From 33facd151d662fbc9afb62e09867bbf7e7b26325 Mon Sep 17 00:00:00 2001 From: SomberNight Date: Tue, 17 Dec 2019 21:33:07 +0100 Subject: [PATCH] ledger.sign_transaction: always do certain output checks --- electrum/plugins/ledger/ledger.py | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/electrum/plugins/ledger/ledger.py b/electrum/plugins/ledger/ledger.py index 0b32edd58..6d621a1aa 100644 --- a/electrum/plugins/ledger/ledger.py +++ b/electrum/plugins/ledger/ledger.py @@ -379,21 +379,23 @@ class Ledger_KeyStore(Hardware_KeyStore): txOutput += script txOutput = bfh(txOutput) - # Recognize outputs + if not client_electrum.supports_multi_output(): + if len(tx.outputs()) > 2: + self.give_error("Transaction with more than 2 outputs not supported") + for txout in tx.outputs(): + if not txout.address: + if client_electrum.is_hw1(): + self.give_error(_("Only address outputs are supported by {}").format(self.device)) + # note: max_size based on https://github.com/LedgerHQ/ledger-app-btc/commit/3a78dee9c0484821df58975803e40d58fbfc2c38#diff-c61ccd96a6d8b54d48f54a3bc4dfa7e2R26 + validate_op_return_output(txout, max_size=190) + + # Output "change" detection # - only one output and one change is authorized (for hw.1 and nano) # - at most one output can bypass confirmation (~change) (for all) if not p2shTransaction: - if not client_electrum.supports_multi_output(): - if len(tx.outputs()) > 2: - self.give_error("Transaction with more than 2 outputs not supported") has_change = False any_output_on_change_branch = is_any_tx_output_on_change_branch(tx) for txout in tx.outputs(): - if not txout.address: - if client_electrum.is_hw1(): - self.give_error(_("Only address outputs are supported by {}").format(self.device)) - # note: max_size based on https://github.com/LedgerHQ/ledger-app-btc/commit/3a78dee9c0484821df58975803e40d58fbfc2c38#diff-c61ccd96a6d8b54d48f54a3bc4dfa7e2R26 - validate_op_return_output(txout, max_size=190) if txout.is_mine and len(tx.outputs()) > 1 \ and not has_change: # prioritise hiding outputs on the 'change' branch from user