Here is my application:
Since late 2019, I have been interested in the Grin project. I previously participated in the 2020 winter challenge.
Recently, I have taken an interest in cryptographic primitives that are common to privacy projects, like range proofs, bulletproofs etc.
This bounty would be my first contribution codewise. I have looked at the Grin core codebase before and also at the Owner and Foreign RPC API calls. I have some knowledge of Rust, but I haven’t developed in it yet.
I can make myself available, at least during evenings and during the weekend. In a more advanced stage of this project, having more time for this project could be an option. I have some spare Ledger Nano S devices ordered, they should come in tomorrow.
First, I would try to get used to the tools I will use during the development. I will go through building a minimal BOLOS App. I will look in detail through the resources that Vlad and quentinlesceller already provided, or will provide. Access to the BEAM Ledger code would make subsequent steps more clear. Ledger also recommends studying this example of a full-fledged app: GitHub - LedgerHQ/app-sia: The official Sia app for the Ledger Nano S. I would also get used to the application debugging tools, as described here: Application Debug — Ledger Documentation Hub 3 documentation.
Then I would build a skeleton version of the BOLOS application.
As quentinlesceller suggested, connecting the Ledger app to our existing grin-wallet is a good start. In the end-to-end architecture diagram of Ledger (Publishing an Application — Ledger Documentation Hub 3 documentation), grin-wallet fills more or less the role of the desktop app and the remote backend. The connection would be done using USB (to start, as this is the most straightforward). I think I would need the BOLOS Python loader here, the communicate between the device and the host computer. The sia example app provides comment about the ADPU packet communication between device and host PC. This link would be helpful here: Application Structure and I/O — Ledger Documentation Hub 3 documentation.
First try to connect from a Rust program to a Ledger app, using this library: GitHub - Zondax/ledger-rs: Rust crate to connect to Ledger devices
Then research how grin-wallet can be adapted to support the Ledger app.
I would take a detailled look at the approach followed by the BEAM team.
Define the messages that the user sees and the confirmations.
From then on, I am not sure how to progress further at the moment. I expect this will become more clear as I start working on this. Some more well-defined parts are the different transaction types. Maybe that’s a way I can partition the project into smaller tasks:
Implement Receive transaction. I would start with this transaction type.
- Sign kernel and payment proof.
Implement Send transaction. As this transaction type is more complex, I would implement this in a later phase.
- Verify payment proof was signed by receiver.
Implement Restore Wallet
2 mandatory icons, as stipulated by Ledger
Documentation. I would do this during the development.
Tests. The Monero BOLOS app source code already provides how tests could be implemented.
As this is my first contribution, I would have to spend a lot of time in the beginning to get up to speed. The interactive part seems the hardest to implement.
One other risk is wasted efforts. One suggestion about how I could avoid wasted efforts is that I would try to write the documentation before I write the code as much as possible, and share this with the community. This way I would make sure it is clear what will be implemented. For example, I would write (parts of) the user tutorial before I implement the feature. This way, people can judge if the approach is correct.
There is still some uncertainty about how the Ledger code audit time schedule looks like. However, one can expect that due to the code complexity, code review will like a considerable long time. Maybe the waiting time could be used to work on the Grin Interface module?
As security is important, it would be very helpful if some others persons could code review. These persons should look at the code with a C security attacker perspective.
If I am unable to execute subsequent activities, I would hand over the code/documents to someone who could complete the project further.
Technical debt can occur, for example, when Ledger updates their software, or when Grin will update its software. Some training is needed to use the Ledger app. For example, videos could be made that demonstrate usage.
The end criteria are quite clear:
- The BOLOS app project is succesful when it passes the security audit by the Ledger Wallet security team.
- The Grin interface project is succesful when Tor transactions and slatepack copying are supported.
However, these are criteria in a more distant future, I should think about how I could make the feedback loop shorter.
Some other evaluation criteria:
Sending a small amount of Grin to the Ledger device. Then check if it was received.
Then, try to execute a transaction from the Ledger device. Also check that this was executed correctly.
The code should be checked during development for errors as described here: Developing Secure Ledger Apps — Ledger Documentation Hub 3 documentation.
Again, code review would be immensely helpful.
It has hard to give actual timeframes are dates, due to current lack of technical knowledge and some needed practical steps I should first take for my personal work situation.
The following milestone should be reached:
Connection between grin-wallet and Ledger device app using USB.
Copy pasting Slatepacks
- This involves researching how this could be done. One could take a look at how GUI projects like Niffler already implement this.
The following deliverables should be sent to Ledger for the audit process (this is from the Ledger website):
Bolos app Release Candidate source code in a git repository
Companion app, (binaries or package) for Windows/MacOS/Linux
Adobe Illustrator templates filled with icons (perhaps someone who knows Adobe Illustrator can do this?)
Contact information to Ledger (Name, Surname, Legal Entity, URL, email address, phone number). I would provide my own contact information to Ledger.
Link to tutorial hosted on third party website
Video of the BOLOS application running on the Ledger device
- Verify public address on the Ledger device
- Display transaction information before allowing signature
- Reject a transaction on the Ledger device
- Sign a transaction on the Ledger device
Apart from the audit process, the following would be needed to educate the user.
- Video of Grin Interface:
- Demonstrate Tor usage
- Demonstrate Slatepack copypasting