@onekeyfe/hwk-adapter-core 1.1.29 → 1.1.31-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.mts CHANGED
@@ -1,133 +1,7 @@
1
- /**
2
- * HWK HardwareErrorCode independent namespace from the legacy
3
- * `@onekeyfe/shared` HardwareErrorCode (which occupies 0-902).
4
- *
5
- * All HWK codes are 5-digit (>= 10000) so the two tables never collide
6
- * even if either side grows. Each sub-category gets a 100-slot block.
7
- *
8
- * 10000-10099 Generic / cross-cutting primitives
9
- * 10100-10199 Device state
10
- * 10200-10299 Firmware
11
- * 10300-10399 Transport + OS-level permission
12
- * 10400-10499 PIN / Passphrase
13
- * 10500-10599 App lifecycle (wrong app, not open, too old)
14
- * 10600-10999 RESERVED — future adapter-level categories
15
- *
16
- * 11000-11099 EVM APDU (reactive mapping)
17
- * 11100-11199 Solana APDU
18
- * 11200-11299 Tron APDU
19
- * 11300-11399 BTC APDU
20
- * 11400-11999 RESERVED — future chain APDU blocks (100 per chain)
21
- *
22
- * 12000-99999 RESERVED — future major categories
23
- */
24
- declare enum HardwareErrorCode {
25
- UnknownError = 10000,
26
- UserRejected = 10001,
27
- InvalidParams = 10002,
28
- OperationTimeout = 10003,
29
- MethodNotSupported = 10004,
30
- /** User dismissed in-app cancel UI. Distinct from UserRejected (on-device). */
31
- UserAborted = 10005,
32
- DeviceNotFound = 10100,
33
- DeviceDisconnected = 10101,
34
- DeviceBusy = 10102,
35
- DeviceLocked = 10103,
36
- DeviceNotInitialized = 10104,
37
- DeviceInBootloader = 10105,
38
- DeviceMismatch = 10106,
39
- /** Chain app wedged (e.g. Ledger BTC 0x6901). User must exit app on device. */
40
- DeviceAppStuck = 10107,
41
- /** Vendor (Ledger / Trezor) doesn't support the chain at all. */
42
- ChainNotSupported = 10108,
43
- /** Current operation supports only one connected device. */
44
- DeviceOneDeviceOnly = 10109,
45
- FirmwareTooOld = 10200,
46
- FirmwareUpdateRequired = 10201,
47
- TransportError = 10300,
48
- BridgeNotFound = 10301,
49
- TransportNotAvailable = 10302,
50
- /**
51
- * OS-level permission (Bluetooth / USB / etc.) — denied, blocked,
52
- * unavailable, or dismissed. Consumers surface a single "please grant
53
- * permission" toast and let the user retry manually.
54
- */
55
- DevicePermissionDenied = 10303,
56
- /**
57
- * BLE SMP pairing did not complete within the GATT bonding window.
58
- * GATT connected but the device didn't acknowledge SMP — typically
59
- * because the user didn't confirm the passkey on the device, or the
60
- * device went out of range mid-pairing. Distinct from OperationTimeout
61
- * (generic) and from DeviceLocked (Secure Element actually locked).
62
- */
63
- BlePairingTimeout = 10304,
64
- /** Remote network failure reaching a vendor's servers (HTTP/WS). Distinct from TransportError (local USB/BLE link). */
65
- NetworkError = 10305,
66
- PinInvalid = 10400,
67
- PinCancelled = 10401,
68
- PassphraseRejected = 10402,
69
- /** Chain app NOT INSTALLED on device. User must install via Ledger Live. */
70
- AppNotInstalled = 10500,
71
- WrongApp = 10501,
72
- /** 0x911c Command code not supported — app predates current SDK. */
73
- AppTooOld = 10502,
74
- /** Not enough free storage for install/update; user must uninstall apps first. */
75
- DeviceOutOfMemory = 10503,
76
- /** 0x6a80 Invalid data — observed on blindSignTransactionFallback when the
77
- * user has not enabled Blind signing on the device. */
78
- EvmBlindSigningRequired = 11000,
79
- /** 0x6984 Plugin not installed */
80
- EvmClearSignPluginMissing = 11001,
81
- /** 0x6a84 Insufficient memory (typical on Nano S with large calldata) */
82
- EvmDataTooLarge = 11002,
83
- /** 0x6501 TransactionType not supported (app too old for EIP-1559 / blob / 7702) */
84
- EvmTxTypeNotSupported = 11003,
85
- /** 0x6808 Blind signing disabled for this instruction. */
86
- SolanaBlindSigningRequired = 11100,
87
- /** 0x6a8d Custom Contracts setting disabled (blocks TRC-20 etc.). */
88
- TronCustomContractRequired = 11200,
89
- /** 0x6a8b Transactions Data setting disabled. */
90
- TronDataSigningRequired = 11201,
91
- /** 0x6a8c Sign by Hash setting disabled (hash-signing fallback). */
92
- TronSignByHashRequired = 11202,
93
- /** 0xb008 Wallet policy HMAC mismatch or not registered. */
94
- BtcWalletPolicyHmacMismatch = 11300,
95
- /** 0xb007 Aborted due to unexpected state (malformed PSBT / missing UTXO). */
96
- BtcUnexpectedState = 11301
97
- }
98
- /**
99
- * Device-level failures the SDK cannot self-recover from — affect the entire
100
- * batch (vs per-chain failures like AppNotInstalled / WrongApp which soft-
101
- * skip in onboarding). Combined with `accounts.length === 0`, signals
102
- * genuine orphan. Also reused as the batch-abort whitelist for HWK.
103
- * Single source of truth.
104
- *
105
- * UserRejected (device-side reject) is included: pressing reject is an
106
- * explicit "I don't consent" — continuing the batch to ask again on the
107
- * next chain is harassment, not helpful.
108
- */
109
- declare const ORPHAN_ELIGIBLE_ERROR_CODES: number[];
110
- interface IHwkErrorPayload {
111
- code: HardwareErrorCode;
112
- message: string;
113
- appName?: string;
114
- _tag?: string;
115
- params?: Record<string, unknown>;
116
- }
117
- type HwkError = Error & {
118
- code: HardwareErrorCode;
119
- appName?: string;
120
- _tag?: string;
121
- params?: Record<string, unknown>;
122
- };
123
- /**
124
- * Canonical throwable for HWK adapters. Plain Error + canonical extra fields,
125
- * shape-compatible with `rehydrateConnectorError` so locally-thrown and
126
- * cross-boundary errors are indistinguishable to downstream classifiers
127
- * (`err.code` / `err._tag` / `err.appName`). Do NOT mutate caught errors
128
- * with `Object.assign` — construct a fresh one via this factory.
129
- */
130
- declare function createHwkError(payload: IHwkErrorPayload): HwkError;
1
+ import { HardwareErrorCode } from './errors.mjs';
2
+ export { HwkError, IHwkErrorPayload, ORPHAN_ELIGIBLE_ERROR_CODES, createHwkError, enrichErrorMessage } from './errors.mjs';
3
+ import { U as UiResponseEvent, a as UI_REQUEST, Q as QrDisplayData } from './ui-events-Cb7haAeE.mjs';
4
+ export { D as DevicePermissionDeniedReason, b as DevicePermissionResponse, c as QrResponseData, d as UI_EVENT, e as UI_REQUEST_CANCELLED_TAG, f as UI_REQUEST_DEFAULT_TIMEOUT_MS, g as UI_REQUEST_PREEMPTED_TAG, h as UI_REQUEST_TIMEOUT_TAG, i as UI_RESPONSE, j as UiRequestRegistry } from './ui-events-Cb7haAeE.mjs';
131
5
 
132
6
  interface Success<T> {
133
7
  success: true;
@@ -186,102 +60,38 @@ interface DeviceInfo {
186
60
  serialNumber?: string;
187
61
  /** Device capabilities — varies by vendor, model, and connection type */
188
62
  capabilities?: DeviceCapabilities;
63
+ /**
64
+ * Vendor-specific raw payload from the post-handshake `Features` (Trezor)
65
+ * or device-info call. Populated by the connector with `{ transport,
66
+ * descriptor, features }` so the app layer can read fields we haven't
67
+ * promoted to the typed surface yet. Treat as informational — promote
68
+ * any consumed field above.
69
+ */
70
+ raw?: Record<string, unknown>;
189
71
  }
190
72
  interface DeviceTarget {
191
73
  connectId: string;
192
74
  deviceId: string;
193
75
  }
194
76
 
195
- interface QrDisplayData {
196
- urType: string;
197
- urData: string;
198
- animated: boolean;
199
- }
200
- interface QrResponseData {
201
- urType: string;
202
- urData: string;
77
+ /**
78
+ * Mixin for chain-operation params that can be pinned to a specific passphrase
79
+ * wallet.
80
+ *
81
+ * Trezor-only. `passphraseState` is the wallet identity returned by
82
+ * `getPassphraseState`: today this is the compressed public key derived at
83
+ * `m/44'/0'/0'`, not the 4-byte master fingerprint. When present, the adapter
84
+ * creates a fresh wallet session (THP application session, or v1 device
85
+ * session) and verifies the derived state before issuing the call, so the
86
+ * address/signature comes from the intended passphrase wallet.
87
+ *
88
+ * Ledger has no equivalent and ignores the field — it never reaches the
89
+ * protobuf layer (the adapter strips it before forwarding to the connector).
90
+ */
91
+ interface PassphraseStateAware {
92
+ passphraseState?: string;
203
93
  }
204
94
 
205
- declare const UI_EVENT = "UI_EVENT";
206
- declare const UI_REQUEST: {
207
- readonly REQUEST_PIN: "ui-request-pin";
208
- readonly REQUEST_PASSPHRASE: "ui-request-passphrase";
209
- readonly REQUEST_PASSPHRASE_ON_DEVICE: "ui-request-passphrase-on-device";
210
- readonly REQUEST_BUTTON: "ui-request-button";
211
- readonly REQUEST_QR_DISPLAY: "ui-request-qr-display";
212
- readonly REQUEST_QR_SCAN: "ui-request-qr-scan";
213
- readonly REQUEST_DEVICE_PERMISSION: "ui-request-device-permission";
214
- readonly REQUEST_SELECT_DEVICE: "ui-request-select-device";
215
- readonly REQUEST_DEVICE_CONNECT: "ui-request-device-connect";
216
- readonly REQUEST_BTC_HIGH_INDEX_CONFIRM: "ui-request-btc-high-index-confirm";
217
- readonly REQUEST_INSTALL_APP: "ui-request-install-app";
218
- readonly CLOSE_UI_WINDOW: "ui-close";
219
- readonly DEVICE_PROGRESS: "ui-device_progress";
220
- readonly FIRMWARE_PROGRESS: "ui-firmware-progress";
221
- readonly FIRMWARE_TIP: "ui-firmware-tip";
222
- };
223
- declare const UI_RESPONSE: {
224
- readonly RECEIVE_PIN: "receive-pin";
225
- readonly RECEIVE_PASSPHRASE: "receive-passphrase";
226
- readonly RECEIVE_PASSPHRASE_ON_DEVICE: "receive-passphrase-on-device";
227
- readonly RECEIVE_QR_RESPONSE: "receive-qr-response";
228
- readonly RECEIVE_SELECT_DEVICE: "receive-select-device";
229
- readonly RECEIVE_DEVICE_CONNECT: "receive-device-connect";
230
- readonly RECEIVE_DEVICE_PERMISSION: "receive-device-permission";
231
- readonly RECEIVE_BTC_HIGH_INDEX_CONFIRM: "receive-btc-high-index-confirm";
232
- readonly RECEIVE_INSTALL_APP: "receive-install-app";
233
- readonly CANCEL: "cancel";
234
- };
235
- type DevicePermissionDeniedReason = 'bluetoothTurnedOff' | 'permissionDenied' | (string & Record<never, never>);
236
- type DevicePermissionResponse = {
237
- granted: boolean;
238
- reason?: DevicePermissionDeniedReason;
239
- message?: string;
240
- };
241
- type UiResponseEvent = {
242
- type: typeof UI_RESPONSE.RECEIVE_PIN;
243
- payload: string;
244
- } | {
245
- type: typeof UI_RESPONSE.RECEIVE_PASSPHRASE;
246
- payload: {
247
- value: string;
248
- passphraseOnDevice?: boolean;
249
- save?: boolean;
250
- };
251
- } | {
252
- type: typeof UI_RESPONSE.RECEIVE_PASSPHRASE_ON_DEVICE;
253
- payload?: undefined;
254
- } | {
255
- type: typeof UI_RESPONSE.RECEIVE_QR_RESPONSE;
256
- payload: QrResponseData;
257
- } | {
258
- type: typeof UI_RESPONSE.RECEIVE_SELECT_DEVICE;
259
- payload: {
260
- sdkConnectId: string;
261
- };
262
- } | {
263
- type: typeof UI_RESPONSE.RECEIVE_DEVICE_CONNECT;
264
- payload: {
265
- confirmed: boolean;
266
- };
267
- } | {
268
- type: typeof UI_RESPONSE.RECEIVE_DEVICE_PERMISSION;
269
- payload: DevicePermissionResponse;
270
- } | {
271
- type: typeof UI_RESPONSE.RECEIVE_BTC_HIGH_INDEX_CONFIRM;
272
- payload: {
273
- confirmed: boolean;
274
- };
275
- } | {
276
- type: typeof UI_RESPONSE.RECEIVE_INSTALL_APP;
277
- payload: {
278
- confirmed: boolean;
279
- };
280
- } | {
281
- type: typeof UI_RESPONSE.CANCEL;
282
- payload?: undefined;
283
- };
284
-
285
95
  /**
286
96
  * Minimal device info returned during discovery (searchDevices).
287
97
  * At scan time, full DeviceInfo fields like firmwareVersion are not yet available.
@@ -290,6 +100,15 @@ interface ConnectorDevice {
290
100
  connectId: string;
291
101
  deviceId: string;
292
102
  name: string;
103
+ /**
104
+ * Physical transport this device was discovered on. Mirrors Trezor
105
+ * Connect's `descriptor.apiType` — when several transports are fused behind
106
+ * one connector (see `createCombinedConnector`), the merged device list
107
+ * carries this so the host can tell a USB entry from a BLE one and route
108
+ * `connect()` back to the owning transport. Single-transport connectors may
109
+ * leave it undefined.
110
+ */
111
+ connectionType?: ConnectionType;
293
112
  /** Machine model id (e.g. "nanoX"). */
294
113
  model?: string;
295
114
  /** Human-readable model name (e.g. "Ledger Nano X"). */
@@ -302,6 +121,13 @@ interface ConnectorDevice {
302
121
  serialNumber?: string;
303
122
  /** Device capabilities — available from scan time */
304
123
  capabilities?: DeviceCapabilities;
124
+ /**
125
+ * Vendor-specific raw blob from the transport descriptor (USB / BLE).
126
+ * Populated by `descriptorToConnectorDevice` in each connector. Treat as
127
+ * informational; promote any field consumed by the app layer onto the
128
+ * typed surface above.
129
+ */
130
+ raw?: Record<string, unknown>;
305
131
  }
306
132
  interface ConnectorSession {
307
133
  sessionId: string;
@@ -346,7 +172,7 @@ type ConnectorCallResult = {
346
172
  success: false;
347
173
  error: ConnectorSerializedError;
348
174
  };
349
- type ConnectorEventType = 'device-connect' | 'device-disconnect' | 'ui-request' | 'ui-event';
175
+ type ConnectorEventType = 'device-connect' | 'device-disconnect' | 'features' | 'device-trezor-thp-credentials-changed' | 'ui-request' | 'ui-event';
350
176
  /**
351
177
  * Interaction event types emitted via 'ui-event'.
352
178
  * These map to user-facing prompts (confirm on device, open app, etc.).
@@ -410,16 +236,34 @@ interface ConnectorEventMap {
410
236
  'device-disconnect': {
411
237
  connectId: string;
412
238
  };
239
+ features: {
240
+ device: ConnectorDevice & {
241
+ features: Record<string, unknown>;
242
+ };
243
+ };
244
+ 'device-trezor-thp-credentials-changed': {
245
+ connectId: string;
246
+ deviceId?: string;
247
+ credentials: Record<string, unknown>[];
248
+ };
413
249
  'ui-request': {
414
250
  type: string;
415
251
  payload?: unknown;
416
252
  };
417
253
  'ui-event': ConnectorUiEvent;
418
254
  }
255
+ interface ConnectorSearchDevicesOptions {
256
+ /**
257
+ * Wait for every child transport in a fused connector. Default discovery can
258
+ * return shortly after USB appears so BLE does not slow down USB flows;
259
+ * binding pickers can opt in when they need BLE candidates too.
260
+ */
261
+ waitForAll?: boolean;
262
+ }
419
263
  interface IConnector {
420
264
  /** Physical connection type this connector uses. Fixed at construction. */
421
265
  readonly connectionType: ConnectionType;
422
- searchDevices(): Promise<ConnectorDevice[]>;
266
+ searchDevices(options?: ConnectorSearchDevicesOptions): Promise<ConnectorDevice[]>;
423
267
  connect(deviceId?: string): Promise<ConnectorSession>;
424
268
  disconnect(sessionId: string): Promise<void>;
425
269
  call(sessionId: string, method: string, params: unknown): Promise<ConnectorCallResult>;
@@ -429,10 +273,12 @@ interface IConnector {
429
273
  on<K extends ConnectorEventType>(event: K, handler: (data: ConnectorEventMap[K]) => void): void;
430
274
  off<K extends ConnectorEventType>(event: K, handler: (data: ConnectorEventMap[K]) => void): void;
431
275
  reset(): void;
276
+ setKnownCredentials?(credentials: unknown[]): Promise<void> | void;
432
277
  }
433
278
  interface IHardwareBridge {
434
279
  searchDevices(params: {
435
280
  vendor: VendorType;
281
+ options?: ConnectorSearchDevicesOptions;
436
282
  }): Promise<ConnectorDevice[]>;
437
283
  connect(params: {
438
284
  vendor: VendorType;
@@ -473,6 +319,15 @@ interface IHardwareBridge {
473
319
  type: ConnectorEventType;
474
320
  data: unknown;
475
321
  }) => void): void;
322
+ /**
323
+ * Warm-load vendor-specific persisted credentials. Currently only Trezor
324
+ * uses this (THP `knownCredentials`); the bridge implementation can
325
+ * dispatch on `vendor` and route to the right connector instance.
326
+ */
327
+ setKnownCredentials?(params: {
328
+ vendor: VendorType;
329
+ credentials: unknown[];
330
+ }): Promise<void> | void;
476
331
  }
477
332
  /**
478
333
  * Adapt an IHardwareBridge (multi-vendor backend) into a single-vendor IConnector.
@@ -499,6 +354,7 @@ declare function serializeConnectorError(err: unknown): ConnectorSerializedError
499
354
  * unchanged. The Result shape stays confined to the connector boundary.
500
355
  */
501
356
  declare function rehydrateConnectorError(error: ConnectorSerializedError): Error;
357
+ declare function createCombinedConnector(connectors: IConnector[]): IConnector;
502
358
 
503
359
  declare const DEVICE_EVENT = "DEVICE_EVENT";
504
360
  /** Events originating from the hardware device. */
@@ -506,9 +362,21 @@ declare const DEVICE: {
506
362
  readonly CONNECT: "device-connect";
507
363
  readonly DISCONNECT: "device-disconnect";
508
364
  readonly CHANGED: "device-changed";
365
+ readonly FEATURES: "features";
366
+ /**
367
+ * Trezor-only. Emitted after a successful THP handshake that minted or
368
+ * refreshed pairing credentials. The host should persist `credentials`
369
+ * keyed by `deviceId` and feed them back into the connector on the next
370
+ * connect to skip the CodeEntry/QrCode/NFC pairing UX.
371
+ *
372
+ * The `TREZOR_` prefix mirrors `UI_REQUEST.REQUEST_TREZOR_THP_PAIRING` —
373
+ * vendor-specific events live in the shared event taxonomy but are named
374
+ * so hosts can ignore them when they don't drive Trezor hardware.
375
+ */
376
+ readonly TREZOR_THP_CREDENTIALS_CHANGED: "device-trezor-thp-credentials-changed";
509
377
  };
510
378
 
511
- interface BtcGetAddressParams {
379
+ interface BtcGetAddressParams extends PassphraseStateAware {
512
380
  path: string;
513
381
  coin?: string;
514
382
  showOnDevice?: boolean;
@@ -520,7 +388,7 @@ interface BtcAddress {
520
388
  address: string;
521
389
  path: string;
522
390
  }
523
- interface BtcGetPublicKeyParams {
391
+ interface BtcGetPublicKeyParams extends PassphraseStateAware {
524
392
  path: string;
525
393
  coin?: string;
526
394
  showOnDevice?: boolean;
@@ -534,14 +402,19 @@ interface BtcPublicKey {
534
402
  path: string;
535
403
  depth: number;
536
404
  }
537
- interface BtcSignTxParams {
405
+ interface BtcSignTxParams extends PassphraseStateAware {
538
406
  psbt?: string;
539
407
  inputs?: BtcTxInput[];
540
408
  outputs?: BtcTxOutput[];
409
+ paymentRequests?: BtcPaymentRequest[];
541
410
  refTxs?: BtcRefTransaction[];
542
411
  coin: string;
543
412
  locktime?: number;
544
413
  version?: number;
414
+ timestamp?: number;
415
+ expiry?: number;
416
+ versionGroupId?: number;
417
+ branchId?: number;
545
418
  /** Account-level derivation path (e.g. "84'/0'/0'") for wallet template. */
546
419
  path?: string;
547
420
  }
@@ -552,12 +425,51 @@ interface BtcTxInput {
552
425
  amount: string;
553
426
  scriptType?: 'p2pkh' | 'p2sh' | 'p2wpkh' | 'p2wsh' | 'p2tr';
554
427
  sequence?: number;
428
+ origHash?: string;
429
+ origIndex?: number;
430
+ scriptSig?: string;
431
+ witness?: string;
432
+ ownershipProof?: string;
433
+ commitmentData?: string;
555
434
  }
556
435
  interface BtcTxOutput {
557
436
  address?: string;
558
437
  path?: string;
438
+ opReturnData?: string;
559
439
  amount: string;
560
440
  scriptType?: 'p2pkh' | 'p2sh' | 'p2wpkh' | 'p2wsh' | 'p2tr';
441
+ paymentReqIndex?: number;
442
+ origHash?: string;
443
+ origIndex?: number;
444
+ }
445
+ interface BtcPaymentRequestMemo {
446
+ textMemo?: {
447
+ text: string;
448
+ };
449
+ textDetailsMemo?: {
450
+ title: string;
451
+ text: string;
452
+ };
453
+ refundMemo?: {
454
+ address: string;
455
+ addressN?: number[];
456
+ mac: string;
457
+ };
458
+ coinPurchaseMemo?: {
459
+ coinType: number;
460
+ amount: string;
461
+ address: string;
462
+ addressN?: number[];
463
+ mac: string;
464
+ };
465
+ }
466
+ interface BtcPaymentRequest {
467
+ nonce?: string;
468
+ recipientName: string;
469
+ memos?: BtcPaymentRequestMemo[];
470
+ /** Decimal string in satoshis/subunits; SDK encodes it as SLIP-24 uint64 LE hex. */
471
+ amount?: string;
472
+ signature: string;
561
473
  }
562
474
  interface BtcRefTransaction {
563
475
  hash: string;
@@ -573,6 +485,15 @@ interface BtcRefTransaction {
573
485
  scriptPubKey: string;
574
486
  }>;
575
487
  locktime: number;
488
+ /** Original transaction inputs used by Trezor RBF verification (TXORIGINPUT). */
489
+ origInputs?: BtcTxInput[];
490
+ /** Original transaction outputs used by Trezor RBF verification (TXORIGOUTPUT). */
491
+ origOutputs?: BtcTxOutput[];
492
+ extraData?: string;
493
+ timestamp?: number;
494
+ expiry?: number;
495
+ versionGroupId?: number;
496
+ branchId?: number;
576
497
  }
577
498
  interface BtcSignedTx {
578
499
  serializedTx: string;
@@ -580,7 +501,7 @@ interface BtcSignedTx {
580
501
  signatures?: string[];
581
502
  txid?: string;
582
503
  }
583
- interface BtcSignPsbtParams {
504
+ interface BtcSignPsbtParams extends PassphraseStateAware {
584
505
  psbt: string;
585
506
  coin?: string;
586
507
  /** Account-level derivation path (e.g. "84'/0'/0'") for wallet template. */
@@ -589,10 +510,12 @@ interface BtcSignPsbtParams {
589
510
  interface BtcSignedPsbt {
590
511
  signedPsbt: string;
591
512
  }
592
- interface BtcSignMsgParams {
513
+ interface BtcSignMsgParams extends PassphraseStateAware {
593
514
  path: string;
594
515
  message: string;
595
516
  coin?: string;
517
+ hex?: boolean;
518
+ noScriptType?: boolean;
596
519
  }
597
520
  interface BtcSignature {
598
521
  signature: string;
@@ -600,17 +523,17 @@ interface BtcSignature {
600
523
  address?: string;
601
524
  }
602
525
  interface IBtcMethods {
603
- btcGetAddress(connectId: string, deviceId: string, params: BtcGetAddressParams, commonParams?: ICommonCallParams): Promise<Response<BtcAddress>>;
604
- btcGetPublicKey(connectId: string, deviceId: string, params: BtcGetPublicKeyParams, commonParams?: ICommonCallParams): Promise<Response<BtcPublicKey>>;
605
- btcSignTransaction(connectId: string, deviceId: string, params: BtcSignTxParams, commonParams?: ICommonCallParams): Promise<Response<BtcSignedTx>>;
606
- btcSignPsbt(connectId: string, deviceId: string, params: BtcSignPsbtParams, commonParams?: ICommonCallParams): Promise<Response<BtcSignedPsbt>>;
607
- btcSignMessage(connectId: string, deviceId: string, params: BtcSignMsgParams, commonParams?: ICommonCallParams): Promise<Response<BtcSignature>>;
608
- btcGetMasterFingerprint(connectId: string, deviceId: string, commonParams?: ICommonCallParams): Promise<Response<{
526
+ btcGetAddress(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<BtcGetAddressParams>>): Promise<Response<BtcAddress>>;
527
+ btcGetPublicKey(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<BtcGetPublicKeyParams>>): Promise<Response<BtcPublicKey>>;
528
+ btcSignTransaction(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<BtcSignTxParams>>): Promise<Response<BtcSignedTx>>;
529
+ btcSignPsbt(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<BtcSignPsbtParams>>): Promise<Response<BtcSignedPsbt>>;
530
+ btcSignMessage(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<BtcSignMsgParams>>): Promise<Response<BtcSignature>>;
531
+ btcGetMasterFingerprint(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCommonCallParams>): Promise<Response<{
609
532
  masterFingerprint: string;
610
533
  }>>;
611
534
  }
612
535
 
613
- interface SolGetAddressParams {
536
+ interface SolGetAddressParams extends PassphraseStateAware {
614
537
  path: string;
615
538
  showOnDevice?: boolean;
616
539
  }
@@ -619,11 +542,13 @@ interface SolAddress {
619
542
  address: string;
620
543
  path: string;
621
544
  }
622
- interface SolSignTxParams {
545
+ interface SolSignTxParams extends PassphraseStateAware {
623
546
  path: string;
624
547
  /** Hex-encoded serialized transaction bytes (no 0x prefix) */
625
548
  serializedTx: string;
626
549
  additionalInfo?: {
550
+ /** Trezor Solana token definition bytes as a hex string. */
551
+ encodedToken?: string;
627
552
  tokenAccountsInfos?: Array<{
628
553
  baseAddress: string;
629
554
  tokenProgram: string;
@@ -636,7 +561,7 @@ interface SolSignedTx {
636
561
  /** Hex-encoded Ed25519 signature (no 0x prefix) */
637
562
  signature: string;
638
563
  }
639
- interface SolSignMsgParams {
564
+ interface SolSignMsgParams extends PassphraseStateAware {
640
565
  path: string;
641
566
  /** Message bytes as hex string (no 0x prefix) */
642
567
  message: string;
@@ -646,12 +571,12 @@ interface SolSignature {
646
571
  signature: string;
647
572
  }
648
573
  interface ISolMethods {
649
- solGetAddress(connectId: string, deviceId: string, params: SolGetAddressParams, commonParams?: ICommonCallParams): Promise<Response<SolAddress>>;
650
- solSignTransaction(connectId: string, deviceId: string, params: SolSignTxParams, commonParams?: ICommonCallParams): Promise<Response<SolSignedTx>>;
651
- solSignMessage(connectId: string, deviceId: string, params: SolSignMsgParams, commonParams?: ICommonCallParams): Promise<Response<SolSignature>>;
574
+ solGetAddress(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<SolGetAddressParams>>): Promise<Response<SolAddress>>;
575
+ solSignTransaction(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<SolSignTxParams>>): Promise<Response<SolSignedTx>>;
576
+ solSignMessage(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<SolSignMsgParams>>): Promise<Response<SolSignature>>;
652
577
  }
653
578
 
654
- interface TronGetAddressParams {
579
+ interface TronGetAddressParams extends PassphraseStateAware {
655
580
  path: string;
656
581
  showOnDevice?: boolean;
657
582
  }
@@ -660,16 +585,110 @@ interface TronAddress {
660
585
  address: string;
661
586
  path: string;
662
587
  }
663
- interface TronSignTxParams {
588
+ /** TRON network resource, used by freeze/unfreeze contracts. */
589
+ type TronResource = 'BANDWIDTH' | 'ENERGY';
590
+ interface TronTransferContract {
591
+ /**
592
+ * Recipient address as hex, 0x41-prefixed (`41` + 20-byte hash, 42 hex chars).
593
+ * A leading `0x` is tolerated. Base58 (`T...`) is NOT accepted — convert first.
594
+ */
595
+ toAddress: string;
596
+ /** Amount in sun (1 TRX = 1e6 sun). */
597
+ amount: string | number;
598
+ }
599
+ interface TronTriggerSmartContract {
600
+ /** Smart-contract address, hex 0x41-prefixed. */
601
+ contractAddress: string;
602
+ /** ABI-encoded call data, hex (with or without `0x`). */
603
+ data: string;
604
+ }
605
+ interface TronFreezeBalanceV2Contract {
606
+ /** Amount to freeze, in sun. */
607
+ balance: number;
608
+ resource?: TronResource;
609
+ }
610
+ interface TronUnfreezeBalanceV2Contract {
611
+ /** Amount to unfreeze, in sun. */
612
+ balance: number;
613
+ resource?: TronResource;
614
+ }
615
+ interface TronVote {
616
+ /** Witness (SR) address, hex 0x41-prefixed. */
617
+ voteAddress: string;
618
+ voteCount: number;
619
+ }
620
+ interface TronVoteWitnessContract {
621
+ votes: TronVote[];
622
+ }
623
+ /** Withdraw-expired-unfreeze carries no fields beyond the implicit owner. */
624
+ type TronWithdrawExpireUnfreezeContract = Record<string, never>;
625
+ /**
626
+ * Exactly one field must be set — mirrors OneKey's `TronTransactionContract`.
627
+ * Only the six contract types Trezor firmware/protobuf supports are exposed.
628
+ */
629
+ interface TronContract {
630
+ transferContract?: TronTransferContract;
631
+ triggerSmartContract?: TronTriggerSmartContract;
632
+ freezeBalanceV2Contract?: TronFreezeBalanceV2Contract;
633
+ unfreezeBalanceV2Contract?: TronUnfreezeBalanceV2Contract;
634
+ voteWitnessContract?: TronVoteWitnessContract;
635
+ withdrawExpireUnfreezeContract?: TronWithdrawExpireUnfreezeContract;
636
+ }
637
+ /**
638
+ * Cross-vendor TRON sign params. Adapters consume different shapes:
639
+ *
640
+ * - **Ledger** signs the serialized transaction directly → needs `rawTxHex`.
641
+ * - **Trezor** runs a two-step contract flow → needs the structured fields
642
+ * (`ownerAddress` + `refBlock*` + `contract` …), mirroring OneKey hd-core.
643
+ *
644
+ * Both groups are optional at the type level; provide whichever your target
645
+ * vendor needs (or both for a vendor-agnostic call). Each adapter validates the
646
+ * fields it requires at runtime and ignores the rest — neither re-decodes the
647
+ * other's representation.
648
+ */
649
+ interface TronSignTxParams extends PassphraseStateAware {
664
650
  path: string;
665
- /** Protobuf-encoded raw transaction hex (no 0x prefix) */
666
- rawTxHex: string;
651
+ /**
652
+ * Protobuf-encoded raw TRON transaction, hex (with or without `0x`).
653
+ * Consumed by Ledger; ignored by Trezor.
654
+ */
655
+ rawTxHex?: string;
656
+ /**
657
+ * The signer's own TRON address, hex 0x41-prefixed. Required by Trezor
658
+ * (its contract messages carry an explicit `owner_address`); Ledger derives
659
+ * it from `rawTxHex`.
660
+ */
661
+ ownerAddress?: string;
662
+ /** Last 2 bytes of the reference block height, hex (4 chars). Trezor. */
663
+ refBlockBytes?: string;
664
+ /** Middle 8 bytes of the reference block hash, hex (16 chars). Trezor. */
665
+ refBlockHash?: string;
666
+ /** Expiration timestamp, milliseconds. Trezor. */
667
+ expiration?: number;
668
+ /** Transaction timestamp, milliseconds. Trezor. */
669
+ timestamp?: number;
670
+ /** Energy fee cap in sun (TriggerSmartContract only). Trezor. */
671
+ feeLimit?: number;
672
+ /** Optional memo/data, hex (with or without `0x`). Trezor. */
673
+ data?: string;
674
+ /** Exactly one contract — required by Trezor. */
675
+ contract?: TronContract;
667
676
  }
668
677
  interface TronSignedTx {
669
678
  /** 65-byte hex-encoded signature (no 0x prefix) */
670
679
  signature: string;
680
+ /**
681
+ * The transaction's `raw_data`, re-encoded host-side from the structured
682
+ * fields the device signed (hex, no prefix). The signature covers exactly
683
+ * this serialization, so callers should broadcast THIS rather than a
684
+ * pre-existing raw_data blob. Present only for contract types the host can
685
+ * re-encode (transfer / triggerSmart); `undefined` otherwise. Despite the
686
+ * historic `serializedTx` name, this is the TRON `raw_data_hex` payload, not
687
+ * trezor-suite's full broadcast transaction envelope.
688
+ */
689
+ serializedTx?: string;
671
690
  }
672
- interface TronSignMsgParams {
691
+ interface TronSignMsgParams extends PassphraseStateAware {
673
692
  path: string;
674
693
  /** Message hex (no 0x prefix) */
675
694
  messageHex: string;
@@ -679,9 +698,9 @@ interface TronSignature {
679
698
  signature: string;
680
699
  }
681
700
  interface ITronMethods {
682
- tronGetAddress(connectId: string, deviceId: string, params: TronGetAddressParams, commonParams?: ICommonCallParams): Promise<Response<TronAddress>>;
683
- tronSignTransaction(connectId: string, deviceId: string, params: TronSignTxParams, commonParams?: ICommonCallParams): Promise<Response<TronSignedTx>>;
684
- tronSignMessage(connectId: string, deviceId: string, params: TronSignMsgParams, commonParams?: ICommonCallParams): Promise<Response<TronSignature>>;
701
+ tronGetAddress(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<TronGetAddressParams>>): Promise<Response<TronAddress>>;
702
+ tronSignTransaction(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<TronSignTxParams>>): Promise<Response<TronSignedTx>>;
703
+ tronSignMessage(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<TronSignMsgParams>>): Promise<Response<TronSignature>>;
685
704
  }
686
705
 
