forked from SeedSigner/seedsigner
-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'SeedSigner:main' into main
- Loading branch information
Showing
97 changed files
with
114,569 additions
and
6,023 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,3 +2,5 @@ | |
| __pycache__/ | ||
| src/seedsigner.egg-info/ | ||
| .nova | ||
| .vscode | ||
| src/seedsigner/models/settings_definition.json | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -81,14 +81,16 @@ The quickest and easiest way to install the software is to download the most rec | |
| After downloading the .zip file, extract the seedsigner .img file, and write it to a MicroSD card (at least 4GB in size or larger). Then install the MicroSD in the assembled hardware and off you go. If your goal is a more trustless installation, you can follow the [manual installation instructions](docs/manual_installation.md). | ||
|
|
||
| ## Verifying Your Software | ||
| You can verify the data integrity and authenticity of the latest release with as little as three commands (though moving forward you will have to replace the version in the following commands with the version number you are attempting to validate). This process assumes that you have navigated to a folder where you have these four relevant files present: | ||
| You can verify the data integrity and authenticity of the latest release with as little as three commands. This process assumes that you know [how to navigate on a terminal](https://terminalcheatsheet.com/guides/navigate-terminal) and have navigated to the folder where you have these four relevant files present: (This will most likely be your Downloads folder.) | ||
|
|
||
| * seedsigner_pubkey.gpg (from the main folder of this repo) | ||
| * seedsigner_0_4_5.img.zip (from the software release) | ||
| * seedsigner_0_4_5.img.zip.sha256 (from the software release) | ||
| * seedsigner_0_4_5.img.zip.sha256.sig (from the software release) | ||
| * seedsigner_0_4_6.img.zip (from the software release) | ||
| * seedsigner_0_4_6.img.zip.sha256 (from the software release) | ||
| * seedsigner_0_4_6.img.zip.sha256.sig (from the software release) | ||
|
|
||
| This process also assumes you are running the commands from a system where both GPG and shasum are installed and working. | ||
| **Note:** The specific version number of the files in your folder might not match the above exactly, but their overall format and amount should be the same. | ||
|
|
||
| This process also assumes you are running the commands from a system where both [GPG](https://gnupg.org/download/index.html) and [shasum](https://command-not-found.com/shasum) are installed and working. | ||
|
|
||
| First make sure that the public key is present in your keychain: | ||
| ``` | ||
|
|
@@ -101,8 +103,10 @@ key <...> not changed | |
|
|
||
| Now you can verify the authenticity of the small text file containing the release's SHA256 hash with the command: | ||
| ``` | ||
| gpg --verify seedsigner_0_4_5.img.zip.sha256.sig | ||
| gpg --verify seedsigner_0_*_*.img.zip.sha256.sig | ||
| ``` | ||
| **Note:** The `*`s in the command above allow the terminal to auto-populate the command with the version number you have in the folder you are in. It should be copied and pasted as is. | ||
|
|
||
| The reponse to this command should include the text: | ||
| ``` | ||
| Good signature from "seedsigner <[email protected]>" [unknown] | ||
|
|
@@ -111,11 +115,11 @@ The previous command validates that aforementioned small text file was signed us | |
|
|
||
| The last step is to make sure the .zip file that you've downloaded, and that contains the released software, is a perfect match to the software that was published by the holder of the private key in the last step. The command for this step is: | ||
| ``` | ||
| shasum -a 256 -c seedsigner_0_4_5.img.zip.sha256 | ||
| shasum -a 256 -c seedsigner_0_*_*.img.zip.sha256 | ||
| ``` | ||
| The reponse to this command should include the text: | ||
| ``` | ||
| seedsigner_0_4_5.img.zip: OK | ||
| seedsigner_0_4_6.img.zip: OK | ||
| ``` | ||
|
|
||
| There are other steps you can take to verify the software, including examining the hash value in the .sha256 text file, but this one has been documented here because it seems the simplest for most people to follow. Please recognize that this process can only validate the software to the extent that the entity that first published the key is an honest actor, and assumes the private key has remained uncompromised and is not being used by a malicious actor. | ||
|
|
@@ -138,6 +142,14 @@ The Orange Pill enclosure design offers a more finished look that includes butto | |
|
|
||
| The upper and lower portions of the enclosure can be printed using a standard FDM 3D printer, no supports necessary. The buttons and joystick nub should ideally be produced with a SLA/resin printer. An overview of the entire assembly process can be found [here](https://youtu.be/aIIc2DiZYcI). To access the design files and printable models, click [here](https://github.com/SeedSigner/seedsigner/tree/main/enclosures/orange_pill). | ||
|
|
||
| ### Community Designs | ||
|
|
||
| * [Lil Pill](https://cults3d.com/en/3d-model/gadget/lil-pill-seedsigner-case) by @_CyberNomad | ||
| * [OrangeSurf Case](https://github.com/orangesurf/orangesurf-seedsigner-case) by @OrangeSurfBTC | ||
| * [PS4 Seedsigner](https://www.thingiverse.com/thing:5363525) by @Silexperience | ||
| * [OpenPill Faceplate](https://www.printables.com/en/model/179924-seedsigner-open-pill-cover-plates-digital-cross-jo) by @Revetuzo | ||
| * [Waveshare CoverPlate](https://cults3d.com/en/3d-model/various/seedsigner-coverplate-for-waveshare-1-3-inch-lcd-hat-with-240x240-pixel-display) by @Adathome1 | ||
|
|
||
| --------------- | ||
|
|
||
| # SeedQR Printable Templates | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| # Code Structure | ||
|
|
||
| SeedSigner roughly follows a Model-View-Controller approach. Like in a typical web app (e.g. Flask) the `View`s can be called as needed like individual web urls. After completing display and interaction with the user, the `View` then decides where to route the user next, analogous to a web app returning a `response.redirect(url)`. | ||
|
|
||
| The `Controller` then ends up being quite stripped down. For example, there's no need for a web app's `urls.py` since there are no mappings from url to `View` to maintain since we're not actually using a url/http routing approach. | ||
|
|
||
| `View`s have to handle user interaction so there are `while True` loops that cycle between waiting for user input, gathering data, and then updating the UI components accordingly. You wouldn't find this kind of cycle in a web app because this sort of interactive user input is handled in the browser at the html/css/js level. | ||
|
|
||
|
|
||
|
|
||
| * `Model`s: Store the persistent settings, the in-memory seeds, current wallet information, etc. | ||
| * `Controller`: Manages the state of the world and controls access to global resources. | ||
| * `View`s: Implementation of each screen. Prepares relevant data for display. Must also instantiate the display objects that will actually render the UI. | ||
| * `gui.screens`: Re-usable formatted UI renderers. | ||
| * `gui.components`: Basic individual UI elements that are used by the `templates` such as the top nav, buttons, button lists, text displays. | ||
|
|
||
| In an typical webserver context the `View` would send data to an html template (e.g. Jinja) which would then dynamically populate the page with html elements like `<input>`, `<button>`, `<img>`, etc. This is analgous to our `gui.screens` constructing a UI renderer by piecing together various `gui.components` as needed. | ||
|
|
||
|
|
||
|
|
||
| `Controller` is a global singleton that any `View` can access and update as needed. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| # Feature Roadmap | ||
|
|
||
| Current focus: v0.5.0 preview releases. | ||
|
|
||
| *Note: It may or may not make sense to do minor bugfix preview releases along the way (e.g. 1.0 -> 1.1).* | ||
|
|
||
|
|
||
| ## v0.5.0 Pre-Release 1.x | ||
| * Scan SeedQR / CompactSeedQR | ||
| * Add/Edit passphrase | ||
| * View seed words w/configurable warnings | ||
| * Export xpub w/configurable warnings and flow determined by Settings | ||
| * Scan PSBT | ||
| * Full PSBT review screens | ||
| * "Full Spend" (no change) warning | ||
| * Fully verify PSBT change addrs | ||
| * Send signed PSBT via QR | ||
| * QR display dimming/brightness UP/DOWN | ||
| * Subset of configurable Settings; persistent Settings storage | ||
| * SettingsQR integration proof-of-concept | ||
|
|
||
| Screens will be functional but not necessarily in their final presentation state (icons, text, positioning, etc). | ||
|
|
||
|
|
||
| ## v0.5.0 Pre-Release 2.x | ||
| * Existing screen refinement (visual presentation, text, etc) | ||
| * Create new seed via image entropy | ||
| * Manual mnemonic seed word entry | ||
| * 12th/24th word calc | ||
| * SeedQR/CompactSeedQR manual transcription UI w/configurable UI style (dots vs grid) | ||
| * Single sig address scan and verification | ||
| * SettingsQR standalone UI refinement | ||
| * Fix broken tests | ||
| * All GUI Components support scrollable Screens | ||
|
|
||
|
|
||
| ## v0.5.0 Pre-Release 3.x | ||
| * Settings: I/O Test | ||
| * Create new seed via dice rolls | ||
| * Custom derivation paths in xpub export flow | ||
| * QR display dimming/brightness, framerate, density(?) controls in transparent overlay | ||
| * HRF partner logo on startup | ||
| * Improve test suite coverage | ||
| * Further existing screen refinement | ||
| * "Final" bugfixes | ||
|
|
||
|
|
||
| ## Initial v0.5.0 Release | ||
| All of the above! | ||
|
|
||
|
|
||
| ## Beyond v0.5.0 | ||
| These features will not be included in the initial v0.5.0 release and will have varying degrees of priority for subsequent releases (or possibly not at all). | ||
|
|
||
| * Multisig wallet descriptor QR scan(?) and addr verification(?) | ||
| * Sign taproot txs | ||
| * Multi-language support (Transifex free for open source projects) | ||
| * Multisig: sign PSBT with multiple keys at once. | ||
| * Custom OS, possibly with swappable SD card PSBT and multisig wallet descriptor storage | ||
| * Decoy game mode at launch (Snake, Tetris, Sudoku...?) | ||
| * BIP-39 wordlists in additional languages | ||
| * Address message signing | ||
| * UI color scheme customization | ||
| * Specify missing entropy for 12th/24th word calc | ||
|
|
||
|
|
||
| # v0.6 and Beyond...? | ||
| * Alternate hardware profile / touchscreen | ||
| * PGP signer | ||
| * Liquid? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
Oops, something went wrong.