Mirrors
/
monero
mirror of https://github.com/monero-project/monero.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

trezor: vendor trezor-common

This commit is contained in:
tobtoht 2024-09-26 18:21:05 +02:00
parent 2ad6f08122
commit 9ffd88591c
No known key found for this signature in database
GPG Key ID: E45B10DD027D2472
12 changed files with 1911 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitmodules vendored
View File

@ -4,9 +4,6 @@
[submodule "external/rapidjson"]
path = external/rapidjson
url = https://github.com/Tencent/rapidjson
[submodule "external/trezor-common"]
path = external/trezor-common
url = https://github.com/trezor/trezor-common.git
[submodule "external/randomx"]
path = external/randomx
url = https://github.com/tevador/RandomX

1
CMakeLists.txt
View File

@ -374,7 +374,6 @@ if(NOT MANUAL_SUBMODULES)
message(STATUS "Checking submodules")
check_submodule(external/miniupnp)
check_submodule(external/rapidjson)
check_submodule(external/trezor-common)
check_submodule(external/randomx)
check_submodule(external/supercop)
endif()

2
cmake/CheckTrezor.cmake
View File

@ -171,7 +171,7 @@ if(Protobuf_FOUND AND USE_DEVICE_TREZOR)
list(APPEND _proto_files "messages-debug.proto")
endif ()
set(_proto_include_dir "${CMAKE_SOURCE_DIR}/external/trezor-common/protob")
set(_proto_include_dir "${CMAKE_SOURCE_DIR}/src/device_trezor/trezor/protob")
set(_proto_files_absolute)
foreach(file IN LISTS _proto_files)
list(APPEND _proto_files_absolute "${_proto_include_dir}/${file}")

1
external/trezor-common vendored

@ -1 +0,0 @@
Subproject commit bc28c316d05bf1e9ebfe3d7df1ab25831d98d168

1
src/device_trezor/trezor/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
trezor-common

28
src/device_trezor/trezor/fetch_protob.sh Executable file
View File

@ -0,0 +1,28 @@
#!/usr/bin/env sh
set -e
cd "$(dirname "$0")"
if [ ! -d "trezor-common" ]; then
git clone https://github.com/trezor/trezor-common.git
fi
cd trezor-common
git fetch
git reset --hard bc28c316d05bf1e9ebfe3d7df1ab25831d98d168
cd ..
rm -rf protob
mkdir protob
proto_files="messages.proto messages-common.proto messages-monero.proto messages-management.proto messages-debug.proto"
for file in ${proto_files}
do
cp "trezor-common/protob/${file}" protob/
done
cp "trezor-common/COPYING" protob/
cd protob
echo "Checksums:"
find . -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum

165
src/device_trezor/trezor/protob/COPYING Normal file
View File

@ -0,0 +1,165 @@
GNU LESSER GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
This version of the GNU Lesser General Public License incorporates
the terms and conditions of version 3 of the GNU General Public
License, supplemented by the additional permissions listed below.
0. Additional Definitions.
As used herein, "this License" refers to version 3 of the GNU Lesser
General Public License, and the "GNU GPL" refers to version 3 of the GNU
General Public License.
"The Library" refers to a covered work governed by this License,
other than an Application or a Combined Work as defined below.
An "Application" is any work that makes use of an interface provided
by the Library, but which is not otherwise based on the Library.
Defining a subclass of a class defined by the Library is deemed a mode
of using an interface provided by the Library.
A "Combined Work" is a work produced by combining or linking an
Application with the Library. The particular version of the Library
with which the Combined Work was made is also called the "Linked
Version".
The "Minimal Corresponding Source" for a Combined Work means the
Corresponding Source for the Combined Work, excluding any source code
for portions of the Combined Work that, considered in isolation, are
based on the Application, and not on the Linked Version.
The "Corresponding Application Code" for a Combined Work means the
object code and/or source code for the Application, including any data
and utility programs needed for reproducing the Combined Work from the
Application, but excluding the System Libraries of the Combined Work.
1. Exception to Section 3 of the GNU GPL.
You may convey a covered work under sections 3 and 4 of this License
without being bound by section 3 of the GNU GPL.
2. Conveying Modified Versions.
If you modify a copy of the Library, and, in your modifications, a
facility refers to a function or data to be supplied by an Application
that uses the facility (other than as an argument passed when the
facility is invoked), then you may convey a copy of the modified
version:
a) under this License, provided that you make a good faith effort to
ensure that, in the event an Application does not supply the
function or data, the facility still operates, and performs
whatever part of its purpose remains meaningful, or
b) under the GNU GPL, with none of the additional permissions of
this License applicable to that copy.
3. Object Code Incorporating Material from Library Header Files.
The object code form of an Application may incorporate material from
a header file that is part of the Library. You may convey such object
code under terms of your choice, provided that, if the incorporated
material is not limited to numerical parameters, data structure
layouts and accessors, or small macros, inline functions and templates
(ten or fewer lines in length), you do both of the following:
a) Give prominent notice with each copy of the object code that the
Library is used in it and that the Library and its use are
covered by this License.
b) Accompany the object code with a copy of the GNU GPL and this license
document.
4. Combined Works.
You may convey a Combined Work under terms of your choice that,
taken together, effectively do not restrict modification of the
portions of the Library contained in the Combined Work and reverse
engineering for debugging such modifications, if you also do each of
the following:
a) Give prominent notice with each copy of the Combined Work that
the Library is used in it and that the Library and its use are
covered by this License.
b) Accompany the Combined Work with a copy of the GNU GPL and this license
document.
c) For a Combined Work that displays copyright notices during
execution, include the copyright notice for the Library among
these notices, as well as a reference directing the user to the
copies of the GNU GPL and this license document.
d) Do one of the following:
0) Convey the Minimal Corresponding Source under the terms of this
License, and the Corresponding Application Code in a form
suitable for, and under terms that permit, the user to
recombine or relink the Application with a modified version of
the Linked Version to produce a modified Combined Work, in the
manner specified by section 6 of the GNU GPL for conveying
Corresponding Source.
1) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (a) uses at run time
a copy of the Library already present on the user's computer
system, and (b) will operate properly with a modified version
of the Library that is interface-compatible with the Linked
Version.
e) Provide Installation Information, but only if you would otherwise
be required to provide such information under section 6 of the
GNU GPL, and only to the extent that such information is
necessary to install and execute a modified version of the
Combined Work produced by recombining or relinking the
Application with a modified version of the Linked Version. (If
you use option 4d0, the Installation Information must accompany
the Minimal Corresponding Source and Corresponding Application
Code. If you use option 4d1, you must provide the Installation
Information in the manner specified by section 6 of the GNU GPL
for conveying Corresponding Source.)
5. Combined Libraries.
You may place library facilities that are a work based on the
Library side by side in a single library together with other library
facilities that are not Applications and are not covered by this
License, and convey such a combined library under terms of your
choice, if you do both of the following:
a) Accompany the combined library with a copy of the same work based
on the Library, uncombined with any other library facilities,
conveyed under the terms of this License.
b) Give prominent notice with the combined library that part of it
is a work based on the Library, and explaining where to find the
accompanying uncombined form of the same work.
6. Revised Versions of the GNU Lesser General Public License.
The Free Software Foundation may publish revised and/or new versions
of the GNU Lesser General Public License from time to time. Such new
versions will be similar in spirit to the present version, but may
differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the
Library as you received it specifies that a certain numbered version
of the GNU Lesser General Public License "or any later version"
applies to it, you have the option of following the terms and
conditions either of that published version or of any later version
published by the Free Software Foundation. If the Library as you
received it does not specify a version number of the GNU Lesser
General Public License, you may choose any version of the GNU Lesser
General Public License ever published by the Free Software Foundation.
If the Library as you received it specifies that a proxy can decide
whether future versions of the GNU Lesser General Public License shall
apply, that proxy's public statement of acceptance of any version is
permanent authorization for you to choose that version for the
Library.

