trezor
diff --git a/‎common/tests/fixtures/ethereum/sign_tx.json‎
Lines changed: 63 additions & 0 deletions b/‎common/tests/fixtures/ethereum/sign_tx.json‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎core/src/apps/ethereum/yielding.py‎
Lines changed: 73 additions & 56 deletions b/‎core/src/apps/ethereum/yielding.py‎
Lines changed: 73 additions & 56 deletions
@@ -509,6 +509,69 @@
                 "sig_r": "de16620898c6fe3cc5b7d3c5ff6581c2a7845a69bd22f37559f610d6253cfd2f",
                 "sig_s": "58e928b596c930f2f302386025e1eb2a74b342dd9005ae84a161df16a5a295bf"
             }
+        },
+        {
+            "name": "merkl_claim_single_unknown_token",
+            "skip_models": ["t1"],
+            "parameters": {
+                "comment": "Merkl claim: users=[signer], tokens=[0x0fedba...], amounts=[0x085985deab876834], proofs=[19 leaves]; known distributor on chain 1",
+                "data": "71ee95c0000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000014000000000000000000000000000000000000000000000000000000000000000010000000000000000000000004f4f1488acb1ae1b46146ceff804f591dfe660ac00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000fedba9178b70e8b54e2af08ebffcf28a1e5a43b0000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000085985deab87683400000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000001364faf7f5ee9f5b459e66762232f6ab0279fd8ab6528df06e27f904c5c7e2423583b8ec99f8d6a98d35847722f25c4453f5197360fa17d47ec7e0fa5b1b13367a8a669530d902c20fb9fb9c3c69a3c572285fa43a040d7eb7d22f362774686d7c5ff909d98eda2b5db084e42339c2a429e34d427339064e30dd763d1a562d576479f6a3d276b2f67390420fa6b438c9347f2b6049af245a238f2c00899d581884b1e04381651c085a309bfc472c014ac6781c44563b499a33f6aad8e4f04cb2f50c79f2fef01dd4d5228bc0863dd463e1c42464a477cabcbe358760aaef395b67cff9336d50615279a714d0fda73682cd76ecb79a793cc67444d9c9bf84617094a8888ec415452794c573fd4763f4d007b6ed0b9144b5e44ef415a62d559594e90d3b14e9727ccd373a6ff9de79d81004f8d9438d15b170fc4e17a95792037b2f62394b48c45e42c413842e6527d2cb580abb0027d68f4737fe22aa1c78fe48b39760b3d79bf093b92f1b1e06b3466262eecf1fcec634b9f7a297c5bb1d826c8052366d43298286026e2adc9097ad1ce23343a749afa3eda75e9a46a36078fad8ec53b10425ef4c741b3080f0e202cb991edb8964064761e0b220f0bc8ddc10a2a7b6d0f3bfaf8fd330edb1214a8ae12dfe77932a5bee0e973007fa6f02912ee554616811ddc8a74543f7a51956d3435c5503ce74b10a23807d5f055df5ae3b33a4501aa45cbd1e051bb049fd59be3681e03684341ff3ef684d2ee67037d6190504e460c7f56243d1808b4653f0c257dba19729d5b181ef43ba0fe1e802c950a6a6fd6fa408e79277be3e34537fd5f5e060bd9963ac61d06f81be7bf28af8bbaa",
+                "path": "m/44'/60'/0'/0/1",
+                "to_address": "0x3Ef3D8bA38EBe18DB133cEc108f4D14CE00Dd9Ae",
+                "chain_id": 1,
+                "nonce": "0x0",
+                "gas_price": "0x14",
+                "gas_limit": "0x14",
+                "tx_type": null,
+                "value": "0x0"
+            },
+            "result": {
+                "sig_v": 38,
+                "sig_r": "bf92bf4da6889e835172b43c4432c7be5cd4c951c12100070ae8f9c6efa89b6c",
+                "sig_s": "2319eb5be80352885dade9f0c8ff9f437493cdf8dd1490d0cb36ec312a34b4da"
+            }
+        },
+        {
+            "name": "merkl_claim_multiple_tokens",
+            "skip_models": ["t1"],
+            "parameters": {
+                "comment": "Merkl claim: users=[signer, signer], tokens=[0x58d97b..., 0x0fedba...], amounts=[0x16ffd023e945f7, 0x085985deab876834], proofs=[19 leaves each]; known distributor on chain 1",
+                "data": "71ee95c0000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000e0000000000000000000000000000000000000000000000000000000000000014000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000000020000000000000000000000004f4f1488acb1ae1b46146ceff804f591dfe660ac0000000000000000000000004f4f1488acb1ae1b46146ceff804f591dfe660ac000000000000000000000000000000000000000000000000000000000000000200000000000000000000000058d97b57bb95320f9a05dc918aef65434969c2b20000000000000000000000000fedba9178b70e8b54e2af08ebffcf28a1e5a43b00000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000016ffd023e945f7000000000000000000000000000000000000000000000000085985deab8768340000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000002c0000000000000000000000000000000000000000000000000000000000000013569aebf90ff10ac097a50546701ae153e99286f8c241f4ed91106ead272cce863810cfb729513e166b992002039f613de7bdcd6c45ce0a888499b870b1eab46e3d4a652b2a0ae46ec2a113face89d447c92284a298dccbe47d684bd53b64232d876b2fc7136fa1043ebb3b844dcdd9c13f4422cafe5173fe62a7d2bf709f5197ce3a5573d31c95d286d19db7a421e12c57c1eef6786cee048b50a5e033e5b2e31e24183247a8015a7be1dcc25ad0842d764f2634e10387e87774fd29e82f0e5ade85c3ed85fde553a7bb2d735b0ec35f45d8c385409b2dc44a5ec69857ddf445c8ffe9f1841ae94a9e9347648d98a03104c6069f3275264837a9717e9bef6777e518f9843d605f5294b8396c4a3c605f6e8cbba45fbeed07ef538004b51ee109f3f5d8a356cfea44c0b179dcf9d383c3eee20b65ebd1cddd5bba69837e4857362c1abdd40db583a507462a94fc8c0082281c10b22cacf3ed22141d597da373f3e4590ad59736eab415ed0e0aa47cbaffb3317efe1ee85cbf2e470882c6622a791fbc20939ec1866c6c1e6e6fc2a06122af055eba428da8edd234189b2ef4af57333313fb84b79c8a37e19dff644d59d67249dd91c70f0241429b25d27332bacbfb50f6cd33f88ee0e657b03e33878d301aecfec3e7203919cc6b0a666ffd39b43742e6aa9b332c9bfd5d5283373c5449dd4ce43da5bef2c7ca459b8177a16953a4501aa45cbd1e051bb049fd59be3681e03684341ff3ef684d2ee67037d6190504e460c7f56243d1808b4653f0c257dba19729d5b181ef43ba0fe1e802c950a6a6fd6fa408e79277be3e34537fd5f5e060bd9963ac61d06f81be7bf28af8bbaa000000000000000000000000000000000000000000000000000000000000001364faf7f5ee9f5b459e66762232f6ab0279fd8ab6528df06e27f904c5c7e2423583b8ec99f8d6a98d35847722f25c4453f5197360fa17d47ec7e0fa5b1b13367a8a669530d902c20fb9fb9c3c69a3c572285fa43a040d7eb7d22f362774686d7c5ff909d98eda2b5db084e42339c2a429e34d427339064e30dd763d1a562d576479f6a3d276b2f67390420fa6b438c9347f2b6049af245a238f2c00899d581884b1e04381651c085a309bfc472c014ac6781c44563b499a33f6aad8e4f04cb2f50c79f2fef01dd4d5228bc0863dd463e1c42464a477cabcbe358760aaef395b67cff9336d50615279a714d0fda73682cd76ecb79a793cc67444d9c9bf84617094a8888ec415452794c573fd4763f4d007b6ed0b9144b5e44ef415a62d559594e90d3b14e9727ccd373a6ff9de79d81004f8d9438d15b170fc4e17a95792037b2f62394b48c45e42c413842e6527d2cb580abb0027d68f4737fe22aa1c78fe48b39760b3d79bf093b92f1b1e06b3466262eecf1fcec634b9f7a297c5bb1d826c8052366d43298286026e2adc9097ad1ce23343a749afa3eda75e9a46a36078fad8ec53b10425ef4c741b3080f0e202cb991edb8964064761e0b220f0bc8ddc10a2a7b6d0f3bfaf8fd330edb1214a8ae12dfe77932a5bee0e973007fa6f02912ee554616811ddc8a74543f7a51956d3435c5503ce74b10a23807d5f055df5ae3b33a4501aa45cbd1e051bb049fd59be3681e03684341ff3ef684d2ee67037d6190504e460c7f56243d1808b4653f0c257dba19729d5b181ef43ba0fe1e802c950a6a6fd6fa408e79277be3e34537fd5f5e060bd9963ac61d06f81be7bf28af8bbaa",
+                "path": "m/44'/60'/0'/0/1",
+                "to_address": "0x3Ef3D8bA38EBe18DB133cEc108f4D14CE00Dd9Ae",
+                "chain_id": 1,
+                "nonce": "0x0",
+                "gas_price": "0x14",
+                "gas_limit": "0x14",
+                "tx_type": null,
+                "value": "0x0"
+            },
+            "result": {
+                "sig_v": 38,
+                "sig_r": "eb321d658cdc5b2ede5d5e63bf663b2193f95f9c0ad1120aa809b9e8009367e2",
+                "sig_s": "7c32bc4951f877e981652e7f90f4e7654c393f55238408327039c765192a7a00"
+            }
+        },
+        {
+            "name": "merkl_claim_multiple_different_users",
+            "skip_models": ["t1"],
+            "parameters": {
+                "comment": "Merkl claim: users=[0x9ea3..., 0x9ea3...] (not the signer), tokens=[0x58d97b..., 0x0fedba...], amounts=[0x16ffd023e945f7, 0x085985deab876834]; unknown distributor on chain 8453",
+                "data": "71ee95c0000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000e0000000000000000000000000000000000000000000000000000000000000014000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000000020000000000000000000000009ea3721b5bf3b64b4418c38b603154d2d597fae30000000000000000000000009ea3721b5bf3b64b4418c38b603154d2d597fae3000000000000000000000000000000000000000000000000000000000000000200000000000000000000000058d97b57bb95320f9a05dc918aef65434969c2b20000000000000000000000000fedba9178b70e8b54e2af08ebffcf28a1e5a43b00000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000016ffd023e945f7000000000000000000000000000000000000000000000000085985deab8768340000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000002c0000000000000000000000000000000000000000000000000000000000000013569aebf90ff10ac097a50546701ae153e99286f8c241f4ed91106ead272cce863810cfb729513e166b992002039f613de7bdcd6c45ce0a888499b870b1eab46e3d4a652b2a0ae46ec2a113face89d447c92284a298dccbe47d684bd53b64232d876b2fc7136fa1043ebb3b844dcdd9c13f4422cafe5173fe62a7d2bf709f5197ce3a5573d31c95d286d19db7a421e12c57c1eef6786cee048b50a5e033e5b2e31e24183247a8015a7be1dcc25ad0842d764f2634e10387e87774fd29e82f0e5ade85c3ed85fde553a7bb2d735b0ec35f45d8c385409b2dc44a5ec69857ddf445c8ffe9f1841ae94a9e9347648d98a03104c6069f3275264837a9717e9bef6777e518f9843d605f5294b8396c4a3c605f6e8cbba45fbeed07ef538004b51ee109f3f5d8a356cfea44c0b179dcf9d383c3eee20b65ebd1cddd5bba69837e4857362c1abdd40db583a507462a94fc8c0082281c10b22cacf3ed22141d597da373f3e4590ad59736eab415ed0e0aa47cbaffb3317efe1ee85cbf2e470882c6622a791fbc20939ec1866c6c1e6e6fc2a06122af055eba428da8edd234189b2ef4af57333313fb84b79c8a37e19dff644d59d67249dd91c70f0241429b25d27332bacbfb50f6cd33f88ee0e657b03e33878d301aecfec3e7203919cc6b0a666ffd39b43742e6aa9b332c9bfd5d5283373c5449dd4ce43da5bef2c7ca459b8177a16953a4501aa45cbd1e051bb049fd59be3681e03684341ff3ef684d2ee67037d6190504e460c7f56243d1808b4653f0c257dba19729d5b181ef43ba0fe1e802c950a6a6fd6fa408e79277be3e34537fd5f5e060bd9963ac61d06f81be7bf28af8bbaa000000000000000000000000000000000000000000000000000000000000001364faf7f5ee9f5b459e66762232f6ab0279fd8ab6528df06e27f904c5c7e2423583b8ec99f8d6a98d35847722f25c4453f5197360fa17d47ec7e0fa5b1b13367a8a669530d902c20fb9fb9c3c69a3c572285fa43a040d7eb7d22f362774686d7c5ff909d98eda2b5db084e42339c2a429e34d427339064e30dd763d1a562d576479f6a3d276b2f67390420fa6b438c9347f2b6049af245a238f2c00899d581884b1e04381651c085a309bfc472c014ac6781c44563b499a33f6aad8e4f04cb2f50c79f2fef01dd4d5228bc0863dd463e1c42464a477cabcbe358760aaef395b67cff9336d50615279a714d0fda73682cd76ecb79a793cc67444d9c9bf84617094a8888ec415452794c573fd4763f4d007b6ed0b9144b5e44ef415a62d559594e90d3b14e9727ccd373a6ff9de79d81004f8d9438d15b170fc4e17a95792037b2f62394b48c45e42c413842e6527d2cb580abb0027d68f4737fe22aa1c78fe48b39760b3d79bf093b92f1b1e06b3466262eecf1fcec634b9f7a297c5bb1d826c8052366d43298286026e2adc9097ad1ce23343a749afa3eda75e9a46a36078fad8ec53b10425ef4c741b3080f0e202cb991edb8964064761e0b220f0bc8ddc10a2a7b6d0f3bfaf8fd330edb1214a8ae12dfe77932a5bee0e973007fa6f02912ee554616811ddc8a74543f7a51956d3435c5503ce74b10a23807d5f055df5ae3b33a4501aa45cbd1e051bb049fd59be3681e03684341ff3ef684d2ee67037d6190504e460c7f56243d1808b4653f0c257dba19729d5b181ef43ba0fe1e802c950a6a6fd6fa408e79277be3e34537fd5f5e060bd9963ac61d06f81be7bf28af8bbaa",
+                "path": "m/44'/60'/0'/0/1",
+                "to_address": "0x3Ef3D8bA38EBe18DB133cEc108f4D14CE00Dd9Ae",
+                "chain_id": 8453,
+                "nonce": "0x0",
+                "gas_price": "0x14",
+                "gas_limit": "0x14",
+                "tx_type": null,
+                "value": "0x0"
+            },
+            "result": {
+                "sig_v": 16941,
+                "sig_r": "986b2714ce571b625ddc9ed9c5ce4adb947f416ef6705c49fafbe2fbfa7b221d",
+                "sig_s": "2580e9f1d2c7254e8ed4814ddcf81df004d3df5dda3a2325220dbad6ce50904f"
+            }
         }
     ]
 }
@@ -2,7 +2,7 @@
 
 from trezor.wire import DataError
 
-from .clear_signing import Atomic, DisplayFormat, parse_address, parse_uint256
+from .clear_signing import Array, Atomic, DisplayFormat, parse_address, parse_uint256
 from .yielding_vaults import UNKNOWN_VAULT, lookup_vault
 
 if TYPE_CHECKING:
@@ -82,6 +82,22 @@
     field_definitions=[],
 )
 
+# claim(address[] users, address[] tokens, uint256[] amounts, bytes32[][] proofs)
+# The proofs parameter is intentionally omitted from `parameter_definitions`:
+# we don't display it, so we skip the per-element parsing/allocations and only
+# manually validate the top-level array structure (see `_prepare_merkl_claim`).
+CLAIM_DISPLAY_FORMAT = DisplayFormat(
+    binding_context=None,
+    func_sig=FUNC_SIG_CLAIM,
+    intent="Claim",
+    parameter_definitions=[
+        Array(Atomic(parse_address)),  # users
+        Array(Atomic(parse_address)),  # tokens
+        Array(Atomic(parse_uint256)),  # amounts
+    ],
+    field_definitions=[],
+)
+
 
 async def get_approver(
     msg: MsgInSignTx,
@@ -131,7 +147,7 @@ async def get_approver(
             token=token,
         )
     elif func_sig == FUNC_SIG_CLAIM:
-        handler = _prepare_claim_rewards(
+        handler = await _prepare_merkl_claim(
             calldata=calldata,
             msg=msg,
             network=network,
@@ -200,7 +216,7 @@ async def _prepare_vault_tx(
     )
 
 
-def _prepare_claim_rewards(
+async def _prepare_merkl_claim(
     calldata: memoryview,
     msg: MsgInSignTx,
     network: EthereumNetworkInfo,
@@ -209,81 +225,82 @@ def _prepare_claim_rewards(
     sender_bytes: AnyBytes,
 ) -> Coroutine[Any, Any, None] | None:
 
-    return None
-    # TODO: Finalize the UI in the next iteration.
-
-    from .clear_signing import InvalidFunctionCall, parse_address
+    from .clear_signing import InvalidFunctionCall
+    from .definitions import Definitions
     from .layout import require_confirm_claim_rewards
     from .yielding_vaults import get_token_label
 
     _MERKL_XYZ_CLAIM_DISTRIBUTOR_ADDR = "0x3ef3d8ba38ebe18db133cec108f4d14ce00dd9ae"
 
     if int.from_bytes(msg.value, "big") != 0:
         raise DataError(
-            "Non-zero ETH transfer with ERC-4626 vault transaction not allowed"
+            "Non-zero ETH transfer with claim rewards transaction not allowed"
         )
 
-    # claim(address[] users, address[] tokens, uint256[] amounts, bytes32[][] proofs)
-    # All 4 params are dynamic; first 128 bytes are their ABI offsets (relative to abi_base).
-    try:
-        from trezor.utils import BufferReader
-
-        data_reader = BufferReader(bytes(calldata))
-        param_base = data_reader.offset
-
-        receivers_param_offset = int.from_bytes(data_reader.read_memoryview(32), "big")
-        tokens_param_offset = int.from_bytes(data_reader.read_memoryview(32), "big")
-        amounts_param_offset = int.from_bytes(data_reader.read_memoryview(32), "big")
-        proofs_param_offset = int.from_bytes(data_reader.read_memoryview(32), "big")
+    defs = Definitions(network, {})
 
-        def _read_array_length(param_offset: int) -> int:
-            data_reader.seek(param_base + param_offset)
-            return int.from_bytes(data_reader.read_memoryview(32), "big")
+    try:
+        parameters, _ = await CLAIM_DISPLAY_FORMAT.parse_calldata(calldata, msg, defs)
+        users, tokens, amounts = parameters
+        if (
+            not isinstance(users, list)
+            or not isinstance(tokens, list)
+            or not isinstance(amounts, list)
+        ):
+            raise ValueError
 
