github cryptoadvance/specter-diy v1.10.3
on GitHub

6 hours ago

⚠️ Mandatory upgrade

This is a mandatory upgrade for all Specter-DIY users.

v1.10.3 rotates the release signing keys (Ben removed, k9ert added) and ships an updated bootloader that embeds the new key set. Future releases will be signed with the new keys and cannot be installed on devices still running v1.9.0 or earlier — the old bootloader does not recognise the new signing keys and will reject the upgrade with Not enough signatures.

If you skip this release, your device will be stranded on v1.9.0: no further over-the-air (SD-card) upgrades will be possible, and re-flashing via JTAG with a newer initial_firmware.bin will be the only way forward.

Install v1.10.3 now to keep your device upgradable.

Release notes

  • feat: Add shield lite by @3rdIteration in #310
  • feat: Add M3Y scanner by @tadeubas in #335
  • feat: Add bootloader to upgrade binary by @k9ert in #323
  • feat: Show Transaction Version, Locktime and inputs' sequences when signing transactions by @oren-z0 in #321
  • feat: Expand detection of possible multisig descriptors & add data input parsing CI tests by @3rdIteration in #301
  • feat: Fix for newer GM65 Scanners scanning CompactSeedQR + add "About Screen" by @3rdIteration in #299
  • feat: Change button text from 'Enter BIP-39 password' to 'Enter passphrase' by @Schnuartz in #327
  • fix: macos build by @k9ert in #325
  • fix: import issues by @k9ert in #332
  • fix: Hide disabled QR scanner in recovery phrase import menu (#329) by @Azzbo77 in #338
  • docs: Build docco additions by @3rdIteration in #311
  • docs: fix grammar and update LVGL library name by @al-munazzim in #342
  • docs: minor comment cleanups by @al-munazzim in #343
  • build: Update build firmware.sh to add no-bootloader build by default by @3rdIteration in #315
  • build: Add support for selecting and combining build actions by @tadeubas in #333
  • ci: Get build back to work and some CI by @k9ert in #307
  • chore: Remove ben and add k9ert keys for releasing by @k9ert in #306
  • chore: Update bootloader submodule to latest by @k9ert in #350
  • chore: prepare release by @k9ert in #340
  • chore: Bump firmware version to v1.10.1 by @miketlk in #346
  • chore: Bump firmware version to v1.10.3 by @k9ert in #351

Upgrade process

Reminder: this is a mandatory upgrade going forward. See the warning above.

Copy specter_upgrade_v1.10.3.bin to the SD card and insert it into the device. The bootloader will check the signatures of the upgrade file and update the firmware.

Flashing on empty board

If your discovery board is empty or you have a very old firmware (below 1.4.0) - connect your board over miniUSB with power jumper set to STLK and copy-paste initial_firmware_v1.10.3.bin file to the mounted drive.

If you have problems flashing initial firmware consider using stlink-tools. A command to flash firmware: 

st-flash write path/to/initial_firmware.bin 0x8000000

If you want to use self-signed bootloader and firmware check out the instructions in the bootloader repo

sha256.signed.txt contains the sha256 hashes of the firmware binary files, GPG-signed with the "Specter Signer 2026"
key.

Fingerprint: 9DC3 3CA8 3058 9DE3 B322 5C26 EEF5 756B 2EA4 2349

Get the public key from the Ubuntu keyserver:
http://keyserver.ubuntu.com/pks/lookup?op=get&search=0x9dc33ca830589de3b3225c26eef5756b2ea42349

Note: This release introduces updated release signing keys. The previous release (v1.9.0) was signed with a different GPG key; the upgrade-binary signatures have also rotated (ben removed, k9ert added).
The bootloader shipped in this upgrade contains the new signing keys, so future upgrades must be signed with the new key set.

Reproducible build

You can build binaries identical to the ones in this release yourself. Follow this instruction, when the build is almost complete the script will output a message for signing and ask you for the signatures.

Verify that upgrade message is: 

b1.0.2-1.10.3-1zucdggdy53lf3uzhdn7l8wetyn0a5l3zmfynqcgswszdmm2g2upqwg9f3u

Add first signature: 

IM7RNMYcQkRJT36seFzjNJP2/3s0XL5WUbxrZNTPMf9zUnHxGrKH5djLDNvVqqs1xV+X4NmixnI2+BccKnkclAs=

Add second signature: 

IJz6xxu9tXionFKsfPw3W3UVMJ/i52oacPPXMKfNAaeueJBvjRfTNakUHNF25T0EeblzcDLap63kb7EUAfEKpYw=

Then hit enter and check that sha256.txt has the same hashes as in sha256.signed.txt file.

New Contributors

Full Changelog: v1.9.0...v1.10.3

Check out latest releases or
releases around cryptoadvance/specter-diy v1.10.3

Don't miss a new specter-diy release

NewReleases is sending notifications on new releases.

Get notifications