-
-
Notifications
You must be signed in to change notification settings - Fork 232
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stellar: Proposal for Stellar Lumen support #53
Conversation
Let's discuss here on creating the |
@prusnak Thank you for looking this over. The only thing that needs to be signed for Stellar is a SHA256 hash of the bytes that make up the transaction. However, one of the strengths of a hardware wallet is that you can verify what you're signing on the Trezor without having to trust the UI on the PC. To implement this, I'd need to accept a much larger blob of data, parse it on the Trezor, and display a human-readable version of the transactions on the screen. A rough draft of the messages I'd need for Stellar: SignStellarTx
The Once the user approved the operations, I'd generate the hash from the XDR blob and sign it. SignedStellarTx
Pretty basic, nothing much necessary. Regarding Ripple support, I believe Ripple can also use secp256k1 (Stellar only uses ed25519) so [1] https://www.stellar.org/developers/horizon/reference/xdr.html |
Looks nice. We need to replace |
This would be the message with a single field for the XDR:
The fields that get hashed are the If you were thinking a separate field for each type of operation, that might be a bit tricker. Stellar has several operations with varying fields: https://www.stellar.org/developers/guides/concepts/list-of-operations.html I believe they'd each require their own message type. For example:
(Repeat for each available operation) Then,
I'd originally avoided that because I thought it would be harder, but after figuring out the above I think it would make the parsing on the Trezor a lot easier if I just stuck with protobuf messages. However, it would require a lot more message types. Let me know your thoughts! |
Can we rename this pull request to specify Stellar in the title? |
Can Stellar transactions have many operations? If yes, I'd propose to split the messages into multiple ones, like we do for the bitcoin clones. One Another thing to decide: should the Trezor send back the xdr? For NEM and bitcoin we do this, we ethereum we don't do this. I think we shouldn't do it and just send back the signature. A decent wallet should know how to compute the xdr for itself. |
Yes, although I think in 99% of cases there would only be one operation per transaction.
I agree that it shouldn't send back the full XDR and instead just the signature. I would like to avoid parsing XDR on the Trezor and leave that up to wallets which would already have an XDR parser built in. Splitting it into a stream of multiple operations sounds good to me, although as an optimization I'd like to have
In the case of multiple operations it would work as follows:
|
@prusnak Stellar now has a standard for deriving accounts from mnemonic passphrases, so I believe I have everything I need to get started on this. Since I'll be adding a fair number of messages (and it sounds like there are other people also working on adding coins) would it be possible to reserve message types 200-250 for Stellar? This could be as simple as adding a comment to |
👍 cool! Yes, let's reserve messagetypes 200-250 for Stellar/Ripple. |
@prusnak I've got this working with one of the operation types and since it's a fairly large PR I was wondering if you'd prefer reviewing it as early as possible or you'd rather I waited until I had all the features implemented? So far, I have code for the following projects:
I'd also like to add support to the javascript libraries, but I haven't looked into that yet. |
What features are done and which are missing? |
Done:
To do:
The rest of the operations should be pretty straightforward, it's just a matter of parsing them and displaying confirmation messages. |
Wow! Great, let's review now. The 2 missing features can wait.
|
@zulucrypto Is there anything I can help you with right now? |
@prusnak I think all I need is code review at this point. I've just submitted the PRs for trezor-common, python-trezor and trezor-mcu. I'll be idling on gitter if that's easier than commenting in the PRs. |
Closing in favor of #63 |
This is a proposal to add support for viewing and signing Stellar transactions