Skip to content

Remove hardware signers; refresh the marketing homepage#37

Merged
abhay merged 1 commit into
mainfrom
remove-hardware-signers
Jul 9, 2026
Merged

Remove hardware signers; refresh the marketing homepage#37
abhay merged 1 commit into
mainfrom
remove-hardware-signers

Conversation

@abhay

@abhay abhay commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Two related changes: hardware signers are deferred, and the marketing site is refreshed to match the product it now describes.

Hardware signers:

  • Remove all Ledger (BLE / APDU) and YubiKey (NFC / PIV) signer code, the add-flows, onboarding UI, and their tests. Hot-wallet signers (generated, recovery-phrase import, secret-key import) are the only signer type. A hardware wallet can't display Squads context, so it adds custody without independent verification, which cuts against clear signing; deferred until it can be validated on real hardware and positioned honestly. Git history preserves the implementation.
  • Ledger and YubiKey remain as disabled "Coming soon" rows in the add-signer chooser.
  • Drop the YubiKit dependency and the Bluetooth + NFC permission prompts and entitlements the app no longer needs.

Marketing homepage (core/static):

  • Rebuild the landing page: a kinetic decode hero ("Know what you sign"), a raw-vs-decoded before/after, an on-device-decode section, a sticky how-it-works narrative, a device/relay/chain trust diagram, and a verifiable-builds section tied to the public GitHub Release.
  • Decoding is framed honestly as on-device (the relay transports data and offers optional simulation). Hardware is not featured on the page.
  • Responsive + reduced-motion behavior per the design handoff; the privacy page drops the hardware-signer clause.

@abhay abhay enabled auto-merge (squash) July 9, 2026 18:35
@abhay abhay disabled auto-merge July 9, 2026 18:39
Two related changes: hardware signers are deferred, and the marketing site
is refreshed to match the product it now describes.

Hardware signers:
- Remove all Ledger (BLE / APDU) and YubiKey (NFC / PIV) signer code, the
  add-flows, onboarding UI, and their tests. Hot-wallet signers (generated,
  recovery-phrase import, secret-key import) are the only signer type.
  A hardware wallet can't display Squads context, so it adds custody
  without independent verification, which cuts against clear signing;
  deferred until it can be validated on real hardware and positioned
  honestly. Git history preserves the implementation.
- Ledger and YubiKey remain as disabled "Coming soon" rows in the
  add-signer chooser.
- Drop the YubiKit dependency and the Bluetooth + NFC permission prompts
  and entitlements the app no longer needs.

Marketing homepage (core/static):
- Rebuild the landing page: a kinetic decode hero ("Know what you sign"),
  a raw-vs-decoded before/after, an on-device-decode section, a sticky
  how-it-works narrative, a device/relay/chain trust diagram, and a
  verifiable-builds section tied to the public GitHub Release.
- Decoding is framed honestly as on-device (the relay transports data and
  offers optional simulation). Hardware is not featured on the page.
- Responsive + reduced-motion behavior per the design handoff; the privacy
  page drops the hardware-signer clause.
- Align the in-app About tagline to the same framing: it now notes that
  every proposal is decoded on your device.
@abhay abhay force-pushed the remove-hardware-signers branch from 083c228 to 72f8200 Compare July 9, 2026 18:46
@abhay abhay enabled auto-merge (squash) July 9, 2026 18:46
@abhay abhay merged commit 5faf255 into main Jul 9, 2026
6 checks passed
@abhay abhay deleted the remove-hardware-signers branch July 9, 2026 18:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant