Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.
Sign up[for review] TREZOR: initial integration proposal #4241
Conversation
This comment has been minimized.
This comment has been minimized.
I will refactor linking dependencies in |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
from
6133a77
to
8fb0aff
Aug 10, 2018
This comment has been minimized.
This comment has been minimized.
ok I have it fixed, will commit soon |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
2 times, most recently
from
b46ed48
to
60bf1d3
Aug 12, 2018
ph4r05
changed the title
[DO NOT MERGE] TREZOR: initial integration proposal
[for review] TREZOR: initial integration proposal
Aug 13, 2018
This comment has been minimized.
This comment has been minimized.
That's a huge amount of stuff, it'd be nice to start by PRing self contained building blocks like the poly1305 code first. |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
from
60bf1d3
to
c32eedd
Aug 14, 2018
This comment has been minimized.
This comment has been minimized.
@moneromooo-monero thanks for the reply. So far I can see only 3 basic building blocks, logically separable to separate PRs:
This PR may seem large but the vast majority of the PR are generated protobuf messages in There are also some small additions to wallet2, simplewallet, account etc. mainly adding support for another device (TREZOR) and few minor things, such as cold signing protocol. These are IMO good to keep in the same PR as the JSON library - this PR was meant as a prototype to align some expectations, not for direct merge. Thus I used a single-file header-only JSON library which is very easy to work with (rapidjson is a bit more complicated). The one I used is also used in the general TREZOR C++ client library. But to make it clearer now I refactored the PR to use rapidjson. So 3 separate PR (keccak, chacha, poly1305) and then this one? Thanks! |
This comment has been minimized.
This comment has been minimized.
A bit subjective, but my own opinion is that a good split is one first PR with the chacha/keccak/poly1305, either one or three commits. |
This comment has been minimized.
This comment has been minimized.
Also, we depend on libsodium nowadays, so maybe poly1305 can be used from there ? |
This comment has been minimized.
This comment has been minimized.
I will check what I can use from libsodium. Thanks |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
from
c32eedd
to
7e0b70a
Aug 14, 2018
This comment has been minimized.
This comment has been minimized.
OK I've removed incremental chacha API and poly1305 as I can use libsodium |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
from
7e0b70a
to
d5a0fe9
Aug 14, 2018
This comment has been minimized.
This comment has been minimized.
Incremental Keccak was added also separately. I will remove it from this commit after 4259 gets merged. |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
9 times, most recently
from
7d76441
to
2aa2af2
Aug 16, 2018
ph4r05
force-pushed the
ph4r05:master-trezor
branch
4 times, most recently
from
0898c05
to
e0680f7
Aug 23, 2018
This comment has been minimized.
This comment has been minimized.
Part of this PR separated to a new one: |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
2 times, most recently
from
6db1a21
to
8417c37
Oct 30, 2018
This comment has been minimized.
This comment has been minimized.
Soo I think this PR is more or less complete, I wouldn't add more features to this one. |
This comment has been minimized.
This comment has been minimized.
prusnak
commented
Oct 31, 2018
I confirm that commit 8417c37 works perfectly (both receiving and sending). |
moneromooo-monero
reviewed
Oct 31, 2018
src/simplewallet/simplewallet.cpp Outdated
src/simplewallet/simplewallet.cpp Outdated
This comment has been minimized.
This comment has been minimized.
mariodian
commented
Oct 31, 2018
Is there any quick tutorial on how to test it? Simply connecting Trezor and |
This comment has been minimized.
This comment has been minimized.
I've added a simple tutorial to the PR description. |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
from
8417c37
to
016cd25
Oct 31, 2018
This comment has been minimized.
This comment has been minimized.
The commit message seems to have some long history of all wip commits, is that intended ? Also, that's where any tutorial should be, since it'll be in git. Nobody will find the PR on github when that gets merged. |
This comment has been minimized.
This comment has been minimized.
I keep it here to keep track of squashed commits. I can remove it after we are done with the review if that is OK for you. |
This comment has been minimized.
This comment has been minimized.
mariodian
commented
Nov 1, 2018
Thanks! Sorry I somehow overlooked it and was looking all over your repos. |
This comment has been minimized.
This comment has been minimized.
mariodian
commented
Nov 1, 2018
Doesn't work for me. I've installed the latest trezor bridge (2.0.24) from https://beta-wallet.trezor.io/#/bridge and unlocked the Trezor, but when I ran
Am I missing something? I'm using the original Trezor cable which works with the web wallet with no issues. |
This comment has been minimized.
This comment has been minimized.
It seems the Trezor support is not built by the log. When building the Monero you have to have the following lines in the cmake log
If it is not the case, please provide the build log. There could be some missing dependency. Make sure the all submodules are up to date
And install the python3 and
|
This comment has been minimized.
