Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: ledger discover #1502

Merged
merged 9 commits into from
Jan 26, 2024
Merged

fix: ledger discover #1502

merged 9 commits into from
Jan 26, 2024

Conversation

amritkumarj
Copy link
Contributor

@amritkumarj amritkumarj commented Jan 7, 2024

Contributors' checklist...
  • Added new tests, or not needed, or not feasible
  • Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory
  • Updated the official documentation or not needed
  • No breaking changes were made, or a BREAKING CHANGE: xxx message was included in the description
  • Added references to related issues and PRs
  • Provided any useful hints for running manual tests
  • Added new benchmarks to generated graphs, if any. More info here.

This PR fixes ledger integration with gno (fixes #1119 )

Create ledger account

image

Sign and broadcast

image

@amritkumarj amritkumarj requested review from jaekwon, moul and a team as code owners January 7, 2024 10:01
@github-actions github-actions bot added the 📦 🌐 tendermint v2 Issues or PRs tm2 related label Jan 7, 2024
@thehowl
Copy link
Member

thehowl commented Jan 7, 2024

Hey Amrit, thank you for your contribution! 🎉

The core team is officially back from tomorrow. Somebody should hopefully pick it up for review next week. Appreciate your work!

@thehowl thehowl requested a review from zivkovicmilos January 9, 2024 08:24
Copy link

codecov bot commented Jan 16, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (b619351) 55.80% compared to head (f356de0) 55.80%.

Additional details and impacted files
@@           Coverage Diff           @@
##           master    #1502   +/-   ##
=======================================
  Coverage   55.80%   55.80%           
=======================================
  Files         436      436           
  Lines       66168    66168           
=======================================
  Hits        36922    36922           
  Misses      26356    26356           
  Partials     2890     2890           
Flag Coverage Δ
go-1.21.x ∅ <ø> (∅)
misc ∅ <ø> (∅)
misc-_test.genstd ∅ <ø> (∅)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link
Member

@zivkovicmilos zivkovicmilos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the contribution, and sorry for the late review 🙏

I've tested it locally with my Ledger X, works great 🎉

A couple of things:

  • What do you think about adding a comment somewhere, or a README on how people would connect their ledger devices to Gnokey? For example, I had to install the Cosmos app on the Ledger device before gnokey worked.
Screenshot 2024-01-16 at 16 03 27

Can you please check why the CI / some tests are failing? 🙏
I see that you need to tidy go mods in subfolders.

Overall works fine, I've left a minor nitpick comment
Screenshot 2024-01-16 at 16 05 03

tm2/pkg/crypto/ledger/ledger_real.go Outdated Show resolved Hide resolved
tm2/pkg/crypto/ledger/ledger_secp256k1.go Show resolved Hide resolved
@amritkumarj amritkumarj requested a review from a team as a code owner January 16, 2024 16:27
@zivkovicmilos
Copy link
Member

zivkovicmilos commented Jan 18, 2024

@amritkumarj

Please check the failing tests 🙏

Seems like the test TestCreateLedger is failing

@moul moul requested a review from a team January 25, 2024 17:57
@thehowl
Copy link
Member

thehowl commented Jan 25, 2024

Hey @amritkumarj, if you can apply the test you can fix the tests and we can merge it. Thanks!

commit 5edcbc608879dd865b0b58da56275b8f1ca6e9a2
Author: Morgan Bazalgette <[email protected]>
Date:   Thu Jan 25 18:55:57 2024 +0100

    update error value

diff --git a/tm2/pkg/crypto/keys/keybase_test.go b/tm2/pkg/crypto/keys/keybase_test.go
index d7660ac3..5ee88f16 100644
--- a/tm2/pkg/crypto/keys/keybase_test.go
+++ b/tm2/pkg/crypto/keys/keybase_test.go
@@ -45,7 +45,7 @@ func TestCreateLedger(t *testing.T) {
 	ledger, err := kb.CreateLedger("some_account", Secp256k1, "cosmos", 3, 1)
 	if err != nil {
 		assert.Error(t, err)
-		assert.Equal(t, "no Ledger discovery function defined", err.Error())
+		assert.Contains(t, "LedgerHID device (idx 0) not found.", err.Error())
 		assert.Nil(t, ledger)
 		t.Skip("ledger nano S: support for ledger devices is not available in this executable")
 		return
diff --git a/tm2/pkg/crypto/ledger/ledger_secp256k1.go b/tm2/pkg/crypto/ledger/ledger_secp256k1.go
index d6560977..f154dbf3 100644
--- a/tm2/pkg/crypto/ledger/ledger_secp256k1.go
+++ b/tm2/pkg/crypto/ledger/ledger_secp256k1.go
@@ -17,9 +17,6 @@ import (
 	"github.com/gnolang/gno/tm2/pkg/errors"
 )
 
