Cypherock
diff --git a/‎apps/starknet_app/starkcurve.h‎
Lines changed: 113 additions & 0 deletions b/‎apps/starknet_app/starkcurve.h‎
Lines changed: 113 additions & 0 deletions
diff --git a/‎apps/starknet_app/starknet_crypto.c‎
Lines changed: 18 additions & 101 deletions b/‎apps/starknet_app/starknet_crypto.c‎
Lines changed: 18 additions & 101 deletions
diff --git a/‎apps/starknet_app/starknet_helpers.c‎
Lines changed: 22 additions & 22 deletions b/‎apps/starknet_app/starknet_helpers.c‎
Lines changed: 22 additions & 22 deletions
diff --git a/‎apps/starknet_app/starknet_pedersen.c‎
Lines changed: 1 addition & 1 deletion b/‎apps/starknet_app/starknet_pedersen.c‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎apps/starknet_app/starknet_pedersen.h‎
Lines changed: 2 additions & 1 deletion b/‎apps/starknet_app/starknet_pedersen.h‎
Lines changed: 2 additions & 1 deletion
@@ -0,0 +1,113 @@
+/**
+ * @file    starkcurve.h
+ * @author  Cypherock X1 Team
+ * @brief   Constants for Starknet curve.
+ * @copyright Copyright (c) 2023 HODL TECH PTE LTD
+ * <br/> You may obtain a copy of license at <a href="https://mitcc.org/"
+ *target=_blank>https://mitcc.org/</a>
+ *
+ ******************************************************************************
+ * @attention
+ *
+ * (c) Copyright 2023 by HODL TECH PTE LTD
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject
+ * to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR
+ * ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
+ * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ *
+ * "Commons Clause" License Condition v1.0
+ *
+ * The Software is provided to you by the Licensor under the License,
+ * as defined below, subject to the following condition.
+ *
+ * Without limiting other conditions in the License, the grant of
+ * rights under the License will not include, and the License does not
+ * grant to you, the right to Sell the Software.
+ *
+ * For purposes of the foregoing, "Sell" means practicing any or all
+ * of the rights granted to you under the License to provide to third
+ * parties, for a fee or other consideration (including without
+ * limitation fees for hosting or consulting/ support services related
+ * to the Software), a product or service whose value derives, entirely
+ * or substantially, from the functionality of the Software. Any license
+ * notice or attribution required by the License must also include
+ * this Commons Clause License Condition notice.
+ *
+ * Software: All X1Wallet associated files.
+ * License: MIT
+ * Licensor: HODL TECH PTE LTD
+ *
+ ******************************************************************************
+ */
+
+/*****************************************************************************
+ * INCLUDES
+ *****************************************************************************/
+
+/*****************************************************************************
+ * EXTERN VARIABLES
+ *****************************************************************************/
+
+/*****************************************************************************
+ * MACROS AND DEFINES
+ *****************************************************************************/
+#define SIZE_HEX 16
+
+// Starknet curve constants
+#define STARKNET_CURVE_PRIME                                                   \
+  "0800000000000011000000000000000000000000000000000000000000000001"
+#define STARKNET_CURVE_GX                                                      \
+  "01EF15C18599971B7BECED415A40F0C7DEACFD9B0D1819E03D723D8BC943CFCA"
+#define STARKNET_CURVE_GY                                                      \
+  "005668060AA49730B7BE4801DF46EC62DE53ECD11ABE43A32873000C36E8DC1F"
+#define STARKNET_CURVE_ORDER                                                   \
+  "0800000000000010ffffffffffffffffb781126dcae7b2321e66a241adc64d2f"
+#define STARKNET_CURVE_ORDER_HALF                                              \
+  "04000000000000087fffffffffffffffdbc08936e573d9190f335120d6e32697"
+#define STARKNET_CURVE_A                                                       \
+  "0000000000000000000000000000000000000000000000000000000000000001"
+#define STARKNET_CURVE_B                                                       \
+  "06f21413efbe40de150e596d72f7a8c5609ad26c15c915c1f4cdfcb99cee9e89"
+
+// starknet pedersen points
+// Ref: https://docs.starkware.co/starkex/crypto/pedersen-hash-function.html
+#define STARKNET_PEDERSEN_POINT_0_X                                            \
+  "049EE3EBA8C1600700EE1B87EB599F16716B0B1022947733551FDE4050CA6804"
+#define STARKNET_PEDERSEN_POINT_0_Y                                            \
+  "03CA0CFE4B3BC6DDF346D49D06EA0ED34E621062C0E056C1D0405D266E10268A"
+#define STARKNET_PEDERSEN_POINT_1_X                                            \
+  "0234287DCBAFFE7F969C748655FCA9E58FA8120B6D56EB0C1080D17957EBE47B"
+#define STARKNET_PEDERSEN_POINT_1_Y                                            \
+  "03B056F100F96FB21E889527D41F4E39940135DD7A6C94CC6ED0268EE89E5615"
+#define STARKNET_PEDERSEN_POINT_2_X                                            \
+  "04FA56F376C83DB33F9DAB2656558F3399099EC1DE5E3018B7A6932DBA8AA378"
+#define STARKNET_PEDERSEN_POINT_2_Y                                            \
+  "03FA0984C931C9E38113E0C0E47E4401562761F92A7A23B45168F4E80FF5B54D"
+#define STARKNET_PEDERSEN_POINT_3_X                                            \
+  "04BA4CC166BE8DEC764910F75B45F74B40C690C74709E90F3AA372F0BD2D6997"
+#define STARKNET_PEDERSEN_POINT_3_Y                                            \
+  "040301CF5C1751F4B971E46C4EDE85FCAC5C59A5CE5AE7C48151F27B24B219C"
+#define STARKNET_PEDERSEN_POINT_4_X                                            \
+  "054302DCB0E6CC1C6E44CCA8F61A63BB2CA65048D53FB325D36FF12C49A58202"
+#define STARKNET_PEDERSEN_POINT_4_Y                                            \
+  "01B77B3E37D13504B348046268D8AE25CE98AD783C25561A879DCC77E99C2426"
+
+// starknet limit
+#define STARKNET_LIMIT                                                         \
+  "F80000000000020EFFFFFFFFFFFFFFF738A13B4B920E9411AE6DA5F40B0358B1"
@@ -61,6 +61,7 @@
  *****************************************************************************/
 #include "starknet_crypto.h"
 
