gitlab.com/aquachain/aquachain@v1.17.16-rc3.0.20221018032414-e3ddf1e1c055/aqua/accounts/usbwallet/internal/trezor/messages.proto (about) 1 // This file originates from the SatoshiLabs Trezor `common` repository at: 2 // https://github.com/trezor/trezor-common/blob/master/protob/messages.proto 3 // dated 28.07.2017, commit dd8ec3231fb5f7992360aff9bdfe30bb58130f4b. 4 5 syntax = "proto2"; 6 7 /** 8 * Messages for TREZOR communication 9 */ 10 11 // Sugar for easier handling in Java 12 option java_package = "com.satoshilabs.trezor.lib.protobuf"; 13 option java_outer_classname = "TrezorMessage"; 14 15 import "types.proto"; 16 17 /** 18 * Mapping between Trezor wire identifier (uint) and a protobuf message 19 */ 20 enum MessageType { 21 MessageType_Initialize = 0 [(wire_in) = true]; 22 MessageType_Ping = 1 [(wire_in) = true]; 23 MessageType_Success = 2 [(wire_out) = true]; 24 MessageType_Failure = 3 [(wire_out) = true]; 25 MessageType_ChangePin = 4 [(wire_in) = true]; 26 MessageType_WipeDevice = 5 [(wire_in) = true]; 27 MessageType_FirmwareErase = 6 [(wire_in) = true, (wire_bootloader) = true]; 28 MessageType_FirmwareUpload = 7 [(wire_in) = true, (wire_bootloader) = true]; 29 MessageType_FirmwareRequest = 8 [(wire_out) = true, (wire_bootloader) = true]; 30 MessageType_GetEntropy = 9 [(wire_in) = true]; 31 MessageType_Entropy = 10 [(wire_out) = true]; 32 MessageType_GetPublicKey = 11 [(wire_in) = true]; 33 MessageType_PublicKey = 12 [(wire_out) = true]; 34 MessageType_LoadDevice = 13 [(wire_in) = true]; 35 MessageType_ResetDevice = 14 [(wire_in) = true]; 36 MessageType_SignTx = 15 [(wire_in) = true]; 37 MessageType_SimpleSignTx = 16 [(wire_in) = true, deprecated = true]; 38 MessageType_Features = 17 [(wire_out) = true]; 39 MessageType_PinMatrixRequest = 18 [(wire_out) = true]; 40 MessageType_PinMatrixAck = 19 [(wire_in) = true, (wire_tiny) = true]; 41 MessageType_Cancel = 20 [(wire_in) = true]; 42 MessageType_TxRequest = 21 [(wire_out) = true]; 43 MessageType_TxAck = 22 [(wire_in) = true]; 44 MessageType_CipherKeyValue = 23 [(wire_in) = true]; 45 MessageType_ClearSession = 24 [(wire_in) = true]; 46 MessageType_ApplySettings = 25 [(wire_in) = true]; 47 MessageType_ButtonRequest = 26 [(wire_out) = true]; 48 MessageType_ButtonAck = 27 [(wire_in) = true, (wire_tiny) = true]; 49 MessageType_ApplyFlags = 28 [(wire_in) = true]; 50 MessageType_GetAddress = 29 [(wire_in) = true]; 51 MessageType_Address = 30 [(wire_out) = true]; 52 MessageType_SelfTest = 32 [(wire_in) = true, (wire_bootloader) = true]; 53 MessageType_BackupDevice = 34 [(wire_in) = true]; 54 MessageType_EntropyRequest = 35 [(wire_out) = true]; 55 MessageType_EntropyAck = 36 [(wire_in) = true]; 56 MessageType_SignMessage = 38 [(wire_in) = true]; 57 MessageType_VerifyMessage = 39 [(wire_in) = true]; 58 MessageType_MessageSignature = 40 [(wire_out) = true]; 59 MessageType_PassphraseRequest = 41 [(wire_out) = true]; 60 MessageType_PassphraseAck = 42 [(wire_in) = true, (wire_tiny) = true]; 61 MessageType_EstimateTxSize = 43 [(wire_in) = true, deprecated = true]; 62 MessageType_TxSize = 44 [(wire_out) = true, deprecated = true]; 63 MessageType_RecoveryDevice = 45 [(wire_in) = true]; 64 MessageType_WordRequest = 46 [(wire_out) = true]; 65 MessageType_WordAck = 47 [(wire_in) = true]; 66 MessageType_CipheredKeyValue = 48 [(wire_out) = true]; 67 MessageType_EncryptMessage = 49 [(wire_in) = true, deprecated = true]; 68 MessageType_EncryptedMessage = 50 [(wire_out) = true, deprecated = true]; 69 MessageType_DecryptMessage = 51 [(wire_in) = true, deprecated = true]; 70 MessageType_DecryptedMessage = 52 [(wire_out) = true, deprecated = true]; 71 MessageType_SignIdentity = 53 [(wire_in) = true]; 72 MessageType_SignedIdentity = 54 [(wire_out) = true]; 73 MessageType_GetFeatures = 55 [(wire_in) = true]; 74 MessageType_AquachainGetAddress = 56 [(wire_in) = true]; 75 MessageType_AquachainAddress = 57 [(wire_out) = true]; 76 MessageType_AquachainSignTx = 58 [(wire_in) = true]; 77 