Draft
Conversation
Add comprehensive TinyGo compilation tests for 32-bit RISC-V targets: - Basic crypto test (SHA256, ECDSA P-256, elliptic curves) - Full verification stack test (including x509, CBOR, Borsh) Key findings: - All verification code compiles successfully for 32-bit RISC-V - crypto/x509 works in TinyGo 0.39.0 (previously expected blocker) - Binary sizes: 4.6MB (basic), 3.1MB (full verification) - Bare-metal execution (no OS required) See TINYGO_COMPATIBILITY_REPORT.md for detailed analysis. Co-Authored-By: Claude <noreply@anthropic.com>
prasanna-anchorage
changed the base branch from
main
to
feat/refactor-to-release
Add skeleton implementation for Tropic Square TROPIC01 secure element integration: - Hardware-accelerated P-256 ECDSA verification interface - Minimal verifier for offline attestation verification - Integration plan and documentation - Example command-line tool - Unit test structure This is a skeleton implementation waiting for libtropic SDK publication. Once the SDK is available, device.go will be replaced with CGo bindings. Key components: - pkg/tropicsquare/: Core integration package - cmd/tropicsquare-verify/: CLI verification tool - TROPIC_SQUARE_INTEGRATION_PLAN.md: Detailed integration roadmap Benefits of hardware acceleration: - Smaller code size (~100KB vs 3.1MB) - Faster verification with hardware crypto - Lower power consumption - Tamper-proof execution See TROPIC_SQUARE_INTEGRATION_PLAN.md for next steps. Co-Authored-By: Claude <noreply@anthropic.com>
Implement attestation verification using Go's crypto/ecdsa (no SDK needed): - Add device_purego.go: Pure Go ECDSA P-256 verification - Remove device.go: Old stub replaced with working implementation - Update tropicsquare.go: Handle 64 and 65-byte public keys - Update types.go: Add initialized field to Device - Add IMPLEMENTATION_NOTES.md: Detailed design rationale Key decision: libtropic SDK not needed for verification - libtropic's lt_ecc_ecdsa_sig_verify is HOST-SIDE software - Uses trezor-crypto under the hood (excellent, but not hardware) - Go's crypto/ecdsa provides same security, zero dependencies - Simpler build, faster compilation, TinyGo compatible When IS libtropic SDK needed? - Hardware signing (keys in TROPIC01 secure storage) - Hardware RNG - Key provisioning - Firmware updates - See future examples/hardware-wallet/ for SDK integration Co-Authored-By: Claude <noreply@anthropic.com>
Hardware wallet architecture example: - TROPIC01: Hardware signing with private keys - RISC-V: Pure Go verification and UI - Communication: SPI/UART protocol Components: - examples/hardware-wallet/README.md - Architecture overview - protocol.md - Binary communication protocol - riscv-verifier/ - TinyGo code for RISC-V board Demonstrates separation of concerns: - Signing (secret) → TROPIC01 + libtropic SDK - Verification (public) → RISC-V + pure Go crypto Co-Authored-By: Claude <noreply@anthropic.com>
Document binary size reduction for RISC-V targets: Test results (full verification stack): - Original (with debug): 3.1M - With -no-debug: 1.5M (52% reduction) ✅ - With strip: FAILED (doesn't recognize bare-metal RISC-V) - With UPX: FAILED (RISC-V not supported) Key findings: - Only -no-debug flag works for RISC-V bare-metal - System strip fails (wrong ELF format) - UPX fails (no RISC-V support) - 52% reduction is achievable and tested Recommendation: Use -no-debug for production (1.5M final size) Co-Authored-By: Claude <noreply@anthropic.com>
This was referenced Dec 27, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.