@alephium/ledger-app 0.3.0 → 0.5.0

package/dist/src/index.d.ts

@@ -1,11 +1,13 @@
 /// <reference types="node" />
 import { Account, KeyType } from '@alephium/web3';
 import Transport from '@ledgerhq/hw-transport';
+import * as serde from './serde';
 export declare const CLA = 128;
 export declare enum INS {
     GET_VERSION = 0,
     GET_PUBLIC_KEY = 1,
-    SIGN_TX = 2
+    SIGN_HASH = 2,
+    SIGN_TX = 3
 }
 export declare const GROUP_NUM = 4;
 export declare const HASH_LEN = 32;
@@ -14,6 +16,7 @@ export default class AlephiumApp {
     constructor(transport: Transport);
     close(): Promise<void>;
     getVersion(): Promise<string>;
-    getAccount(startPath: string, targetGroup?: number, keyType?: KeyType): Promise<readonly [Account, number]>;
-    signUnsignedTx(path: string, unsignedTx: Buffer): Promise<string>;
+    getAccount(startPath: string, targetGroup?: number, keyType?: KeyType, display?: boolean): Promise<readonly [Account, number]>;
+    signHash(path: string, hash: Buffer): Promise<string>;
+    signUnsignedTx(path: string, unsignedTx: Buffer, tokenMetadata?: serde.TokenMetadata[]): Promise<string>;
 }

package/dist/src/index.js

@@ -34,10 +34,13 @@ var INS;
 (function (INS) {
     INS[INS["GET_VERSION"] = 0] = "GET_VERSION";
     INS[INS["GET_PUBLIC_KEY"] = 1] = "GET_PUBLIC_KEY";
-    INS[INS["SIGN_TX"] = 2] = "SIGN_TX";
+    INS[INS["SIGN_HASH"] = 2] = "SIGN_HASH";
+    INS[INS["SIGN_TX"] = 3] = "SIGN_TX";
 })(INS = exports.INS || (exports.INS = {}));
 exports.GROUP_NUM = 4;
 exports.HASH_LEN = 32;
+// The maximum payload size is 255: https://github.com/LedgerHQ/ledger-live/blob/develop/libs/ledgerjs/packages/hw-transport/src/Transport.ts#L261
+const MAX_PAYLOAD_SIZE = 255;
 class AlephiumApp {
     constructor(transport) {
         this.transport = transport;
@@ -50,8 +53,7 @@ class AlephiumApp {
         console.log(`response ${response.length} - ${response.toString('hex')}`);
         return `${response[0]}.${response[1]}.${response[2]}`;
     }
-    // TODO: make address display optional
-    async getAccount(startPath, targetGroup, keyType) {
+    async getAccount(startPath, targetGroup, keyType, display = false) {
         if ((targetGroup ?? 0) >= exports.GROUP_NUM) {
             throw Error(`Invalid targetGroup: ${targetGroup}`);
         }
@@ -60,24 +62,36 @@ class AlephiumApp {
         }
         const p1 = targetGroup === undefined ? 0x00 : exports.GROUP_NUM;
         const p2 = targetGroup === undefined ? 0x00 : targetGroup;
-        const response = await this.transport.send(exports.CLA, INS.GET_PUBLIC_KEY, p1, p2, serde.serializePath(startPath));
+        const payload = Buffer.concat([serde.serializePath(startPath), Buffer.from([display ? 1 : 0])]);
+        const response = await this.transport.send(exports.CLA, INS.GET_PUBLIC_KEY, p1, p2, payload);
         const publicKey = ec.keyFromPublic(response.slice(0, 65)).getPublic(true, 'hex');
         const address = (0, web3_1.addressFromPublicKey)(publicKey);
         const group = (0, web3_1.groupOfAddress)(address);
         const hdIndex = response.slice(65, 69).readUInt32BE(0);
         return [{ publicKey: publicKey, address: address, group: group, keyType: keyType ?? 'default' }, hdIndex];
     }
-    async signUnsignedTx(path, unsignedTx) {
+    async signHash(path, hash) {
+        if (hash.length !== exports.HASH_LEN) {
+            throw new Error('Invalid hash length');
+        }
+        const data = Buffer.concat([serde.serializePath(path), hash]);
+        console.log(`data ${data.length}`);
+        const response = await this.transport.send(exports.CLA, INS.SIGN_HASH, 0x00, 0x00, data, [hw_transport_1.StatusCodes.OK]);
+        console.log(`response ${response.length} - ${response.toString('hex')}`);
+        return decodeSignature(response);
+    }
+    async signUnsignedTx(path, unsignedTx, tokenMetadata = []) {
         console.log(`unsigned tx size: ${unsignedTx.length}`);
         const encodedPath = serde.serializePath(path);
-        const firstFrameTxLength = 256 - 25;
+        const encodedTokenMetadata = serde.serializeTokenMetadata(tokenMetadata);
+        const firstFrameTxLength = MAX_PAYLOAD_SIZE - 20 - encodedTokenMetadata.length;
         const txData = unsignedTx.slice(0, unsignedTx.length > firstFrameTxLength ? firstFrameTxLength : unsignedTx.length);
-        const data = Buffer.concat([encodedPath, txData]);
+        const data = Buffer.concat([encodedPath, encodedTokenMetadata, txData]);
         let response = await this.transport.send(exports.CLA, INS.SIGN_TX, 0x00, 0x00, data, [hw_transport_1.StatusCodes.OK]);
         if (unsignedTx.length <= firstFrameTxLength) {
             return decodeSignature(response);
         }
-        const frameLength = 256 - 5;
+        const frameLength = MAX_PAYLOAD_SIZE;
         let fromIndex = firstFrameTxLength;
         while (fromIndex < unsignedTx.length) {
             const remain = unsignedTx.length - fromIndex;