165
src/device_trezor/trezor/protob/messages-common.proto Normal file
View File

@ -0,0 +1,165 @@
syntax = "proto2";
package hw.trezor.messages.common;
// Sugar for easier handling in Java
option java_package = "com.satoshilabs.trezor.lib.protobuf";
option java_outer_classname = "TrezorMessageCommon";
option (include_in_bitcoin_only) = true;
import "messages.proto";
/**
* Response: Success of the previous request
* @end
*/
message Success {
optional string message = 1 [default=""]; // human readable description of action or request-specific payload
}
/**
* Response: Failure of the previous request
* @end
*/
message Failure {
optional FailureType code = 1; // computer-readable definition of the error state
optional string message = 2; // human-readable message of the error state
enum FailureType {
Failure_UnexpectedMessage = 1;
Failure_ButtonExpected = 2;
Failure_DataError = 3;
Failure_ActionCancelled = 4;
Failure_PinExpected = 5;
Failure_PinCancelled = 6;
Failure_PinInvalid = 7;
Failure_InvalidSignature = 8;
Failure_ProcessError = 9;
Failure_NotEnoughFunds = 10;
Failure_NotInitialized = 11;
Failure_PinMismatch = 12;
Failure_WipeCodeMismatch = 13;
Failure_InvalidSession = 14;
Failure_FirmwareError = 99;
}
}
/**
* Response: Device is waiting for HW button press.
* @auxstart
* @next ButtonAck
*/
message ButtonRequest {
optional ButtonRequestType code = 1; // enum identifier of the screen
optional uint32 pages = 2; // if the screen is paginated, number of pages
/**
* Type of button request
*/
enum ButtonRequestType {
ButtonRequest_Other = 1;
ButtonRequest_FeeOverThreshold = 2;
ButtonRequest_ConfirmOutput = 3;
ButtonRequest_ResetDevice = 4;
ButtonRequest_ConfirmWord = 5;
ButtonRequest_WipeDevice = 6;
ButtonRequest_ProtectCall = 7;
ButtonRequest_SignTx = 8;
ButtonRequest_FirmwareCheck = 9;
ButtonRequest_Address = 10;
ButtonRequest_PublicKey = 11;
ButtonRequest_MnemonicWordCount = 12;
ButtonRequest_MnemonicInput = 13;
_Deprecated_ButtonRequest_PassphraseType = 14 [deprecated=true];
ButtonRequest_UnknownDerivationPath = 15;
ButtonRequest_RecoveryHomepage = 16;
ButtonRequest_Success = 17;
ButtonRequest_Warning = 18;
ButtonRequest_PassphraseEntry = 19;
ButtonRequest_PinEntry = 20;
}
}
/**
* Request: Computer agrees to wait for HW button press
* @auxend
*/
message ButtonAck {
}
/**
* Response: Device is asking computer to show PIN matrix and awaits PIN encoded using this matrix scheme
* @auxstart
* @next PinMatrixAck
*/
message PinMatrixRequest {
optional PinMatrixRequestType type = 1;
/**
* Type of PIN request
*/
enum PinMatrixRequestType {
PinMatrixRequestType_Current = 1;
PinMatrixRequestType_NewFirst = 2;
PinMatrixRequestType_NewSecond = 3;
PinMatrixRequestType_WipeCodeFirst = 4;
PinMatrixRequestType_WipeCodeSecond = 5;
}
}
/**
* Request: Computer responds with encoded PIN
* @auxend
*/
message PinMatrixAck {
required string pin = 1; // matrix encoded PIN entered by user
}
/**
* Response: Device awaits encryption passphrase
* @auxstart
* @next PassphraseAck
*/
message PassphraseRequest {
optional bool _on_device = 1 [deprecated=true]; // <2.3.0
}
/**
* Request: Send passphrase back
* @auxend
*/
message PassphraseAck {
optional string passphrase = 1;
optional bytes _state = 2 [deprecated=true]; // <2.3.0
optional bool on_device = 3; // user wants to enter passphrase on the device
}
/**
* Response: Device awaits passphrase state
* Deprecated in 2.3.0
* @next Deprecated_PassphraseStateAck
*/
message Deprecated_PassphraseStateRequest {
option deprecated = true;
optional bytes state = 1; // actual device state
}
/**
* Request: Send passphrase state back
* Deprecated in 2.3.0
* @auxend
*/
message Deprecated_PassphraseStateAck {
option deprecated = true;
}
/**
* Structure representing BIP32 (hierarchical deterministic) node
* Used for imports of private key into the device and exporting public key out of device
* @embed
*/
message HDNodeType {
required uint32 depth = 1;
required uint32 fingerprint = 2;
required uint32 child_num = 3;
required bytes chain_code = 4;
optional bytes private_key = 5;
required bytes public_key = 6;
}

185
src/device_trezor/trezor/protob/messages-debug.proto Normal file
View File

@ -0,0 +1,185 @@
syntax = "proto2";
package hw.trezor.messages.debug;
// Sugar for easier handling in Java
option java_package = "com.satoshilabs.trezor.lib.protobuf";
option java_outer_classname = "TrezorMessageDebug";
option (include_in_bitcoin_only) = true;
import "messages.proto";
import "messages-common.proto";
import "messages-management.proto";
/**
* Request: "Press" the button on the device
* @start
* @next DebugLinkLayout
*/
message DebugLinkDecision {
optional DebugButton button = 1; // button press
optional DebugSwipeDirection swipe = 2; // swipe direction
optional string input = 3; // keyboard input
/**
* Structure representing swipe direction
*/
enum DebugSwipeDirection {
UP = 0;
DOWN = 1;
LEFT = 2;
RIGHT = 3;
}
/**
* Structure representing button presses
*/
enum DebugButton {
NO = 0;
YES = 1;
INFO = 2;
}
optional uint32 x = 4; // touch X coordinate
optional uint32 y = 5; // touch Y coordinate
optional bool wait = 6; // wait for layout change
optional uint32 hold_ms = 7; // touch hold duration
}
/**
* Response: Device text layout
* @end
*/
message DebugLinkLayout {
repeated string lines = 1;
}
/**
* Request: Re-seed RNG with given value
* @start
* @next Success
*/
message DebugLinkReseedRandom {
optional uint32 value = 1;
}
/**
* Request: Start or stop recording screen changes into given target directory
* @start
* @next Success
*/
message DebugLinkRecordScreen {
optional string target_directory = 1; // empty or missing to stop recording
}
/**
* Request: Computer asks for device state
* @start
* @next DebugLinkState
*/
message DebugLinkGetState {
optional bool wait_word_list = 1; // Trezor T only - wait until mnemonic words are shown
optional bool wait_word_pos = 2; // Trezor T only - wait until reset word position is requested
optional bool wait_layout = 3; // wait until current layout changes
}
/**
* Response: Device current state
* @end
*/
message DebugLinkState {
optional bytes layout = 1; // raw buffer of display
optional string pin = 2; // current PIN, blank if PIN is not set/enabled
optional string matrix = 3; // current PIN matrix
optional bytes mnemonic_secret = 4; // current mnemonic secret
optional common.HDNodeType node = 5; // current BIP-32 node
optional bool passphrase_protection = 6; // is node/mnemonic encrypted using passphrase?
optional string reset_word = 7; // word on device display during ResetDevice workflow
optional bytes reset_entropy = 8; // current entropy during ResetDevice workflow
optional string recovery_fake_word = 9; // (fake) word on display during RecoveryDevice workflow
optional uint32 recovery_word_pos = 10; // index of mnemonic word the device is expecting during RecoveryDevice workflow
optional uint32 reset_word_pos = 11; // index of mnemonic word the device is expecting during ResetDevice workflow
optional management.BackupType mnemonic_type = 12; // current mnemonic type (BIP-39/SLIP-39)
repeated string layout_lines = 13; // current layout text
}
/**
* Request: Ask device to restart
* @start
*/
message DebugLinkStop {
}
/**
* Response: Device wants host to log event
* @ignore
*/
message DebugLinkLog {
optional uint32 level = 1;
optional string bucket = 2;
optional string text = 3;
}
/**
* Request: Read memory from device
* @start
* @next DebugLinkMemory
*/
message DebugLinkMemoryRead {
optional uint32 address = 1;
optional uint32 length = 2;
}
/**
* Response: Device sends memory back
* @end
*/
message DebugLinkMemory {
optional bytes memory = 1;
}
/**
* Request: Write memory to device.
* WARNING: Writing to the wrong location can irreparably break the device.
* @start
* @next Success
* @next Failure
*/
message DebugLinkMemoryWrite {
optional uint32 address = 1;
optional bytes memory = 2;
optional bool flash = 3;
}
/**
* Request: Erase block of flash on device
* WARNING: Writing to the wrong location can irreparably break the device.
* @start
* @next Success
* @next Failure
*/
message DebugLinkFlashErase {
optional uint32 sector = 1;
}
/**
* Request: Erase the SD card
* @start
* @next Success
* @next Failure
*/
message DebugLinkEraseSdCard {
optional bool format = 1; // if true, the card will be formatted to FAT32.
// if false, it will be all 0xFF bytes.
}
/**
* Request: Start or stop tracking layout changes
* @start
* @next Success
*/
message DebugLinkWatchLayout {
optional bool watch = 1; // if true, start watching layout.
// if false, stop.
}

504
src/device_trezor/trezor/protob/messages-management.proto Normal file
View File

@ -0,0 +1,504 @@
syntax = "proto2";
package hw.trezor.messages.management;
// Sugar for easier handling in Java
option java_package = "com.satoshilabs.trezor.lib.protobuf";
option java_outer_classname = "TrezorMessageManagement";
option (include_in_bitcoin_only) = true;
import "messages.proto";
/**
* Type of the mnemonic backup given/received by the device during reset/recovery.
*/
enum BackupType {
Bip39 = 0; // also called "Single Backup", see BIP-0039
Slip39_Basic = 1; // also called "Shamir Backup", see SLIP-0039
Slip39_Advanced = 2; // also called "Super Shamir" or "Shamir with Groups", see SLIP-0039#two-level-scheme
}
/**
* Level of safety checks for unsafe actions like spending from invalid path namespace or setting high transaction fee.
*/
enum SafetyCheckLevel {
Strict = 0; // disallow unsafe actions, this is the default
PromptAlways = 1; // ask user before unsafe action
PromptTemporarily = 2; // like PromptAlways but reverts to Strict after reboot
}
/**
* Format of the homescreen image
*/
enum HomescreenFormat {
Toif144x144 = 1;
Jpeg240x240 = 2;
}
/**
* Request: Reset device to default state and ask for device details
* @start
* @next Features
*/
message Initialize {
optional bytes session_id = 1; // assumed device session id; Trezor clears caches if it is different or empty
optional bool _skip_passphrase = 2 [deprecated=true]; // removed as part of passphrase redesign
optional bool derive_cardano = 3; // whether to derive Cardano Icarus root keys in this session
}
/**
* Request: Ask for device details (no device reset)
* @start
* @next Features
*/
message GetFeatures {
}
/**
* Response: Reports various information about the device
* @end
*/
message Features {
optional string vendor = 1; // name of the manufacturer, e.g. "trezor.io"
required uint32 major_version = 2; // major version of the firmware/bootloader, e.g. 1
required uint32 minor_version = 3; // minor version of the firmware/bootloader, e.g. 0
required uint32 patch_version = 4; // patch version of the firmware/bootloader, e.g. 0
optional bool bootloader_mode = 5; // is device in bootloader mode?
optional string device_id = 6; // device's unique identifier
optional bool pin_protection = 7; // is device protected by PIN?
optional bool passphrase_protection = 8; // is node/mnemonic encrypted using passphrase?
optional string language = 9; // device language
optional string label = 10; // device description label
optional bool initialized = 12; // does device contain seed?
optional bytes revision = 13; // SCM revision of firmware
optional bytes bootloader_hash = 14; // hash of the bootloader
optional bool imported = 15; // was storage imported from an external source?
optional bool unlocked = 16; // is the device unlocked? called "pin_cached" previously
optional bool _passphrase_cached = 17 [deprecated=true]; // is passphrase already cached in session?
optional bool firmware_present = 18; // is valid firmware loaded?
optional bool needs_backup = 19; // does storage need backup? (equals to Storage.needs_backup)
optional uint32 flags = 20; // device flags (equals to Storage.flags)
optional string model = 21; // device hardware model
optional uint32 fw_major = 22; // reported firmware version if in bootloader mode
optional uint32 fw_minor = 23; // reported firmware version if in bootloader mode
optional uint32 fw_patch = 24; // reported firmware version if in bootloader mode
optional string fw_vendor = 25; // reported firmware vendor if in bootloader mode
// optional bytes fw_vendor_keys = 26; // obsoleted, use fw_vendor
optional bool unfinished_backup = 27; // report unfinished backup (equals to Storage.unfinished_backup)
optional bool no_backup = 28; // report no backup (equals to Storage.no_backup)
optional bool recovery_mode = 29; // is recovery mode in progress
repeated Capability capabilities = 30; // list of supported capabilities
enum Capability {
option (has_bitcoin_only_values) = true;
Capability_Bitcoin = 1 [(bitcoin_only) = true];
Capability_Bitcoin_like = 2; // Altcoins based on the Bitcoin source code
Capability_Binance = 3;
Capability_Cardano = 4;
Capability_Crypto = 5 [(bitcoin_only) = true]; // generic crypto operations for GPG, SSH, etc.
Capability_EOS = 6;
Capability_Ethereum = 7;
Capability_Lisk = 8 [deprecated = true];
Capability_Monero = 9;
Capability_NEM = 10;
Capability_Ripple = 11;
Capability_Stellar = 12;
Capability_Tezos = 13;
Capability_U2F = 14;
Capability_Shamir = 15 [(bitcoin_only) = true];
Capability_ShamirGroups = 16 [(bitcoin_only) = true];
Capability_PassphraseEntry = 17 [(bitcoin_only) = true]; // the device is capable of passphrase entry directly on the device
}
optional BackupType backup_type = 31; // type of device backup (BIP-39 / SLIP-39 basic / SLIP-39 advanced)
optional bool sd_card_present = 32; // is SD card present
optional bool sd_protection = 33; // is SD Protect enabled
optional bool wipe_code_protection = 34; // is wipe code protection enabled
optional bytes session_id = 35;
optional bool passphrase_always_on_device = 36; // device enforces passphrase entry on Trezor
optional SafetyCheckLevel safety_checks = 37; // safety check level, set to Prompt to limit path namespace enforcement
optional uint32 auto_lock_delay_ms = 38; // number of milliseconds after which the device locks itself
optional uint32 display_rotation = 39; // in degrees from North
optional bool experimental_features = 40; // are experimental message types enabled?
optional bool busy = 41; // is the device busy, showing "Do not disconnect"?
optional HomescreenFormat homescreen_format = 42; // format of the homescreen, 1 = TOIf 144x144, 2 = jpg 240x240
optional bool hide_passphrase_from_host = 43; // should we hide the passphrase when it comes from host?
}
/**
* Request: soft-lock the device. Following actions will require PIN. Passphrases remain cached.
* @start
* @next Success
*/
message LockDevice {
}
/**
* Request: Show a "Do not disconnect" dialog instead of the standard homescreen.
* @start
* @next Success
*/
message SetBusy {
optional uint32 expiry_ms = 1; // The time in milliseconds after which the dialog will automatically disappear. Overrides any previously set expiry. If not set, then the dialog is hidden.
}
/**
* Request: end the current sesson. Following actions must call Initialize again.
* Cache for the current session is discarded, other sessions remain intact.
* Device is not PIN-locked.
* @start
* @next Success
*/
message EndSession {
}
/**
* Request: change language and/or label of the device
* @start
* @next Success
* @next Failure
*/
message ApplySettings {
optional string language = 1;
optional string label = 2;
optional bool use_passphrase = 3;
optional bytes homescreen = 4;
optional uint32 _passphrase_source = 5 [deprecated=true]; // ASK = 0; DEVICE = 1; HOST = 2;
optional uint32 auto_lock_delay_ms = 6;
optional uint32 display_rotation = 7; // in degrees from North
optional bool passphrase_always_on_device = 8; // do not prompt for passphrase, enforce device entry
optional SafetyCheckLevel safety_checks = 9; // Safety check level, set to Prompt to limit path namespace enforcement
optional bool experimental_features = 10; // enable experimental message types
optional bool hide_passphrase_from_host = 11; // do not show passphrase coming from host
}
/**
* Request: set flags of the device
* @start
* @next Success
* @next Failure
*/
message ApplyFlags {
required uint32 flags = 1; // bitmask, can only set bits, not unset
}
/**
* Request: Starts workflow for setting/changing/removing the PIN
* @start
* @next Success
* @next Failure
*/
message ChangePin {
optional bool remove = 1; // is PIN removal requested?
}
/**
* Request: Starts workflow for setting/removing the wipe code
* @start
* @next Success
* @next Failure
*/
message ChangeWipeCode {
optional bool remove = 1; // is wipe code removal requested?
}
/**
* Request: Starts workflow for enabling/regenerating/disabling SD card protection
* @start
* @next Success
* @next Failure
*/
message SdProtect {
required SdProtectOperationType operation = 1;
/**
* Structure representing SD card protection operation
*/
enum SdProtectOperationType {
DISABLE = 0;
ENABLE = 1;
REFRESH = 2;
}
}
/**
* Request: Test if the device is alive, device sends back the message in Success response
* @start
* @next Success
*/
message Ping {
optional string message = 1 [default=""]; // message to send back in Success message
optional bool button_protection = 2; // ask for button press
}
/**
* Request: Abort last operation that required user interaction
* @start
* @next Failure
*/
message Cancel {
}
/**
* Request: Request a sample of random data generated by hardware RNG. May be used for testing.
* @start
* @next Entropy
* @next Failure
*/
message GetEntropy {
required uint32 size = 1; // size of requested entropy
}
/**
* Response: Reply with random data generated by internal RNG
* @end
*/
message Entropy {
required bytes entropy = 1; // chunk of random generated bytes
}
/**
* Request: Get a hash of the installed firmware combined with an optional challenge.
* @start
* @next FirmwareHash
* @next Failure
*/
message GetFirmwareHash {
optional bytes challenge = 1; // Blake2s key up to 32 bytes in length.
}
/**
* Response: Hash of the installed firmware combined with the optional challenge.
* @end
*/
message FirmwareHash {
required bytes hash = 1;
}
/**
* Request: Request device to wipe all sensitive data and settings
* @start
* @next Success
* @next Failure
*/
message WipeDevice {
}
/**
* Request: Load seed and related internal settings from the computer
* @start
* @next Success
* @next Failure
*/
message LoadDevice {
repeated string mnemonics = 1; // seed encoded as mnemonic (12, 18 or 24 words for BIP39, 20 or 33 for SLIP39)
optional string pin = 3; // set PIN protection
optional bool passphrase_protection = 4; // enable master node encryption using passphrase
optional string language = 5 [default='en-US']; // device language (IETF BCP 47 language tag)
optional string label = 6; // device label
optional bool skip_checksum = 7; // do not test mnemonic for valid BIP-39 checksum
optional uint32 u2f_counter = 8; // U2F counter
optional bool needs_backup = 9; // set "needs backup" flag
optional bool no_backup = 10; // indicate that no backup is going to be made
}
/**
* Request: Ask device to do initialization involving user interaction
* @start
* @next EntropyRequest
* @next Failure
*/
message ResetDevice {
optional bool display_random = 1; // display entropy generated by the device before asking for additional entropy
optional uint32 strength = 2 [default=256]; // strength of seed in bits
optional bool passphrase_protection = 3; // enable master node encryption using passphrase
optional bool pin_protection = 4; // enable PIN protection
optional string language = 5 [default='en-US']; // device language (IETF BCP 47 language tag)
optional string label = 6; // device label
optional uint32 u2f_counter = 7; // U2F counter
optional bool skip_backup = 8; // postpone seed backup to BackupDevice workflow
optional bool no_backup = 9; // indicate that no backup is going to be made
optional BackupType backup_type = 10 [default=Bip39]; // type of the mnemonic backup
}
/**
* Request: Perform backup of the device seed if not backed up using ResetDevice
* @start
* @next Success
*/
message BackupDevice {
}
/**
* Response: Ask for additional entropy from host computer
* @next EntropyAck
*/
message EntropyRequest {
}
/**
* Request: Provide additional entropy for seed generation function
* @next Success
*/
message EntropyAck {
required bytes entropy = 1; // 256 bits (32 bytes) of random data
}
/**
* Request: Start recovery workflow asking user for specific words of mnemonic
* Used to recovery device safely even on untrusted computer.
* @start
* @next WordRequest
*/
message RecoveryDevice {
optional uint32 word_count = 1; // number of words in BIP-39 mnemonic
optional bool passphrase_protection = 2; // enable master node encryption using passphrase
optional bool pin_protection = 3; // enable PIN protection
optional string language = 4; // device language (IETF BCP 47 language tag)
optional string label = 5; // device label
optional bool enforce_wordlist = 6; // enforce BIP-39 wordlist during the process
// 7 reserved for unused recovery method
optional RecoveryDeviceType type = 8; // supported recovery type
optional uint32 u2f_counter = 9; // U2F counter
optional bool dry_run = 10; // perform dry-run recovery workflow (for safe mnemonic validation)
/**
* Type of recovery procedure. These should be used as bitmask, e.g.,
* `RecoveryDeviceType_ScrambledWords | RecoveryDeviceType_Matrix`
* listing every method supported by the host computer.
*
* Note that ScrambledWords must be supported by every implementation
* for backward compatibility; there is no way to not support it.
*/
enum RecoveryDeviceType {
// use powers of two when extending this field
RecoveryDeviceType_ScrambledWords = 0; // words in scrambled order
RecoveryDeviceType_Matrix = 1; // matrix recovery type
}
}
/**
* Response: Device is waiting for user to enter word of the mnemonic
* Its position is shown only on device's internal display.
* @next WordAck
*/
message WordRequest {
required WordRequestType type = 1;
/**
* Type of Recovery Word request
*/
enum WordRequestType {
WordRequestType_Plain = 0;
WordRequestType_Matrix9 = 1;
WordRequestType_Matrix6 = 2;
}
}
/**
* Request: Computer replies with word from the mnemonic
* @next WordRequest
* @next Success
* @next Failure
*/
message WordAck {
required string word = 1; // one word of mnemonic on asked position
}
/**
* Request: Set U2F counter
* @start
* @next Success
*/
message SetU2FCounter {
required uint32 u2f_counter = 1;
}
/**
* Request: Set U2F counter
* @start
* @next NextU2FCounter
*/
message GetNextU2FCounter {
}
/**
* Request: Set U2F counter
* @end
*/
message NextU2FCounter {
required uint32 u2f_counter = 1;
}
/**
* Request: Ask device to prepare for a preauthorized operation.
* @start
* @next PreauthorizedRequest
* @next Failure
*/
message DoPreauthorized {
}
/**
* Request: Device awaits a preauthorized operation.
* @start
* @next SignTx
* @next GetOwnershipProof
*/
message PreauthorizedRequest {
}
/**
* Request: Cancel any outstanding authorization in the current session.
* @start
* @next Success
* @next Failure
*/
message CancelAuthorization {
}
/**
* Request: Reboot firmware to bootloader
* @start
* @next Success
*/
message RebootToBootloader {
}
/**
* Request: Ask device to generate a random nonce and store it in the session's cache
* @start
* @next Nonce
*/
message GetNonce {
option (experimental_message) = true;
}
/**
* Response: Contains a random nonce
* @end
*/
message Nonce {
option (experimental_message) = true;
required bytes nonce = 1; // a 32-byte random value generated by Trezor
}
/**
* Request: Ask device to unlock a subtree of the keychain.
* @start
* @next UnlockedPathRequest
* @next Failure
*/
message UnlockPath {
repeated uint32 address_n = 1; // prefix of the BIP-32 path leading to the account (m / purpose')
optional bytes mac = 2; // the MAC returned by UnlockedPathRequest
}
/**
* Request: Device awaits an operation.
* @start
* @next SignTx
* @next GetPublicKey
* @next GetAddress
*/
message UnlockedPathRequest {
optional bytes mac = 1; // authentication code for future UnlockPath calls
}

502
src/device_trezor/trezor/protob/messages-monero.proto Normal file
View File

@ -0,0 +1,502 @@
syntax = "proto2";
package hw.trezor.messages.monero;
// Sugar for easier handling in Java
option java_package = "com.satoshilabs.trezor.lib.protobuf";
option java_outer_classname = "TrezorMessageMonero";
enum MoneroNetworkType {
MAINNET = 0;
TESTNET = 1;
STAGENET = 2;
FAKECHAIN = 3;
}
/**
* Structure representing Monero transaction source entry, UTXO
* @embed
*/
message MoneroTransactionSourceEntry {
repeated MoneroOutputEntry outputs = 1; // all outputs including decoys (forms the ring)
optional uint64 real_output = 2; // index denoting which item in `outputs` is our real output (not a decoy)
optional bytes real_out_tx_key = 3; // tx key located in the real output's tx
repeated bytes real_out_additional_tx_keys = 4; // additional tx keys if applicable
optional uint64 real_output_in_tx_index = 5; // index of our real output in the tx (aka which output was it in the transaction)
optional uint64 amount = 6;
optional bool rct = 7; // is RingCT used (true for newer UTXOs)
optional bytes mask = 8;
optional MoneroMultisigKLRki multisig_kLRki = 9;
optional uint32 subaddr_minor = 10; // minor subaddr index UTXO was sent to
message MoneroOutputEntry {
optional uint64 idx = 1;
optional MoneroRctKeyPublic key = 2;
message MoneroRctKeyPublic {
required bytes dest = 1;
required bytes commitment = 2;
}
}
message MoneroMultisigKLRki {
optional bytes K = 1;
optional bytes L = 2;
optional bytes R = 3;
optional bytes ki = 4;
}
}
/**
* Structure representing Monero transaction destination entry
* @embed
*/
message MoneroTransactionDestinationEntry {
optional uint64 amount = 1;
optional MoneroAccountPublicAddress addr = 2;
optional bool is_subaddress = 3;
optional bytes original = 4;
optional bool is_integrated = 5;
/**
* Structure representing Monero public address
*/
message MoneroAccountPublicAddress {
optional bytes spend_public_key = 1;
optional bytes view_public_key = 2;
}
}
/**
* Range sig parameters / data.
* @embed
*/
message MoneroTransactionRsigData {
optional uint32 rsig_type = 1; // range signature (aka proof) type
optional uint32 offload_type = 2;
repeated uint64 grouping = 3; // aggregation scheme for BP
optional bytes mask = 4; // mask vector
optional bytes rsig = 5; // range sig data, all of it or partial (based on rsig_parts)
repeated bytes rsig_parts = 6;
optional uint32 bp_version = 7; // Bulletproof version
}
/**
* Request: Ask device for public address derived from seed and address_n
* @start
* @next MoneroAddress
* @next Failure
*/
message MoneroGetAddress {
repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node
optional bool show_display = 2; // Optionally show on display before sending the result
optional MoneroNetworkType network_type = 3 [default=MAINNET]; // Network type
optional uint32 account = 4; // Major subaddr index
optional uint32 minor = 5; // Minor subaddr index
optional bytes payment_id = 6; // Payment ID for integrated address
}
/**
* Response: Contains Monero watch-only credentials derived from device private seed
* @end
*/
message MoneroAddress {
optional bytes address = 1;
}
/**
* Request: Ask device for watch only credentials
* @start
* @next MoneroWatchKey
* @next Failure
*/
message MoneroGetWatchKey {
repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node
optional MoneroNetworkType network_type = 2 [default=MAINNET]; // Network type
}
/**
* Response: Contains Monero watch-only credentials derived from device private seed
* @end
*/
message MoneroWatchKey {
optional bytes watch_key = 1;
optional bytes address = 2;
}
/**
* Request: Sub request of MoneroTransactionSign. Initializes transaction signing.
* @start
* @next MoneroTransactionInitAck
*/
message MoneroTransactionInitRequest {
optional uint32 version = 1;
repeated uint32 address_n = 2;
optional MoneroNetworkType network_type = 3 [default=MAINNET]; // Network type
optional MoneroTransactionData tsx_data = 4;
/**
* Structure representing Monero initial transaction information
*/
message MoneroTransactionData {
optional uint32 version = 1;
optional bytes payment_id = 2;
optional uint64 unlock_time = 3;
repeated MoneroTransactionDestinationEntry outputs = 4;
optional MoneroTransactionDestinationEntry change_dts = 5;
optional uint32 num_inputs = 6;
optional uint32 mixin = 7;
optional uint64 fee = 8;
optional uint32 account = 9;
repeated uint32 minor_indices = 10;
optional MoneroTransactionRsigData rsig_data = 11;
repeated uint32 integrated_indices = 12;
optional uint32 client_version = 13; // connected client version
optional uint32 hard_fork = 14; // transaction hard fork number
optional bytes monero_version = 15; // monero software version
}
}
/**
* Response: Response to transaction signing initialization.
* @next MoneroTransactionSetInputRequest
*/
message MoneroTransactionInitAck {
repeated bytes hmacs = 1;
optional MoneroTransactionRsigData rsig_data = 2;
}
/**
* Request: Sub request of MoneroTransactionSign. Sends one UTXO to device
* @next MoneroTransactionSetInputAck
*/
message MoneroTransactionSetInputRequest {
optional MoneroTransactionSourceEntry src_entr = 1;
}
/**
* Response: Response to setting UTXO for signature. Contains sealed values needed for further protocol steps.
* @next MoneroTransactionSetInputAck
* @next MoneroTransactionInputViniRequest
*/
message MoneroTransactionSetInputAck {
optional bytes vini = 1; // xmrtypes.TxinToKey
optional bytes vini_hmac = 2;
optional bytes pseudo_out = 3;
optional bytes pseudo_out_hmac = 4;
optional bytes pseudo_out_alpha = 5;
optional bytes spend_key = 6;
}
/**
* Request: Sub request of MoneroTransactionSign. Sends one UTXO to device together with sealed values.
* @next MoneroTransactionInputViniAck
*/
message MoneroTransactionInputViniRequest {
optional MoneroTransactionSourceEntry src_entr = 1;
optional bytes vini = 2; // xmrtypes.TxinToKey
optional bytes vini_hmac = 3;
optional bytes pseudo_out = 4;
optional bytes pseudo_out_hmac = 5;
optional uint32 orig_idx = 6; // original sort index, before sorting by key-images
}
/**
* Response: Response to setting UTXO to the device
* @next MoneroTransactionInputViniRequest
* @next MoneroTransactionAllInputsSetRequest
*/
message MoneroTransactionInputViniAck {
}
/**
* Request: Sub request of MoneroTransactionSign. Sent after all inputs have been sent. Useful for rangeisg offloading.
* @next MoneroTransactionAllInputsSetAck
*/
message MoneroTransactionAllInputsSetRequest {
}
/**
* Response: Response to after all inputs have been set.
* @next MoneroTransactionSetOutputRequest
*/
message MoneroTransactionAllInputsSetAck {
optional MoneroTransactionRsigData rsig_data = 1;
}
/**
* Request: Sub request of MoneroTransactionSign. Sends one transaction destination to device (HMACed)
* @next MoneroTransactionSetOutputAck
*/
message MoneroTransactionSetOutputRequest {
optional MoneroTransactionDestinationEntry dst_entr = 1;
optional bytes dst_entr_hmac = 2;
optional MoneroTransactionRsigData rsig_data = 3;
optional bool is_offloaded_bp = 4; // Extra message, with offloaded BP.
}
/**
* Response: Response to setting transaction destination. Contains sealed values needed for further protocol steps.
* @next MoneroTransactionSetOutputRequest
* @next MoneroTransactionAllOutSetRequest
*/
message MoneroTransactionSetOutputAck {
optional bytes tx_out = 1; // xmrtypes.TxOut
optional bytes vouti_hmac = 2;
optional MoneroTransactionRsigData rsig_data = 3;
optional bytes out_pk = 4;
optional bytes ecdh_info = 5;
}
/**
* Request: Sub request of MoneroTransactionSign. Sent after all outputs are sent.
* @next MoneroTransactionAllOutSetAck
*/
message MoneroTransactionAllOutSetRequest {
optional MoneroTransactionRsigData rsig_data = 1;
}
/**
* Response: After all outputs are sent the initial RCT signature fields are sent.
* @next MoneroTransactionSignInputRequest
*/
message MoneroTransactionAllOutSetAck {
optional bytes extra = 1;
optional bytes tx_prefix_hash = 2;
optional MoneroRingCtSig rv = 4; // xmrtypes.RctSig
optional bytes full_message_hash = 5;
/*
* Structure represents initial fields of the Monero RCT signature
*/
message MoneroRingCtSig {
optional uint64 txn_fee = 1;
optional bytes message = 2;
optional uint32 rv_type = 3;
}
}
/**
* Request: Sub request of MoneroTransactionSign. Sends UTXO for the signing.
* @next MoneroTransactionSignInputAck
*/
message MoneroTransactionSignInputRequest {
optional MoneroTransactionSourceEntry src_entr = 1;
optional bytes vini = 2; // xmrtypes.TxinToKey
optional bytes vini_hmac = 3;
optional bytes pseudo_out = 4;
optional bytes pseudo_out_hmac = 5;
optional bytes pseudo_out_alpha = 6;
optional bytes spend_key = 7;
optional uint32 orig_idx = 8; // original sort index, before sorting by key-images
}
/**
* Response: Contains full MG signature of the UTXO + multisig data if applicable.
* @next MoneroTransactionSignInputRequest
* @next MoneroTransactionFinalRequest
*/
message MoneroTransactionSignInputAck {
optional bytes signature = 1;
optional bytes pseudo_out = 2; // updated pseudo-out after mask correction
}
/**
* Request: Sub request of MoneroTransactionSign. Final message of the procol after all UTXOs are signed
* @next MoneroTransactionFinalAck
*/
message MoneroTransactionFinalRequest {
}
/**
* Response: Contains transaction metadata and encryption keys needed for further transaction operations (e.g. multisig, send proof).
* @end
*/
message MoneroTransactionFinalAck {
optional bytes cout_key = 1;
optional bytes salt = 2;
optional bytes rand_mult = 3;
optional bytes tx_enc_keys = 4;
optional bytes opening_key = 5; // enc master key to decrypt CLSAGs after protocol finishes correctly
}
/**
* Request: Sub request of MoneroKeyImageSync. Initializing key image sync.
* @start
* @next MoneroKeyImageExportInitAck
*/
message MoneroKeyImageExportInitRequest {
required uint64 num = 1;
required bytes hash = 2;
repeated uint32 address_n = 3; // BIP-32 path to derive the key from master node
optional MoneroNetworkType network_type = 4 [default=MAINNET]; // network type
repeated MoneroSubAddressIndicesList subs = 5;
/**
* Structure representing Monero list of sub-addresses
*/
message MoneroSubAddressIndicesList {
required uint32 account = 1;
repeated uint32 minor_indices = 2;
}
}
/**
* Response: Response to key image sync initialization.
* @next MoneroKeyImageSyncStepRequest
*/
message MoneroKeyImageExportInitAck {
}
/**
* Request: Sub request of MoneroKeyImageSync. Contains batch of the UTXO to export key image for.
* @next MoneroKeyImageSyncStepAck
*/
message MoneroKeyImageSyncStepRequest {
repeated MoneroTransferDetails tdis = 1;
/**
* Structure representing Monero UTXO for key image sync
*/
message MoneroTransferDetails {
required bytes out_key = 1;
required bytes tx_pub_key = 2;
repeated bytes additional_tx_pub_keys = 3;
required uint64 internal_output_index = 4;
optional uint32 sub_addr_major = 5;
optional uint32 sub_addr_minor = 6;
}
}
/**
* Response: Response to key image sync step. Contains encrypted exported key image.
* @next MoneroKeyImageSyncStepRequest
* @next MoneroKeyImageSyncFinalRequest
*/
message MoneroKeyImageSyncStepAck {
repeated MoneroExportedKeyImage kis = 1;
/**
* Structure representing Monero encrypted exported key image
*/
message MoneroExportedKeyImage {
optional bytes iv = 1;
optional bytes blob = 3;
}
}
/**
* Request: Sub request of MoneroKeyImageSync. Final message of the sync protocol.
* @next MoneroKeyImageSyncFinalAck
*/
message MoneroKeyImageSyncFinalRequest {
}
/**
* Response: Response to key image sync step. Contains encryption keys for exported key images.
* @end
*/
message MoneroKeyImageSyncFinalAck {
optional bytes enc_key = 1;
}
/**
* Request: Decrypt tx private keys blob
* @next MoneroGetTxKeyAck
*/
message MoneroGetTxKeyRequest {
repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node
optional MoneroNetworkType network_type = 2 [default=MAINNET]; // network type
required bytes salt1 = 3;
required bytes salt2 = 4;
required bytes tx_enc_keys = 5;
required bytes tx_prefix_hash = 6;
optional uint32 reason = 7; // reason to display for user. e.g., tx_proof
optional bytes view_public_key = 8; // addr for derivation
}
/**
* Response: Response with the re-encrypted private keys and derivations blob under view key
* @end
*/
message MoneroGetTxKeyAck {
optional bytes salt = 1;
optional bytes tx_keys = 2;
optional bytes tx_derivations = 3;
}
/**
* Request: Starts live refresh flow. Asks user permission, switches state
* @next MoneroLiveRefreshStartAck
*/
message MoneroLiveRefreshStartRequest {
repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node
optional MoneroNetworkType network_type = 2 [default=MAINNET]; // network type
}
/**
* Response after user gave permission
* @next MoneroLiveRefreshStepRequest
* @next MoneroLiveRefreshFinalRequest
*/
message MoneroLiveRefreshStartAck {
}
/**
* Request: Request to compute a single key image during live sync
* @next MoneroLiveRefreshStepAck
*/
message MoneroLiveRefreshStepRequest {
required bytes out_key = 1;
required bytes recv_deriv = 2;
required uint64 real_out_idx = 3;
required uint32 sub_addr_major = 4;
required uint32 sub_addr_minor = 5;
}
/**
* Response: Response with the encrypted key image + signature
* @next MoneroLiveRefreshStepRequest
* @next MoneroLiveRefreshFinishedRequest
*/
message MoneroLiveRefreshStepAck {
optional bytes salt = 1;
optional bytes key_image = 2;
}
/**
* Request: Request terminating live refresh mode.
* @next MoneroLiveRefreshFinishedAck
*/
message MoneroLiveRefreshFinalRequest {
}
/**
* Response: Response on termination of live refresh mode.
* @end
*/
message MoneroLiveRefreshFinalAck {
}
/**
* Request: Universal Monero protocol implementation diagnosis request.
* @start
* @next DebugMoneroDiagAck
*/
message DebugMoneroDiagRequest {
optional uint64 ins = 1;
optional uint64 p1 = 2;
optional uint64 p2 = 3;
repeated uint64 pd = 4;
optional bytes data1 = 5;
optional bytes data2 = 6;
}
/**
* Response: Response to Monero diagnosis protocol.
* @end
*/
message DebugMoneroDiagAck {
optional uint64 ins = 1;
optional uint64 p1 = 2;
optional uint64 p2 = 3;
repeated uint64 pd = 4;
optional bytes data1 = 5;
optional bytes data2 = 6;
}

360
src/device_trezor/trezor/protob/messages.proto Normal file
View File

@ -0,0 +1,360 @@
syntax = "proto2";
package hw.trezor.messages;
/**
* Messages for Trezor communication
*/
// Sugar for easier handling in Java
option java_package = "com.satoshilabs.trezor.lib.protobuf";
option java_outer_classname = "TrezorMessage";
option (include_in_bitcoin_only) = true;
import "google/protobuf/descriptor.proto";
/************************* WARNING ***********************
Due to the way extensions are accessed in pb2py, there needs to be a globally unique
name-ID mapping for extensions. That means that two different extensions, e.g. for
EnumValueOptions and FieldOptions, MUST NOT have the same ID.
Using the same ID indicates the same purpose (protobuf does not allow multiple
extensions with the same name), such as EnumValueOptions.bitcoin_only and
FileOptions.include_in_bitcoin_only. pb2py can then find the extension under
either name.
The convention to achieve this is as follows:
- extensions specific to a type have the same prefix:
* 50xxx for EnumValueOptions
* 51xxx for EnumOptions
* 52xxx for MessageOptions
* 53xxx for FieldOptions
- extensions that might be used across types have the same "global" prefix 60xxx
*/
/**
* Options for specifying message direction and type of wire (normal/debug)
*/
extend google.protobuf.EnumValueOptions {
optional bool wire_in = 50002; // message can be transmitted via wire from PC to Trezor
optional bool wire_out = 50003; // message can be transmitted via wire from Trezor to PC
optional bool wire_debug_in = 50004; // message can be transmitted via debug wire from PC to Trezor
optional bool wire_debug_out = 50005; // message can be transmitted via debug wire from Trezor to PC
optional bool wire_tiny = 50006; // message is handled by Trezor when the USB stack is in tiny mode
optional bool wire_bootloader = 50007; // message is only handled by Trezor Bootloader
optional bool wire_no_fsm = 50008; // message is not handled by Trezor unless the USB stack is in tiny mode
optional bool bitcoin_only = 60000; // enum value is available on BITCOIN_ONLY build
// (messages not marked bitcoin_only will be EXCLUDED)
}
/** Options for tagging enum types */
extend google.protobuf.EnumOptions {
optional bool has_bitcoin_only_values = 51001; // indicate that some values should be excluded on BITCOIN_ONLY builds
}
/** Options for tagging message types */
extend google.protobuf.MessageOptions {
optional bool experimental_message = 52001; // indicate that a message is intended for development and beta testing only and its definition may change at any time
optional uint32 wire_type = 52002; // override wire type specified in the MessageType enum
}
/** Options for tagging field types */
extend google.protobuf.FieldOptions {
optional bool experimental_field = 53001; // indicate that a field is intended for development and beta testing only
}
/** Options for tagging files with protobuf definitions */
extend google.protobuf.FileOptions {
optional bool include_in_bitcoin_only = 60000; // definitions are available on BITCOIN_ONLY build
// intentionally identical to `bitcoin_only` from enum
}
/**
* Mapping between Trezor wire identifier (uint) and a protobuf message
*/
enum MessageType {
option (has_bitcoin_only_values) = true;
// Management
MessageType_Initialize = 0 [(bitcoin_only) = true, (wire_in) = true, (wire_tiny) = true];
MessageType_Ping = 1 [(bitcoin_only) = true, (wire_in) = true];
MessageType_Success = 2 [(bitcoin_only) = true, (wire_out) = true, (wire_debug_out) = true];
MessageType_Failure = 3 [(bitcoin_only) = true, (wire_out) = true, (wire_debug_out) = true];
MessageType_ChangePin = 4 [(bitcoin_only) = true, (wire_in) = true];
MessageType_WipeDevice = 5 [(bitcoin_only) = true, (wire_in) = true];
MessageType_GetEntropy = 9 [(bitcoin_only) = true, (wire_in) = true];
MessageType_Entropy = 10 [(bitcoin_only) = true, (wire_out) = true];
MessageType_LoadDevice = 13 [(bitcoin_only) = true, (wire_in) = true];
MessageType_ResetDevice = 14 [(bitcoin_only) = true, (wire_in) = true];
MessageType_SetBusy = 16 [(bitcoin_only) = true, (wire_in) = true];
MessageType_Features = 17 [(bitcoin_only) = true, (wire_out) = true];
MessageType_PinMatrixRequest = 18 [(bitcoin_only) = true, (wire_out) = true];
MessageType_PinMatrixAck = 19 [(bitcoin_only) = true, (wire_in) = true, (wire_tiny) = true, (wire_no_fsm) = true];
MessageType_Cancel = 20 [(bitcoin_only) = true, (wire_in) = true, (wire_tiny) = true];
MessageType_LockDevice = 24 [(bitcoin_only) = true, (wire_in) = true];
MessageType_ApplySettings = 25 [(bitcoin_only) = true, (wire_in) = true];
MessageType_ButtonRequest = 26 [(bitcoin_only) = true, (wire_out) = true];
MessageType_ButtonAck = 27 [(bitcoin_only) = true, (wire_in) = true, (wire_tiny) = true, (wire_no_fsm) = true];
MessageType_ApplyFlags = 28 [(bitcoin_only) = true, (wire_in) = true];
MessageType_GetNonce = 31 [(bitcoin_only) = true, (wire_in) = true];
MessageType_Nonce = 33 [(bitcoin_only) = true, (wire_out) = true];
MessageType_BackupDevice = 34 [(bitcoin_only) = true, (wire_in) = true];
MessageType_EntropyRequest = 35 [(bitcoin_only) = true, (wire_out) = true];
MessageType_EntropyAck = 36 [(bitcoin_only) = true, (wire_in) = true];
MessageType_PassphraseRequest = 41 [(bitcoin_only) = true, (wire_out) = true];
MessageType_PassphraseAck = 42 [(bitcoin_only) = true, (wire_in) = true, (wire_tiny) = true, (wire_no_fsm) = true];
MessageType_RecoveryDevice = 45 [(bitcoin_only) = true, (wire_in) = true];
MessageType_WordRequest = 46 [(bitcoin_only) = true, (wire_out) = true];
MessageType_WordAck = 47 [(bitcoin_only) = true, (wire_in) = true];
MessageType_GetFeatures = 55 [(bitcoin_only) = true, (wire_in) = true];
MessageType_SdProtect = 79 [(bitcoin_only) = true, (wire_in) = true];
MessageType_ChangeWipeCode = 82 [(bitcoin_only) = true, (wire_in) = true];
MessageType_EndSession = 83 [(bitcoin_only) = true, (wire_in) = true];
MessageType_DoPreauthorized = 84 [(bitcoin_only) = true, (wire_in) = true];
MessageType_PreauthorizedRequest = 85 [(bitcoin_only) = true, (wire_out) = true];
MessageType_CancelAuthorization = 86 [(bitcoin_only) = true, (wire_in) = true];
MessageType_RebootToBootloader = 87 [(bitcoin_only) = true, (wire_in) = true];
MessageType_GetFirmwareHash = 88 [(bitcoin_only) = true, (wire_in) = true];
MessageType_FirmwareHash = 89 [(bitcoin_only) = true, (wire_out) = true];
reserved 90 to 92;
MessageType_UnlockPath = 93 [(bitcoin_only) = true, (wire_in) = true];
MessageType_UnlockedPathRequest = 94 [(bitcoin_only) = true, (wire_out) = true];
