Skip to content

Version History

Go here for details about the current version!. Selected recent versions may be downloaded here.

Obsolete Versions#

Mk4: Version 5.2.0 - Oct 10, 2023#

  • New Feature: Seed Vault. Store multiple temporary secrets into encrypted settings for simple recall and later use (AES-256-CTR encrypted by key based on the seed). Enable this functionality in Advanced/Tools -> Danger Zone -> Seed Vault -> Enable. Use stored seeds from Seed Vault with top-level Seed Vault menu choice (once enabled). Can capture and hold master secret from any temporary (ephemeral) seed source, including: TRNG, Dice Rolls, SeedXOR, TAPSIGNER backups, Duress Wallets, BIP-85 derived values, BIP-39 passphrase wallets.
  • New Feature: PSBTv2 support added! Enables new PSBT workflows and applications.
  • New Feature: Lock Down Seed now works with every temporary secret (not just BIP39 passphrase)
  • New Feature: BIP-39 Passphrase can now be added to any words-based temporary seed.
  • New Feature: Add ability to back-up BIP39 Passphrase wallet (with passphrase encoded).
  • New Feature: Return to main secret from temporary without need to reboot the device.
  • Enhancement: Shortcut to Batch Sign PSBT via Ready To Sign -> Press (9)
  • Enhancement: Waste less storage space by removing old plausible deniability code which was only needed for Mk1 - Mk3 where SPI flash was an external chip.
  • Enhancement: Remove obsolete Mk2/Mk3 code-paths from master branch.
  • Enhancement: BIP39 Passphrase is now internally handled as an temporary secret. Ability to see BIP-39 Passphrase after wallet is active via View Seed Words was removed as a consequence of this change. Benefit: passphrase no longer held in memory while in operation.
  • Enhancement: Showing secrets now also displays extended private key (XPRV) for BIP-39 passphrase wallets.
  • Enhancement: Increase number of slots in settings memory from 64 to 100.
  • Bugfix: Fixed off by one bug in Trick Pins -> Login Countdown menu.
  • Nomenclature: "Ephemeral Seed" will now be called "Temporary Seed".

Mk4: Version 5.1.4 - Sept 8, 2023#

  • New Feature: Batch sign multiple PSBT files. Advanced/Tools -> File Management -> Batch Sign PSBT
  • Enhancement: Sparrow Wallet added as an individual export option (same file contents)
  • Enhancement: change key origin information export format in multisig addresses.csv to match BIP-0380 was (m=0F056943)/m/48'/1'/0'/2'/0/0 now [0F056943/48'/1'/0'/2'/0/0]
  • Enhancement: Address explorer UX cosmetics, now with arrows and dots.
  • Enhancement: Linked settings (multisig, trick pins, backup password, hsm users and utxo cache) separation for new main secret.
  • Rename Unchained Capital to Unchained
  • Bugfix: Correct scriptPubkey parsing for segwit v1-v16
  • Bugfix: Do not infer segwit just by availability of PSBT_IN_WITNESS_UTXO in PSBT.
  • Bugfix: Remove label from Bitcoin Core importdescriptors export as it is no longer supported with ranged descriptors in version 24.1 of Core.
  • Bugfix: Empty number during BIP-39 passphrase entry could cause crash.
  • Bugfix: Signing with BIP39 Passphrase showed master fingerprint as integer. Fixed to show hex.
  • Bugfix: Fixed inability to generate paper wallet without secrets
  • Bugfix: Activating trick pin duress wallet copied multisig settings from main wallet
  • Bugfix: SD2FA setting is cleared when seed is wiped after failed login due to policy SD2FA enforce. Prevents infinite seed wipe loop when restoring backup after 2FA MicroSD lost or damaged. SD2FA is not backed up and also not restored from older backups. If SD2FA is set up, it will not survive restore of backup.
  • Bugfix: Terms only presented if main PIN was not chosen already.
  • Bugfix: Preserve defined order of Login Countdown settings list.
  • Bugfix: Remove unsupported trick pin option Look Blank from if wrong (not supported by bootrom).
  • Bugfix: v5.1.3 release had padding issue which causes red light on install.

Mk4: Version 5.1.2 - Apr 7, 2023#

  • Enhancement: Support all SIGHASH types (previously only SIGHASH_ALL was supported). This can enable specialized Bitcoin transactions involving multiple signers and even limited changes to the transaction after signing. To enable the most dangerous SIGHASH modes, you must change Advanced -> Danger Zone -> Sighash Checks. Warnings are shown for all of the new SIGHASH modes regardless of this setting.
  • Enhancement: SeedXOR now supports 12 and 18 words mnemonics.
  • Enhancement: Signing memory, speed optimizations.
  • Enhancement: Docker repro build container improvements (non-privileged container)
  • Bugfix: After extended private key and TAPSIGNER backup import into blank wallet, users needed to manually reboot Coldcard.
  • Bugfix: Do not set SIGHASH type on foreign PSBT inputs
  • Bugfix: "Validating..." screen would be shown twice in some cases. Improves signing performance.

