Feature/ledger signer #1944
Feature/ledger signer #1944
Conversation
OBorce
force-pushed
the
feature/ledger_signer
branch
2 times, most recently
from
ecf51c0 to
abe8a88
Compare
OBorce
force-pushed
the
refactor/wallet-async-signing
branch
from
59bd742 to
9099e90
Compare
OBorce
force-pushed
the
feature/ledger_signer
branch
from
abe8a88 to
89285d1
Compare
OBorce
force-pushed
the
feature/ledger_signer
branch
from
5f20a4f to
4c64407
Compare
ImplOfAnImpl
left a comment
ImplOfAnImpl
left a comment
There was a problem hiding this comment.
I haven't dug into the code much yet, will continue next week.
Tests assume the ledger app repo is cloned next to this one with name ledger-mintlayer
To be honest, I'm not a huge fan of this approach. And also of the fact that the emulator is always started automatically. E.g. in the Trezor case it was sometimes useful to see the emulator logs to understand what went wrong.
Was there any particular reason to do it this way instead of expecting the emuator to be running?
OBorce
force-pushed
the
refactor/wallet-async-signing
branch
3 times, most recently
from
f21e82b to
75ff652
Compare
OBorce
force-pushed
the
feature/ledger_signer
branch
4 times, most recently
from
61292c5 to
eeb6484
Compare
OBorce
force-pushed
the
refactor/wallet-async-signing
branch
from
75ff652 to
96016cf
Compare
OBorce
force-pushed
the
feature/ledger_signer
branch
3 times, most recently
from
5d3edf0 to
d6fd484
Compare
OBorce
force-pushed
the
feature/ledger_signer
branch
from
39d3e58 to
d6fd484
Compare
| pub async fn get_app_name<L: Exchange>(ledger: &mut L) -> Result<Vec<u8>, ledger_lib::Error> { | ||
| let msg_buf = [CLA, Ins::APP_NAME, 0, P2::DONE]; | ||
| ledger.exchange(&msg_buf, Duration::from_millis(100)).await | ||
| } | ||
|
|
||
| #[allow(dead_code)] | ||
| pub async fn check_current_app<L: Exchange>(ledger: &mut L) -> SignerResult<()> { | ||
| let resp = get_app_name(ledger) | ||
| .await | ||
| .map_err(|err| LedgerError::DeviceError(err.to_string()))?; |
There was a problem hiding this comment.
I don't think it's a good way to check for our app, because the INS values are app-specific.
There is a standard way to obtain the app name via CLA=0xB0 and INS=1. E.g. here it's handled by the SDK on the device - https://github.com/LedgerHQ/ledger-device-rust-sdk/blob/4262899a325b9b2fe10f2524d8e4b2f9fec38b83/ledger_device_sdk/src/io_legacy.rs#L330-L331
(The INS is processed inside the handle_bolos_apdu function).
Also, ledger-proto contains something called AppInfoReq which mentions CLA 0xB0 and INS 1, so I guess you don't have to construct the APDU by hand and parse the request.
There was a problem hiding this comment.
For some reason it always returns "app" for app name and the OS version instead of the opened app. So, I kept our own instructions.
There was a problem hiding this comment.
For some reason it always returns "app" for app name and the OS version instead of the opened app. So, I kept our own instructions.
Well, I tried sending [b0, 1, 0, 0] to my NanoSPlus and got "Mintlayer"/"0.1.0" for our app and "Ethereum"/"1.18.0" for Ethereum.
What device are you using? Can you double check?
In any case, this has to be investigated further. If b0/01 doesn't work indeed, we must at least document that fact, mentioning the particular situations.
There was a problem hiding this comment.
For some reason it always returns "app"
So I suppose you were using the emulator, for which this is documented behavior.
In such a case IMO it's better to detect if we're using an emulator (or I guess we could assume that any tcp transport corresponds to an emulator) and skip the app name/version check in that case.
Alternatively, we could go with with a custom APDU. But in this case it has to be handled more carefully. E.g. a) expect that the whole APDU may fail, e.g. with ClaNotSupported or InsNotSupported (because the current app doesn't support it), or with something like WrongP1P2/WrongApduLength (because in the current app this APDU means something else and has different parameters); b) expect that APDU may be handled successfully, but the result is garbage (again, because in the current app this APDU means something else).
The first approach looks easier to implement.
OBorce
force-pushed
the
feature/ledger_signer
branch
from
d6fd484 to
2d5300b
Compare
ImplOfAnImpl
left a comment
ImplOfAnImpl
left a comment
There was a problem hiding this comment.
I don't want to review this again, so I suggest merging it after applying the comments. The ledger tests will have to be disabled on CI, but it's better to enable the code itself, to make sure it compiles.
Plz make sure that all the comments have been addressed before merging
wallet/src/wallet/mod.rs
Outdated
| #[cfg(feature = "trezor")] | ||
| (WalletType::Ledger, WalletType::Ledger) => {} |
| ChainType::Signet => CoinType::Regtest, | ||
| ChainType::Regtest => CoinType::Signet, |
common/src/primitives_converters.rs
Outdated
| fn try_convert_from(value: VRFPublicKey) -> Result<Self, PrimitivesConvertersError> { | ||
| match value.kind() { | ||
| VRFKeyKind::Schnorrkel => { | ||
| let key: SchnorrkelPublicKey = value.try_into().unwrap(); |
There was a problem hiding this comment.
Return an error instead of unwrapping
common/src/primitives_converters.rs
Outdated
| fn try_convert_from(value: PublicKey) -> Result<Self, PrimitivesConvertersError> { | ||
| match value.kind() { | ||
| KeyKind::Secp256k1Schnorr => { | ||
| let key: Secp256k1PublicKey = value.try_into().unwrap(); |
There was a problem hiding this comment.
Return an error instead of unwrapping
|
|
||
| - name: Update local dependency repositories | ||
| run: sudo apt-get update |
There was a problem hiding this comment.
"Update the list of available system packages"
|
Forgot to mention: I wasn't able to open a ledger wallet in wallet-cli via the |
OBorce
force-pushed
the
feature/ledger_signer
branch
4 times, most recently
from
dc2fca1 to
6c41a39
Compare
OBorce
force-pushed
the
feature/ledger_signer
branch
from
6c41a39 to
7520c43
Compare
2 participants
Tests assume the ledger app is already running in the emulator same as Trezor tests