Cryptnox Docs

cryptnox-logo

Set Pinless Path

The Set Pinless Path command in Cryptnox allows you to enable a pinless authentication mode by assigning a predefined BIP32 derivation path that does not require PIN verification. This feature is useful for securely authorizing specific operations without entering a PIN, while still maintaining controlled access.

It requires a secure channel and a valid seed or extended key to function. The path must be EIP1581 compliant (m/43’/60’/1581′) and consist of at least three levels, using 32-bit big-endian integers. To disable the pinless authentication, the command can be called with 0-byte data, but this requires a PUK for verification. Currently, we support only the “K1” key pair.

This setup ensures secure, PIN-free authentication while maintaining strict access control.

Command Specifications

Set Pinless Path Command

The Set Pinless Path command in Cryptnox enables authentication without a PIN by assigning a predefined BIP32 derivation path.

The following code snippet outlines the Python object for this command:

def set_pinless_path(puk:str, path: str = "m/44'/0'/0'/0/0"):
    card.set_pinless_path(path, puk)

For example, set_pinless_path(“puk_code”, “m/44’/0’/0’/0/0”).

Application Protocol Data Unit (APDU) Components

The following table outlines the components of the Application Protocol Data Unit (APDU).

Field

Description

Value

CLA

This field specifies the class of the instruction.

0x80

INS

This field specifies the particular command or operation that the smart card or secure element should execute.

0xC1

P1

First parameter of the instruction that specifies the details about the operation being requested.

0x00 

P2

First parameter of the instruction that specifies additional details about the operation being requested.

0x00

Data

Key data

PUK + x * 4 bytes path data (3 ≤ x ≤ 8)


📘 Prerequisites

  • The secure channel must be open.
  • A seed must be loaded.


Response

The following table outlines the possible responses that you will receive:

Response Code

Description

0x9000

Success

0x63Cx

PUK not validated (x tries before power cycle)

0x6A80

the data length is not a multiple of 4 (between 12 and 32). 

0x6985

The given path does not start with EIP1581 path.

0x6A86

The wallet has no seed or extended key (checked before PUK).

Menu
cryptnox-logo
Menu