MessageType_SetU2FCounter = 63 [(wire_in) = true];
MessageType_GetNextU2FCounter = 80 [(wire_in) = true];
MessageType_NextU2FCounter = 81 [(wire_out) = true];
// Deprecated messages, kept for protobuf compatibility.
// Both are marked wire_out so that we don't need to implement incoming handler for legacy
MessageType_Deprecated_PassphraseStateRequest = 77 [deprecated = true];
MessageType_Deprecated_PassphraseStateAck = 78 [deprecated = true];
// Bootloader
MessageType_FirmwareErase = 6 [(bitcoin_only) = true, (wire_in) = true, (wire_bootloader) = true];
MessageType_FirmwareUpload = 7 [(bitcoin_only) = true, (wire_in) = true, (wire_bootloader) = true];
MessageType_FirmwareRequest = 8 [(bitcoin_only) = true, (wire_out) = true, (wire_bootloader) = true];
MessageType_SelfTest = 32 [(bitcoin_only) = true, (wire_in) = true, (wire_bootloader) = true];
// Bitcoin
MessageType_GetPublicKey = 11 [(bitcoin_only) = true, (wire_in) = true];
MessageType_PublicKey = 12 [(bitcoin_only) = true, (wire_out) = true];
MessageType_SignTx = 15 [(bitcoin_only) = true, (wire_in) = true];
MessageType_TxRequest = 21 [(bitcoin_only) = true, (wire_out) = true];
MessageType_TxAck = 22 [(bitcoin_only) = true, (wire_in) = true];
MessageType_GetAddress = 29 [(bitcoin_only) = true, (wire_in) = true];
MessageType_Address = 30 [(bitcoin_only) = true, (wire_out) = true];
MessageType_TxAckPaymentRequest = 37 [(wire_in) = true];
MessageType_SignMessage = 38 [(bitcoin_only) = true, (wire_in) = true];
MessageType_VerifyMessage = 39 [(bitcoin_only) = true, (wire_in) = true];
MessageType_MessageSignature = 40 [(bitcoin_only) = true, (wire_out) = true];
MessageType_GetOwnershipId = 43 [(bitcoin_only) = true, (wire_in) = true];
MessageType_OwnershipId = 44 [(bitcoin_only) = true, (wire_out) = true];
MessageType_GetOwnershipProof = 49 [(bitcoin_only) = true, (wire_in) = true];
MessageType_OwnershipProof = 50 [(bitcoin_only) = true, (wire_out) = true];
MessageType_AuthorizeCoinJoin = 51 [(bitcoin_only) = true, (wire_in) = true];
// Crypto
MessageType_CipherKeyValue = 23 [(bitcoin_only) = true, (wire_in) = true];
MessageType_CipheredKeyValue = 48 [(bitcoin_only) = true, (wire_out) = true];
MessageType_SignIdentity = 53 [(bitcoin_only) = true, (wire_in) = true];
MessageType_SignedIdentity = 54 [(bitcoin_only) = true, (wire_out) = true];
MessageType_GetECDHSessionKey = 61 [(bitcoin_only) = true, (wire_in) = true];
MessageType_ECDHSessionKey = 62 [(bitcoin_only) = true, (wire_out) = true];
MessageType_CosiCommit = 71 [(bitcoin_only) = true, (wire_in) = true];
MessageType_CosiCommitment = 72 [(bitcoin_only) = true, (wire_out) = true];
MessageType_CosiSign = 73 [(bitcoin_only) = true, (wire_in) = true];
MessageType_CosiSignature = 74 [(bitcoin_only) = true, (wire_out) = true];
// Debug
MessageType_DebugLinkDecision = 100 [(bitcoin_only) = true, (wire_debug_in) = true, (wire_tiny) = true, (wire_no_fsm) = true];
MessageType_DebugLinkGetState = 101 [(bitcoin_only) = true, (wire_debug_in) = true, (wire_tiny) = true];
MessageType_DebugLinkState = 102 [(bitcoin_only) = true, (wire_debug_out) = true];
MessageType_DebugLinkStop = 103 [(bitcoin_only) = true, (wire_debug_in) = true];
MessageType_DebugLinkLog = 104 [(bitcoin_only) = true, (wire_debug_out) = true];
MessageType_DebugLinkMemoryRead = 110 [(bitcoin_only) = true, (wire_debug_in) = true];
MessageType_DebugLinkMemory = 111 [(bitcoin_only) = true, (wire_debug_out) = true];
MessageType_DebugLinkMemoryWrite = 112 [(bitcoin_only) = true, (wire_debug_in) = true];
MessageType_DebugLinkFlashErase = 113 [(bitcoin_only) = true, (wire_debug_in) = true];
MessageType_DebugLinkLayout = 9001 [(bitcoin_only) = true, (wire_debug_out) = true];
MessageType_DebugLinkReseedRandom = 9002 [(bitcoin_only) = true, (wire_debug_in) = true];
MessageType_DebugLinkRecordScreen = 9003 [(bitcoin_only) = true, (wire_debug_in) = true];
MessageType_DebugLinkEraseSdCard = 9005 [(bitcoin_only) = true, (wire_debug_in) = true];
MessageType_DebugLinkWatchLayout = 9006 [(bitcoin_only) = true, (wire_debug_in) = true];
// Ethereum
MessageType_EthereumGetPublicKey = 450 [(wire_in) = true];
MessageType_EthereumPublicKey = 451 [(wire_out) = true];
MessageType_EthereumGetAddress = 56 [(wire_in) = true];
MessageType_EthereumAddress = 57 [(wire_out) = true];
MessageType_EthereumSignTx = 58 [(wire_in) = true];
MessageType_EthereumSignTxEIP1559 = 452 [(wire_in) = true];
MessageType_EthereumTxRequest = 59 [(wire_out) = true];
MessageType_EthereumTxAck = 60 [(wire_in) = true];
MessageType_EthereumSignMessage = 64 [(wire_in) = true];
MessageType_EthereumVerifyMessage = 65 [(wire_in) = true];
MessageType_EthereumMessageSignature = 66 [(wire_out) = true];
MessageType_EthereumSignTypedData = 464 [(wire_in) = true];
MessageType_EthereumTypedDataStructRequest = 465 [(wire_out) = true];
MessageType_EthereumTypedDataStructAck = 466 [(wire_in) = true];
MessageType_EthereumTypedDataValueRequest = 467 [(wire_out) = true];
MessageType_EthereumTypedDataValueAck = 468 [(wire_in) = true];
MessageType_EthereumTypedDataSignature = 469 [(wire_out) = true];
MessageType_EthereumSignTypedHash = 470 [(wire_in) = true];
// NEM
MessageType_NEMGetAddress = 67 [(wire_in) = true];
MessageType_NEMAddress = 68 [(wire_out) = true];
MessageType_NEMSignTx = 69 [(wire_in) = true];
MessageType_NEMSignedTx = 70 [(wire_out) = true];
MessageType_NEMDecryptMessage = 75 [(wire_in) = true];
MessageType_NEMDecryptedMessage = 76 [(wire_out) = true];
// Lisk
/*
MessageType_LiskGetAddress = 114 [(wire_in) = true];
MessageType_LiskAddress = 115 [(wire_out) = true];
MessageType_LiskSignTx = 116 [(wire_in) = true];
MessageType_LiskSignedTx = 117 [(wire_out) = true];
MessageType_LiskSignMessage = 118 [(wire_in) = true];
MessageType_LiskMessageSignature = 119 [(wire_out) = true];
MessageType_LiskVerifyMessage = 120 [(wire_in) = true];
MessageType_LiskGetPublicKey = 121 [(wire_in) = true];
MessageType_LiskPublicKey = 122 [(wire_out) = true];
*/
reserved 114 to 122;
// Tezos
MessageType_TezosGetAddress = 150 [(wire_in) = true];
MessageType_TezosAddress = 151 [(wire_out) = true];
MessageType_TezosSignTx = 152 [(wire_in) = true];
MessageType_TezosSignedTx = 153 [(wire_out) = true];
MessageType_TezosGetPublicKey = 154 [(wire_in) = true];
MessageType_TezosPublicKey = 155 [(wire_out) = true];
// Stellar
MessageType_StellarSignTx = 202 [(wire_in) = true];
MessageType_StellarTxOpRequest = 203 [(wire_out) = true];
MessageType_StellarGetAddress = 207 [(wire_in) = true];
MessageType_StellarAddress = 208 [(wire_out) = true];
MessageType_StellarCreateAccountOp = 210 [(wire_in) = true];