Mk4: Version 5.1.1 - Feb 27, 2023#

  • New Feature: "MicroSD card as Second Factor". Specially marked MicroSD card must be already inserted when (true) PIN is entered, or else seed is wiped. Add, remove and check cards in menu: Settings -> Login Settings -> MicroSD 2FA
  • New Feature: Import TAPSIGNER encrypted backup as main or ephemeral seed, for PSBT signing.
  • New Feature: Detached Bitcoin signature files (most exports)
    • Files exported are now signed with a detached signature. Look for a .sig file with the same name, and verify signature with your favourite Bitcoin tools. See "Signed Exports" in docs/msg-signing.md fo more information.
    • Coldcard can now verify signed files:
      • SD card and Virtual disk Advanced/Tools -> File Management -> Verify Sig File
      • NFC Advanced/Tools -> NFC Tools -> Verify Sig File
  • Address Explorer:
    • Enhancement: Application-specific derivation paths in Address Explorer -> Applications
    • Bugfix: Change value was ignored when generating addresses file
  • Import Enhancements:
    • Add import multisig wallet via Virtual Disk
    • Add import extended private key via Virtual Disk and via NFC
    • Import seed in compact/truncated form (just 3-4 letters of each seed word)
    • Import extended private key as ephemeral seed
  • Export Enhancements:
    • Samourai POST-MIX and PRE-MIX descriptor export options added
    • Lily Wallet added
    • Ability to export all supported wallets via NFC (instead of SD card only)
    • Change electrum export file name from 'new-wallet.json' to 'new-electrum.json'
    • Allow export of Wasabi skeleton for Bitcoin Regtest.
  • Backup Enhancement:
    • Option to save the backup file's encryption password for next backup. Then next backup is quick and simple: no need to record yet another 12 words.
  • Enhancement: During seed generation from dice rolls, enforce at least 50 rolls for 12 word seeds, and 99 rolls for 24 word seeds. Statistical distribution check
  • Enhancement: Single signature wallet generic descriptor export Advanced -> Export Wallet -> Descriptor. Both new format with internal/external in one descriptor <0;1> and standard with two descriptors are supported. added to prevent users from generating low-entropy seeds by rolling same value repeatedly.
  • Bugfix: Offer import/export from/to Virtual Disk in UI even if SD Card is inserted.
  • Bugfix: Recalculate extended key saved in settings upon chain change (BTC, XTN, XRT).
  • Bugfix: Provide correct derivation path (m/84'/1'/0') for testnet Wasabi export.
  • Bugfix: Properly display UX checkmark only if testnet (XTN, XRT) is enabled in Settings- > Danger Zone -> Testnet Mode.
  • Docs: Add docs/rolls12.py script for verifying dice rolls math for 12 word seeds.
  • Bugfix: v5.1.0 would not install over MicroSD; 5.1.1 was made to replace it.

Mk4: Version 5.0.7 - Oct 5, 2022#

  • NFC Enhancements:
    • In older versions, multisig NFC import not offered if a MicroSD card was inserted, now this option provided Settings > Multisig Wallets > Import via NFC. NFC has to be enabled for this option to be visible in the menu.
    • NFC message signing (Advanced/Tools > NFC Tools > Sign Message). Send message in same format as Sign Text File over NFC, approve signing on Coldcard and send signed ASCII-armored message back over NFC.
    • Show address over NFC (Advanced/Tools > NFC Tools > Show Address).
    • Bugfix: Improved NFC commands exception handling
    • Bugfix: Share single address over NFC from address explorer menu.
  • HSM Enhancements:
    • Dynamic HSM Whitelisting. Foreign outputs can be attested-to by signing them with private key corresponding to the address specified in HSM policy. Attestation signature MUST be provided in PSBT in a new proprietary field.
    • HSM policy hash is now displayed during first activation and in the HSM status response. This enables fast comparison against known policy hashes.
    • Thanks to @straylight-orbit for above items!
    • Now ignores HSM commands over USB, by default. To enable and use HSM features, go to Advanced/Tools > Enable HSM > Enable
  • New Feature: Ephemeral Seeds: Advanced/Tools > Ephemeral Seed (more info in docs/ephemeral.md)
  • Enhancement: New menu wraparound settings which allow you to scroll past top and bottom of any menu (Settings > Menu Wrapping).
  • Enhancement: Allow import of new descriptor type which specify both internal/external in single string (ie. ../<0;1>/..). We still export in older format.
  • Enhancement: add ability to specify address format in text file to be signed (3rd line of file)
  • Bugfix: Correct parsing of unknown fields in PSBT: they are now passed through.
  • Bugfix: Using lots of trick pins (7+), could lead to a case where the Coldcard would not accept the main pin, but trick pins continued to work. This release adds a workaround to avoid getting into that situation, and new units from the factory will ship with an updated bootrom (version 3.1.5).

Mk4: Version 5.0.6 - July 29, 2022#

  • Security release: Virtual Disk feature updated with bugfix to address potential security concerns and new security hardening changes. Upgrade strongly recommended. More details in the Coinkite Blog.

Mk4: Version 5.0.5 - July 20, 2022#

  • Enhancement: BIP-85 derived passwords. Pick an index number, and COLDCARD will derive a deterministic, strong (136 bit) password for you. It will even type the password by emulating a USB keyboard. See new areas: Settings > Keyboard EMU and Settings > Derive Seed B85 > Passwords.
  • Documentation: added docs/bip85-passwords.md documenting new BIP-85 passwords and keyboard emulation.
  • Enhancement: BIP-85 derived values can now be exported via NFC, in addition to QR code.
  • Enhancement: Allow signing transaction where foreign UTXO(s) are missing. Only applies to cases where partial signatures are being created. Thanks to @straylight-orbit
  • Enhancement: QR Codes are now easier to scan in bright light. Thanks to @russeree for this useful fix!
  • Bugfix: order of multisig wallet registration does NOT matter.
  • Enhancement: Support import of multisig wallet from descriptor (only sortedmulti, BIP-67). Also support export of multsig wallet as descriptor.
  • Enhancement: Address explorer can show "change" addresses for standard derivation paths for both single and multisig wallet.
  • New tutorial: 2of2 multisig with 2x Coldcard signing device, and bitcoin-qt as coordinator, see docs/bitcoin-core2of2desc.md
  • Enhancement: OP_RETURN is now a known script and is displayed in ascii when possible
  • Bugfix: allow unknown scripts in HSM mode, with warning.