+#include <starkcurve.h>
 #include <stdio.h>
 
 #include "mini-gmp.h"
@@ -118,119 +119,35 @@ static void stark_curve_init() {
   mpz_init(stark256.a);
   mpz_init(stark256.b);
 
-  // Prime
-  mpz_set_str(
-      stark256.prime,
-      "0800000000000011000000000000000000000000000000000000000000000001",
-      16);
-
-  // Generator_point x
-  mpz_set_str(
-      stark256.G.x,
-      "01EF15C18599971B7BECED415A40F0C7DEACFD9B0D1819E03D723D8BC943CFCA",
-      16);
-
-  // Generator_point y
-  mpz_set_str(
-      stark256.G.y,
-      "005668060AA49730B7BE4801DF46EC62DE53ECD11ABE43A32873000C36E8DC1F",
-      16);
-
-  // Order
-  mpz_set_str(
-      stark256.order,
-      "0800000000000010ffffffffffffffffb781126dcae7b2321e66a241adc64d2f",
-      16);
-
-  // Order half
-  mpz_set_str(
-      stark256.order_half,
-      "04000000000000087fffffffffffffffdbc08936e573d9190f335120d6e32697",
-      16);
-
-  // Alpha
-  mpz_set_str(
-      stark256.a,
-      "0000000000000000000000000000000000000000000000000000000000000001",
-      16);
-
-  // Beta
-  mpz_set_str(
-      stark256.b,
-      "06f21413efbe40de150e596d72f7a8c5609ad26c15c915c1f4cdfcb99cee9e89",
-      16);
+  mpz_set_str(stark256.prime, STARKNET_CURVE_PRIME, SIZE_HEX);
+  mpz_set_str(stark256.G.x, STARKNET_CURVE_GX, SIZE_HEX);
+  mpz_set_str(stark256.G.y, STARKNET_CURVE_GY, SIZE_HEX);
+  mpz_set_str(stark256.order, STARKNET_CURVE_ORDER, SIZE_HEX);
+  mpz_set_str(stark256.order_half, STARKNET_CURVE_ORDER_HALF, SIZE_HEX);
+  mpz_set_str(stark256.a, STARKNET_CURVE_A, SIZE_HEX);
+  mpz_set_str(stark256.b, STARKNET_CURVE_B, SIZE_HEX);
 
   stark_curve = &stark256;
 }
 
 static void stark_pedersen_init() {
-  // Ref: https://docs.starkware.co/starkex/crypto/pedersen-hash-function.html
-
   static mpz_pedersen pedersen;
   // Initialize all mpz_t variables in the pedersen structure
   for (int i = 0; i < 5; i++) {
     mpz_init(pedersen.P[i].x);
     mpz_init(pedersen.P[i].y);
   }
 
