refactor(core): Allow eth & btc signing at m / 45' / coin_type / account / change / address_index #2682
Conversation
0xBEEFCAF3
force-pushed
the
update-casa-paths
branch
from
7ed5c7f
to
8540655
Compare
0xBEEFCAF3
changed the title
0xBEEFCAF3
force-pushed
the
update-casa-paths
branch
from
8540655
to
3f43d23
Compare
0xBEEFCAF3
force-pushed
the
update-casa-paths
branch
from
3f43d23
to
e4907ad
Compare
…ange/address_index [no changelog]
0xBEEFCAF3
force-pushed
the
update-casa-paths
branch
from
e4907ad
to
a07662a
Compare
|
please also add test for EthereumSignTx, that seems to be the more important part -- or will you not be using EthereumSignTx with the new paths? |
We will not be using EthereumSignTx for these new paths -- only message signing |
|
@matejcik seems like this merge has broken device/UI tests. The addition of a new test at the second place in However, a bigger issue seems that the new test doesn't even work: Gitlb job: https://gitlab.com/satoshilabs/trezor/trezor-firmware/-/jobs/3621363252 The same happens on my machine as well. Not sure whether there is a mistake in the assertion or in the code |
|
@grdddj Apologies I believe the assertion is incorrect. I'll fix that and move the test fixture to the last element of that list. |
|
Drafted a PR #2753 |
Thanks for correcting the asserted address in the PR. I made another PR - #2754 - with that change and also with updating our UI test-suite. When the CI turns green, we will merge it into That is what I meant by "recording the fixtures" - new test-case was added, but the screen recording of that test-case was not done, so the tests complained. We do that to have an overview of all screens during our testing, as when something fails later, it is a signal of something going wrong. Example of the failed test run with UI diff (from current |
#2754 already contains the changes from #2753. I could have took that commit, but it is in a remote fork, so I could not push anything on that branch anyway. #2753 could be closed if #2754 is merged |
|
@matejcik Do you know roughly when these changes are going to be deployed? |
|
we're currently aiming for March release of T1 and April for TT |
|
Thanks for Rolling out the T1 firmware. Everything looks great! Do you have a date set for the April release for TT? We are working on a release that is dependent on this, so if you have a target date, that would be very helpful. Thank you! |
|
the release is scheduled for April 12 (early access) and April 19 (full public release). |
|
@matejcik Great! Thank you for the update |
|
We won't release the fw in early access phase. Full public release is still valid. |
|
Thanks for the update! |
Toward an Unhardened Multisig Standard
Casa and other multisig providers have learned that the use of extensive key hardening causes usability issues. This is due to additional complexities that arise from having to coordinate the use of multiple geographically distributed keys. The degradation of user experience is not offset by any security improvements because the primary security of a multisignature wallet comes from preventing any given key from being a single point of failure.
With that said, multisig coordinators should only need to harden up to the purpose path.
Mutlisig coordinators should sign at
m / 45' / coin_type / account / change / address_index.