All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
Dates are in dd-mm-yyyy
format.
- Major revamp of the UI for transaction signing and wallet policy registration on Stax. Changed "wallet policy" with the simpler wording "account".
- Slight performance improvements in the signing flow.
- Added a technical limit of at most 10 distinct cosigners in a wallet policy.
- OP_RETURN outputs with a
0x00
data push were incorrectly rejected.
- Support for signing transactions with
OP_RETURN
outputs extended to up to 5 push opcodes, instead of a single one.
- During wallet policy registration, the app will recognize and explicitly label as
dummy
any extended public key whose compressed pubkey is0250929b74c1a04954b78b4b6035e97a5e078a5a0f28ec96d547bfee9ace803ac0
. This is useful especially for taproot miniscript policies which do not intend to use keypath spending.
- Message signing: will now show the full text of the message, instead of its hash. If the message is too long (over 640 characters) or it contains non-printable characters (not in the range
0x20..0x70
, inclusive), then the SHA256 hash will be shown, as in previous versions of the app. - Transaction signing: changed the wording to make the ux slightly simpler and clearer.
- Signing failure for certain taproot policies in versions 2.1.2, 2.1.3 and 2.2.0: returned tapleaf hashes (and corresponding signatures) are incorrect if the descriptor template has a derivation path not ending for
/**
or/<0;1>/*
for that key.
- 🥕 Support for miniscript on taproot wallet policies.
- Warning if the fees are above 10% of the amount, if the total amount is above 10000 sats (0.0001 ₿).
- Increased limits for the maximum in-memory size of wallet policies.
- Improved UX for self-transfers, that is, transactions where all the outputs are change outputs.
- Outputs containing a single
OP_RETURN
(without any data push) can now be signed in order to support BIP-0322 implementations.
- Wrong address generation for miniscript policies containing an unusual
thresh(1,X)
fragment (that is, with threshold 1, and a single condition). This should not happen in practice, as the policy is redundant for justX
. Client libraries have been updated to detect and prevent usage of these policies. - Resolved a slight regression in signing performance introduced in v2.1.2.
- 🥕 Initial support for taproot scripts; taproot trees support up to 8 leaves, and the only supported scripts in tapleaves are
pk
,multi_a
andsortedmulti_a
.
- Miniscript policies containing an
a:
fragment returned an incorrect address in versions2.1.0
and2.1.1
of the app. The upgrade is strongly recommended for users of miniscript wallets. - The app will now reject showing or returning an address for a wallet policy if the
address_index
is larger than or equal to2147483648
; previous version would return an address for a hardened derivation, which is undesirable. - Nested segwit transactions (P2SH-P2WPKH and P2SH-P2WSH) can now be signed (with a warning) if the PSBT contains the witness-utxo but no non-witness-utxo. This aligns their behavior to other types of Segwitv0 transactions since version 2.0.6.
- Allow silent xpub exports at the
m/45'/coin_type'/account'
derivation paths. - Allow silent xpub exports for any unhardened child of an allowed path.
- Allow up to 8 derivation steps for BIP-32 paths (instead of 6).
- Miniscript support on SegWit.
- Improved support for wallet policies.
- Support for sighash flags.
- Wallet policies now allow external keys with no key origin information.
- Wallet policies now allow multiple internal keys.
- Support for legacy protocol (pre-2.0.0 version) and support for altcoins, now done via separate apps. Substantial binary size reduction as a consequence.
- Support signing of segwit V0 transactions with unverified inputs for compatibility with software unable to provide the previous transaction.
- Fixed bug preventing signing transactions with external inputs (or with mixed script types).
- Technical release; restore compatibility with some client libraries that rely on deprecated legacy behavior.
- Support for OP_RETURN outputs.
- Full support for app-exchange swaps.
- JS/TypeScript client library.
- Increased max number of inputs during signing from 64 to 512; removed limit on the number of outputs.
- Various performance improvements.
- Fixed bug preventing signing segwit inputs in the presence of legacy inputs.
Fix bug in visualization of large transaction amounts.
Native support for Bitcoin Message Signing.
Thecnical release for Nano S Firmware v2.1.0. Small reduction in app size.
First public release. 🎉