Skip to content

feat(hive): requestSignBuffer — Hive dApp login (SkateHive/Aioha)#107

Open
BitHighlander wants to merge 1 commit into
developfrom
feat/hive-sign-buffer
Open

feat(hive): requestSignBuffer — Hive dApp login (SkateHive/Aioha)#107
BitHighlander wants to merge 1 commit into
developfrom
feat/hive-sign-buffer

Conversation

@BitHighlander

Copy link
Copy Markdown
Collaborator

Un-stubs requestSignBuffer — the Keychain method every Hive dApp uses for login. Routes to the new vault POST /hive/sign-message (keepkey/keepkey-vault#357), which signs SHA256(message) on-device with the SLIP-48 posting key (or Active/Memo; Owner rejected in firmware).

  • Keychain-exact semantics: JSON-Buffer message unwrap, publicKey beside result in the response, username-mismatch rejection
  • Approval side panel shows the challenge text before the device round-trip

Verified: vault layer cryptographically verified (recovered signer == posting key, low-S; firmware chain-id-collision + owner-role guards fire; sign-gating 75/75). Browser-level login test pending extension reload.

🤖 Generated with Claude Code

…15.0)

- injected: real requestSignBuffer (Keychain signature incl. rpc/title);
  handler results can now shape the top-level Keychain response so
  publicKey sits beside result, matching Keychain's createMessage
- background: hive_signBuffer — role map Posting/Active/Memo (Owner
  rejected, matches firmware), Keychain JSON-Buffer unwrap host-side,
  username-mismatch reject, side-panel approval with the challenge text,
  vault POST /hive/sign-message, returns { result: sigHex, publicKey }

Depends on vault PR keepkey/keepkey-vault#357.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant