Open tonymorony opened 3 years ago
@sergeyboyko0791 Please post the info about libs and documentation you discover to this issue.
I started researching how to integrate Ledger Nano S/X first into MarketMaker in WASM. Here's what I learned about it:
Bitcoin
app first and sign a UTXO tx, after that open the Ethereum
app and sign an Eth tx. This doesn't suit us. I see only the one way - to develop an AtomicDEX
app.
ledgerhq/hw-transport-u2f
npm package like bitcoins-rs/ledger/transports/WASM does. As we discussed with @artemii235, it may lead to security issues;ledgerhq/hw-transport-u2f
npm package, but import only u2f-api.js, google-u2f-api.js filesA few comments regarding integration Ledger/Trezor into MarketMaker in WASM
webusb
protocol.Ledger Live Bridge
, but as I found this they seem to be deprecating it.In summary, we can try to integrate Ledger and/or Trezor using WebUSB for Chrome only and continue looking for a solution to support every browser.
I think running one app at a time is a security feature rather than "inconvenience" because a user is required to select a specific app. This adds an extra isolation layer to prevent malicious attempts to retrieve data from other supported coins. If I remember correctly on Trezor all you have to do is specify derivation path and/or coin name and get desired data from a device.
U2F over browser in my experience is highly unstable, constant connection issues, timeouts etc.
@sergeyboyko0791 Please consider this idea https://github.com/KomodoPlatform/atomicDEX-API/issues/928#issuecomment-940962013 while implementing abstractions for transaction signing. We should have the possibility to delegate this to a remote node that has access to an actual device.
adding my edited comment from the "global todos list" (spreadsheet) from March 2021 for transparency and vision clarification:
I see two good options for the UX of HW wallet support:
(1) use it from HW only - HW can log in with pubkey - mm2 can create transactions and passes the unsigned tx to hw device, hw device signs and returns signed tx. Benefit: this is ultra secure. negative: each swap transaction needs manual transaction confirmation and user interaction - user experience is suboptimal and require too much interaction. However, in regards to security this is the most secure option. (2) use HW wallet for swap funding. i.e. when user attempts swap he signs a tx of full swap volume plus fees which goes to a "local" mm2 address. And mm2 will handle swap from this key without user-interaction requirement. When swap is complete mm2 transfers received coins to HW wallet pubkey. This is quite safe as well and the risk is reduced to the volume amount (in case user-device is infiltrated).
personally I prefer (1) but I understand it turn user experience poor so we likely stick to option (2) anyway
One other factor and very high priority item is https://github.com/KomodoPlatform/atomicDEX-API/issues/740
With both HD and HW wallet support two of the most popular and wanted wallet features would get coverage. It would make sense to keep #740 in mind for the path derivation handlers, et cetera.
At the first iteration, I'd prefer not to change the consensus protocol, but to implement the (1) option. Then we can continue improving HW support by implementing the (2) option and https://github.com/KomodoPlatform/atomicDEX-API/issues/740. As I see, these are 3 different tasks we should solve separately.
In the PR mentioned above I implemented requesting balances of HD accounts and addresses like it does hw-kmd-wallet:
m/44'/coin_type'/account_id'/change/i
until we get 20 (configurable gap limit) empty addresses. Remember the number of non-empty addresses for every account to avoid the checking of at least already known addresses.These steps are performed on coin activation and every time user calls wallet_balance
. This can lead to a significant increase in network traffic.
I found an alternate solution as it's done in MetaMask:
User chooses the set of addresses that should be indexed by the app and can add new addresses at any time.
The other side is that this behaviour is different from common practice.
@artemii235 @tonymorony what do you think?
I'd like to share my thoughts on how to activate coins with Trezor and provide HD wallet functionality.
I propose to add a duplicate of each coin with the HW
suffix like KMD-HW
, KMD-BEP20-HW
etc.
It'll allow the user to activate coins with Iguana private key and Trezor device, transfer funds between them.
Cons:
<COIN>-HW
to <COIN>
<COIN>-HW
and <COIN>
coins https://github.com/KomodoPlatform/atomicDEX-API/issues/1089@artemii235 @tonymorony @ca333
We've just had a quite productive call with @sergeyboyko0791 @Milerius @yurii-khi and concluded that HW
suffix solution should be sufficient to find the way to make UX comfortable for the user
Thank you for your time guys! :)
I'd like to share the integration progress and the what we need to do (in my opinion) to complete the implementation of the wallet functionality:
init_utxo
, account_balance
, scan_for_new_addresses
RPC calls by using batch requests to Electrum services. Also consider refactoring account_balance
and scan_for_new_addresses
by using RpcTask
to allow GUI to request the whole account balance instead of using paging options.Hardware Wallet integration is not definitely finished, but we have reached the point that it can be integrated into GUIs and used in cli. @smk762 could we please arrange work on this? Related issue https://github.com/KomodoPlatform/developer-docs/issues/392
Can we please add a method for returning a user's xpub key? This is available in some competing wallets:
Can we please add a method for returning a user's xpub key? This is available in some competing wallets:
Looks like blockbook could help with this https://github.com/trezor/blockbook/blob/master/docs/api.md#get-xpub
Can we please add a method for returning a user's xpub key? This is available in some competing wallets:
yes definitely. Its a trivial addition and actually a requirement for efficient HD key/account management (enables mm2, GUIs and 3rd party implementations to derivate entire key-tree for any-pre-checks/pre-syncs/et cetera) - we will add this during the next iterations.
It would be a huge booster to add hardware wallets (Trezor/Ledger) support into