-  // Shift_point x
-  mpz_set_str(
-      pedersen.P[0].x,
-      "049EE3EBA8C1600700EE1B87EB599F16716B0B1022947733551FDE4050CA6804",
-      16);
-
-  // Shift_point y
-  mpz_set_str(
-      pedersen.P[0].y,
-      "03CA0CFE4B3BC6DDF346D49D06EA0ED34E621062C0E056C1D0405D266E10268A",
-      16);
-
-  // Pedersen_point_1 x
-  mpz_set_str(
-      pedersen.P[1].x,
-      "0234287DCBAFFE7F969C748655FCA9E58FA8120B6D56EB0C1080D17957EBE47B",
-      16);
-
-  // Pedersen_point_1 y
-  mpz_set_str(
-      pedersen.P[1].y,
-      "03B056F100F96FB21E889527D41F4E39940135DD7A6C94CC6ED0268EE89E5615",
-      16);
-
-  // Pedersen_point_2 x
-  mpz_set_str(
-      pedersen.P[2].x,
-      "04FA56F376C83DB33F9DAB2656558F3399099EC1DE5E3018B7A6932DBA8AA378",
-      16);
-
-  // Pedersen_point_2 y
-  mpz_set_str(
-      pedersen.P[2].y,
-      "03FA0984C931C9E38113E0C0E47E4401562761F92A7A23B45168F4E80FF5B54D",
-      16);
-
-  // Pedersen_point_3 x
-  mpz_set_str(
-      pedersen.P[3].x,
-      "04BA4CC166BE8DEC764910F75B45F74B40C690C74709E90F3AA372F0BD2D6997",
-      16);
-
-  // Pedersen_point_3 y
-  mpz_set_str(pedersen.P[3].y,
-              "040301CF5C1751F4B971E46C4EDE85FCAC5C59A5CE5AE7C48151F27B24B219C",
-              16);
-
-  // Pedersen_point_4 x
-  mpz_set_str(
-      pedersen.P[4].x,
-      "054302DCB0E6CC1C6E44CCA8F61A63BB2CA65048D53FB325D36FF12C49A58202",
-      16);
-
-  // Pedersen_point_4 y
-  mpz_set_str(
-      pedersen.P[4].y,
-      "01B77B3E37D13504B348046268D8AE25CE98AD783C25561A879DCC77E99C2426",
-      16);
+  mpz_set_str(pedersen.P[0].x, STARKNET_PEDERSEN_POINT_0_X, SIZE_HEX);
+  mpz_set_str(pedersen.P[0].y, STARKNET_PEDERSEN_POINT_0_Y, SIZE_HEX);
+  mpz_set_str(pedersen.P[1].x, STARKNET_PEDERSEN_POINT_1_X, SIZE_HEX);
+  mpz_set_str(pedersen.P[1].y, STARKNET_PEDERSEN_POINT_1_Y, SIZE_HEX);
+  mpz_set_str(pedersen.P[2].x, STARKNET_PEDERSEN_POINT_2_X, SIZE_HEX);
+  mpz_set_str(pedersen.P[2].y, STARKNET_PEDERSEN_POINT_2_Y, SIZE_HEX);
+  mpz_set_str(pedersen.P[3].x, STARKNET_PEDERSEN_POINT_3_X, SIZE_HEX);
+  mpz_set_str(pedersen.P[3].y, STARKNET_PEDERSEN_POINT_3_Y, SIZE_HEX);
+  mpz_set_str(pedersen.P[4].x, STARKNET_PEDERSEN_POINT_4_X, SIZE_HEX);
+  mpz_set_str(pedersen.P[4].y, STARKNET_PEDERSEN_POINT_4_Y, SIZE_HEX);
 
   starknet_pedersen_points = &pedersen;
 }
 
@@ -63,6 +63,7 @@
 #include "starknet_helpers.h"
 
 #include <error.pb.h>
+#include <starkcurve.h>
 
 #include "coin_utils.h"
 #include "mini-gmp-helpers.h"
@@ -105,43 +106,41 @@ static bool grind_key(const uint8_t *grind_seed, uint8_t *out);
  *****************************************************************************/
 
 bool grind_key(const uint8_t *grind_seed, uint8_t *out) {
-  uint8_t key[32] = {0};
+  uint8_t key[STARKNET_BIGNUM_SIZE] = {0};
   mpz_t strk_limit;
   mpz_t strk_key;
-  mpz_t stark_order;
 
-  // Initialize stark_order
-  mpz_init_set_str(
-      stark_order,
-      "0800000000000010FFFFFFFFFFFFFFFFB781126DCAE7B2321E66A241ADC64D2F",
-      16);
-
-  // Initialize strk_limit
-  mpz_init_set_str(
-      strk_limit,
-      "F80000000000020EFFFFFFFFFFFFFFF738A13B4B920E9411AE6DA5F40B0358B1",
-      16);
+  mpz_init_set_str(strk_limit, STARKNET_LIMIT, SIZE_HEX);
 
   SHA256_CTX ctx = {0};
   mpz_init(strk_key);
   for (uint8_t itr = 0; itr < 200; itr++) {
     sha256_Init(&ctx);
-    sha256_Update(&ctx, grind_seed, 32);
+    sha256_Update(&ctx, grind_seed, STARKNET_BIGNUM_SIZE);
     sha256_Update(&ctx, &itr, 1);
     sha256_Final(&ctx, key);
 
-    byte_array_to_mpz(strk_key, key, 32);
+    byte_array_to_mpz(strk_key, key, STARKNET_BIGNUM_SIZE);
     if (mpz_cmp(strk_key, strk_limit) == -1) {
       mpz_t f_key;
       mpz_init(f_key);
-      mpz_mod(f_key, strk_key, stark_order);
-      mpz_to_byte_array(f_key, out, 32);
+      mpz_mod(f_key, strk_key, stark_curve->order);
+      mpz_to_byte_array(f_key, out, STARKNET_BIGNUM_SIZE);
+
+      // clear mpz variables
+      mpz_clear(f_key);
+      mpz_clear(strk_key);
+      mpz_clear(strk_limit);
       return true;
     }
   }
 
   starknet_send_error(ERROR_COMMON_ERROR_UNKNOWN_ERROR_TAG, 0);
   LOG_CRITICAL("ERROR: grind 200 iterations failed\n");
+
+  // clear mpz variables
+  mpz_clear(strk_key);
+  mpz_clear(strk_limit);
   return false;
 }
 
@@ -184,27 +183,28 @@ bool starknet_derive_key_from_seed(const uint8_t *seed,
     return false;
   }
 
-  uint8_t stark_private_key[32] = {0};
+  uint8_t stark_private_key[STARKNET_BIGNUM_SIZE] = {0};
   mpz_curve_point p;
   mpz_curve_point_init(&p);
   if (!grind_key(stark_child_node.private_key, stark_private_key)) {
+    mpz_curve_point_clear(&p);
     return false;
   }
 
   // copy stark priv key if required
   if (key_priv != NULL) {
-    memzero(key_priv, 32);
-    memcpy(key_priv, stark_private_key, 32);
+    memzero(key_priv, STARKNET_BIGNUM_SIZE);
+    memcpy(key_priv, stark_private_key, STARKNET_BIGNUM_SIZE);
   }
 
   // derive stark pub key from stark priv key
   mpz_t priv_key;
   mpz_init(priv_key);
-  byte_array_to_mpz(priv_key, stark_private_key, 32);
+  byte_array_to_mpz(priv_key, stark_private_key, STARKNET_BIGNUM_SIZE);
   mpz_curve_point_multiply(stark_curve, priv_key, &stark_curve->G, &p);
   mpz_clear(priv_key);    // clear priv key when no longer required
 
-  uint8_t stark_public_key[32] = {0};
+  uint8_t stark_public_key[STARKNET_BIGNUM_SIZE] = {0};
   mpz_to_byte_array(p.x, stark_public_key, STARKNET_PUB_KEY_SIZE);
 
   // copy stark pub key if required
 
@@ -123,7 +123,7 @@ void compute_hash_on_elements(uint8_t data[][STARKNET_BIGNUM_SIZE],
     pederson_hash(result, data[index], STARKNET_BIGNUM_SIZE, result);
   }
 
-  uint8_t num_elem_bn[32];
+  uint8_t num_elem_bn[STARKNET_BIGNUM_SIZE];
   starknet_uli_to_bn_byte_array(num_elem, num_elem_bn);
 
   pederson_hash(result, num_elem_bn, STARKNET_BIGNUM_SIZE, result);
 
@@ -76,7 +76,8 @@
 #define LOW_PART_BYTES (LOW_PART_BITS / 8)
 #define LOW_PART_MASK ((1ULL << LOW_PART_BITS) - 1)
 
-#define STARKNET_BIGNUM_SIZE 32
+#define STARKNET_BIGNUM_SIZE                                                   \
+  32    ///< Max byte size of a bignum in starknet context
 #define PEDERSEN_HASH_SIZE 32
 
 #define CALL_DATA_PARAMETER_SIZE 3
Original file line number	Diff line number	Diff line change
`@@ -123,7 +123,7 @@ void compute_hash_on_elements(uint8_t data[][STARKNET_BIGNUM_SIZE],`
`123`	`123`	`pederson_hash(result, data[index], STARKNET_BIGNUM_SIZE, result);`
`124`	`124`	`}`
`125`	`125`
`126`		`- uint8_t num_elem_bn[32];`
	`126`	`+ uint8_t num_elem_bn[STARKNET_BIGNUM_SIZE];`
`127`	`127`	`starknet_uli_to_bn_byte_array(num_elem, num_elem_bn);`
`128`	`128`
`129`	`129`	`pederson_hash(result, num_elem_bn, STARKNET_BIGNUM_SIZE, result);`