Developer's Guide and Usage Hints for TAPSIGNER^™

Setup Sequence

Verify the card is legitimate (certificate check), and empty.
Run new command to pick the secret.
Derive your favourite path if it's not 84h/0h/0h.
Capture a backup (do not prompt for AES key, ever).
Get new PIN code from user.
Set the PIN.

Usage

Take the hardened parts of your favourite subkey and use the derive command once to set it.
Use the sign command with non-hardened (0/0... 1/0, 0/99, etc) parts.

Remember to retry sign command if you are unlucky!