Earlier this week, @netuoso has announced the exciting news that his work on an Hive app for Ledger hardware wallet has completed and that he is working with Ledger to get it listed into their official app Ledger Live.
What is a hardware wallet?
Ledger Nano S and Ledger Nano X are two popular hardware crypto wallets.
A cryptocurrency wallet is a device, physical medium, program or a service which stores the public and/or private keys and can be used to track ownership, receive or spend cryptocurrencies.
Source Wikipedia
So a hardware wallet is a device that stores your private keys. Hardware wallets like the Ledger Nano S/X also come with apps developed to support specific cryptocurrencies. Thanks to hose installable apps, they differ with a simple USB key by the fact that they can sign transactions themselves. What it means is that you don't need to copy the private key from the USB key and paste it into the software/website on your computer, the private key does never leave your device making it even more secure.
In a nutshell, what happens is:
- you use a software or web app on your computer
- whenever a private key is required for a particular operation (transfer, vote etc...), the computer software will ask the Ledger Nano (via USB or Bluetooth) to sign the transaction with the private key
- the Ledger Nano will perform the signature and send back the signed "document"
- the computer software will then post the signed document to the witnesses for inclusion into the blockchain
How can Ledger Nano be useful to Hive?
The most obvious point is that it makes it more secure. You won't need to enter your private keys to any app running on your computer connected to the internet.
Also, just like with Hive Keychain, you won't need to think of which key to use for each transaction. So it simplifies your daily use of the Hive blockchain.
Once support will be added to the frontends, you will even be able to login to apps like Hive Blog or PeakD using your Ledger Nano S/X.
All this comes to a price though:
- There is a little bit of overhead: although it's not very difficult, the initial setup might be a little bit daunting for non-technical person. But with times, frontends might make it easier to link your Ledger keys to your Hive account
- Every time you need to perform a transaction, you will need to have your Ledger nearby and plug it into your USB port.
What now?
For now, we still need @netuoso's Ledger app for Hive to be approved and listed into Ledger Live and then we need more support for it on the frontends and other dApps. @holger80 has already added support for it into his Python library Beem (see link further below).
As a regular contributor to the Condenser/Wallet apps for Hive Blog and to Hive Keychain. I'm already working for supporting the Hive Ledger app in Javascript.
I managed to communicate with the device using a command line NodeJS script but getting it work in a browser was a little bit of a struggle but I finally managed to get something working although it's still very basic.
After connecting my Ledger Nano S to the USB port and launching the Hive app, Chrome detects the device.
I then browse to my little test page https://tools.hivean.com/ledger.html and click on the Get public key button. If this is the first time you are trying to connect to the Ledger Nano from this page, Chrome will ask you to give permission:
Once permission given, the test page will then ask the device to give its owner public key and will display it. The test page will also ask the device to display that owner public key on the device screen so that you can confirm that the key is the correct ones (preventing the dApps to display a fake public key).
On the device you can use one of the two buttons to approve or reject and the response will be reflected on the test page.
My next step is to perform a signature of a test transaction. I will then clean up the code and make it available open source.
Related posts
- Hive Application for the Ledger Nano S/X Hardware Wallet by @netuoso
- Update for beem: support for Ledger Nano (S/X) has been added by @holger80
Vote for my witness
On Hive, Witnesses are playing the important role of providing a performant and safe network for all of us. You have the power to choose 30 trusty witnesses to package transactions and sign the blocks that will go in the Hive blockchain. Vote for me via HiveSigner to support my work for the community.
I am in the process of learning web development. I use ruby on rails, HTML and CSS. I currently want to dive into javascript and react.
Do you have any favorite resources to learn web app development with javaScript only?
Hmmm, unfortunately I don't. I've learned JS myself since 1998.
There are several online course online, some of them are free. The only one I know of is https://www.codecademy.com, I've never used it but I believe it's one of the first of its kind.
This sounds like a great development and hopefully it can be integrated to Ledger Live in no time! I have a nano S but will we need to use it every time we want to make a comment or a post or is it only for wallet transactions (active key tasks)?
It's up to how you are going to set it up. You can decide to change all your keys to use the ledger. Or just some of them. More instructions when things are ready.
Ok will have to see when things are ready then! Looking forward to the updates
Hey there! Thanks for the work that you do. I’m sure many Hivers (not so sure there is a name yet) would be delighted to store their coins in a physical wallet. It’d definitely help user experience on Hive.
The development is interesting. I want know what you mean when you wrote "preventing the dApps to display a fake public key".
Why would the dapps display a fake key?
If the dapps somehow got hacked, gives you the public key of another account and you use it to give permission to do stuffs on the blockchain on your behalf...
Wow! I always thought public keys should match the underlying private keys to work. Thanks for this information. It makes users much more alert.
You are correct but the way you use Ledger with Hive is that Ledger gives you the public key that corresponds to the private key it has internally. You then broadcast an account update telling the blockchain you accept signatures made with the ledger private key by giving the public key to the blockchain.
I wouldn't want this for posting and voting because it is not something I want to confirm on another screen. For some it might be worth for their balances though.
You don't really need to anyway. Getting your private posting key stolen is not as critical as with the active or owner key. However it can be a pain still because you would need to go through the crappy content the hacker might have created with your account and then you will need to change your password and generate all of your private keys and update your offline wallets with them.
Now with this you don't have to keep your Hive in your wallet or in the exchange. You can actually add it to the nano itself
I think a hardware wallet would put HIVE on the big players map. I am always forgetting where I put my keys, with this solve it if I register it once?
Yes. It will. You will however have to backup a series of 24 English words. They are your recovery words used to create a backup Ledger
support
nice work man