@alephium/ledger-app 0.5.1 → 0.6.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@alephium/ledger-app",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "license": "GPL",
   "types": "dist/src/index.d.ts",
   "exports": {
@@ -12,6 +12,7 @@
     "clean:windows": "node -e \"if (process.platform === 'win32') process.exit(1)\" || , if exist dist rmdir /Q /S dist",
     "lint": "eslint . --ext ts",
     "lint:fix": "eslint . --fix --ext ts",
+    "test": "BACKEND=speculos jest -i --config ./jest-config.json",
     "speculos-test": "BACKEND=speculos jest -i --config ./jest-config.json",
     "device-test": "BACKEND=device jest -i --config ./jest-config.json",
     "pub": "npm run build && npm publish --access public"
@@ -26,13 +27,14 @@
     "trailingComma": "none"
   },
   "dependencies": {
-    "@alephium/web3": "^1.2.0",
-    "@ledgerhq/hw-transport": "6.31.0"
+    "@alephium/web3": "^1.5.0",
+    "@ledgerhq/hw-transport": "6.31.0",
+    "blakejs": "^1.2.1"
   },
   "devDependencies": {
-    "@alephium/web3-test": "^1.2.0",
-    "@alephium/web3-wallet": "^1.2.0",
-    "@alephium/cli": "^1.2.0",
+    "@alephium/cli": "^1.5.0",
+    "@alephium/web3-test": "^1.5.0",
+    "@alephium/web3-wallet": "^1.5.0",
     "@ledgerhq/hw-transport-node-hid": "6.29.1",
     "@ledgerhq/hw-transport-node-speculos": "6.29.0",
     "@types/elliptic": "^6.4.13",

package/src/index.ts

@@ -1,2 +1,2 @@
 export * from './types'
-export * from './ledger-app'
+export * from './ledger-app'

package/src/ledger-app.ts

@@ -1,8 +1,10 @@
-import { Account, KeyType, addressFromPublicKey, encodeHexSignature, groupOfAddress } from '@alephium/web3'
+import { Account, KeyType, addressFromPublicKey, binToHex, codec, encodeHexSignature, groupOfAddress } from '@alephium/web3'
 import Transport, { StatusCodes } from '@ledgerhq/hw-transport'
 import * as serde from './serde'
 import { ec as EC } from 'elliptic'
-import { TokenMetadata } from './types'
+import { MAX_TOKEN_SIZE, MAX_TOKEN_SYMBOL_LENGTH, TokenMetadata } from './types'
+import { encodeTokenMetadata, encodeUnsignedTx } from './tx-encoder'
+import { merkleTokens } from './merkle'
 
 const ec = new EC('secp256k1')
 
@@ -17,10 +19,7 @@ export enum INS {
 export const GROUP_NUM = 4
 export const HASH_LEN = 32
 
-// The maximum payload size is 255: https://github.com/LedgerHQ/ledger-live/blob/develop/libs/ledgerjs/packages/hw-transport/src/Transport.ts#L261
-const MAX_PAYLOAD_SIZE = 255
-
-export default class AlephiumApp {
+export class AlephiumApp {
   readonly transport: Transport
 
   constructor(transport: Transport) {
@@ -71,34 +70,43 @@ export default class AlephiumApp {
     return decodeSignature(response)
   }
 
-  async signUnsignedTx(
-    path: string,
-    unsignedTx: Buffer,
-    tokenMetadata: TokenMetadata[] = []
-  ): Promise<string> {
+  async signUnsignedTx(path: string, unsignedTx: Buffer): Promise<string> {
     console.log(`unsigned tx size: ${unsignedTx.length}`)
-    const encodedPath = serde.serializePath(path)
-    const encodedTokenMetadata = serde.serializeTokenMetadata(tokenMetadata)
-    const firstFrameTxLength = MAX_PAYLOAD_SIZE - 20 - encodedTokenMetadata.length;
-    const txData = unsignedTx.slice(0, unsignedTx.length > firstFrameTxLength ? firstFrameTxLength : unsignedTx.length)
-    const data = Buffer.concat([encodedPath, encodedTokenMetadata, txData])
-    let response = await this.transport.send(CLA, INS.SIGN_TX, 0x00, 0x00, data, [StatusCodes.OK])
-    if (unsignedTx.length <= firstFrameTxLength) {
-      return decodeSignature(response)
+    const tokenMetadata = getTokenMetadata(unsignedTx)
+    serde.checkTokenMetadata(tokenMetadata)
+    const tokenMetadataFrames = encodeTokenMetadata(tokenMetadata)
+    const txFrames = encodeUnsignedTx(path, unsignedTx)
+    const allFrames = [...tokenMetadataFrames, ...txFrames]
+
+    let response: Buffer | undefined = undefined
+    for (const frame of allFrames) {
+      response = await this.transport.send(CLA, INS.SIGN_TX, frame.p1, frame.p2, frame.data, [StatusCodes.OK])
     }
+    return decodeSignature(response!)
+  }
+}
 
-    const frameLength = MAX_PAYLOAD_SIZE
-    let fromIndex = firstFrameTxLength
-    while (fromIndex < unsignedTx.length) {
-      const remain = unsignedTx.length - fromIndex
-      const toIndex = remain > frameLength ? (fromIndex + frameLength) : unsignedTx.length
-      const data = unsignedTx.slice(fromIndex, toIndex)
-      response = await this.transport.send(CLA, INS.SIGN_TX, 0x01, 0x00, data, [StatusCodes.OK])
-      fromIndex = toIndex
-    }
+function getTokenMetadata(unsignedTx: Buffer): TokenMetadata[] {
+  const result: TokenMetadata[] = []
+  const outputs = codec.unsignedTxCodec.decode(unsignedTx).fixedOutputs
+  outputs.forEach((output) => {
+    output.tokens.forEach((t) => {
+      const tokenIdHex = binToHex(t.tokenId)
+      if (result.find((t) => isTokenIdEqual(t.tokenId, tokenIdHex)) !== undefined) {
+        return
+      }
+      const metadata = merkleTokens.find((t) => isTokenIdEqual(t.tokenId, tokenIdHex))
+      if (metadata !== undefined && metadata.symbol.length <= MAX_TOKEN_SYMBOL_LENGTH) {
+        result.push(metadata)
+      }
+    })
+  })
+  const size = Math.min(result.length, MAX_TOKEN_SIZE)
+  return result.slice(0, size)
+}
 
-    return decodeSignature(response)
-  }
+function isTokenIdEqual(a: string, b: string): boolean {
+  return a.toLowerCase() === b.toLowerCase()
 }
 
 function decodeSignature(response: Buffer): string {
@@ -109,4 +117,4 @@ function decodeSignature(response: Buffer): string {
   const s = response.slice(6 + rLen, 6 + rLen + sLen)
   console.log(`${rLen} - ${r.toString('hex')}\n${sLen} - ${s.toString('hex')}`)
   return encodeHexSignature(r.toString('hex'), s.toString('hex'))
-}
+}

package/src/merkle.ts

@@ -0,0 +1,63 @@
+import { binToHex, hexToBinUnsafe } from '@alephium/web3'
+import mainnetTokenListJson from '../merkle-tree/token.json'
+import proofsJson from '../merkle-tree/proofs.json'
+import { serializeSingleTokenMetadata } from './serde'
+import { TokenMetadata } from './types'
+import { blake2b } from 'blakejs'
+
+export const merkleTokens: TokenMetadata[] = mainnetTokenListJson.tokens.map((token) => {
+  return {
+    version: 0,
+    tokenId: token.id,
+    symbol: token.symbol,
+    decimals: token.decimals
+  }
+})
+
+export function hashPair(a: Uint8Array, b: Uint8Array): Uint8Array {
+  return blake2b(Buffer.concat([a, b].sort(Buffer.compare)), undefined, 32)
+}
+
+function generateMerkleTree(tokens: TokenMetadata[]): Uint8Array[][] {
+  let level: Uint8Array[] = tokens.map((token) => blake2b(serializeSingleTokenMetadata(token), undefined, 32))
+
+  const tree: Uint8Array[][] = []
+  while (level.length > 1) {
+    tree.push(level)
+    level = level.reduce<Uint8Array[]>((acc, _, i, arr) => {
+      if (i % 2 === 0) {
+        acc.push(i + 1 < arr.length ? hashPair(arr[i], arr[i + 1]) : arr[i])
+      }
+      return acc
+    }, [])
+  }
+  tree.push(level) // Root
+
+  return tree
+}
+
+export function generateProofs(): { proofs: Record<string, string>; root: string } {
+  const tree = generateMerkleTree(merkleTokens)
+  const proofs = merkleTokens.reduce<Record<string, string>>((acc, token, tokenIndex) => {
+    const proof = tree.slice(0, -1).reduce<Uint8Array[]>((proofAcc, level, levelIndex) => {
+      const index = Math.floor(tokenIndex / 2 ** levelIndex)
+      const pairIndex = index % 2 === 0 ? index + 1 : index - 1
+      const siblingOrUncle = level[pairIndex]
+
+      if (siblingOrUncle) {
+        proofAcc.push(siblingOrUncle)
+      }
+
+      return proofAcc
+    }, [])
+
+    acc[token.tokenId] = proof.map((hash) => binToHex(hash)).join('')
+    return acc
+  }, {})
+
+  console.log('root', tree[tree.length - 1].map((hash) => binToHex(hash)).join(''))
+  return { proofs, root: binToHex(tree[tree.length - 1][0]) }
+}
+
+export const tokenMerkleRoot = hexToBinUnsafe('b3380866c595544781e9da0ccd79399de8878abfb0bf40545b57a287387d419d')
+export const tokenMerkleProofs = proofsJson as Record<string, string>

package/src/serde.ts

@@ -1,5 +1,5 @@
-import { isHexString } from "@alephium/web3"
-import { MAX_TOKEN_SIZE, MAX_TOKEN_SYMBOL_LENGTH, TOKEN_METADATA_SIZE, TokenMetadata } from "./types"
+import { isHexString } from '@alephium/web3'
+import { MAX_TOKEN_SIZE, MAX_TOKEN_SYMBOL_LENGTH, TOKEN_METADATA_SIZE, TokenMetadata } from './types'
 
 export const TRUE = 0x10
 export const FALSE = 0x00
@@ -40,7 +40,7 @@ function symbolToBytes(symbol: string): Buffer {
   return buffer
 }
 
-function check(tokens: TokenMetadata[]) {
+export function checkTokenMetadata(tokens: TokenMetadata[]) {
   const hasDuplicate = tokens.some((token, index) => index !== tokens.findIndex((t) => t.tokenId === token.tokenId))
   if (hasDuplicate) {
     throw new Error(`There are duplicate tokens`)
@@ -60,21 +60,22 @@ function check(tokens: TokenMetadata[]) {
   }
 }
 
+export function serializeSingleTokenMetadata(metadata: TokenMetadata): Buffer {
+  const symbolBytes = symbolToBytes(metadata.symbol)
+  const buffer = Buffer.concat([
+    Buffer.from([metadata.version]),
+    Buffer.from(metadata.tokenId, 'hex'),
+    symbolBytes,
+    Buffer.from([metadata.decimals]),
+  ])
+  if (buffer.length !== TOKEN_METADATA_SIZE) {
+    throw new Error(`Invalid token metadata: ${metadata}`)
+  }
+  return buffer
+}
+
 export function serializeTokenMetadata(tokens: TokenMetadata[]): Buffer {
-  check(tokens)
-  const array = tokens
-    .map((metadata) => {
-      const symbolBytes = symbolToBytes(metadata.symbol)
-      const buffer = Buffer.concat([
-        Buffer.from([metadata.version]),
-        Buffer.from(metadata.tokenId, 'hex'),
-        symbolBytes,
-        Buffer.from([metadata.decimals])
-      ])
-      if (buffer.length !== TOKEN_METADATA_SIZE) {
-        throw new Error(`Invalid token metadata: ${metadata}`)
-      }
-      return buffer
-    })
+  checkTokenMetadata(tokens)
+  const array = tokens.map((metadata) => serializeSingleTokenMetadata(metadata))
   return Buffer.concat([Buffer.from([array.length]), ...array])
 }

package/src/tx-encoder.ts

@@ -0,0 +1,90 @@
+import { tokenMerkleProofs } from "./merkle"
+import { checkTokenMetadata, serializePath, serializeSingleTokenMetadata } from "./serde"
+import { MAX_PAYLOAD_SIZE, TokenMetadata } from "./types"
+
+export interface Frame {
+  p1: number
+  p2: number
+  data: Buffer
+}
+
+export function encodeTokenMetadata(tokenMetadata: TokenMetadata[]): Frame[] {
+  const frames = tokenMetadata.flatMap((metadata, index) => {
+    const isFirstToken = index === 0
+    const firstFramePrefix = isFirstToken ? Buffer.from([tokenMetadata.length]) : Buffer.alloc(0)
+    const buffers = encodeTokenAndProof(metadata, firstFramePrefix)
+    if (buffers.length === 0) return []
+
+    assert(buffers.every((buffer) => buffer.length <= MAX_PAYLOAD_SIZE), 'Invalid token frame size')
+    const frames: Frame[] = []
+    const firstFrameP2 = isFirstToken ? 0 : 1
+    frames.push({ p1: 0, p2: firstFrameP2, data: buffers[0] })
+    buffers.slice(1).forEach((data) => frames.push({ p1: 0, p2: 2, data }))
+    return frames
+  })
+  if (frames.length === 0) {
+    return [{ p1: 0, p2: 0, data: Buffer.from([0]) }]
+  } else {
+    return frames
+  }
+}
+
+function encodeTokenAndProof(
+  tokenMetadata: TokenMetadata,
+  firstFramePrefix: Buffer
+): Buffer[] {
+  const proof = tokenMerkleProofs[tokenMetadata.tokenId]
+  if (proof === undefined) return []
+  const proofBytes = Buffer.from(proof, 'hex')
+  const encodedProofLength = encodeProofLength(proofBytes.length)
+  const encodedTokenMetadata = serializeSingleTokenMetadata(tokenMetadata)
+
+  const firstFrameRemainSize =
+    MAX_PAYLOAD_SIZE - encodedTokenMetadata.length - encodedProofLength.length - firstFramePrefix.length
+  const firstFrameProofSize = Math.floor(firstFrameRemainSize / 32) * 32
+  if (firstFrameProofSize >= proofBytes.length) {
+    return [Buffer.concat([firstFramePrefix, encodedTokenMetadata, encodedProofLength, proofBytes])]
+  }
+
+  const firstFrameProof = proofBytes.slice(0, firstFrameProofSize)
+  const result: Buffer[] = [Buffer.concat([firstFramePrefix, encodedTokenMetadata, encodedProofLength, firstFrameProof])]
+  let from_index = firstFrameProofSize
+  while (from_index < proofBytes.length) {
+    const remainProofLength = proofBytes.length - from_index
+    const frameProofSize = Math.min(Math.floor(MAX_PAYLOAD_SIZE / 32) * 32, remainProofLength)
+    const frameProof = proofBytes.slice(from_index, from_index + frameProofSize)
+    from_index += frameProofSize
+    result.push(frameProof)
+  }
+  return result
+}
+
+export function encodeProofLength(length: number): Uint8Array {
+  assert((length % 32 === 0) && (length > 0 && length < 0xffff), 'Invalid token proof size')
+  const buffer = Buffer.alloc(2);
+  buffer.writeUint16BE(length);
+  return buffer;
+}
+
+export function encodeUnsignedTx(path: string, unsignedTx: Buffer): Frame[] {
+  const encodedPath = serializePath(path)
+  const firstFrameTxLength = MAX_PAYLOAD_SIZE - 20;
+  if (firstFrameTxLength >= unsignedTx.length) {
+    return [{ p1: 1, p2: 0, data: Buffer.concat([encodedPath, unsignedTx]) }]
+  }
+
+  const firstFrameTxData = unsignedTx.slice(0, firstFrameTxLength)
+  const frames: Frame[] = [{ p1: 1, p2: 0, data: Buffer.concat([encodedPath, firstFrameTxData]) }]
+  let fromIndex = firstFrameTxLength
+  while (fromIndex < unsignedTx.length) {
+    const remain = unsignedTx.length - fromIndex
+    const frameTxLength = Math.min(MAX_PAYLOAD_SIZE, remain)
+    frames.push({ p1: 1, p2: 1, data: unsignedTx.slice(fromIndex, fromIndex + frameTxLength) })
+    fromIndex += frameTxLength
+  }
+  return frames
+}
+
+export function assert(condition: boolean, msg: string) {
+  if (!condition) throw Error(msg)
+}