-        receivers_array_length = _read_array_length(receivers_param_offset)
-        tokens_array_length = _read_array_length(tokens_param_offset)
-        amounts_array_length = _read_array_length(amounts_param_offset)
-        proofs_array_length = _read_array_length(proofs_param_offset)
+        # The proofs head sits at offset 96, right after the three parsed array
+        # heads. We only validate that proofs is a well-formed top-level array
+        # whose length matches the others — we never read its elements.
+        _PROOFS_HEAD_OFFSET = 3 * 32
+        if _PROOFS_HEAD_OFFSET + 32 > len(calldata):
+            raise ValueError
+        proofs_body = int.from_bytes(
+            calldata[_PROOFS_HEAD_OFFSET : _PROOFS_HEAD_OFFSET + 32], "big"
+        )
+        if proofs_body + 32 > len(calldata):
+            raise ValueError
+        proofs_length = int.from_bytes(calldata[proofs_body : proofs_body + 32], "big")
 
         if (
-            receivers_array_length != tokens_array_length
-            or tokens_array_length != amounts_array_length
-            or amounts_array_length != proofs_array_length
+            len(users) != len(tokens)
+            or len(tokens) != len(amounts)
+            or len(amounts) != proofs_length
         ):
             raise ValueError
 
-        data_reader.seek(param_base + receivers_param_offset + 32)
-        first_receiver_address = parse_address(data_reader.read_memoryview(32))
-        if not isinstance(first_receiver_address, bytes):
-            raise InvalidFunctionCall
-
-        # Check if all users are the same. We validate if it's the sender in _is_vault_tx_safe()
-        # If either of these conditions are unmet, we revert to blind signing (return None).
-        for i in range(1, receivers_array_length):
-            data_reader.seek(param_base + receivers_param_offset + 32 + i * 32)
-            other = parse_address(data_reader.read_memoryview(32))
-            if other != first_receiver_address:
-                return None
-
-        token_labels: list[str] = []
-        for i in range(tokens_array_length):
-            data_reader.seek(param_base + tokens_param_offset + 32 + i * 32)
-            addr = parse_address(data_reader.read_memoryview(32))
-            if not isinstance(addr, bytes):
-                raise InvalidFunctionCall
-            label = get_token_label(addr, network)
-            token_labels.append(label)
-
-    except (ValueError, EOFError, InvalidFunctionCall):
+        if len(users) == 0:
+            raise ValueError
+
+        first_user = users[0]
+        if not isinstance(first_user, bytes):
+            raise ValueError
+
+    except (ValueError, InvalidFunctionCall):
         raise DataError("Invalid data for claim rewards transaction")
 
-    # We don't show claim flows for any unknown distributor for now.
+    # All receivers must be the same; otherwise revert to blind signing.
+    for other in users[1:]:
+        if other != first_user:
+            return None
+
+    # We don't show claim flows for non claim.xyz or for non-signer users.
     if (
-        msg.to != _MERKL_XYZ_CLAIM_DISTRIBUTOR_ADDR
-        or sender_bytes != first_receiver_address
+        msg.to.lower() != _MERKL_XYZ_CLAIM_DISTRIBUTOR_ADDR
+        or sender_bytes != first_user
     ):
         return None
 
+    # Not sure about the UX if we fetch too many defintions so capping definition fetching to 4 for now.
+    try_fetch_definitions = len(tokens) <= 4
+
+    token_labels: list[str] = []
+    for token in tokens:
+        if not isinstance(token, bytes):
+            raise DataError("Invalid data for claim rewards transaction")
+        label = await get_token_label(token, network, msg, try_fetch_definitions)
+        token_labels.append(label)
+
     return require_confirm_claim_rewards(
         address_n=msg.address_n,
         maximum_fee=maximum_fee,