Skip to content

speculos

Install from the command line:
Learn more
$ docker pull ghcr.io/ledgerhq/speculos:sha-c0311ae

Recent tagged image versions

  • Published 3 days ago · Digest
    sha256:199a6535d5a3eba31ec9f9a4edeca1a170c6e8e9d74827edddb5258c40cc770c
    34
  • Published 11 days ago · Digest
    sha256:fa7af90041ca27ba7c5c30b22871725bda912cb36e55b84b9a3f9a21064c9a0b
    201
  • Published about 1 month ago · Digest
    sha256:8d6d8382a34f9a0618919ec2179c3096cb41ab2b4ab4ea464e5ab0cbd3054c75
    801
  • Published about 1 month ago · Digest
    sha256:74adf25eb9bc0825ea3162fb7e69f523083247941034bfc20620560245d3b9bf
    62
  • Published about 2 months ago · Digest
    sha256:c89e50795af3bb07127959d0d3e35917f0f04259dd0bb5b2c6850996366c04af
    264

Speculos

codecov lgtm

screenshot btc nano s

The goal of this project is to emulate Ledger Nano S, Nano X and Blue apps on standard desktop computers, without any hardware device. More information can be found here in the documentation website (or in the docs/ folder directly).

Usage example:

./speculos.py apps/btc.elf
# ... and open a browser on http://127.0.0.1:5000

Bugs and contributions

Feel free to open issues and create pull requests on this GitHub repository.

The master branch is protected to disable force pushing. Contributions should be made through pull requests, which are reviewed by @LedgerHQ members before being merged to master:

  • @LedgerHQ members can create branches directly on the repository (if member of a team with write access to the repository)
  • External contributors should fork the repository

Limitations

The emulator handles only a few syscalls made by common apps; for instance, syscalls related to app install, firmware update or OS info can't be implemented.

There is absolutely no guarantee that apps will have the same behavior on hardware devices and Speculos:

  • Invalid syscall parameters might throw an exception on a real device while being ignored on Speculos.
  • Attempts to perform unaligned accesses when not allowed (eg. dereferencing a misaligned pointer) will cause an alignment fault on a hardware device.

Security

Apps can make arbitrary Linux system calls (and use QEMU semihosting features), thus don't run Speculos on untrusted apps.

It's worth noting that the syscall implementation (src/) doesn't expect malicious input. By the way, in Speculos, there is no privilege separation between the app and the syscalls. This doesn't reflect the security of the firmware on hardware devices where app and OS isolation is enforced.

Speculos is not part of Ledger bug bounty program.

Details


Last published

3 days ago

Issues

17

Total downloads

2.24K


Collaborators 5