Pre-1.0 tasks remaining

[kirushik]

I'm using this issue to track and prioritise the "all small things remaining" sort of tasks which need to be done to call Ledgeracio mature enough for 1.0 release.
Those are extracted from @dvdplm's meeting notes with some minor wording changes, and are ordered by priority highest-first.

• Make sure ledgeracio works with --dev chains
• Add chilling support (code is done, possibly needs docs?)
• Thoroughly document the usage of [patch] sections and what are the conditions are for removing them
• Split the binaries into two: one for staking-ops engineers and one for signer-user
• Switch to the signify file format
  • agreed that making Base64 decoding CT would be a nice-to-have but is not required => low prio (the security assumption is that the signer-user takes care of their own security)
• Document the ledgeracio use-case, i.e. provide intro and context, explain the relationship to zondax
• Get the substrate-subxt fork reviewed and tested
• Step-by-step instructions for new developers to get setup properly: setting up a stash with some funds, walk through installation and how to e.g. nominate

[DemiMarie]

I looked at the Signify file format, and it appears that while both signify and minisign use the same format for public keys, they use different (and mutually incompatible) secret key formats. I will switch the public key format promptly, but will worry about the secret key format later.

[DemiMarie]

For base64 decoding, I can just invoke the functions in libsodium via FFI; libsodium is ubiquitous enough that we can assume any target system will have it.

[kirushik]

@DemiMarie I would suggest not making any assumptions about target system if possible.
"Ubiquitous enough" is not good enough when you have to figure out why this damned thing won't work on your mother's Mac while being waken up a 4am on Saturday night.
I really don't think that some quite far-fetched threat of "Base64 bomb" would warrant us increasing the chances of the scenario above.
So, I would 100% prefer a pure-Rust solution compiled directly into Ledgeracio, with no extra external dependencies

[DemiMarie]

@kirushik worth noting that only the signer code would be linked with libsodium, so the scenario you mentioned can’t happen. That said, your point still stands.

[DemiMarie]

As far as the instructions are concerned, so long as one uses Polkadot{.js} to set up the accounts, it is fairly self-explanatory.

[dvdplm]

As far as the instructions are concerned, so long as one uses Polkadot{.js} to set up the accounts, it is fairly self-explanatory.

I disagree with this, but I also realise that a) I am likely exceptionally n00b when considering the users of this software and b) we can wait until a later date and collect feedback on what the actual stumbling blocks users encounter are.

[DemiMarie]

@kirushik @dvdplm can you re-review the README?

[dvdplm]

@kirushik @dvdplm can you re-review the README?

Added review here

[DemiMarie]

Update: all automated tests pass and I was able to do basic staking operations. The ones I did not test were:

• replace-key (I don’t have a validator to test it on)
• Allowlist operations involving the device (the restricted Ledgeracio app has not been reviewed by Ledger yet)