This comment has been minimized.
mariodian
commented
Nov 1, 2018
@ph4r05 thanks! Installing protobuf worked. Btw I was compiling on MacOS so the command was |
This comment has been minimized.
This comment has been minimized.
mariodian
commented
Nov 1, 2018
Is it a bug that Trezor passphrase can only be typed on the device not the host or is it not implemented yet? |
This comment has been minimized.
This comment has been minimized.
In the first PR the passphrase can be entered only on the Trezor. In the following PRs this will be addressed. |
moneromooo-monero
approved these changes
Nov 1, 2018
ph4r05
force-pushed the
ph4r05:master-trezor
branch
from
016cd25
to
c1df8cc
Nov 1, 2018
This comment has been minimized.
This comment has been minimized.
@moneromooo-monero big kudos for the review! I've just changed the commit message so it does not contain long history of WIP commit messages. |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
from
c1df8cc
to
0aec5cf
Nov 2, 2018
This comment has been minimized.
This comment has been minimized.
Rebased |
ph4r05
force-pushed the
ph4r05:master-trezor
branch
from
0aec5cf
to
29ffb6b
Nov 2, 2018
fluffypony
approved these changes
Nov 4, 2018
Reviewed |
fluffypony
merged commit 29ffb6b
into
monero-project:master
Nov 4, 2018
6 of 10 checks passed
added a commit
that referenced
this pull request
Nov 4, 2018
This comment has been minimized.
This comment has been minimized.
Wow, thanks @fluffypony @moneromooo-monero for the review & merge! I am now preparing another PR which will add integration tests & GUI support. |
This comment has been minimized.
This comment has been minimized.
Update regarding the firmware v2.0.9 added to the PR description. |
ph4r05 commentedAug 10, 2018
•
edited
Hi,
in this PR I would love to discuss current TREZOR integration approach in the similar manner Ledger did.
As TREZOR has some differences from Ledger we took a bit different approach when designing the protocols. The main idea is the
monero-wallet-cli <-> Trezor
communication is similar to thehot-wallet <-> cold wallet
communication.I believe that by choosing a bit more high-level approach in the protocol design we could easily add more advanced features, such as multisigs later during development. I also see security analysis of the protocol simpler as there are only a few well-defined roundtrips and in case of transaction signing. The transaction is incrementally built by Trezor completely. Moreover, the design is not new as the cold wallet features are already implemented in the code thus we can reuse existing features and design.
I tried to document transaction signing protocol on the following link.
https://github.com/ph4r05/monero-trezor-doc
Trezor has already PR merged implementing the Trezor side of the protocol:
trezor/trezor-core#293
Original integration approach was to have a python wallet that mimics
monero-wallet-cli
interface which is implemented here: https://github.com/ph4r05/monero-agentThe
monero-agent
startsmonero-wallet-rpc
under the hood and uses it as awatch-only
component for building transaction construction data.However, it would be quite nice to increase users comfort of the original
monero-wallet-cli
by integrating TREZOR with monero code directly.If you would like to test the code with Trezor emulator I can post more detailed information.
Thanks for feedback!
Updates
Compilation
The Trezor support requires python3 and protobuf library to compile. If all requirements are met the cmake log will contain:
If it is not the case, there could be some missing dependency.
If you are having an issue building the Trezor support make sure the all submodules are up to date
And install the python3 and protobuf dependencies:
Usage info
Wallet restore
The first step is to create a wallet file using the device (restore).
On the first start, the
monero-wallet-cli
asks you to export a view-only key from the Trezor to the wallet key file. After this step, the monero wallet can perform the blockchain scanning effectively. (Note: in this version, we did not implement view key scanning on the device as it is slow and and bit impractical).It is preferable to use
--restore-height
option to speed up the sync process.Key images sync (restore used wallet)
If you are recovering wallet that spent some inputs already you also need to perform key image sync. Trezor implements cold wallet signing protocol thus the same logic applies here as if you were using cold wallet on an offline host. Monero wallet does not have the spend-key so it cannot compute key images and discover whether you spent the incoming funds or not. Thus if you are getting double spend errors you need to perform key image sync.
Key image sync is performed with a command
hw_key_images_sync
from the wallet console. You need to confirm this action on the host. It may take a while.Using existing restored wallet file
In order to use the wallet restored from the device you can use:
If there is any problem take a look at the log file for more detailed information and a problem cause.
The integration can be tested both with the Trezor emulator and real Trezor T device for which you need to install the Trezor Bridge. Just follow the instructions on https://trezor.io/start/
Troubleshooting
Logging
It is always better to increase the log level and to inspect log files as there are more concrete reasons of failure. Logs also show detected Trezor devices.
Start the monero-wallet-cli with the following
--log-file ~/monero.log --log-level 3
and inspect the last log lines.Restart Trezor bridge
After each error it is better to kill trezor bridge so it releases all sessions.
sudo pkill trezord
. It restarts automatically.