github.com/SmartMeshFoundation/Spectrum@v0.0.0-20220621030607-452a266fee1e/accounts/usbwallet/internal/trezor/messages.proto (about) 1 // This file originates from the SatoshiLabs Trezor `common` repository at: 2 // https://github.com/trezor/trezor-common/blob/master/protob/messages.proto 3 // dated 28.07.2017, commit dd8ec3231fb5f7992360aff9bdfe30bb58130f4b. 4 5 /** 6 * Messages for TREZOR communication 7 */ 8 9 // Sugar for easier handling in Java 10 option java_package = "com.satoshilabs.trezor.lib.protobuf"; 11 option java_outer_classname = "TrezorMessage"; 12 13 import "types.proto"; 14 15 /** 16 * Mapping between Trezor wire identifier (uint) and a protobuf message 17 */ 18 enum MessageType { 19 MessageType_Initialize = 0 [(wire_in) = true]; 20 MessageType_Ping = 1 [(wire_in) = true]; 21 MessageType_Success = 2 [(wire_out) = true]; 22 MessageType_Failure = 3 [(wire_out) = true]; 23 MessageType_ChangePin = 4 [(wire_in) = true]; 24 MessageType_WipeDevice = 5 [(wire_in) = true]; 25 MessageType_FirmwareErase = 6 [(wire_in) = true, (wire_bootloader) = true]; 26 MessageType_FirmwareUpload = 7 [(wire_in) = true, (wire_bootloader) = true]; 27 MessageType_FirmwareRequest = 8 [(wire_out) = true, (wire_bootloader) = true]; 28 MessageType_GetEntropy = 9 [(wire_in) = true]; 29 MessageType_Entropy = 10 [(wire_out) = true]; 30 MessageType_GetPublicKey = 11 [(wire_in) = true]; 31 MessageType_PublicKey = 12 [(wire_out) = true]; 32 MessageType_LoadDevice = 13 [(wire_in) = true]; 33 MessageType_ResetDevice = 14 [(wire_in) = true]; 34 MessageType_SignTx = 15 [(wire_in) = true]; 35 MessageType_SimpleSignTx = 16 [(wire_in) = true, deprecated = true]; 36 MessageType_Features = 17 [(wire_out) = true]; 37 MessageType_PinMatrixRequest = 18 [(wire_out) = true]; 38 MessageType_PinMatrixAck = 19 [(wire_in) = true, (wire_tiny) = true]; 39 MessageType_Cancel = 20 [(wire_in) = true]; 40 MessageType_TxRequest = 21 [(wire_out) = true]; 41 MessageType_TxAck = 22 [(wire_in) = true]; 42 MessageType_CipherKeyValue = 23 [(wire_in) = true]; 43 MessageType_ClearSession = 24 [(wire_in) = true]; 44 MessageType_ApplySettings = 25 [(wire_in) = true]; 45 MessageType_ButtonRequest = 26 [(wire_out) = true]; 46 MessageType_ButtonAck = 27 [(wire_in) = true, (wire_tiny) = true]; 47 MessageType_ApplyFlags = 28 [(wire_in) = true]; 48 MessageType_GetAddress = 29 [(wire_in) = true]; 49 MessageType_Address = 30 [(wire_out) = true]; 50 MessageType_SelfTest = 32 [(wire_in) = true, (wire_bootloader) = true]; 51 MessageType_BackupDevice = 34 [(wire_in) = true]; 52 MessageType_EntropyRequest = 35 [(wire_out) = true]; 53 MessageType_EntropyAck = 36 [(wire_in) = true]; 54 MessageType_SignMessage = 38 [(wire_in) = true]; 55 MessageType_VerifyMessage = 39 [(wire_in) = true]; 56 MessageType_MessageSignature = 40 [(wire_out) = true]; 57 MessageType_PassphraseRequest = 41 [(wire_out) = true]; 58 MessageType_PassphraseAck = 42 [(wire_in) = true, (wire_tiny) = true]; 59 MessageType_EstimateTxSize = 43 [(wire_in) = true, deprecated = true]; 60 MessageType_TxSize = 44 [(wire_out) = true, deprecated = true]; 61 MessageType_RecoveryDevice = 45 [(wire_in) = true]; 62 MessageType_WordRequest = 46 [(wire_out) = true]; 63 MessageType_WordAck = 47 [(wire_in) = true]; 64 MessageType_CipheredKeyValue = 48 [(wire_out) = true]; 65 MessageType_EncryptMessage = 49 [(wire_in) = true, deprecated = true]; 66 MessageType_EncryptedMessage = 50 [(wire_out) = true, deprecated = true]; 67 MessageType_DecryptMessage = 51 [(wire_in) = true, deprecated = true]; 68 MessageType_DecryptedMessage = 52 [(wire_out) = true, deprecated = true]; 69 MessageType_SignIdentity = 53 [(wire_in) = true]; 70 MessageType_SignedIdentity = 54 [(wire_out) = true]; 71 MessageType_GetFeatures = 55 [(wire_in) = true]; 72 MessageType_EthereumGetAddress = 56 [(wire_in) = true]; 73 MessageType_EthereumAddress = 57 [(wire_out) = true]; 74 MessageType_EthereumSignTx = 58 [(wire_in) = true]; 75 MessageType_EthereumTxRequest = 59 [(wire_out) = true]; 76 MessageType_EthereumTxAck = 60 [(wire_in) = true]; 77 MessageType_GetECDHSessionKey = 61 [(wire_in) = true]; 78 MessageType_ECDHSessionKey = 62 [(wire_out) = true]; 79 MessageType_SetU2FCounter = 63 [(wire_in) = true]; 80 MessageType_EthereumSignMessage = 64 [(wire_in) = true]; 81 MessageType_EthereumVerifyMessage = 65 [(wire_in) = true]; 82 MessageType_EthereumMessageSignature = 66 [(wire_out) = true]; 83 MessageType_DebugLinkDecision = 100 [(wire_debug_in) = true, (wire_tiny) = true]; 84 MessageType_DebugLinkGetState = 101 [(wire_debug_in) = true]; 85 MessageType_DebugLinkState = 102 [(wire_debug_out) = true]; 86 MessageType_DebugLinkStop = 103 [(wire_debug_in) = true]; 87 MessageType_DebugLinkLog = 104 [(wire_debug_out) = true]; 88 MessageType_DebugLinkMemoryRead = 110 [(wire_debug_in) = true]; 89 MessageType_DebugLinkMemory = 111 [(wire_debug_out) = true]; 90 MessageType_DebugLinkMemoryWrite = 112 [(wire_debug_in) = true]; 91 MessageType_DebugLinkFlashErase = 113 [(wire_debug_in) = true]; 92 } 93 94 //////////////////// 95 // Basic messages // 96 //////////////////// 97 98 /** 99 * Request: Reset device to default state and ask for device details 100 * @next Features 101 */ 102 message Initialize { 103 } 104 105 /** 106 * Request: Ask for device details (no device reset) 107 * @next Features 108 */ 109 message GetFeatures { 110 } 111 112 /** 113 * Response: Reports various information about the device 114 * @prev Initialize 115 * @prev GetFeatures 116 */ 117 message Features { 118 optional string vendor = 1; // name of the manufacturer, e.g. "bitcointrezor.com" 119 optional uint32 major_version = 2; // major version of the device, e.g. 1 120 optional uint32 minor_version = 3; // minor version of the device, e.g. 0 121 optional uint32 patch_version = 4; // patch version of the device, e.g. 0 122 optional bool bootloader_mode = 5; // is device in bootloader mode? 123 optional string device_id = 6; // device's unique identifier 124 optional bool pin_protection = 7; // is device protected by PIN? 125 optional bool passphrase_protection = 8; // is node/mnemonic encrypted using passphrase? 126 optional string language = 9; // device language 127 optional string label = 10; // device description label 128 repeated CoinType coins = 11; // supported coins 129 optional bool initialized = 12; // does device contain seed? 130 optional bytes revision = 13; // SCM revision of firmware 131 optional bytes bootloader_hash = 14; // hash of the bootloader 132 optional bool imported = 15; // was storage imported from an external source? 133 optional bool pin_cached = 16; // is PIN already cached in session? 134 optional bool passphrase_cached = 17; // is passphrase already cached in session? 135 optional bool firmware_present = 18; // is valid firmware loaded? 136 optional bool needs_backup = 19; // does storage need backup? (equals to Storage.needs_backup) 137 optional uint32 flags = 20; // device flags (equals to Storage.flags) 138 } 139 140 /** 141 * Request: clear session (removes cached PIN, passphrase, etc). 142 * @next Success 143 */ 144 message ClearSession { 145 } 146 147 /** 148 * Request: change language and/or label of the device 149 * @next Success 150 * @next Failure 151 * @next ButtonRequest 152 * @next PinMatrixRequest 153 */ 154 message ApplySettings { 155 optional string language = 1; 156 optional string label = 2; 157 optional bool use_passphrase = 3; 158 optional bytes homescreen = 4; 159 } 160 161 /** 162 * Request: set flags of the device 163 * @next Success 164 * @next Failure 165 */ 166 message ApplyFlags { 167 optional uint32 flags = 1; // bitmask, can only set bits, not unset 168 } 169 170 /** 171 * Request: Starts workflow for setting/changing/removing the PIN 172 * @next ButtonRequest 173 * @next PinMatrixRequest 174 */ 175 message ChangePin { 176 optional bool remove = 1; // is PIN removal requested? 177 } 178 179 /** 180 * Request: Test if the device is alive, device sends back the message in Success response 181 * @next Success 182 */ 183 message Ping { 184 optional string message = 1; // message to send back in Success message 185 optional bool button_protection = 2; // ask for button press 186 optional bool pin_protection = 3; // ask for PIN if set in device 187 optional bool passphrase_protection = 4; // ask for passphrase if set in device 188 } 189 190 /** 191 * Response: Success of the previous request 192 */ 193 message Success { 194 optional string message = 1; // human readable description of action or request-specific payload 195 } 196 197 /** 198 * Response: Failure of the previous request 199 */ 200 message Failure { 201 optional FailureType code = 1; // computer-readable definition of the error state 202 optional string message = 2; // human-readable message of the error state 203 } 204 205 /** 206 * Response: Device is waiting for HW button press. 207 * @next ButtonAck 208 * @next Cancel 209 */ 210 message ButtonRequest { 211 optional ButtonRequestType code = 1; 212 optional string data = 2; 213 } 214 215 /** 216 * Request: Computer agrees to wait for HW button press 217 * @prev ButtonRequest 218 */ 219 message ButtonAck { 220 } 221 222 /** 223 * Response: Device is asking computer to show PIN matrix and awaits PIN encoded using this matrix scheme 224 * @next PinMatrixAck 225 * @next Cancel 226 */ 227 message PinMatrixRequest { 228 optional PinMatrixRequestType type = 1; 229 } 230 231 /** 232 * Request: Computer responds with encoded PIN 233 * @prev PinMatrixRequest 234 */ 235 message PinMatrixAck { 236 required string pin = 1; // matrix encoded PIN entered by user 237 } 238 239 /** 240 * Request: Abort last operation that required user interaction 241 * @prev ButtonRequest 242 * @prev PinMatrixRequest 243 * @prev PassphraseRequest 244 */ 245 message Cancel { 246 } 247 248 /** 249 * Response: Device awaits encryption passphrase 250 * @next PassphraseAck 251 * @next Cancel 252 */ 253 message PassphraseRequest { 254 } 255 256 /** 257 * Request: Send passphrase back 258 * @prev PassphraseRequest 259 */ 260 message PassphraseAck { 261 required string passphrase = 1; 262 } 263 264 /** 265 * Request: Request a sample of random data generated by hardware RNG. May be used for testing. 266 * @next ButtonRequest 267 * @next Entropy 268 * @next Failure 269 */ 270 message GetEntropy { 271 required uint32 size = 1; // size of requested entropy 272 } 273 274 /** 275 * Response: Reply with random data generated by internal RNG 276 * @prev GetEntropy 277 */ 278 message Entropy { 279 required bytes entropy = 1; // stream of random generated bytes 280 } 281 282 /** 283 * Request: Ask device for public key corresponding to address_n path 284 * @next PassphraseRequest 285 * @next PublicKey 286 * @next Failure 287 */ 288 message GetPublicKey { 289 repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node 290 optional string ecdsa_curve_name = 2; // ECDSA curve name to use 291 optional bool show_display = 3; // optionally show on display before sending the result 292 optional string coin_name = 4 [default='Bitcoin']; 293 } 294 295 /** 296 * Response: Contains public key derived from device private seed 297 * @prev GetPublicKey 298 */ 299 message PublicKey { 300 required HDNodeType node = 1; // BIP32 public node 301 optional string xpub = 2; // serialized form of public node 302 } 303 304 /** 305 * Request: Ask device for address corresponding to address_n path 306 * @next PassphraseRequest 307 * @next Address 308 * @next Failure 309 */ 310 message GetAddress { 311 repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node 312 optional string coin_name = 2 [default='Bitcoin']; 313 optional bool show_display = 3 ; // optionally show on display before sending the result 314 optional MultisigRedeemScriptType multisig = 4; // filled if we