MessageType_AquachainTxRequest = 59 [(wire_out) = true]; 78 MessageType_AquachainTxAck = 60 [(wire_in) = true]; 79 MessageType_GetECDHSessionKey = 61 [(wire_in) = true]; 80 MessageType_ECDHSessionKey = 62 [(wire_out) = true]; 81 MessageType_SetU2FCounter = 63 [(wire_in) = true]; 82 MessageType_AquachainSignMessage = 64 [(wire_in) = true]; 83 MessageType_AquachainVerifyMessage = 65 [(wire_in) = true]; 84 MessageType_AquachainMessageSignature = 66 [(wire_out) = true]; 85 MessageType_DebugLinkDecision = 100 86 [(wire_debug_in) = true, (wire_tiny) = true]; 87 MessageType_DebugLinkGetState = 101 [(wire_debug_in) = true]; 88 MessageType_DebugLinkState = 102 [(wire_debug_out) = true]; 89 MessageType_DebugLinkStop = 103 [(wire_debug_in) = true]; 90 MessageType_DebugLinkLog = 104 [(wire_debug_out) = true]; 91 MessageType_DebugLinkMemoryRead = 110 [(wire_debug_in) = true]; 92 MessageType_DebugLinkMemory = 111 [(wire_debug_out) = true]; 93 MessageType_DebugLinkMemoryWrite = 112 [(wire_debug_in) = true]; 94 MessageType_DebugLinkFlashErase = 113 [(wire_debug_in) = true]; 95 } 96 97 //////////////////// 98 // Basic messages // 99 //////////////////// 100 101 /** 102 * Request: Reset device to default state and ask for device details 103 * @next Features 104 */ 105 message Initialize {} 106 107 /** 108 * Request: Ask for device details (no device reset) 109 * @next Features 110 */ 111 message GetFeatures {} 112 113 /** 114 * Response: Reports various information about the device 115 * @prev Initialize 116 * @prev GetFeatures 117 */ 118 message Features { 119 optional string vendor = 120 1; // name of the manufacturer, e.g. "bitcointrezor.com" 121 optional uint32 major_version = 2; // major version of the device, e.g. 1 122 optional uint32 minor_version = 3; // minor version of the device, e.g. 0 123 optional uint32 patch_version = 4; // patch version of the device, e.g. 0 124 optional bool bootloader_mode = 5; // is device in bootloader mode? 125 optional string device_id = 6; // device's unique identifier 126 optional bool pin_protection = 7; // is device protected by PIN? 127 optional bool passphrase_protection = 128 8; // is node/mnemonic encrypted using passphrase? 129 optional string language = 9; // device language 130 optional string label = 10; // device description label 131 repeated CoinType coins = 11; // supported coins 132 optional bool initialized = 12; // does device contain seed? 133 optional bytes revision = 13; // SCM revision of firmware 134 optional bytes bootloader_hash = 14; // hash of the bootloader 135 optional bool imported = 15; // was storage imported from an external source? 136 optional bool pin_cached = 16; // is PIN already cached in session? 137 optional bool passphrase_cached = 138 17; // is passphrase already cached in session? 139 optional bool firmware_present = 18; // is valid firmware loaded? 140 optional bool needs_backup = 141 19; // does storage need backup? (equals to Storage.needs_backup) 142 optional uint32 flags = 20; // device flags (equals to Storage.flags) 143 } 144 145 /** 146 * Request: clear session (removes cached PIN, passphrase, etc). 147 * @next Success 148 */ 149 message ClearSession {} 150 151 /** 152 * Request: change language and/or label of the device 153 * @next Success 154 * @next Failure 155 * @next ButtonRequest 156 * @next PinMatrixRequest 157 */ 158 message ApplySettings { 159 optional string language = 1; 160 optional string label = 2; 161 optional bool use_passphrase = 3; 162 optional bytes homescreen = 4; 163 } 164 165 /** 166 * Request: set flags of the device 167 * @next Success 168 * @next Failure 169 */ 170 message ApplyFlags { 171 optional uint32 flags = 1; // bitmask, can only set bits, not unset 172 } 173 174 /** 175 * Request: Starts workflow for setting/changing/removing the PIN 176 * @next ButtonRequest 177 * @next PinMatrixRequest 178 */ 179 message ChangePin { 180 optional bool remove = 1; // is PIN removal requested? 