Hello everyone on such a fine day :-) I've started working on integration with the very popular ledger nano s hardware wallet [1]. The project consists of a dedicated app for stellar [2] that will run on the device and a javascript library [3] for communicating with it -to be used by desktop wallet applications. This way I can focus purely on the device integration part and allow new and existing wallet applications to add support for the Ledger Nano S device. The project is still in the early stages, but the proof of concept is working: I've already activated my Ledger-based Stellar account with Lumens and successfully signed and approved a transaction by running a test script. The next step that will fulfil the minimal requirements for a usability is to show the transaction details on the device so that the user knows what she is signing. I'm hopeful that I can have that running in the next two weeks. A Stellar transaction can contain a lot of (different) operations and supports a rich set of information. My first focus will be on payments. Users will be able to send lumens and other stellar-based assets using their device. Support for other operations, multiple operations in a single transaction, hashed memo's, timebounds, etc. is more of a long term goal. I've been in contact with the Ledger team about donating the code to them. In order to load the app onto the device they use a device manager application. They have confirmed that they accept code donations and that after review and approval will be able to add the app to their manager. https://www.ledgerwallet.com/products/ledger-nano-s https://github.com/lenondupe/ledger-app-stellar https://github.com/lenondupe/stellar-ledger-api Let me know what you think and have a nice day!

@dupe This is great. As the primary developer behind lupoex.com, I would say that we would love to integrate ledger Nano S. The only thing we really need is the ability to sign a transaction similar to this: https://www.stellar.org/developers/js-stellar-base/reference/building-transactions.html As part of your javascript library, I would suggest implementing a function sign(transaction) that takes a transaction of type https://stellar.github.io/js-stellar-sdk/Transaction.html and returns the signed transaction.

Hi! What you are describing is exactly my intention. I am basing the library on Ledger's node js api [1]. The name is a little bit misleading because the library can also be used in supported browsers. The calls will be asynchronous calls that you can pass a callback function. Leaving out some details it basically comes down to: var stlr = ledger.stlr(); var transaction = buildTransaction(); stlr.signTransaction(transaction, function(signedTransaction) { sendTransaction(signedTransaction); }); https://github.com/LedgerHQ/ledger-node-js-api/

Please take the transaction hash as a parameter instead of the transaction, so you can support networks without using the global Network object-hack. And please return the signature, so it works with multi-sig transactions.

Signing arbitrary messages would also be nice, not sure if Ledger supports that. (I'm hashing the messages twice so you can't phish people into signing TXs)

dzham For security reasons I'm afraid it is not possible to take the hash as input for signing a transaction. Remember the purpose of these devices is to be 100% tamperproof. That means the user must be certain of what it is they are signing. So the device needs the actual signature base of the transaction that contains all the transaction details. This way it can show the details on the device for approval. The signature base is also the thing that is then hashed and signed resulting in the signature. If you could just send a hash and receive back the signature it would be easy for malicious code on the client to send a hash that corresponds to a different transaction than the on presented to the user on the client.

dzham Ledger supports signing and decrypting arbitrary messages. In fact, have a dedicated app with full support of the OpenPGP card specification for that. See https://github.com/LedgerHQ/blue-app-openpgp-card for details.

This is great, let me know if you need a tester!

dupe I know how signing works, I'm just telling you what I would need in terms of API, to easily integrate with what I have already. I display the tx for all transactions the user ever does, in the wallet (Stargazer)

dzham And I'm not suggesting you will write malicious code, but a computer can get infected or other wallet applications might ship with malicious code. For a hardware wallet, displaying the transaction on the client (stargazer in this case) is not enough, because a completely different transaction hash can easily be sent to the device for confirmation.This is why devices like this have a display. You can verify that what you are actually signing is what you intended when you entered the details on you computer (and it's really important that you do!). But I'm interested in the problem you see with sending the transaction and why you want to send the hash instead. You mentioned something about "networks without using the global Network object-hack". I'm not familiar with this problem. Can you expand on that?

zcc Thanks a lot! I will post a link with instructions once the code is far enough along. Are you a developer? It will be necessary to set up a development environment to compile and load the app onto the device and then to build the javascript library. My plan is also to ship a small browser-based demo with the javascript library so you don't have to edit and run scripts to test the app.

Ledger Nano S hardware wallet integration

dupe

Quick update.

I've finished what I intended to do for the first iteration: showing and approving a simple payment transaction.

If you have a Nano S and are willing to go through the process of setting up a development environment, you can install the app and run the tests if you want. I've written up some basic instructions in the project README [1]. Feedback is more than welcome.

I've modelled the transaction approval behaviour on the Ledger Nano S Ethereum app. When a transaction is sent to the device there is a loop that shows the payment details on the screen automatically. Unfortunately the recipient address somehow is incorrectly encoded. (Yeah, pretty bad. The code works when you run the tests but not on the device. Possibly something to do with type conversion).

If you do decide to install the app, the companion javascript api contains scripts with which to test it. Instructions again in the README for that project [2].

I'm going to have a little breather before I continue on to the next iteration. During the next iteration I will focus on
- fix the nasty encoding bug
- Adding tests
- Key pair validation
- Supporting a wider set of transactions
- Creating rudimentary demo wallet to show and test the functionality

Cheers

umbrel

Too bad I don't have Ledger to play around. Will be waiting for someone to make one for Trezor.
Regarding demo wallet - I have a prototype and interested in collaboration. I'll play around with your lib and please let me know if you have exact idea what and how you want to showcase.

zcc

umbrel I've started work on Trezor integration, but it'll require a fair amount of changes to their firmware since they don't have the same concept of "apps" like Ledger does. It should definitely be possible, though!

dupe

Hi umbrel , I was talking to one of the devs at stellar yesterday to propose adding the Nano S support to the account viewer [1]. Incidentally he had already had the same thought. This could be the perfect showcase while also being functional at the same time. It would initially be made available in the stellar laboratory [2].

umbrel

zcc You might wanna wait for Trezor 2 to come out then.
https://blog.trezor.io/trezor-security-beyond-bitcoin-c99f27b18b6b
https://www.reddit.com/r/TREZOR/comments/6i011w/trezor_2_release_date/

dupe

Update about signing arbitrary transactions.

My plan for the way to support arbitrary transactions turns out not to be possible. The Nano S only has 10Kb of RAM available in total. Not all of that is even available to the individual apps running on the device because part of it is used by the OS. So sending arbitrary size transactions to the device is impossible. A small test shows a transaction containing only 10 payment operations that include a memo is already more than 2Kb.

So after deliberating the options I've come up with a new plan to support arbitrary transactions. I will have two signing operations. One "super safe" signing operation that only takes a transaction that contains at most one simple payment operation. This method of signing a payment is able to show payment details on the device screen for confirmation. A second, less secure, signing operation that takes only the transaction hash (initially proposed by @dzham ). This second operation will show a warning on the device screen that no data is available.

It is up to the wallet to choose either one of the methods to sign transactions. A simple payment wallet can use the operation that displays the transaction details for the user to confirm. A more sophisticated wallet can use the operation that signs the hash alone but shows no transaction details on the device.

The advantage of this approach is that it remains possible to sign arbitrary transactions while xdr transaction parsing can stay very simple, only having to deal with a single payment operation. The alternative would have been more complicated (and thus error prone) xdr transaction parsing while still not being able to support arbitrary transactions.

Thoughts?

istrau2

dupe Why restrict the "super safe" option to a single operation and why the payment operation specifically?

I may be misunderstanding but you say that 10kb is about 10 payment operations. If so, you can surely support a couple of arbitrary operations in the "super safe" method can't you?

Actually, why can't you relegate the restriction to the javascript library. In other words, the js library could parse the transaction as JSON (or some other human readable format) and check the size of the transaction before passing it on to the ledger. If the size is to big, it could just return an error to the caller. Otherwise, if the size passes inspection, it could pass it on to the ledger.

What happens if you pass too much data? Does the device crash?

umbrel

dupe Great!

dupe

istrau2 I've not tried to pass too much data. I suppose it would crash.

In my initial thinking I was set on displaying all transaction info without allowing simply sending a transaction hash. That would involve a substantial effort to display all the info. Now that I have to let go of that goal because it would mean arbitrary transactions would not be supported the payoff for the effort to display all the different types of transactions does not seem worthwhile anymore. In my mind it would only have been worthwhile if I thereby gained the extra security.

Actually I think it's a good thing. Looking at the ledger UI logic it seems it would have become too complicated to display all the different stuff, especially if you don't know in advance what will be in the transaction. That also means too much risk of things going wrong and possible endless source of bugs. It might become a nightmare to maintain.

The way I propose now also means much quicker availability. What I describe is mostly done, whereas otherwise I don't know how long it would take me.

Hope that makes sense.

dupe

More stuff done:

base32 encoding bug fixed
added keypair validation
xdr parser knows how to skip memos, parse custom assets for display, deal with operation-specific source account
added u2f browser support
lots of small stuff such as guarding against sending transactions that are too big and detecting more error conditions and displaying more user friendly feedback instead
javascript api tests can now be run in the browser (see README for details)
officially submitted app to ledger for review

To be done:
- create stellar dashboard display glyph icon
- more manual testing
- document javascript api usage

cheers

dzham

dupe

A bit unrelated to what you're doing, but maybe you know.

How do the Nano generate the priv keys for other cryptos? I just bought two of these, and I hate their guts already because they don't work with the system I have in place.

dupe

dzham All the crypto keys are generated using the bip32 hierarchically deterministic key derivation method.

You can read more about it here: http://ledger.readthedocs.io/en/latest/background/hd_keys.html

dzham

dupe

Gotcha! So you just define a coin type for Stellar, and that's it?

dupe

dzham Was already registered for Stellar: https://github.com/satoshilabs/slips/blob/master/slip-0044.md But now you made me think about something. The registration mentions Stellar Lumens specifically. But you probably want to use the same account for all Stellar-based assets I guess. At least that's been my assumption.

zcc

dupe But you probably want to use the same account for all Stellar-based assets I guess.

That was also my assumption.

NgocTri

Very nice app,thanks so much!

dupe

NgocTri You're welcome, I'm glad you like it. I'm still applying some finishing touches but it's now more or less done.

dzham

@dupe

Was able to compile the app, and load it, on MacOS.

Trying to communicate with the Nano gives me this though:

MacBook-Pro:stellar-ledger-api Johan$ npm run script testGetPublicKey

> sledger-api@1.0.0 script /Users/Johan/Code/vendor/stellar-ledger-api
> node test/runScript.js "testGetPublicKey"

running: testGetPublicKey
=>0101050000001ae002010115058000002c8000009480000000800000008000000000000000000000000000000000000000000000000000000000000000000000
<=bf00018d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Invalid channel;

Any idea?

dupe

dzham Might be related to Virtual box environment. It is a known issue. The virtual environment locks out the USB port on the host machine. I'm guessing you are trying to run the scripts from the Mac OS host environment after you loaded the app from the virtual box environment. If you want to do that you have to halt the virtual box environment again: 'vagrant halt'. And you may or may not have to reconnect the device. What I did for developing is install nodejs in the virtual environment as well and run the scripts from there.

Alternatively you have enabled browser support in the device. I think you can only use either u2f ('browser support') or node-hid at the same time. In that case, you need to disable browser support again to run the node js scripts.

HTH

dzham

dupe Alternatively you have enabled browser support in the device. I think you can only use either u2f ('browser support') or node-hid at the same time. In that case, you need to disable browser support again to run the node js scripts.

That was it, thanks!

publicKey: GAVTL6QDYNTCMAJP2PDRECXINBI4PPZNXXX37CIEZPOCE2KNVMQFIUFM

« Previous Page Next Page »