MessageType_StellarPaymentOp = 211 [(wire_in) = true];
MessageType_StellarPathPaymentStrictReceiveOp = 212 [(wire_in) = true];
MessageType_StellarManageSellOfferOp = 213 [(wire_in) = true];
MessageType_StellarCreatePassiveSellOfferOp = 214 [(wire_in) = true];
MessageType_StellarSetOptionsOp = 215 [(wire_in) = true];
MessageType_StellarChangeTrustOp = 216 [(wire_in) = true];
MessageType_StellarAllowTrustOp = 217 [(wire_in) = true];
MessageType_StellarAccountMergeOp = 218 [(wire_in) = true];
// omitted: StellarInflationOp is not a supported operation, would be 219
MessageType_StellarManageDataOp = 220 [(wire_in) = true];
MessageType_StellarBumpSequenceOp = 221 [(wire_in) = true];
MessageType_StellarManageBuyOfferOp = 222 [(wire_in) = true];
MessageType_StellarPathPaymentStrictSendOp = 223 [(wire_in) = true];
MessageType_StellarSignedTx = 230 [(wire_out) = true];
// Cardano
// dropped Sign/VerifyMessage ids 300-302
// dropped TxRequest/TxAck ids 304 and 309 (shelley update)
// dropped SignTx/SignedTx/SignedTxChunk/SignedTxChunkAck ids 303, 310, 311 and 312
reserved 300 to 304, 309 to 312;
MessageType_CardanoGetPublicKey = 305 [(wire_in) = true];
MessageType_CardanoPublicKey = 306 [(wire_out) = true];
MessageType_CardanoGetAddress = 307 [(wire_in) = true];
MessageType_CardanoAddress = 308 [(wire_out) = true];
MessageType_CardanoTxItemAck = 313 [(wire_out) = true];
MessageType_CardanoTxAuxiliaryDataSupplement = 314 [(wire_out) = true];
MessageType_CardanoTxWitnessRequest = 315 [(wire_in) = true];
MessageType_CardanoTxWitnessResponse = 316 [(wire_out) = true];
MessageType_CardanoTxHostAck = 317 [(wire_in) = true];
MessageType_CardanoTxBodyHash = 318 [(wire_out) = true];
MessageType_CardanoSignTxFinished = 319 [(wire_out) = true];
MessageType_CardanoSignTxInit = 320 [(wire_in) = true];
MessageType_CardanoTxInput = 321 [(wire_in) = true];
MessageType_CardanoTxOutput = 322 [(wire_in) = true];
MessageType_CardanoAssetGroup = 323 [(wire_in) = true];
MessageType_CardanoToken = 324 [(wire_in) = true];
MessageType_CardanoTxCertificate = 325 [(wire_in) = true];
MessageType_CardanoTxWithdrawal = 326 [(wire_in) = true];
MessageType_CardanoTxAuxiliaryData = 327 [(wire_in) = true];
MessageType_CardanoPoolOwner = 328 [(wire_in) = true];
MessageType_CardanoPoolRelayParameters = 329 [(wire_in) = true];
MessageType_CardanoGetNativeScriptHash = 330 [(wire_in) = true];
MessageType_CardanoNativeScriptHash = 331 [(wire_out) = true];
MessageType_CardanoTxMint = 332 [(wire_in) = true];
MessageType_CardanoTxCollateralInput = 333 [(wire_in) = true];
MessageType_CardanoTxRequiredSigner = 334 [(wire_in) = true];
MessageType_CardanoTxInlineDatumChunk = 335 [(wire_in) = true];
MessageType_CardanoTxReferenceScriptChunk = 336 [(wire_in) = true];
MessageType_CardanoTxReferenceInput = 337 [(wire_in) = true];
// Ripple
MessageType_RippleGetAddress = 400 [(wire_in) = true];
MessageType_RippleAddress = 401 [(wire_out) = true];
MessageType_RippleSignTx = 402 [(wire_in) = true];
MessageType_RippleSignedTx = 403 [(wire_in) = true];
// Monero
MessageType_MoneroTransactionInitRequest = 501 [(wire_out) = true];
MessageType_MoneroTransactionInitAck = 502 [(wire_out) = true];
MessageType_MoneroTransactionSetInputRequest = 503 [(wire_out) = true];
MessageType_MoneroTransactionSetInputAck = 504 [(wire_out) = true];
MessageType_MoneroTransactionInputViniRequest = 507 [(wire_out) = true];
MessageType_MoneroTransactionInputViniAck = 508 [(wire_out) = true];
MessageType_MoneroTransactionAllInputsSetRequest = 509 [(wire_out) = true];
MessageType_MoneroTransactionAllInputsSetAck = 510 [(wire_out) = true];
MessageType_MoneroTransactionSetOutputRequest = 511 [(wire_out) = true];
MessageType_MoneroTransactionSetOutputAck = 512 [(wire_out) = true];
MessageType_MoneroTransactionAllOutSetRequest = 513 [(wire_out) = true];
MessageType_MoneroTransactionAllOutSetAck = 514 [(wire_out) = true];
MessageType_MoneroTransactionSignInputRequest = 515 [(wire_out) = true];
MessageType_MoneroTransactionSignInputAck = 516 [(wire_out) = true];
MessageType_MoneroTransactionFinalRequest = 517 [(wire_out) = true];
MessageType_MoneroTransactionFinalAck = 518 [(wire_out) = true];
MessageType_MoneroKeyImageExportInitRequest = 530 [(wire_out) = true];
MessageType_MoneroKeyImageExportInitAck = 531 [(wire_out) = true];
MessageType_MoneroKeyImageSyncStepRequest = 532 [(wire_out) = true];
MessageType_MoneroKeyImageSyncStepAck = 533 [(wire_out) = true];
MessageType_MoneroKeyImageSyncFinalRequest = 534 [(wire_out) = true];
MessageType_MoneroKeyImageSyncFinalAck = 535 [(wire_out) = true];
MessageType_MoneroGetAddress = 540 [(wire_in) = true];
MessageType_MoneroAddress = 541 [(wire_out) = true];
MessageType_MoneroGetWatchKey = 542 [(wire_in) = true];
MessageType_MoneroWatchKey = 543 [(wire_out) = true];
MessageType_DebugMoneroDiagRequest = 546 [(wire_in) = true];
MessageType_DebugMoneroDiagAck = 547 [(wire_out) = true];
MessageType_MoneroGetTxKeyRequest = 550 [(wire_in) = true];
MessageType_MoneroGetTxKeyAck = 551 [(wire_out) = true];
MessageType_MoneroLiveRefreshStartRequest = 552 [(wire_in) = true];
MessageType_MoneroLiveRefreshStartAck = 553 [(wire_out) = true];
MessageType_MoneroLiveRefreshStepRequest = 554 [(wire_in) = true];
MessageType_MoneroLiveRefreshStepAck = 555 [(wire_out) = true];
MessageType_MoneroLiveRefreshFinalRequest = 556 [(wire_in) = true];
MessageType_MoneroLiveRefreshFinalAck = 557 [(wire_out) = true];
// EOS
MessageType_EosGetPublicKey = 600 [(wire_in) = true];
MessageType_EosPublicKey = 601 [(wire_out) = true];
MessageType_EosSignTx = 602 [(wire_in) = true];
MessageType_EosTxActionRequest = 603 [(wire_out) = true];
MessageType_EosTxActionAck = 604 [(wire_in) = true];
MessageType_EosSignedTx = 605 [(wire_out) = true];
// Binance
MessageType_BinanceGetAddress = 700 [(wire_in) = true];
MessageType_BinanceAddress = 701 [(wire_out) = true];
MessageType_BinanceGetPublicKey = 702 [(wire_in) = true];
MessageType_BinancePublicKey = 703 [(wire_out) = true];
MessageType_BinanceSignTx = 704 [(wire_in) = true];
MessageType_BinanceTxRequest = 705 [(wire_out) = true];
MessageType_BinanceTransferMsg = 706 [(wire_in) = true];
MessageType_BinanceOrderMsg = 707 [(wire_in) = true];
MessageType_BinanceCancelMsg = 708 [(wire_in) = true];
MessageType_BinanceSignedTx = 709 [(wire_out) = true];
// WebAuthn
MessageType_WebAuthnListResidentCredentials = 800 [(wire_in) = true];
MessageType_WebAuthnCredentials = 801 [(wire_out) = true];
MessageType_WebAuthnAddResidentCredential = 802 [(wire_in) = true];
MessageType_WebAuthnRemoveResidentCredential = 803 [(wire_in) = true];
}