Summary
Add Trezor hardware wallet support as FIDO2 challenge-response providers. Trezor devices support the FIDO2 hmac-secret extension but have unique interaction patterns that require device-specific implementations.
Background
Trezor devices handle user interaction differently than YubiKey:
- Model T: Touchscreen for all interaction (PIN entry, confirmation)
- Model One: Physical buttons + blind matrix PIN entry
The blind matrix PIN system on Model One is particularly unique - the device displays a 3x3 grid with randomized number positions, and the user enters positions (not numbers) on the host, so the PIN is never exposed to the host computer.
Proposed Implementation
from kdbxtool import TrezorModelT, TrezorModelOne
# Model T - touchscreen interaction
provider = TrezorModelT(
credential_id=stored_id,
on_message=lambda msg: print(msg), # "Enter PIN on your Trezor..."
)
# Model One - blind matrix PIN
provider = TrezorModelOne(
credential_id=stored_id,
on_message=lambda msg: print(msg),
on_pin_matrix=lambda: input("Enter positions: "), # Returns e.g. "147"
)
db = Database.open("vault.kdbx", password="secret", challenge_response_provider=provider)Implementation Details
Both classes extend Fido2HmacSecret ABC and implement device-specific _get_user_interaction():
TrezorModelT
on_message callback for prompts ("Enter PIN on your Trezor...", "Confirm...")- All PIN/confirmation happens on device touchscreen
- Host just needs to inform user what to do
TrezorModelOne
on_message callback for promptson_pin_matrix callback for blind matrix PIN entry- Callback should display 3x3 position grid, return clicked positions as string
Tasks
Related
Summary
Add Trezor hardware wallet support as FIDO2 challenge-response providers. Trezor devices support the FIDO2 hmac-secret extension but have unique interaction patterns that require device-specific implementations.
Background
Trezor devices handle user interaction differently than YubiKey:
The blind matrix PIN system on Model One is particularly unique - the device displays a 3x3 grid with randomized number positions, and the user enters positions (not numbers) on the host, so the PIN is never exposed to the host computer.
Proposed Implementation
Implementation Details
Both classes extend
Fido2HmacSecretABC and implement device-specific_get_user_interaction():TrezorModelT
on_messagecallback for prompts ("Enter PIN on your Trezor...", "Confirm...")TrezorModelOne
on_messagecallback for promptson_pin_matrixcallback for blind matrix PIN entryTasks
TrezorModelTclassTrezorModelOneclass_TrezorModelTInteractionUserInteraction handler_TrezorModelOneInteractionUserInteraction handler__init__.pyfilesRelated
feature/trezor-fido2has initial implementation ready for testing