Switch from postcard to cbor for the Bitcoin app

bigspider · bigspider · commit 92efbbd7c563 · 2026-05-19T11:01:04.000+02:00
This makes it easier to keep the wire protocol forward-compatible.
diff --git a/apps/bitcoin/app/Cargo.toml b/apps/bitcoin/app/Cargo.toml
@@ -36,8 +36,8 @@ base58   = { package = "base58ck", version = "0.1", default-features = false }
 common = { package = "vnd-bitcoin-common", path = "../common", default-features = false }
 hex = { version = "0.4.3", default-features = false, features = ["alloc"] }
 hex-literal = "0.4.1"
+minicbor = { version = "2.2", default-features = false, features = ["alloc", "derive"] }
 nom = { version = "7.1.3", default-features = false, features = ["alloc"] }
-postcard = { version = "1.1.1", default-features = false, features = ["alloc"] }
 sdk = { package = "vanadium-app-sdk", path = "../../../app-sdk", default-features = false }
 
 [dev-dependencies]
diff --git a/apps/bitcoin/app/src/handlers/get_master_fingerprint.rs b/apps/bitcoin/app/src/handlers/get_master_fingerprint.rs
@@ -6,7 +6,7 @@ pub fn handle_get_master_fingerprint(
     tree: KeyTree,
 ) -> Result<Response, common::errors::Error> {
     let fpr = crate::bip32::master_fingerprint(tree)?;
-    Ok(Response::MasterFingerprint(fpr))
+    Ok(Response::MasterFingerprint { fingerprint: fpr })
 }
 
 #[cfg(test)]
@@ -17,13 +17,23 @@ mod tests {
     fn test_handle_get_master_fingerprint_standard() {
         let response =
             handle_get_master_fingerprint(&mut sdk::App::singleton(), KeyTree::Standard).unwrap();
-        assert_eq!(response, Response::MasterFingerprint(0xf5acc2fdu32));
+        assert_eq!(
+            response,
+            Response::MasterFingerprint {
+                fingerprint: 0xf5acc2fdu32
+            }
+        );
     }
 
     #[test]
     fn test_handle_get_master_fingerprint_resident() {
         let response =
             handle_get_master_fingerprint(&mut sdk::App::singleton(), KeyTree::Resident).unwrap();
-        assert_eq!(response, Response::MasterFingerprint(0xad85d955));
+        assert_eq!(
+            response,
+            Response::MasterFingerprint {
+                fingerprint: 0xad85d955
+            }
+        );
     }
 }
diff --git a/apps/bitcoin/app/src/handlers/sign_psbt.rs b/apps/bitcoin/app/src/handlers/sign_psbt.rs
@@ -867,7 +867,9 @@ pub async fn handle_sign_psbt(app: &mut sdk::App, psbt: &[u8]) -> Result<Respons
     #[cfg(not(any(test, feature = "autoapprove")))]
     app.show_info(Icon::Success, "Transaction signed");
 
-    Ok(Response::PsbtSigned(partial_signatures))
+    Ok(Response::PsbtSigned {
+        signatures: partial_signatures,
+    })
 }
 
 #[cfg(test)]
@@ -907,14 +909,16 @@ mod tests {
         ))
         .unwrap();
 
-        assert_eq!(response, Response::PsbtSigned(vec![
-            PartialSignature {
-                input_index: 0,
-                signature: hex!("3045022100e55b3ca788721aae8def2eadff710e524ffe8c9dec1764fdaa89584f9726e196022012a30fbcf9e1a24df31a1010356b794ab8de438b4250684757ed5772402540f401").to_vec(),
-                pubkey: hex!("02ee8608207e21028426f69e76447d7e3d5e077049f5e683c3136c2314762a4718").to_vec(),
-                leaf_hash: None
-            }
-        ]));
+        assert_eq!(response, Response::PsbtSigned {
+            signatures: vec![
+                PartialSignature {
+                    input_index: 0,
+                    signature: hex!("3045022100e55b3ca788721aae8def2eadff710e524ffe8c9dec1764fdaa89584f9726e196022012a30fbcf9e1a24df31a1010356b794ab8de438b4250684757ed5772402540f401").to_vec(),
+                    pubkey: hex!("02ee8608207e21028426f69e76447d7e3d5e077049f5e683c3136c2314762a4718").to_vec(),
+                    leaf_hash: None
+                }
+            ]
+        });
     }
 
     #[test]
@@ -939,14 +943,16 @@ mod tests {
         ))
         .unwrap();
 
-        assert_eq!(response, Response::PsbtSigned(vec![
-            PartialSignature {
-                input_index: 0,
-                signature: hex!("3045022100ab44f34dd7e87c9054591297a101e8500a0641d1d591878d0d23cf8096fa79e802205d12d1062d925e27b57bdcf994ecf332ad0a8e67b8fe407bab2101255da632aa01").to_vec(),
-                pubkey: hex!("03ee2c3d98eb1f93c0a1aa8e5a4009b70eb7b44ead15f1666f136b012ad58d3068").to_vec(),
-                leaf_hash: None
-            }
-        ]));
+        assert_eq!(response, Response::PsbtSigned {
+            signatures: vec![
+                PartialSignature {
+                    input_index: 0,
+                    signature: hex!("3045022100ab44f34dd7e87c9054591297a101e8500a0641d1d591878d0d23cf8096fa79e802205d12d1062d925e27b57bdcf994ecf332ad0a8e67b8fe407bab2101255da632aa01").to_vec(),
+                    pubkey: hex!("03ee2c3d98eb1f93c0a1aa8e5a4009b70eb7b44ead15f1666f136b012ad58d3068").to_vec(),
+                    leaf_hash: None
+                }
+            ]
+        });
     }
 
     #[test]
@@ -972,7 +978,10 @@ mod tests {
         ))
         .unwrap();
 
-        let Response::PsbtSigned(partial_signatures) = response else {
+        let Response::PsbtSigned {
+            signatures: partial_signatures,
+        } = response
+        else {
             panic!("Expected PsbtSigned response");
         };
 
@@ -1023,7 +1032,10 @@ mod tests {
         ))
         .unwrap();
 
-        let Response::PsbtSigned(partial_signatures) = response else {
+        let Response::PsbtSigned {
+            signatures: partial_signatures,
+        } = response
+        else {
             panic!("Expected PsbtSigned response");
         };
 
diff --git a/apps/bitcoin/app/src/main.rs b/apps/bitcoin/app/src/main.rs
@@ -76,14 +76,23 @@ async fn handle_request(
 
 #[sdk::handler]
 async fn process_message(app: &mut App, request: &[u8]) -> Vec<u8> {
-    let Ok(request) = postcard::from_bytes(request) else {
-        return postcard::to_allocvec(&Response::Error(common::errors::Error::InvalidRequest))
-            .unwrap();
+    let mut decoder = minicbor::Decoder::new(request);
+    let Ok(request) = decoder.decode::<Request>() else {
+        return minicbor::to_vec(&Response::Error {
+            error: common::errors::Error::InvalidRequest,
+        })
+        .unwrap();
     };
+    if decoder.position() != request.len() {
+        return minicbor::to_vec(&Response::Error {
+            error: common::errors::Error::InvalidRequest,
+        })
+        .unwrap();
+    }
     let response = handle_request(app, &request)
         .await
-        .unwrap_or_else(|e| Response::Error(e));
-    postcard::to_allocvec(&response).unwrap()
+        .unwrap_or_else(|error| Response::Error { error });
+    minicbor::to_vec(&response).unwrap()
 }
 
 pub fn main() {
diff --git a/apps/bitcoin/client/Cargo.toml b/apps/bitcoin/client/Cargo.toml
@@ -20,8 +20,8 @@ base58   = { package = "base58ck", version = "0.1", default-features = false }
 common = { package = "vnd-bitcoin-common", path = "../common", default-features = false, features = ["target_native"]}
 hex = "0.4.3"
 hidapi = "2.6.3"
+minicbor = { version = "2.2", features = ["alloc", "derive", "std"] }
 sdk = { package = "vanadium-client-sdk", path = "../../../client-sdk" }
-serde = "1.0.219"
 tokio = { version = "1.38.1", features = ["io-util", "macros", "net", "rt", "rt-multi-thread", "sync"] }
 
 # The following dependencies are only used for the binary executable.
@@ -30,7 +30,6 @@ tokio = { version = "1.38.1", features = ["io-util", "macros", "net", "rt", "rt-
 clap = { version = "4.5.31", features = ["derive"] }
 rustyline = "15.0.0"
 shellwords = "1.1.0"
-postcard = { version = "1.1.1", features = ["alloc"] }
 base64 = { version = "0.22.1", default-features = false, features = ["alloc"] }
 env_logger = { version = "0.11.8", optional = true }
 
diff --git a/apps/bitcoin/client/src/client.rs b/apps/bitcoin/client/src/client.rs
@@ -87,17 +87,23 @@ impl<'a> BitcoinClient {
 
     // Parse app response; if the response is a Response::Error, it is converted to BitcoinClientError::AppError.
     async fn parse_response(response_raw: &'a [u8]) -> Result<Response, BitcoinClientError> {
-        let resp: Response = postcard::from_bytes(response_raw).map_err(|_| {
+        let mut decoder = minicbor::Decoder::new(response_raw);
+        let resp: Response = decoder.decode().map_err(|_| {
             BitcoinClientError::GenericError("Failed to parse response".to_string())
         })?;
-        if let Response::Error(e) = resp {
-            return Err(BitcoinClientError::AppError(e));
+        if decoder.position() != response_raw.len() {
+            return Err(BitcoinClientError::GenericError(
+                "Failed to parse response".to_string(),
+            ));
+        }
+        if let Response::Error { error } = resp {
+            return Err(BitcoinClientError::AppError(error));
         }
         Ok(resp)
     }
 
     pub async fn exit(&mut self) -> Result<i32, BitcoinClientError> {
-        let msg = postcard::to_allocvec(&Request::Exit).map_err(|_| {
+        let msg = minicbor::to_vec(&Request::Exit).map_err(|_| {
             BitcoinClientError::GenericError("Failed to serialize Exit request".to_string())
         })?;
 
@@ -123,15 +129,15 @@ impl<'a> BitcoinClient {
         &mut self,
         tree: message::KeyTree,
     ) -> Result<u32, BitcoinClientError> {
-        let msg = postcard::to_allocvec(&Request::GetMasterFingerprint { tree }).map_err(|_| {
+        let msg = minicbor::to_vec(&Request::GetMasterFingerprint { tree }).map_err(|_| {
             BitcoinClientError::GenericError(
                 "Failed to serialize GetMasterFingerprint request".to_string(),
             )
         })?;
 
         let response_raw = self.send_message(&msg).await?;
         match Self::parse_response(&response_raw).await? {
-            Response::MasterFingerprint(fpr) => Ok(fpr),
+            Response::MasterFingerprint { fingerprint } => Ok(fingerprint),
             e => Err(BitcoinClientError::InvalidResponse(format!(
                 "Invalid response: {:?}",
                 e
@@ -149,7 +155,7 @@ impl<'a> BitcoinClient {
         let path = DerivationPath::from_str(bip32_path)
             .map_err(|e| format!("Failed to convert bip32_path: {}", e))?;
 
-        let msg = postcard::to_allocvec(&Request::GetExtendedPubkey {
+        let msg = minicbor::to_vec(&Request::GetExtendedPubkey {
             tree,
             display,
             path: message::Bip32Path(path.to_u32_vec()),
@@ -182,7 +188,7 @@ impl<'a> BitcoinClient {
         display: bool,
     ) -> Result<[u8; 78], BitcoinClientError> {
         let path = common::identity::identity_derivation_path(index);
-        let msg = postcard::to_allocvec(&Request::GetExtendedPubkey {
+        let msg = minicbor::to_vec(&Request::GetExtendedPubkey {
             tree: message::KeyTree::Standard,
             display,
             path: message::Bip32Path(path),
@@ -222,7 +228,7 @@ impl<'a> BitcoinClient {
         ),
         BitcoinClientError,
     > {
-        let msg = postcard::to_allocvec(&Request::RegisterAccount {
+        let msg = minicbor::to_vec(&Request::RegisterAccount {
             name: name.into(),
             account: account.clone(),
             registered_identities,
@@ -259,7 +265,7 @@ impl<'a> BitcoinClient {
         ),
         BitcoinClientError,
     > {
-        let msg = postcard::to_allocvec(&Request::RegisterIdentityKey {
+        let msg = minicbor::to_vec(&Request::RegisterIdentityKey {
             name: name.into(),
             pubkey: pubkey.to_vec(),
         })
@@ -291,7 +297,7 @@ impl<'a> BitcoinClient {
         display: bool,
         identity_index: Option<u32>,
     ) -> Result<(String, Option<IdentitySignature>), BitcoinClientError> {
-        let msg = postcard::to_allocvec(&Request::GetAddress {
+        let msg = minicbor::to_vec(&Request::GetAddress {
             display,
             name: Some(name.to_string()),
             account: account.clone(),
@@ -322,7 +328,7 @@ impl<'a> BitcoinClient {
         &mut self,
         psbt: &[u8],
     ) -> Result<Vec<PartialSignature>, BitcoinClientError> {
-        let msg = postcard::to_allocvec(&Request::SignPsbt {
+        let msg = minicbor::to_vec(&Request::SignPsbt {
             psbt: psbt.to_vec(),
         })
         .map_err(|_| {
@@ -331,7 +337,7 @@ impl<'a> BitcoinClient {
 
         let response_raw = self.send_message(&msg).await?;
         match Self::parse_response(&response_raw).await? {
-            Response::PsbtSigned(partial_sigs) => Ok(partial_sigs),
+            Response::PsbtSigned { signatures } => Ok(signatures),
             e => Err(BitcoinClientError::InvalidResponse(format!(
                 "Invalid response: {:?}",
                 e
diff --git a/apps/bitcoin/common/Cargo.toml b/apps/bitcoin/common/Cargo.toml
@@ -21,8 +21,8 @@ base58   = { package = "base58ck", version = "0.1", default-features = false }
 
 base64 = { version = "0.22.1", default-features = false, features = ["alloc"] }
 hex = { version = "0.4.3", default-features = false, features = ["alloc"] }
+minicbor = { version = "2.2", default-features = false, features = ["alloc", "derive"] }
 sdk = { package = "vanadium-app-sdk", path = "../../../app-sdk", default-features = false }
-serde = { version = "1.0.219", default-features = false, features = ["alloc"] }
 subtle = { version="2.6.1", default-features = false }
 
 [dev-dependencies]
diff --git a/apps/bitcoin/common/src/errors.rs b/apps/bitcoin/common/src/errors.rs
diff --git a/apps/bitcoin/common/src/message/mod.rs b/apps/bitcoin/common/src/message/mod.rs
