Many of you know KeepKey as a long-running open-source hardware wallet. Since separating from ShapeShift, our team has rebuilt the firmware, desktop software, and device-management stack from the ground up. Implementation is led by Highlander — former lead at ShapeShift — alongside senior engineer Pastaghost, with illithics supporting coordination, documentation, and delivery tracking. That foundation gives us a practical path to Orchard signing on a physical KeepKey device, with private keys remaining on-device.
We are happy to share our experimental firmware and software from a demo with Zcash Brasil:
https://www.youtube.com/watch?v=VyASii70ZLg
The experimental firmware demonstrated feasibility. This grant funds the work that turns a prototype into an auditable, shippable product: production hardening, mainnet validation, external audit remediation, and user-facing documentation.
1. Executive Summary
KeepKey is requesting $90,000 to validate, audit, and release Orchard-only shielded Zcash signing on physical KeepKey hardware through firmware and KeepKey Vault updates.
The project adds Orchard signing under transaction version 5 while keeping the hardware-wallet model intact:
-
Private keys remain on-device
-
Transactions require physical user approval
-
The host never accesses private keys
The host constructs transactions and generates Halo2 proofs. The KeepKey device derives Orchard keys and nullifiers, computes the ZIP-244 signing digest, displays key transaction details, and signs only after user confirmation.
The grant funds implementation, physical-device validation, audit remediation, production release, documentation, and a Zingo proof-of-concept integration with a public pull request.
Least Authority will audit the KeepKey Zcash signing implementation. The audit is being financed separately and is not included in this request. Release-blocking findings will be remediated before release, and the report will be public.
At completion, this gives Zcash another shielded cold-storage option, a publicly audited open-source implementation, and a practical path toward third-party wallet interoperability.
2. Problem and Proposed Solution
Shielded privacy is one of Zcash’s core strengths, but KeepKey currently supports only transparent Zcash transactions. This proposal upgrades an existing hardware wallet to support Orchard-only signing under transaction version 5, including Unified Address support and physical-device validation.
The project also includes a limited Zingo proof-of-concept so open-source wallet developers can see how this signing flow works with KeepKey.
3. Technical Scope
This project implements Orchard-only signing under transaction version 5 using a host/device model.
KeepKey Vault will:
-
Connect to lightwalletd
-
Select notes and construct transactions
-
Generate Halo2 proofs
-
Send structured signing requests to the device
-
Broadcast signed transactions
-
Support a Zingo proof-of-concept integration and public pull request
The KeepKey device will:
-
Derive Orchard keys using ZIP-32
-
Generate and display Unified Addresses
-
Derive nullifiers internally
-
Parse v5 signing requests with bounds enforcement
-
Compute the ZIP-244 signing digest
-
Display amount, network, fee, recipient summary, and change indicator
-
Sign only after user approval
The device does not:
-
Generate proofs
-
Verify zero-knowledge proofs
-
Maintain chain state
-
Construct transactions
Device-side review and digest computation reduce host-side tampering risk, but they do not eliminate user-deception risk.
4. Interoperability, Scope, and Risks
The Zingo work is limited to a proof-of-concept integration and public pull request. Merge or acceptance by Zingolabs is not in scope.
Out of scope:
-
Sapling support
-
Legacy transaction formats and pools
-
Zingo PR acceptance or long-term Zingo maintenance
Main risk controls:
-
ZIP-244 digest validation against reference implementations
-
On-device nullifier derivation
-
External audit of parsing, signing logic, and host/device boundary
-
Remediation capacity built into the budget
5. Budget and Milestones
Total requested: $90,000
- Milestone 1 — Implementation & Validation: $50,000 (up to 3 months)
Deliverables: Orchard-capable firmware, KeepKey Vault host integration, physical-device signing flow, testnet Orchard transaction, Zingo proof-of-concept PR, test vectors, build artifacts, and auditor-facing documentation.
Verification: public testnet transaction, code available for review, public Zingo PR.
Milestone 1 reflects ~240 engineering and PM hours, including ~180 hours of lead firmware work, ~20 hours of Zingo PoC SDK and firmware integration, and ~40 hours of audit-prep and documentation.
- Milestone 2 — Remediation & Production Release: $25,000 (approx. 1 month)
Deliverables: remediation of issues identified during the Least Authority audit that are required for safe release, updated firmware and Vault integration after remediation, regression testing of the remediated signing flow, and a mainnet Orchard transaction signed using KeepKey.
Verification: public release artifacts, confirmed mainnet transaction, and public audit report or remediation summary showing that release-blocking findings were addressed.
Milestone 2 reflects primarily senior engineering time for audit remediation, regression testing, and mainnet release.
- Milestone 3 — User Safety, Documentation, and Interoperability Materials: $15,000 (3-4 months)
Deliverables: user documentation, walkthroughs, developer reference materials, and interoperability documentation based on the Zingo proof-of-concept.
Verification: public documentation and developer materials available.
Milestone 3 is allocated to user-facing educational materials, including video and graphic production, with preference for contributors from the Zcash community.
Milestone Gating
Payments are milestone-gated. If a milestone is not completed, subsequent milestone payments are not requested.
We appreciate your consideration and welcome any questions.
– KeepKey Team