Created
March 10, 2021 20:46
-
-
Save karlwilbur/4677b97c73a066d0c4239102d1f1fcc2 to your computer and use it in GitHub Desktop.
Install Trezor (or update/upgrade) on Ubuntu; Trezor `.desktop` file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # /opt/trezor/trezor-upgrade | |
| # | |
| # Shell script to upgrade/update Trezor Suite desktop application. | |
| # | |
| DOWNLOAD_PAGE_HTML="`curl -s https://suite.trezor.io/`" | |
| SATOSHILABS_KEY="`echo ${DOWNLOAD_PAGE_HTML} | grep -oP 'satoshilabs-[^ ]*?-signing-key.asc' - | head -n1`" | |
| CURRENT_VERSION="`echo ${DOWNLOAD_PAGE_HTML} | grep -oP 'Trezor-Suite-[^ ]*?AppImage' - | head -n1`" | |
| CURRENT_VERSION_SIGNATURE="`echo ${DOWNLOAD_PAGE_HTML} | grep -oP 'Trezor-Suite-[^ ]*?AppImage.asc' - | head -n1`" | |
| DOWNLOAD_DIRECTORY="https://suite.trezor.io/web/static/desktop/" | |
| CURRENT_VERSION_URL=${DOWNLOAD_DIRECTORY}${CURRENT_VERSION} | |
| CURRENT_VERSION_SIGNATURE_URL=${DOWNLOAD_DIRECTORY}${CURRENT_VERSION_SIGNATURE} | |
| if [ -e "/opt/trezor/${CURRENT_VERSION}" ]; then | |
| echo "Latest version of Trezor Desktop already installed" | |
| exit 0 | |
| fi | |
| # Unlock `sudo` | |
| echo "We need elevated privileges to install Trezor Suite" | |
| sudo ls > /dev/null | |
| # Download latest file | |
| echo "Downloading latest version of Trezor Suite ..." | |
| curl ${CURRENT_VERSION_URL} | sudo tee /opt/trezor/${CURRENT_VERSION} > /dev/null | |
| if [ ! -e "/opt/trezor/${CURRENT_VERSION}" ]; then | |
| echo "Failed to download the current Trezor Suite, version ${CURRENT_VERSION}" | |
| echo "Tried to download from ${CURRENT_DOWNLOAD_URL}" | |
| exit 1 | |
| fi | |
| # Download the signature | |
| echo "Downloading verification signature for latest version of Trezor Suite ..." | |
| curl ${CURRENT_VERSION_SIGNATURE_URL} | sudo tee /opt/trezor/${CURRENT_VERSION_SIGNATURE} > /dev/null | |
| if [ ! -e "/opt/trezor/${CURRENT_VERSION_SIGNATURE}" ]; then | |
| echo "Failed to download PGP verification signature file" | |
| echo "Tried to download from ${CURRENT_VERSION_SIGNATURE_URL}" | |
| exit 2 | |
| fi | |
| # Download the latest key | |
| if [ ! -e "/opt/trezor/${SATOSHILABS_KEY}" ]; then | |
| echo "Downloading SatoshiLab PGP key ..." | |
| curl https://trezor.io/security/${SATOSHILABS_KEY} | sudo tee /opt/trezor/${SATOSHILABS_KEY} > /dev/null | |
| # Import the public key for verification use | |
| echo "Importing SatoshiLabs PGP key ..." | |
| gpg --import "/opt/trezor/${SATOSHILABS_KEY}" | |
| fi | |
| echo "Verifying downloaded file ..." | |
| gpg --verify /opt/trezor/${CURRENT_VERSION_SIGNATURE} /opt/trezor/${CURRENT_VERSION} | |
| if [ $? -ne 0 ]; then | |
| echo "Signature verification failed!" | |
| exit 3 | |
| fi | |
| echo "Linking new version ..." | |
| sudo chmod +x /opt/trezor/${CURRENT_VERSION} && sudo rm /opt/trezor/trezor && sudo ln -s ${CURRENT_VERSION} /opt/trezor/trezor | |
| if [ ! -e "/usr/share/applications/trezor.desktop" ]; then | |
| echo "Creating desktop file ..." | |
| sudo ln -s /opt/trezor/trezor.desktop /usr/share/applications/ | |
| sudo update-desktop-database | |
| fi | |
| echo "Done!" | |
| echo | |
| exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Desktop Entry] | |
| Name=Trezor Suite | |
| GenericName=Trezor Suite | |
| Comment=Trezor Suite desktop application | |
| Exec=/opt/trezor/trezor | |
| Terminal=false | |
| Type=Application | |
| Icon=/opt/trezor/trezor.png | |
| Categories=Office;Finance;Cryptocurrency; | |
| Name[en_US]=Trezor Suite | |
| Actions=Launch;Upgrade | |
| [Desktop Action Launch] | |
| Name=Launch Trezor Suite | |
| Exec=/opt/trezor/trezor | |
| [Desktop Action Upgrade] | |
| Name=Upgrade Trezor Suite | |
| Exec=/opt/trezor/trezor-upgrade | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| curl -s https://suite.trezor.io/static/images/icons/favicon/favicon.png -o /opt/trezor/trezor.png |
When installing, not upgrading, the /opt/trezor/trezor symlink doesn't exist.
Line 64 of the above script should have sudo rm -f /opt/trezor/trezor (using the -f option) so as to avoid error when the symlink doesn't already exist ...or just create the target (sudo touch /opt/trezor/trezor).
Pro tip: Download the .asc signature from a different source, like their GitHub repo. An attacker controlling the trezor domain will most probably fit the "right" signature along with the binary.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
These are meant to live in
/opt/trezor. Thetrezor.pngfile should be replaced with the image from the URL.To set it up, run: