backend/frontend: gate send-to-self dropdown on firmware support

benma's agent · benma · commit 99c500fda448 · 2025-10-28T16:35:00.000+01:00
diff --git a/backend/devices/bitbox02/keystore.go b/backend/devices/bitbox02/keystore.go
@@ -556,3 +556,10 @@ func (keystore *keystore) SupportsPaymentRequests() error {
 	}
 	return keystorePkg.ErrFirmwareUpgradeRequired
 }
+
+// Features reports optional capabilities supported by the BitBox02 keystore.
+func (keystore *keystore) Features() *keystorePkg.Features {
+	return &keystorePkg.Features{
+		SupportsSendToSelf: keystore.device.Version().AtLeast(semver.NewSemVer(9, 22, 0)),
+	}
+}
diff --git a/backend/handlers/handlers.go b/backend/handlers/handlers.go
@@ -219,6 +219,7 @@ func NewHandlers(
 	getAPIRouterNoError(apiRouter)("/dev-servers", handlers.getDevServers).Methods("GET")
 	getAPIRouterNoError(apiRouter)("/account-add", handlers.postAddAccount).Methods("POST")
 	getAPIRouterNoError(apiRouter)("/keystores", handlers.getKeystores).Methods("GET")
+	getAPIRouterNoError(apiRouter)("/keystore/{rootFingerprint}/features", handlers.getKeystoreFeatures).Methods("GET")
 	getAPIRouterNoError(apiRouter)("/accounts", handlers.getAccounts).Methods("GET")
 	getAPIRouter(apiRouter)("/accounts/balance-summary", handlers.getAccountsBalanceSummary).Methods("GET")
 	getAPIRouterNoError(apiRouter)("/set-account-active", handlers.postSetAccountActive).Methods("POST")
@@ -605,6 +606,55 @@ func (handlers *Handlers) getKeystores(*http.Request) interface{} {
 	return keystores
 }
 
+func (handlers *Handlers) getKeystoreFeatures(r *http.Request) interface{} {
+	type response struct {
+		Success      bool               `json:"success"`
+		ErrorMessage string             `json:"errorMessage,omitempty"`
+		Features     *keystore.Features `json:"features,omitempty"`
+	}
+
+	rootFingerprintHex := mux.Vars(r)["rootFingerprint"]
+	rootFingerprint, err := hex.DecodeString(rootFingerprintHex)
+	if err != nil {
+		handlers.log.WithError(err).Error("invalid root fingerprint for features request")
+		return response{
+			Success:      false,
+			ErrorMessage: err.Error(),
+		}
+	}
+
+	connectedKeystore := handlers.backend.Keystore()
+	if connectedKeystore == nil {
+		handlers.log.Warn("features requested but no keystore connected")
+		return response{
+			Success:      false,
+			ErrorMessage: "keystore not connected",
+		}
+	}
+
+	connectedRootFingerprint, err := connectedKeystore.RootFingerprint()
+	if err != nil {
+		handlers.log.WithError(err).Error("could not determine connected keystore root fingerprint")
+		return response{
+			Success:      false,
+			ErrorMessage: err.Error(),
+		}
+	}
+
+	if !bytes.Equal(rootFingerprint, connectedRootFingerprint) {
+		handlers.log.WithField("requested", rootFingerprintHex).Warn("features requested for non-connected keystore")
+		return response{
+			Success:      false,
+			ErrorMessage: "wrong keystore connected",
+		}
+	}
+
+	return response{
+		Success:  true,
+		Features: connectedKeystore.Features(),
+	}
+}
+
 func (handlers *Handlers) getAccounts(*http.Request) interface{} {
 	persistedAccounts := handlers.backend.Config().AccountsConfig()
 
diff --git a/backend/keystore/keystore.go b/backend/keystore/keystore.go
@@ -150,4 +150,14 @@ type Keystore interface {
 
 	// SupportsPaymentRequests returns nil if the device supports silent payments, or an error indicating why it is not supported.
 	SupportsPaymentRequests() error
+
+	// Features reports optional capabilities supported by this keystore.
+	Features() *Features
+}
+
+// Features enumerates optional capabilities that can differ per keystore implementation.
+type Features struct {
+	// SupportsSendToSelf indicates whether the keystore can explicitly verify outputs that belong to
+	// the same keystore (used for the send-to-self recipient dropdown flow).
+	SupportsSendToSelf bool `json:"supportsSendToSelf"`
 }
diff --git a/backend/keystore/mocks/keystore.go b/backend/keystore/mocks/keystore.go
diff --git a/backend/keystore/software/software.go b/backend/keystore/software/software.go
@@ -201,6 +201,13 @@ func (keystore *Keystore) BTCXPubs(
 	return xpubs, nil
 }
 