Mk4: Version 5.0.4 - May 27, 2022#

  • Enhancement: Optional USB protocol change which binds the ephemeral ECDH encryption keys more tightly. Best used in HSM mode where a single long-term USB connection is expected. Thanks to @DON-MAC-256 for this feature.
  • Enhancement: In HSM mode, when more than 1k approvals, handle overflow in display, thanks to @straylight-orbit
  • Enhancement: Adds support for "Regtest" which are testnet coins on an isolated blockchain. It's only useful for developers, and should not be used otherwise.
  • Enhancement: Major rework of test setup to use BitcoinCore on regtest, and support Linux devs.
  • Enhancement: Pause waiting for incoming NFC data increased to 3 seconds, from one. Better error reporting for debug purposes.
  • Corrects obsolete domain name (coldcardwallet.com) in repro build script, thanks to @xavierfiechter
  • Documentation: Secure element related fixes from @lucasmoten
  • Bugfix: Error if clone (receiving end) started without first inserting SD card, fixed.
  • Bugfix: Reproducible build issues corrected, thanks to @Ademan

Mk4: Version 5.0.3 - May 4, 2022#

  • Enhancement: Support P2TR outputs (pay to Taproot) in PSBT files. Allows on-screen verification of P2TR destination addresses (bc1p..) so you can send your BTC to them. Does not support signing, so you cannot operate a Taproot wallet with COLDCARD as the signing device... yet.
  • Adds NFC support for exporting to all the various wallet-types.
  • Multisig wallet specs can be exported via NFC, and new multisig wallet can be imported over NFC.
  • Menu re-org:
    • "Export Wallet" now directly under Advanced Menu and duplicate link remains under File Management.
    • "Dump Summary" moved from Backup menu to Export
    • "Advanced" now "Advanced/Tools"
    • "New Wallet" renamed "New Seed Words"
    • Dice rolls (for new seed) moved from Import (a misnomer) to "New Seed Words"
  • New users will see some prompts to help them get started, after seed is set.
  • 12 word seeds are now an option from the start, either by TRNG or Dice Roll
  • Duress wallet (from trick pin) will be 12-words if your true seed is 12-words
  • Bugfix: allow sending to scripts that we cannot parse, with a warning, to support OP_RETURN and other outputs we don't understand well (yet).
  • Bugfix: sending NFC things into the Coldcard was not working, fixed.
  • Enhancement: Power-down during the login countdown now resets the time delay to force attacker (or yourself) to start over with full delay time.
  • Enhancement: if an XFP of zero is seen in a PSBT file, assume that should be replaced by our current XFP value and try to sign the input (same for change outputs and change-fraud checks). This makes building a workable PSBT file easier and could be used to preserve privacy of XFP value itself. A warning is shown when this happens.
  • Enhancement: "Advanced > Export > Export XPUB" provides direct way to show XPUB (or ZPUB/YPUB) for BIP-84 / BIP-44 / BIP-49 standard derivations, as a QR. Also can show XFP and master XPUB.

Mk3: Version 4.1.8 - Jun 19, 2023#

  • Please use 4.1.9 instead of this release, see above.
  • Bugfix: "Validating..." screen would be shown twice in some cases. Improves signing performance.
  • Bugfix: Reproducible builds corrected.

Mk3: Version 4.1.7 - Nov 14, 2022#

  • Upgrade Bugfix: Upgrades to 4.1.6 version using SD Card did not work due to an obscure alignment bug. USB upgrade did work. A workaround has been added for this release. No other changes.

Mk3: Version 4.1.6 - Oct 5, 2022#

  • Bugfix: order of multisig wallet registration does NOT matter in PSBT signing
  • Bugfix: allow unknown scripts in HSM mode
  • Enhancement: OP_RETURN is now a known script and is displayed in ascii if possible

Mk3: Version 4.1.5 - May 4, 2022#

  • Enhancement: Support P2TR outputs (pay to Taproot) in PSBT files. Allows on-screen verification of P2TR destination addresses (bc1p..) so you can send your BTC to them. Does not support signing, so you cannot operate a Taproot wallet with Mk3 COLDCARD as the signing device.
  • Bugfix: Yikes error shown during BIP-85 menu operation.
  • Enhancement: Rename "Derive Entropy" to "Derive Seed B85" to match Mk4 menus

Mk3: Version 4.1.4 - Apr 26, 2022#

  • Enhancement: if an XFP of zero is seen in a PSBT file, assume that should be replaced by our current XFP value and try to sign the input (same for change outputs and change-fraud checks). This makes building a workable PSBT file easier and could be used to preserve privacy of XFP value itself. A warning is shown when this happens.
  • Enhancement: "Advanced > Export XPUB" provides direct way to show XPUB (or ZPUB/YPUB) for BIP-84 / BIP-44 / BIP-49 standard derivations, as a QR. Also can show XFP and master XPUB.
  • Bugfix: Updated domain name from coldcardwallet.com to coldcard.com in docs and few on-screen messages.
  • Bugfix: allow sending to scripts that we cannot parse, with a warning, to support OP_RETURN and other outputs we don't understand well (yet).

Mk3: Version 4.1.3 - Sept 2, 2021#

  • Enhancement: support "importdescriptors" command in Bitcoin Core 0.21 so that a descriptor-based wallet is created. PSBT files are then supported natively by Core, and the resulting desktop wallet can be used for spending (ie. create PSBT via GUI) and also watching. Translation: Easy air-gap PSBT operation with Bitcoin Core!
  • Enhancement: remove "m/0/0" derivations from public.txt and address explorer, since that path is obsolete and not used by any major wallets now. We can still sign PSBT files with that path, but it's an unnecessary risk to show derived addresses for a type of wallet that doesn't exist anymore.
  • Enhancement: if PSBT input sections don't contain the key path information we need, show a more specific error message.
  • Bugfix: a PSBT which provided the wrong pubkey (based on UTXO being spent) was not flagged as invalid, but instead we proceeded to do nothing. Now says "pubkey vs. address wrong".
  • Bugfix: if asked to serialize a partially-signed transaction, we did. Now fails properly.
  • Bugfix: if multiple copies of the same BIP-39 passphrase were saved to a card, the menu would not display correctly and you might not be able to select your saved value.

Version 4.1.2 - July 28, 2021#

  • Enhancement: Shows QR code with BIP-85 derived entropy value if you press (3) while value shown on-screen. Thanks to @opennoms for idea. Works with 12/18/24-words, XPRV, privatekey and even hex cases.
  • Enhancement: Offer to show QR in other places:
    • Coldcard's main XPUB, in Advanced > View Identity
    • Seed words, during picking process (before the quiz)
    • Stored seed words: Advanced > Danger Zone > Seed Functions > View Seed Words
    • TXID of just-signed transaction (64 hex digits)
    • Encryption password for the system backup file (12 words)
  • Enhancement: We now grind a nonce so that our signatures are always 71 bytes or shorter. This may save a byte in transaction size, and makes our signatures identical to those produced by Bitcoin Core, improving anonymity on-chain. Thanks to @craigraw for detecting this.
  • Bugfix: On a blank Coldcard, after importing a seed phrase using the Seed XOR feature, the main menu was not updated to show system is "Ready To Sign".
  • Bugfix: Red caution light could happen (a false positive) if a specific sequence of firmware upgrades and reboots occured in the right order. Issue could only occur once during lifetime of any particular Coldcard.

Version 4.1.1 - April 30, 2021#

  • Bugfix/Enhancement: Unchained Capital was using the P2SH (BIP-45) value we exported in our multisig wallet file (removed in 4.1.0). So we've restored that, added BIP-45 path to our generic JSON export (if account number is zero), and added a dedicated menu item: Advanced > MicroSD > Export > Unchained Capital

Version 4.1.0 - April 29, 2021#

  • New feature: Seed XOR -- split your secret BIP-39 seed into 2 (or 3 or 4) new seed phrases
    • any combination of found seed word phrases is a fully working wallet (great for duress)
    • still 24 words, and can be encoded onto a SEEDPLATE
    • all parts are required to be known to get back to original seed phrase (not M of N, always N of N),
    • your existing seed can be split by Coldcard (one already in use)
    • you can do the math on paper, and it's possible to split/combine without the Coldcard
    • see docs/seed-xor.md for background
    • see wordlist-paper repo for some tools
  • Enhancement: Add support for BIP-48 derivations when exporting generic JSON (including the accounts number) under Advanced > File Management > Export Wallet > Generic JSON. These are targeted towards multisig wallets, such as Sparrow
  • Enhancement: Ask for account number when creating Multisig Wallets via air-gapped Coldcards. Use account zero for compatibility with previous versions. No need to use same account number on each participating Coldcard, but we recommend that. Creating new P2SH (BIP-45) type air-gapped wallets has been removed since it cannot support multiple accounts.
  • Enhancement: Show new firmware version number and date before installing firmware update.
  • Bugfix: Could not clear PIN codes, including the duress PIN, so was not possible to wipe the main secret, if a duress PIN had been set. 999999-999999 works again now.
  • Bugfix: Deleting a multisig wallet that was identical to another wallet, except for different address type, would lead to an error.
  • Bugfix: Standardize on BIP-nn in place of BIPnn in source code, messages and docs.

Version 4.0.2 - April 7, 2021#

  • New feature: "Countdown and Brick" (Mk3 only)
    • set a special PIN code, and when used, the Coldcard is immediately bricked while a normal-looking countdown for login is shown (default 1 hour). As an alternative to bricking, you can make it consume all but the final PIN attempt.
  • Enhancements to "Login Countdown" feature:
    • turning off the Coldcard will not clear the countdown, it continues on next power-up.
    • login countdown time delays are more accurate now.
    • Important: for the first login when firmware runs (immediately after upgrade), the login countdown delay, if you had previously enabled it, will not be enforced. However, the setting is then migrated to a new spot and takes effect going forward without any action needed.
  • Enhancement: Settings > Display Units: Select how to show Bitcoin amounts when displayed on-screen. Choices are BTC (default), mBTC (millibit), bits (aka uBTC), and sats (an integer).
  • Enhancement: Settings > Disable USB: New setting to disable USB port if your plan is air-gap only. Default remains USB port enabled.
  • Bugfix: Formating of larger SD Cards works again (FAT32 support).
  • Bugfix: Reject transactions whose outputs are greater than inputs.
  • Downgrades to v3 no longer supported.

Version 4.0.1 - March 29, 2021#

  • Fixes security issue in v4.0.0. (3.x.x Unaffected)
  • Known issue: formatting of SD Card does not work and leads to a crash.

Version 4.0.0 - Mar 17, 2021#

  • Major internal changes.
    • now using Bitcoin Core's "libsecp256k1" for all EC crypto operations
    • super fast pure-assembly AES256-CTR code makes USB communications faster
    • newly optimized SHA256 and SHA256(SHA256) code
    • all crypto and BIP-39 related code replaced
    • huge thanks to @switck for the new library!
  • Enhancement: During seed phrase import, after 23 words provided, Coldcard will calculate the correct checksum and show the valid choices for the last word (there will be 8 typically). This means you can pick seed words by drawing from a hat.
  • New feature: Secure Device Cloning. Using a MicroSD card, copy your Coldcard's secrets and settings to a blank Coldcard. Very quick and easy, uses public key encryption (Diffie-Hellman key exchange) and AES-256-CBC for the transfer.
  • Bugfix: CSV of addresses explorer export via Address Explorer, when account number was used, did not reflect the (non-zero) account number.
  • Enhancement: Reproducible builds! Checkout code, "cd stm32; make repro" should do it all.
  • Enhancement: Paper wallet feature restored as it was previously. Same cautions apply.
  • Enhancement: Inside encrypted backup files (7z), the cleartext filename is no longer fixed as ckcc-backup.txt. Instead it's a random word and number. Improves plausible deniability when backup files discovered.
  • Enhancement: Show a progress bar during slow parts of the login process.
  • Enhancement: Long menus, like the seed-word picking system, now wrap around from top/bottom, so you can get to Z by going up from A.
  • Limitation: Mk2 (older hardware, with less memory) may struggle with some of the new features, but can still run this firmware release... so you can clone it to your new Mk3!
  • HSM/CKBunker mode changes:
    • IMPORTANT: users with passwords will have to be reconstructed as hash algo has changed
    • when unlocking HSM mode from "boot to HSM mode" (using secret PIN immediately after bootup) the HSM policy is no longer removed automatically.
    • time limit to escape "boot to HSM" mode has doubled from 30 seconds to 1 minute.
  • Remaining GPL code has been removed, so license is now MIT+CC on everything.

