v1.9.0

Release notes

• taproot miniscript support #264
• bip85 app #265
• export of multiple xpubs #258
• ask for overwrite of the files on the SD card #269 and smartcard #270
• other improvements and bugfixes

Upgrade process

Copy specter_upgrade_v1.9.0.bin to the SD card and insert it into the device. The bootloader will check the signatures of the upgrade file and update the firmware.

Flashing on empty board

If your discovery board is empty or you have a very old firmware (below 1.4.0) - connect your board over miniUSB with power jumper set to STLK and copy-paste initial_firmware_v1.9.0.bin file to the mounted drive.

If you have problems flashing initial firmware consider using stlink-tools. A command to flash firmware:

st-flash write path/to/initial_firmware.bin 0x8000000

If you want to use self-signed bootloader and firmware check out the instructions in the bootloader repo

sha256.signed.txt file contains sha256 hashes of the firmware binary files and signed with @stepansnigirev's GPG key.
You can get the public key here: https://stepansnigirev.com/ss-specter-release.asc.
It is also available on keys.openpgp.org.
Fingerprint of the key is 6F16 E354 F833 93D6 E52E C25F 36ED 357A B24B 915F, short id: 36ed357ab24b915f

Tags and commits are signed using another key: stepan-github.asc

Reproducible build

You can build binaries identical to the ones in this release yourself. Follow this instruction, when the build is almost complete the script will output a message for signing and ask you for the signatures.

Verify that upgrade message is:

1.9.0-1wu5ml3hcutqw2tz6n628anrmap2m2mhfq9cta7av7slju27pmd8q4ynvhr

Add first signature:

IIdKCgPDU7/h0YkmTSd++xZ+qRDpDTFXA53VqBjETYNGZKpgclShb3i+U+KurDQ5DiyyYkFVwIVHIea67BNpwUo=

Add second signature:

IBzC3d3cRGKXq3HEJu/8u6hST0UWZBxXo7IE53a8gTARX5xUlK9yEYsdjj4j2Sve0mNd49R26l6x0RLk90xlw20=

Then hit enter and check that sha256.txt has the same hashes as in sha256.signed.txt file.