keyfork/CHANGELOG.md

# Keyfork v0.2.4

This release includes a lot of "maintenance" changes, without any changes in
end-user functionality.

### Changes in keyfork:

The most significant change in this release is the reorganization of some of
the subcommands, where they would be better as enum-traits, such as `keyfork
derive` and `keyfork wizard`.

```
b254ba7 cleanup post-merge
58d3c34 Merge branch 'main' into ryansquared/staging-since-latest
35f57fc Merge branch 'ryansquared/keyfork-mnemonic-refactors'
a2eb5fd bump dependencies with listed vulnerabilities (not affected)
5219c5a keyfork: enum-trait-ify choose-your-own commands
b26f296 keyfork-derive-path-data: move all pathcrafting here
35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic
f5627e5 keyfork-mnemonic-util: impl try_from_slice and from_array
02e5b54 keyfork-mnemonic-util::generate_seed: return const size array
```

### Changes in keyfork-derive-openpgp:

```
b254ba7 cleanup post-merge
35f57fc Merge branch 'ryansquared/keyfork-mnemonic-refactors'
a2eb5fd bump dependencies with listed vulnerabilities (not affected)
b26f296 keyfork-derive-path-data: move all pathcrafting here
```

### Changes in keyfork-derive-path-data:

This change now centralizes all special Keyfork paths. This means crates should
no longer be required to implement their own path parsing logic.

```
b26f296 keyfork-derive-path-data: move all pathcrafting here
```

### Changes in keyfork-derive-util:

```
35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic
```

### Changes in keyfork-mnemonic:

`keyfork-mnemonic-util` has finally been renamed to `keyfork-mnemonic`. The
method names `as_bytes() => as_slice()`, `to_bytes() => to_vec()`, and
`into_bytes() => into_vec()`, and the function names
`from_bytes() => try_from_slice()` and
`from_nonstandard_bytes() => from_array()`, have been implemented to more
closely represent the native types they are representing. Additionally,
`Mnemonic::generate_seed()` has been modified to return a constant size array;
this is a breaking change, but should have minimal impact.

```
35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic
3ee81b6 keyfork-mnemonic-util: impl as_slice to_vec into_vec
f5627e5 keyfork-mnemonic-util: impl try_from_slice and from_array
02e5b54 keyfork-mnemonic-util::generate_seed: return const size array
```

### Changes in keyfork-prompt:

```
35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic
```

### Changes in keyfork-shard:

```
58d3c34 Merge branch 'main' into ryansquared/staging-since-latest
35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic
f5627e5 keyfork-mnemonic-util: impl try_from_slice and from_array
```

### Changes in keyforkd:

```
35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic
02e5b54 keyfork-mnemonic-util::generate_seed: return const size array
536e6da keyforkd{,-client}: lots of documentationings
```

### Changes in keyforkd-client:

```
536e6da keyforkd{,-client}: lots of documentationings
```

# Keyfork v0.2.3

This release includes a bugfix for the wizard where the wizard was too strict
about when keys were "alive".

### Changes in keyfork:

```
dd4354f keyfork: bump keyfork-shard
```

### Changes in keyfork-shard:

```
ba64db8 update Cargo.toml and Cargo.lock
fa84a2a keyfork-shard: Be less strict about keys
```

# Keyfork v0.2.2

This release adds a new wizard, intended to be used at DEFCON 32.

### Changes in keyfork:

```
8d40d26 keyfork: add `bottoms-up` wizard
```

### Changes in keyfork-derive-openpgp:

This change also includes a minor change, allowing the derivation path for
`keyfork-derive-openpg` to derive further than two paths, which was useful in
the testing of the wizard.

```
8d40d26 keyfork: add `bottoms-up` wizard
```

# Keyfork v0.2.1

This release contains an emergency bugfix for Keyfork Shard, which previously
would not be able to properly verify the length of remote shard QR codes.

