blind_signing.c
index 2e29544b27..d85a6a3be0 100644
--- a/src_nbgl/ui_blind_signing.c
+++ b/src_nbgl/ui_blind_signing.c
@@ -4,6 +4,7 @@
 #include "feature_signTx.h"
 #include "ui_nbgl.h"
 #include "apdu_constants.h"
+#include "context_712.h"
 
 static void ui_error_blind_signing_choice(bool confirm) {
     if (confirm) {
@@ -11,6 +12,8 @@ static void ui_error_blind_signing_choice(bool confirm) {
     } else {
         ui_idle();
     }
+    eip712_context_deinit();
+    io_seproxyhal_send_status(APDU_RESPONSE_CONDITION_NOT_SATISFIED, 0, false, false);
 }
 
 void ui_error_blind_signing(void) {
diff --git a/src_nbgl/ui_sign_712.c b/src_nbgl/ui_sign_712.c
index a2ca46dd84..289c34a003 100644
--- a/src_nbgl/ui_sign_712.c
+++ b/src_nbgl/ui_sign_712.c
@@ -8,6 +8,7 @@
 #include "nbgl_use_case.h"
 #include "ui_message_signing.h"
 #include "ledger_assert.h"
+#include "apdu_constants.h"
 
 static nbgl_contentTagValue_t pairs[7];
 static nbgl_contentTagValueList_t pairs_list;
@@ -66,18 +67,31 @@ static void message_update(bool confirm) {
     }
 }
 
-void ui_712_start(void) {
+void ui_712_start(e_eip712_filtering_mode filtering) {
     explicit_bzero(&pairs, sizeof(pairs));
     explicit_bzero(&pairs_list, sizeof(pairs_list));
     pairs_list.pairs = pairs;
     pair_idx = 0;
     buf_idx = 0;
 
-    nbgl_useCaseReviewStreamingStart(TYPE_MESSAGE,
-                                     &C_Review_64px,
-                                     TEXT_REVIEW_EIP712,
-                                     NULL,
-                                     message_update);
+    if ((filtering == EIP712_FILTERING_BASIC) && (!N_storage.dataAllowed) &&
+        (!N_storage.verbose_eip712)) {
+        // Both settings not enabled => Error
+        ui_error_blind_signing();
+    } else if ((filtering == EIP712_FILTERING_BASIC) && (N_storage.dataAllowed)) {
+        // No filtering and setting enabled => Blind Signing flow with warning
+        nbgl_useCaseReviewStreamingBlindSigningStart(TYPE_MESSAGE,
+                                                     &C_Review_64px,
+                                                     TEXT_REVIEW_EIP712,
+                                                     NULL,
+                                                     message_update);
+    } else {
+        nbgl_useCaseReviewStreamingStart(TYPE_MESSAGE,
+                                         &C_Review_64px,
+                                         TEXT_REVIEW_EIP712,
+                                         NULL,
+                                         message_update);
+    }
 }
 
 void ui_712_switch_to_message(void) {