feat: add trezor bridge transport

Author: ovitrif

app/build.gradle.kts

@@ -48,6 +48,8 @@ val bcp47Locales = listOf(
 )
 val e2eBackendEnv = System.getenv("E2E_BACKEND") ?: "local"
 val e2eHomegateUrlEnv = System.getenv("E2E_HOMEGATE_URL") ?: "http://127.0.0.1:6288"
+val trezorBridgeEnv = System.getenv("TREZOR_BRIDGE")?.toBoolean()?.toString() ?: "false"
+val trezorBridgeUrlEnv = System.getenv("TREZOR_BRIDGE_URL") ?: "http://10.0.2.2:21325"
 
 android {
     namespace = "to.bitkit"
@@ -65,6 +67,8 @@ android {
         buildConfigField("boolean", "E2E", System.getenv("E2E")?.toBoolean()?.toString() ?: "false")
         buildConfigField("String", "E2E_BACKEND", "\"$e2eBackendEnv\"")
         buildConfigField("String", "E2E_HOMEGATE_URL", "\"$e2eHomegateUrlEnv\"")
+        buildConfigField("boolean", "TREZOR_BRIDGE", trezorBridgeEnv)
+        buildConfigField("String", "TREZOR_BRIDGE_URL", "\"$trezorBridgeUrlEnv\"")
         buildConfigField("boolean", "GEO", System.getenv("GEO")?.toBoolean()?.toString() ?: "true")
         buildConfigField("String", "LOCALES", "\"${bcp47Locales.joinToString(",")}\"")
     }

