feat: EVM clear-signing support (firmware 7.14+)#32
Merged
BitHighlander merged 2 commits intomasterfrom Mar 21, 2026
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
BitHighlander
force-pushed
the
feature/evm-clearsign
branch
from
eb78dab to
d815d5e
Compare
BitHighlander
force-pushed
the
feature/evm-clearsign
branch
from
d815d5e to
32b85ee
Compare
Add support for firmware 7.14+ EVM clear-signing protocol: - EthereumTxMetadata (msg 115): sends signed metadata blob BEFORE EthereumSignTx - EthereumMetadataAck (msg 116): receives verification result from device - Device OLED displays decoded contract call info instead of raw hex when a verified metadata blob is provided Protocol flow: 1. Host → EthereumTxMetadata(signed_payload, key_id) 2. Device → EthereumMetadataAck(classification: OPAQUE|VERIFIED|MALFORMED) 3. Host → EthereumSignTx (normal flow continues) 4. Device OLED shows decoded contract info if classification=VERIFIED Protobuf shims implement deserializeBinaryFromReader (required by transport.ts:395 for inbound message decoding) — not just deserializeBinary. Graceful fallback on older firmware that doesn't support msg type 115. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
BitHighlander
force-pushed
the
feature/evm-clearsign
branch
from
32b85ee to
aa660b2
Compare
9 tests covering: - Message registration in type registry (115, 116) - EthereumTxMetadata serialize/deserialize round-trip via deserializeBinaryFromReader (the exact codepath transport.ts uses for inbound messages) - EthereumMetadataAck deserialization for all 3 classifications (OPAQUE/VERIFIED/MALFORMED) - Empty payload handling - toObject() shape validation These tests would have caught the missing deserializeBinaryFromReader bug that caused the metadata path to silently fall back to blind signing. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
EthereumTxMetadata(message type 115) andEthereumMetadataAck(message type 116) protobuf shim classesEthereumSignTxwhentxMetadatais providedProtocol Flow
Changes
hdwallet-core/src/ethereum.ts: Added optionaltxMetadatafield toETHSignTxtypehdwallet-keepkey/src/ethereum.ts: Hand-rolled jspb.Message classes for msg 115/116, registered in type registry, integrated intoethSignTx()flowTest plan