+// Features reports optional capabilities supported by the software keystore.
+func (keystore *Keystore) Features() *keystorePkg.Features {
+	return &keystorePkg.Features{
+		SupportsSendToSelf: true,
+	}
+}
+
 func (keystore *Keystore) signBTCTransaction(btcProposedTx *btc.ProposedTransaction) error {
 	keystore.log.Info("Sign transaction.")
 	transaction := btcProposedTx.TXProposal.Psbt.UnsignedTx
diff --git a/frontends/web/src/api/keystores.ts b/frontends/web/src/api/keystores.ts
@@ -22,6 +22,16 @@ export type { TUnsubscribe };
 type TKeystore = { type: 'hardware' | 'software' };
 export type TKeystores = TKeystore[];
 
+export type TKeystoreFeatures = {
+  supportsSendToSelf: boolean;
+};
+
+export type TKeystoreFeaturesResponse = {
+  success: boolean;
+  features?: TKeystoreFeatures | null;
+  errorMessage?: string;
+};
+
 export const subscribeKeystores = (
   cb: (keystores: TKeystores) => void
 ) => {
@@ -43,3 +53,7 @@ export const deregisterTest = (): Promise<null> => {
 export const connectKeystore = (rootFingerprint: string): Promise<{ success: boolean; }> => {
   return apiPost('connect-keystore', { rootFingerprint });
 };
+
+export const getKeystoreFeatures = (rootFingerprint: string): Promise<TKeystoreFeaturesResponse> => {
+  return apiGet(`keystore/${rootFingerprint}/features`);
+};
diff --git a/frontends/web/src/routes/account/send/send.tsx b/frontends/web/src/routes/account/send/send.tsx
@@ -42,7 +42,7 @@ import { NoteInput } from './components/inputs/note-input';
 import { FiatValue } from './components/fiat-value';
 import { TProposalError, txProposalErrorHandling } from './services';
 import { CoinControl } from './coin-control';
-import { connectKeystore } from '@/api/keystores';
+import { connectKeystore, getKeystoreFeatures } from '@/api/keystores';
 import style from './send.module.css';
 
 type TProps = {
@@ -135,18 +135,28 @@ export const Send = ({
     if (!connectResult.success) {
       return;
     }
+    if (selectedReceiverAccount) {
+      const featuresResult = await getKeystoreFeatures(rootFingerprint);
+      if (!featuresResult.success) {
+        alertUser(featuresResult.errorMessage || t('genericError'));
+        return;
+      }
+      if (!featuresResult.features?.supportsSendToSelf) {
+        alertUser(t('device.firmwareUpgradeRequired'));
+        return;
+      }
+    }
     setIsConfirming(true);
     try {
       const result = await accountApi.sendTx(account.code, note);
       setSendResult(result);
-      setIsConfirming(false);
     } catch (err) {
       console.error(err);
     } finally {
       // The following method allows pressing escape again.
       setIsConfirming(false);
     }
-  }, [account.code, account.keystore.rootFingerprint, note]);
+  }, [account.code, account.keystore.rootFingerprint, note, selectedReceiverAccount, t]);
 
   const getValidTxInputData = useCallback((): Required<accountApi.TTxInput> | false => {
     if (

Original file line number	Diff line number	Diff line change
`@@ -556,3 +556,10 @@ func (keystore *keystore) SupportsPaymentRequests() error {`
`556`	`556`	`}`
`557`	`557`	`return keystorePkg.ErrFirmwareUpgradeRequired`
`558`	`558`	`}`
	`559`	`+`
	`560`	`+// Features reports optional capabilities supported by the BitBox02 keystore.`
	`561`	`+func (keystore keystore) Features() keystorePkg.Features {`
	`562`	`+ return &keystorePkg.Features{`
	`563`	`+ SupportsSendToSelf: keystore.device.Version().AtLeast(semver.NewSemVer(9, 22, 0)),`
	`564`	`+ }`
	`565`	`+}`