OneKeyHQ · somebodyLi · Apr 20, 2026 · Apr 13, 2026 · Apr 13, 2026 · Apr 13, 2026
@@ -536,6 +536,8 @@ message CardanoSignMessage {
     required CardanoDerivationType derivation_type = 3;
     required uint32 network_id = 4;                                 // network id - mainnet or testnet
     optional CardanoAddressType address_type = 5;                   // one of the CardanoAddressType
+    optional uint32 protocol_magic = 6;                             // network's protocol magic - needed for Byron addresses on testnets
+
 }
 
 /**

@@ -59,6 +59,7 @@ message StellarSignTx {
     optional uint64 memo_id = 12;            // 8-byte uint64
     optional bytes memo_hash = 13;           // 32 bytes representing a hash
     required uint32 num_operations = 14;     // number of operations in this transaction
+    optional uint32 soroban_data_size = 60[default=0]; // soroban transaction
 
     // https://github.com/stellar/stellar-core/blob/02d26858069de7c0eefe065056fb0a19bf72ea56/src/xdr/Stellar-transaction.x#L506-L513
     enum StellarMemoType {
@@ -85,6 +86,7 @@ message StellarSignTx {
  * @next StellarAccountMergeOp
  * @next StellarManageDataOp
  * @next StellarBumpSequenceOp
+ * @next StellarInvokeHostFunctionOp
  */
 message StellarTxOpRequest {
 }
@@ -268,6 +270,44 @@ message StellarBumpSequenceOp {
     required uint64 bump_to = 2;        // new sequence number
 }
 
+/**
+ * Request: ask device to confirm this operation type
+ * @next StellarSorobanDataRequest
+ * @next StellarSignedTx
+ */
+message StellarInvokeHostFunctionOp {
+    optional string source_account = 1;          // (optional) source account address
+    required string contract_address = 2;         // contract id string
+    required string function_name = 3;           // invoked contract function name (SCSymbol, max 32 bytes)
+    required uint32 call_args_xdr_size = 4;      // the total size of call args xdr 
+    required bytes call_args_xdr_initial_chunk = 5;     // invokecontract call args xdr bytes
+    required uint32 soroban_auth_xdr_size = 6;
+    required bytes soroban_auth_xdr_initial_chunk = 7;         // soroban authorization entries xdr
+}
+
+/**
+ * Response: device is ready for client to send the soroban data
+ * @next StellarSorobanDataAck
+ */
+message StellarSorobanDataRequest {
+    required StellarRequestType type = 1; 
+    required uint32 data_length = 2;  // Number of bytes being requested (<= 1024)
+
+    enum StellarRequestType {
+        CALL = 0;
+        AUTH = 1;
+        EXT = 2;
+    }
+}
+
+/**
+ * Request: ask device to confirm
+ * @next StellarSignedTx
+ */
+message StellarSorobanDataAck {
+   required bytes data_chunk_xdr = 1;   // the soroban data in xdr format
+}
+
 /**
  * Response: signature for transaction
  * @end

@@ -296,6 +296,9 @@ enum MessageType {
     MessageType_StellarManageBuyOfferOp = 222 [(wire_in) = true];
     MessageType_StellarPathPaymentStrictSendOp = 223 [(wire_in) = true];
     MessageType_StellarSignedTx = 230 [(wire_out) = true];
+    MessageType_StellarInvokeHostFunctionOp = 260 [(wire_in) = true];
+    MessageType_StellarSorobanDataRequest = 261 [(wire_out) = true];
+    MessageType_StellarSorobanDataAck = 262 [(wire_in) = true];
 
     // Cardano
     // dropped Sign/VerifyMessage ids 300-302

@@ -9,7 +9,7 @@
 #define FIX_VERSION_BUILD VERSION_BUILD
 
 #define ONEKEY_VERSION_MAJOR 4
-#define ONEKEY_VERSION_MINOR 19
+#define ONEKEY_VERSION_MINOR 20
 #define ONEKEY_VERSION_PATCH 0
 #define ONEKEY_VERSION_BUILD 0
 

@@ -1129,6 +1129,8 @@
     import trezor.enums.StellarAssetType
     trezor.enums.StellarMemoType
     import trezor.enums.StellarMemoType
+    trezor.enums.StellarRequestType
+    import trezor.enums.StellarRequestType
     trezor.enums.StellarSignerType
     import trezor.enums.StellarSignerType
     trezor.enums.TezosBallotType

@@ -822,7 +822,9 @@ def boot() -> None:
     )
     workflow_handlers.register(MessageType.UnLockDevice, handle_UnLockDevice)
 
-    reload_settings_from_storage()
+    reload_settings_from_storage(
+        timeout_ms=10 * 1000 if utils.is_rest_by_usb_lock() else None
+    )
     from trezor.lvglui.scrs import fingerprints
 
     if config.is_unlocked() and fingerprints.is_unlocked():

