Releases: privkeyio/keep-esp32
Releases · privkeyio/keep-esp32
v0.2.0
Web Flasher (Easiest)
Flash directly from your browser - no tools required:
Manual Flashing
Quick Flash (Merged Binary)
Flash the merged binary directly at address 0x0:
esptool.py --chip esp32s3 --port /dev/ttyACM0 write_flash 0x0 keep-merged.binIndividual Binaries
Or flash each binary separately:
esptool.py --chip esp32s3 --port /dev/ttyACM0 write_flash \
--flash-mode dio --flash-freq 80m --flash-size 8MB \
0x0 bootloader.bin \
0x8000 partition-table.bin \
0xd000 ota_data_initial.bin \
0x10000 keep.binReplace /dev/ttyACM0 with your device's serial port (e.g., COM3 on Windows, /dev/cu.usbmodem* on macOS).
What's Changed
- Add policy bundle storage and signature verification by @wksantiago in #24
- Refactor: split large files, add shared hex_utils by @kwsantiago in #45
- Fix remaining code duplication in hex and random utils by @kwsantiago in #46
- Add ESP Web Tools web flasher for easy firmware installation by @kwsantiago in #17
- Add fuzzing infrastructure for protocol parser by @wksantiago in #58
- Encrypt shares at rest with AES-256-GCM by @wksantiago in #59
- Use libnostr-c hex and random utilities by @kwsantiago in #60
- Add native tests for storage, protocol, and session modules by @wksantiago in #56
- Add storage_cleanup() and session error constants by @wksantiago in #47
- Add structured error context to protocol responses by @wksantiago in #57
- Add Doxygen documentation for public APIs by @wksantiago in #55
- Enforce DKG state machine transitions by @wksantiago in #51
- Add RNG utilities and buffer size checks by @wksantiago in #53
- Add buffer size parameter to bytes_to_hex() by @wksantiago in #54
- Add protocol versioning to ping response and session ID validation by @wksantiago in #50
- Replace magic numbers with named constants by @wksantiago in #49
- Replace atoi() with strtol() for input validation by @wksantiago in #48
- Add UX abstraction layer for headless/display backend support by @kwsantiago in #99
- Bump libnostr-c to v0.1.5 by @kwsantiago in #101
- Fix console logging after USB serial driver init by @kwsantiago in #102
- Secure Element Phase 1: Mock Mode Implementation by @kwsantiago in #103
- Refactor frost_signer to separate crypto, storage, and protocol concerns by @kwsantiago in #108
- Replace sprintf with snprintf in publish_event by @wksantiago in #104
- Add constant-time comparison, base64 validation, bounds checks, session clearing, and policy error handling by @wksantiago in #105
- Hard-fail on RNG degradation and validate N-1 commitments by @wksantiago in #106
- Add session ID replay protection and fix TOCTOU in policy verification by @wksantiago in #107
- fix: memory issues by @kwsantiago in #109
- fix: harden input validation and fix race conditions by @kwsantiago in #110
- Add static analysis CI workflow by @wksantiago in #111
- Add secure result type for fault injection protection by @wksantiago in #114
- Add storage versioning with AAD and migration support by @wksantiago in #113
- Add SECURITY.md by @wksantiago in #115
- Expand fuzzing with new targets and CI workflow by @wksantiago in #116
- Add integration tests for FROST signing and DKG protocols by @wksantiago in #119
- Add hierarchical error codes and SPDX license headers by @wksantiago in #112
- Add comprehensive boot-time self-test framework by @wksantiago in #118
- Add hardware entropy mixing with ADC noise and timing jitter by @wksantiago in #120
- Add group metadata persistence and session checkpoint recovery by @wksantiago in #121
- Add PSBT fraud detection with security hardening by @wksantiago in #117
- Add anti-glitching protections by @wksantiago in #122
- Add DKG checkpoint/resume by @wksantiago in #123
- Add secure share export with PBKDF2 and rate limiting by @wksantiago in #124
- Feature/display touch by @kwsantiago in #126
- Refactor: split storage.c into focused modules by @kwsantiago in #127
- Add ESP-IDF Secure Boot v2 support by @wksantiago in #130
- Add Justfile and Docker reproducible build by @wksantiago in #132
- Enforce PIN requirement for storage encryption by @wksantiago in #131
- Harden codebase by @kwsantiago in #137
- Bump version to 0.2.0 by @kwsantiago in #138
New Contributors
- @wksantiago made their first contribution in #24
Full Changelog: v0.1.2...v0.2.0
Contributors
wksantiago and kwsantiago
Assets 4
v0.1.2
Flashing Instructions
Quick Flash (Merged Binary)
Flash the merged binary directly at address 0x0:
esptool.py --chip esp32s3 --port /dev/ttyUSB0 write_flash 0x0 keep-merged.binIndividual Binaries
Or flash each binary separately:
esptool.py --chip esp32s3 --port /dev/ttyUSB0 write_flash \
--flash-mode dio --flash-freq 80m --flash-size 8MB \
0x0 bootloader.bin \
0x8000 partition-table.bin \
0xd000 ota_data_initial.bin \
0x10000 keep.binReplace /dev/ttyUSB0 with your device's serial port (e.g., COM3 on Windows, /dev/tty.usbserial-* on macOS).
What's Changed
- Add Bitcoin PSBT parsing and Taproot sighash extraction by @kwsantiago in #42
Full Changelog: v0.1.1...v0.1.2
Contributors
kwsantiago
Assets 3
v0.1.1
v0.1.1
This tag was signed with the committer’s verified signature.
kwsantiago
Kyle 🐆
529d483
This commit was signed with the committer’s verified signature.
kwsantiago
Kyle 🐆
Flashing Instructions
Quick Flash (Merged Binary)
Flash the merged binary directly at address 0x0:
esptool.py --chip esp32s3 --port /dev/ttyUSB0 write_flash 0x0 keep-merged.binIndividual Binaries
Or flash each binary separately:
esptool.py --chip esp32s3 --port /dev/ttyUSB0 write_flash \
--flash-mode dio --flash-freq 80m --flash-size 8MB \
0x0 bootloader.bin \
0x8000 partition-table.bin \
0xd000 ota_data_initial.bin \
0x10000 keep.binReplace /dev/ttyUSB0 with your device's serial port (e.g., COM3 on Windows, /dev/tty.usbserial-* on macOS).
What's Changed
- Nostr Coordination Protocol for FROST by @kwsantiago in #18
- Add USB CDC support with UART fallback by @kwsantiago in #26
- Add DKG Round 2 parsing, NIP-46 support, fix USB device paths by @kwsantiago in #27
- Bump version to 0.1.1 by @kwsantiago in #28
Full Changelog: v0.1.0...v0.1.1
Contributors
kwsantiago
Assets 3
v0.1.0
v0.1.0
This tag was signed with the committer’s verified signature.
kwsantiago
Kyle 🐆
d3d2380
This commit was signed with the committer’s verified signature.
kwsantiago
Kyle 🐆
Flashing Instructions
Quick Flash (Merged Binary)
Flash the merged binary directly at address 0x0:
esptool.py --chip esp32s3 --port /dev/ttyUSB0 write_flash 0x0 frost-participant-merged.binIndividual Binaries
Or flash each binary separately:
esptool.py --chip esp32s3 --port /dev/ttyUSB0 write_flash \
--flash-mode dio --flash-freq 80m --flash-size 8MB \
0x0 bootloader.bin \
0x8000 partition-table.bin \
0xd000 ota_data_initial.bin \
0x10000 frost-participant.binReplace /dev/ttyUSB0 with your device's serial port (e.g., COM3 on Windows, /dev/tty.usbserial-* on macOS).
What's Changed
- Initial ESP-IDF build setup by @kwsantiago in #1
- Add JSON-RPC protocol and USB serial handler by @kwsantiago in #2
- Add native, hardware, and integration test infrastructure by @kwsantiago in #7
- Use direct partition API for share storage by @kwsantiago in #9
- Security/hardening by @kwsantiago in #10
- Improvements by @kwsantiago in #16
Full Changelog: https://github.com/privkeyio/keep-esp32/commits/v0.1.0
Contributors
kwsantiago