687
706
  /**
@@ -710,6 +729,85 @@ declare const SDK: {
710
729
  readonly DEVICE_INTERACTION: "device-interaction";
711
730
  };
712
731
 
732
+ type HardwareMethodMetadata = {
733
+ chain: ChainForFingerprint;
734
+ allNetwork: boolean;
735
+ };
736
+ declare const HARDWARE_METHOD_CATALOG: {
737
+ readonly evmGetAddress: {
738
+ readonly chain: "evm";
739
+ readonly allNetwork: true;
740
+ };
741
+ readonly evmSignTransaction: {
742
+ readonly chain: "evm";
743
+ readonly allNetwork: false;
744
+ };
745
+ readonly evmSignMessage: {
746
+ readonly chain: "evm";
747
+ readonly allNetwork: false;
748
+ };
749
+ readonly evmSignTypedData: {
750
+ readonly chain: "evm";
751
+ readonly allNetwork: false;
752
+ };
753
+ readonly btcGetAddress: {
754
+ readonly chain: "btc";
755
+ readonly allNetwork: true;
756
+ };
757
+ readonly btcGetPublicKey: {
758
+ readonly chain: "btc";
759
+ readonly allNetwork: true;
760
+ };
761
+ readonly btcSignTransaction: {
762
+ readonly chain: "btc";
763
+ readonly allNetwork: false;
764
+ };
765
+ readonly btcSignPsbt: {
766
+ readonly chain: "btc";
767
+ readonly allNetwork: false;
768
+ };
769
+ readonly btcSignMessage: {
770
+ readonly chain: "btc";
771
+ readonly allNetwork: false;
772
+ };
773
+ readonly btcGetMasterFingerprint: {
774
+ readonly chain: "btc";
775
+ readonly allNetwork: false;
776
+ };
777
+ readonly solGetAddress: {
778
+ readonly chain: "sol";
779
+ readonly allNetwork: true;
780
+ };
781
+ readonly solSignTransaction: {
782
+ readonly chain: "sol";
783
+ readonly allNetwork: false;
784
+ };
785
+ readonly solSignMessage: {
786
+ readonly chain: "sol";
787
+ readonly allNetwork: false;
788
+ };
789
+ readonly tronGetAddress: {
790
+ readonly chain: "tron";
791
+ readonly allNetwork: true;
792
+ };
793
+ readonly tronSignTransaction: {
794
+ readonly chain: "tron";
795
+ readonly allNetwork: false;
796
+ };
797
+ readonly tronSignMessage: {
798
+ readonly chain: "tron";
799
+ readonly allNetwork: false;
800
+ };
801
+ };
802
+ type HardwareMethodName = keyof typeof HARDWARE_METHOD_CATALOG;
803
+ type AllNetworkMethodName = {
804
+ [K in HardwareMethodName]: (typeof HARDWARE_METHOD_CATALOG)[K]['allNetwork'] extends true ? K : never;
805
+ }[HardwareMethodName];
806
+ declare const ALL_NETWORK_METHOD_NAMES: AllNetworkMethodName[];
807
+ declare function getHardwareMethodMetadata(method: string): HardwareMethodMetadata | undefined;
808
+ declare function isAllNetworkMethodName(method: string): method is AllNetworkMethodName;
809
+ declare function getAllNetworkMethodChain(method: AllNetworkMethodName): ChainForFingerprint;
810
+
713
811
  /**
714
812
  * Wallet-level `ui-event` variants. Same shape as `ConnectorUiEvent` except
715
813
  * the AppInstallProgress variant's payload is re-keyed by the adapter from
@@ -726,6 +824,28 @@ type HardwareUiEvent = Exclude<ConnectorUiEvent, {
726
824
  };
727
825
  };
728
826
  type ChainCapability = 'evm' | 'btc' | 'sol' | 'tron';
827
+ type TrezorDisplayRotation = 'North' | 'East' | 'South' | 'West';
828
+ type TrezorSafetyCheckLevel = 'Strict' | 'PromptAlways' | 'PromptTemporarily';
829
+ type TrezorDeviceSettingsParams = {
830
+ language?: string;
831
+ label?: string;
832
+ use_passphrase?: boolean;
833
+ homescreen?: string;
834
+ auto_lock_delay_ms?: number;
835
+ display_rotation?: TrezorDisplayRotation;
836
+ passphrase_always_on_device?: boolean;
837
+ safety_checks?: TrezorSafetyCheckLevel;
838
+ experimental_features?: boolean;
839
+ hide_passphrase_from_host?: boolean;
840
+ haptic_feedback?: boolean;
841
+ auto_lock_delay_battery_ms?: number;
842
+ };
843
+ type TrezorBrightnessParams = {
844
+ value?: number;
845
+ };
846
+ type TrezorChangePinParams = {
847
+ remove?: boolean;
848
+ };
729
849
  /**
730
850
  * Cross-chain / cross-vendor options passed alongside any chain method's
731
851
  * own params (the optional last argument). Holds operation-level switches
@@ -740,22 +860,40 @@ interface ICommonCallParams {
740
860
  */
741
861
  autoInstallApp?: boolean;
742
862
  }
863
+ type NullableCallArg<T> = T | null | undefined;
864
+ interface IPassphraseCallParams {
865
+ passphraseState?: string;
866
+ useEmptyPassphrase?: boolean;
867
+ }
868
+ type IHardwareCommonCallParams = ICommonCallParams & IPassphraseCallParams;
869
+ type IHardwareCallParams<T> = T & IHardwareCommonCallParams;
743
870
  interface AllNetworkAddressParams {
744
871
  network: string;
745
872
  path: string;
746
873
  showOnDevice?: boolean;
747
- methodName: 'evmGetAddress' | 'btcGetAddress' | 'btcGetPublicKey' | 'solGetAddress' | 'tronGetAddress';
874
+ methodName: AllNetworkMethodName;
748
875
  [key: string]: unknown;
749
876
  }
750
- interface AllNetworkGetAddressParams extends ICommonCallParams {
877
+ interface AllNetworkGetAddressParams extends IHardwareCommonCallParams {
751
878
  bundle: AllNetworkAddressParams[];
752
879
  }
880
+ type AllNetworkDeviceIdentity = {
881
+ vendor: 'ledger';
882
+ type: 'chainFingerprint';
883
+ chain: ChainForFingerprint;
884
+ value: string;
885
+ } | {
886
+ vendor: 'trezor';
887
+ type: 'deviceId';
888
+ value: string;
889
+ };
753
890
  type AllNetworkAddressResponsePayload = Record<string, unknown> & {
754
891
  error?: string;
755
892
  code?: HardwareErrorCode | number;
756
893
  errorCode?: string | number;
757
894
  connectId?: string;
758
895
  deviceId?: string;
896
+ deviceIdentity?: AllNetworkDeviceIdentity;
759
897
  chainFingerprint?: string;
760
898
  chainFingerprintChain?: ChainForFingerprint;
761
899
  params?: Record<string, unknown>;
@@ -780,11 +918,30 @@ type DeviceEvent = {
780
918
  } | {
781
919
  type: typeof DEVICE.CHANGED;
782
920
  payload: DeviceInfo;
921
+ } | {
922
+ type: typeof DEVICE.FEATURES;
923
+ device: DeviceInfo & {
924
+ features: Record<string, unknown>;
925
+ };
926
+ payload: {
927
+ device: DeviceInfo & {
928
+ features: Record<string, unknown>;
929
+ };
930
+ };
931
+ } | {
932
+ type: typeof DEVICE.TREZOR_THP_CREDENTIALS_CHANGED;
933
+ payload: {
934
+ connectId: string;
935
+ deviceId?: string;
936
+ credentials: Record<string, unknown>[];
937
+ };
783
938
  };
784
939
  type UiRequestEvent = {
785
940
  type: typeof UI_REQUEST.REQUEST_PIN;
786
941
  payload: {
787
- device: DeviceInfo;
942
+ device?: DeviceInfo;
943
+ connectId?: string;
944
+ type?: string;
788
945
  };
789
946
  } | {
790
947
  type: typeof UI_REQUEST.REQUEST_PASSPHRASE;
@@ -851,6 +1008,14 @@ type UiRequestEvent = {
851
1008
  vendor: string;
852
1009
  appName: string;
853
1010
  };
1011
+ } | {
1012
+ type: typeof UI_REQUEST.REQUEST_TREZOR_THP_PAIRING;
1013
+ payload: {
1014
+ connectId: string;
1015
+ availableMethods: number[];
1016
+ selectedMethod: number;
1017
+ nfcData?: string;
1018
+ };
854
1019
  } | {
855
1020
  type: typeof UI_REQUEST.CLOSE_UI_WINDOW;
856
1021
  payload: Record<string, never>;
@@ -901,16 +1066,40 @@ interface HardwareEventMap {
901
1066
  type: typeof DEVICE.CHANGED;
902
1067
  payload: DeviceInfo;
903
1068
  };
1069
+ [DEVICE.FEATURES]: {
1070
+ type: typeof DEVICE.FEATURES;
1071
+ device: DeviceInfo & {
1072
+ features: Record<string, unknown>;
1073
+ };
1074
+ payload: {
1075
+ device: DeviceInfo & {
1076
+ features: Record<string, unknown>;
1077
+ };
1078
+ };
1079
+ };
1080
+ [DEVICE.TREZOR_THP_CREDENTIALS_CHANGED]: {
1081
+ type: typeof DEVICE.TREZOR_THP_CREDENTIALS_CHANGED;
1082
+ payload: {
1083
+ connectId: string;
1084
+ deviceId?: string;
1085
+ credentials: Record<string, unknown>[];
1086
+ };
1087
+ };
904
1088
  [UI_REQUEST.REQUEST_PIN]: {
905
1089
  type: typeof UI_REQUEST.REQUEST_PIN;
906
1090
  payload: {
907
- device: DeviceInfo;
1091
+ device?: DeviceInfo;
1092
+ connectId?: string;
1093
+ type?: string;
908
1094
  };
909
1095
  };
910
1096
  [UI_REQUEST.REQUEST_PASSPHRASE]: {
911
1097
  type: typeof UI_REQUEST.REQUEST_PASSPHRASE;
912
1098
  payload: {
913
- device: DeviceInfo;
1099
+ device?: DeviceInfo;
1100
+ connectId?: string;
1101
+ passphraseState?: string;
1102
+ useEmptyPassphrase?: boolean;
914
1103
  };
915
1104
  };
916
1105
  [UI_REQUEST.REQUEST_PASSPHRASE_ON_DEVICE]: {
@@ -976,6 +1165,15 @@ interface HardwareEventMap {
976
1165
  appName: string;
977
1166
  };
978
1167
  };
1168
+ [UI_REQUEST.REQUEST_TREZOR_THP_PAIRING]: {
1169
+ type: typeof UI_REQUEST.REQUEST_TREZOR_THP_PAIRING;
1170
+ payload: {
1171
+ connectId: string;
1172
+ availableMethods: number[];
1173
+ selectedMethod: number;
1174
+ nfcData?: string;
1175
+ };
1176
+ };
979
1177
  [UI_REQUEST.CLOSE_UI_WINDOW]: {
980
1178
  type: typeof UI_REQUEST.CLOSE_UI_WINDOW;
981
1179
  payload: Record<string, never>;
@@ -1006,7 +1204,41 @@ interface HardwareEventMap {
1006
1204
  };
1007
1205
  };
1008
1206
  }
1009
- interface IHardwareWallet<TConfig = unknown> extends IEvmMethods, IBtcMethods, ISolMethods, ITronMethods {
1207
+ interface IDeviceManagerMethods {
1208
+ getFeatures?(connectId: string): Promise<Response<Record<string, unknown>>>;
1209
+ deviceSettings?(connectId: string, params: TrezorDeviceSettingsParams): Promise<Response<Record<string, unknown>>>;
1210
+ setBrightness?(connectId: string, params?: TrezorBrightnessParams): Promise<Response<Record<string, unknown>>>;
1211
+ changePin?(connectId: string, params?: TrezorChangePinParams): Promise<Response<Record<string, unknown>>>;
1212
+ wipeDevice?(connectId: string): Promise<Response<Record<string, unknown>>>;
1213
+ }
1214
+ interface IWalletStateMethods {
1215
+ /**
1216
+ * Resolve the device's active passphrase wallet identity (`passphraseState`).
1217
+ * Today this is the compressed public key derived at `m/44'/0'/0'`, not the
1218
+ * 4-byte master fingerprint. Two modes:
1219
+ *
1220
+ * - **Discover** (no `passphraseState`): for a **standard wallet** (passphrase
1221
+ * protection off) returns `null` — there's one wallet and nothing to pin.
1222
+ * The SDK may still create a THP app session and derive once so it can
1223
+ * unlock and re-read fresh Features, but it does not ask for a passphrase.
1224
+ * For a **passphrase wallet** it creates a fresh session (prompts the user),
1225
+ * derives its state, and returns it so the host can persist the wallet.
1226
+ * Mirrors OneKey's null-for-standard convention.
1227
+ * - **Verify** (`passphraseState` given): align the device to that wallet and
1228
+ * confirm the derived state matches. Fails with `PassphraseStateMismatch`
1229
+ * when the entered passphrase yields a different wallet.
1230
+ *
1231
+ * SECURITY: every wallet-bound op that carries a `passphraseState` (getAddress,
1232
+ * sign, …) creates a fresh session, re-derives, and confirms the state before
1233
+ * the chain method runs. Standard wallets should pass `useEmptyPassphrase` so
1234
+ * the host can explicitly create the empty-passphrase session.
1235
+ *
1236
+ * Optional: vendors without host-managed passphrase sessions (Ledger) omit
1237
+ * it. Implemented by `TrezorAdapter`.
1238
+ */
1239
+ getPassphraseState?(connectId: string, passphraseState?: string): Promise<Response<string | null>>;
1240
+ }
1241
+ interface IHardwareWallet<TConfig = unknown> extends IEvmMethods, IBtcMethods, ISolMethods, ITronMethods, IDeviceManagerMethods, IWalletStateMethods {
1010
1242
  readonly vendor: string;
1011
1243
  readonly activeTransport: TransportType | null;
1012
1244
  init(config: TConfig): Promise<void>;
@@ -1047,12 +1279,19 @@ interface SearchDevicesOptions {
1047
1279
  * should leave this false so an active session can still be reused.
1048
1280
  */
1049
1281
  resetSession?: boolean;
1282
+ /**
1283
+ * Wait for every physical transport behind a fused connector. Use this for
1284
+ * transport binding/pairing UIs that must show BLE candidates even when USB
1285
+ * was discovered first.
1286
+ */
1287
+ waitForAllTransports?: boolean;
1050
1288
  }
1051
1289
 
