Skip to content

fix: TRON signing — stop displaying deprecated fields not in raw_data#238

Open
BitHighlander wants to merge 2 commits into
developfrom
fix/tron-blind-sign
Open

fix: TRON signing — stop displaying deprecated fields not in raw_data#238
BitHighlander wants to merge 2 commits into
developfrom
fix/tron-blind-sign

Conversation

@BitHighlander

@BitHighlander BitHighlander commented May 21, 2026

Copy link
Copy Markdown
Owner

Summary

fsm_msgTronSignTx was displaying to_address and amount from deprecated proto fields that are not included in the raw_data bytes being signed. A malicious host could show one transfer on screen while getting a completely different transaction signed.

Replace with a single blind-sign prompt showing only the raw_data byte count — the actual data committed to by the signature.

Test plan

  • CI green
  • TRON sign shows "Sign N-byte TRON transaction?" instead of amount/address

@BitHighlander
fix: TRON blind sign — stop displaying deprecated fields not in raw_data
978be20 
fsm_msgTronSignTx displayed to_address and amount from deprecated proto fields
that are NOT included in the raw_data bytes being signed. A malicious host
could show one transfer on screen while getting a different transaction signed.

Replace with a single blind-sign prompt that shows only the raw_data byte count,
which is the actual data committed to by the signature.
@BitHighlander
chore: pin submodules to fork master
bd5a9f4 
deps/device-protocol → 8ef74da (feat(ripple): memo + THORChain routing)
deps/python-keepkey  → bf870e6 (7.14.2: XRP memo + EVM depositWithExpiry + msg-signing)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BitHighlander