are showing a multisig address 315 optional InputScriptType script_type = 5 [default=SPENDADDRESS]; // used to distinguish between various address formats (non-segwit, segwit, etc.) 316 } 317 318 /** 319 * Request: Ask device for Ethereum address corresponding to address_n path 320 * @next PassphraseRequest 321 * @next EthereumAddress 322 * @next Failure 323 */ 324 message EthereumGetAddress { 325 repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node 326 optional bool show_display = 2; // optionally show on display before sending the result 327 } 328 329 /** 330 * Response: Contains address derived from device private seed 331 * @prev GetAddress 332 */ 333 message Address { 334 required string address = 1; // Coin address in Base58 encoding 335 } 336 337 /** 338 * Response: Contains an Ethereum address derived from device private seed 339 * @prev EthereumGetAddress 340 */ 341 message EthereumAddress { 342 required bytes address = 1; // Coin address as an Ethereum 160 bit hash 343 } 344 345 /** 346 * Request: Request device to wipe all sensitive data and settings 347 * @next ButtonRequest 348 */ 349 message WipeDevice { 350 } 351 352 /** 353 * Request: Load seed and related internal settings from the computer 354 * @next ButtonRequest 355 * @next Success 356 * @next Failure 357 */ 358 message LoadDevice { 359 optional string mnemonic = 1; // seed encoded as BIP-39 mnemonic (12, 18 or 24 words) 360 optional HDNodeType node = 2; // BIP-32 node 361 optional string pin = 3; // set PIN protection 362 optional bool passphrase_protection = 4; // enable master node encryption using passphrase 363 optional string language = 5 [default='english']; // device language 364 optional string label = 6; // device label 365 optional bool skip_checksum = 7; // do not test mnemonic for valid BIP-39 checksum 366 optional uint32 u2f_counter = 8; // U2F counter 367 } 368 369 /** 370 * Request: Ask device to do initialization involving user interaction 371 * @next EntropyRequest 372 * @next Failure 373 */ 374 message ResetDevice { 375 optional bool display_random = 1; // display entropy generated by the device before asking for additional entropy 376 optional uint32 strength = 2 [default=256]; // strength of seed in bits 377 optional bool passphrase_protection = 3; // enable master node encryption using passphrase 378 optional bool pin_protection = 4; // enable PIN protection 379 optional string language = 5 [default='english']; // device language 380 optional string label = 6; // device label 381 optional uint32 u2f_counter = 7; // U2F counter 382 optional bool skip_backup = 8; // postpone seed backup to BackupDevice workflow 383 } 384 385 /** 386 * Request: Perform backup of the device seed if not backed up using ResetDevice 387 * @next ButtonRequest 388 */ 389 message BackupDevice { 390 } 391 392 /** 393 * Response: Ask for additional entropy from host computer 394 * @prev ResetDevice 395 * @next EntropyAck 396 */ 397 message EntropyRequest { 398 } 399 400 /** 401 * Request: Provide additional entropy for seed generation function 402 * @prev EntropyRequest 403 * @next ButtonRequest 404 */ 405 message EntropyAck { 406 optional bytes entropy = 1; // 256 bits (32 bytes) of random data 407 } 408 409 /** 410 * Request: Start recovery workflow asking user for specific words of mnemonic 411 * Used to recovery device safely even on untrusted computer. 412 * @next WordRequest 413 */ 414 message RecoveryDevice { 415 optional uint32 word_count = 1; // number of words in BIP-39 mnemonic 416 optional bool passphrase_protection = 2; // enable master node encryption using passphrase 417 optional bool pin_protection = 3; // enable PIN protection 418 optional string language = 4 [default='english']; // device language 419 optional string label = 5; // device label 420 optional bool enforce_wordlist = 6; // enforce BIP-39 wordlist during the process 421 // 7 reserved for unused recovery method 422 optional uint32 type = 8; // supported recovery type (see RecoveryType) 423 optional uint32 u2f_counter = 9; // U2F counter 424 optional bool dry_run = 10; // perform dry-run recovery workflow (for safe mnemonic validation) 425 } 426 427 /** 428 * Response: Device is waiting for user to enter word of the mnemonic 429 * Its position is shown only on device's internal display. 430 * @prev RecoveryDevice 431 * @prev WordAck 432 */ 433 message WordRequest { 434 optional WordRequestType type = 1; 435 } 436 437 /** 438 * Request: Computer replies with word from the mnemonic 439 * @prev WordRequest 440 * @next WordRequest 441 * @next Success 442 * @next Failure 443 */ 444 message WordAck { 445 required string word = 1; // one word of mnemonic on asked position 446 } 447 448 ////////////////////////////// 449 // Message signing messages // 450 ////////////////////////////// 451 452 /** 453 * Request: Ask device to sign message 454 * @next MessageSignature 455 * @next Failure 456 */ 457 message SignMessage { 458 repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node 459 required bytes message = 2; // message to be signed 460 optional string coin_name = 3 [default='Bitcoin']; // coin to use for signing 461 optional InputScriptType script_type = 4 [default=SPENDADDRESS]; // used to distinguish between various address formats (non-segwit, segwit, etc.) 462 } 463 464 /** 465 * Request: Ask device to verify message 466 * @next Success 467 * @next Failure 468 */ 469 message VerifyMessage { 470 optional string address = 1; // address to verify 471 optional bytes signature = 2; // signature to verify 472 optional bytes message = 3; // message to verify 473 optional string coin_name = 4 [default='Bitcoin']; // coin to use for verifying 474 } 475 476 /** 477 * Response: Signed message 478 * @prev SignMessage 479 */ 480 message MessageSignature { 481 optional string address = 1; // address used to sign the message 482 optional bytes signature = 2; // signature of the message 483 } 484 485 /////////////////////////// 486 // Encryption/decryption // 487 /////////////////////////// 488 489 /** 490 * Request: Ask device to encrypt message 491 * @next EncryptedMessage 492 * @next Failure 493 */ 494 message EncryptMessage { 495 optional bytes pubkey = 1; // public key 496 optional bytes message = 2; // message to encrypt 497 optional bool display_only = 3; // show just on display? (don't send back via wire) 498 repeated uint32 address_n = 4; // BIP-32 path to derive the signing key from master node 499 optional string coin_name = 5 [default='Bitcoin']; // coin to use for signing 500 } 501 502 /** 503 * Response: Encrypted message 504 * @prev EncryptMessage 505 */ 506 message EncryptedMessage { 507 optional bytes nonce = 1; // nonce used during encryption 508 optional bytes message = 2; // encrypted message 509 optional bytes hmac = 3; // message hmac 510 } 511 512 /** 513 * Request: Ask device to decrypt message 514 * @next Success 515 * @next Failure 516 */ 517 message DecryptMessage { 518 repeated uint32 address_n = 1; // BIP-32 path to derive the decryption key from master node 519 optional bytes nonce = 2; // nonce used during encryption 520 optional bytes message = 3; // message to decrypt 521 optional bytes hmac = 4; // message hmac 522 } 523 524 /** 525 * Response: Decrypted message 526 * @prev DecryptedMessage 527 */ 528 message DecryptedMessage { 529 optional bytes message = 1; // decrypted message 530 optional string address = 2; // address used to sign the message (if used) 531 } 532 533 /** 534 * Request: Ask device to encrypt or decrypt value of given key 535 * @next CipheredKeyValue 536 * @next Failure 537 */ 538 message CipherKeyValue { 539 repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node 540 optional string key = 2; // key component of key:value 541 optional bytes value = 3; // value component of key:value 542 optional bool encrypt = 4; // are we encrypting (True) or decrypting (False)? 