app/src/main/java/to/bitkit/services/TrezorBridgeTransport.kt

@@ -0,0 +1,228 @@
+package to.bitkit.services
+
+import com.synonym.bitkitcore.NativeDeviceInfo
+import com.synonym.bitkitcore.TrezorCallMessageResult
+import com.synonym.bitkitcore.TrezorTransportReadResult
+import com.synonym.bitkitcore.TrezorTransportWriteResult
+import kotlinx.serialization.Serializable
+import kotlinx.serialization.json.Json
+import to.bitkit.BuildConfig
+import to.bitkit.ext.fromHex
+import to.bitkit.ext.toHex
+import to.bitkit.utils.Logger
+import java.net.HttpURLConnection
+import java.net.URL
+import java.net.URLEncoder
+import java.nio.ByteBuffer
+import java.nio.charset.StandardCharsets
+import java.util.concurrent.ConcurrentHashMap
+import javax.inject.Inject
+import javax.inject.Singleton
+
+@Suppress("MagicNumber")
+@Singleton
+class TrezorBridgeTransport(
+    private val baseUrl: String,
+    private val enabled: Boolean,
+) {
+    @Inject
+    constructor() : this(
+        baseUrl = BuildConfig.TREZOR_BRIDGE_URL,
+        enabled = BuildConfig.TREZOR_BRIDGE,
+    )
+
+    companion object {
+        private const val TAG = "TrezorBridgeTransport"
+        private const val BRIDGE_PATH_PREFIX = "bridge:"
+        private const val BRIDGE_DEVICE_NAME = "Trezor Bridge Emulator"
+        private const val TREZOR_VENDOR_ID = 0x1209
+        private const val TREZOR_PRODUCT_ID = 0x53c1
+        private const val HEADER_SIZE = 6
+        private const val CONNECT_TIMEOUT_MS = 5_000
+        private const val READ_TIMEOUT_MS = 30_000
+    }
+
+    private val json = Json { ignoreUnknownKeys = true }
+    private val bridgeUrl = baseUrl.trimEnd('/')
+    private val openSessions = ConcurrentHashMap<String, String>()
+    private val enumeratedSessions = ConcurrentHashMap<String, String>()
+
+    fun isBridgeDevice(path: String): Boolean {
+        return enabled && path.startsWith(BRIDGE_PATH_PREFIX)
+    }
+
+    fun enumerateDevices(): List<NativeDeviceInfo> {
+        if (!enabled) return emptyList()
+
+        return runCatching {
+            val response = post("/enumerate")
+            json.decodeFromString<List<BridgeDevice>>(response).map {
+                val bridgePath = toBridgePath(it.path)
+                if (it.session == null) {
+                    enumeratedSessions.remove(bridgePath)
+                } else {
+                    enumeratedSessions[bridgePath] = it.session
+                }
+                NativeDeviceInfo(
+                    path = bridgePath,
+                    transportType = "usb",
+                    name = BRIDGE_DEVICE_NAME,
+                    vendorId = TREZOR_VENDOR_ID.toUShort(),
+                    productId = TREZOR_PRODUCT_ID.toUShort(),
+                )
+            }
+        }.onSuccess {
+            Logger.info("Enumerated '${it.size}' Trezor Bridge device(s)", context = TAG)
+        }.getOrElse {
+            Logger.warn("Failed to enumerate Trezor Bridge devices", it, context = TAG)
+            emptyList()
+        }
+    }
+
+    fun openDevice(path: String): TrezorTransportWriteResult {
+        val rawPath = rawBridgePath(path)
+        val previousSession = openSessions.remove(path) ?: enumeratedSessions[path] ?: "null"
+
+        return runCatching {
+            val response = post("/acquire/${encode(rawPath)}/${encode(previousSession)}")
+            val session = json.decodeFromString<BridgeSession>(response).session
+            openSessions[path] = session
+            Logger.info("Opened Trezor Bridge device '$path'", context = TAG)
+            TrezorTransportWriteResult(success = true, error = "")
+        }.getOrElse {
+            Logger.warn("Failed to open Trezor Bridge device '$path'", it, context = TAG)
+            TrezorTransportWriteResult(success = false, error = it.message ?: "Bridge open failed")
+        }
+    }
+
+    fun closeDevice(path: String): TrezorTransportWriteResult {
+        val session = openSessions.remove(path)
+            ?: return TrezorTransportWriteResult(success = true, error = "")
+
+        return runCatching {
+            post("/release/${encode(session)}")
+            Logger.info("Closed Trezor Bridge device '$path'", context = TAG)
+            TrezorTransportWriteResult(success = true, error = "")
+        }.getOrElse {
+            Logger.warn("Failed to close Trezor Bridge device '$path'", it, context = TAG)
+            TrezorTransportWriteResult(success = false, error = it.message ?: "Bridge close failed")
+        }
+    }
+
+    fun readChunk(path: String): TrezorTransportReadResult {
+        return TrezorTransportReadResult(
+            success = false,
+            data = byteArrayOf(),
+            error = "Trezor Bridge uses callMessage for '$path'",
+        )
+    }
+
+    fun writeChunk(path: String, data: ByteArray): TrezorTransportWriteResult {
+        return TrezorTransportWriteResult(
+            success = false,
+            error = "Trezor Bridge uses callMessage for '$path' and ignored '${data.size}' bytes",
+        )
+    }
+
+    fun callMessage(
+        path: String,
+        messageType: UShort,
+        data: ByteArray,
+    ): TrezorCallMessageResult {
+        val session = openSessions[path]
+            ?: return TrezorCallMessageResult(
+                success = false,
+                messageType = 0u.toUShort(),
+                data = byteArrayOf(),
+                error = "Trezor Bridge device not open: $path",
+            )
+
+        return runCatching {
+            val request = encodeFrame(messageType, data)
+            val response = post("/call/${encode(session)}", request)
+            decodeFrame(response)
+        }.getOrElse {
+            Logger.warn("Failed to call Trezor Bridge message for '$path'", it, context = TAG)
+            TrezorCallMessageResult(
+                success = false,
+                messageType = 0u.toUShort(),
+                data = byteArrayOf(),
+                error = it.message ?: "Bridge call failed",
+            )
+        }
+    }
+
+    private fun encodeFrame(messageType: UShort, data: ByteArray): String {
+        return ByteBuffer.allocate(HEADER_SIZE + data.size)
+            .putShort(messageType.toShort())
+            .putInt(data.size)
+            .put(data)
+            .array()
+            .toHex()
+    }
+
+    private fun decodeFrame(hex: String): TrezorCallMessageResult {
+        val bytes = hex.trim().fromHex()
+        require(bytes.size >= HEADER_SIZE) { "Bridge response is shorter than '$HEADER_SIZE' bytes" }
+
+        val messageType = (((bytes[0].toInt() and 0xff) shl 8) or (bytes[1].toInt() and 0xff)).toUShort()
+        val length = ((bytes[2].toInt() and 0xff) shl 24) or
+            ((bytes[3].toInt() and 0xff) shl 16) or
+            ((bytes[4].toInt() and 0xff) shl 8) or
+            (bytes[5].toInt() and 0xff)
+        require(bytes.size >= HEADER_SIZE + length) {
+            "Bridge response payload length '$length' exceeds '${bytes.size - HEADER_SIZE}' bytes"
+        }
+
+        return TrezorCallMessageResult(
+            success = true,
+            messageType = messageType,
+            data = bytes.copyOfRange(HEADER_SIZE, HEADER_SIZE + length),
+            error = "",
+        )
+    }
+
+    private fun post(path: String, body: String? = null): String {
+        val connection = URL("$bridgeUrl$path").openConnection() as HttpURLConnection
+        connection.requestMethod = "POST"
+        connection.connectTimeout = CONNECT_TIMEOUT_MS
+        connection.readTimeout = READ_TIMEOUT_MS
+        connection.doInput = true
+
+        if (body != null) {
+            connection.doOutput = true
+            connection.setRequestProperty("Content-Type", "text/plain")
+            connection.outputStream.use { it.write(body.toByteArray()) }
+        }
+
+        val statusCode = connection.responseCode
+        val response = if (statusCode in 200..299) {
+            connection.inputStream.bufferedReader().use { it.readText() }
+        } else {
+            connection.errorStream?.bufferedReader()?.use { it.readText() }.orEmpty()
+        }
+        connection.disconnect()
+
+        check(statusCode in 200..299) {
+            "Bridge request '$path' failed with HTTP '$statusCode': $response"
+        }
+        return response
+    }
+
+    private fun toBridgePath(path: String): String = "$BRIDGE_PATH_PREFIX$path"
+
+    private fun rawBridgePath(path: String): String = path.removePrefix(BRIDGE_PATH_PREFIX)
+
+    private fun encode(value: String): String = URLEncoder.encode(value, StandardCharsets.UTF_8.name())
+
+    @Serializable
+    private data class BridgeDevice(
+        val path: String,
+        val session: String? = null,
+    )
+
+    @Serializable
+    private data class BridgeSession(
+        val session: String,
+    )
+}

app/src/main/java/to/bitkit/services/TrezorTransport.kt

@@ -66,6 +66,7 @@ import javax.inject.Singleton
 @Singleton
 class TrezorTransport @Inject constructor(
     @ApplicationContext private val context: Context,
+    private val bridgeTransport: TrezorBridgeTransport,
 ) : TrezorTransportCallback {
 
     companion object {
@@ -219,6 +220,12 @@ class TrezorTransport @Inject constructor(
             Logger.error("BLE enumerate failed", it, context = TAG)
         }
 
+        val bridgeDevices = bridgeTransport.enumerateDevices()
+        devices.addAll(bridgeDevices)
+        if (bridgeDevices.isNotEmpty()) {
+            Logger.info("Found '${bridgeDevices.size}' Trezor Bridge device(s)", context = TAG)
+        }
+
         Logger.info("Total enumerate found '${devices.size}' Trezor device(s)", context = TAG)
         val summary = devices.map { "${it.path} (${it.transportType})" }
         TrezorDebugLog.log("ENUM", "Found ${devices.size} devices: $summary")
@@ -227,7 +234,9 @@ class TrezorTransport @Inject constructor(
 
     override fun openDevice(path: String): TrezorTransportWriteResult {
         TrezorDebugLog.log("OPEN", "openDevice: $path")
-        return if (isBleDevice(path)) {
+        return if (bridgeTransport.isBridgeDevice(path)) {
+            bridgeTransport.openDevice(path)
+        } else if (isBleDevice(path)) {
             openBleDevice(path)
         } else {
             openUsbDevice(path)
@@ -236,31 +245,39 @@ class TrezorTransport @Inject constructor(
 
     override fun closeDevice(path: String): TrezorTransportWriteResult {
         TrezorDebugLog.log("CLOSE", "closeDevice: $path")
-        return if (isBleDevice(path)) {
+        return if (bridgeTransport.isBridgeDevice(path)) {
+            bridgeTransport.closeDevice(path)
+        } else if (isBleDevice(path)) {
             closeBleDevice(path)
         } else {
             closeUsbDevice(path)
         }
     }
 
     override fun readChunk(path: String): TrezorTransportReadResult {
-        return if (isBleDevice(path)) {
+        return if (bridgeTransport.isBridgeDevice(path)) {
+            bridgeTransport.readChunk(path)
+        } else if (isBleDevice(path)) {
             readBleChunk(path)
         } else {
             readUsbChunk(path)
         }
     }
 
     override fun writeChunk(path: String, data: ByteArray): TrezorTransportWriteResult {
-        return if (isBleDevice(path)) {
+        return if (bridgeTransport.isBridgeDevice(path)) {
+            bridgeTransport.writeChunk(path, data)
+        } else if (isBleDevice(path)) {
             writeBleChunk(path, data)
         } else {
             writeUsbChunk(path, data)
         }
     }
 
     override fun getChunkSize(path: String): UInt {
-        return if (isBleDevice(path)) {
+        return if (bridgeTransport.isBridgeDevice(path)) {
+            USB_CHUNK_SIZE.toUInt()
+        } else if (isBleDevice(path)) {
             BLE_CHUNK_SIZE.toUInt()
         } else {
             USB_CHUNK_SIZE.toUInt()
@@ -272,6 +289,10 @@ class TrezorTransport @Inject constructor(
         messageType: UShort,
         data: ByteArray,
     ): TrezorCallMessageResult? {
+        if (bridgeTransport.isBridgeDevice(path)) {
+            return bridgeTransport.callMessage(path, messageType, data)
+        }
+
         // For BLE/THP devices, the Rust side now handles THP protocol directly.
         // This callback returns null to let Rust use its built-in THP implementation.
         Logger.debug(