Longer term: support using keys in the TREZOR for code signing
Closed this issue · 4 comments
mikehearn commented
It's unclear exactly what should be displayed on the screen for this, but a (truncated?) hash of the post-update JAR is probably right. At any rate keeping the keys inside a hardware device is an improvement even if the message on screen is a bit hard to verify.
Will wait to see how Jim/Gary get along with multibit hardware support before experimenting with this. Might be a crowdfunded project.
mikehearn commented
Done!
ManfredKarrer commented
Ah great to hear that. Will ping you some time about details...
mikehearn commented
You just specify --trezor to the updatefx app. You can also specify an argument, which is the hex encoded pubkey that should be used, to ensure there aren't any mixups.
ManfredKarrer commented
Ah cool! Will try it out for the next release!