543 optional bool ask_on_encrypt = 5; // should we ask on encrypt operation? 544 optional bool ask_on_decrypt = 6; // should we ask on decrypt operation? 545 optional bytes iv = 7; // initialization vector (will be computed if not set) 546 } 547 548 /** 549 * Response: Return ciphered/deciphered value 550 * @prev CipherKeyValue 551 */ 552 message CipheredKeyValue { 553 optional bytes value = 1; // ciphered/deciphered value 554 } 555 556 ////////////////////////////////// 557 // Transaction signing messages // 558 ////////////////////////////////// 559 560 /** 561 * Request: Estimated size of the transaction 562 * This behaves exactly like SignTx, which means that it can ask using TxRequest 563 * This call is non-blocking (except possible PassphraseRequest to unlock the seed) 564 * @next TxSize 565 * @next Failure 566 */ 567 message EstimateTxSize { 568 required uint32 outputs_count = 1; // number of transaction outputs 569 required uint32 inputs_count = 2; // number of transaction inputs 570 optional string coin_name = 3 [default='Bitcoin']; // coin to use 571 } 572 573 /** 574 * Response: Estimated size of the transaction 575 * @prev EstimateTxSize 576 */ 577 message TxSize { 578 optional uint32 tx_size = 1; // estimated size of transaction in bytes 579 } 580 581 /** 582 * Request: Ask device to sign transaction 583 * @next PassphraseRequest 584 * @next PinMatrixRequest 585 * @next TxRequest 586 * @next Failure 587 */ 588 message SignTx { 589 required uint32 outputs_count = 1; // number of transaction outputs 590 required uint32 inputs_count = 2; // number of transaction inputs 591 optional string coin_name = 3 [default='Bitcoin']; // coin to use 592 optional uint32 version = 4 [default=1]; // transaction version 593 optional uint32 lock_time = 5 [default=0]; // transaction lock_time 594 } 595 596 /** 597 * Request: Simplified transaction signing 598 * This method doesn't support streaming, so there are hardware limits in number of inputs and outputs. 599 * In case of success, the result is returned using TxRequest message. 600 * @next PassphraseRequest 601 * @next PinMatrixRequest 602 * @next TxRequest 603 * @next Failure 604 */ 605 message SimpleSignTx { 606 repeated TxInputType inputs = 1; // transaction inputs 607 repeated TxOutputType outputs = 2; // transaction outputs 608 repeated TransactionType transactions = 3; // transactions whose outputs are used to build current inputs 609 optional string coin_name = 4 [default='Bitcoin']; // coin to use 610 optional uint32 version = 5 [default=1]; // transaction version 611 optional uint32 lock_time = 6 [default=0]; // transaction lock_time 612 } 613 614 /** 615 * Response: Device asks for information for signing transaction or returns the last result 616 * If request_index is set, device awaits TxAck message (with fields filled in according to request_type) 617 * If signature_index is set, 'signature' contains signed input of signature_index's input 618 * @prev SignTx 619 * @prev SimpleSignTx 620 * @prev TxAck 621 */ 622 message TxRequest { 623 optional RequestType request_type = 1; // what should be filled in TxAck message? 624 optional TxRequestDetailsType details = 2; // request for tx details 625 optional TxRequestSerializedType serialized = 3; // serialized data and request for next 626 } 627 628 /** 629 * Request: Reported transaction data 630 * @prev TxRequest 631 * @next TxRequest 632 */ 633 message TxAck { 634 optional TransactionType tx = 1; 635 } 636 637 /** 638 * Request: Ask device to sign transaction 639 * All fields are optional from the protocol's point of view. Each field defaults to value `0` if missing. 640 * Note: the first at most 1024 bytes of data MUST be transmitted as part of this message. 