JavaScript library for Ledger Nano S HIVE application

in HiveDevs3 years ago

Incoming HIVE Ledger wallet

It's been a couple of months since @netuoso published the initial version of the Hive Ledger App. In order to get official support from Ledger (i.e. the possibility to install it from Ledger Live), we need to meet several requirements. And I'm trying to fulfill them all so we could benefit from the hardware wallet support.

Code review

First, we need to make sure that the application is stable and secure. I already made a preliminary review of the app and created a Pull Request with some fixes. The next step will be to review the code from a security perspective, following the guidelines provided by Ledger. This requires a bit more work and knowledge than validating transactions serialization etc, but we will get there.

Javascript library

To simplify communication with the ledger app, I created a JavaScript/Typescript library. It's really easy to use it with NodeJS. The library covers every functionality supported by the app.

Example usage:

import Hive from '@engrave/ledger-app-hive';
import TransportNodeHid from '@ledgerhq/hw-transport-node-hid';
import Transport from '@ledgerhq/hw-transport';

( async () => {

    console.log('Unlock your ledger....');
    const transport = await TransportNodeHid.create();
    console.log(`Established connection with Ledger Nano S`);

    try {
        const hive = new Hive(transport);
        const {version, arbitraryData} = await hive.getAppConfiguration();
        console.log("Current version:", version);
        console.log("Arbitary data enabled:", arbitraryData);

        const publicKey = await hive.getPublicKey(`48'/13'/0'/0'/0'`);
        console.log("Public key:", publicKey);
    } catch (e) {
        console.error(e);
    }
    finally {
        transport.close();
    }

})();

API

getAppConfiguration

Get current configuration for HIVE App installed on a Ledger.

async getAppConfiguration(): Promise<{version: string, arbitraryData: boolean}>

getPublicKey

Retrieve public key from specified BIP32 path. You can set an additional parameter confirm: boolean which will ask the user to confirm the Public Key on his Ledger before returning it.

async getPublicKey(path: string, confirm?: boolean): Promise<{publicKey: string}> {

signTransaction

Sign basic transactions with the specified key path. This method will return signed transactions (a transaction with additional signatures property). Please note that extensions are not yet supported for most transactions and operations (except beneficiaries for comment_options).

async signTransaction(tx: Transaction, path: string): Promise<SignedTransaction>

Please be aware that the current implementation of the HIVE Ledger App does not support multisig. This could be also a cool feature and we might add it someday. For now, let's focus on publishing it.

The library is open-source and available on Gitlab and NPM:

Ledger Companion App

To prove that the application is working correctly, Ledger requires a sample Companion App.

I prepared an initial design for a new wallet app and will start developing it soon. The plan is to make it as a wallet targeted at large stakeholders willing to invest in HIVE. It will be focused on governance (voting for witnesses and proposals) and the most significant chain news.

It will be possible to create a new Hive account directly from app

Hive Ledger will display all significant parameters of your account

It will be possible to vote on witnesses and perform other governance actions

Follow me to be up to date with incoming development updates!


Click on the image to vote for @engrave witness:

banner_engrave 100.png

Sort:  

I've switched to Hive from Steemit after 3 years, and after i heard some things I'm really glad this is working like Steemit was in its best days. Good work! Also, I'm glad you used programming and your knowledge for crypto and community. Cheers :)

awesome work to include HIVE as a Ledger app :) hope it gets included!

I hope it will :)

GREAT!

Finally someone picked that up!

You got my vote as a witness. If you make a proposal I'd vote it too.

Thanks, I appreciate that :)

Awsome! Just love it!
!BEER 🍻

Posted using Dapplr

I bought a trezor. Maybe I need to get a ledger too.

I just checked Trezor documentation and their state:

At the moment, we are in the process of setting up a new strategy for implementing new coins into Trezor. Please, be patient, our team will not be accepting any requests to add new cryptocurrencies until the process is finalized. Once this has been done, we will inform you through our public channels.

So potentially, in the future, we might develop an app for trezor too. Shouldn't be that hard ;)

That'd be awesome. Really hope it gets done soon.

Great job!

p.s. I understand the code. Well done!

Wow exelente post, muy instructivo, gracias por compartir.

Bytheway anyone knows where is netuoso or if all good with him? Long time no see him..

AFAIK he's ok, being busy with personal stuff.

👍 glad to know. Thanks!

This is HUGE . <3

Congratulations @engrave! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :

Your post got the highest payout of the day

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

To support your work, I also upvoted your post!

Check out the last post from @hivebuzz:

Feedback from the March 1st Hive Power Up Day
Hive Tour Update - Financial stages

Awesome work! I know this is a lot of effort to create all the operation encoders.
Well done.

Great that you recognized how important this security aspect can be for stakeholders. I think this is a very important step that is sometimes underestimated.

One quick question; Securing my Hive Key then also covers all tokens running on Hive Engine - correct?

That's right. You store your private keys inside your hardware wallet and they will never leave it. You sign the transactions with Ledger so you can't copy-paste your keys somewhere by accident. Although, there is no need to keep every key in a ledger (for example posting key).

Yes, I was aware of that. I'm relatively familiar with it in principle, just don't fully understand this hive engine extension.

And it was unclear to me how to "get" an existing account into the ledger, but that will probably be similar to EOS, where you also have named addresses.

Thanks for the answer.

This functionality will search for the accounts with public keys associated with your ledger.

I.e. there is no provision for "migrating" an existing account to a ledger? Or have I now misunderstood something?

There will be an option to do that

Good luck with the approval process!