Version 3.2.2 - Jan 14, 2021#

  • Major Address Explorer enhancements! Thanks go to @switck for this major feature bump.
    • View sub-accounts as exported, just enter the account number.
    • Multisig wallet support! (Caveat: addresses are for verification purposes and never for direct use as deposit, so they are partially redacted)
    • Enter any custom derivation path, by entering numbers directly; for gurus.
    • Warning screen can be suppressed after reading first time (press 6)
    • Export of addresses now named "addresses.csv" not ".txt"
  • Bugfix: Disable a few more path derivation checks for "Skip Checks" for multisig compatibility. Handles error shown when working with previously-imported Spectre multisig wallets (ie. multisig.py: 891).
  • Bugfix: Generic wallet export (JSON) name for BIP-49 wallets changed from "p2wpkh-p2sh" to "p2sh-p2wpkh". Thanks @craigraw

Version 3.2.1 - Jan 8, 2021#

  • Major Multisig improvements! If you are using multisig features, please backup your Coldcard before upgrade, just in case (but shouldn't be a problem).
    • Tracks derivation path for each co-signer and no longer assumes they all use a shared derivation path. Blocks multiple instances of same XFP in the wallet (not supported anymore, bad idea). Various displays updated to reflect derivation path change. Text file import: "Derivation:" line can be repeated, applies to all following xpubs.
    • Show Ypub/Zpub formated values from SLIP-132 when viewing details of wallet.
    • Standardize on "p2sh-p2wsh" nomenclature, rather than "p2wsh-p2sh", thanks to @humanumbrella. For airgaped multisig wallet creation, you must use same firmware verison on all Coldcards or this change can make trouble.
    • Address type (p2sh-p2wsh, p2sh, p2wsh) is captured from MS wallets created by PSBT file import.
    • Can now store multiple wallets involving same set of XFP values, if they have differing subkey paths and/or address formats.
    • New mode which disables certain multisig checks to assist bug compatibility.
  • Enhancement: Add support for signing Payjoin PSBT files based on BIP-78.
  • Enhancement: Promoted the address explorer to the main menu. It's useful! (credit to @matt_odell)
  • Bugfix: zero-length BIP-39 passphrase, when saved, would cause a crash when restore attempted. We recommend longer passphrases, but fixed the issue.
  • Enhancement: Move the "blockchain" setting deeper into the "Danger Zone" and add warning screen. This mitigates a concern raised by @benma (Marko Bencun) where an attacker could socially-engineer you to sign a transaction on Testnet, which corresponds to real UTXO being stolen. Only developers should be using Testnet.
  • Bugfix: Display of amounts could be incorrect by a few sats in final digits.
  • Bugfix: Incorrect digest method picked when P2SH-P2WSH incorrectly identified as plain P2SH.
  • Bugfix: Better error reporting when importing bogus multisig wallet files.
  • Enhancement: Files created on MicroSD will have date and time determined by the version of firmware that made them. Downstream systems might use this to know when the Coldcard should be upgraded, or which firmware version created the data. Idea from @sancoder
  • Enhancement: Show version of secure element, under Advanced > Upgrade > Show Version.
  • Enhancement: Improve 'None of the keys involved...' message to show XFP value actually found inside PSBT file.
  • Enhancement: "Invalid PSBT" errors are shown with more information now.
  • Paper Wallet features temporarily removed to free space; will return in future version.
  • License changed from GPL to MIT+CC on files for which the GPL doesn't apply.

Version 3.1.8 and 3.1.9 - Aug 6, 2020#

  • Massive Enhancement: Optimized and improved drawing speed on screen, and responsiveness of keypad entry. You'll see some slight changes to login screen (centered now) and massive drawing performance improvements system-wide. Laggy and unresponsive keypad is no more!
  • New feature: New setting, "Delete PSBTs", will blank and securely erase input PSBT files when they are no longer needed. Also renames signed transaction to be (txid).txn (in hex)
  • Enhancement: The current XFP (xpub fingerprint) is shown on the "Ready To Sign" screen, if you have entered an BIP-39 Passphrase.
  • Enhancement: File names from SD Card are now shown in sorted order.
  • Enhancement: Can show the SHA256(file contents) for any file on SD Card. Use Advanced > MicroSD > List Files and pick your file. Thanks to B.O. for this idea.
  • Enhancement: Enable full BIP-85 support on older Mk2 hardware (derived entropy feature).
  • Enhancement: Minor text changes based on feedback from customers.
  • Enhancement: Two assertions promoted to text error messags related to bad PSBT files.
  • (v3.1.9) Enhancement: Very minor change so that login feels more responsive.
  • (v3.1.9) Bugfix: Small bug in production selftest. No other changes.