181 } 182 183 /** 184 * Request: Test if the device is alive, device sends back the message in 185 * Success response 186 * @next Success 187 */ 188 message Ping { 189 optional string message = 1; // message to send back in Success message 190 optional bool button_protection = 2; // ask for button press 191 optional bool pin_protection = 3; // ask for PIN if set in device 192 optional bool passphrase_protection = 193 4; // ask for passphrase if set in device 194 } 195 196 /** 197 * Response: Success of the previous request 198 */ 199 message Success { 200 optional string message = 201 1; // human readable description of action or request-specific payload 202 } 203 204 /** 205 * Response: Failure of the previous request 206 */ 207 message Failure { 208 optional FailureType code = 209 1; // computer-readable definition of the error state 210 optional string message = 2; // human-readable message of the error state 211 } 212 213 /** 214 * Response: Device is waiting for HW button press. 215 * @next ButtonAck 216 * @next Cancel 217 */ 218 message ButtonRequest { 219 optional ButtonRequestType code = 1; 220 optional string data = 2; 221 } 222 223 /** 224 * Request: Computer agrees to wait for HW button press 225 * @prev ButtonRequest 226 */ 227 message ButtonAck {} 228 229 /** 230 * Response: Device is asking computer to show PIN matrix and awaits PIN encoded 231 * using this matrix scheme 232 * @next PinMatrixAck 233 * @next Cancel 234 */ 235 message PinMatrixRequest { 236 optional PinMatrixRequestType type = 1; 237 } 238 239 /** 240 * Request: Computer responds with encoded PIN 241 * @prev PinMatrixRequest 242 */ 243 message PinMatrixAck { 244 required string pin = 1; // matrix encoded PIN entered by user 245 } 246 247 /** 248 * Request: Abort last operation that required user interaction 249 * @prev ButtonRequest 250 * @prev PinMatrixRequest 251 * @prev PassphraseRequest 252 */ 253 message Cancel {} 254 255 /** 256 * Response: Device awaits encryption passphrase 257 * @next PassphraseAck 258 * @next Cancel 259 */ 260 message PassphraseRequest {} 261 262 /** 263 * Request: Send passphrase back 264 * @prev PassphraseRequest 265 */ 266 message PassphraseAck { 267 required string passphrase = 1; 268 } 269 270 /** 271 * Request: Request a sample of random data generated by hardware RNG. May be 272 * used for testing. 273 * @next ButtonRequest 274 * @next Entropy 275 * @next Failure 276 */ 277 message GetEntropy { 278 required uint32 size = 1; // size of requested entropy 279 } 280 281 /** 282 * Response: Reply with random data generated by internal RNG 283 * @prev GetEntropy 284 */ 285 message Entropy { 286 required bytes entropy = 1; // stream of random generated bytes 287 } 288 289 /** 290 * Request: Ask device for public key corresponding to address_n path 291 * @next PassphraseRequest 292 * @next PublicKey 293 * @next Failure 294 */ 295 message GetPublicKey { 296 repeated uint32 address_n = 297 1; // BIP-32 path to derive the key from master node 298 optional string ecdsa_curve_name = 2; // ECDSA curve name to use 299 optional bool show_display = 300 3; // optionally show on display before sending the result 301 optional string coin_name = 4 [default = 'Bitcoin']; 302 } 303 304 /** 305 * Response: Contains public key derived from device private seed 306 * @prev GetPublicKey 307 */ 308 message PublicKey { 309 required HDNodeType node = 1; // BIP32 public node 310 optional string xpub = 2; // serialized form of public node 311 } 312 313 /** 314 * Request: Ask device for address corresponding to address_n path 315 * @next PassphraseRequest 316 * @next Address 317 * @next Failure 318 */ 319 message GetAddress { 320 repeated uint32 address_n = 321 1; // BIP-32 path to derive the key from master node 322 optional string coin_name = 2 [default = 'Bitcoin']; 323 optional bool show_display = 324 3; // optionally show on display before sending the result 325 optional MultisigRedeemScriptType multisig = 326 4; // filled if we are showing a multisig address 327 optional InputScriptType script_type = 5 328 [default = SPENDADDRESS]; // used to distinguish between various address 329 // formats (non-segwit, segwit, etc.) 330 } 331 332 /** 333 * Request: Ask device for Aquachain address corresponding to address_n path 334 * @next PassphraseRequest 335 * @next AquachainAddress 336 * @next Failure 337 */ 338 message AquachainGetAddress { 339 repeated uint32 address_n = 340 1; // BIP-32 path to derive the key from master node 341 optional bool show_display = 342 2; // optionally show on display before sending the result 343 } 344 345 /** 346 * Response: Contains address derived from device private seed 347 * @prev GetAddress 348 */ 349 message Address { 350 required string address = 1; // Coin address in Base58 encoding 351 } 352 353 /** 354 * Response: Contains an Aquachain address derived from device private seed 355 * @prev AquachainGetAddress 356 */ 357 message AquachainAddress { 358 required bytes address = 1; // Coin address as an Aquachain 160 bit hash 359 } 360 361 /** 362 * Request: Request device to wipe all sensitive data and settings 363 * @next ButtonRequest 364 */ 365 message WipeDevice {} 366 367 /** 368 * Request: Load seed and related internal settings from the computer 369 * @next ButtonRequest 370 * @next Success 371 * @next Failure 372 */ 373 message LoadDevice { 374 optional string mnemonic = 375 1; // seed encoded as BIP-39 mnemonic (12, 18 or 24 words) 376 optional HDNodeType node = 2; // BIP-32 node 377 optional string pin = 3; // set PIN protection 378 optional bool passphrase_protection = 379 4; // enable master node encryption using passphrase 380 optional string language = 5 [default = 'english']; // device language 381 optional string label = 6; // device label 382 optional bool skip_checksum = 383 7; // do not test mnemonic for valid BIP-39 checksum 384 optional uint32 u2f_counter = 8; // U2F counter 385 } 386 387 /** 388 * Request: Ask device to do initialization involving user interaction 389 * @next EntropyRequest 390 * @next Failure 391 */ 392 message ResetDevice { 393 optional bool display_random = 1; // display entropy generated by the device 394 // before asking for additional entropy 395 optional uint32 strength = 2 [default = 256]; // strength of seed in bits 396 optional bool passphrase_protection = 397 3; // enable master node encryption using passphrase 398 optional bool pin_protection = 4; // enable PIN protection 399 optional string language = 5 [default = 'english']; // device language 400 optional string label = 6; // device label 401 optional uint32 u2f_counter = 7; // U2F counter 402 optional bool skip_backup = 403 8; // postpone seed backup to BackupDevice workflow 404 } 405 406 /** 407 * Request: Perform backup of the device seed if not backed up using ResetDevice 408 * @next ButtonRequest 409 */ 410 message BackupDevice {} 411 412 /** 413 * Response: Ask for additional entropy from host computer 414 * @prev ResetDevice 415 * @next EntropyAck 416 */ 417 message EntropyRequest {} 418 419 /** 420 * Request: Provide additional entropy for seed generation function 421 * @prev EntropyRequest 422 * @next ButtonRequest 423 */ 424 message EntropyAck { 425 optional bytes entropy = 1; // 256 bits (32 bytes) of random data 426 } 427 428 /** 429 * Request: Start recovery workflow asking user for specific words of mnemonic 430 * Used to recovery device safely even on untrusted computer. 431 * @next WordRequest 432 */ 433 message RecoveryDevice { 434 optional uint32 word_count = 1; // number of words in BIP-39 mnemonic 435 optional bool passphrase_protection = 436 2; // enable master node encryption using passphrase 437 optional bool pin_protection = 3; // enable PIN protection 438 optional string language = 4 [default = 'english']; // device language 439 optional string label = 5; // device label 440 optional bool enforce_wordlist = 441 6; // enforce BIP-39 wordlist during the process 442 // 7 reserved for unused recovery method 443 optional uint32 type = 8; // supported recovery type (see RecoveryType) 444 optional uint32 u2f_counter = 9; // U2F counter 445 optional bool dry_run = 446 10; // perform dry-run recovery workflow (for safe mnemonic validation) 447 } 448 449 /** 450 * Response: Device is waiting for user to enter word of the mnemonic 451 * Its position is shown only on device's internal display. 