Skip to content

Message signing: confirm a pubkey for any non-standard derivation path#950

Draft
newtonick wants to merge 1 commit into
SeedSigner:devfrom
newtonick:msg-signing-expansion
Draft

Message signing: confirm a pubkey for any non-standard derivation path#950
newtonick wants to merge 1 commit into
SeedSigner:devfrom
newtonick:msg-signing-expansion

Conversation

@newtonick

@newtonick newtonick commented Jul 15, 2026

Copy link
Copy Markdown
Collaborator

Description

Problem or Issue being addressed

Fixes #519.

Message signing only works for conventional single sig paths (BIP44/49/84/86). Everything else is rejected, and inconsistently: m/48h/... throws a bare Exception("Not implemented"), m/45h/0/0 gets a "not supported" screen, and m/1017h/... dies on an uncaught raise in the confirm view. The root cause is that the confirm screen requires an address, which requires a script type that arbitrary paths don't have.

Approach and rationale discussed here: #519 (comment)

Solution

For any path that isn't a conventional single sig one, confirm the signing pubkey instead of an address: seed fingerprint, derivation path, and the compressed pubkey at that exact path (new SeedSignMessageConfirmPubkeyView). Standard single sig paths are untouched and still confirm an address. Malformed paths from a scanned QR now route to a new InvalidDerivationPathErrorView instead of crashing.

Additional Information

Screenshots

Review the message (unchanged):

1-confirm-message

Standard single sig path still confirms an address (unchanged; verified byte-identical):

2-confirm-address-unchanged

New pubkey confirmation for any other path (shown for a BIP48 path):

3-confirm-pubkey-new

New error screen for a malformed derivation path:

4-invalid-derivation-new

This pull request is categorized as a:

  • New feature
  • Bug fix
  • Code refactor
  • Documentation
  • Other

Checklist

I ran pytest locally

  • All tests passed before submitting the PR
  • I couldn't run the tests
  • N/A

I included screenshots of any new or modified screens

  • Yes
  • No
  • N/A

I added or updated tests

  • Yes
  • No, I’m a fool
  • N/A

I tested this PR hands-on on the following platform(s):

  • Raspberry Pi OS Manual Build
  • SeedSigner OS on a Pi0/Pi0W board
  • Emulator

I have reviewed these notes:

  • I understand

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Message signing from keys at custom derivation paths

1 participant