package/dist/src/serde.d.ts

@@ -3,3 +3,13 @@ export declare const TRUE = 16;
 export declare const FALSE = 0;
 export declare function splitPath(path: string): number[];
 export declare function serializePath(path: string): Buffer;
+export declare const MAX_TOKEN_SIZE = 5;
+export declare const MAX_TOKEN_SYMBOL_LENGTH = 12;
+export declare const TOKEN_METADATA_SIZE = 46;
+export interface TokenMetadata {
+    version: number;
+    tokenId: string;
+    symbol: string;
+    decimals: number;
+}
+export declare function serializeTokenMetadata(tokens: TokenMetadata[]): Buffer;

package/dist/src/serde.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.serializePath = exports.splitPath = exports.FALSE = exports.TRUE = void 0;
+exports.serializeTokenMetadata = exports.TOKEN_METADATA_SIZE = exports.MAX_TOKEN_SYMBOL_LENGTH = exports.MAX_TOKEN_SIZE = exports.serializePath = exports.splitPath = exports.FALSE = exports.TRUE = void 0;
+const web3_1 = require("@alephium/web3");
 exports.TRUE = 0x10;
 exports.FALSE = 0x00;
 function splitPath(path) {
@@ -30,3 +31,49 @@ function serializePath(path) {
     return buffer;
 }
 exports.serializePath = serializePath;
+exports.MAX_TOKEN_SIZE = 5;
+exports.MAX_TOKEN_SYMBOL_LENGTH = 12;
+exports.TOKEN_METADATA_SIZE = 46;
+function symbolToBytes(symbol) {
+    const buffer = Buffer.alloc(exports.MAX_TOKEN_SYMBOL_LENGTH, 0);
+    for (let i = 0; i < symbol.length; i++) {
+        buffer[i] = symbol.charCodeAt(i) & 0xFF;
+    }
+    return buffer;
+}
+function check(tokens) {
+    const hasDuplicate = tokens.some((token, index) => index !== tokens.findIndex((t) => t.tokenId === token.tokenId));
+    if (hasDuplicate) {
+        throw new Error(`There are duplicate tokens`);
+    }
+    tokens.forEach((token) => {
+        if (!((0, web3_1.isHexString)(token.tokenId) && token.tokenId.length === 64)) {
+            throw new Error(`Invalid token id: ${token.tokenId}`);
+        }
+        if (token.symbol.length > exports.MAX_TOKEN_SYMBOL_LENGTH) {
+            throw new Error(`The token symbol is too long: ${token.symbol}`);
+        }
+    });
+    if (tokens.length > exports.MAX_TOKEN_SIZE) {
+        throw new Error(`The token size exceeds maximum size`);
+    }
+}
+function serializeTokenMetadata(tokens) {
+    check(tokens);
+    const array = tokens
+        .map((metadata) => {
+        const symbolBytes = symbolToBytes(metadata.symbol);
+        const buffer = Buffer.concat([
+            Buffer.from([metadata.version]),
+            Buffer.from(metadata.tokenId, 'hex'),
+            symbolBytes,
+            Buffer.from([metadata.decimals])
+        ]);
+        if (buffer.length !== exports.TOKEN_METADATA_SIZE) {
+            throw new Error(`Invalid token metadata: ${metadata}`);
+        }
+        return buffer;
+    });
+    return Buffer.concat([Buffer.from([array.length]), ...array]);
+}
+exports.serializeTokenMetadata = serializeTokenMetadata;

package/dist/src/serde.test.js

@@ -1,6 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+const web3_1 = require("@alephium/web3");
 const serde_1 = require("./serde");
+const crypto_1 = require("crypto");
 describe('serde', () => {
     it('should split path', () => {
         expect((0, serde_1.splitPath)(`m/44'/1234'/0'/0/0`)).toStrictEqual([44 + 0x80000000, 1234 + 0x80000000, 0 + 0x80000000, 0, 0]);
@@ -10,4 +12,68 @@ describe('serde', () => {
         expect((0, serde_1.serializePath)(`m/1'/2'/0'/0/0`)).toStrictEqual(Buffer.from([0x80, 0, 0, 1, 0x80, 0, 0, 2, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]));
         expect((0, serde_1.serializePath)(`m/1'/2'/0'/0/0`)).toStrictEqual(Buffer.from([0x80, 0, 0, 1, 0x80, 0, 0, 2, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]));
     });
+    it('should encode token metadata', () => {
+        const token0 = {
+            version: 0,
+            tokenId: (0, web3_1.binToHex)((0, crypto_1.randomBytes)(32)),
+            symbol: 'Token0',
+            decimals: 8
+        };
+        const token1 = {
+            version: 1,
+            tokenId: (0, web3_1.binToHex)((0, crypto_1.randomBytes)(32)),
+            symbol: 'Token1',
+            decimals: 18
+        };
+        const token2 = {
+            version: 2,
+            tokenId: (0, web3_1.binToHex)((0, crypto_1.randomBytes)(32)),
+            symbol: 'Token2',
+            decimals: 6
+        };
+        const token3 = {
+            version: 3,
+            tokenId: (0, web3_1.binToHex)((0, crypto_1.randomBytes)(32)),
+            symbol: 'Token3',
+            decimals: 0
+        };
+        const token4 = {
+            version: 4,
+            tokenId: (0, web3_1.binToHex)((0, crypto_1.randomBytes)(32)),
+            symbol: 'Token4',
+            decimals: 12
+        };
+        const encodeSymbol = (symbol) => {
+            return (0, web3_1.binToHex)(Buffer.from(symbol, 'ascii')).padEnd(serde_1.MAX_TOKEN_SYMBOL_LENGTH * 2, '0');
+        };
+        expect((0, web3_1.binToHex)((0, serde_1.serializeTokenMetadata)([]))).toEqual('00');
+        expect((0, web3_1.binToHex)((0, serde_1.serializeTokenMetadata)([token0]))).toEqual('01' + '00' + token0.tokenId + encodeSymbol(token0.symbol) + '08');
+        expect((0, web3_1.binToHex)((0, serde_1.serializeTokenMetadata)([token1]))).toEqual('01' + '01' + token1.tokenId + encodeSymbol(token1.symbol) + '12');
+        expect((0, web3_1.binToHex)((0, serde_1.serializeTokenMetadata)([token0, token1]))).toEqual('02' + '00' + token0.tokenId + encodeSymbol(token0.symbol) + '08' +
+            '01' + token1.tokenId + encodeSymbol(token1.symbol) + '12');
+        expect((0, web3_1.binToHex)((0, serde_1.serializeTokenMetadata)([token0, token1, token2, token3, token4]))).toEqual('05' + '00' + token0.tokenId + encodeSymbol(token0.symbol) + '08' +
+            '01' + token1.tokenId + encodeSymbol(token1.symbol) + '12' +
+            '02' + token2.tokenId + encodeSymbol(token2.symbol) + '06' +
+            '03' + token3.tokenId + encodeSymbol(token3.symbol) + '00' +
+            '04' + token4.tokenId + encodeSymbol(token4.symbol) + '0c');
+        expect(() => (0, serde_1.serializeTokenMetadata)([token0, token1, token0])).toThrow('There are duplicate tokens');
+        const token5 = {
+            version: 5,
+            tokenId: (0, web3_1.binToHex)((0, crypto_1.randomBytes)(32)),
+            symbol: 'Token5',
+            decimals: 18
+        };
+        expect(() => (0, serde_1.serializeTokenMetadata)([token0, token1, token2, token3, token4, token5])).toThrow('The token size exceeds maximum size');
+        const invalidToken = {
+            ...token0,
+            tokenId: (0, web3_1.binToHex)((0, crypto_1.randomBytes)(33))
+        };
+        expect(() => (0, serde_1.serializeTokenMetadata)([token0, invalidToken])).toThrow('Invalid token id');
+        const longSymbolToken = {
+            ...token0,
+            tokenId: (0, web3_1.binToHex)((0, crypto_1.randomBytes)(32)),
+            symbol: 'LongSymbolToken'
+        };
+        expect(() => (0, serde_1.serializeTokenMetadata)([token0, longSymbolToken, token1])).toThrow('The token symbol is too long');
+    });
 });

