Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add customized Ledger support #12935

Merged
merged 13 commits into from
Sep 7, 2022

Conversation

0a1c
Copy link
Contributor

@0a1c 0a1c commented Aug 16, 2022

Description

Increase customized signing capabilities for Ledger by:

  • Adding the capability to use different Ledger apps and key types

By increasing the degree to which higher-level chains can customize Ledger usage and signing, the Cosmos SDK can become better-suited to serve chains that differ from the default; this can include EVM-based chains that do not use the Cosmos Ledger app, or Cosmos-based chains with their own Ledger implementation.

PR

This PR introduces the ability to customize Ledger support for apps with secp256k1 ECDSA keys, such as Ethereum and Cosmos. Key changes and relevant files:

  • Add a new Options type within Ledger to track customizations
    • Add various Ledger options to the Keyring options, where they can be passed in from higher-level chains
    • Update the Ledger options using the Keyring options via setter functions
    • Update the Ledger implementation to use these options
  • Add LedgerHasProtobuf field to Context to indicate whether the Ledger instance can support Protobuf SignDocs

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

  • included the correct type prefix in the PR title
  • added ! to the type prefix if API or client breaking change
  • targeted the correct branch (see PR Targeting)
  • provided a link to the relevant issue or specification
  • followed the guidelines for building modules
  • included the necessary unit and integration tests
  • added a changelog entry to CHANGELOG.md
  • included comments for documenting Go code
  • updated the relevant documentation or specification
  • reviewed "Files changed" and left comments if necessary
  • confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

  • confirmed the correct type prefix in the PR title
  • confirmed ! in the type prefix if API or client breaking change
  • confirmed all author checklist items have been addressed
  • reviewed state machine logic
  • reviewed API design and naming
  • reviewed documentation is accurate
  • reviewed tests and test coverage
  • manually tested (if applicable)

@0a1c 0a1c requested a review from a team as a code owner August 16, 2022 16:13
@github-actions github-actions bot added the C:CLI label Aug 16, 2022
@0a1c 0a1c changed the title feat: increase customized signing capabilities feat: add customized Ledger support Aug 16, 2022
Copy link
Contributor

@alexanderbez alexanderbez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK

I left a few minor comments and we also need a changelog entry for this as well as a note in the upgrading doc IMO

@@ -144,6 +144,15 @@ type Options struct {
SupportedAlgos SigningAlgoList
// supported signing algorithms for Ledger
SupportedAlgosLedger SigningAlgoList
// define Ledger Derivation function
LedgerDerivation func() (ledger.SECP256K1, error)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't ledger derive keys that aren't on the SECP curve?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Currently, Ledger devices are represented using the SECP256k1 interface. This PR intended only to generalize Ledger support within the realm of secp256k1 keys, but it's possible that generalizing it even further might be more appropriate. Do you think that would be the case?

Comment on lines 257 to 266
} else {
return convertDERtoBER(sig)
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
} else {
return convertDERtoBER(sig)
}
}
return convertDERtoBER(sig)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Revised

// a connected Ledger device.
var discoverLedger discoverLedgerFn
// options stores the Ledger Options that can be used to customize Ledger usage
var options Options
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is there a way to not use a private global? Or is this inherent to how the ledger is setup and used?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The implementation of the Ledger functions depends on the options provided, so there must be some form of local state. Let me know if there is a way to improve it, I am open to any ideas.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we use dependency injection here @kocubinski?

Comment on lines 25 to 31
// Set default values for Cosmos Ledger instance. These can be updated
// by setting fields in the Keyring Options.
options.createPubkey = func(key []byte) types.PubKey {
return &secp256k1.PubKey{Key: key}
}
options.appName = "Cosmos"
options.skipDERConversion = false
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's two code blocks that do the exact same thing -- I would move this setup into a helper function.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Revised

Copy link
Contributor

@alexanderbez alexanderbez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK

@alexanderbez
Copy link
Contributor

@austinchandra could you allow access for us to update your branch or just rebase main yourself prior to merge pls?