@@ -8,7 +8,6 @@
 
 from . import seed
 from .addresses import assert_params_cond
-from .helpers.paths import SCHEMA_STAKING_ANY_ACCOUNT
 
 if TYPE_CHECKING:
     from trezor.wire import Context
@@ -22,7 +21,8 @@ async def sign_message(
     from trezor.messages import CardanoMessageSignature, CardanoAddressParametersType
     from trezor.enums import CardanoAddressType
     from apps.common import paths
-    from .helpers.paths import SCHEMA_MINT, SCHEMA_PAYMENT
+    from .helpers.paths import SCHEMA_PAYMENT, SCHEMA_STAKING_ANY_ACCOUNT
+
     from trezor.crypto.curve import ed25519
     from trezor import wire
     from .helpers import network_ids, protocol_magics
@@ -38,10 +38,10 @@ async def sign_message(
         msg.address_n,
         True,
         # path must match the PUBKEY schema
-        (SCHEMA_PAYMENT.match(msg.address_n) or SCHEMA_MINT.match(msg.address_n)),
+        SCHEMA_PAYMENT.match(msg.address_n),
     )
-    if msg.network_id != network_ids.MAINNET:
-        raise wire.ProcessError("Invalid Networ ID")
+    if msg.protocol_magic is None and (msg.network_id != network_ids.MAINNET):
+        raise wire.ProcessError("Invalid Network id, need protocol magic provide")
 
     address_type = msg.address_type if msg.address_type else CardanoAddressType.BASE
     address_n = msg.address_n
@@ -70,7 +70,7 @@ async def sign_message(
             script_payment_hash=None,
             script_staking_hash=None,
         ),
-        protocol_magics.MAINNET,
+        protocol_magics.MAINNET if msg.protocol_magic is None else msg.protocol_magic,
         msg.network_id,
     )
     address = addresses.encode_human_readable(address_bytes)

@@ -593,4 +593,5 @@ async def confirm_domain(ctx: Context, typed_data_envelope: TypedDataEnvelope) -
         eip712_domain[member.name] = value
     from ..layout import confirm_domain
 
-    await confirm_domain(ctx, eip712_domain)
+    if eip712_domain:
+        await confirm_domain(ctx, eip712_domain)
@@ -67,7 +67,8 @@ async def sign_tx(
                 print(
                     f"Invalid signer used: {PublicKey(fee_payer.get())} != {PublicKey(signer_pub_key_bytes)}"
                 )
-            raise wire.DataError("Invalid signer used")
+            else:
+                raise wire.DataError("Invalid signer used")
     else:
         if PublicKey(signer_pub_key_bytes) not in accounts_keys[:sigs_count]:
             raise wire.DataError("Invalid transaction params")

@@ -437,7 +437,7 @@ async def parse(ctx: wire.Context, accounts: list[PublicKey], data: bytes) -> No
         from ..constents import SPL_TOKEN_PROGRAM_ID
 
         owner_address = None
-        if hasattr(ctx, "extra"):
+        if ctx.extra is not None:
             owner_address = try_get_token_account_owner_address(
                 params.dest.get(),
                 SPL_TOKEN_PROGRAM_ID.get(),

@@ -20,6 +20,7 @@
         StellarPathPaymentStrictSendOp,
         StellarPaymentOp,
         StellarSetOptionsOp,
+        StellarInvokeHostFunctionOp,
     )
 
     StellarMessageType = (
@@ -36,6 +37,7 @@
         | StellarPathPaymentStrictSendOp
         | StellarPaymentOp
         | StellarSetOptionsOp
+        | StellarInvokeHostFunctionOp
     )
 
 
@@ -57,6 +59,7 @@
     MessageType.StellarPathPaymentStrictSendOp: 13,
     MessageType.StellarPaymentOp: 1,
     MessageType.StellarSetOptionsOp: 5,
+    MessageType.StellarInvokeHostFunctionOp: 24,
 }
 
 op_wire_types = [
@@ -73,6 +76,7 @@
     MessageType.StellarPathPaymentStrictSendOp,
     MessageType.StellarPaymentOp,
     MessageType.StellarSetOptionsOp,
+    MessageType.StellarInvokeHostFunctionOp,
 ]
 
 # https://github.com/stellar/go/blob/e0ffe19f58879d3c31e2976b97a5bf10e13a337b/xdr/xdr_generated.go#L584
@@ -93,6 +97,12 @@
 FLAG_AUTH_REVOCABLE = const(2)
 FLAG_AUTH_IMMUTABLE = const(4)
 FLAGS_MAX_SIZE = const(7)
+STELLAR_KEY_TYPE_ED25519 = const(0)
+STELLAR_KEY_TYPE_CONTRACT = const(1)
+STELLAR_STRKEY_VERSION_CONTRACT = const(0x10)
+STELLAR_STRKEY_VERSION_ED25519_PUBLIC_KEY = const(0x30)
+STELLAR_HOST_FUNCTION_TYPE_INVOKE_CONTRACT = const(0)
+STELLAR_TX_EXT_SOROBAN = const(1)
 
 
 def get_op_code(msg: protobuf.MessageType) -> int:

