Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ledger App for Secret #28

Open
SecretSaturn opened this issue Dec 5, 2021 · 4 comments
Open

Ledger App for Secret #28

SecretSaturn opened this issue Dec 5, 2021 · 4 comments
Labels
approved This grant has been approved by the Secret Foundation and will be funded

Comments

@SecretSaturn
Copy link

Secret Ledger App

Project Description

This is the dedicated Ledger App for Secret, the Github repo can be found here: https://github.com/SecretSaturn/ledger-secret

Problem / Solution

At the moment every Ledger user is forced to use the Cosmos Ledger App, which is unoptimized for Secret. Specifically the Cosmos App actually switches to "Expert Mode" by default as soon as it detects a TX which is not in ATOM, making it inconvenient for (average) end users to understand what is actually going on.

Similar as the Terra team has done it with their own app for Ledger, we propose a dedicated Secret App for Ledger to make it easy for users to use the Secret App with their Ledger instead of using the Cosmos App.

Detailed product description

We started off by forking the Cosmos Ledger App from the original dev Zondax.ch here https://github.com/Zondax/ledger-cosmos. We'll of course include upstream changes from the cosmos-ledger app to ensure that our secret-ledger app is also on the newest codebase (especially with the SDK changes that come in from time to time) and patches etc.

Some screenshots of the simulator to see how the Secret App will look like on a real ledger:







For more screenshots of the app you can also see the (test case) snapshots: https://github.com/SecretSaturn/ledger-secret/blob/main/tests_zemu/snapshots/ .

You can test the app on your Ledger Nano S if you follow readme:
https://github.com/SecretSaturn/ledger-secret/blob/main/README.md .

Go-to-Market plan

We already submitted the App to Ledger and awaiting their approval or revisions to make it to the Ledger Live Manager. After this we implement the improvements in the later phases and slowly roll them out via updates.

Value capture for Secret Network ecosystem

A dedicated Ledger App for Secret does multiple things at one for Secret Network ecosystem, mainly (but of course not limited to):

  • Making it easier to use Secret at the start. Especially beginners seem to struggle a lot with the cosmos app simply because they are confused why they would need a Cosmos App for Secret.
  • More exposure for Secret Network because we can actually be seen in the Ledger Live Manager.
  • First hardware wallet to (directly) support Secret and over a second app.
  • Ledger can under certain conditions (see here: https://developers.ledger.com/docs/nano-app/marketing-requirements/) also make some (additional) marketing for Secret.

Team Code Repos

We like to remain (somewhat) anonymous, so we only provide the SecretSaturn GitHub account here, but (as some of the team might already know) we are a validator on the Secret Network (🪐Secret Saturn https://secretnodes.com/secret/chains/secret-4/validators/E855109B212B9EB65C982FD44EE13E77E9E33C4A).

https://github.com/SecretSaturn

Development Roadmap

#Phase 0:

The Ledger App has been submitted to Ledger and we will ensure that the App will be released by Ledger.
Aside from this, everything needed from creating logos etc. to adjusting the tests is already done and ready.
We will need to write some additional documentation/tutorials for Ledger before approval (as the ones for the cosmos app are probably not enough detailed), but we will wait for Ledger for further instructions on what they want specifically.

Some coordination with the marketing team and/or the Secret foundation (see here: https://developers.ledger.com/docs/nano-app/marketing-requirements/) for the release should be done, but we will organize this as soon as a release date for the Ledger app is in sight.

#Phase 1: Following improvements to our app (after getting the first release out):

  • Include Ledger Live support (meaning that you can see your SCRT balance in Ledger Live and e.g. send, deposit and stake SCRT within Ledger Live)
  • Better IBC support and readability. (it works, but the descriptions are fairly hard to read, mainly because of the very long IBC addresses with 68 characters.)

#Long term (continuously):

  • Continuous updating of the app, fetching upstream of the cosmos-ledger app from Zondax.ch
  • Support in case there are questions
  • Bug fixes and/or improvements in the app that need to be done
  • Making sure that future new functions/msgs specific for Secret are also continuously included

The main idea is to first get an app out (that is already nice to use) to make it easy for users to finally use a dedicated Secret app and then improve more and more things as time progresses. Of course these improvements are not fixed, should new things come up at a later point of time we will of course make the appropriate changes to the app to ensure that everything runs smoothly.

Payment

The payment is proposed as follows:

For the release of the secret-ledger app (from understand the code to the final release in the Ledger App Store (approx. $50/hour x 70 hours):

750 SCRT @ 4,60$

We ask to only get a payment if (and only if) the Secret App is successfully released to the Ledger Live Manager. Of course the Foundation can also do the payment before the release, but it's not any requirement at all for us. We strongly believe in the Secret Network and therefore only want to be paid in SCRT.

In case we need more funding for the implementation of the future improvements we would append this SCRT grant at a later time and request more funding if really needed.

If you have questions please do not hesitate to contact me on discord as you already know my validator there. :)
@Cashmaney
Copy link
Member

I like this. A couple of changes I would like to see from the standard cosmos app, which I hope you can include as well:

  1. Blind signing - the actual msg data being signed is encrypted and way too long for easy ledger use at the moment. A better way would be to only display a hash of the encrypted message (which Keplr could also display) and allow the user to verify that way

  2. Secret Network BIP-0044 coin type (https://github.com/satoshilabs/slips/blob/master/slip-0044.md) - in the standard cosmos app they use the default cosmos coin type (118) to generate addresses, while Secret Network uses 529.

  3. Larger messages (if possible) - since Secret Network (& cosmos for that matter) support multiple transactions in a single message, it would be nice to maximize the amount of data that can be passed to a ledger signature if that can be somehow increased compared to the current app

And lastly, we require all code to be open sourced.
Please contact me on TG (@cashmaney3) and we can discuss specifics and details

@SecretSaturn
Copy link
Author

I wrote with @Cashmaney and I think we came to the following conclusions for the additional changes:

  1. This should be possible to include in a future release.

  2. I changed the Cointype to the correct one (529 for Secret). But as discussed with @Cashmaney this (yes, 100%) breaks all existing applications (secretcli, Keplr, Mathwallet, secretnodes etc.) for use with the Secret Ledger App, as all of them do not support the correct coin type (529) for Secret on Ledger. For paper wallets this is not the case, but for Ledger the coin type in all of these applications is fixed to 118 to originally fit the Cosmos Ledger App. Of course the original Cosmos Ledger App still works, but then whole point of a dedicated Ledger App for Secret is defeated. There is also no way to support both coin type (118 and 529) on the same app, as Ledger includes them in the Makefile, so after compilation this cannot be changed at runtime.

So all existing applications need to be changed in order for the Secret Ledger App to work properly.

  1. This is also a thing that I would include in a future release if possible (but depends on RAM limitations of the Ledger devices).

@reuvenpo reuvenpo added the approved This grant has been approved by the Secret Foundation and will be funded label Dec 13, 2021
@SecretSaturn
Copy link
Author

Good news!
The Ledger App has been released by Ledger. You can download it in Ledger Live after enabling experimental apps (please DM me if you want have more information on this).

At the moment it is only released as an experimental release because we do not have a graphical wallet (which is outside of my scope) that is able to use the new app. However I've talked and coordinated everything that we will have at least one graphical wallet in next few weeks and another is coming around Q3.

Because the price as of the time of writing this has dropped to 4.21$, the adjusted payout would be 750 SCRT @ 4,60$ = 820 SCRT @ 4,21$. Please send the SCRT to the validator address of Secret Saturn and if there are any questions or anything else please do not hesitate to contact me on telegram or discord, thank you :)

@blake-regalia
Copy link

btw, i added clear signing but agreed to await results of the current audit (which merges upstream) before completing.

See PR here:
SecretSaturn/ledger-secret#5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
approved This grant has been approved by the Secret Foundation and will be funded
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@blake-regalia @Cashmaney @reuvenpo @SecretSaturn