-
Notifications
You must be signed in to change notification settings - Fork 31
Trezor on Raspberry Pi from scratch
How to get the Trezor Python library working on the Raspberry Pi from scratch
Fire up the RPi with an Ethernet cable inserted and bring up a terminal
$ ssh pi@<ip.address.from.router>
Password: raspberry
$ sudo -i
$ apt-get update$ apt-get install git-core$ apt-get install python-dev python-setuptools screen
$ curl -O https://raw.github.com/pypa/pip/master/contrib/get-pip.py
$ python get-pip.py$ apt-get install python-serial
$ pip install protobuf ecdsa
$ exit$ git clone git://github.com/doceme/py-spidev
$ cd py-spidev
$ sudo python setup.py install
$ cd ..$ git clone https://github.com/trezor/trezor-emu.git
$ cd trezor-emu
$ sudo python setup.py develop
$ sudo ./rpi-serial.shIf all has worked correctly you should see the Trezor initialisation message on the OLED display. You need sudo to enable the Shield to communicate over the serial port.
By default the Shield plugs into the General Purpose Input/Output (GPIO) port on the RPi. The standard script has the Shield listening to requests on the RPi USB bus and providing a debug link to the outside world on port 2000. Unfortunately the debug port does not provide the full API and running Java directly on the RPi is rather painful when you're just starting to explore.
So to have a more productive experience with the Shield device, you'll need to expose the main API over a socket to your development machine. This is easily done by modifying the rpi-serial.sh script as follows:
# run trezor daemon
python trezor/__init__.py -v -s -t socket -p 0.0.0.0:3000 -d -dt socket -dp 0.0.0.0:2000Now when you execute sudo ./rpi-serial.sh you'll see the unit start as before, but now port 3000 on the RPi is listening for protocol buffer messages.
You are now in a position to try out the Shield using MBHD Hardware on your development machine communicating over TCP/IP to your RPi via Ethernet.
Take a look at the /examples module for some code.
Clearly communicating with the socket interface is not a good simulation of the actual device in a real life situation. You don't even need an RPi + Shield since you can just run the trezor-emu application directly from your Linux desktop instead (OS X doesn't play nicely with the python serial library).
Attaching an Ethernet cable into the RPi and applying power from your desktop via the Shield USB socket will enable the Shield to present itself to your desktop machine as a USB Human Interface Device (HID).
You will need to modify the rpi-serial.sh script to include a different transport:
# run trezor daemon
python trezor/__init__.py -v -sYou can test this by using the one of the following shell commands
-
lsusbfor Linux -
system_profiler SPUSBDataTypefor Mac -
reg query hklm\system\currentcontrolset\enum\usbstor /sfor Windows (untested so might be a better way)
You'll see a device with VendorID of 0x10c4 and ProductID of 0xea80 (Silicon Laboratories) if the RPi + Shield has correctly registered on the USB.
It won't be running at this stage so it is necessary to open a shell to the RPi as usual and use the original rpi-serial.sh script:
sudo ./rpi-serial.shThe RPi comes with getty configured to provide a login prompt over the serial port. While the above script attempts to stop getty it may not be successful and so it may be necessary to disable it permanently and rely on SSH instead (recommended). To do this edit /etc/inittab and comment out the following (it's near the end of the file):
#T0:23:respawn:/sbin/getty -L ttyAMA0 115200 vt100
With this configuration you will still get the startup messages going via the serial port, but the desktop machine can safely ignore them.
You are now in a position to try out the Shield using MBHD Hardware on your development machine communicating over USB.
The Trezor emulator comes with a handy script to ensure that the latest code is running and to set your RPi to automatically boot into a USB mode. Here are the commands:
sudo ln -s /home/pi/trezor-emu/rpi-init /etc/init.d/trezor
sudo update-rc.d trezor defaults
Take a look at the /examples module for some code covering production Trezors over USB, RPi+Shield Trezor emulation over USB and socket.