641 * @next PassphraseRequest 642 * @next PinMatrixRequest 643 * @next EthereumTxRequest 644 * @next Failure 645 */ 646 message EthereumSignTx { 647 repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node 648 optional bytes nonce = 2; // <=256 bit unsigned big endian 649 optional bytes gas_price = 3; // <=256 bit unsigned big endian (in wei) 650 optional bytes gas_limit = 4; // <=256 bit unsigned big endian 651 optional bytes to = 5; // 160 bit address hash 652 optional bytes value = 6; // <=256 bit unsigned big endian (in wei) 653 optional bytes data_initial_chunk = 7; // The initial data chunk (<= 1024 bytes) 654 optional uint32 data_length = 8; // Length of transaction payload 655 optional uint32 chain_id = 9; // Chain Id for EIP 155 656 } 657 658 /** 659 * Response: Device asks for more data from transaction payload, or returns the signature. 660 * If data_length is set, device awaits that many more bytes of payload. 661 * Otherwise, the signature_* fields contain the computed transaction signature. All three fields will be present. 662 * @prev EthereumSignTx 663 * @next EthereumTxAck 664 */ 665 message EthereumTxRequest { 666 optional uint32 data_length = 1; // Number of bytes being requested (<= 1024) 667 optional uint32 signature_v = 2; // Computed signature (recovery parameter, limited to 27 or 28) 668 optional bytes signature_r = 3; // Computed signature R component (256 bit) 669 optional bytes signature_s = 4; // Computed signature S component (256 bit) 670 } 671 672 /** 673 * Request: Transaction payload data. 674 * @prev EthereumTxRequest 675 * @next EthereumTxRequest 676 */ 677 message EthereumTxAck { 678 optional bytes data_chunk = 1; // Bytes from transaction payload (<= 1024 bytes) 679 } 680 681 //////////////////////////////////////// 682 // Ethereum: Message signing messages // 683 //////////////////////////////////////// 684 685 /** 686 * Request: Ask device to sign message 687 * @next EthereumMessageSignature 688 * @next Failure 689 */ 690 message EthereumSignMessage { 691 repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node 692 required bytes message = 2; // message to be signed 693 } 694 695 /** 696 * Request: Ask device to verify message 697 * @next Success 698 * @next Failure 699 */ 700 message EthereumVerifyMessage { 701 optional bytes address = 1; // address to verify 702 optional bytes signature = 2; // signature to verify 703 optional bytes message = 3; // message to verify 704 } 705 706 /** 707 * Response: Signed message 708 * @prev EthereumSignMessage 709 */ 710 message EthereumMessageSignature { 711 optional bytes address = 1; // address used to sign the message 712 optional bytes signature = 2; // signature of the message 713 } 714 715 /////////////////////// 716 // Identity messages // 717 /////////////////////// 718 719 /** 720 * Request: Ask device to sign identity 721 * @next SignedIdentity 722 * @next Failure 723 */ 724 message SignIdentity { 725 optional IdentityType identity = 1; // identity 726 optional bytes challenge_hidden = 2; // non-visible challenge 727 optional string challenge_visual = 3; // challenge shown on display (e.g. date+time) 728 optional string ecdsa_curve_name = 4; // ECDSA curve name to use 729 } 730 731 /** 732 * Response: Device provides signed identity 733 * @prev SignIdentity 734 */ 735 message SignedIdentity { 736 optional string address = 1; // identity address 737 optional bytes public_key = 2; // identity public key 738 optional bytes signature = 3; // signature of the identity data 739 } 740 741 /////////////////// 742 // ECDH messages // 743 /////////////////// 744 745 /** 746 * Request: Ask device to generate ECDH session key 747 * @next ECDHSessionKey 748 * @next Failure 749 */ 750 message GetECDHSessionKey { 751 optional IdentityType identity = 1; // identity 752 optional bytes peer_public_key = 2; // peer's public key 753 optional string ecdsa_curve_name = 3; // ECDSA curve name to use 754 } 755 756 /** 757 * Response: Device provides ECDH session key 758 * @prev GetECDHSessionKey 759 */ 760 message ECDHSessionKey { 761 optional bytes session_key = 1; // ECDH session key 762 } 763 764 /////////////////// 765 // U2F messages // 766 /////////////////// 767 768 /** 769 * Request: Set U2F counter 770 * @next Success 771 */ 772 message SetU2FCounter { 773 optional uint32 u2f_counter = 1; // counter 774 } 775 776 ///////////////////////// 777 // Bootloader messages // 778 ///////////////////////// 779 780 /** 781 * Request: Ask device to erase its firmware (so it can be replaced via FirmwareUpload) 782 * @next Success 783 * @next FirmwareRequest 784 * @next Failure 785 */ 786 message FirmwareErase { 787 optional uint32 length = 1; // length of new firmware 788 } 789 790 /** 791 * Response: Ask for firmware chunk 792 * @next FirmwareUpload 793 */ 794 message FirmwareRequest { 795 optional uint32 offset = 1; // offset of requested firmware chunk 796 optional uint32 length = 2; // length of requested firmware chunk 797 } 798 799 /** 800 * Request: Send firmware in binary form to the device 801 * @next Success 802 * @next Failure 803 */ 804 message FirmwareUpload { 805 required bytes payload = 1; // firmware to be loaded into device 806 optional bytes hash = 2; // hash of the payload 807 } 808 809 810 /** 811 * Request: Perform a device self-test 812 * @next Success 813 * @next Failure 814 */ 815 message SelfTest { 816 optional bytes payload = 1; // payload to be used in self-test 817 } 818 819 ///////////////////////////////////////////////////////////// 820 // Debug messages (only available if DebugLink is enabled) // 821 ///////////////////////////////////////////////////////////// 822 823 /** 824 * Request: "Press" the button on the device 825 * @next Success 826 */ 827 message DebugLinkDecision { 828 required bool yes_no = 1; // true for "Confirm", false for "Cancel" 829 } 830 831 /** 832 * Request: Computer asks for device state 833 * @next DebugLinkState 834 */ 835 message DebugLinkGetState { 836 } 837 838 /** 839 * Response: Device current state 840 * @prev DebugLinkGetState 841 */ 842 message DebugLinkState { 843 optional bytes layout = 1; // raw buffer of display 844 optional string pin = 2; // current PIN, blank if PIN is not set/enabled 845 optional string matrix = 3; // current PIN matrix 846 optional string mnemonic = 4; // current BIP-39 mnemonic 847 optional HDNodeType node = 5; // current BIP-32 node 848 optional bool passphrase_protection = 6; // is node/mnemonic encrypted using passphrase? 849 optional string reset_word = 7; // word on device display during ResetDevice workflow 850 optional bytes reset_entropy = 8; // current entropy during ResetDevice workflow 851 optional string recovery_fake_word = 9; // (fake) word on display during RecoveryDevice workflow 852 optional uint32 recovery_word_pos = 10; // index of mnemonic word the device is expecting during RecoveryDevice workflow 853 } 854 855 /** 856 * Request: Ask device to restart 857 */ 858 message DebugLinkStop { 859 } 860 861 /** 862 * Response: Device wants host to log event 863 */ 864 message DebugLinkLog { 865 optional uint32 level = 1; 866 optional string bucket = 2; 867 optional string text = 3; 868 } 869 870 /** 871 * Request: Read memory from device 872 * @next DebugLinkMemory 873 */ 874 message DebugLinkMemoryRead { 875 optional uint32 address = 1; 876 optional uint32 length = 2; 877 } 878 879 /** 880 * Response: Device sends memory back 881 * @prev DebugLinkMemoryRead 882 */ 883 message DebugLinkMemory { 884 optional bytes memory = 1; 885 } 886 887 /** 888 * Request: Write memory to device. 889 * WARNING: Writing to the wrong location can irreparably break the device. 890 */ 891 message DebugLinkMemoryWrite { 892 optional uint32 address = 1; 893 optional bytes memory = 2; 894 optional bool flash = 3; 895 } 896 897 /** 898 * Request: Erase block of flash on device 899 * WARNING: Writing to the wrong location can irreparably break the device. 900 */ 901 message DebugLinkFlashErase { 902 optional uint32 sector = 1; 903 }