Use magic byte instead of tag to differentiate between pre-attestation and attestation

README.md

@@ -121,8 +121,8 @@ Download the source code for application from github repository [App-tezos-bakin
 ### Building
 
 ```
-$ git clone https://github.com/LedgerHQ/app-tezos.git
-$ cd app-tezos
+$ git clone https://github.com/trilitech/ledger-app-tezos-baking.git
+$ cd ledger-app-tezos-baking
 ```
 Then run the following command to enter into docker container provided by Ledger. You will need to have  docker cli installed.
 Use the docker container `ledger-app-dev-tools` provided by Ledger to build the app.

src/apdu_sign.c

@@ -186,13 +186,6 @@ static bool sign_reject(void) {
     return true;
 }
 
-/// Magic byte values
-/// See: https://tezos.gitlab.io/user/key-management.html#signer-requests
-#define MAGIC_BYTE_UNSAFE_OP      0x03u  /// magic byte of an operation
-#define MAGIC_BYTE_BLOCK          0x11u  /// magic byte of a block
-#define MAGIC_BYTE_PREATTESTATION 0x12u  /// magic byte of a pre-attestation
-#define MAGIC_BYTE_ATTESTATION    0x13u  /// magic byte of an attestation
-
 /**
  * @brief Carries out final checks before signing
  *
@@ -303,11 +296,18 @@ int handle_sign(buffer_t *cdata, const bool last, const bool with_hash) {
     TZ_ASSERT(G.packet_index == 1u, EXC_PARSE_ERROR);
 
     TZ_ASSERT(buffer_read_u8(cdata, &G.magic_byte), EXC_PARSE_ERROR);
+    bool is_attestation = false;
 
     switch (G.magic_byte) {
         case MAGIC_BYTE_PREATTESTATION:
+            is_attestation = false;
+            TZ_ASSERT(parse_consensus_operation(cdata, &G.parsed_baking_data, is_attestation),
+                      EXC_PARSE_ERROR);
+            break;
         case MAGIC_BYTE_ATTESTATION:
-            TZ_ASSERT(parse_consensus_operation(cdata, &G.parsed_baking_data), EXC_PARSE_ERROR);
+            is_attestation = true;
+            TZ_ASSERT(parse_consensus_operation(cdata, &G.parsed_baking_data, is_attestation),
+                      EXC_PARSE_ERROR);
             break;
         case MAGIC_BYTE_BLOCK:
             TZ_ASSERT(parse_block(cdata, &G.parsed_baking_data), EXC_PARSE_ERROR);

src/baking_auth.c

@@ -216,10 +216,6 @@ bool parse_block(buffer_t *buf, parsed_baking_data_t *const out) {
     return true;
 }
 
-#define TAG_PREATTESTATION  20
-#define TAG_ATTESTATION     21
-#define TAG_ATTESTATION_DAL 23
-
 /**
  * Data:
  *   + (4 bytes)  uint32:  chain id of the block
@@ -230,33 +226,21 @@ bool parse_block(buffer_t *buf, parsed_baking_data_t *const out) {
  *   + (4 bytes)  uint32:  round of the related block
  *   + (32 bytes) uint8 *: hash of the related block
  */
-bool parse_consensus_operation(buffer_t *buf, parsed_baking_data_t *const out) {
-    uint8_t tag;
-
+bool parse_consensus_operation(buffer_t *buf,
+                               parsed_baking_data_t *const out,
+                               bool is_attestation) {
     if (!buffer_read_u32(buf, &out->chain_id.v, BE) ||   // chain id
         !buffer_seek_cur(buf, 32u * sizeof(uint8_t)) ||  // ignore branch
-        !buffer_read_u8(buf, &tag) ||                    // tag
+        !buffer_seek_cur(buf, sizeof(uint8_t)) ||        // ignore tag
         !buffer_seek_cur(buf, sizeof(uint16_t)) ||       // ignore slot
         !buffer_read_u32(buf, &out->level, BE) ||        // level
         !buffer_read_u32(buf, &out->round, BE) ||        // round
         !buffer_seek_cur(buf, 32u * sizeof(uint8_t))     // ignore hash
     ) {
         return false;
     }
-
-    switch (tag) {
-        case TAG_PREATTESTATION:
-            out->type = BAKING_TYPE_PREATTESTATION;
-            break;
-        case TAG_ATTESTATION:
-        case TAG_ATTESTATION_DAL:
-            out->type = BAKING_TYPE_ATTESTATION;
-            break;
-        default:
-            return false;
-    }
+    out->type = is_attestation ? BAKING_TYPE_ATTESTATION : BAKING_TYPE_PREATTESTATION;
 
     out->is_tenderbake = true;
-
     return true;
 }

src/baking_auth.h

@@ -79,6 +79,7 @@ bool parse_block(buffer_t *buf, parsed_baking_data_t *const out);
  *
  * @param buf: input buffer containing the consensus operation
  * @param out: baking data output
+ * @param is_attestation: whether its an attestation or pre-attestation.
  * @return bool: returns false if it is invalid
  */
-bool parse_consensus_operation(buffer_t *buf, parsed_baking_data_t *const out);
+bool parse_consensus_operation(buffer_t *buf, parsed_baking_data_t *const out, bool is_attestation);

src/globals.h

@@ -106,7 +106,7 @@ typedef struct {
     blake2b_hash_state_t hash_state;     ///< current blake2b hash state
     uint8_t final_hash[SIGN_HASH_SIZE];  ///< buffer to hold hash of all the message
 
-    uint8_t magic_byte;              ///< current magic byte read
+    magic_byte_t magic_byte;         ///< current magic byte read
     struct parse_state parse_state;  ///< current parser state
 } apdu_sign_state_t;
 

src/types.h

@@ -68,6 +68,17 @@ typedef enum {
     BAKING_TYPE_PREATTESTATION
 } baking_type_t;
 
+/**
+ * @brief magic byte of operations
+ * See: https://tezos.gitlab.io/user/key-management.html#signer-requests
+ */
+typedef enum {
+    MAGIC_BYTE_UNSAFE_OP = 0x03u,       /// magic byte of an operation
+    MAGIC_BYTE_BLOCK = 0x11u,           /// magic byte of a block
+    MAGIC_BYTE_PREATTESTATION = 0x12u,  /// magic byte of a pre-attestation
+    MAGIC_BYTE_ATTESTATION = 0x13u,     /// magic byte of an attestation
+} magic_byte_t;
+
 typedef uint32_t level_t;
 typedef uint32_t round_t;
 

test/requirements.txt

@@ -1,5 +1,5 @@
 base58
 bip32
 GitPython
-pytezos>=3.11.3
+pytezos==3.11.3
 ragger>=1.18.1