Skip to content

[WIP] Miniscript support#6936

Draft
romanz wants to merge 8 commits into
mainfrom
romanz/2605/rust-miniscript
Draft

[WIP] Miniscript support#6936
romanz wants to merge 8 commits into
mainfrom
romanz/2605/rust-miniscript

Conversation

@romanz
Copy link
Copy Markdown
Contributor

@romanz romanz commented May 15, 2026
edited
Loading

Resolves #6854.

TODOs:

  • Optimize rust-miniscript flash/heap usage
  • Spending only from single policy?
    • i.e. no cross-account spending
  • Single signature per input:
  • Taproot support
    • Currently on WSH is supported
  • Better registration UX
    • Policies' names should not collide
  • Known issues:
    • Emulator is not working with Liana (but HW devices do)
    • GetAddress doesn't show the address/policy
    • Using least-significant-bit of the change index for change detection
      • Liana uses <0;1>, <2;3>, <4;5> indices if a signer is reused.
    • Liana uses a random suffix for the policy name?

@romanz romanz self-assigned this May 15, 2026
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 15, 2026
edited
Loading

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: e844a1e8-9599-4532-9dbb-986c06fa6f2a

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch romanz/2605/rust-miniscript

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@trezor-bot trezor-bot Bot added this to Firmware May 15, 2026
@github-project-automation github-project-automation Bot moved this to 🔎 Needs review in Firmware May 15, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 15, 2026

Looks like you changed Cargo.lock. Please make sure to review the dependencies and update internal version list.

@romanz romanz added core Trezor Core firmware. Runs on Trezor Model T and Safe models. bitcoin Bitcoin related labels May 15, 2026
@romanz romanz changed the title Miniscript support [WIP] Miniscript support May 15, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 15, 2026
edited
Loading

en main(all)

model device_test click_test persistence_test
T2T1 test(all) main(all) test(all) main(all) test(all) main(all)
T3B1 test(all) main(all) test(all) main(all) test(all) main(all)
T3T1 test(all) main(all) test(all) main(all) test(all) main(all)
T3W1 test(all) main(all) test(all) main(all) test(all) main(all)

Latest CI run: 25934521840

This was referenced May 15, 2026
Open
Draft
@romanz romanz force-pushed the romanz/2605/rust-miniscript branch from d47a1f0 to 9b60367 Compare May 15, 2026 16:10
romanz and others added 7 commits May 15, 2026 20:25
@romanz @vojczejk @jjanku
[WIP] feat(core): integrate rust-miniscript for descriptor compilation
b218568 
Add `rust-miniscript` library to compile Bitcoin descriptors on-device,
enabling policy-based script generation for registered policies.

Rust changes:
- Add `miniscript` crate v13.0.0 to Cargo.toml
- Use global allocator for temporary heap allocations
- Register `trezorminiscript` MicroPython module
- Export `mp_module_trezorminiscript` symbol in librust.h

Build system changes:
- Add `miniscript` feature to both firmware and unix builds
- Configure build-std with `alloc` crate when miniscript is enabled

Other fixes:
- Fix type inference in translations/obj.rs for data_hash slice

[no changelog]

(cherry picked from commit 1325a95)

Co-authored-by: Vojtěch Nevřela <nevrelav@gmail.com>
Co-authored-by: Jakub Janků <janku.jakub.jj@gmail.com>
@romanz
[WIP] feat(common): add Miniscript-related protobuf definitions
2d99c4d 
[no changelog]
@romanz
[WIP] ci(core): build all emulators with MINISCRIPT=1
4372a26 
[no changelog]
@obrusvit @romanz
[WIP] build(core): vendor secp256k1-sys fork to share libsecp256k1 wi…
198fd37 
…th C

- Pull rust-miniscript through a forked secp256k1-sys 0.10.1 that skips
its bundled libsecp256k1 build and uses unprefixed FFI symbols. The
canonical secp256k1_* symbols will be supplied at link time by the
existing vendored libsecp256k1 at vendor/secp256k1-zkp/, eliminating
the second copy of libsecp256k1 (and its full-size precomputed ecmult
tables) the firmware would otherwise carry when MINISCRIPT=1.
- The fork is wired in via [patch.crates-io] in core/embed/rust/Cargo.toml
and is a no-op when MINISCRIPT=0 (secp256k1-sys is not in the resolved
dep graph). ABI compatibility with vendored libsecp256k1 v0.7.0 was
verified against the bundled commit secp256k1-sys ships (1ad5185c) by
header diff and struct-size check.
- The fork is a subset. It excludes `depend/secp256k1/`, `wasm/`,
`vendor-libsecp.sh` and some other non-relevant files.
- New `Cargo.toml` and `build.rs` were written for the purposes of the
  fork.

[no changelog]
@obrusvit @romanz
[WIP] build(core): complete libsecp256k1 build for rust-miniscript
baa7007 
rust-miniscript references three pieces of libsecp256k1 the SECP256K1_ZKP build wasn't providing when MINISCRIPT=1:
- secp256k1::ellswift (unconditional in secp256k1 0.29): add ENABLE_MODULE_ELLSWIFT so the module is compiled.
- ecdsa::Signature::from_der_lax binds ecdsa_signature_parse_der_lax from contrib/lax_der_parsing.c: add it to the link.
- That file does `#include <secp256k1.h>`, which the default CPPPATH resolves to vendor/trezor-crypto/secp256k1.h. Override CPPPATH for this one file so vendor/secp256k1-zkp/include comes first.

- Companion to 58b0b1f (the secp256k1-sys [patch.crates-io] fork).

[no changelog]
@romanz
[WIP] feat(core): add Miniscript support
ecf68f9 
MINISCRIPT=1 TREZOR_MODEL=T3T1 PYOPT=0 make -C core build_unix
core/emu.py -eac pytest tests/device_tests/bitcoin/ -k miniscript

[no changelog]
@romanz
[WIP] feat(rust): add Miniscript support
71d6c03
@romanz romanz force-pushed the romanz/2605/rust-miniscript branch from 9b60367 to 71d6c03 Compare May 15, 2026 18:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@obrusvit obrusvit Awaiting requested review from obrusvit obrusvit will be requested when the pull request is marked ready for review obrusvit is a code owner

@matejcik matejcik Awaiting requested review from matejcik matejcik will be requested when the pull request is marked ready for review matejcik is a code owner

@TychoVrahe TychoVrahe Awaiting requested review from TychoVrahe TychoVrahe will be requested when the pull request is marked ready for review TychoVrahe is a code owner

@vdovhanych vdovhanych Awaiting requested review from vdovhanych vdovhanych will be requested when the pull request is marked ready for review vdovhanych is a code owner

@mmilata mmilata Awaiting requested review from mmilata mmilata will be requested when the pull request is marked ready for review mmilata is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@romanz romanz

Labels

bitcoin Bitcoin related core Trezor Core firmware. Runs on Trezor Model T and Safe models.

Projects

Firmware
Status: 🔎 Needs review

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Miniscript support

2 participants

@romanz @obrusvit