WebWallet Conformance: Metamask & Ledger Nano

[kalouo]

No description provided.

[kalouo]

First try:

[kalouo]

Exits and deposits work but you need to activate "Contract Data" on the Ledger device. Solves the above. Reading around this may not be needed on newer devices.

[kalouo]

[kalouo]

However, cannot sign child chain transactions.

Returns Error: Not Supported on this device.

Understand there is no support yet for signing typed data with a hardware wallet. From Metamask documentation, Note that MetaMask supports signing transactions with Trezor and Ledger hardware wallets. These hardware wallets currently only support signing data using the personal_sign method.

Related issues/PRs:

• Implement signTypedMessage LedgerHQ/ledgerjs#86
• Error when signing messages using a Ledger-connected wallet MetaMask/metamask-extension#5319

[nicholasmueller]

Adding a note here since I just tried it but the watcher wont accept a signature using personal_sign method

[pnowosie]

Adding a note here since I just tried it but the watcher wont accept a signature using personal_sign method

OMG Network's transactions are signed with personal_signTypedData method (it's defined in eip-712). There are however some discrepacies how clients implement the method internaly (see also #omgnetwork/elixir-omg/issues/836)

[kalouo]

Picked this up on Ledger Reddit: https://www.reddit.com/r/ledgerwallet/comments/hn7c6p/ledger_support_for_eth_eip712_signtypeddata/

[unnawut]

Also inputs from @Pongch

TIL, went through the signature rabbit hole today, may be useful for others; https://ethereum.stackexchange.com/questions/59880/solidity-ecrecovery-and-ethereumjs-ecsign-return-different-address
the reason signing raw private key via ecsign() works for sending transaction on the Network and not eth.sign()/personal_sign() is because web3/wallets may add the message to the prefix of the hash:

"\x19Ethereum Signed Message:\n32"

before the message gets signed.

only if the wallet exposes sign() without the prefix: it would be trivial to add EIP712 support like the one you see here 👇:skin-tone-2: and get child chain transaction to work https://github.com/ethereum/EIPs/blob/master/assets/eip-712/Example.js#L116-L128

[unnawut]

Internal Q&As for future reference:

How low level does the integration API get? How are they able to support all the various chains they do?
Are the questions specifically for their web3 support?

My understanding is we have these options:

1. Integrate with metamask, then metamask talks via web3 API with the Ethereum app on ledger device: The current hurdle is the extra prefix Ledger is appending to the signature for security reasons and metamask is not able to parse it, so we need to come up with a solution that Ledger team is willing to accept. Question 6

2. Integrate directly with Ethereum app on ledger device via web3 API: Docs are little thin on signing EIP-712 this way, so hopefully we know better from those questions

3. For different chains, especially with different signing algorithms, a party must build the ledger C app and submit it to ledger for review: Most undesired for us due to effort required for development + submission for review. Plus UX hurdle that it diverges a lot from the usual Ethereum user flow. Would not support signing through metamask. But we might have to consider this route as a last resort.

[nicholasmueller]

To add to the above:

• one thought was the feasibility of adjusting our system to accept personal_sign sigs (the only one ledger currently supports). Not feasible because that would affect every component in our system and the signature hashes are already well defined and verified.
• have to sign without injecting prefixes (ecsign, eth_sign). this is safe due to the structure of the hash and how we check it in the system

solutions:

• ledger needs to support signTypedData or ethSign (to have full ux compatibility with metamask)
• for a possible flow outside metamask, ledger needs to provide some kind of api that performs the unprefixed elliptic sign
• we write our own ledger app that performs the signing (would not fit in the metamask flow) as mentioned above (which they may not even accept if they dont accept ethSign already)