save trezor device id and label and compare on startup

Author: OBorce

wallet/Cargo.toml

@@ -45,5 +45,3 @@ tempfile.workspace = true
 [features]
 trezor = ["dep:trezor-client", "wallet-types/trezor"]
 trezor-emulator = []
-
-default = ["trezor"]

wallet/src/signer/mod.rs

@@ -37,8 +37,8 @@ use wallet_storage::{
     WalletStorageReadLocked, WalletStorageReadUnlocked, WalletStorageWriteUnlocked,
 };
 use wallet_types::{
-    partially_signed_transaction::PartiallySignedTransaction, signature_status::SignatureStatus,
-    AccountId,
+    hw_data::HardwareWalletData, partially_signed_transaction::PartiallySignedTransaction,
+    signature_status::SignatureStatus, AccountId,
 };
 
 use crate::{
@@ -156,4 +156,6 @@ pub trait SignerProvider {
         db_tx: &impl WalletStorageReadLocked,
         id: &AccountId,
     ) -> WalletResult<Account<Self::K>>;
+
+    fn get_hardware_wallet_data(&mut self) -> Option<HardwareWalletData>;
 }

wallet/src/signer/software_signer/mod.rs

@@ -48,8 +48,8 @@ use wallet_storage::{
     WalletStorageWriteUnlocked,
 };
 use wallet_types::{
-    partially_signed_transaction::PartiallySignedTransaction, seed_phrase::StoreSeedPhrase,
-    signature_status::SignatureStatus, AccountId,
+    hw_data::HardwareWalletData, partially_signed_transaction::PartiallySignedTransaction,
+    seed_phrase::StoreSeedPhrase, signature_status::SignatureStatus, AccountId,
 };
 
 use crate::{
@@ -480,6 +480,10 @@ impl SignerProvider for SoftwareSignerProvider {
     ) -> WalletResult<Account<Self::K>> {
         Account::load_from_database(chain_config, db_tx, id)
     }
+
+    fn get_hardware_wallet_data(&mut self) -> Option<HardwareWalletData> {
+        None
+    }
 }
 
 #[cfg(test)]

wallet/src/signer/trezor_signer/mod.rs

@@ -84,6 +84,7 @@ use wallet_storage::{
 };
 use wallet_types::{
     account_info::DEFAULT_ACCOUNT_INDEX,
+    hw_data::{HardwareWalletData, TrezorData},
     partially_signed_transaction::{
         OrderAdditionalInfo, PartiallySignedTransaction, TokenAdditionalInfo, TxAdditionalInfo,
     },
@@ -1133,6 +1134,7 @@ fn to_trezor_output_lock(lock: &OutputTimeLock) -> trezor_client::protos::Mintla
 #[derive(Clone)]
 pub struct TrezorSignerProvider {
     client: Arc<Mutex<Trezor>>,
+    data: TrezorData,
 }
 
 impl std::fmt::Debug for TrezorSignerProvider {
@@ -1143,22 +1145,24 @@ impl std::fmt::Debug for TrezorSignerProvider {
 
 impl TrezorSignerProvider {
     pub fn new() -> Result<Self, TrezorError> {
-        let client =
+        let (client, data) =
             find_trezor_device().map_err(|err| TrezorError::DeviceError(err.to_string()))?;
 
         Ok(Self {
             client: Arc::new(Mutex::new(client)),
+            data,
         })
     }
 
     pub fn load_from_database(
         chain_config: Arc<ChainConfig>,
         db_tx: &impl WalletStorageReadLocked,
     ) -> WalletResult<Self> {
-        let client = find_trezor_device().map_err(SignerError::TrezorError)?;
+        let (client, data) = find_trezor_device().map_err(SignerError::TrezorError)?;
 
         let provider = Self {
             client: Arc::new(Mutex::new(client)),
+            data,
         };
 
