KeepKey Build Procedure
Install Docker Community Edition from:
$ docker pull kktech/firmware:v5-beta
Clone the Source
The sources can be obtained from github:
$ git clone email@example.com:keepkey/keepkey-firmware.git $ git submodule update --init --recursive
To build the firmware using the docker container, use the provided script:
Verifying Published Binaries
Compare the hash of a given tagged build:
$ git checkout v5.8.1 $ git submodule update --init --recursive $ ./scripts/build/docker/device/release.sh $ shasum -a 256 ./bin/firmware.keepkey.bin
With that of the signed binary (ignoring signatures and firmware metadata):
$ curl -Ol https://github.com/keepkey/keepkey-firmware/releases/download/v5.8.1/firmware.keepkey.bin $ tail -c +257 firmware.keepkey.bin | shasum -a 256
Then inspect the metadata itself by comparing against the structure described here:
$ head -c +256 signed_firmware.bin | xxd -
Documentation can be found here.
If license is not specified in the header of a file, it can be assumed that it is licensed under LGPLv3.