@0a1c 0a1c force-pushed the evmos/general-ledger-support branch from dbcf92a to 37ae302 Compare August 22, 2022 18:17
@0a1c
Copy link
Contributor Author

0a1c commented Aug 22, 2022

@alexanderbez Rebased and added CHANGELOG and UPGRADING entries

@alexanderbez
Copy link
Contributor

@austinchandra could you quickly address the linting errors and we'll merge 👍

@0a1c 0a1c force-pushed the evmos/general-ledger-support branch from 2b8dd66 to 03acc49 Compare August 22, 2022 21:48
@0a1c
Copy link
Contributor Author

0a1c commented Aug 22, 2022

@alexanderbez Fixed and updated

@0a1c 0a1c force-pushed the evmos/general-ledger-support branch from 03acc49 to d8ef53d Compare August 22, 2022 21:59
@alexanderbez
Copy link
Contributor

@austinchandra can you allow access to update your branches for us? That way we can rebase main without you having to do it each time. Otherwise, you can update it.

@alexanderbez alexanderbez added the A:automerge Automatically merge PR once all prerequisites pass. label Aug 23, 2022
@0a1c 0a1c force-pushed the evmos/general-ledger-support branch from d8ef53d to 6d61f0a Compare August 23, 2022 15:53
@0a1c
Copy link
Contributor Author

0a1c commented Aug 23, 2022

@alexanderbez Rebased and granted permissions

@0a1c 0a1c force-pushed the evmos/general-ledger-support branch from 6d61f0a to 5b385e2 Compare August 23, 2022 18:02
@codecov
Copy link

codecov bot commented Aug 24, 2022

Codecov Report

Merging #12935 (9d6791f) into main (f9e8a04) will decrease coverage by 0.30%.
The diff coverage is 30.00%.

❗ Current head 9d6791f differs from pull request most recent head 412cdcb. Consider uploading reports for the commit 412cdcb to get more accurate results

Impacted file tree graph

@@            Coverage Diff             @@
##             main   #12935      +/-   ##
==========================================
- Coverage   54.02%   53.71%   -0.31%     
==========================================
  Files         645      645              
  Lines       55238    55271      +33     
==========================================
- Hits        29841    29690     -151     
- Misses      23019    23198     +179     
- Partials     2378     2383       +5     
Impacted Files Coverage Δ
client/cmd.go 57.73% <0.00%> (ø)
client/context.go 54.49% <0.00%> (-0.88%) ⬇️
crypto/keyring/keyring.go 60.72% <0.00%> (-1.23%) ⬇️
crypto/ledger/ledger_secp256k1.go 50.96% <45.45%> (-1.94%) ⬇️
crypto/ledger/ledger_mock.go 58.46% <100.00%> (+0.64%) ⬆️
x/distribution/simulation/decoder.go 0.00% <0.00%> (-100.00%) ⬇️
x/distribution/simulation/operations.go 0.00% <0.00%> (-80.65%) ⬇️
x/group/keeper/keeper.go 56.64% <0.00%> (+0.39%) ⬆️
crypto/keys/internal/ecdsa/privkey.go 83.01% <0.00%> (+1.88%) ⬆️
x/simulation/operation.go 13.04% <0.00%> (+13.04%) ⬆️
... and 1 more

@amaury1093 amaury1093 self-assigned this Aug 24, 2022
@JeancarloBarrios JeancarloBarrios self-assigned this Aug 29, 2022
CHANGELOG.md Outdated Show resolved Hide resolved
@@ -262,6 +263,13 @@ func (ctx Context) WithAux(isAux bool) Context {
return ctx
}

// WithLedgerHasProto returns the context with the provided boolean value, indicating
// whether the target Ledger application can support Protobuf payloads.
func (ctx Context) WithLedgerHasProtobuf(val bool) Context {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@austinchandra Just to understand the context of this PR: Is Evmos creating a custom ledger app just for Evmos?

The SDK team is working on SIGN_MODE_TEXTUAL, which improves ledger signing in general, and comes with a Cosmos-wide Ledger app. https://github.com/cosmos/cosmos-sdk/blob/main/docs/architecture/adr-050-sign-mode-textual.md

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Evmos plans to create a custom Ledger app in the future, which will probably attempt to integrate some variant of SIGN_MODE_TEXTUAL. For now, we are using the Ethereum app to sign Cosmos payloads using EIP-712 Typed Messages, which this PR helps to enable.

@alexanderbez alexanderbez enabled auto-merge (squash) September 7, 2022 02:43
@alexanderbez alexanderbez merged commit 4a07259 into cosmos:main Sep 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
A:automerge Automatically merge PR once all prerequisites pass. C:CLI
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants