trezor / trezord-go

:smiling_imp: Trezor Communication Daemon (written in Go)
GNU Lesser General Public License v3.0
245 stars 148 forks source link

trezord-go

Build status Installer build status Go Report Card

Trezor Communication Daemon aka Trezor Bridge.

Only compatible with Chrome (version 53 or later) and Firefox (version 55 or later).

We officially don't support Windows 7 and older; it could run, but we don't guarantee it.

What does trezord do and why it is needed?

Trezord is a tiny http server, that allows webpages (like Trezor Suite in web mode) to communicate with Trezor directly.

Our new devices now support WebUSB, which should eliminate the need for Trezor Bridge; however, there are some reasons, why bridge is still needed.

  1. Firefox does not allow WebUSB (see discussion here).
  2. Devices with old firmware (2018 and older) support only HID and not WebUSB.
  3. WebUSB does not allow synchronization of USB access between domains.

Install and run from source

trezord-go requires go >= 1.18.

git clone --recursive https://github.com/trezor/trezord-go.git
cd trezord-go
go build .
./trezord-go -h

On Linux don't forget to install the udev rules if you are running from source and not using pre-built packages.

Debug mode

When built with -tags debug a debug mode is enabled. This disables CORS which is helpful for local development and when run inside a docker image.

Build release packages

Prerequisites:

The base docker images are all built for both ARM and Intel 64, so they should work on both x64 architectures and ARM.

The base images are quite big and can take a while to download (mainly the musl cross-compiler, about 1 GB) and build (mainly the Rust-based apple-codesign). However, it should be cached correctly and run fast next time.

Signing release packages

By default, the binaries and installers are unsigned and unnotarized. The build does not require any certificates or private keys, but produces unsigned binaries and packages.

The notarization and signing is all done in Docker, so it can run everywhere. (No need to run the mac notarization on macOS, etc.)

If you want to sign the packages, you need the following:

All those files are ignored by .gitignore so they are not accidentally put into git.

Emulator support

Trezord supports emulators for all Trezor versions. However, you need to enable it manually; it is disabled by default. After enabling, services that work with emulator can work with all services that support trezord.

To enable emulator, run trezord with a parameter -e followed by port, for every emulator with an enabled port:

./trezord-go -e 21324

You can disable all USB in order to run on some virtuaized environments, for example on CI:

./trezord-go -e 21324 -u=false

API documentation

trezord-go starts a HTTP server on http://localhost:21325. AJAX calls are only enabled from trezor.io subdomains.

Server supports following API calls:

url
method
parameters result type description
/
POST
{version: string} Returns current version of bridge
/enumerate
POST
Array<{path: string,
session: string | null}>
Lists devices.
path uniquely defines device between more connected devices. Two different devices (or device connected and disconnected) will return different paths.
If session is null, nobody else is using the device; if it's string, it identifies who is using it.
/listen
POST
request body: previous, as JSON like enumerate Listen to changes and returns either on change or after 30 second timeout. Compares change from previous that is sent as a parameter. "Change" is both connecting/disconnecting and session change.
/acquire/PATH/PREVIOUS
POST
PATH: path of device
PREVIOUS: previous session (or string "null")
{session: string} Acquires the device at PATH. By "acquiring" the device, you are claiming the device for yourself.
Before acquiring, checks that the current session is PREVIOUS.
If two applications call acquire on a newly connected device at the same time, only one of them succeed.
/release/SESSION
POST
SESSION: session to release {} Releases the device with the given session.
By "releasing" the device, you claim that you don't want to use the device anymore.
/call/SESSION
POST
SESSION: session to call

request body: hexadecimal string
hexadecimal string Both input and output are hexadecimal, encoded in following way:
first 2 bytes (4 characters in the hexadecimal) is the message type
next 4 bytes (8 in hex) is length of the data
the rest is the actual encoded protobuf data.
Protobuf messages are defined in this protobuf file and the app, calling trezord, should encode/decode it itself.
/post/SESSION
POST
SESSION: session to call

request body: hexadecimal string
0 Similar to call, just doesn't read response back. Also forces the message to be sent even if another call is in progress. Usable mainly for debug link and workflow cancelling on Trezor.
/read/SESSION
POST
SESSION: session to call 0 Similar to call, just doesn't post, only reads. Usable mainly for debug link.

Debug link support

Trezord has support for debug link.

To support an emulator with debug link, run

./trezord-go -ed 21324:21325 -u=false

this will detect emulator debug link on port 21325, with regular device on 21324.

To support WebUSB devices with debug link, no option is needed, just run trezord-go.

In the enumerate and listen results, there are now two new fields: debug and debugSession. debug signals that device can receive debug link messages.

Session management is separate for debug link and normal interface, so you can have two applications - one controlling trezor and one "normal".

There are new calls:

The session IDs for debug link start with the string "debug".

Copyright