package/src/types.ts

@@ -1,10 +1,12 @@
 export const MAX_TOKEN_SIZE = 5
 export const MAX_TOKEN_SYMBOL_LENGTH = 12
 export const TOKEN_METADATA_SIZE = 46
+// The maximum payload size is 255: https://github.com/LedgerHQ/ledger-live/blob/develop/libs/ledgerjs/packages/hw-transport/src/Transport.ts#L261
+export const MAX_PAYLOAD_SIZE = 255
 
 export interface TokenMetadata {
   version: number,
   tokenId: string,
   symbol: string,
   decimals: number
-}
+}

package/test/merkle.test.ts

@@ -0,0 +1,20 @@
+import { hashPair, merkleTokens, tokenMerkleProofs, tokenMerkleRoot } from '../src/merkle'
+import { serializeSingleTokenMetadata } from '../src/serde'
+import { blake2b } from 'blakejs'
+import { binToHex } from '@alephium/web3'
+
+describe('Merkle', () => {
+  it('should verify proofs', () => {
+    for (const token of merkleTokens) {
+      const proof = tokenMerkleProofs[token.tokenId]
+
+      let currentHash = blake2b(serializeSingleTokenMetadata(token), undefined, 32)
+      for (let i = 0; i < proof.length; i += 64) {
+        const sibling = proof.slice(i, i + 64)
+        currentHash = hashPair(currentHash, Buffer.from(sibling, 'hex'))
+      }
+
+      expect(JSON.stringify(currentHash)).toBe(JSON.stringify(tokenMerkleRoot))
+    }
+  })
+})

package/test/tx-encoder.test.ts

@@ -0,0 +1,80 @@
+import { merkleTokens, tokenMerkleProofs } from '../src/merkle'
+import { assert, encodeProofLength, encodeTokenMetadata, encodeUnsignedTx } from '../src/tx-encoder'
+import { MAX_PAYLOAD_SIZE, MAX_TOKEN_SIZE, TOKEN_METADATA_SIZE } from '../src'
+import { serializePath, serializeSingleTokenMetadata } from '../src/serde';
+import { randomBytes } from 'crypto';
+
+describe('TxEncoder', () => {
+
+  function shuffle<T>(array: T[]): T[] {
+    for (let i = array.length - 1; i > 0; i--) {
+      const j = Math.floor(Math.random() * (i + 1));
+      [array[i], array[j]] = [array[j], array[i]]
+    }
+    return array
+  }
+
+  function getFrameSize(proofLength: number): number {
+    if (proofLength <= 192) return 1
+    if (proofLength <= 416) return 2
+    if (proofLength <= 640) return 3
+    throw Error(`Invalid proof length: ${proofLength}`)
+  }
+
+  it('should encode token metadata and proof', () => {
+    const frames0 = encodeTokenMetadata([])
+    expect(frames0).toEqual([{ p1: 0, p2: 0, data: Buffer.from([0]) }])
+
+    const tokenSize = Math.floor(Math.random() * MAX_TOKEN_SIZE) + 1
+    assert(tokenSize >= 1 && tokenSize <= 5, 'Invalid token size')
+    const tokens = shuffle(Object.entries(tokenMerkleProofs))
+    const selectedTokens = tokens.slice(0, tokenSize)
+    const tokenMetadatas = selectedTokens.map(([tokenId]) => merkleTokens.find((t) => t.tokenId === tokenId)!)
+    const frames = encodeTokenMetadata(tokenMetadatas)
+    const tokenAndProofs = Buffer.concat(frames.map((frame, index) => index === 0 ? frame.data.slice(1) : frame.data))
+
+    const expected = Buffer.concat(tokenMetadatas.map((metadata, index) => {
+      const proof = Buffer.from(selectedTokens[index][1], 'hex')
+      const encodedProofLength = encodeProofLength(proof.length)
+      const encodedTokenMetadata = serializeSingleTokenMetadata(metadata)
+      return Buffer.concat([encodedTokenMetadata, encodedProofLength, proof])
+    }))
+
+    expect(tokenAndProofs).toEqual(expected)
+
+    let frameIndex = 0
+    tokenMetadatas.forEach((_, index) => {
+      const proof = Buffer.from(selectedTokens[index][1], 'hex')
+      const isFirstToken = index === 0
+      const prefixLength = isFirstToken ? 1 + TOKEN_METADATA_SIZE + 2 : TOKEN_METADATA_SIZE + 2
+      const tokenFrames = frames.slice(frameIndex, frameIndex + getFrameSize(proof.length))
+      const firstFrameP2 = isFirstToken ? 0 : 1
+      expect(tokenFrames[0].p1).toEqual(0)
+      expect(tokenFrames[0].p2).toEqual(firstFrameP2)
+      tokenFrames.slice(1).forEach((frame) => {
+        expect(frame.p1).toEqual(0)
+        expect(frame.p2).toEqual(2)
+      })
+
+      const expectedProof = Buffer.concat([tokenFrames[0].data.slice(prefixLength), ...tokenFrames.slice(1).map((f) => f.data)])
+      expect(proof).toEqual(expectedProof)
+
+      frameIndex += tokenFrames.length
+    })
+  })
+
+  it('should encode tx', () => {
+    const path = `m/44'/1234'/0'/0/0`
+    const encodedPath = serializePath(path)
+    const unsignedTx0 = randomBytes(200)
+    const frames0 = encodeUnsignedTx(path, unsignedTx0)
+    expect(frames0).toEqual([{ p1: 1, p2: 0, data: Buffer.concat([encodedPath, unsignedTx0]) }])
+
+    const unsignedTx1 = randomBytes(250)
+    const frames1 = encodeUnsignedTx(path, unsignedTx1)
+    expect(frames1).toEqual([
+      { p1: 1, p2: 0, data: Buffer.concat([encodedPath, unsignedTx1.slice(0, MAX_PAYLOAD_SIZE - 20)]) },
+      { p1: 1, p2: 1, data: unsignedTx1.slice( MAX_PAYLOAD_SIZE - 20) },
+    ])
+  })
+})

package/test/utils.ts

@@ -27,6 +27,8 @@ function getModel(): string {
 export enum OutputType {
   Base,
   Multisig,
+  Nanos10,
+  Nanos11,
   Token,
   BaseAndToken,
   MultisigAndToken
@@ -35,6 +37,8 @@ export enum OutputType {
 const NanosClickTable = new Map([
   [OutputType.Base, 5],
   [OutputType.Multisig, 10],
+  [OutputType.Nanos10, 10],
+  [OutputType.Nanos11, 11],
   [OutputType.Token, 11],
   [OutputType.BaseAndToken, 12],
   [OutputType.MultisigAndToken, 16],
@@ -139,6 +143,7 @@ async function touch(outputs: OutputType[], hasExternalInputs: boolean) {
 
 export async function approveTx(outputs: OutputType[], hasExternalInputs: boolean = false) {
   if (!needToAutoApprove()) return
+  await sleep(2000)
   const isSelfTransfer = outputs.length === 0 && !hasExternalInputs
   if (isSelfTransfer) {
     if (isStaxOrFlex()) {
@@ -184,6 +189,10 @@ function isStaxOrFlex(): boolean {
   return !getModel().startsWith('nano')
 }
 
+export function isNanos(): boolean {
+  return getModel() === 'nanos'
+}
+
 export function skipBlindSigningWarning() {
   if (!needToAutoApprove()) return
   if (isStaxOrFlex()) {