Smartcard APDU probes

draft

The smartcard signer is the display-less custody line. Today it ships with a secp256k1-backed simulator plus a CLI that exchanges short APDUs with either the simulator or a real PC/SC reader when one is attached.

Install

The smartcard tools live in nSealr/smartcard.

git clone https://github.com/nSealr/smartcard
cd smartcard
make setup

Simulator: `GET_PUBLIC_KEY`

The simulator returns deterministic x-only public keys for fixture secrets and writes a JSON APDU report.

nsealr-smartcard sim-get-public-key \
  --secret-key <32-byte-lowercase-hex> \
  --out public-key.json

Simulator: `SIGN_EVENT_ID`

The simulator signs a 32-byte event id with the simulator’s secp256k1 key. Because the smartcard line is display-less, the report command requires an external review acknowledgement and the approval_digest that binds the reviewed event material.

nsealr-smartcard sim-sign-event-id \
  --secret-key <32-byte-lowercase-hex> \
  --event-id <32-byte-event-id-hex> \
  --review-acknowledged \
  --approval-digest <32-byte-approval-digest-hex> \
  --out signature.json

PC/SC probe (when a reader is connected)

The same CLI can drive a real reader via pyscard. PC/SC commands fail clearly when pyscard or a reader is unavailable.

nsealr-smartcard pcsc-get-public-key --out public-key.json

Status words

Smartcard responses carry deterministic status words defined by smartcard-apdu-v0. The companion / external reviewer compares them against the shared rejection vectors in nSealr/specs.