How to send and receive Grin with Ledger Live Desktop

I uploaded this video a few days ago that goes over how to send and receive MimbleWimble Coin with Ledger Live Desktop. The second half of the video focuses on doing the same with Grin. Enjoy!

You can download the version of Ledger Live Desktop shown in the video here.

You can install the hardware wallet apps shown in the video onto a Ledger Nano S or Ledger Nano S Plus hardware wallet here.

15 Likes

Thanks for sharing this @NicolasFlamel. Are you on our keybase? Keybase

Note to everyone else, this hasn’t been reviewed by any Grin community member so proceed with caution.

2 Likes

I hoped active User confirmation would be required to receive grin with a hardware wallet. It seems to be not the case.

based on the video it seems like it does require active user confirmation

First I highly appreciate progress for grin ledger support.

At 09:21 i see verification of slatepack address on hardware wallet. (button pushed on Hardware wallet.)
But the Address seems to be irrelevant since it is not used on sender side or for transportation of slatepack message.

At 09:52 first slatepack message is copied from sender wallet to Ledger Live Desktop window. Continue button is clicked on Desktop window.

At 10:44 Desktop window suggests “you received 9.970156” and also shows slatepack reply without any need to push a button on hardware-wallet. If your consider the desktop as as (partly) untrusted the information passed from the trusted device to the untrusted device automatically. And user does not know if the wallet automatically tries to transport the slatepack reply back to sender.

I wished for a required action on hardware wallet button, before signed information goes from (trusted) hardware wallet to (partly untrusted) desktop application. But showing the User necessary information to decide, whether to sign or decline on the trusted screen.

1 Like

Correct, user confirmation is only required on the hardware wallet when sending Grin and not when receiving Grin.

TradeOgre doesn’t support sending to a Slatepack address which is why I don’t use the Slatepack address in the video. Ledger Live Desktop only supports receiving Grin from manually entering non-encrypted and encrypted Slatepacks. The Slatepack address should be used by the sender if they want to encrypt the Slatepack and/or if they want the Slatepack to contain a payment proof.

Correct, Ledger Live Desktop uses the SRS workflow for sending and receiving Grin. This is the first step in that workflow.

It seems unnecessary to require user confirmation on a hardware wallet when receiving Grin since doing so doesn’t guarantee anything. Even after a Slatepack is “signed” by a recipient, malicious software could always send its own valid response back to the sender (if the Slatepack doesn’t contain a payment proof).

Currently, the only way that I know of to guarantee that a Slatepack was “signed” by the intended recipient is to have the Slatepack contain a payment proof. The payment proof allows the sender to verify the recipient’s Slatepack address after they receive the Slatepack response from the recipient. The recipient’s Slatepack address is verified by the recipient on their hardware wallet, and the sender is shown the recipient’s Slatepack address on their hardware wallet when approving the transaction if there’s a payment proof. The recipient’s hardware wallet creates the payment proof signature when receiving Grin, and the sender’s hardware wallet verifies the payment proof signature when sending Grin.

2 Likes

I’m on keybase now. I’m nicolasflamel1 there.

‘TradeOgre doesn’t support sending to a Slatepack address’, just curious by what you mean here, because I bought and sent Grin to my grin-wallet via TradeOgre few days ago with Slatepack copy/paste mechanism. So maybe you mean something else, but was curious to understand.
Thanks!

1 Like

The Slatepacks generated by TradeOgre when withdrawing Grin can be receive by anyone since they don’t have a specific Slatepack address set as the Slatepack’s destination.

You can set a Slatepack’s destination when sending Grin with the CLI wallet by using the the optional --dest argument. When a Slatepack address is set as the destination, the Slatepack will be encrypted and contain a payment proof so that only the intended recipient can receive the Slatepack.

TradeOgre doesn’t give you the option to set a destination Slatepack address when withdrawing Grin from it.

Understood, thanks. So if by huge mischance someone else get the Slatepack from TradeOgre and use it before you (not realistic situation though except if full laptop hacked already) they could receive it.

Yes, if someone else got your Slatepack from TradeOgre and sent their Slatepack response back to TradeOgre before you do then they will receive the Grin and you wont.

Anyone can create a valid response to a Slatepack if it isn’t encrypted and doesn’t contain a payment proof, and the transaction’s sender has no way of knowing who actually “signed” the Slatepack response if it doesn’t contain a payment proof.

2 Likes

Awesome! Thank you! :slight_smile:

1 Like

Thanks for the ledger app! In the new update Ledger Live Desktop 2.47.0 did not add grin accounts. How soon will they add official support for grin?

1 Like

It’s probably going to be several more months before MWC and Grin are added to the official Ledger Live Desktop. Ledger won’t merge a PR with my changes into Ledger Live Desktop & Ledger Live Mobile until Ledger finishes reviewing the hardware wallet app.

You can see where Ledger currently is in the review process here. They have limited resources when it comes to reviewing apps, so the process has been pretty slow so far.

4 Likes