Skip to content

feat: Add multiple entropy sources support for device reset.#398

Merged
lihuanhuan merged 1 commit intoOneKeyHQ:mainfrom
lihuanhuan:pro_main
Dec 3, 2025
Merged

feat: Add multiple entropy sources support for device reset.#398
lihuanhuan merged 1 commit intoOneKeyHQ:mainfrom
lihuanhuan:pro_main

Conversation

@lihuanhuan
Copy link
Copy Markdown
Contributor

@lihuanhuan lihuanhuan commented Nov 28, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features

    • Added "Advanced Options" during setup: a checkbox to enable combining MCU and secure element entropy; onboarding preserves and passes this choice to device reset and wallet creation.

  • Behavior Changes

    • Reset/device initialization can use multiple entropy sources when enabled, affecting mnemonic generation.

  • Localization

    • Added translations for the new UI text and improved QR-mode message spacing across multiple locales (EN, DE, FR, ES, IT, JA, KO, PT‑BR, RU, ZH, etc.).

✏️ Tip: You can customize this high-level summary in your review settings.

@lihuanhuan lihuanhuan requested a review from a team as a code owner November 28, 2025 09:23
@revan-zhang
Copy link
Copy Markdown
Contributor

revan-zhang commented Nov 28, 2025
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Nov 28, 2025
edited
Loading

Walkthrough

Adds an optional entropy source parameter to the random bytes API, surfaces an "Advanced Options" UI checkbox to use multiple entropy sources during device reset, threads that state through onboarding/reset flows, and appends new localized strings (plus minor formatting) across many locale files.

Changes

Cohort / File(s) Summary
Random API Extension
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-random.h		 bytes(len, source=1) added; source==0 selects random_buffer, otherwise se_random_encrypted. C entry now mod_trezorcrypto_random_bytes(size_t n_args, const mp_obj_t *args) and object declared variadic (1–2 args).
Reset Device Logic (backend)
core/src/apps/management/reset_device/__init__.py		 reset_device(..., use_multiple_entropy: bool = False) added. If true, obtains ext_entropy via MCU RNG (random.bytes(32, 0)); otherwise uses host EntropyRequest.
Localization Keys
core/src/trezor/lvglui/i18n/keys.py		 Added constants: TITLE__ADVANCED_OPTIONS = 1048, BUTTON__USE_MULTIPLE_SOURCES_OF_ENTROPY = 1049, BUTTON__USE_MULTIPLE_SOURCES_OF_ENTROPY_DESC = 1050.
Locale Translations
core/src/trezor/lvglui/i18n/locales/*.py
de.py, en.py, es.py, fr.py, it.py, ja.py, ko.py, pt_br.py, ru.py, zh_cn.py, zh_hk.py		 Appended three UI strings per locale (Advanced Options, Use multiple sources of entropy, explanatory paragraph). Adjusted QR-code explanatory strings to add extra blank-line spacing.
UI State Persistence
core/src/trezor/lvglui/scrs/initscreen.py		 Added use_multiple_entropy_state and propagate it into SetupDevice; unpack and forward entropy flag from child results; pass flag into reset_device calls.
UI Entropy Selector
core/src/trezor/lvglui/scrs/reset_device.py		 BackupTypeSelector.__init__(..., use_multiple_entropy: bool = False) added. Adds "Advanced Options" block with checkbox, handlers to update state, publishes (backup_type, strength, use_multiple_entropy) when ready, and syncs state on nav back.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

  • Pay extra attention to:
    • core/embed/extmod/.../modtrezorcrypto-random.h: argument parsing, defaulting behavior, and conditional compilation branches.
    • core/src/trezor/lvglui/scrs/initscreen.py and reset_device.py: correct tuple packing/unpacking and propagation of use_multiple_entropy.
    • core/src/trezor/lvglui/i18n/keys.py vs locales: ensure new keys align with appended translation entries.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 10.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the primary change: adding multiple entropy sources support for device reset. It aligns with the changeset which extends random.bytes(), reset_device(), UI strings, and onboarding flow.
✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Comment @coderabbitai help to get the list of available commands and usage tips.

@lihuanhuan lihuanhuan force-pushed the pro_main branch 2 times, most recently from 9917234 to 7a70d45 Compare November 28, 2025 09:27
coderabbitai[bot]
coderabbitai bot reviewed Nov 28, 2025
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 5

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

Disabled knowledge base sources:

  • Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between d6b021d and 7a70d45.

⛔ Files ignored due to path filters (1)
  • core/mocks/generated/trezorcrypto/random.pyi is excluded by !**/generated/**
📒 Files selected for processing (16)
  • core/embed/extmod/modtrezorcrypto/modtrezorcrypto-random.h (1 hunks)
  • core/src/apps/management/reset_device/__init__.py (2 hunks)
  • core/src/trezor/lvglui/i18n/keys.py (2 hunks)
  • core/src/trezor/lvglui/i18n/locales/de.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/en.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/es.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/fr.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/it.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/ja.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/ko.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/pt_br.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/ru.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/zh_cn.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/zh_hk.py (1 hunks)
  • core/src/trezor/lvglui/scrs/initscreen.py (5 hunks)
  • core/src/trezor/lvglui/scrs/reset_device.py (2 hunks)
🧰 Additional context used
🧬 Code graph analysis (4)
core/src/apps/management/reset_device/__init__.py (3)
core/src/trezor/wire/__init__.py (5)
  • GenericContext (71-87)
  • call (72-77)
  • call (127-128)
  • call (160-165)
  • call (254-259)
core/src/trezor/messages.py (2)
  • EntropyRequest (3503-3507)
  • EntropyAck (3509-3521)
core/mocks/generated/trezorcrypto/random.pyi (1)
  • bytes (13-17)
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-random.h (2)
core/embed/extmod/trezorobj.h (1)
  • trezor_obj_get_uint (52-71)
core/embed/trezorhal/se_thd89.c (1)
  • se_random_encrypted (293-302)
core/src/trezor/lvglui/scrs/reset_device.py (2)
core/src/trezor/lvglui/scrs/components/listitem.py (2)
  • ListItemWithLeadingCheckbox (15-108)
  • enable_bg_color (94-108)
core/src/trezor/enums/__init__.py (1)
  • BackupType (613-619)
core/src/trezor/lvglui/scrs/initscreen.py (2)
core/src/apps/management/reset_device/__init__.py (1)
  • reset_device (30-99)
core/src/trezor/lvglui/scrs/reset_device.py (1)
  • BackupTypeSelector (283-482)
🪛 Ruff (0.14.6)
core/src/trezor/lvglui/i18n/locales/ru.py

1045-1045: String contains ambiguous о (CYRILLIC SMALL LETTER O). Did you mean o (LATIN SMALL LETTER O)?

(RUF001)

1045-1045: String contains ambiguous с (CYRILLIC SMALL LETTER ES). Did you mean c (LATIN SMALL LETTER C)?

(RUF001)

1045-1045: String contains ambiguous Е (CYRILLIC CAPITAL LETTER IE). Did you mean E (LATIN CAPITAL LETTER E)?

(RUF001)

1045-1045: String contains ambiguous с (CYRILLIC SMALL LETTER ES). Did you mean c (LATIN SMALL LETTER C)?

(RUF001)

1046-1046: String contains ambiguous о (CYRILLIC SMALL LETTER O). Did you mean o (LATIN SMALL LETTER O)?

(RUF001)

1046-1046: String contains ambiguous б (CYRILLIC SMALL LETTER BE). Did you mean 6 (DIGIT SIX)?

(RUF001)

1049-1049: String contains ambiguous с (CYRILLIC SMALL LETTER ES). Did you mean c (LATIN SMALL LETTER C)?

(RUF001)

1053-1053: String contains ambiguous О (CYRILLIC CAPITAL LETTER O). Did you mean O (LATIN CAPITAL LETTER O)?

(RUF001)

1053-1053: String contains ambiguous б (CYRILLIC SMALL LETTER BE). Did you mean 6 (DIGIT SIX)?

(RUF001)

1053-1053: String contains ambiguous а (CYRILLIC SMALL LETTER A). Did you mean a (LATIN SMALL LETTER A)?

(RUF001)

core/src/trezor/lvglui/scrs/reset_device.py

452-452: Unused method argument: event_obj

(ARG002)

core/src/trezor/lvglui/i18n/locales/zh_hk.py

1045-1045: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1045-1045: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1046-1046: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1053-1053: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1053-1053: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

core/src/trezor/lvglui/i18n/locales/zh_cn.py

1045-1045: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1045-1045: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1046-1046: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1053-1053: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1053-1053: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

core/src/trezor/lvglui/i18n/locales/it.py

1053-1053: String contains ambiguous (RIGHT SINGLE QUOTATION MARK). Did you mean ``` (GRAVE ACCENT)?

(RUF001)

1053-1053: String contains ambiguous (RIGHT SINGLE QUOTATION MARK). Did you mean ``` (GRAVE ACCENT)?

(RUF001)

1053-1053: String contains ambiguous (RIGHT SINGLE QUOTATION MARK). Did you mean ``` (GRAVE ACCENT)?

(RUF001)

coderabbitai[bot]
coderabbitai bot reviewed Dec 3, 2025
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 5

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
core/src/trezor/lvglui/i18n/keys.py (1)

417-421: Comment no longer matches code behavior

The comment says READY is listened on both self and content_area, but only self.add_event_cb remains, which can confuse future readers.

♻️ Duplicate comments (2)
core/src/trezor/lvglui/scrs/reset_device.py (1)

377-385: Typo in label name and unused on_ready argument

use_ext_entory is misspelled (“entory” vs “entropy”), and on_ready’s event_obj parameter remains unused (ARG002).

Also applies to: 440-456

core/src/trezor/lvglui/i18n/locales/pt_br.py (1)

1053-1053: Subject-verb agreement issue persists.

"a entropia do MCU e do elemento seguro serão combinadas" still mixes singular/plural.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

Disabled knowledge base sources:

  • Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 7a70d45 and fde6421.

⛔ Files ignored due to path filters (1)
  • core/mocks/generated/trezorcrypto/random.pyi is excluded by !**/generated/**
📒 Files selected for processing (16)
  • core/embed/extmod/modtrezorcrypto/modtrezorcrypto-random.h (1 hunks)
  • core/src/apps/management/reset_device/__init__.py (2 hunks)
  • core/src/trezor/lvglui/i18n/keys.py (2 hunks)
  • core/src/trezor/lvglui/i18n/locales/de.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/en.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/es.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/fr.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/it.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/ja.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/ko.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/pt_br.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/ru.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/zh_cn.py (1 hunks)
  • core/src/trezor/lvglui/i18n/locales/zh_hk.py (1 hunks)
  • core/src/trezor/lvglui/scrs/initscreen.py (5 hunks)
  • core/src/trezor/lvglui/scrs/reset_device.py (2 hunks)
🚧 Files skipped from review as they are similar to previous changes (7)
  • core/src/trezor/lvglui/i18n/locales/ja.py
  • core/src/trezor/lvglui/i18n/locales/ko.py
  • core/src/apps/management/reset_device/init.py
  • core/src/trezor/lvglui/i18n/locales/en.py
  • core/src/trezor/lvglui/i18n/locales/fr.py
  • core/src/trezor/lvglui/i18n/locales/es.py
  • core/src/trezor/lvglui/i18n/locales/de.py
🧰 Additional context used
🧬 Code graph analysis (3)
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-random.h (3)
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-se-thd89.h (16)
  • mp_obj_t (34-39)
  • mp_obj_t (50-69)
  • mp_obj_t (81-100)
  • mp_obj_t (111-123)
  • mp_obj_t (212-235)
  • mp_obj_t (249-287)
  • mp_obj_t (299-320)
  • mp_obj_t (330-361)
  • mp_obj_t (371-408)
  • mp_obj_t (416-455)
  • mp_obj_t (465-491)
  • mp_obj_t (501-527)
  • mp_obj_t (569-584)
  • mp_obj_t (664-677)
  • mp_obj_t (686-710)
  • mp_obj_t (722-735)
core/embed/extmod/trezorobj.h (1)
  • trezor_obj_get_uint (52-71)
core/embed/trezorhal/se_thd89.c (1)
  • se_random_encrypted (293-302)
core/src/trezor/lvglui/scrs/reset_device.py (3)
core/src/trezor/lvglui/scrs/components/listitem.py (2)
  • ListItemWithLeadingCheckbox (15-108)
  • enable_bg_color (94-108)
core/src/trezor/lvglui/scrs/widgets/style.py (5)
  • radius (8-10)
  • StyleWrapper (4-211)
  • text_font (40-42)
  • text_align_left (32-34)
  • text_color (16-18)
core/src/trezor/enums/__init__.py (1)
  • BackupType (613-619)
core/src/trezor/lvglui/scrs/initscreen.py (2)
core/src/apps/management/reset_device/__init__.py (1)
  • reset_device (30-99)
core/src/trezor/lvglui/scrs/reset_device.py (1)
  • BackupTypeSelector (283-482)
🪛 Ruff (0.14.7)
core/src/trezor/lvglui/i18n/locales/zh_hk.py

1045-1045: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1045-1045: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1046-1046: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1053-1053: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1053-1053: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

core/src/trezor/lvglui/scrs/reset_device.py

452-452: Unused method argument: event_obj

(ARG002)

core/src/trezor/lvglui/i18n/locales/it.py

1053-1053: String contains ambiguous (RIGHT SINGLE QUOTATION MARK). Did you mean ``` (GRAVE ACCENT)?

(RUF001)

1053-1053: String contains ambiguous (RIGHT SINGLE QUOTATION MARK). Did you mean ``` (GRAVE ACCENT)?

(RUF001)

1053-1053: String contains ambiguous (RIGHT SINGLE QUOTATION MARK). Did you mean ``` (GRAVE ACCENT)?

(RUF001)

core/src/trezor/lvglui/i18n/locales/ru.py

1045-1045: String contains ambiguous о (CYRILLIC SMALL LETTER O). Did you mean o (LATIN SMALL LETTER O)?

(RUF001)

1045-1045: String contains ambiguous с (CYRILLIC SMALL LETTER ES). Did you mean c (LATIN SMALL LETTER C)?

(RUF001)

1045-1045: String contains ambiguous Е (CYRILLIC CAPITAL LETTER IE). Did you mean E (LATIN CAPITAL LETTER E)?

(RUF001)

1045-1045: String contains ambiguous с (CYRILLIC SMALL LETTER ES). Did you mean c (LATIN SMALL LETTER C)?

(RUF001)

1046-1046: String contains ambiguous о (CYRILLIC SMALL LETTER O). Did you mean o (LATIN SMALL LETTER O)?

(RUF001)

1046-1046: String contains ambiguous б (CYRILLIC SMALL LETTER BE). Did you mean 6 (DIGIT SIX)?

(RUF001)

1049-1049: String contains ambiguous с (CYRILLIC SMALL LETTER ES). Did you mean c (LATIN SMALL LETTER C)?

(RUF001)

1053-1053: String contains ambiguous О (CYRILLIC CAPITAL LETTER O). Did you mean O (LATIN CAPITAL LETTER O)?

(RUF001)

1053-1053: String contains ambiguous б (CYRILLIC SMALL LETTER BE). Did you mean 6 (DIGIT SIX)?

(RUF001)

1053-1053: String contains ambiguous а (CYRILLIC SMALL LETTER A). Did you mean a (LATIN SMALL LETTER A)?

(RUF001)

core/src/trezor/lvglui/i18n/locales/zh_cn.py

1045-1045: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1045-1045: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1046-1046: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1053-1053: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

1053-1053: String contains ambiguous (FULLWIDTH COMMA). Did you mean , (COMMA)?

(RUF001)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
  • GitHub Check: Gen check
  • GitHub Check: Style check
  • GitHub Check: Defs check
🔇 Additional comments (1)
core/src/trezor/lvglui/scrs/initscreen.py (1)

84-85: Entropy-state propagation logic looks consistent

The new use_multiple_entropy_state wiring between SetupDevice, BackupTypeSelector, and reset_device is coherent; no functional issues stand out in this block.

Also applies to: 110-116, 127-128, 157-164, 190-191

@lihuanhuan lihuanhuan merged commit b1b3ab5 into OneKeyHQ:main Dec 3, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@somebodyLi somebodyLi somebodyLi approved these changes

@guowei0105 guowei0105 guowei0105 approved these changes

@Lu1zz Lu1zz Awaiting requested review from Lu1zz Lu1zz is a code owner automatically assigned from OneKeyHQ/hw

@Johnwanzi Johnwanzi Awaiting requested review from Johnwanzi Johnwanzi is a code owner automatically assigned from OneKeyHQ/hw

+1 more reviewer

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@lihuanhuan @revan-zhang @somebodyLi @guowei0105