@@ -3,15 +3,35 @@
 from trezor.crypto import base32
 from trezor.wire import ProcessError
 
+from . import consts
+
+
+class InvokeHostFunctionOpSummary:
+    def __init__(
+        self,
+        contract_address: str,
+        function_name: str,
+        call_args_hash: bytes,
+        soroban_auth_hash: bytes,
+        soroban_tx_ext_hash: bytes,
+    ) -> None:
+        self.contract_address = contract_address
+        self.function_name = function_name
+        self.call_args_hash = call_args_hash
+        self.soroban_auth_hash = soroban_auth_hash
+        self.soroban_tx_ext_hash = soroban_tx_ext_hash
+
 
 def public_key_from_address(address: str) -> bytes:
-    """Extracts public key from an address
-    Stellar address is in format:
-    <1-byte version> <32-bytes ed25519 public key> <2-bytes CRC-16 checksum>
-    """
-    b = base32.decode(address)
-    _crc16_checksum_verify(b[:-2], b[-2:])
-    return b[1:-2]
+    return _raw_payload_from_address(
+        address, version=consts.STELLAR_STRKEY_VERSION_ED25519_PUBLIC_KEY
+    )
+
+
+def contract_id_from_address(c_address: str) -> bytes:
+    return _raw_payload_from_address(
+        c_address, version=consts.STELLAR_STRKEY_VERSION_CONTRACT
+    )
 
 
 def address_from_public_key(pubkey: bytes) -> str:
@@ -48,3 +68,15 @@ def _crc16_checksum(data: bytes) -> bytes:
                 crc ^= polynomial
 
     return ustruct.pack("<H", crc & 0xFFFF)
+
+
+def _raw_payload_from_address(address: str, version: int) -> bytes:
+    """Extracts raw payload from an address
+    Stellar address is in format:
+    <1-byte version> <32-bytes raw payload> <2-bytes CRC-16 checksum>
+    """
+    b = base32.decode(address)
+    if b[0] != version:
+        raise ProcessError("Invalid address version")
+    _crc16_checksum_verify(b[:-2], b[-2:])
+    return b[1:-2]
@@ -9,8 +9,11 @@
 
 
 async def process_operation(
-    ctx: Context, w: Writer, op: consts.StellarMessageType
+    ctx: Context, w: Writer, op: consts.StellarMessageType, soroban_data_size: int = 0
 ) -> None:
+    if soroban_data_size > 0:
+        if not serialize.StellarInvokeHostFunctionOp.is_type_of(op):
+            raise ValueError("Stellar: unexpected operation for soroban transaction")
     if op.source_account:
         await layout.confirm_source_account(ctx, op.source_account)
     serialize.write_account(w, op.source_account)
@@ -54,5 +57,10 @@ async def process_operation(
     elif serialize.StellarSetOptionsOp.is_type_of(op):
         await layout.confirm_set_options_op(ctx, op)
         serialize.write_set_options_op(w, op)
+    elif serialize.StellarInvokeHostFunctionOp.is_type_of(op):
+        summary = await serialize.write_invoke_host_function_op(
+            ctx, w, op, soroban_data_size
+        )
+        await layout.confirm_invoke_host_function_op(ctx, summary)
     else:
         raise ValueError("Unknown operation")
@@ -29,6 +29,7 @@
 from trezor.wire import DataError, ProcessError
 
 from .. import consts, helpers
+from ..helpers import InvokeHostFunctionOpSummary
 from ..layout import format_amount, format_asset
 
 if TYPE_CHECKING:
@@ -343,3 +344,23 @@ async def confirm_asset_issuer(ctx: Context, asset: StellarAsset) -> None:
         description=f"{asset.code} issuer:",
         br_type="confirm_asset_issuer",
     )
+
+
+async def confirm_invoke_host_function_op(
+    ctx: Context, summary: InvokeHostFunctionOpSummary
+) -> None:
+    from trezor.lvglui.i18n import gettext as _, keys as i18n_keys
+
+    await confirm_properties(
+        ctx,
+        "op_invoke_host_function",
+        "Invoke Contract",
+        props=(
+            ("Contract", summary.contract_address),
+            ("Function", summary.function_name),
+            ("Args Hash", summary.call_args_hash),
+            ("Auths Hash", summary.soroban_auth_hash),
+            ("Ext Hash", summary.soroban_tx_ext_hash),
+        ),
+        warning_banner_text=_(i18n_keys.SECURITY__SOLANA_RAW_SIGNING_TX_WARNING),
+    )