Grin ledger hardware wallet progress thread by @markhollis

Hello,

I’m still somewhat sick at the moment.

  • I received the Beam Ledger app code, thanks to Vladislav.
  • I worked further on said RFC and the reference implementations. I try to publish this as soon as possible.
  • It is best to keep in mind that a Trezor wallet may come. So the code should be separated between which is platform specific and what is not, so that code can be reused in a future Trezor wallet implementation.
  • There are some C libraries for working with PSBTs (BIP174), which can be useful on the firmware side.
16 Likes

This is FANTASTIC news - greatly appreciate all your efforts!

2 Likes

Are you feeling any better?

1 Like

Not really, but I keep working on it if I am able to.

3 Likes

Update for weeks 22/06 to 06/07:

  • These weeks I worked further on the Ledger firmware. I concentrated on reusing parts of the Beam firmware.
  • I started implementing tests in C and Python.
  • The memory space of the Ledger device is rather limited. So I would first implement the firmware without the Grin version of PSBTs.
16 Likes

Update for weeks 06/07 to 20/07:

  • I worked further on the Ledger firmware. I worked on the user interface code. I implemented the tests further.

  • I looked into detail on the BIP standards as they are used in Grin and Ledger, surrounding the topic of key derivation.

  • Lots of small things in the firmware, a lot of debugging.

18 Likes

Update for weeks 20/07 to 03/08:

  • I looked these weeks into the Bulletproof paper and code, to understand the elements I need. It’s the generation side I need to focus on, verification can happen on desktop.

  • I worked further on the Grin++ code, removing compilation errors. And a lot of reading code.

18 Likes

Update for weeks 03/08 to 17/08:

  • On the firmware side, I worked further on the test for signing, which included some utilities, like using the RNG from Ledger, printing a hex number etc. I made a handler instruction for running the tests.

  • On the grin-wallet and grin++ side, I worked further on PSGT, for some alternation.

  • I started writing some documentation, such as the required third-party article as described here, by Ledger: Documentation requirements | Developers

Next, I will design the 2 mandatory icons, as described here: Design requirements | Developers

Then, I will work further on the firmware tests.

22 Likes

Update for weeks August 17 to August 31:

14 Likes

That curve is new to me:-)

1 Like

I’m sorry, I meant Ed25519 of course.

How is this going @markhollis? Is there anything that someone could help you with? I am a developer with little crypto experience but would help with something if I can. I have a ledger I could use.

3 Likes

Hi Cryptised, thanks. It goes better than a while ago, I made some good progress.
At some point, I will need user testing the app.
I’m going to think about how I could assign something more developer oriented, but it’s hard at the moment to divide this now in well rounded tasks.

7 Likes

Update for weeks August 31 to September 14:

  • Further work on Grin’s PSBT version in grin-wallet.
  • Implementation of key derivation in the Ledger app.
  • Implementation of kernel offset.

Next is considering the finalize part more.

10 Likes

Implementing the rangeproof part is challenging. Here are some notes about the use of rangeproofs in grin-wallet. It can contain faults or inconsistencies and it is certainly incomplete.

Related work

There is some previous work done on rangeproofs in Monero

There is a publication on a Monero Trezor implementation
See:

Monero has switched to BP++.

There is also the Beam HW wallet implementation.
I haven’t studied these implementation in depth yet.

If someone knows related work regarding implementations of Bulletproofs on Ledger/Trezor, let me know.

In the following, I will give some comments on the rangeproof code, as it is used in Grin.

Rangeproof

Other interesting parts in the Wallet layer:

Now for the bulletproof algorithm itself:

This note is certainly incomplete, especially the analysis of the Bulletproof algorithm itself.
The question I have is how to offload the part which uses the secret nonce and blinding factor to the HW. Perhaps studying related work will help here. If there are suggestions, they are very welcome.

20 Likes

If you wish, you could work in collaboration with Nicolas Flamel. He made some good advancement on his own MWC ledger integration.

2 Likes

Update for weeks September 14 to September 28:
I worked these weeks on:

  • Adjust offset
  • Further work on signing of payment proof with ed25519 key (Dalek key in grin-wallet) and sending the information needed for this.
  • Work on grin-wallet. It seems best to implement a method for each action in grin-wallet that must be delegated to the HW (e.g. fn adjust_offset, fn create_payment_proof).

Now working on including inputs and outputs.

18 Likes

Update for weeks September 28 to October 12:
I worked these weeks on:

  • including inputs and outputs on the HW side
  • commiting to a value on the HW side
  • Lots of debugging. I decided to go for a Rust HW app, instead of a C app. It offers security review benefits and it is also easier to program in. grin-wallet is also written in Rust, so that would simplify translations. I already translated a big part of my app into Rust.
17 Likes

Thanks for your work Mark. I’ll be ecstatic to see this complete.

Can I ask whether the work you’ve done so far will require custom firmware on the Ledger or would it be possible that Ledger could integrate it (if they wanted)?

1 Like

It would be an app that can be installed on the Ledger, just like e.g. the Bitcoin and Monero apps can be installed.
It doesn’t need extra firmware.
I don’t see limitations at the moment why Ledger could not integrate it.

14 Likes