# Keyfork v0.2.0

Some of the changes in this release are based on feedback from audits
(publications coming soon!). The previous version of Keyfork, in almost every
configuration, is safe to use. The most significant change in this version
affects Keyfork Shard, which has an incompatible difference between this
version and the previous version. Information about shards, such as the length
of the shard, could be leaked and discovered by an attacker when using the
Remote Shard recovery mechanism.

An additional change is the requirement of hardened indices on the first two
levels of key derivation. This is due to Keyfork potentially leaking private
keys when hardened derivation is not used. To be completely honest, I don't
entirely understand the math behind it.

There is no reason to upgrade if Keyfork has been used as-is, as all supported
provisioners at this point in time require hardened derivation at all steps.

### Changes in keyfork:

```
d04989e keyfork-derive-util: make key parsing fallible again, since secp256k1 isn't guaranteed correct
5d2309e keyfork-prompt: add SecurePinValidator for making new, secure, PINs
cdf4015 keyfork wizard: use correct derivation path for re-deriving shard decryption keys
f0e5ae9 keyfork-derive-openpgp: document KEYFORK_OPENPGP_EXPIRE
289cec3 keyfork wizard: upcast i and index to avoid wrapping add
9394500 keyfork-shard: generate nonce using hkdf
```

### Changes in keyfork-derive-openpgp:

```
f0e5ae9 keyfork-derive-openpgp: document KEYFORK_OPENPGP_EXPIRE
9f089e7 keyfork-derive-openpgp: use .first() in place of .get(0)
```

### Changes in keyfork-derive-util:

```
de4e98a keyfork-derive-util: black-box checking all zeroes
48ccd7c keyfork-derive-util: add note about potential side-channel when verifying keys
d04989e keyfork-derive-util: make key parsing fallible again, since secp256k1 isn't guaranteed correct
1de466c keyfork-derive-util: allow zeroable input for non-master-key derivation
61871a7 keyfork-derive-util: make private and public test keys more visible
2bca0a1 keyfork-derive-util: make Test{Public,Private}Key public, rename Internal algorithm
```

### Changes in keyfork-entropy:

```
5438f4e keyfork-entropy: downgrade entropy size limit to warning
```

### Changes in keyfork-mnemonic-util:

```
001fc0b remove trailing hitespace :(
6a265ad keyfork-mnemonic-util: add MnemonicBase::from_nonstandard_bytes
```

### Changes in keyfork-prompt:

```
5d2309e keyfork-prompt: add SecurePinValidator for making new, secure, PINs
```

### Changes in keyfork-qrcode:

```
fa125e7 keyfork-qrcode: prefer Instant over SystemTime for infallible time comparison
```

### Changes in keyfork-shard:

```
d04989e keyfork-derive-util: make key parsing fallible again, since secp256k1 isn't guaranteed correct
1a036a0 keyfork-shard: clean up documentation for encrypted shard padding
e068743 keyfork-shard: display error message on duplicate key fingerprints found
23db509 keyfork-shard: improve wording for counting shardholders
9461772 keyfork-shard: ignore duplicate certificate entries
6a265ad keyfork-mnemonic-util: add MnemonicBase::from_nonstandard_bytes
c0b19e2 keyfork-shard: assert shared secrets are contributory
0fe5301 keyfork-shard: add in bug messages
08a66e2 keyfork-shard: base64 encode content instead of base16
6fa434e keyfork-shard: shorten length and pad inside encrypted block
9394500 keyfork-shard: generate nonce using hkdf
194d475 keyfork-shard: validate signatures using shard-specific validation requirements
```

### Changes in keyfork-zbar:

```
0c76869 .cargo/config.toml: add registry configuration :)
```

### Changes in keyforkd:

```
bcfcc87 keyforkd: add warning when loading seed with less than 128 bits
40551a5 keyforkd: require hardened derivation on two highest indexes
```

### Changes in keyforkd-client:

```
d04989e keyfork-derive-util: make key parsing fallible again, since secp256k1 isn't guaranteed correct
1de466c keyfork-derive-util: allow zeroable input for non-master-key derivation
40551a5 keyforkd: require hardened derivation on two highest indexes
```

### Changes in keyforkd-models:

```
40551a5 keyforkd: require hardened derivation on two highest indexes
```

# Keyfork v0.1.0

### Tagged releases:

* `keyfork-bin 0.1.0`
* `keyfork-bug 0.1.0`
* `keyfork-crossterm 0.27.1`
* `keyfork-derive-key 0.1.0`
* `keyfork-derive-openpgp 0.1.0`
* `keyfork-derive-path-data 0.1.0`
* `keyfork-derive-util 0.1.0`
* `keyfork-entropy 0.1.0`
* `keyfork-frame 0.1.0`
* `keyfork-mnemonic-util 0.2.0`
* `keyfork-prompt 0.1.0`
* `keyfork-qrcode 0.1.0`
* `keyfork-shard 0.1.0`
* `keyfork-slip10-test-data 0.1.0`
* `keyfork 0.1.0`
* `keyfork-zbar-sys 0.1.0`
* `keyfork-zbar 0.1.0`
* `keyforkd-client 0.1.0`
* `keyforkd-models 0.1.0`
* `keyforkd 0.1.0`
* `smex 0.1.0`
release keyfork v0.2.4 2024-08-11 21:31:10 +00:00			`# Keyfork v0.2.4`

			`This release includes a lot of "maintenance" changes, without any changes in`
			`end-user functionality.`

			`### Changes in keyfork:`

			`The most significant change in this release is the reorganization of some of`
			the subcommands, where they would be better as enum-traits, such as `keyfork
			derive` and `keyfork wizard`.

			```
			`b254ba7 cleanup post-merge`
			`58d3c34 Merge branch 'main' into ryansquared/staging-since-latest`
			`35f57fc Merge branch 'ryansquared/keyfork-mnemonic-refactors'`
			`a2eb5fd bump dependencies with listed vulnerabilities (not affected)`
			`5219c5a keyfork: enum-trait-ify choose-your-own commands`
			`b26f296 keyfork-derive-path-data: move all pathcrafting here`
			`35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic`
			`f5627e5 keyfork-mnemonic-util: impl try_from_slice and from_array`
			`02e5b54 keyfork-mnemonic-util::generate_seed: return const size array`
			```

			`### Changes in keyfork-derive-openpgp:`

			```
			`b254ba7 cleanup post-merge`
			`35f57fc Merge branch 'ryansquared/keyfork-mnemonic-refactors'`
			`a2eb5fd bump dependencies with listed vulnerabilities (not affected)`
			`b26f296 keyfork-derive-path-data: move all pathcrafting here`
			```

			`### Changes in keyfork-derive-path-data:`

			`This change now centralizes all special Keyfork paths. This means crates should`
			`no longer be required to implement their own path parsing logic.`

			```
			`b26f296 keyfork-derive-path-data: move all pathcrafting here`
			```

			`### Changes in keyfork-derive-util:`

			```
			`35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic`
			```

			`### Changes in keyfork-mnemonic:`

			`keyfork-mnemonic-util` has finally been renamed to `keyfork-mnemonic`. The
			method names `as_bytes() => as_slice()`, `to_bytes() => to_vec()`, and
			`into_bytes() => into_vec()`, and the function names
			`from_bytes() => try_from_slice()` and
			`from_nonstandard_bytes() => from_array()`, have been implemented to more
			`closely represent the native types they are representing. Additionally,`
			`Mnemonic::generate_seed()` has been modified to return a constant size array;
			`this is a breaking change, but should have minimal impact.`

			```
			`35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic`
			`3ee81b6 keyfork-mnemonic-util: impl as_slice to_vec into_vec`
			`f5627e5 keyfork-mnemonic-util: impl try_from_slice and from_array`
			`02e5b54 keyfork-mnemonic-util::generate_seed: return const size array`
			```

			`### Changes in keyfork-prompt:`

			```
			`35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic`
			```

			`### Changes in keyfork-shard:`

			```
			`58d3c34 Merge branch 'main' into ryansquared/staging-since-latest`
			`35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic`
			`f5627e5 keyfork-mnemonic-util: impl try_from_slice and from_array`
			```

			`### Changes in keyforkd:`

			```
			`35ab5e6 keyfork-mnemonic-util => keyfork-mnemonic`
			`02e5b54 keyfork-mnemonic-util::generate_seed: return const size array`
			`536e6da keyforkd{,-client}: lots of documentationings`
			```

			`### Changes in keyforkd-client:`

			```
			`536e6da keyforkd{,-client}: lots of documentationings`
			```

			`# Keyfork v0.2.3`

			`This release includes a bugfix for the wizard where the wizard was too strict`
			`about when keys were "alive".`

			`### Changes in keyfork:`

			```
			`dd4354f keyfork: bump keyfork-shard`
			```

			`### Changes in keyfork-shard:`

			```
			`ba64db8 update Cargo.toml and Cargo.lock`
			`fa84a2a keyfork-shard: Be less strict about keys`
			```

			`# Keyfork v0.2.2`

			`This release adds a new wizard, intended to be used at DEFCON 32.`

			`### Changes in keyfork:`

			```
			8d40d26 keyfork: add `bottoms-up` wizard
			```

			`### Changes in keyfork-derive-openpgp:`

			`This change also includes a minor change, allowing the derivation path for`
			`keyfork-derive-openpg` to derive further than two paths, which was useful in
			`the testing of the wizard.`

			```
			8d40d26 keyfork: add `bottoms-up` wizard
			```

keyfork-shard: verify QR code length correctly 2024-05-29 20:15:17 +00:00			`# Keyfork v0.2.1`

			`This release contains an emergency bugfix for Keyfork Shard, which previously`
			`would not be able to properly verify the length of remote shard QR codes.`

crates: bump versions 2024-05-16 04:29:28 +00:00			`# Keyfork v0.2.0`

			`Some of the changes in this release are based on feedback from audits`
			`(publications coming soon!). The previous version of Keyfork, in almost every`
			`configuration, is safe to use. The most significant change in this version`
			`affects Keyfork Shard, which has an incompatible difference between this`
			`version and the previous version. Information about shards, such as the length`
			`of the shard, could be leaked and discovered by an attacker when using the`
			`Remote Shard recovery mechanism.`

			`An additional change is the requirement of hardened indices on the first two`
			`levels of key derivation. This is due to Keyfork potentially leaking private`
			`keys when hardened derivation is not used. To be completely honest, I don't`
			`entirely understand the math behind it.`

			`There is no reason to upgrade if Keyfork has been used as-is, as all supported`
			`provisioners at this point in time require hardened derivation at all steps.`

			`### Changes in keyfork:`

			```
			`d04989e keyfork-derive-util: make key parsing fallible again, since secp256k1 isn't guaranteed correct`
			`5d2309e keyfork-prompt: add SecurePinValidator for making new, secure, PINs`
			`cdf4015 keyfork wizard: use correct derivation path for re-deriving shard decryption keys`
			`f0e5ae9 keyfork-derive-openpgp: document KEYFORK_OPENPGP_EXPIRE`
			`289cec3 keyfork wizard: upcast i and index to avoid wrapping add`
			`9394500 keyfork-shard: generate nonce using hkdf`
			```

			`### Changes in keyfork-derive-openpgp:`

			```
			`f0e5ae9 keyfork-derive-openpgp: document KEYFORK_OPENPGP_EXPIRE`
			`9f089e7 keyfork-derive-openpgp: use .first() in place of .get(0)`
			```

