-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
32 changed files
with
4,662 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -50,3 +50,8 @@ modules.order | |
Module.symvers | ||
Mkfile.old | ||
dkms.conf | ||
|
||
# Project-level stuff | ||
debug/ | ||
.DS_Store | ||
*.pyc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
#******************************************************************************* | ||
# Ledger Blue | ||
# (c) 2016 Ledger | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
#******************************************************************************* | ||
|
||
ifeq ($(BOLOS_SDK),) | ||
$(error BOLOS_SDK is not set) | ||
endif | ||
include $(BOLOS_SDK)/Makefile.defines | ||
|
||
# Main app configuration | ||
|
||
APPNAME = "Burstcoin" | ||
APPVERSION = 1.0.0 | ||
ICONNAME = nanos_app_burst.gif | ||
APP_LOAD_PARAMS = --appFlags 0x40 --path "44'/30'" --curve secp256k1 --curve ed25519 $(COMMON_LOAD_PARAMS) | ||
|
||
# Build configuration | ||
|
||
APP_SOURCE_PATH += src | ||
SDK_SOURCE_PATH += lib_stusb # lib_stusb_impl # - not included here because we're overriding | ||
|
||
DEFINES += APPVERSION=\"$(APPVERSION)\" | ||
|
||
DEFINES += OS_IO_SEPROXYHAL IO_SEPROXYHAL_BUFFER_SIZE_B=128 | ||
DEFINES += HAVE_BAGL HAVE_SPRINTF | ||
DEFINES += PRINTF\(...\)= | ||
|
||
DEFINES += HAVE_IO_USB HAVE_L4_USBLIB IO_USB_MAX_ENDPOINTS=7 IO_HID_EP_LENGTH=64 HAVE_USB_APDU | ||
|
||
# U2F Support | ||
DEFINES += HAVE_U2F | ||
DEFINES += USB_SEGMENT_SIZE=64 | ||
DEFINES += BLE_SEGMENT_SIZE=32 #max MTU, min 20 | ||
DEFINES += U2F_MAX_MESSAGE_SIZE=264 #257+5+2 | ||
DEFINES += UNUSED\(x\)=\(void\)x | ||
DEFINES += APPVERSION=\"$(APPVERSION)\" | ||
|
||
# Compiler, assembler, and linker | ||
|
||
ifneq ($(BOLOS_ENV),) | ||
$(info BOLOS_ENV=$(BOLOS_ENV)) | ||
CLANGPATH := $(BOLOS_ENV)/clang-arm-fropi/bin/ | ||
GCCPATH := $(BOLOS_ENV)/gcc-arm-none-eabi-5_3-2016q1/bin/ | ||
else | ||
$(info BOLOS_ENV is not set: falling back to CLANGPATH and GCCPATH) | ||
endif | ||
ifeq ($(CLANGPATH),) | ||
$(info CLANGPATH is not set: clang will be used from PATH) | ||
endif | ||
ifeq ($(GCCPATH),) | ||
$(info GCCPATH is not set: arm-none-eabi-* will be used from PATH) | ||
endif | ||
|
||
CC := $(CLANGPATH)clang | ||
CFLAGS += -O3 -Os | ||
|
||
AS := $(GCCPATH)arm-none-eabi-gcc | ||
AFLAGS += | ||
|
||
LD := $(GCCPATH)arm-none-eabi-gcc | ||
LDFLAGS += -O3 -Os | ||
LDLIBS += -lm -lgcc -lc | ||
|
||
# Main rules | ||
|
||
all: default | ||
|
||
load: all | ||
python -m ledgerblue.loadApp $(APP_LOAD_PARAMS) | ||
|
||
delete: | ||
python -m ledgerblue.deleteApp $(COMMON_DELETE_PARAMS) | ||
|
||
glyphs: | ||
include $(BOLOS_SDK)/Makefile.glyphs | ||
|
||
# Import generic rules from the SDK | ||
|
||
include $(BOLOS_SDK)/Makefile.rules |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,135 @@ | ||
# nanos-app-burst | ||
Burstcoin wallet application for Ledger Nano S | ||
|
||
# Introduction | ||
This is a proof-of concept Ledger Nano S wallet app for Burstcoin. I say that | ||
it is proof of concept for a few reasons: | ||
|
||
- I am not a cryptography or crypto-currency expert, and I could have introduced | ||
errors or security flaws into the code unintentionally. | ||
|
||
- I am knowingly using an ED25519 seed function to generate a Curve25519 keypair | ||
I think this is okay, and I'll discuss it more below, but I'm not sure. See | ||
"technical details" section below. | ||
|
||
- Just in general, you shouldn't trust others with your crypto-currency. | ||
|
||
As such, you agree to use this code AT YOUR OWN RISK: | ||
|
||
The author provides the Work (and each Contributor provides its Contributions) on | ||
an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | ||
implied, including, without limitation, any warranties or conditions of TITLE, | ||
NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are | ||
solely responsible for determining the appropriateness of using or redistributing | ||
the Work and assume any risks associated with Your exercise of permissions under | ||
this License. | ||
|
||
In no event and under no legal theory, whether in tort (including negligence), | ||
contract, or otherwise, unless required by applicable law (such as deliberate | ||
and grossly negligent acts) or agreed to in writing, shall any Contributor be | ||
liable to You for damages, including any direct, indirect, special, incidental, | ||
or consequential damages of any character arising as a result of this License or | ||
out of the use or inability to use the Work (including but not limited to damages | ||
for loss of goodwill, work stoppage, computer failure or malfunction, or any and | ||
all other commercial damages or losses), even if such Contributor has been | ||
advised of the possibility of such damages. | ||
|
||
# License | ||
|
||
Copyright (c) 2017-2018 Jake B. | ||
|
||
This application is based on example sources from Ledger that were released under | ||
the Apache License, Version 2.0 and I have maintained this license for this app. | ||
|
||
Other public domain materials, such as the Curve25519 sources, or implementations | ||
of known algorithms are also included. | ||
|
||
# Building | ||
|
||
You'll need a Ledger Nano S development environment. More information can be | ||
found here: https://github.com/LedgerHQ/blue-devenv/ | ||
|
||
A modification to the current version of the python loader app may be required | ||
depending on whether Ledger has released a new version or not. More on this here: | ||
https://github.com/lenondupe/ledger-app-stellar#troubleshooting | ||
|
||
# Technical Details | ||
|
||
## Why I used a curve25519 library rather than internal functions | ||
|
||
I spent some time trying to get the Ledger-provided keypair generation and curve | ||
multiplication functions to do the necessary cryptographic singing necessary | ||
for Burstcoin. | ||
|
||
After some time, I gave up and just went with a library known to work. I'm not | ||
sure why the internal functions didn't work properly. I tried all sorts of | ||
combinations and endianess but never got a keypair that worked. Possibilities | ||
include: | ||
|
||
- I was just doing something wrong, misunderstanding the SDK or the cryptography | ||
- Keys and signatures may have been in a different format than Burst expects... | ||
Possibly endianness or key format, I'm not an expert. | ||
- Possibly Curve25519 is not fully implemented in the Ledger SDK | ||
- Possible Burst uses a specific variant or dialect of Curve25519, and I'm not | ||
aware. | ||
|
||
## Why do I use the ED25519 key data generation function instead of Curve25519? | ||
|
||
The Ledger smartly uses a system of entitlements for apps. At load time, you | ||
need to declare which BIP39 keypaths and algorithms your app exepects to | ||
generate. | ||
|
||
This prevents a malicious or poorly secured app from generating keys or signing | ||
transactions for a crypto-coin outside of the declared BIP39 keypath or for an | ||
algorithm that is not explicitly needed by the Ledger app. | ||
|
||
The function involved is called os_perso_derive_node_bip32: | ||
|
||
os_perso_derive_node_bip32(CX_CURVE_Ed25519, path, 5, privateKeyData, NULL); | ||
|
||
I use CX_CURVE_Ed25519 because the entitlement system doesn't apparently | ||
support the CX_CURVE_Curve25519 flag. | ||
|
||
I think both ED25519 and Curve25591 expect the key data 'secret' to be a | ||
265-byte integer... so I think this is okay... but I'm not an expert as to | ||
whether this introduces security or cryptography problems. Hence, I recommend | ||
this for use on the testnet only at this time. | ||
|
||
## Web Integration | ||
|
||
Modifications to the PoCC Web Wallet for interfacing with the Ledger Nano S | ||
can be found here: https://github.com/jake-b/burstcoin/tree/ledger | ||
|
||
Note you need to enable "Web Browser" support in the app on the Ledger device | ||
in order to switch from the standard communication protocol to the U2F | ||
protocol. | ||
|
||
# Room for improvement | ||
|
||
Lots of room to grow here. I make no promises to move this forward. I would | ||
like to move my Ledger Nano from "Development" to "Production use" and that | ||
would halt my ability to develop. I may get another unit for development | ||
eventually. | ||
|
||
Some ideas for improvement: | ||
|
||
- Peer review to make sure this is cryptographically sound and secure. | ||
- Progress indicators on the device -- "Please Wait" screens etc, so the | ||
user knows something is going on. | ||
- Support for other types of transactions on the "Confirm Transaction" screen | ||
currently it is very "Send Money" focused. | ||
- A web developer should really look at the desktop/web stuff to fix and | ||
improve the experience. | ||
- Support for multiple wallets (derived wallets/addresses) | ||
|
||
# Videos | ||
|
||
Some videos on this project | ||
|
||
[![Proof of Concept Hardware Wallet for Burstcoin Video](http://img.youtube.com/vi/8i87n5fAvWU/0.jpg)](http://www.youtube.com/watch?v=8i87n5fAvWU "Proof of Concept Hardware Wallet for Burstcoin") | ||
[![Proof of Concept Burstcoin Ledger Web Wallet Integration Video](http://img.youtube.com/vi/7TjjhTY0eDU/0.jpg)](http://www.youtube.com/watch?v=7TjjhTY0eDU "Proof of Concept Burstcoin Ledger Web Wallet Integration") | ||
|
||
# Support | ||
|
||
Support this project by sending some BURST to: BURST-ZGEK-VQ86-M9FV-7SDWY | ||
Again, no promises to future support or development, but thanks are appreciated. |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Oops, something went wrong.