Krux Apps, small utility programs to enhance Krux

[tadeubas]

What is this PR for?

Create a new Tool to enable the execution of developer's signed Krux apps as .mpy files in SD card.

In the simulator you will need the .mpy and its .mpy.sig in the simulator/sd and simulator/flash folders. It fakes the execution of the selected .mpy file (within simulator/sd) by executing the respective .py file in the simulator's root folder (I created links in simulator/ to the files in kapps/, so changes there are automatically reflected in the simulator).

In order to execute on the device, first enable execution of SPIFFS VFS changing the file firmware/MaixPy/components/micropython/port/src/maixpy_main.c line 276 to vfs->exec_allowed = true; you need to get this selfcustody/micropython#6 for micropython and selfcustody/MaixPy#26 for MaixPy. (Already merged)

In any case you will need to generate a .mpy file using the tool firmware/MaixPy/components/micropython/core/mpy-cross. Follow its README.md instructions in order to make and then compile a .py file into .mpy. It is implied that all Kapps must implement the run() function to be executed.

You will also need to create a .sig file based on the .mpy. Remember to change the contents of the SIGNER_PUBKEY inside src\krux\metadata.py following instructions here To generate a keypair and Signing the firmware (firmware will be your .mpy file) in order to sign and verify the signature within Krux code (Ex: ./krux sign kapps/nostr.mpy privkey.pem).

Use this nice tool from @kdmukai to test Nostr Kapp: https://nostrtool.com/

It’s also implied (though we can change this later) that Kapps won’t be translated - existing firmware strings will be, but new ones won’t. I also think we need to distribute the .mpy files (and their signatures) with each release.

In the future we might add the possibility to keep more than one Kapp in flash memory and run a selected Kapp at startup instead of Krux (with also the possibility to open Krux anyway).

Other changes

• New Kapp - Steganography: Capture photos as bmp, view them and hide and revel data in the pixels of the img
• Krux script: signing now produces only compact 70-byte signatures, preventing the 71- or 72-byte variants that embit would flag as invalid
• pyproject.toml: New tasks to handle mpy generation (poetry run poe mpy-all)
• Simulator: flash folder now simulates device's user flash space
• firmaware.py: Refactored code to allow reuse of get_pubkey and check_signature
• New settings: allow_kapp

Changes made to:

• Code
• Tests
• Docs
• CHANGELOG

Did you build the code and tested on device?

• Yes, build and tested on yahboom

What is the purpose of this pull request?

• Bug fix
• New feature
• Docs update
• Other

TODO LIST:

• Create the Nostr Krux app for airgap signing (idea from @odudex) .
• Reformulate Nostr Kapp to use NIP06 (mnemonic to nostr key) and NIP19 (nsec1...).
  • Allow Nostr Kapp to sign a Nostr event.
• Create a C function in Maixpy to allow the Python code to change SPIFFS VFS exec_allowed attr.
  • Merge micropython PR: Creating Micropython module vfs micropython#6
  • Merge MaixPy PR: Allow vfs changes in maixpy_main.c MaixPy#26
• Create test cases for Kapps:
  • Tests for kapp Nostr.
• Create docs.
• Add info to CHANGELOG.

[codecov]

Codecov Report

❌ Patch coverage is 98.72611% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 97.40%. Comparing base (e6b895e) to head (a77d2f3).
⚠️ Report is 42 commits behind head on develop.

Files with missing lines	Patch %	Lines
src/krux/pages/kapps.py	98.37%	2 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           develop     #485      +/-   ##
===========================================
+ Coverage    97.37%   97.40%   +0.03%     
===========================================
  Files           83       84       +1     
  Lines        10525    10690     +165     
===========================================
+ Hits         10249    10413     +164     
- Misses         276      277       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[tadeubas]

Example of steganography app usage: https://excalidraw.com/#json=3C163DUVqLssMRl1_rl8A,nfbdz4uv1AY95q725OaZ-g

KEF-BMP.txt

[tadeubas]

I’ve tested this extensively and believe the PR is ready to merge. I know that @jdlcdl has tested both the Nostr and Steganography Kapps, and another person has successfully tested only the Steganography Kapp without any issues.

This PR does not yet include the inconspicuous startup feature #203 ; we’ll need to discuss the best approach for implementing that separately.

[Pentecost1]

In the NosTR app, the fingerprint keeps blinking. I’m not sure if this is intentional behavior or if there’s something I haven’t understood yet

IMG_0614.MOV

[tadeubas]

Thx @Pentecost1 you found a bug 👍 will fix ASAP

[tadeubas]

I discussed inconspicuous startup (#203) with other devs on Telegram. Since Kapps can do anything, it’s hard to guarantee the firmware remains intact after they run. I initially suggested disabling Kapp startup and forcing a reboot before entering the firmware, which would require users to re-enable the Kapp each time.

On further thought, we could instead allow only specific Kapps, those that don’t access or modify firmware code, to run at startup, and then safely continue to the firmware without disabling the Kapp or rebooting.

I’ll update this PR accordingly and add a small, simple Kapp for inconspicuous startup.