chore(firmware): add T1B1 bootloader_hash for versions above 1.8.0#172
Conversation
| click.secho( | ||
| "Warning: for T1B1 you should manually backfill the bootloader_hash from trezor-firmware/legacy/firmware/bl_check.txt", | ||
| fg="yellow", | ||
| ) |
There was a problem hiding this comment.
It'd be more fragile to extract this value from firmware, so I'd rather not do it. It's optional proeprty anyway.
There was a problem hiding this comment.
I read in the suite issue https://github.com/trezor/trezor-suite-private/issues/209 that bootloader hash mismatch should be treated as a hard failure. So how is it an optional property?
There was a problem hiding this comment.
Sorry for confusion, I'll clarify: optional in data.trezor.io configs (only some FW releases have it defined), but for Suite the value will be binding, i.e. if Suite receives the bootloader_hash in the FW release, it will be expected from the device as mandatory.
obrusvit
left a comment
There was a problem hiding this comment.
I briefly checked the hashes against sources and didn't spot any issues.
I think it's fine that we put the values there manually because we will probably never release new bootloaders for T1B1.
Had one question in the comment.
As part of https://github.com/trezor/trezor-suite-private/issues/209,
backfill optional property
bootloader_hashto T1B1 with FW versions >=1.9.0(those are supported by Suite/Connect, it's not worth it to backfill it for lower versions).
Sources:
https://github.com/trezor/trezor-firmware/blob/main/legacy/firmware/bl_check.c#L112-L237
https://github.com/trezor/trezor-firmware/blob/main/legacy/firmware/bl_check.txt
I double checked, but please check it yourself.