Longer term: support using keys in the TREZOR for code signing

Question

Longer term: support using keys in the TREZOR for code signing

Closed this issue 9 years ago · 4 comments

It's unclear exactly what should be displayed on the screen for this, but a (truncated?) hash of the post-update JAR is probably right. At any rate keeping the keys inside a hardware device is an improvement even if the message on screen is a bit hard to verify.

Will wait to see how Jim/Gary get along with multibit hardware support before experimenting with this. Might be a crowdfunded project.

mikehearn commented 9 years ago

Done!

Answer 1 · 2015-04-28T19:53:12.000Z

Ah great to hear that. Will ping you some time about details...

Answer 2 · 2015-04-29T09:01:59.000Z

You just specify --trezor to the updatefx app. You can also specify an argument, which is the hex encoded pubkey that should be used, to ensure there aren't any mixups.

Answer 3 · 2015-04-29T21:14:22.000Z

Ah cool! Will try it out for the next release!