452 * @prev RecoveryDevice 453 * @prev WordAck 454 */ 455 message WordRequest { 456 optional WordRequestType type = 1; 457 } 458 459 /** 460 * Request: Computer replies with word from the mnemonic 461 * @prev WordRequest 462 * @next WordRequest 463 * @next Success 464 * @next Failure 465 */ 466 message WordAck { 467 required string word = 1; // one word of mnemonic on asked position 468 } 469 470 ////////////////////////////// 471 // Message signing messages // 472 ////////////////////////////// 473 474 /** 475 * Request: Ask device to sign message 476 * @next MessageSignature 477 * @next Failure 478 */ 479 message SignMessage { 480 repeated uint32 address_n = 481 1; // BIP-32 path to derive the key from master node 482 required bytes message = 2; // message to be signed 483 optional string coin_name = 3 484 [default = 'Bitcoin']; // coin to use for signing 485 optional InputScriptType script_type = 4 486 [default = SPENDADDRESS]; // used to distinguish between various address 487 // formats (non-segwit, segwit, etc.) 488 } 489 490 /** 491 * Request: Ask device to verify message 492 * @next Success 493 * @next Failure 494 */ 495 message VerifyMessage { 496 optional string address = 1; // address to verify 497 optional bytes signature = 2; // signature to verify 498 optional bytes message = 3; // message to verify 499 optional string coin_name = 4 500 [default = 'Bitcoin']; // coin to use for verifying 501 } 502 503 /** 504 * Response: Signed message 505 * @prev SignMessage 506 */ 507 message MessageSignature { 508 optional string address = 1; // address used to sign the message 509 optional bytes signature = 2; // signature of the message 510 } 511 512 /////////////////////////// 513 // Encryption/decryption // 514 /////////////////////////// 515 516 /** 517 * Request: Ask device to encrypt message 518 * @next EncryptedMessage 519 * @next Failure 520 */ 521 message EncryptMessage { 522 optional bytes pubkey = 1; // public key 523 optional bytes message = 2; // message to encrypt 524 optional bool display_only = 525 3; // show just on display? (don't send back via wire) 526 repeated uint32 address_n = 527 4; // BIP-32 path to derive the signing key from master node 528 optional string coin_name = 5 529 [default = 'Bitcoin']; // coin to use for signing 530 } 531 532 /** 533 * Response: Encrypted message 534 * @prev EncryptMessage 535 */ 536 message EncryptedMessage { 537 optional bytes nonce = 1; // nonce used during encryption 538 optional bytes message = 2; // encrypted message 539 optional bytes hmac = 3; // message hmac 540 } 541 542 /** 543 * Request: Ask device to decrypt message 544 * @next Success 545 * @next Failure 546 */ 547 message DecryptMessage { 548 repeated uint32 address_n = 549 1; // BIP-32 path to derive the decryption key from master node 550 optional bytes nonce = 2; // nonce used during encryption 551 optional bytes message = 3; // message to decrypt 552 optional bytes hmac = 4; // message hmac 553 } 554 555 /** 556 * Response: Decrypted message 557 * @prev DecryptedMessage 558 */ 559 message DecryptedMessage { 560 optional bytes message = 1; // decrypted message 561 optional string address = 2; // address used to sign the message (if used) 562 } 563 564 /** 565 * Request: Ask device to encrypt or decrypt value of given key 566 * @next CipheredKeyValue 567 * @next Failure 568 */ 569 message CipherKeyValue { 570 repeated uint32 address_n = 571 1; // BIP-32 path to derive the key from master node 572 optional string key = 2; // key component of key:value 573 optional bytes value = 3; // value component of key:value 574 optional bool encrypt = 4; // are we encrypting (True) or decrypting (False)? 