Version 3.1.7 - July 3, 2020#

  • Enhancement: Detect, report and block the recently reported type of attack against BIP-143 (replay of segwit inputs) with an error message. No changes needed to your input PBST files. Will show errors similar to: "Input#0: Expected 15 but PSBT claims 5.00001 BTC"
  • Enhancement: When the Coldcard is finalizing the transaction, we show the TXID (hex transaction ID) of the transaction on the screen.
  • Enhancement: Export deterministically-derived entropy in the form of seed phrases (BIP-39), XPRV, private key (WIF), or hex digits using new BIP-85 standard. Useful for seeding other wallets from your Coldcard, so you don't need to backup "yet another" seed phrase. Derived values (all types) can be easly recreated from Coldcard later, or the backup of the Coldcard. Does not expose the Coldcard's master secret, should new wallet be compromised.
  • Bugfix: When scrambled keypad used with the login delay feature, the PIN-entry sequence was not scrambled after the forced delay was complete. Thanks to an anon customer for reporting this.
  • Bugfix: Scrambled keypad didn't change between PIN prefix and suffix.
  • Enhancement: QR Code rendering improved. Should be more readable in more cases. Faster.
  • Enhancement: View percent consumed of the settings flash space (just for debug)
  • Enhancement: New command to clear the UTXO history, in rare case of false positive.
  • (v3.1.6) Bugfix: Signing PSBT with finalization from MicroSD card, did not work. Error about "HexWriter" was shown, or "Assertion" error in 3.1.5.
  • (v3.1.7) Bugfix: Support longer bag numbers now in use at factory.

Version 3.1.3 - April 30, 2020#

  • Enhancement: Save your BIP-39 passphrases, encrypted, onto a specific SDCard, if desired. Passphrases are encrypted with AES-256 (CTR mode) using a key derived from the master secret and hash of the serial number of the SDCard. You cannot copy the file to another card. To use this feature, press (1) after you've successfully entered your passphrase. 'Restore Saved' menu item will appear at top of passphrase-entry menu, when correctly-encrypted file is detected.
  • Enhancement: Export a generic JSON skeleton file, not aligned with any particular desktop/mobile wallet, but useful for any such integrations. Includes XPUB (and associated data) needed for P2PKH, P2WPKH (segwit) and P2WPKH-P2SH wallets, which conform to BIP-44, BIP-84, and BIP-49 respectively. Thanks to @craigraw the idea.
  • Enhancement: when signing a text file from MicroSD card, if you specify a derivation path that starts with m/84'/... indicating that you are following BIP-84 for segwit addresses, the resulting signature will be formatted as P2WPKH in Bech32.
  • Minor code cleanups and optimizations.

Version 3.1.2 - Feb 27, 2020#

  • Enhancement: New setting to enable a scrambled numeric keypad during PIN login.
  • Enhancement: Press 4 when viewing a payment address (triggered by USB command) to see the QR code on-screen (Mk3 only).
  • Enhancement: Can enter non-zero account numbers when exporting wallet files for Electrum and Bitcoin Core. This makes importing seeds from other systems easier and safer.
  • Enhancement: Dims the display when entering HSM Mode.
  • Bugfix: Trust PSBT setting (for multisig wallets) was being ignored. Thanks to @CasaHODL for reporting this.
  • Bugfix: XPUB values volunteered in the global section of a PSBT for single-signer files would cause errors (but ok in multisig). Coldcard will now handle this, although it doesn't need them.
  • Bugfix: 3.1.1 had a bug which broke the new "non-zero account export" feature.

Version 3.1.0 - Feb 20, 2020#

  • HSM (Hardware Security Module) mode: give Coldcard spending rules, including whitelisted addresses, velocity limits, subsets of authorizing users ... and Coldcard can sign with no human present. Requires companion software to setup (ckbunker or ckcc-protocol), and disabled by default, with multi-step on-screen confirmation required to enable. Mk3 only.
  • Enhancement: New "user management" menu. Advanced > User Management shows a menu with usernames, some details and a 'delete user' command. USB commands must be used to create user accounts and they are only used to authenticate txn approvals in HSM mode.
  • Enhancement: PSBT transaction can be "visualized" over USB, meaning you can view what the Coldcard will show on the screen during approval process, as text, downloaded over USB. That text can be signed (always with root key) to prove authenticity.
  • Enhancement: Sending large PSBT files, and firmware upgrades over USB should be a little faster.
  • IMPORTANT: This release is NOT COMPATIBLE with Mk1 hardware. It will brick Mk1 Coldcards.

Version 3.1.0 - Feb 20, 2020#

  • HSM (Hardware Security Module) mode: give Coldcard spending rules, including whitelisted addresses, velocity limits, subsets of authorizing users ... and Coldcard can sign with no human present. Requires companion software to setup (ckbunker or ckcc-protocol), and disabled by default, with multi-step on-screen confirmation required to enable. Mk3 only.
  • Enhancement: New "user management" menu. Advanced > User Management shows a menu with usernames, some details and a 'delete user' command. USB commands must be used to create user accounts and they are only used to authenticate txn approvals in HSM mode.
  • Enhancement: PSBT transaction can be "visualized" over USB, meaning you can view what the Coldcard will show on the screen during approval process, as text, downloaded over USB. That text can be signed (always with root key) to prove authenticity.
  • Enhancement: Sending large PSBT files, and firmware upgrades over USB should be a little faster.
  • IMPORTANT: This release is NOT COMPATIBLE with Mk1 hardware. It will brick Mk1 Coldcards.

Version 3.0.6 - Dec 19, 2019#

  • Security Bugfix: Fixed a multisig PSBT-tampering issue, that could allow a MitM to steal funds. Please upgrade ASAP.
  • Enhancement: Sign a text file from MicroSD. Input file must have extension .TXT and contain a single line of text. Signing-key subpath can be provided on the second line.
  • Enhancement: Now shows the change outputs of the transaction during signing process. This additional data can be ignored, but it is useful for those who wish to verify all parts of the new transaction.
  • Enhancement: PSBT files on MicroSD can now be provided in base64 or hex encodings. Resulting (signed) PSBT will be written in same encoding as the input PSBT.
  • Bugfix: crashed on entry into the Address Explorer (some users, sometimes).
  • Bugfix: add blank line between addresses shown if sending to multiple destinations.
  • Bugfix: multisig outputs were not checked to see if they are change (would have been shown as regular outputs), if the PSBT did not have XPUB data in globals section.
  • NOTE: This is the final version to support Mk1 hardware.