package/dist/test/utils.d.ts

@@ -0,0 +1,17 @@
+import Transport from '@ledgerhq/hw-transport';
+export declare enum OutputType {
+    Base = 0,
+    Multisig = 1,
+    Token = 2,
+    BaseAndToken = 3,
+    MultisigAndToken = 4
+}
+export declare function staxFlexApproveOnce(): Promise<void>;
+export declare function approveTx(outputs: OutputType[], hasExternalInputs?: boolean): Promise<void>;
+export declare function approveHash(): Promise<void>;
+export declare function approveAddress(): Promise<void>;
+export declare function skipBlindSigningWarning(): void;
+export declare function enableBlindSigning(): Promise<void>;
+export declare function getRandomInt(min: number, max: number): number;
+export declare function needToAutoApprove(): boolean;
+export declare function createTransport(): Promise<Transport>;

package/dist/test/utils.js

@@ -0,0 +1,225 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createTransport = exports.needToAutoApprove = exports.getRandomInt = exports.enableBlindSigning = exports.skipBlindSigningWarning = exports.approveAddress = exports.approveHash = exports.approveTx = exports.staxFlexApproveOnce = exports.OutputType = void 0;
+const hw_transport_node_speculos_1 = __importDefault(require("@ledgerhq/hw-transport-node-speculos"));
+const node_fetch_1 = __importDefault(require("node-fetch"));
+const web3_1 = require("@alephium/web3");
+const hw_transport_node_hid_1 = __importDefault(require("@ledgerhq/hw-transport-node-hid"));
+async function pressButton(button) {
+    await (0, web3_1.sleep)(1000);
+    return (0, node_fetch_1.default)(`http://localhost:25000/button/${button}`, {
+        method: 'POST',
+        body: JSON.stringify({ action: 'press-and-release' })
+    });
+}
+async function clickAndApprove(times) {
+    for (let i = 0; i < times; i++) {
+        await pressButton('right');
+    }
+    await pressButton('both');
+}
+function getModel() {
+    const model = process.env.MODEL;
+    return model ? model : 'nanos';
+}
+var OutputType;
+(function (OutputType) {
+    OutputType[OutputType["Base"] = 0] = "Base";
+    OutputType[OutputType["Multisig"] = 1] = "Multisig";
+    OutputType[OutputType["Token"] = 2] = "Token";
+    OutputType[OutputType["BaseAndToken"] = 3] = "BaseAndToken";
+    OutputType[OutputType["MultisigAndToken"] = 4] = "MultisigAndToken";
+})(OutputType = exports.OutputType || (exports.OutputType = {}));
+const NanosClickTable = new Map([
+    [OutputType.Base, 5],
+    [OutputType.Multisig, 10],
+    [OutputType.Token, 11],
+    [OutputType.BaseAndToken, 12],
+    [OutputType.MultisigAndToken, 16],
+]);
+const NanospClickTable = new Map([
+    [OutputType.Base, 3],
+    [OutputType.Multisig, 5],
+    [OutputType.Token, 6],
+    [OutputType.BaseAndToken, 6],
+    [OutputType.MultisigAndToken, 8],
+]);
+const StaxClickTable = new Map([
+    [OutputType.Base, 2],
+    [OutputType.Multisig, 3],
+    [OutputType.Token, 3],
+    [OutputType.BaseAndToken, 3],
+    [OutputType.MultisigAndToken, 4],
+]);
+function getOutputClickSize(outputType) {
+    const model = getModel();
+    switch (model) {
+        case 'nanos': return NanosClickTable.get(outputType);
+        case 'nanosp':
+        case 'nanox': return NanospClickTable.get(outputType);
+        case 'stax':
+        case 'flex': return StaxClickTable.get(outputType);
+        default: throw new Error(`Unknown model ${model}`);
+    }
+}
+async function click(outputs, hasExternalInputs) {
+    await (0, web3_1.sleep)(1000);
+    if (hasExternalInputs) {
+        await clickAndApprove(1);
+    }
+    for (let index = 0; index < outputs.length; index += 1) {
+        await clickAndApprove(getOutputClickSize(outputs[index]));
+    }
+    await clickAndApprove(1); // fees
+}
+const STAX_CONTINUE_POSITION = { x: 342, y: 606 };
+const STAX_APPROVE_POSITION = { x: 200, y: 515 };
+const STAX_REJECT_POSITION = { x: 36, y: 606 };
+const STAX_SETTINGS_POSITION = { x: 342, y: 55 };
+const STAX_BLIND_SETTING_POSITION = { x: 342, y: 90 };
+const FLEX_CONTINUE_POSITION = { x: 430, y: 550 };
+const FLEX_APPROVE_POSITION = { x: 240, y: 435 };
+const FLEX_REJECT_POSITION = { x: 55, y: 530 };
+const FLEX_SETTINGS_POSITION = { x: 405, y: 75 };
+const FLEX_BLIND_SETTING_POSITION = { x: 405, y: 96 };
+async function touchPosition(pos) {
+    await (0, web3_1.sleep)(1000);
+    return (0, node_fetch_1.default)(`http://localhost:25000/finger`, {
+        method: 'POST',
+        body: JSON.stringify({ action: 'press-and-release', x: pos.x, y: pos.y })
+    });
+}
+async function _touch(times) {
+    const model = getModel();
+    const continuePos = model === 'stax' ? STAX_CONTINUE_POSITION : FLEX_CONTINUE_POSITION;
+    for (let i = 0; i < times; i += 1) {
+        await touchPosition(continuePos);
+    }
+    const approvePos = model === 'stax' ? STAX_APPROVE_POSITION : FLEX_APPROVE_POSITION;
+    await touchPosition(approvePos);
+}
+async function staxFlexApproveOnce() {
+    if (getModel() === 'stax') {
+        await touchPosition(STAX_APPROVE_POSITION);
+    }
+    else {
+        await touchPosition(FLEX_APPROVE_POSITION);
+    }
+}
+exports.staxFlexApproveOnce = staxFlexApproveOnce;
+async function touch(outputs, hasExternalInputs) {
+    await (0, web3_1.sleep)(1000);
+    if (hasExternalInputs) {
+        await staxFlexApproveOnce();
+    }
+    for (let index = 0; index < outputs.length; index += 1) {
+        await _touch(getOutputClickSize(outputs[index]));
+    }
+    await _touch(2); // fees
+}
+async function approveTx(outputs, hasExternalInputs = false) {
+    if (!needToAutoApprove())
+        return;
+    const isSelfTransfer = outputs.length === 0 && !hasExternalInputs;
+    if (isSelfTransfer) {
+        if (isStaxOrFlex()) {
+            await _touch(2);
+        }
+        else {
+            await clickAndApprove(2);
+        }
+        return;
+    }
+    if (isStaxOrFlex()) {
+        await touch(outputs, hasExternalInputs);
+    }
+    else {
+        await click(outputs, hasExternalInputs);
+    }
+}
+exports.approveTx = approveTx;
+async function approveHash() {
+    if (!needToAutoApprove())
+        return;
+    if (isStaxOrFlex()) {
+        return await _touch(3);
+    }
+    if (getModel() === 'nanos') {
+        await clickAndApprove(5);
+    }
+    else {
+        await clickAndApprove(3);
+    }
+}
+exports.approveHash = approveHash;
+async function approveAddress() {
+    if (!needToAutoApprove())
+        return;
+    if (isStaxOrFlex()) {
+        return await _touch(2);
+    }
+    if (getModel() === 'nanos') {
+        await clickAndApprove(4);
+    }
+    else {
+        await clickAndApprove(2);
+    }
+}
+exports.approveAddress = approveAddress;
+function isStaxOrFlex() {
+    return !getModel().startsWith('nano');
+}
+function skipBlindSigningWarning() {
+    if (!needToAutoApprove())
+        return;
+    if (isStaxOrFlex()) {
+        const rejectPos = getModel() === 'stax' ? STAX_REJECT_POSITION : FLEX_REJECT_POSITION;
+        touchPosition(rejectPos);
+    }
+    else {
+        clickAndApprove(3);
+    }
+}
+exports.skipBlindSigningWarning = skipBlindSigningWarning;
+async function enableBlindSigning() {
+    if (!needToAutoApprove())
+        return;
+    if (isStaxOrFlex()) {
+        const model = getModel();
+        const settingsPos = model === 'stax' ? STAX_SETTINGS_POSITION : FLEX_SETTINGS_POSITION;
+        const blindSettingPos = model === 'stax' ? STAX_BLIND_SETTING_POSITION : FLEX_BLIND_SETTING_POSITION;
+        await touchPosition(settingsPos);
+        await touchPosition(blindSettingPos);
+        await touchPosition(settingsPos);
+    }
+    else {
+        await clickAndApprove(2);
+    }
+}
+exports.enableBlindSigning = enableBlindSigning;
+function getRandomInt(min, max) {
+    min = Math.ceil(min);
+    max = Math.floor(max);
+    return Math.floor(Math.random() * (max - min) + min); // The maximum is exclusive and the minimum is inclusive
+}
+exports.getRandomInt = getRandomInt;
+function needToAutoApprove() {
+    switch (process.env.BACKEND) {
+        case "speculos": return true;
+        case "device": return false;
+        default: throw new Error(`Invalid backend: ${process.env.BACKEND}`);
+    }
+}
+exports.needToAutoApprove = needToAutoApprove;
+const ApduPort = 9999;
+async function createTransport() {
+    switch (process.env.BACKEND) {
+        case "speculos": return hw_transport_node_speculos_1.default.open({ apduPort: ApduPort });
+        case "device": return hw_transport_node_hid_1.default.open('');
+        default: throw new Error(`Invalid backend: ${process.env.BACKEND}`);
+    }
+}
+exports.createTransport = createTransport;