release: device-protocol 7.14.1 message-signing sync#103
Open
BitHighlander wants to merge 4 commits intomasterfrom
Open
release: device-protocol 7.14.1 message-signing sync#103BitHighlander wants to merge 4 commits intomasterfrom
BitHighlander wants to merge 4 commits intomasterfrom
Conversation
BitHighlander
changed the title
BitHighlander
changed the title
…TIP-712) Adds proto definitions for TRON message-signing parity: - TronSignMessage / TronMessageSignature (1404/1405) — TIP-191 personal_sign - TronVerifyMessage (1406) — host-asserted signature verification - TronSignTypedHash / TronTypedDataSignature (1407/1408) — TIP-712 hash mode Mirrors the Ethereum personal_sign + EIP-712 hash-mode shape. Firmware implementation will reuse the secp256k1 + keccak256 primitives already present for Ethereum, swapping the message prefix to '\x19TRON Signed Message:\n' for TIP-191 and using '\x19\x01' for TIP-712. Reserves IDs 1404-1408 contiguous to existing TRON range (1400-1403).
Adds TonSignMessage / TonMessageSignature (1504/1505) — basic Ed25519 arbitrary-bytes signing, mirroring SolanaSignMessage's shape. This primitive lacks domain separation by design (raw Ed25519 over message bytes). Firmware should gate it behind the AdvancedMode policy — same fence used for SolanaSignMessage in fsm_msg_solana.h — until a TON Connect ton_proof envelope is added as a separate proto. Reserves IDs 1504-1505 contiguous to existing TON range (1500-1503).
Adds SolanaSignOffchainMessage / SolanaOffchainMessageSignature (756/757) implementing the Solana off-chain message spec: '\xff' || 'solana offchain' || version || format || length || message The '\xff' lead byte is invalid as a Solana transaction prefix, providing the domain separation that plain SolanaSignMessage (754/755) lacks. With this primitive, firmware can drop the AdvancedMode policy gate currently required for SolanaSignMessage (fsm_msg_solana.h:461-472) for ASCII/UTF8 off-chain messages, since the envelope makes transaction-shaped attacks impossible. message_format values per spec: 0 = Restricted ASCII (max 1212 bytes) — display-renderable 1 = UTF-8 limited (max 1212 bytes) — display-renderable with care 2 = UTF-8 extended (max 65515) — blind-sign only Reserves IDs 756-757 contiguous to existing Solana range (750-755). Bumped message max_size to 1212 to match the spec ceiling for formats 0/1.
BitHighlander
force-pushed
the
release/7.14.1-device-protocol
branch
from
c4c8db3 to
73ca75f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Prepare
@keepkey/device-protocolfor the firmware 7.14.1 line without carrying any new Zcash protocol changes in this PR.This PR now includes only the non-Zcash protocol sync from
BitHighlander/device-protocol:masterplus release metadata:SolanaSignOffchainMessage/SolanaOffchainMessageSignatureTonSignMessage/TonMessageSignatureTronSignMessage,TronMessageSignature,TronVerifyMessage,TronSignTypedHash,TronTypedDataSignaturemessages.proto: add message IDs for the Solana/TON/TRON additionspackage.jsonfrom7.13.4to7.14.1package-lock.jsonfrom7.2.4to7.14.1Zcash files were reverted to upstream
masterin this branch so the PR does not include the stale seed-fingerprint/doc expansion.Validation
python3 -m json.tool package.jsonpython3 -m json.tool package-lock.jsongit diff --check