Releases: keepkey/keepkey-firmware
Release v7.2.1
New Features
Bug Fixes / Other Changes
- This version fixes bugs in the Ethereum EIP-1559 type transactions and disallows Eth transaction types that are not either legacy or EIP-1559.
Security Improvements
Release v7.1.8
New Features
- Supports new fee structure in EIP-1559 (Ethereum London hard fork).
Bug Fixes / Other Changes
- Remove obsolete market exchange support.
- Fix build reproducibility between case sensitive and non-case sensitive operating systems.
- Changed emulator UDP port to remove conflicts.
- Code efficiency improvements.
Security Improvements
- Timing fuzzed direct check of thread/handler mode prior to attempting change in firmware.
Release v7.1.7
(This release supersedes v7.1.5; it is identical except for the fix for #281. We skipped v7.1.6 as #283 affected that particular build artifact.)
New Features
- Message signing for Sablier token streams (6c19f74)
- Message signing for 0x ERC-20 Transformations (9038bf1)
- Message signing for three additional Tendermint-based chains: Terra, Kava, and Secret (fad542c)
Bug Fixes / Other Changes
- Updated certain upstream dependencies (specifically
trezor-cryptoandnanopb) - Fix
canDropPrivs()change breaking unofficial firmware builds (fixes #281) (0834dd8)
Security Improvements
-
Stricter checks when performing certain string and pointer operations (7263d78, cc35343, 7d6bfe0, 772d47c)
These checks are incremental security enhancements which improve KeepKey's resistance against certain types of theoretical attacks.
-
Improvements to the tamper-resistance of
canDropPrivs()(1ee165c, 0527170)This is a mitigation for a potential electrical glitching attack disclosed to us by Christian Reitter. This attack requires sophisticated tools and physical possession of your KeepKey, and we have no evidence that it has ever occurred outside of a laboratory setting. Please refer to our published advisory for more information.
Release v7.1.5
(This build was affected by #281, and has been superceded by v7.1.7 which is otherwise identical.)
Release v7.1.4
Native RUNE transactions supported.
Note: There was no release of v7.1.3
Release v7.1.2
Update GCC compiler to 10.2.1
Release v7.1.1
Improved UX: Thorchain transaction confirmation screens
Release v7.1.0
Thorchain ADD liquidity parsing and confirm
Uniswap liquidity tx parsing and confirm
Security improvements
Bug fixes
Release v7.0.3
Added native RUNE
Added Uniswap support
Added THORChain swap support for BTC and ETH
IMPORTANT NOTICE
This version contains a critical vulnerability. While it remains available for historical and research purposes, you should not use it outside of a laboratory environment.
If you have installed this version, update immediately to v7.1.2 or later.
We are not currently aware of any attacks in the wild exploiting this issue, but a successful attack may lead to key compromise.
A successful attack requires that a KeepKey to be running this particular version, be connected and unlocked, and for the user to either allow a malicious website to access it or to download and run a malicious program. It may also result in abnormal messages such as "memory fault detected" or "error detected".
If you are concerned that your keys may have been compromised, consider rotating your mnemonic.
Release v6.7.0
Added ~600 new ERC20 tokens for 0x swapping.
Updated webusb notice to correct URL.
Minor bug fixes and enhancements.