Version 3.0.5 - Nov 25, 2019#

  • Address explorer can show QR code for any address (Mk3 only). Press 4 to view. Once shown, press 1 to invert image, and 5/8 for next address. Successful scanning requires the best phone camera, and some patience, due to limited screen size.
  • Export a command file for Bitcoin Core to create an air-gapped, watch-only wallet. Requires v0.18 or higher of Bitcoin Core. docs/bitcoin-core-usage.md has been updated. Thanks to @Sjors for creating this new feature!
  • Paper Wallets! Creates random private key (or use your own dice for entropy), completely unrelated to your seed words, and saves deposit address and private key (WIF format) into a text file on MicroSD. If you have a Mk3, it will also add a QR code inside the text file, and if you provide a special PDF-like template file (example in paperwallet.pdf) then it will superimpose the QR codes into the template, and save the resulting ready-to-print PDF to MicroSD. CAUTION: Paper wallets carry MANY RISKS and should only be used for SMALL AMOUNTS.
  • Adds a "Format Card" command for erasing MicroSD contents and reformatting (FAT32).
  • Bugfix: Idle-timeout setting should only take effect after the login countdown. Thanks to @aoeui21 for reporting this.

Version 3.0.3 - Nov 6, 2019#

  • Add "Login Countdown" feature: once enabled, you must enter you PIN correctly, and then wait out a forced delay (of minutes/hours/days) while a count down is shown on-screen. Then enter your PIN correctly, a second time, to get in. You must provide continuous power to the Coldcard during this entire period! Go to Settings > "Login Countdown" for the time intervals to pick from. Thanks to @JurrienSaelens for this feature suggestion.
  • Nickname feature: Enter a short text name for your personal Coldcard. It's displayed at startup time before PIN is entered. Try it out in Settings > "Set Nickname"
  • Bugfix: Adding a second signature (multisig) onto a PSBT already signed by a different Coldcard could fail with "psbt.py:351" error.

Version 3.0.2 - Nov 1, 2019#

  • New command in Danger Zone menu to view the seed words on-screen, so you can make another on-paper backup as needed.
  • Robustness: Analyse paths used for change outputs and show a warning if they are not similar in structure to the inputs of that same transaction. These are imperfect heuristics and if you receive a false positive, or are doing weird things that don't suit the rules below, please send an example PSBT to support and we'll see if we can handle it better:
    • same derivation path length
    • shared pattern of hardened/not path components
    • 2nd-last position is one or zero (change/not change convention)
    • last position within 200 units of highest value observed on inputs
  • Robustness: Improve checking on key path derivations when we encounter them as text.
    • accept 10h and 10p as if they are 10' (alternative syntax)
    • define a max depth (12) for all derivations
    • thanks to @TheCharlatan
  • Security Improvement: during secure logout, wipe entire contents of serial flash, which might contain PSBT, signed or unsigned (for more privacy, deniability)

Version 3.0.1 - Oct 10, 2019#

  • MARK3 SUPPORT!
    • Adds support for Mark 3 hardware: larger CPU and better secure element (608)
    • Many invisible changes inside the secure element (ATECC608A).
    • Mark3 will brick itself after 13 incorrect PIN codes, so lots of warning are shown.
  • Contains all the features of 2.1.6 and still works on Mk1 and Mk2 hardware
  • Visual changes to login process (rounded boxes, different prompts, more warnings)
  • New USB command to report if Bitcoin versus Testnet setting is in effect.

Major changes in v2.x.x:#

  • NEW for 2.1.6: "Address Explorer": view receive addresses on the screen of the Coldcard, so you can be certain your funds are going to the right place. Can also write first 250 addresses onto the SDCard in a simple text (CSV) format. Special thanks go to @hodlwave for creating this feature.
  • Major release with Multisig support!
    • New menu under: Settings > Multisig Wallets
    • Lists all imported M-of-N wallets already setup
    • Export, import for air-gapped creation
    • Related settings and more
  • Broad change: extended public key finger (XFP) values used to be shown in the wrong endian (byte swapped), and prefixed with 0x to indicate they were a number. In fact, they are a byte string and should be shown in network order. Everywhere you might be used to seeing your XFP value has been switched, so 0x0f056943 becomes 4369050F (all caps, no 0x prefix). Affected areas include:
    • BIP-39 password confirmation screen
    • Advanced > View Identity screen
    • Electrum skeleton wallet export (label of wallet)
    • Dump public data file (text in file header)
    • xfp command in ckcc CLI helper (can show opposite endian, if needed)
  • New feature: Create seed words from D6 dice rolls (v2.1.1):
    • under "Import Existing > Dice Rolls"
    • just keep pressing 1 - 6 as you roll. At least 99 rolls are required for 256-bit security
    • seed is sha256(over all rolls, as ascii string)
    • normal seed words are shown so you can write those down instead of the rolls
    • can also "mix in" dice rolls: after Coldcard picks the seed words and shows them, press 4 and you can then do some dice rolls (as many or as few as desired) and get a new set of words, which adds those rolls as additional entropy.
  • Export skeleton wallets for Wasabi Wallet https://wasabiwallet.io/ to support air-gapped use.
  • Summary file (public.txt) has been reworked to include more XPUB values and a warning about using addresses your blockchain-monitoring wallet might not be ready for.
  • When BIP-39 passphrase is given over USB, and approved, the new XFP is shown on-screen for reference.
  • Use with Electrum will require our updated plugin changes.

Changes in version 2.1.6:

  • NEW: "Address Explorer" feature (see above)
  • Bugfix: Improve error message shown when depth of XPUB of multisig cosigner conflicts with path details provided in PSBT or USB 'show address' command.
  • Bugfix: When we don't know derivation paths for a multisig wallet, or when all do not share a common path-prefix, don't show anything.