			`### Changes in keyfork-derive-util:`

			```
			`de4e98a keyfork-derive-util: black-box checking all zeroes`
			`48ccd7c keyfork-derive-util: add note about potential side-channel when verifying keys`
			`d04989e keyfork-derive-util: make key parsing fallible again, since secp256k1 isn't guaranteed correct`
			`1de466c keyfork-derive-util: allow zeroable input for non-master-key derivation`
			`61871a7 keyfork-derive-util: make private and public test keys more visible`
			`2bca0a1 keyfork-derive-util: make Test{Public,Private}Key public, rename Internal algorithm`
			```

			`### Changes in keyfork-entropy:`

			```
			`5438f4e keyfork-entropy: downgrade entropy size limit to warning`
			```

			`### Changes in keyfork-mnemonic-util:`

			```
			`001fc0b remove trailing hitespace :(`
			`6a265ad keyfork-mnemonic-util: add MnemonicBase::from_nonstandard_bytes`
			```

			`### Changes in keyfork-prompt:`

			```
			`5d2309e keyfork-prompt: add SecurePinValidator for making new, secure, PINs`
			```

			`### Changes in keyfork-qrcode:`

			```
			`fa125e7 keyfork-qrcode: prefer Instant over SystemTime for infallible time comparison`
			```

			`### Changes in keyfork-shard:`

			```
			`d04989e keyfork-derive-util: make key parsing fallible again, since secp256k1 isn't guaranteed correct`
			`1a036a0 keyfork-shard: clean up documentation for encrypted shard padding`
			`e068743 keyfork-shard: display error message on duplicate key fingerprints found`
			`23db509 keyfork-shard: improve wording for counting shardholders`
			`9461772 keyfork-shard: ignore duplicate certificate entries`
			`6a265ad keyfork-mnemonic-util: add MnemonicBase::from_nonstandard_bytes`
			`c0b19e2 keyfork-shard: assert shared secrets are contributory`
			`0fe5301 keyfork-shard: add in bug messages`
			`08a66e2 keyfork-shard: base64 encode content instead of base16`
			`6fa434e keyfork-shard: shorten length and pad inside encrypted block`
			`9394500 keyfork-shard: generate nonce using hkdf`
			`194d475 keyfork-shard: validate signatures using shard-specific validation requirements`
			```

			`### Changes in keyfork-zbar:`

			```
			`0c76869 .cargo/config.toml: add registry configuration :)`
			```

			`### Changes in keyforkd:`

			```
			`bcfcc87 keyforkd: add warning when loading seed with less than 128 bits`
			`40551a5 keyforkd: require hardened derivation on two highest indexes`
			```

			`### Changes in keyforkd-client:`

			```
			`d04989e keyfork-derive-util: make key parsing fallible again, since secp256k1 isn't guaranteed correct`
			`1de466c keyfork-derive-util: allow zeroable input for non-master-key derivation`
			`40551a5 keyforkd: require hardened derivation on two highest indexes`
			```

			`### Changes in keyforkd-models:`

			```
			`40551a5 keyforkd: require hardened derivation on two highest indexes`
			```

			`# Keyfork v0.1.0`

			`### Tagged releases:`

			* `keyfork-bin 0.1.0`
			* `keyfork-bug 0.1.0`
			* `keyfork-crossterm 0.27.1`
			* `keyfork-derive-key 0.1.0`
			* `keyfork-derive-openpgp 0.1.0`
			* `keyfork-derive-path-data 0.1.0`
			* `keyfork-derive-util 0.1.0`
			* `keyfork-entropy 0.1.0`
			* `keyfork-frame 0.1.0`
			* `keyfork-mnemonic-util 0.2.0`
			* `keyfork-prompt 0.1.0`
			* `keyfork-qrcode 0.1.0`
			* `keyfork-shard 0.1.0`
			* `keyfork-slip10-test-data 0.1.0`
			* `keyfork 0.1.0`
			* `keyfork-zbar-sys 0.1.0`
			* `keyfork-zbar 0.1.0`
			* `keyforkd-client 0.1.0`
			* `keyforkd-models 0.1.0`
			* `keyforkd 0.1.0`
			* `smex 0.1.0`