keepkey · BitHighlander · Apr 26, 2026 · Apr 27, 2026 · Apr 27, 2026 · Apr 29, 2026
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -73,7 +73,7 @@ jobs:
           pip install --upgrade pip
           pip install "protobuf>=3.20,<4"
           pip install -e .
-          pip install pytest semver rlp requests
+          pip install pytest semver rlp requests eth-keys pycryptodome
 
       - name: Wait for emulator
         run: |

diff --git a/.gitmodules b/.gitmodules
@@ -1,6 +1,6 @@
 [submodule "device-protocol"]
 path = device-protocol
-url = https://github.com/keepkey/device-protocol.git
+url = https://github.com/BitHighlander/device-protocol.git
 branch = master
 [submodule "keepkeylib/eth/ethereum-lists"]
 path = keepkeylib/eth/ethereum-lists

diff --git a/device-protocol b/device-protocol
diff --git a/keepkeylib/client.py b/keepkeylib/client.py
@@ -49,6 +49,7 @@
 from . import messages_tron_pb2 as tron_proto
 from . import messages_ton_pb2 as ton_proto
 from . import messages_zcash_pb2 as zcash_proto
+from . import messages_hive_pb2 as hive_proto
 from . import types_pb2 as types
 from . import eos
 from . import nano
@@ -1628,9 +1629,26 @@ def solana_sign_tx(self, address_n, raw_tx):
         )
 
     @expect(solana_proto.SolanaMessageSignature)
-    def solana_sign_message(self, address_n, message):
+    def solana_sign_message(self, address_n, message, show_display=False):
         return self.call(
-            solana_proto.SolanaSignMessage(address_n=address_n, message=message)
+            solana_proto.SolanaSignMessage(
+                address_n=address_n,
+                message=message,
+                show_display=show_display,
+            )
+        )
+
+    @expect(solana_proto.SolanaOffchainMessageSignature)
+    def solana_sign_offchain_message(self, address_n, message, message_format,
+                                     version=0, show_display=False):
+        return self.call(
+            solana_proto.SolanaSignOffchainMessage(
+                address_n=address_n,
+                version=version,
+                message_format=message_format,
+                message=message,
+                show_display=show_display,
+            )
         )
 
     # ── Tron ───────────────────────────────────────────────────
@@ -1646,6 +1664,37 @@ def tron_sign_tx(self, address_n, raw_tx):
             tron_proto.TronSignTx(address_n=address_n, raw_tx=raw_tx)
         )
 
+    @expect(tron_proto.TronMessageSignature)
+    def tron_sign_message(self, address_n, message, show_display=False):
+        return self.call(
+            tron_proto.TronSignMessage(
+                address_n=address_n,
+                message=message,
+                show_display=show_display,
+            )
+        )
+
+    @expect(proto.Success)
+    def tron_verify_message(self, address, signature, message):
+        return self.call(
+            tron_proto.TronVerifyMessage(
+                address=address,
+                signature=signature,
+                message=message,
+            )
+        )
+
+    @expect(tron_proto.TronTypedDataSignature)
+    def tron_sign_typed_hash(self, address_n, domain_separator_hash,
+                             message_hash=None):
+        kwargs = dict(
+            address_n=address_n,
+            domain_separator_hash=domain_separator_hash,
+        )
+        if message_hash is not None:
+            kwargs['message_hash'] = message_hash
+        return self.call(tron_proto.TronSignTypedHash(**kwargs))
+
     # ── TON ────────────────────────────────────────────────────
     @expect(ton_proto.TonAddress)
     def ton_get_address(self, address_n, show_display=False):
@@ -1659,12 +1708,40 @@ def ton_sign_tx(self, address_n, raw_tx):
             ton_proto.TonSignTx(address_n=address_n, raw_tx=raw_tx)
         )
 
+    @expect(ton_proto.TonMessageSignature)
+    def ton_sign_message(self, address_n, message, show_display=False):
+        return self.call(
+            ton_proto.TonSignMessage(
+                address_n=address_n,
+                message=message,
+                show_display=show_display,
+            )
+        )
+
     # ── Zcash Address Display ─────────────────────────────────
     @expect(zcash_proto.ZcashAddress)
-    def zcash_display_address(self, address_n, address, ak, nk, rivk, account=None):
+    def zcash_display_address(self, address_n, address, ak, nk, rivk,
+                              account=None, expected_seed_fingerprint=None):
+        """Display a Zcash unified address on the device for user confirmation.
+
+        Args:
+            address_n: ZIP-32 derivation path [32', 133', account']
+            address: unified address string ("u1...")
+            ak, nk, rivk: 32-byte FVK components for verification
+            account: account index (alternative to full path)
+            expected_seed_fingerprint: optional 32-byte ZIP-32 §6.1 seed
+                fingerprint. If provided, device verifies the match before
+                displaying and rejects with Failure on mismatch.
+
+        Returns:
+            ZcashAddress with .address and .seed_fingerprint of the
+            attesting device.
+        """
         kwargs = dict(address_n=address_n, address=address, ak=ak, nk=nk, rivk=rivk)
         if account is not None:
             kwargs['account'] = account
+        if expected_seed_fingerprint is not None:
+            kwargs['expected_seed_fingerprint'] = expected_seed_fingerprint
         return self.call(zcash_proto.ZcashDisplayAddress(**kwargs))
 
     # ── Zcash Orchard ──────────────────────────────────────────
@@ -1681,7 +1758,8 @@ def zcash_sign_pczt(self, address_n, actions, account=None,
                         header_digest=None, transparent_digest=None,
                         sapling_digest=None, orchard_digest=None,
                         orchard_flags=None, orchard_value_balance=None,
-                        orchard_anchor=None, transparent_inputs=None):
+                        orchard_anchor=None, transparent_inputs=None,
+                        expected_seed_fingerprint=None):
         """Sign a Zcash Orchard shielded transaction via PCZT protocol.
 
         Phase 2: Sends ZcashSignPCZT, then loops on ZcashPCZTActionAck
@@ -1737,6 +1815,8 @@ def zcash_sign_pczt(self, address_n, actions, account=None,
             kwargs['orchard_value_balance'] = orchard_value_balance
         if orchard_anchor is not None:
             kwargs['orchard_anchor'] = orchard_anchor
+        if expected_seed_fingerprint is not None:
+            kwargs['expected_seed_fingerprint'] = expected_seed_fingerprint
 
         resp = self.call(zcash_proto.ZcashSignPCZT(**kwargs))
 
@@ -1773,6 +1853,74 @@ def zcash_sign_pczt(self, address_n, actions, account=None,
 
         return resp
 
+    # ── Hive ────────────────────────────────────────────────────
+    @expect(hive_proto.HivePublicKey)
+    def hive_get_public_key(self, address_n, show_display=False, role=None):
+        kwargs = dict(address_n=address_n, show_display=show_display)
+        if role is not None:
+            kwargs['role'] = role
+        return self.call(hive_proto.HiveGetPublicKey(**kwargs))
+
+    @expect(hive_proto.HivePublicKeys)
+    def hive_get_public_keys(self, account_index=0, show_display=False):
+        return self.call(
+            hive_proto.HiveGetPublicKeys(account_index=account_index, show_display=show_display)
+        )
+
+    @expect(hive_proto.HiveSignedTx)
+    def hive_sign_tx(self, address_n, chain_id, ref_block_num, ref_block_prefix,
+                     expiration, sender, recipient, amount, decimals, asset_symbol, memo=''):
+        return self.call(hive_proto.HiveSignTx(**{
+            'address_n': address_n,
+            'chain_id': chain_id,
+            'ref_block_num': ref_block_num,
+            'ref_block_prefix': ref_block_prefix,
+            'expiration': expiration,
+            'from': sender,
+            'to': recipient,
+            'amount': amount,
+            'decimals': decimals,
+            'asset_symbol': asset_symbol,
+            'memo': memo,
+        }))
+
+    @expect(hive_proto.HiveSignedAccountCreate)
+    def hive_sign_account_create(self, address_n, chain_id, ref_block_num, ref_block_prefix,
+                                 expiration, creator, new_account_name, fee_amount=3000,
+                                 owner_key='', active_key='', posting_key='', memo_key=''):
+        return self.call(hive_proto.HiveSignAccountCreate(
+            address_n=address_n,
+            chain_id=chain_id,
+            ref_block_num=ref_block_num,
+            ref_block_prefix=ref_block_prefix,
+            expiration=expiration,
+            creator=creator,
+            new_account_name=new_account_name,
+            fee_amount=fee_amount,
+            owner_key=owner_key,
+            active_key=active_key,
+            posting_key=posting_key,
+            memo_key=memo_key,
+        ))
+
+    @expect(hive_proto.HiveSignedAccountUpdate)
+    def hive_sign_account_update(self, address_n, chain_id, ref_block_num, ref_block_prefix,
+                                 expiration, account,
+                                 new_owner_key='', new_active_key='',
+                                 new_posting_key='', new_memo_key=''):
+        return self.call(hive_proto.HiveSignAccountUpdate(
+            address_n=address_n,
+            chain_id=chain_id,
+            ref_block_num=ref_block_num,
+            ref_block_prefix=ref_block_prefix,
+            expiration=expiration,
+            account=account,
+            new_owner_key=new_owner_key,
+            new_active_key=new_active_key,
+            new_posting_key=new_posting_key,
+            new_memo_key=new_memo_key,
+        ))
+
 class KeepKeyClient(ProtocolMixin, TextUIMixin, BaseClient):
     pass
 

diff --git a/keepkeylib/hive.py b/keepkeylib/hive.py
@@ -0,0 +1,69 @@
+from . import messages_hive_pb2 as proto
+
+
+def get_public_key(client, address_n, show_display=False, role=None):
+    kwargs = dict(address_n=address_n, show_display=show_display)
+    if role is not None:
+        kwargs['role'] = role
+    return client.call(proto.HiveGetPublicKey(**kwargs))
+
+
+def get_public_keys(client, account_index=0, show_display=False):
+    return client.call(
+        proto.HiveGetPublicKeys(account_index=account_index, show_display=show_display)
+    )
+
+
+def sign_tx(client, address_n, chain_id, ref_block_num, ref_block_prefix,
+            expiration, sender, recipient, amount, decimals, asset_symbol, memo=''):
+    # 'from' is a Python keyword so use **-unpacking to set the field
+    return client.call(proto.HiveSignTx(**{
+        'address_n': address_n,
+        'chain_id': chain_id,
+        'ref_block_num': ref_block_num,
+        'ref_block_prefix': ref_block_prefix,
+        'expiration': expiration,
+        'from': sender,
+        'to': recipient,
+        'amount': amount,
+        'decimals': decimals,
+        'asset_symbol': asset_symbol,
+        'memo': memo,
+    }))
+
+
+def sign_account_create(client, address_n, chain_id, ref_block_num, ref_block_prefix,
+                        expiration, creator, new_account_name, fee_amount=3000,
+                        owner_key='', active_key='', posting_key='', memo_key=''):
+    return client.call(proto.HiveSignAccountCreate(
+        address_n=address_n,
+        chain_id=chain_id,
+        ref_block_num=ref_block_num,
+        ref_block_prefix=ref_block_prefix,
+        expiration=expiration,
+        creator=creator,
+        new_account_name=new_account_name,
+        fee_amount=fee_amount,
+        owner_key=owner_key,
+        active_key=active_key,
+        posting_key=posting_key,
+        memo_key=memo_key,
+    ))
+
+
+def sign_account_update(client, address_n, chain_id, ref_block_num, ref_block_prefix,
+                        expiration, account,
+                        new_owner_key='', new_active_key='',
+                        new_posting_key='', new_memo_key=''):
+    return client.call(proto.HiveSignAccountUpdate(
+        address_n=address_n,
+        chain_id=chain_id,
+        ref_block_num=ref_block_num,
+        ref_block_prefix=ref_block_prefix,
+        expiration=expiration,
+        account=account,
+        new_owner_key=new_owner_key,
+        new_active_key=new_active_key,
+        new_posting_key=new_posting_key,
+        new_memo_key=new_memo_key,
+    ))
diff --git a/keepkeylib/mapping.py b/keepkeylib/mapping.py
@@ -13,6 +13,7 @@
 from . import messages_tron_pb2 as tron_proto
 from . import messages_ton_pb2 as ton_proto
 from . import messages_zcash_pb2 as zcash_proto
+from . import messages_hive_pb2 as hive_proto
 
 map_type_to_class = {}
 map_class_to_type = {}
@@ -97,4 +98,23 @@ def check_missing():
         map_type_to_class[wire_id] = msg_class
         map_class_to_type[msg_class] = wire_id
 
-# check_missing() — skip: Zcash types are not in old messages_pb2 enum
+# Manually register Hive messages (not in the old messages_pb2.py enum)
+_hive_wire_ids = {
+    1600: ('HiveGetPublicKey',        hive_proto),
+    1601: ('HivePublicKey',           hive_proto),
+    1602: ('HiveSignTx',              hive_proto),
+    1603: ('HiveSignedTx',            hive_proto),
+    1604: ('HiveGetPublicKeys',       hive_proto),
+    1605: ('HivePublicKeys',          hive_proto),
+    1606: ('HiveSignAccountCreate',   hive_proto),
+    1607: ('HiveSignedAccountCreate', hive_proto),
+    1608: ('HiveSignAccountUpdate',   hive_proto),
+    1609: ('HiveSignedAccountUpdate', hive_proto),
+}
+for wire_id, (msg_name, mod) in _hive_wire_ids.items():
+    msg_class = getattr(mod, msg_name, None)
+    if msg_class is not None:
+        map_type_to_class[wire_id] = msg_class
+        map_class_to_type[msg_class] = wire_id
+
+# check_missing() — skip: Zcash/Hive types are not in old messages_pb2 enum
+179 −0		lib/messages-ripple_pb.d.ts
+1,425 −0		lib/messages-ripple_pb.js
+1 −0		messages-ripple.proto
+5 −0		messages-solana.options
+37 −0		messages-solana.proto
+5 −0		messages-ton.options
+28 −0		messages-ton.proto
+14 −0		messages-tron.options
+65 −0		messages-tron.proto
+12 −0		messages-zcash.options
+61 −0		messages-zcash.proto
+11 −0		messages.proto