Changes in version 2.1.5:

  • Bugfix: Changes to redeem vs. witness script content in PSBTs. Affects multisig change outputs, primarily.
  • Bugfix: Import of multisig wallet from xpubs in PSBT could fail if attempted from SD Card.
  • Bugfix: Improved message shown if import of multsig wallet was refused during PSBT signing.

Changes in version 2.1.4:

  • Bugfix: For multisig change outputs, many cases were incorrected flagged as fraudulent.

Changes in version 2.1.3:

  • Visual change: unknown components of multsig co-signer derivation paths used to be shown as m/?/?/0/1 but will now be shown as m/_/_/0/1. The blank indicates better that we can't prove what is in that spot, not that we don't know what value is claimed.
  • Bugfix: Some backup files would hit an error during restore (random, less than 6%). Those existing backup files will be read correctly by this new version of firmware.
  • Bugfix: P2SH-P2WPKH change outputs incorrectly flagged as fraudulent (regression from v1.1.0)
  • Bugfix: Wanted redeem script, but should be witness script for P2WSH change outputs.

Changes in version 2.1.2:

  • Add extra warning screen added about forgetting your PIN.
  • Remove warning screen about Testnet vs Mainnet.
  • Bugfix: Change for XFP endian display introduced in 2.0.0 didn't actually correct endian display and it was still showing values in LE32. Correctly corrected now.
    • now showing both values in "Advanced > View Identity screen".
    • some matching changes to ckcc-protocol (CLI tool)
    • when making multisig wallets in airgap mode, you must use latest firmware on all the units
  • Bugfix: Error messages would sometimes disappear off the screen quickly. Now they stay up until OK pressed. Text of certain messages also improved.
  • Bugfix: Show a nicer message when given a PSBT with corrupted UTXO values.
  • Bugfix: Block access to multisig menu when no seed phrase yet defined.
  • Bugfix: Any command on multisig menu that used the MicroSD card would crash, if card was not present.
  • Bugfix: When offline multisig signing sometimes tried to finalize PSBT, but we can't.
  • Bugfix: For multi-pass-multisig signing, handle filenames better (end in -part, not -signed).

Versions v2.0.3 – 2.0.4#

2019-05-13T1631-v2.0.4-coldcard.dfu built May 13, 2019.

  • Transaction signing speed improved by about 3X.
  • Will warn if miner's fee is over 5% of txn amount (was 1% before). Hard limit remains 10% (configurable, can be disabled completely).
  • Robustness: Tighten stack-depth checking, increase heap size, shuffle some memory.
  • Bugfix: Transactions with more than 10 outputs were not summarized correctly.
  • Bugfix: Consolidating transactions that move UTXO within same wallet are shown better.
  • Bugfix: Better recovery from too-complex transaction errors.
  • "Don't forget your PIN" warning message is more bold now.
  • (in 2.0.4) Bugfix: Clearing duress PIN would lead to a error screen.
  • (in 2.0.4) Bugfix: Advanced > "Lock Down Seed" command didn't work correctly.
  • (in 2.0.4) Bugfix: Importing seed words manually didn't work on second try (thanks @duck1123)

Versions 2.0.0 – 2.0.2#

  • BIP-39 Passphrase support: enter up to 100 characters to create new wallets from your existing seed words. Each is a completely independant wallet to Electrum and PSBT files, so please make note of the extended master fingerprint (eight hex digits).
  • Support for Mark2 hardware, with membrane keypad replacing touch interface.
  • Adds activity light during MicroSD card read/write (Mk2 only)
  • New command: "Lock down seed" which converts BIP-39 seed words and passphrase into the master xprv and saves that as new wallet secret. Locks in the passphrase, deletes seed words.
  • New bootrom, version 1.2.1 with Mk2 hardware support and improved one-wire bus MitM defences.
  • Bugfix: extra keypress occurs during certain interactions involving key repeat.
  • (in 2.0.1) bugfix: underscore/space indicator shown on Settings > Idle Timeout menu
  • (in 2.0.2) Page up/down on long text displays with 7/9 keys
  • (in 2.0.2) Public summary file now includes extended master key fingerprint near top of file.
  • (in 2.0.2) Bugfix: signing larger transactions could fail due to lack of memory

Version 1.1.0#

2018-11-26T1403-v1.1.0-coldcard.dfu built Nov 26, 2018.

Release Notes#

  • Allow setting max network fee to a number of possible levels, or disable it (was previously fixed to 10%). Thanks to @crwatkins for this suggestion.

  • Touch improvements: two new setting, which are between the old 'Least Sensitive' and 'Most Sensitive' settings. New menu text.

  • Touch sensitivity preference is applied before login, so PIN entry is easier.

  • Although we do not use the bech32_decode() function recently found to have an buffer overflow bug, we've included the fix into our fork of the affected library. This change, and the original bug, does not affect the Coldcard firmware in any way.

  • Correctly include witness data in transactions when signing based on witness UTXO data (thanks to @SomberNight)

  • Bugfix: Fix divide-by-zero if transaction sends zero amount out (only possible if network fee equals 100% of inputs).

Version 1.0.2#

2018-09-11T1428-v1.0.2-coldcard.dfu built Sep 11th, 2018.

Release Notes#

  • Add support for SLIP-132
    • yprv/zprv keys can now be imported
    • public.txt file includes both SLIP-132 and BIP-32 values where needed (segwit cases)
    • test cases added to match
  • Can create Electrum skeleton wallet for Segwit Native and Segwit P2SH now.
    • caveat: the plugin is not ready yet for P2SH/Segwit, but Segwit native is fine
  • Improvements in 'public.txt' output:
    • add SLIP-132 values where we can
    • correct names when used for Litecoin
  • Improvements to backup and restore
    • can now restore cleartext backups (for devs only!)
    • fix "Unable to open ... /sd/backup.7z" error

Older releases, the source code, and much more be found in our repository on github.