You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'd appreciate if trezor command line tool supported signing of (big) files, e. g. Virtual Machine images.
AFAIK right now this goal can be achieved in multiple ways:
by setting up Trezor-agent for GPG and sign traditionally via GPG
by manually hashing the file and signing the hash via trezorctl sign-message
by some other already existing method I'm not aware of
Signing via trezorctl is more lightweight and preferable to me, since, for example, it can be easily and quickly performed from freshly created Python-virtual-environment that may be destroyed right after that.
Problem with point nr. 2 is, there is still too much freedom. I have to specify BIP32 key derivation path, coin and script-type. None of those features are relevant for this purpose.
Therefore I suggest to create another SLIP for this.
Trivial solution may be, for example, to use directly BIP39 seed generated using PBKDF2 with different salt (instead of "mnemonic + passphrase" use, say, "trezor signed data").
Or may involve some more complex operation using HD-features that are either deterministic or that would be dumped as part of the signature metadata.
Ideas?
The text was updated successfully, but these errors were encountered:
I'd appreciate if trezor command line tool supported signing of (big) files, e. g. Virtual Machine images.
AFAIK right now this goal can be achieved in multiple ways:
trezorctl sign-messageSigning via trezorctl is more lightweight and preferable to me, since, for example, it can be easily and quickly performed from freshly created Python-virtual-environment that may be destroyed right after that.
Problem with point nr. 2 is, there is still too much freedom. I have to specify BIP32 key derivation path, coin and script-type. None of those features are relevant for this purpose.
Therefore I suggest to create another SLIP for this.
Trivial solution may be, for example, to use directly BIP39 seed generated using PBKDF2 with different salt (instead of "mnemonic + passphrase" use, say, "trezor signed data").
Or may involve some more complex operation using HD-features that are either deterministic or that would be dumped as part of the signature metadata.
Ideas?
The text was updated successfully, but these errors were encountered: