syntax = "proto2"; package hw.trezor.messages.bitcoin; // Sugar for easier handling in Java option java_package = "com.satoshilabs.trezor.lib.protobuf"; option java_outer_classname = "TrezorMessageBitcoin"; import "messages.proto"; import "messages-common.proto"; /** * Type of script which will be used for transaction input */ enum InputScriptType { SPENDADDRESS = 0; // standard P2PKH address SPENDMULTISIG = 1; // P2SH multisig address EXTERNAL = 2; // reserved for external inputs (coinjoin) SPENDWITNESS = 3; // native SegWit SPENDP2SHWITNESS = 4; // SegWit over P2SH (backward compatible) } /** * Type of script which will be used for transaction output */ enum OutputScriptType { PAYTOADDRESS = 0; // used for all addresses (bitcoin, p2sh, witness) PAYTOSCRIPTHASH = 1; // p2sh address (deprecated; use PAYTOADDRESS) PAYTOMULTISIG = 2; // only for change output PAYTOOPRETURN = 3; // op_return PAYTOWITNESS = 4; // only for change output PAYTOP2SHWITNESS = 5; // only for change output } /** * Type of redeem script used in input * @embed */ message MultisigRedeemScriptType { repeated HDNodePathType pubkeys = 1; // pubkeys from multisig address (sorted lexicographically) repeated bytes signatures = 2; // existing signatures for partially signed input required uint32 m = 3; // "m" from n, how many valid signatures is necessary for spending repeated common.HDNodeType nodes = 4; // simplified way how to specify pubkeys if they share the same address_n path repeated uint32 address_n = 5; // use only field 1 or fields 4+5, if fields 4+5 are used, field 1 is ignored /** * Structure representing HDNode + Path */ message HDNodePathType { required common.HDNodeType node = 1; // BIP-32 node in deserialized form repeated uint32 address_n = 2; // BIP-32 path to derive the key from node } } /** * Request: Ask device for public key corresponding to address_n path * @start * @next PublicKey * @next Failure */ message GetPublicKey { repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node optional string ecdsa_curve_name = 2; // ECDSA curve name to use optional bool show_display = 3; // optionally show on display before sending the result optional string coin_name = 4 [default='Bitcoin']; // coin to use for verifying optional InputScriptType script_type = 5 [default=SPENDADDRESS]; // used to distinguish between various address formats (non-segwit, segwit, etc.) } /** * Response: Contains public key derived from device private seed * @end */ message PublicKey { optional common.HDNodeType node = 1; // BIP32 public node optional string xpub = 2; // serialized form of public node } /** * Request: Ask device for address corresponding to address_n path * @start * @next Address * @next Failure */ message GetAddress { repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node optional string coin_name = 2 [default='Bitcoin']; // coin to use optional bool show_display = 3; // optionally show on display before sending the result optional MultisigRedeemScriptType multisig = 4; // filled if we are showing a multisig address optional InputScriptType script_type = 5 [default=SPENDADDRESS]; // used to distinguish between various address formats (non-segwit, segwit, etc.) } /** * Response: Contains address derived from device private seed * @end */ message Address { required string address = 1; // Coin address in Base58 encoding } /** * Request: Ask device for ownership identifier corresponding to scriptPubKey for address_n path * @start * @next OwnershipId * @next Failure */ message GetOwnershipId { repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node optional string coin_name = 2 [default='Bitcoin']; // coin to use optional MultisigRedeemScriptType multisig = 3; // filled if we are dealing with a multisig scriptPubKey optional InputScriptType script_type = 4 [default=SPENDADDRESS]; // used to distinguish between various address formats (non-segwit, segwit, etc.) } /** * Response: Contains the ownership identifier for the scriptPubKey and device private seed * @end */ message OwnershipId { required bytes ownership_id = 1; // ownership identifier } /** * Request: Ask device to sign message * @start * @next MessageSignature * @next Failure */ message SignMessage { repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node required bytes message = 2; // message to be signed optional string coin_name = 3 [default='Bitcoin']; // coin to use for signing optional InputScriptType script_type = 4 [default=SPENDADDRESS]; // used to distinguish between various address formats (non-segwit, segwit, etc.) } /** * Response: Signed message * @end */ message MessageSignature { optional string address = 1; // address used to sign the message optional bytes signature = 2; // signature of the message } /** * Request: Ask device to verify message * @start * @next Success * @next Failure */ message VerifyMessage { required string address = 1; // address to verify required bytes signature = 2; // signature to verify required bytes message = 3; // message to verify optional string coin_name = 4 [default='Bitcoin']; // coin to use for verifying } /** * Request: Ask device to sign transaction * @start * @next TxRequest * @next Failure */ message SignTx { required uint32 outputs_count = 1; // number of transaction outputs required uint32 inputs_count = 2; // number of transaction inputs optional string coin_name = 3 [default='Bitcoin']; // coin to use optional uint32 version = 4 [default=1]; // transaction version optional uint32 lock_time = 5 [default=0]; // transaction lock_time optional uint32 expiry = 6; // only for Decred and Zcash optional bool overwintered = 7 [deprecated=true]; // deprecated in 2.3.2, the field is not needed as it can be derived from `version` optional uint32 version_group_id = 8; // only for Zcash, nVersionGroupId optional uint32 timestamp = 9; // only for Peercoin optional uint32 branch_id = 10; // only for Zcash, BRANCH_ID } /** * Response: Device asks for information for signing transaction or returns the last result * If request_index is set, device awaits TxAck matching the request type. * If signature_index is set, 'signature' contains signed input of signature_index's input * @end * @next TxAckInput * @next TxAckOutput * @next TxAckPrevMeta * @next TxAckPrevInput * @next TxAckPrevOutput * @next TxAckPrevExtraData */ message TxRequest { optional RequestType request_type = 1; // what should be filled in TxAck message? optional TxRequestDetailsType details = 2; // request for tx details optional TxRequestSerializedType serialized = 3; // serialized data and request for next /** * Type of information required by transaction signing process */ enum RequestType { TXINPUT = 0; TXOUTPUT = 1; TXMETA = 2; TXFINISHED = 3; TXEXTRADATA = 4; } /** * Structure representing request details */ message TxRequestDetailsType { optional uint32 request_index = 1; // device expects TxAck message from the computer optional bytes tx_hash = 2; // tx_hash of requested transaction optional uint32 extra_data_len = 3; // length of requested extra data (only for Dash, Zcash) optional uint32 extra_data_offset = 4; // offset of requested extra data (only for Dash, Zcash) } /** * Structure representing serialized data */ message TxRequestSerializedType { optional uint32 signature_index = 1; // 'signature' field contains signed input of this index optional bytes signature = 2; // signature of the signature_index input optional bytes serialized_tx = 3; // part of serialized and signed transaction } } /** * Request: Reported transaction data (legacy) * * This message contains all possible field that can be sent in response to a TxRequest. * Depending on the request_type, the host is supposed to fill some of these fields. * * The interface is wire-compatible with the new method of specialized TxAck subtypes, * so it can be used in the old way. However, it is now recommended to use more * specialized messages, which have better-configured constraints on field values. * * @next TxRequest */ message TxAck { option deprecated = true; optional TransactionType tx = 1; /** * Structure representing transaction */ message TransactionType { optional uint32 version = 1; repeated TxInputType inputs = 2; repeated TxOutputBinType bin_outputs = 3; optional uint32 lock_time = 4; repeated TxOutputType outputs = 5; optional uint32 inputs_cnt = 6; optional uint32 outputs_cnt = 7; optional bytes extra_data = 8; // only for Dash, Zcash optional uint32 extra_data_len = 9; // only for Dash, Zcash optional uint32 expiry = 10; // only for Decred and Zcash optional bool overwintered = 11 [deprecated=true]; // Zcash only; deprecated in 2.3.2, the field is not needed, it can be derived from `version` optional uint32 version_group_id = 12; // only for Zcash, nVersionGroupId optional uint32 timestamp = 13; // only for Peercoin optional uint32 branch_id = 14; // only for Zcash, BRANCH_ID /** * Structure representing transaction input */ message TxInputType { repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node required bytes prev_hash = 2; // hash of previous transaction output to spend by this input required uint32 prev_index = 3; // index of previous output to spend optional bytes script_sig = 4; // script signature, unset for tx to sign optional uint32 sequence = 5 [default=4294967295]; // sequence (default=0xffffffff) optional InputScriptType script_type = 6 [default=SPENDADDRESS]; // defines template of input script optional MultisigRedeemScriptType multisig = 7; // Filled if input is going to spend multisig tx optional uint64 amount = 8; // amount of previous transaction output (for segwit only) optional uint32 decred_tree = 9; // only for Decred // optional uint32 decred_script_version = 10; // only for Decred // deprecated -> only 0 is supported // optional bytes prev_block_hash_bip115 = 11; // BIP-115 support dropped // optional uint32 prev_block_height_bip115 = 12; // BIP-115 support dropped optional bytes witness = 13; // witness data, only set for EXTERNAL inputs optional bytes ownership_proof = 14; // SLIP-0019 proof of ownership, only set for EXTERNAL inputs optional bytes commitment_data = 15; // optional commitment data for the SLIP-0019 proof of ownership } /** * Structure representing compiled transaction output */ message TxOutputBinType { required uint64 amount = 1; required bytes script_pubkey = 2; optional uint32 decred_script_version = 3; // only for Decred } /** * Structure representing transaction output */ message TxOutputType { optional string address = 1; // target coin address in Base58 encoding repeated uint32 address_n = 2; // BIP-32 path to derive the key from master node; has higher priority than "address" required uint64 amount = 3; // amount to spend in satoshis optional OutputScriptType script_type = 4 [default=PAYTOADDRESS]; // output script type optional MultisigRedeemScriptType multisig = 5; // defines multisig address; script_type must be PAYTOMULTISIG optional bytes op_return_data = 6; // defines op_return data; script_type must be PAYTOOPRETURN, amount must be 0 // optional uint32 decred_script_version = 7; // only for Decred // deprecated -> only 0 is supported // optional bytes block_hash_bip115 = 8; // BIP-115 support dropped // optional uint32 block_height_bip115 = 9; // BIP-115 support dropped } } } /** Data type for transaction input to be signed. * @embed */ message TxAckInputType { repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node required bytes prev_hash = 2; // hash of previous transaction output to spend by this input required uint32 prev_index = 3; // index of previous output to spend optional bytes script_sig = 4; // script signature, only set for EXTERNAL inputs optional uint32 sequence = 5 [default=0xffffffff]; // sequence optional InputScriptType script_type = 6 [default=SPENDADDRESS]; // defines template of input script optional MultisigRedeemScriptType multisig = 7; // Filled if input is going to spend multisig tx required uint64 amount = 8; // amount of previous transaction output optional uint32 decred_tree = 9; // only for Decred optional bytes witness = 13; // witness data, only set for EXTERNAL inputs optional bytes ownership_proof = 14; // SLIP-0019 proof of ownership, only set for EXTERNAL inputs optional bytes commitment_data = 15; // optional commitment data for the SLIP-0019 proof of ownership } /** Data type for transaction output to be signed. * @embed */ message TxAckOutputType { optional string address = 1; // destination address in Base58 encoding; script_type must be PAYTOADDRESS repeated uint32 address_n = 2; // BIP-32 path to derive the destination (used for change addresses) required uint64 amount = 3; // amount to spend in satoshis optional OutputScriptType script_type = 4 [default=PAYTOADDRESS]; // output script type optional MultisigRedeemScriptType multisig = 5; // defines multisig address; script_type must be PAYTOMULTISIG optional bytes op_return_data = 6; // defines op_return data; script_type must be PAYTOOPRETURN, amount must be 0 } /** Data type for metadata about previous transaction which contains the UTXO being spent. * @embed */ message TxAckPrevTxType { required uint32 version = 1; required uint32 lock_time = 4; required uint32 inputs_count = 6; required uint32 outputs_count = 7; optional uint32 extra_data_len = 9 [default=0]; // only for Dash, Zcash optional uint32 expiry = 10; // only for Decred and Zcash optional uint32 version_group_id = 12; // only for Zcash, nVersionGroupId optional uint32 timestamp = 13; // only for Peercoin optional uint32 branch_id = 14; // only for Zcash, BRANCH_ID } /** Data type for inputs of previous transactions. * @embed */ message TxAckPrevInputType { required bytes prev_hash = 2; // hash of previous transaction output to spend by this input required uint32 prev_index = 3; // index of previous output to spend required bytes script_sig = 4; // script signature required uint32 sequence = 5; // sequence optional uint32 decred_tree = 9; // only for Decred } /** Data type for outputs of previous transactions. * @embed */ message TxAckPrevOutputType { required uint64 amount = 1; // amount sent to this output required bytes script_pubkey = 2; // scriptPubkey of this output optional uint32 decred_script_version = 3; // only for Decred } /** * Request: Data about input to be signed. * Wire-alias of TxAck. * * @next TxRequest */ message TxAckInput { option (wire_type) = 22; required TxAckInputWrapper tx = 1; message TxAckInputWrapper { required TxAckInputType input = 2; } } /** * Request: Data about output to be signed. * Wire-alias of TxAck. * * @next TxRequest */ message TxAckOutput { option (wire_type) = 22; required TxAckOutputWrapper tx = 1; message TxAckOutputWrapper { required TxAckOutputType output = 5; } } /** * Request: Data about previous transaction metadata * Wire-alias of TxAck. * * @next TxRequest */ message TxAckPrevMeta { option (wire_type) = 22; required TxAckPrevTxType tx = 1; } /** * Request: Data about previous transaction input * Wire-alias of TxAck. * * @next TxRequest */ message TxAckPrevInput { option (wire_type) = 22; required TxAckPrevInputWrapper tx = 1; message TxAckPrevInputWrapper { required TxAckPrevInputType input = 2; } } /** * Request: Data about previous transaction output * Wire-alias of TxAck. * * @next TxRequest */ message TxAckPrevOutput { option (wire_type) = 22; required TxAckPrevOutputWrapper tx = 1; message TxAckPrevOutputWrapper { required TxAckPrevOutputType output = 3; } } /** * Request: Content of the extra data of a previous transaction * Wire-alias of TxAck. * * @next TxRequest */ message TxAckPrevExtraData { option (wire_type) = 22; required TxAckPrevExtraDataWrapper tx = 1; message TxAckPrevExtraDataWrapper { required bytes extra_data_chunk = 8; } } /** * Request: Ask device for a proof of ownership corresponding to address_n path * @start * @next OwnershipProof * @next Failure */ message GetOwnershipProof { repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node optional string coin_name = 2 [default='Bitcoin']; // coin to use optional InputScriptType script_type = 3 [default=SPENDWITNESS]; // used to distinguish between various scriptPubKey types optional MultisigRedeemScriptType multisig = 4; // filled if proof is for a multisig address optional bool user_confirmation = 5 [default=false]; // show a confirmation dialog and set the "user confirmation" bit in the proof repeated bytes ownership_ids = 6; // list of ownership identifiers in case of multisig optional bytes commitment_data = 7 [default='']; // additional data to which the proof should commit } /** * Response: Contains the proof of ownership * @end */ message OwnershipProof { required bytes ownership_proof = 1; // SLIP-0019 proof of ownership required bytes signature = 2; // signature of the proof } /** * Request: Ask device to prompt the user to authorize a CoinJoin transaction * @start * @next Success * @next Failure */ message AuthorizeCoinJoin { option (unstable) = true; required string coordinator = 1; // coordinator identifier to approve as a prefix in commitment data (max. 18 ASCII characters) required uint64 max_total_fee = 2; // maximum total fees optional uint32 fee_per_anonymity = 3; // fee per anonymity set in units of 10^-9 percent repeated uint32 address_n = 4; // prefix of the BIP-32 path leading to the account (m / purpose' / coin_type' / account') optional string coin_name = 5 [default='Bitcoin']; // coin to use optional InputScriptType script_type = 6 [default=SPENDADDRESS]; // used to distinguish between various address formats (non-segwit, segwit, etc.) }