         check_public_keys(db_tx, &provider, chain_config)?;
@@ -1219,14 +1223,34 @@ fn check_public_keys(
         .ok_or(WalletError::WalletNotInitialized)?;
     let expected_pk = provider.fetch_extended_pub_key(&chain_config, DEFAULT_ACCOUNT_INDEX)?;
     let loaded_acc = provider.load_account_from_database(chain_config, db_tx, &first_acc)?;
-    ensure!(
-        loaded_acc.key_chain().account_public_key() == &expected_pk,
-        WalletError::HardwareWalletDifferentFile
-    );
-    Ok(())
+
+    if loaded_acc.key_chain().account_public_key() == &expected_pk {
+        return Ok(());
+    }
+
+    if let Some(data) = db_tx.get_hardware_wallet_data()? {
+        match data {
+            HardwareWalletData::Trezor(data) => {
+                // If the device_id and label are the same but public keys are different, maybe a
+                // different passphrase was used
+                if data == provider.data {
+                    return Err(WalletError::HardwareWalletDifferentPassphrase);
+                } else {
+                    return Err(WalletError::HardwareWalletDifferentDevice(
+                        data.device_id,
+                        provider.data.device_id.clone(),
+                        data.label,
+                        provider.data.label.clone(),
+                    ));
+                }
+            }
+        }
+    }
+
+    Err(WalletError::HardwareWalletDifferentFile)
 }
 
-fn find_trezor_device() -> Result<Trezor, TrezorError> {
+fn find_trezor_device() -> Result<(Trezor, TrezorData), TrezorError> {
     let mut devices = find_devices(false)
         .into_iter()
         .filter(|device| device.model == Model::Trezor || device.model == Model::TrezorEmulator)
@@ -1250,7 +1274,12 @@ fn find_trezor_device() -> Result<Trezor, TrezorError> {
         TrezorError::MintlayerFeaturesNotSupported
     );
 
-    Ok(client)
+    let data = TrezorData {
+        label: features.label().to_owned(),
+        device_id: features.device_id().to_owned(),
+    };
+
+    Ok((client, data))
 }
 
 impl SignerProvider for TrezorSignerProvider {
@@ -1291,6 +1320,10 @@ impl SignerProvider for TrezorSignerProvider {
     ) -> WalletResult<Account<Self::K>> {
         Account::load_from_database(chain_config, db_tx, id)
     }
+
+    fn get_hardware_wallet_data(&mut self) -> Option<HardwareWalletData> {
+        Some(HardwareWalletData::Trezor(self.data.clone()))
+    }
 }
 
 #[cfg(feature = "trezor-emulator")]

wallet/src/wallet/mod.rs

@@ -258,6 +258,10 @@ pub enum WalletError {
     CannotChangeTrezorWalletType,
     #[error("The file being loaded does not correspond to the connected hardware wallet")]
     HardwareWalletDifferentFile,
+    #[error("The file being loaded does not correspond to the connected hardware wallet: File DeviceId {0}, Connected device {1}, labels {2} and {3}")]
+    HardwareWalletDifferentDevice(String, String, String, String),
+    #[error("The file being loaded correspond to the connected hardware wallet, but public keys are different. Maybe a wrong passphrase was inputed?")]
+    HardwareWalletDifferentPassphrase,
     #[error("Missing additional data for Pool {0}")]
     MissingPoolAdditionalData(PoolId),
     #[error("Missing additional data for Token {0}")]
@@ -344,6 +348,10 @@ where
         db_tx.set_wallet_type(wallet_type)?;
         let mut signer_provider = signer_provider(&mut db_tx)?;
 
+        if let Some(data) = signer_provider.get_hardware_wallet_data() {
+            db_tx.set_hardware_wallet_data(data)?;
+        }
+
         let default_account = Wallet::<B, P>::create_next_unused_account(
             U31::ZERO,
             chain_config.clone(),

wallet/storage/Cargo.toml

@@ -25,3 +25,6 @@ bip39 = { workspace = true, default-features = false, features = ["std", "zeroiz
 test-utils = { path = "../../test-utils" }
 
 rstest.workspace = true
+
+[features]
+trezor = ["wallet-types/trezor"]

wallet/storage/src/internal/store_tx.rs

@@ -47,9 +47,13 @@ use wallet_types::{
     AccountDerivationPathId, AccountId, AccountInfo, AccountKeyPurposeId, AccountWalletCreatedTxId,
     AccountWalletTxId, KeychainUsageState, WalletTx,
 };
+
+use wallet_types::hw_data;
+
 mod well_known {
     use common::chain::block::timestamp::BlockTimestamp;
     use crypto::kdf::KdfChallenge;
+    use wallet_types::hw_data;
     use wallet_types::{account_info::AccountVrfKeys, chain_info::ChainInfo, wallet_type};
 
     use super::Codec;
@@ -79,6 +83,7 @@ mod well_known {
     declare_entry!(LookaheadSize: u32);
     declare_entry!(LegacyVfrPubKey: AccountVrfKeys);
     declare_entry!(WalletType: wallet_type::WalletType);
+    declare_entry!(HardwareWalletData: hw_data::HardwareWalletData);
 }
 
 #[derive(PartialEq, Clone)]
@@ -337,6 +342,12 @@ macro_rules! impl_read_ops {
                 let lookahead = self.read_value::<well_known::LookaheadSize>()?;
                 lookahead.ok_or(crate::Error::WalletDbInconsistentState)
             }
+
+            fn get_hardware_wallet_data(
+                &self,
+            ) -> crate::Result<Option<hw_data::HardwareWalletData>> {
+                self.read_value::<well_known::HardwareWalletData>()
+            }
         }
 
         impl<'st, B: storage::Backend> $TxType<'st, B> {
@@ -600,6 +611,13 @@ macro_rules! impl_write_ops {
             fn set_lookahead_size(&mut self, lookahead_size: u32) -> crate::Result<()> {
                 self.write_value::<well_known::LookaheadSize>(&lookahead_size)
             }
+
+            fn set_hardware_wallet_data(
+                &mut self,
+                data: hw_data::HardwareWalletData,
+            ) -> crate::Result<()> {
+                self.write_value::<well_known::HardwareWalletData>(&data)
+            }
         }
 
         impl<'st, B: storage::Backend> $TxType<'st, B> {

wallet/storage/src/lib.rs

@@ -35,6 +35,7 @@ use wallet_types::{
     account_id::{AccountAddress, AccountPublicKey},
     account_info::{AccountVrfKeys, StandaloneMultisig, StandaloneWatchOnlyKey},
     chain_info::ChainInfo,
+    hw_data::HardwareWalletData,
     keys::RootKeys,
     seed_phrase::SerializableSeedPhrase,
     wallet_type::WalletType,
@@ -118,6 +119,7 @@ pub trait WalletStorageReadLocked {
     ) -> Result<BTreeMap<AccountDerivationPathId, ExtendedPublicKey>>;
     fn get_median_time(&self) -> Result<Option<BlockTimestamp>>;
     fn get_lookahead_size(&self) -> Result<u32>;
+    fn get_hardware_wallet_data(&self) -> Result<Option<HardwareWalletData>>;
 }
 
 /// Queries on persistent wallet data with access to encrypted data
@@ -197,6 +199,7 @@ pub trait WalletStorageWriteLocked: WalletStorageReadLocked {
     fn set_lookahead_size(&mut self, lookahead_size: u32) -> Result<()>;
     fn clear_public_keys(&mut self) -> Result<()>;
     fn clear_addresses(&mut self) -> Result<()>;
+    fn set_hardware_wallet_data(&mut self, data: HardwareWalletData) -> Result<()>;
 }
 
 /// Modifying operations on persistent wallet data with access to encrypted data

wallet/types/src/hw_data.rs

@@ -0,0 +1,30 @@
+// Copyright (c) 2025 RBB S.r.l
+// opensource@mintlayer.org
+// SPDX-License-Identifier: MIT
+// Licensed under the MIT License;
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://github.com/mintlayer/mintlayer-core/blob/master/LICENSE
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use serialization::{Decode, Encode};
+
+#[cfg(feature = "trezor")]
+#[derive(Debug, Clone, PartialEq, Eq, Encode, Decode)]
+pub struct TrezorData {
+    pub device_id: String,
+    pub label: String,
+}
+
+#[derive(Debug, Clone, Encode, Decode)]
+pub enum HardwareWalletData {
+    #[cfg(feature = "trezor")]
+    #[codec(index = 0)]
+    Trezor(TrezorData),
+}

wallet/types/src/lib.rs

@@ -17,6 +17,7 @@ pub mod account_id;
 pub mod account_info;
 pub mod chain_info;
 pub mod currency;
+pub mod hw_data;
 pub mod keys;
 pub mod partially_signed_transaction;
 pub mod seed_phrase;