-// discoverLedger defines a function to be invoked at runtime for discovering
-// a connected Ledger device.
-
 type (
 	// discoverLedgerFn defines a Ledger discovery function that returns a
 	// connected device or an error upon failure. Its allows a method to avoid CGO
@@ -48,6 +45,8 @@ type (
 	}
 )
 
+// discoverLedger defines a function to be invoked at runtime for discovering
+// a connected Ledger device.
 var discoverLedger discoverLedgerFn = func() (LedgerSECP256K1, error) {
 	device, err := ledger.FindLedgerCosmosUserApp()
 	if err != nil {

@github-actions github-actions bot added 🧾 package/realm Tag used for new Realms or Packages. 📦 🤖 gnovm Issues or PRs gnovm related 📦 ⛰️ gno.land Issues or PRs gno.land package related labels Jan 26, 2024
@github-actions github-actions bot removed 🧾 package/realm Tag used for new Realms or Packages. 📦 🤖 gnovm Issues or PRs gnovm related 📦 ⛰️ gno.land Issues or PRs gno.land package related labels Jan 26, 2024
@thehowl thehowl merged commit 7382d7c into gnolang:master Jan 26, 2024
197 of 199 checks passed
@kristovatlas
Copy link
Contributor

Although merged, a light security review is in progress and I'll follow up with a comment when completed.

leohhhn pushed a commit to leohhhn/gno that referenced this pull request Feb 2, 2024
<!-- please provide a detailed description of the changes made in this
pull request. -->

<details><summary>Contributors' checklist...</summary>

- [ ] Added new tests, or not needed, or not feasible
- [x] Provided an example (e.g. screenshot) to aid review or the PR is
self-explanatory
- [x] Updated the official documentation or not needed
- [x] No breaking changes were made, or a `BREAKING CHANGE: xxx` message
was included in the description
- [x] Added references to related issues and PRs
- [ ] Provided any useful hints for running manual tests
- [x] Added new benchmarks to [generated
graphs](https://gnoland.github.io/benchmarks), if any. More info
[here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md).
</details>

This PR fixes ledger integration with gno (fixes gnolang#1119 )

### Create ledger account

![image](https://github.com/gnolang/gno/assets/72156537/5ca6411a-46d5-4210-a9fb-ced13a92c1fe)

### Sign and broadcast

<img width="500" alt="image"
src="https://github.com/gnolang/gno/assets/72156537/3b925b15-eed4-45e1-bd36-28ece5f0d4b2">
Copy link
Contributor

@kristovatlas kristovatlas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the contribution, this LGTM. I'm excited to be able to use my Ledger with the testnet tokens and gnokey now.

I also tested this on my Ledger Nano S in concert with the Cosmos Ledger app. Some notes on what I reviewed:

  • Imports in github.com/cosmos/ledger-cosmos-go 0.13.3
    • 8 stars on GitHub
    • 138-commit history starting 6 years ago, with most recent commit 3 months ago
      11 contributors including @jleni, @tac0turtle, and @​​julienrbrt who are members of the COSMOS org on GitHub
    • The repo does not have a security policy, any published advisories, or indications of security audits. I recommend that we flag ledger-cosmos-go for a security audit in the future.
    • 0.13.3 is the most recent tag
  • Sub-dependency on a couple repos from Zondax, which is a GitHub-verified Swiss blockchain service provider
  • I had an inline question about assumptions concerning the length fields for the s and r values when parsing signatures. This was essentially resolved by Morgan.
  • Out of scope for this review:
    • Does the ecdsa.ParseDERSignature handle all edge cases and potential vulnerabilities parsing signatures?
    • Are there any non-obvious issues with big.Int parsing r and s?
    • Are any side channel attacks introduced by failing to work in constant time?
    • The code uses secp.ModNScalar to handle the scalar s. Are the IsOverHalfOrder check and the subsequent adjustments implemented correctly to prevent potential vulnerabilities related to scalar manipulation?

@kristovatlas
Copy link
Contributor

One other callout, since convertDERtoBER gets into some more complex bit arithmetic I would like to see unit tests added for this function to ensure that it works as intended. But it looks correct at first glance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
📦 🌐 tendermint v2 Issues or PRs tm2 related
Projects
Status: Done
Archived in project
Development

Successfully merging this pull request may close these issues.

Missing support for Ledger devices
4 participants