1052
- interface EvmGetAddressParams {
1290
+ interface EvmGetAddressParams extends PassphraseStateAware {
1053
1291
  path: string;
1054
1292
  showOnDevice?: boolean;
1055
1293
  chainId?: number;
1294
+ ethereumDefinitions?: EvmEthereumDefinitions;
1056
1295
  }
1057
1296
  interface EvmAddress {
1058
1297
  address: string;
@@ -1060,21 +1299,36 @@ interface EvmAddress {
1060
1299
  /** Device-reported secp256k1 public key; populated when the transport exposes it. */
1061
1300
  publicKey?: string;
1062
1301
  }
1063
- interface EvmSignTxParams {
1302
+ interface EvmSignTxBaseParams extends PassphraseStateAware {
1064
1303
  path: string;
1065
- /**
1066
- * RLP-serialized transaction hex (0x-prefixed or plain).
1067
- * When provided, the connector uses this directly instead of individual fields.
1068
- * Required for Ledger; Trezor may use individual fields instead.
1069
- */
1070
- serializedTx?: string;
1304
+ chainId?: number;
1305
+ }
1306
+ /** Ledger shape: the whole RLP-serialized tx (0x-prefixed or plain hex); structured fields forbidden. */
1307
+ interface EvmSignTxLedgerParams extends EvmSignTxBaseParams {
1308
+ serializedTx: string;
1309
+ to?: never;
1310
+ value?: never;
1311
+ nonce?: never;
1312
+ gasLimit?: never;
1313
+ gasPrice?: never;
1314
+ txType?: never;
1315
+ maxFeePerGas?: never;
1316
+ maxPriorityFeePerGas?: never;
1317
+ accessList?: never;
1318
+ data?: never;
1319
+ paymentRequest?: never;
1320
+ ethereumDefinitions?: never;
1321
+ }
1322
+ /** Trezor shape: structured EthereumSignTx protobuf fields; serializedTx forbidden. */
1323
+ interface EvmSignTxTrezorParams extends EvmSignTxBaseParams {
1324
+ serializedTx?: never;
1071
1325
  /** Contract address or recipient. Optional for contract deployment transactions. */
1072
1326
  to?: string;
1073
1327
  value?: string;
1074
- chainId?: number;
1075
1328
  nonce?: string;
1076
1329
  gasLimit?: string;
1077
1330
  gasPrice?: string;
1331
+ txType?: number;
1078
1332
  maxFeePerGas?: string;
1079
1333
  maxPriorityFeePerGas?: string;
1080
1334
  accessList?: Array<{
@@ -1082,6 +1336,45 @@ interface EvmSignTxParams {
1082
1336
  storageKeys: string[];
1083
1337
  }>;
1084
1338
  data?: string;
1339
+ paymentRequest?: EvmPaymentRequest;
1340
+ ethereumDefinitions?: EvmEthereumDefinitions;
1341
+ }
1342
+ /** Mutually exclusive vendor shapes; each adapter narrows to its own. */
1343
+ type EvmSignTxParams = EvmSignTxLedgerParams | EvmSignTxTrezorParams;
1344
+ interface EvmEthereumDefinitions {
1345
+ /** Trezor Ethereum network definition bytes as a hex string. */
1346
+ encodedNetwork?: string;
1347
+ /** Trezor Ethereum token definition bytes as a hex string. */
1348
+ encodedToken?: string;
1349
+ }
1350
+ interface EvmPaymentRequestMemo {
1351
+ textMemo?: {
1352
+ text: string;
1353
+ };
1354
+ textDetailsMemo?: {
1355
+ title: string;
1356
+ text: string;
1357
+ };
1358
+ refundMemo?: {
1359
+ address: string;
1360
+ addressN?: number[];
1361
+ mac: string;
1362
+ };
1363
+ coinPurchaseMemo?: {
1364
+ coinType: number;
1365
+ amount: string;
1366
+ address: string;
1367
+ addressN?: number[];
1368
+ mac: string;
1369
+ };
1370
+ }
1371
+ interface EvmPaymentRequest {
1372
+ nonce?: string;
1373
+ recipientName: string;
1374
+ memos?: EvmPaymentRequestMemo[];
1375
+ /** Decimal string in subunits; SDK encodes it as SLIP-24 uint256 LE hex. */
1376
+ amount?: string;
1377
+ signature: string;
1085
1378
  }
1086
1379
  interface EvmSignedTx {
1087
1380
  /** Recovery id as `0x`-prefixed hex string. */
@@ -1092,16 +1385,20 @@ interface EvmSignedTx {
1092
1385
  s: string;
1093
1386
  serializedTx?: string;
1094
1387
  }
1095
- interface EvmSignMsgParams {
1388
+ interface EvmSignMsgParams extends PassphraseStateAware {
1096
1389
  path: string;
1097
1390
  message: string;
1391
+ chainId?: number;
1098
1392
  hex?: boolean;
1393
+ ethereumDefinitions?: EvmEthereumDefinitions;
1099
1394
  }
1100
1395
  type EvmSignTypedDataParams = EvmSignTypedDataFull | EvmSignTypedDataHash;
1101
- interface EvmSignTypedDataFull {
1396
+ interface EvmSignTypedDataFull extends PassphraseStateAware {
1102
1397
  path: string;
1398
+ chainId?: number;
1103
1399
  /** Defaults to `'full'` when omitted. */
1104
1400
  mode?: 'full';
1401
+ ethereumDefinitions?: EvmEthereumDefinitions;
1105
1402
  data: {
1106
1403
  domain: EIP712Domain;
1107
1404
  types: Record<string, Array<{
@@ -1112,12 +1409,22 @@ interface EvmSignTypedDataFull {
1112
1409
  message: Record<string, unknown>;
1113
1410
  };
1114
1411
  metamaskV4Compat?: boolean;
1412
+ showMessageHash?: boolean;
1413
+ /**
1414
+ * Optional host-computed hashes. Core Trezor models still use full typed-data
1415
+ * signing for display, while Trezor One can fall back to typed-hash signing
1416
+ * when firmware cannot compute the hashes itself.
1417
+ */
1418
+ domainSeparatorHash?: string;
1419
+ messageHash?: string;
1115
1420
  }
1116
- interface EvmSignTypedDataHash {
1421
+ interface EvmSignTypedDataHash extends PassphraseStateAware {
1117
1422
  path: string;
1423
+ chainId?: number;
1118
1424
  mode: 'hash';
1119
1425
  domainSeparatorHash: string;
1120
1426
  messageHash: string;
1427
+ ethereumDefinitions?: EvmEthereumDefinitions;
1121
1428
  }
1122
1429
  interface EIP712Domain {
1123
1430
  name?: string;
@@ -1133,10 +1440,10 @@ interface EvmSignature {
1133
1440
  address?: string;
1134
1441
  }
1135
1442
  interface IEvmMethods {
1136
- evmGetAddress(connectId: string, deviceId: string, params: EvmGetAddressParams, commonParams?: ICommonCallParams): Promise<Response<EvmAddress>>;
1137
- evmSignTransaction(connectId: string, deviceId: string, params: EvmSignTxParams, commonParams?: ICommonCallParams): Promise<Response<EvmSignedTx>>;
1138
- evmSignMessage(connectId: string, deviceId: string, params: EvmSignMsgParams, commonParams?: ICommonCallParams): Promise<Response<EvmSignature>>;
1139
- evmSignTypedData(connectId: string, deviceId: string, params: EvmSignTypedDataParams, commonParams?: ICommonCallParams): Promise<Response<EvmSignature>>;
1443
+ evmGetAddress(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<EvmGetAddressParams>>): Promise<Response<EvmAddress>>;
1444
+ evmSignTransaction(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<EvmSignTxParams>>): Promise<Response<EvmSignedTx>>;
1445
+ evmSignMessage(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<EvmSignMsgParams>>): Promise<Response<EvmSignature>>;
1446
+ evmSignTypedData(connectId?: NullableCallArg<string>, deviceId?: NullableCallArg<string>, params?: NullableCallArg<IHardwareCallParams<EvmSignTypedDataParams>>): Promise<Response<EvmSignature>>;
1140
1447
  }
1141
1448
 
1142
1449
  /**
@@ -1252,32 +1559,8 @@ declare class TypedEventEmitter<TMap extends Record<string, any> = Record<string
1252
1559
  emit<K extends keyof TMap & string>(event: K, data: TMap[K]): void;
1253
1560
  emit(event: string, data: unknown): void;
1254
1561
  removeAllListeners(): void;
1255
- }
1256
-
1257
- /** 10 min — every UI request is human-in-the-loop; bias toward "wait long". */
1258
- declare const UI_REQUEST_DEFAULT_TIMEOUT_MS = 600000;
1259
- declare const UI_REQUEST_PREEMPTED_TAG = "UiRequestPreempted";
1260
- declare const UI_REQUEST_CANCELLED_TAG = "UiRequestCancelled";
1261
- declare const UI_REQUEST_TIMEOUT_TAG = "UiRequestTimeout";
1262
- /**
1263
- * Per-type single-slot registry for adapter-level UI requests. A new `wait`
1264
- * of the same type supersedes (rejects) the prior pending entry. With the
1265
- * job queue running globally serially, cross-type collisions don't occur in
1266
- * normal flow — same-type preemption is a defensive measure for callers
1267
- * that fire the same request twice without waiting on the first.
1268
- *
1269
- * Unknown response types are dropped silently so the public `uiResponse`
1270
- * entry never throws.
1271
- */
1272
- declare class UiRequestRegistry {
1273
- private pending;
1274
- wait<T = unknown>(requestType: string, options?: {
1275
- timeoutMs?: number;
1276
- }): Promise<T>;
1277
- resolve(responseType: string, payload: unknown): void;
1278
- cancel(requestType?: string): void;
1279
- reset(): void;
1280
- hasPending(requestType?: string): boolean;
1562
+ /** Number of listeners registered for `event`. 0 if none. */
1563
+ listenerCount(event: string): number;
1281
1564
  }
1282
1565
 
1283
1566
  /**
@@ -1300,11 +1583,32 @@ declare function hexToBytes(hex: string): Uint8Array;
1300
1583
  /** Convert a Uint8Array to a hex string (no 0x prefix). */
1301
1584
  declare function bytesToHex(bytes: Uint8Array): string;
1302
1585
 
1303
- /**
1304
- * Enrich a hardware error message with actionable recovery hints.
1305
- * Shared across adapters (Ledger, Trezor, etc.).
1306
- */
1307
- declare function enrichErrorMessage(code: HardwareErrorCode, originalMessage: string): string;
1586
+ type DetectableHardwareVendor = 'onekey' | 'trezor' | 'ledger';
1587
+ type HardwareDeviceIdentityInput = {
1588
+ name?: string | null;
1589
+ localName?: string | null;
1590
+ bleName?: string | null;
1591
+ model?: string | null;
1592
+ modelName?: string | null;
1593
+ type?: string | null;
1594
+ productName?: string | null;
1595
+ manufacturerName?: string | null;
1596
+ vendor?: number | string | null;
1597
+ vendorId?: number | null;
1598
+ product?: number | string | null;
1599
+ productId?: number | null;
1600
+ label?: string | null;
1601
+ fw_vendor?: string | null;
1602
+ internal_model?: string | null;
1603
+ onekey_version?: string | null;
1604
+ onekey_device_type?: string | null;
1605
+ onekey_serial?: string | null;
1606
+ serviceUUIDs?: string[] | null;
1607
+ advertisedServiceUuids?: string[] | null;
1608
+ serviceUuids?: string[] | null;
1609
+ };
1610
+ declare function detectHardwareVendorFromDescriptor(input: HardwareDeviceIdentityInput): DetectableHardwareVendor | undefined;
1611
+ declare function isKnownNonTargetHardwareVendor(input: HardwareDeviceIdentityInput, targetVendor: DetectableHardwareVendor): boolean;
1308
1612
 
1309
1613
  /**
1310
1614
  * Generic batch call with progress reporting.
@@ -1315,4 +1619,35 @@ declare function batchCall<TParam, TResult>(params: TParam[], callFn: (p: TParam
1315
1619
  total: number;
1316
1620
  }) => void): Promise<Response<TResult[]>>;
1317
1621
 
1318
- export { type ActiveJobInfo, type AllNetworkAddressParams, type AllNetworkAddressResponse, type AllNetworkAddressResponsePayload, type AllNetworkGetAddressParams, type BtcAddress, type BtcGetAddressParams, type BtcGetPublicKeyParams, type BtcPublicKey, type BtcRefTransaction, type BtcSignMsgParams, type BtcSignPsbtParams, type BtcSignTxParams, type BtcSignature, type BtcSignedPsbt, type BtcSignedTx, type BtcTxInput, type BtcTxOutput, CHAIN_FINGERPRINT_PATHS, type ChainCapability, type ChainForFingerprint, type ConnectionType, type ConnectorCallResult, type ConnectorDevice, type ConnectorErrorParams, type ConnectorEventMap, type ConnectorEventType, type ConnectorSerializedError, type ConnectorSession, type ConnectorUiEvent, DEVICE, DEVICE_EVENT, type DeviceCapabilities, type DeviceChangeEvent, type DeviceConnectEvent, type DeviceDescriptor, type DeviceDisconnectEvent, type DeviceEvent, type DeviceEventListener, type DeviceInfo, DeviceJobQueue, type DevicePermissionDeniedReason, type DevicePermissionResponse, type DeviceTarget, EConnectorInteraction, type EIP712Domain, type EvmAddress, type EvmGetAddressParams, type EvmSignMsgParams, type EvmSignTxParams, type EvmSignTypedDataFull, type EvmSignTypedDataHash, type EvmSignTypedDataParams, type EvmSignature, type EvmSignedTx, type Failure, HardwareErrorCode, type HardwareEvent, type HardwareEventMap, type HardwareUiEvent, type HwkError, type IBtcMethods, type ICommonCallParams, type IConnector, type IEvmMethods, type IHardwareBridge, type IHardwareWallet, type IHwkErrorPayload, type ISolMethods, type ITronMethods, type JobOptions, ORPHAN_ELIGIBLE_ERROR_CODES, type PassphraseResponse, type QrDisplayData, type QrResponseData, type Response, SDK, type SdkEvent, type SearchDevicesOptions, type SolAddress, type SolGetAddressParams, type SolSignMsgParams, type SolSignTxParams, type SolSignature, type SolSignedTx, type Success, type TransportType, type TronAddress, type TronGetAddressParams, type TronSignMsgParams, type TronSignTxParams, type TronSignature, type TronSignedTx, TypedEventEmitter, UI_EVENT, UI_REQUEST, UI_REQUEST_CANCELLED_TAG, UI_REQUEST_DEFAULT_TIMEOUT_MS, UI_REQUEST_PREEMPTED_TAG, UI_REQUEST_TIMEOUT_TAG, UI_RESPONSE, type UiRequestEvent, UiRequestRegistry, type UiResponseEvent, type VendorType, batchCall, bytesToHex, compareSemver, createBridgedConnector, createHwkError, deriveDeviceFingerprint, enrichErrorMessage, ensure0x, failure, hexToBytes, padHex64, rehydrateConnectorError, serializeConnectorError, stripHex, success };
1622
+ type AllNetworkCallItemContext = {
1623
+ connectId: string;
1624
+ deviceId: string;
1625
+ method: AllNetworkMethodName;
1626
+ chain: ChainForFingerprint;
1627
+ item: AllNetworkAddressParams;
1628
+ index: number;
1629
+ };
1630
+ type AllNetworkAttachIdentityContext = AllNetworkCallItemContext & {
1631
+ payload: Record<string, unknown>;
1632
+ };
1633
+ type AllNetworkResponseContext = AllNetworkCallItemContext & {
1634
+ response: AllNetworkAddressResponse;
1635
+ };
1636
+ type RunAllNetworkGetAddressOptions = {
1637
+ connectId: string;
1638
+ deviceId: string;
1639
+ params: AllNetworkGetAddressParams;
1640
+ getMethodChain?: (method: AllNetworkMethodName, item: AllNetworkAddressParams) => ChainForFingerprint;
1641
+ normalizeItem?: (method: AllNetworkMethodName, item: AllNetworkAddressParams) => AllNetworkAddressParams;
1642
+ buildUnsupportedNetworkResponse?: (item: AllNetworkAddressParams, method: AllNetworkMethodName) => AllNetworkAddressResponse | undefined;
1643
+ callItem: (context: AllNetworkCallItemContext) => Promise<Response<unknown>>;
1644
+ attachIdentity: (context: AllNetworkAttachIdentityContext) => Promise<AllNetworkAddressResponse>;
1645
+ shouldAbortBundle?: (response: AllNetworkAddressResponse, context: AllNetworkResponseContext) => boolean;
1646
+ buildTopLevelFailure?: (response: AllNetworkAddressResponse, context: AllNetworkResponseContext) => Response<AllNetworkAddressResponse[]>;
1647
+ };
1648
+ declare function runAllNetworkGetAddress({ connectId, deviceId, params, getMethodChain, normalizeItem, buildUnsupportedNetworkResponse, callItem, attachIdentity, shouldAbortBundle, buildTopLevelFailure, }: RunAllNetworkGetAddressOptions): Promise<Response<AllNetworkAddressResponse[]>>;
1649
+ declare function buildUnsupportedMethodResponse(item: AllNetworkAddressParams): AllNetworkAddressResponse;
1650
+
1651
+ declare const DEVICE_CONNECT_RETRY_DELAY_MS = 1000;
1652
+
1653
+ export { ALL_NETWORK_METHOD_NAMES, type ActiveJobInfo, type AllNetworkAddressParams, type AllNetworkAddressResponse, type AllNetworkAddressResponsePayload, type AllNetworkAttachIdentityContext, type AllNetworkCallItemContext, type AllNetworkGetAddressParams, type AllNetworkMethodName, type AllNetworkResponseContext, type BtcAddress, type BtcGetAddressParams, type BtcGetPublicKeyParams, type BtcPaymentRequest, type BtcPaymentRequestMemo, type BtcPublicKey, type BtcRefTransaction, type BtcSignMsgParams, type BtcSignPsbtParams, type BtcSignTxParams, type BtcSignature, type BtcSignedPsbt, type BtcSignedTx, type BtcTxInput, type BtcTxOutput, CHAIN_FINGERPRINT_PATHS, type ChainCapability, type ChainForFingerprint, type ConnectionType, type ConnectorCallResult, type ConnectorDevice, type ConnectorErrorParams, type ConnectorEventMap, type ConnectorEventType, type ConnectorSerializedError, type ConnectorSession, type ConnectorUiEvent, DEVICE, DEVICE_CONNECT_RETRY_DELAY_MS, DEVICE_EVENT, type DetectableHardwareVendor, type DeviceCapabilities, type DeviceChangeEvent, type DeviceConnectEvent, type DeviceDescriptor, type DeviceDisconnectEvent, type DeviceEvent, type DeviceEventListener, type DeviceInfo, DeviceJobQueue, type DeviceTarget, EConnectorInteraction, type EIP712Domain, type EvmAddress, type EvmEthereumDefinitions, type EvmGetAddressParams, type EvmPaymentRequest, type EvmPaymentRequestMemo, type EvmSignMsgParams, type EvmSignTxLedgerParams, type EvmSignTxParams, type EvmSignTxTrezorParams, type EvmSignTypedDataFull, type EvmSignTypedDataHash, type EvmSignTypedDataParams, type EvmSignature, type EvmSignedTx, type Failure, HARDWARE_METHOD_CATALOG, type HardwareDeviceIdentityInput, HardwareErrorCode, type HardwareEvent, type HardwareEventMap, type HardwareMethodMetadata, type HardwareMethodName, type HardwareUiEvent, type IBtcMethods, type ICommonCallParams, type IConnector, type IDeviceManagerMethods, type IEvmMethods, type IHardwareBridge, type IHardwareCallParams, type IHardwareCommonCallParams, type IHardwareWallet, type IPassphraseCallParams, type ISolMethods, type ITronMethods, type IWalletStateMethods, type JobOptions, type NullableCallArg, type PassphraseResponse, type PassphraseStateAware, QrDisplayData, type Response, type RunAllNetworkGetAddressOptions, SDK, type SdkEvent, type SearchDevicesOptions, type SolAddress, type SolGetAddressParams, type SolSignMsgParams, type SolSignTxParams, type SolSignature, type SolSignedTx, type Success, type TransportType, type TrezorBrightnessParams, type TrezorChangePinParams, type TrezorDeviceSettingsParams, type TrezorDisplayRotation, type TrezorSafetyCheckLevel, type TronAddress, type TronContract, type TronFreezeBalanceV2Contract, type TronGetAddressParams, type TronResource, type TronSignMsgParams, type TronSignTxParams, type TronSignature, type TronSignedTx, type TronTransferContract, type TronTriggerSmartContract, type TronUnfreezeBalanceV2Contract, type TronVote, type TronVoteWitnessContract, type TronWithdrawExpireUnfreezeContract, TypedEventEmitter, UI_REQUEST, type UiRequestEvent, UiResponseEvent, type VendorType, batchCall, buildUnsupportedMethodResponse, bytesToHex, compareSemver, createBridgedConnector, createCombinedConnector, deriveDeviceFingerprint, detectHardwareVendorFromDescriptor, ensure0x, failure, getAllNetworkMethodChain, getHardwareMethodMetadata, hexToBytes, isAllNetworkMethodName, isKnownNonTargetHardwareVendor, padHex64, rehydrateConnectorError, runAllNetworkGetAddress, serializeConnectorError, stripHex, success };