Grin ledger hardware wallet progress thread by @markhollis

Hi Cryptised, thanks. It goes better than a while ago, I made some good progress.
At some point, I will need user testing the app.
I’m going to think about how I could assign something more developer oriented, but it’s hard at the moment to divide this now in well rounded tasks.

8 Likes

Update for weeks August 31 to September 14:

  • Further work on Grin’s PSBT version in grin-wallet.
  • Implementation of key derivation in the Ledger app.
  • Implementation of kernel offset.

Next is considering the finalize part more.

11 Likes

Implementing the rangeproof part is challenging. Here are some notes about the use of rangeproofs in grin-wallet. It can contain faults or inconsistencies and it is certainly incomplete.

Related work

There is some previous work done on rangeproofs in Monero

There is a publication on a Monero Trezor implementation
See:

Monero has switched to BP++.

There is also the Beam HW wallet implementation.
I haven’t studied these implementation in depth yet.

If someone knows related work regarding implementations of Bulletproofs on Ledger/Trezor, let me know.

In the following, I will give some comments on the rangeproof code, as it is used in Grin.

Rangeproof

Other interesting parts in the Wallet layer:

Now for the bulletproof algorithm itself:

This note is certainly incomplete, especially the analysis of the Bulletproof algorithm itself.
The question I have is how to offload the part which uses the secret nonce and blinding factor to the HW. Perhaps studying related work will help here. If there are suggestions, they are very welcome.

21 Likes

If you wish, you could work in collaboration with Nicolas Flamel. He made some good advancement on his own MWC ledger integration.

3 Likes

Update for weeks September 14 to September 28:
I worked these weeks on:

  • Adjust offset
  • Further work on signing of payment proof with ed25519 key (Dalek key in grin-wallet) and sending the information needed for this.
  • Work on grin-wallet. It seems best to implement a method for each action in grin-wallet that must be delegated to the HW (e.g. fn adjust_offset, fn create_payment_proof).

Now working on including inputs and outputs.

20 Likes

Update for weeks September 28 to October 12:
I worked these weeks on:

  • including inputs and outputs on the HW side
  • commiting to a value on the HW side
  • Lots of debugging. I decided to go for a Rust HW app, instead of a C app. It offers security review benefits and it is also easier to program in. grin-wallet is also written in Rust, so that would simplify translations. I already translated a big part of my app into Rust.
21 Likes

Thanks for your work Mark. I’ll be ecstatic to see this complete.

Can I ask whether the work you’ve done so far will require custom firmware on the Ledger or would it be possible that Ledger could integrate it (if they wanted)?

1 Like

It would be an app that can be installed on the Ledger, just like e.g. the Bitcoin and Monero apps can be installed.
It doesn’t need extra firmware.
I don’t see limitations at the moment why Ledger could not integrate it.

17 Likes

Really appreciate your work man!

I also have a question: When we install the app on the Ledger device, are we gonna use Grin++ or Ledger Live for transactions? :slight_smile:

Thanks!

2 Likes

Hi andro,

Thanks for your question. Initially, grin-wallet will be used. Then I will look for Ledger Live (this is required for the bounty). Grin++ would be nice as well, given the experience from supporting it in grin-wallet.

8 Likes

Update for weeks October 12 to October 26:

  • Mostly debugging the Rust translation now, getting used to the Rust Ledger SDK.
10 Likes

Update for weeks October 26 to November 9:

  • Further debugging of the firmware.
12 Likes

Update for weeks November 9 tot November 23:

  • Further debugging of firmware.
9 Likes

Looks like a harsh task :wink: :+1:

2 Likes

Update for weeks November 23 to December 7:

  • Most of the work was further implementation of tests in Rust. I also translated tests to C++ (with grin++ in mind).
  • Implementing getting slatepack addresses on the HW.
13 Likes

Update for weeks December 7 to December 21:

  • Further implementation of the tests in grin-wallet and in C++.
  • Rework on the serialization of the parameters
  • Reading about bulletproofs
7 Likes

Update for weeks December 21 to January 4:

  • Further work on wallet, on diverse core cryptographic methods and getting bech32 to work. Debugging, solving typing errors etc.
  • Further implementation of tests.
7 Likes

Just curious, but Grin does not use bech32 right? So why/where is it needed.

Edit: It is used for the slatepack address😅

3 Likes

There was a PR on grin-wallet regarding some timing constraints with the ledger app. It links to GitHub - NicolasFlamel1/ledger-mimblewimble-coin which could be a useful resource. I’m not sure what the app does or doesn’t or if it even works, just another potential source of information that should not be assumed to be safe as far as I’m concerned.

3 Likes

Update for weeks January 4 to January 18:

  • Separate speculos hardware wallet instance for testing/simulation.
  • Solving bugs. Debugging my handlers for comitting to a value and generating an address.
2 Likes