575 optional bool ask_on_encrypt = 5; // should we ask on encrypt operation? 576 optional bool ask_on_decrypt = 6; // should we ask on decrypt operation? 577 optional bytes iv = 7; // initialization vector (will be computed if not set) 578 } 579 580 /** 581 * Response: Return ciphered/deciphered value 582 * @prev CipherKeyValue 583 */ 584 message CipheredKeyValue { 585 optional bytes value = 1; // ciphered/deciphered value 586 } 587 588 ////////////////////////////////// 589 // Transaction signing messages // 590 ////////////////////////////////// 591 592 /** 593 * Request: Estimated size of the transaction 594 * This behaves exactly like SignTx, which means that it can ask using TxRequest 595 * This call is non-blocking (except possible PassphraseRequest to unlock the 596 * seed) 597 * @next TxSize 598 * @next Failure 599 */ 600 message EstimateTxSize { 601 required uint32 outputs_count = 1; // number of transaction outputs 602 required uint32 inputs_count = 2; // number of transaction inputs 603 optional string coin_name = 3 [default = 'Bitcoin']; // coin to use 604 } 605 606 /** 607 * Response: Estimated size of the transaction 608 * @prev EstimateTxSize 609 */ 610 message TxSize { 611 optional uint32 tx_size = 1; // estimated size of transaction in bytes 612 } 613 614 /** 615 * Request: Ask device to sign transaction 616 * @next PassphraseRequest 617 * @next PinMatrixRequest 618 * @next TxRequest 619 * @next Failure 620 */ 621 message SignTx { 622 required uint32 outputs_count = 1; // number of transaction outputs 623 required uint32 inputs_count = 2; // number of transaction inputs 624 optional string coin_name = 3 [default = 'Bitcoin']; // coin to use 625 optional uint32 version = 4 [default = 1]; // transaction version 626 optional uint32 lock_time = 5 [default = 0]; // transaction lock_time 627 } 628 629 /** 630 * Request: Simplified transaction signing 631 * This method doesn't support streaming, so there are hardware limits in number 632 * of inputs and outputs. In case of success, the result is returned using 633 * TxRequest message. 634 * @next PassphraseRequest 635 * @next PinMatrixRequest 636 * @next TxRequest 637 * @next Failure 638 */ 639 message SimpleSignTx { 640 repeated TxInputType inputs = 1; // transaction inputs 641 repeated TxOutputType outputs = 2; // transaction outputs 642 repeated TransactionType transactions = 643 3; // transactions whose outputs are used to build current inputs 644 optional string coin_name = 4 [default = 'Bitcoin']; // coin to use 645 optional uint32 version = 5 [default = 1]; // transaction version 646 optional uint32 lock_time = 6 [default = 0]; // transaction lock_time 647 } 648 649 /** 650 * Response: Device asks for information for signing transaction or returns the 651 * last result If request_index is set, device awaits TxAck message (with fields 652 * filled in according to request_type) If signature_index is set, 'signature' 653 * contains signed input of signature_index's input 654 * @prev SignTx 655 * @prev SimpleSignTx 656 * @prev TxAck 657 */ 658 message TxRequest { 659 optional RequestType request_type = 660 1; // what should be filled in TxAck message? 661 optional TxRequestDetailsType details = 2; // request for tx details 662 optional TxRequestSerializedType serialized = 663 3; // serialized data and request for next 664 } 665 666 /** 667 * Request: Reported transaction data 668 * @prev TxRequest 669 * @next TxRequest 670 */ 671 message TxAck { 672 optional TransactionType tx = 1; 673 } 674 675 /** 676 * Request: Ask device to sign transaction 677 * All fields are optional from the protocol's point of view. Each field 678 * defaults to value `0` if missing. Note: the first at most 1024 bytes of data 679 * MUST be transmitted as part of this message. 680 * @next PassphraseRequest 681 * @next PinMatrixRequest 682 * @next AquachainTxRequest 683 * @next Failure 684 */ 685 message AquachainSignTx { 686 repeated uint32 address_n = 687 1; // BIP-32 path to derive the key from master node 688 optional bytes nonce = 2; // <=256 bit unsigned big endian 689 optional bytes gas_price = 3; // <=256 bit unsigned big endian (in wei) 690 optional bytes gas_limit = 4; // <=256 bit unsigned big endian 691 optional bytes to = 5; // 160 bit address hash 692 optional bytes value = 6; // <=256 bit unsigned big endian (in wei) 693 optional bytes data_initial_chunk = 694 7; // The initial data chunk (<= 1024 bytes) 695 optional uint32 data_length = 8; // Length of transaction payload 696 optional uint32 chain_id = 9; // Chain Id for EIP 155 697 } 698 699 /** 700 * Response: Device asks for more data from transaction payload, or returns the 701 * signature. If data_length is set, device awaits that many more bytes of 702 * payload. Otherwise, the signature_* fields contain the computed transaction 703 * signature. All three fields will be present. 704 * @prev AquachainSignTx 705 * @next AquachainTxAck 706 */ 707 message AquachainTxRequest { 708 optional uint32 data_length = 1; // Number of bytes being requested (<= 1024) 709 optional uint32 signature_v = 710 2; // Computed signature (recovery parameter, limited to 27 or 28) 711 optional bytes signature_r = 3; // Computed signature R component (256 bit) 712 optional bytes signature_s = 4; // Computed signature S component (256 bit) 713 } 714 715 /** 716 * Request: Transaction payload data. 717 * @prev AquachainTxRequest 718 * @next AquachainTxRequest 719 */ 720 message AquachainTxAck { 721 optional bytes data_chunk = 722 1; // Bytes from transaction payload (<= 1024 bytes) 723 } 724 725 //////////////////////////////////////// 726 // Aquachain: Message signing messages // 727 //////////////////////////////////////// 728 729 /** 730 * Request: Ask device to sign message 731 * @next AquachainMessageSignature 732 * @next Failure 733 */ 734 message AquachainSignMessage { 735 repeated uint32 address_n = 736 1; // BIP-32 path to derive the key from master node 737 required bytes message = 2; // message to be signed 738 } 739 740 /** 741 * Request: Ask device to verify message 742 * @next Success 743 * @next Failure 744 */ 745 message AquachainVerifyMessage { 746 optional bytes address = 1; // address to verify 747 optional bytes signature = 2; // signature to verify 748 optional bytes message = 3; // message to verify 749 } 750 751 /** 752 * Response: Signed message 753 * @prev AquachainSignMessage 754 */ 755 message AquachainMessageSignature { 756 optional bytes address = 1; // address used to sign the message 757 optional bytes signature = 2; // signature of the message 758 } 759 760 /////////////////////// 761 // Identity messages // 762 /////////////////////// 763 764 /** 765 * Request: Ask device to sign identity 766 * @next SignedIdentity 767 * @next Failure 768 */ 769 message SignIdentity { 770 optional IdentityType identity = 1; // identity 771 optional bytes challenge_hidden = 2; // non-visible challenge 772 optional string challenge_visual = 773 3; // challenge shown on display (e.g. date+time) 774 optional string ecdsa_curve_name = 4; // ECDSA curve name to use 775 } 776 777 /** 778 * Response: Device provides signed identity 779 * @prev SignIdentity 780 */ 781 message SignedIdentity { 782 optional string address = 1; // identity address 783 optional bytes public_key = 2; // identity public key 784 optional bytes signature = 3; // signature of the identity data 785 } 786 787 /////////////////// 788 // ECDH messages // 789 /////////////////// 790 791 /** 792 * Request: Ask device to generate ECDH session key 793 * @next ECDHSessionKey 794 * @next Failure 795 */ 796 message GetECDHSessionKey { 797 optional IdentityType identity = 1; // identity 798 optional bytes peer_public_key = 2; // peer's public key 799 optional string ecdsa_curve_name = 3; // ECDSA curve name to use 800 } 801 802 /** 803 * Response: Device provides ECDH session key 804 * @prev GetECDHSessionKey 805 */ 806 message ECDHSessionKey { 807 optional bytes session_key = 1; // ECDH session key 808 } 809 810 /////////////////// 811 // U2F messages // 812 /////////////////// 813 814 /** 815 * Request: Set U2F counter 816 * @next Success 817 */ 818 message SetU2FCounter { 819 optional uint32 u2f_counter = 1; // counter 820 } 821 822 ///////////////////////// 823 // Bootloader messages // 824 ///////////////////////// 825 826 /** 827 * Request: Ask device to erase its firmware (so it can be replaced via 828 * FirmwareUpload) 829 * @next Success 830 * @next FirmwareRequest 831 * @next Failure 832 */ 833 message FirmwareErase { 834 optional uint32 length = 1; // length of new firmware 835 } 836 837 /** 838 * Response: Ask for firmware chunk 839 * @next FirmwareUpload 840 */ 841 message FirmwareRequest { 842 optional uint32 offset = 1; // offset of requested firmware chunk 843 optional uint32 length = 2; // length of requested firmware chunk 844 } 845 846 /** 847 * Request: Send firmware in binary form to the device 848 * @next Success 849 * @next Failure 850 */ 851 message FirmwareUpload { 852 required bytes payload = 1; // firmware to be loaded into device 853 optional bytes hash = 2; // hash of the payload 854 } 855 856 /** 857 * Request: Perform a device self-test 858 * @next Success 859 * @next Failure 860 */ 861 message SelfTest { 862 optional bytes payload = 1; // payload to be used in self-test 863 } 864 865 ///////////////////////////////////////////////////////////// 866 // Debug messages (only available if DebugLink is enabled) // 867 ///////////////////////////////////////////////////////////// 868 869 /** 870 * Request: "Press" the button on the device 871 * @next Success 872 */ 873 message DebugLinkDecision { 874 required bool yes_no = 1; // true for "Confirm", false for "Cancel" 875 } 876 877 /** 878 * Request: Computer asks for device state 879 * @next DebugLinkState 880 */ 881 message DebugLinkGetState {} 882 883 /** 884 * Response: Device current state 885 * @prev DebugLinkGetState 886 */ 887 message DebugLinkState { 888 optional bytes layout = 1; // raw buffer of display 889 optional string pin = 2; // current PIN, blank if PIN is not set/enabled 890 optional string matrix = 3; // current PIN matrix 891 optional string mnemonic = 4; // current BIP-39 mnemonic 892 optional HDNodeType node = 5; // current BIP-32 node 893 optional bool passphrase_protection = 894 6; // is node/mnemonic encrypted using passphrase? 895 optional string reset_word = 896 7; // word on device display during ResetDevice workflow 897 optional bytes reset_entropy = 898 8; // current entropy during ResetDevice workflow 899 optional string recovery_fake_word = 900 9; // (fake) word on display during RecoveryDevice workflow 901 optional uint32 recovery_word_pos = 902 10; // index of mnemonic word the device is expecting during 903 // RecoveryDevice workflow 904 } 905 906 /** 907 * Request: Ask device to restart 908 */ 909 message DebugLinkStop {} 910 911 /** 912 * Response: Device wants host to log event 913 */ 914 message DebugLinkLog { 915 optional uint32 level = 1; 916 optional string bucket = 2; 917 optional string text = 3; 918 } 919 920 /** 921 * Request: Read memory from device 922 * @next DebugLinkMemory 923 */ 924 message DebugLinkMemoryRead { 925 optional uint32 address = 1; 926 optional uint32 length = 2; 927 } 928 929 /** 930 * Response: Device sends memory back 931 * @prev DebugLinkMemoryRead 932 */ 933 message DebugLinkMemory { 934 optional bytes memory = 1; 935 } 936 937 /** 938 * Request: Write memory to device. 939 * WARNING: Writing to the wrong location can irreparably break the device. 940 */ 941 message DebugLinkMemoryWrite { 942 optional uint32 address = 1; 943 optional bytes memory = 2; 944 optional bool flash = 3; 945 } 946 947 /** 948 * Request: Erase block of flash on device 949 * WARNING: Writing to the wrong location can irreparably break the device. 950 */ 951 message DebugLinkFlashErase { 952 optional uint32 sector = 1; 953 }