Skip to content

Keystone USB integration #119

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 80 commits into
base: main
Choose a base branch
from
Open

Keystone USB integration #119

wants to merge 80 commits into from

Conversation

Charon-Fan
Copy link

Description

  • Supports X/P chain tx signing via Keystone3

Changes

  • Added USB signing process via Keystone3

Testing

Screenshots:

Checklist for the author

Tick each of them when done or if not applicable.

  • I've covered new/modified business logic with Jest test cases.
  • I've tested the changes myself before sending it to code review and QA.

ww3512687 and others added 30 commits November 26, 2024 18:13
@ww3512687
add keystone usb button
e512988
@ww3512687
add some log
baf6cc6
@ww3512687
add the option to select device type
370240c
@ww3512687
update
4bdb49e
@Charon-Fan
feat: add Keystone wallet connector
5fa47fd
@Charon-Fan
feat: enhance Keystone connection flow with device selection and stat…
3794ab2 
…e management
@gergelylovas @Charon-Fan
feat: open up avalanche methods CP-9587 (ava-labs#100)
e263ed4
@gergelylovas @Charon-Fan
feat: add response check for Paraswap API (ava-labs#99)
ecfa2a2
@vvava @Charon-Fan
feat: CP-9474 import private key activate account, design fixes (ava-…
b9aca43 
…labs#89)
@cypherpepe @Charon-Fan
docs: Documentation Typos and Content Improvements (ava-labs#102)
0d9bc43 
Signed-off-by: Cypher Pepe <[email protected]>
@meeh0w @Charon-Fan
feat: migrate to Unified Bridge, introduce the ICTT bridge (ava-labs#82)
18d0b71
@meeh0w @Charon-Fan
fix: max button using rounded up value (ava-labs#103)
3175d9f
@vvava @Charon-Fan
feat: CP-9472 add duplicated account dialog (ava-labs#90)
0bd15de
@vvava @Charon-Fan
feaT: CP-9487 CP-9473 ledger flow (ava-labs#93)
a7eb8ac
@meeh0w @Charon-Fan
feat: new account switcher (ava-labs#94)
9eafdf8
@meeh0w @Charon-Fan
fix: provide default value to convert (ava-labs#104)
99b8301
@meeh0w @Charon-Fan
fix: only show P-Chain Details link for active wallet (ava-labs#105)
073c43a
@meeh0w @Charon-Fan
fix: contact dropdown size (ava-labs#107)
ece94e3
@meeh0w @Charon-Fan
feat: bring back address copy button (ava-labs#110)
94e8895
@csabbee @Charon-Fan
chore: eslint version update and minor refactor (ava-labs#106)
102a7fc
@ryanewood @meeh0w @Charon-Fan
chore: add data-testids to account mgmt UI (ava-labs#113)
1a07de0 
Co-authored-by: Michał Leszczyk <[email protected]>
@meeh0w @Charon-Fan
fix: swap issues (ava-labs#114)
7ed361e
@frichards @Charon-Fan
feat: (dApp Handler) CP-9471 expose delete accounts endpoint (ava-lab…
14b3ff1 
…s#115)
@meeh0w @Charon-Fan
fix: prompting invalid ledger app (ava-labs#116)
9c43ecc
@ww3512687 @Charon-Fan
add keystone usb button
a018664
@ww3512687 @Charon-Fan
add some log
ae6fb73
@ww3512687 @Charon-Fan
update
3b48cd4
@Charon-Fan
feat: add Keystone wallet connector
5587358
@Charon-Fan
chore: update dependencies in yarn.lock
064f536
@Charon-Fan
chore: remove unnecessary console logs and update navigation path for…
b91579c 
… Keystone
meeh0w and others added 21 commits February 11, 2025 08:38
@meeh0w
fix: missing error messages
15c64e5
@meeh0w
chore: translations
ebacc91
@meeh0w
Merge remote-tracking branch 'origin/main' into feat/solana-secrets
fd4e395
@meeh0w
fix: use publicKeyRaw instead of publicKey
d218327
@meeh0w
fix: conflict resolution issue
a9ddc32
@meeh0w
Merge remote-tracking branch 'origin/main' into feat/solana-secrets
78bdbb3
@Charon-Fan
Merge branch 'feat/solana-secrets' into feat/keystone-bk
da7181d
@Charon-Fan
feat: support Keystone3Pro in secrets handling and wallet name display
6e9743a
@Charon-Fan
Merge branch 'main' into feat/keystone-bk
e2ea01b
@Charon-Fan
chore: merge package.json
6701042
@Charon-Fan
Merge branch 'main' into feat/keystone-bk
000e5bf
@Charon-Fan
feat: add Keystone secrets type guard and refactor wallet services
f1d5896
@Charon-Fan
fix: add missing dependency to useEffect in KeystoneConnector
edbebd3
@Charon-Fan
Merge remote-tracking branch 'origin/main' into feat/keystone-bk
88d6351
@Charon-Fan
fix: optimize device change handling
3ca049f
@Charon-Fan
fix: update signature handling to use utils.hexToBuffer
20a9424
@Charon-Fan
fix: add output update for PSBT when there are multiple outputs
49cfdac
@Charon-Fan
fix: rename function to getTxInfoForHardware
5ec005d
@Charon-Fan
Merge branch 'main' into feat/keystone-bk
002934e
@Charon-Fan
Merge branch 'main' into feat/keystone-bk
e50b8d0
@Charon-Fan
Merge branch 'main' into feat/keystone-bk
a8d3238
@Charon-Fan Charon-Fan marked this pull request as ready for review May 20, 2025 01:30
@Charon-Fan Charon-Fan changed the title [WIP] Keystone USB integration Keystone USB integration May 20, 2025
meeh0w
meeh0w requested changes May 23, 2025
View reviewed changes
Copy link
Member

@meeh0w meeh0w left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left a few comments. Besides those, please run the following commands and fix the errors:

  1. yarn typecheck
  2. yarn lint
  3. yarn test

Also run yarn scanner -- it will update the translation files.

src/background/services/secrets/SecretsService.ts
Comment on lines +878 to +885
if (!hasAVMPublicKey) {
const publicKeyAVM = AddressPublicKey.fromExtendedPublicKeys(
secrets.extendedPublicKeys,
'secp256k1',
derivationPathAVM,
).toJSON();
newPublicKeys.push(publicKeyAVM);
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this will break onboarding and adding accounts for previous Keystone iterations, where the extended public key for Avalanche is not provided.

It should be iffed and only run for Keystone3 (iThink™)

src/background/services/wallet/WalletService.ts
Comment on lines +577 to +616
if (
secretType === SecretType.Keystone ||
secretType === SecretType.Keystone3Pro
) {
const accountIndexToUse =
accountIndex === undefined ? secrets.account.index : accountIndex;

const derivationPathEVM = getAddressDerivationPath(
accountIndexToUse,
secrets.derivationPathSpec,
'EVM',
);
const derivationPathAVM = getAddressDerivationPath(
accountIndexToUse,
secrets.derivationPathSpec,
'AVM',
);
const evmExtendedPubKey = getExtendedPublicKeyFor(
secrets.extendedPublicKeys,
derivationPathEVM,
'secp256k1',
);
const avmExtendedPubKey = getExtendedPublicKeyFor(
secrets.extendedPublicKeys,
derivationPathAVM,
'secp256k1',
);

assertPresent(evmExtendedPubKey, SecretsError.PublicKeyNotFound);

return new KeystoneWallet(
secrets.masterFingerprint,
accountIndexToUse,
this.keystoneService,
network.chainId,
tabId,
evmExtendedPubKey.key,
avmExtendedPubKey ? avmExtendedPubKey.key : undefined,
);
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this whole clause will only run for X- and P- chains, I think we should error out for SecretType.Keystone and assert the AVM key being present for SecretType.Keystone3Pro.

src/components/keystone/KeystoneConnector.tsx Outdated
await getAddressFromXpubKey(xpubValue, accountIndex + 1, newAddresses);
}
if (accountIndex >= 2) {
capture('OnboardingKeystoneConnected');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's make analytics events specific to Keystone 3, this way we know how many users use each of the device versions.

Suggested change
capture('OnboardingKeystoneConnected');
capture('OnboardingKeystone3Connected');

Same for other capture(...) calls.

src/components/keystone/KeystoneTroublesSteps.tsx Outdated
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy paste mistake, I guess. This whole file talks about Ledger, not Keystone.

src/background/services/keystone/KeystoneWallet.ts
Comment on lines +50 to +52
const app = new KeystoneUSBEthSDK(
(await createKeystoneTransport()) as any,
);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My Keystone3 is acting up (security upgrade is required and it doesn't seem to be able to go above the required 40% battery charge...).

With that in mind, I can't really test it at the moment, but I'm struggling to understand how this part of the code is supposed to work. I took a look at the createKeystoneTransport function in your SDKs and I'm pretty sure it simply cannot work in the extension realm. It uses the navigator.usb.requestDevice internally, which is not available in the extension's service worker.

This is exactly why with Ledger, we're implementing our own LedgerTransport which pushes out data into the extension's popup, from which we actually can access the USB transport.

Please take a look at these diagrams:

  1. Ledger architecture
  2. Ledger signing flow

Have you tested the X- and P-Chain signing on this branch with Keystone3 connected?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@meeh0w meeh0w meeh0w requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@Charon-Fan @meeh0w @ww3512687 @gergelylovas @vvava @cypherpepe @csabbee @ryanewood @frichards