From ac2a0e615bd45eab81cd793cde5a4eef2a8581c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= Date: Mon, 23 Jan 2017 09:58:05 +0200 Subject: [PATCH] accounts/usbwallet: initial support for Ledger wallets --- accounts/usbwallet/ledger.go | 648 ++++++++++++++++++++++++++++++ accounts/usbwallet/ledger_test.go | 75 ++++ accounts/usbwallet/usb.go | 27 ++ node/config.go | 14 +- 4 files changed, 762 insertions(+), 2 deletions(-) create mode 100644 accounts/usbwallet/ledger.go create mode 100644 accounts/usbwallet/ledger_test.go create mode 100644 accounts/usbwallet/usb.go diff --git a/accounts/usbwallet/ledger.go b/accounts/usbwallet/ledger.go new file mode 100644 index 000000000..55b313df9 --- /dev/null +++ b/accounts/usbwallet/ledger.go @@ -0,0 +1,648 @@ +// Copyright 2017 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +// This file contains the implementation for interacting with the Ledger hardware +// wallets. The wire protocol spec can be found in the Ledger Blue GitHub repo: +// https://raw.githubusercontent.com/LedgerHQ/blue-app-eth/master/doc/ethapp.asc + +package usbwallet + +import ( + "encoding/binary" + "encoding/hex" + "errors" + "fmt" + "io" + "math/big" + "strconv" + "strings" + "sync" + "time" + + "github.com/ethereum/go-ethereum/accounts" + "github.com/ethereum/go-ethereum/common" + "github.com/ethereum/go-ethereum/core/types" + "github.com/ethereum/go-ethereum/logger" + "github.com/ethereum/go-ethereum/logger/glog" + "github.com/ethereum/go-ethereum/rlp" + "github.com/karalabe/gousb/usb" +) + +// ledgerDeviceIDs are the known device IDs that Ledger wallets use. +var ledgerDeviceIDs = []deviceID{ + {Vendor: 0x2c97, Product: 0x0000}, // Ledger Blue + {Vendor: 0x2c97, Product: 0x0001}, // Ledger Nano S +} + +// ledgerDerivationPath is the key derivation parameters used by the wallet. +var ledgerDerivationPath = [4]uint32{0x80000000 + 44, 0x80000000 + 60, 0x80000000 + 0, 0} + +// ledgerOpcode is an enumeration encoding the supported Ledger opcodes. +type ledgerOpcode byte + +// ledgerParam1 is an enumeration encoding the supported Ledger parameters for +// specific opcodes. The same parameter values may be reused between opcodes. +type ledgerParam1 byte + +// ledgerParam2 is an enumeration encoding the supported Ledger parameters for +// specific opcodes. The same parameter values may be reused between opcodes. +type ledgerParam2 byte + +const ( + ledgerOpRetrieveAddress ledgerOpcode = 0x02 // Returns the public key and Ethereum address for a given BIP 32 path + ledgerOpSignTransaction ledgerOpcode = 0x04 // Signs an Ethereum transaction after having the user validate the parameters + ledgerOpGetConfiguration ledgerOpcode = 0x06 // Returns specific wallet application configuration + + ledgerP1DirectlyFetchAddress ledgerParam1 = 0x00 // Return address directly from the wallet + ledgerP1ConfirmFetchAddress ledgerParam1 = 0x01 // Require a user confirmation before returning the address + ledgerP1InitTransactionData ledgerParam1 = 0x00 // First transaction data block for signing + ledgerP1ContTransactionData ledgerParam1 = 0x80 // Subsequent transaction data block for signing + ledgerP2DiscardAddressChainCode ledgerParam2 = 0x00 // Do not return the chain code along with the address + ledgerP2ReturnAddressChainCode ledgerParam2 = 0x01 // Require a user confirmation before returning the address +) + +// ledgerWallet represents a live USB Ledger hardware wallet. +type ledgerWallet struct { + device *usb.Device // USB device advertising itself as a Ledger wallet + input usb.Endpoint // Input endpoint to send data to this device + output usb.Endpoint // Output endpoint to receive data from this device + + address common.Address // Current address of the wallet (may be zero if Ethereum app offline) + url string // Textual URL uniquely identifying this wallet + version [3]byte // Current version of the Ledger Ethereum app (zero if app is offline) +} + +// LedgerHub is a USB hardware wallet interface that can find and handle Ledger +// wallets. +type LedgerHub struct { + ctx *usb.Context // Context interfacing with a libusb instance + + wallets map[uint16]*ledgerWallet // Apparent Ledger wallets (some may be inactive) + accounts []accounts.Account // List of active Ledger accounts + index map[common.Address]uint16 // Set of addresses with active wallets + + quit chan chan error + lock sync.RWMutex +} + +// NewLedgerHub creates a new hardware wallet manager for Ledger devices. +func NewLedgerHub() (*LedgerHub, error) { + // Initialize the USB library to access Ledgers through + ctx, err := usb.NewContext() + if err != nil { + return nil, err + } + // Create the USB hub, start and return it + hub := &LedgerHub{ + ctx: ctx, + wallets: make(map[uint16]*ledgerWallet), + index: make(map[common.Address]uint16), + quit: make(chan chan error), + } + go hub.watch() + return hub, nil +} + +// Accounts retrieves the live of accounts currently known by the Ledger hub. +func (hub *LedgerHub) Accounts() []accounts.Account { + hub.lock.RLock() + defer hub.lock.RUnlock() + + cpy := make([]accounts.Account, len(hub.accounts)) + copy(cpy, hub.accounts) + return cpy +} + +// HasAddress reports whether an account with the given address is present. +func (hub *LedgerHub) HasAddress(addr common.Address) bool { + hub.lock.RLock() + defer hub.lock.RUnlock() + + _, known := hub.index[addr] + return known +} + +// SignHash is not supported for Ledger wallets, so this method will always +// return an error. +func (hub *LedgerHub) SignHash(acc accounts.Account, hash []byte) ([]byte, error) { + return nil, accounts.ErrNotSupported +} + +// SignTx sends the transaction over to the Ledger wallet to request a confirmation +// from the user. It returns either the signed transaction or a failure if the user +// denied the transaction. +// +// Note, if the version of the Ethereum application running on the Ledger wallet is +// too old to sign EIP-155 transactions, but such is requested nonetheless, an error +// will be returned opposed to silently signing in Homestead mode. +func (hub *LedgerHub) SignTx(acc accounts.Account, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error) { + hub.lock.RLock() + defer hub.lock.RUnlock() + + // If the account contains the device URL, flatten it to make sure + var id uint16 + if acc.URL != "" { + if parts := strings.Split(acc.URL, "."); len(parts) == 2 { + bus, busErr := strconv.Atoi(parts[0]) + addr, addrErr := strconv.Atoi(parts[1]) + + if busErr == nil && addrErr == nil { + id = uint16(bus)<<8 + uint16(addr) + } + } + } + // If the id is still zero, URL is either missing or bad, resolve + if id == 0 { + var ok bool + if id, ok = hub.index[acc.Address]; !ok { + return nil, accounts.ErrUnknownAccount + } + } + // Retrieve the wallet associated with the URL + wallet, ok := hub.wallets[id] + if !ok { + return nil, accounts.ErrUnknownAccount + } + // Ensure the wallet is capable of signing the given transaction + if chainID != nil && wallet.version[0] <= 1 && wallet.version[1] <= 0 && wallet.version[2] <= 2 { + return nil, fmt.Errorf("Ledger v%d.%d.%d doesn't support signing this transaction, please update to v1.0.3 at least", + wallet.version[0], wallet.version[1], wallet.version[2]) + } + return wallet.sign(tx, chainID) +} + +// SignHashWithPassphrase is not supported for Ledger wallets, so this method +// will always return an error. +func (hub *LedgerHub) SignHashWithPassphrase(acc accounts.Account, passphrase string, hash []byte) ([]byte, error) { + return nil, accounts.ErrNotSupported +} + +// SignTxWithPassphrase requests the backend to sign the given transaction, with the +// given passphrase as extra authentication information. Since the Ledger does not +// support this feature, it will just silently ignore the passphrase. +func (hub *LedgerHub) SignTxWithPassphrase(acc accounts.Account, passphrase string, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error) { + return hub.SignTx(acc, tx, chainID) +} + +// Close terminates the usb watching for Ledger wallets and returns when it +// successfully terminated. +func (hub *LedgerHub) Close() error { + // Terminate the USB scanner + errc := make(chan error) + hub.quit <- errc + err := <-errc + + // Release the USB interface and return + hub.ctx.Close() + return err +} + +// watch starts watching the local machine's USB ports for the connection or +// disconnection of Ledger devices. +func (hub *LedgerHub) watch() { + for { + // Rescan the USB ports for devices newly added or removed + hub.rescan() + + // Sleep for a certain amount of time or until terminated + select { + case errc := <-hub.quit: + errc <- nil + return + case <-time.After(time.Second): + } + } +} + +// rescan searches the USB ports for attached Ledger hardware wallets. +func (hub *LedgerHub) rescan() { + hub.lock.Lock() + defer hub.lock.Unlock() + + // Iterate over all attached devices and fetch those seemingly Ledger + present := make(map[uint16]bool) + devices, _ := hub.ctx.ListDevices(func(desc *usb.Descriptor) bool { + // Discard all devices not advertizing as Ledger + ledger := false + for _, id := range ledgerDeviceIDs { + if desc.Vendor == id.Vendor && desc.Product == id.Product { + ledger = true + } + } + if !ledger { + return false + } + // If we have a Ledger, mark as still present, or open as new + id := uint16(desc.Bus)<<8 + uint16(desc.Address) + if _, known := hub.wallets[id]; known { + // Track it's presence, but don't open again + present[id] = true + return false + } + // New Ledger device, open it for communication + return true + }) + // Drop any tracker wallet which disconnected + for id, wallet := range hub.wallets { + if !present[id] { + if wallet.address == (common.Address{}) { + glog.V(logger.Info).Infof("ledger wallet [%03d.%03d] disconnected", wallet.device.Bus, wallet.device.Address) + } else { + // A live account disconnected, remove it from the tracked accounts + for i, account := range hub.accounts { + if account.Address == wallet.address && account.URL == wallet.url { + hub.accounts = append(hub.accounts[:i], hub.accounts[i+1:]...) + break + } + } + delete(hub.index, wallet.address) + + glog.V(logger.Info).Infof("ledger wallet [%03d.%03d] v%d.%d.%d disconnected: %s", wallet.device.Bus, wallet.device.Address, + wallet.version[0], wallet.version[1], wallet.version[2], wallet.address.Hex()) + } + delete(hub.wallets, id) + wallet.device.Close() + } + } + // Start tracking all wallets which newly appeared + var err error + for _, device := range devices { + // Make sure the alleged device has the correct IO endpoints + wallet := &ledgerWallet{ + device: device, + url: fmt.Sprintf("%03d.%03d", device.Bus, device.Address), + } + var invalid string + switch { + case len(device.Descriptor.Configs) == 0: + invalid = "no endpoint config available" + case len(device.Descriptor.Configs[0].Interfaces) == 0: + invalid = "no endpoint interface available" + case len(device.Descriptor.Configs[0].Interfaces[0].Setups) == 0: + invalid = "no endpoint setup available" + case len(device.Descriptor.Configs[0].Interfaces[0].Setups[0].Endpoints) < 2: + invalid = "not enough IO endpoints available" + } + if invalid != "" { + glog.V(logger.Debug).Infof("ledger wallet [%s] deemed invalid: %s", wallet.url, invalid) + device.Close() + continue + } + // Open the input and output endpoints to the device + wallet.input, err = device.OpenEndpoint( + device.Descriptor.Configs[0].Config, + device.Descriptor.Configs[0].Interfaces[0].Number, + device.Descriptor.Configs[0].Interfaces[0].Setups[0].Number, + device.Descriptor.Configs[0].Interfaces[0].Setups[0].Endpoints[1].Address, + ) + if err != nil { + glog.V(logger.Debug).Infof("ledger wallet [%s] input open failed: %v", wallet.url, err) + device.Close() + continue + } + wallet.output, err = device.OpenEndpoint( + device.Descriptor.Configs[0].Config, + device.Descriptor.Configs[0].Interfaces[0].Number, + device.Descriptor.Configs[0].Interfaces[0].Setups[0].Number, + device.Descriptor.Configs[0].Interfaces[0].Setups[0].Endpoints[0].Address, + ) + if err != nil { + glog.V(logger.Debug).Infof("ledger wallet [%s] output open failed: %v", wallet.url, err) + device.Close() + continue + } + // Start tracking the device as a probably Ledger wallet + id := uint16(device.Bus)<<8 + uint16(device.Address) + hub.wallets[id] = wallet + + if wallet.resolveVersion() != nil || wallet.resolveAddress() != nil { + glog.V(logger.Info).Infof("ledger wallet [%s] connected, Ethereum app not started", wallet.url) + } else { + hub.accounts = append(hub.accounts, accounts.Account{ + Address: wallet.address, + URL: wallet.url, + }) + hub.index[wallet.address] = id + + glog.V(logger.Info).Infof("ledger wallet [%s] v%d.%d.%d connected: %s", wallet.url, + wallet.version[0], wallet.version[1], wallet.version[2], wallet.address.Hex()) + } + } +} + +// resolveVersion retrieves the current version of the Ethereum wallet app running +// on the Ledger wallet and caches it for future reference. +// +// The version retrieval protocol is defined as follows: +// +// CLA | INS | P1 | P2 | Lc | Le +// ----+-----+----+----+----+--- +// E0 | 06 | 00 | 00 | 00 | 04 +// +// With no input data, and the output data being: +// +// Description | Length +// ---------------------------------------------------+-------- +// Flags 01: arbitrary data signature enabled by user | 1 byte +// Application major version | 1 byte +// Application minor version | 1 byte +// Application patch version | 1 byte +func (wallet *ledgerWallet) resolveVersion() error { + // Send the request and wait for the response + reply, err := wallet.exchange(ledgerOpGetConfiguration, 0, 0, nil) + if err != nil { + return err + } + if len(reply) != 4 { + return errors.New("reply not of correct size") + } + // Cache the version for future reference + copy(wallet.version[:], reply[1:]) + return nil +} + +// resolveAddress retrieves the currently active Ethereum address from a Ledger +// wallet and caches it for future reference. +// +// The address derivation protocol is defined as follows: +// +// CLA | INS | P1 | P2 | Lc | Le +// ----+-----+----+----+-----+--- +// E0 | 02 | 00 return address +// 01 display address and confirm before returning +// | 00: do not return the chain code +// | 01: return the chain code +// | var | 00 +// +// Where the input data is: +// +// Description | Length +// -------------------------------------------------+-------- +// Number of BIP 32 derivations to perform (max 10) | 1 byte +// First derivation index (big endian) | 4 bytes +// ... | 4 bytes +// Last derivation index (big endian) | 4 bytes +// +// And the output data is: +// +// Description | Length +// ------------------------+------------------- +// Public Key length | 1 byte +// Uncompressed Public Key | arbitrary +// Ethereum address length | 1 byte +// Ethereum address | 40 bytes hex ascii +// Chain code if requested | 32 bytes +func (wallet *ledgerWallet) resolveAddress() error { + // Flatten the derivation path into the Ledger request + path := make([]byte, 1+4*len(ledgerDerivationPath)) + path[0] = byte(len(ledgerDerivationPath)) + for i, component := range ledgerDerivationPath { + binary.BigEndian.PutUint32(path[1+4*i:], component) + } + // Send the request and wait for the response + reply, err := wallet.exchange(ledgerOpRetrieveAddress, ledgerP1DirectlyFetchAddress, ledgerP2DiscardAddressChainCode, path) + if err != nil { + return err + } + // Discard the public key, we don't need that for now + if len(reply) < 1 || len(reply) < 1+int(reply[0]) { + return errors.New("reply lacks public key entry") + } + reply = reply[1+int(reply[0]):] + + // Extract the Ethereum hex address string + if len(reply) < 1 || len(reply) < 1+int(reply[0]) { + return errors.New("reply lacks address entry") + } + hexstr := reply[1 : 1+int(reply[0])] + + // Decode the hex sting into an Ethereum address and return + hex.Decode(wallet.address[:], hexstr) + return nil +} + +// sign sends the transaction to the Ledger wallet, and waits for the user to +// confirm or deny the transaction. +// +// The transaction signing protocol is defined as follows: +// +// CLA | INS | P1 | P2 | Lc | Le +// ----+-----+----+----+-----+--- +// E0 | 04 | 00: first transaction data block +// 80: subsequent transaction data block +// | 00 | variable | variable +// +// Where the input for the first transaction block (first 255 bytes) is: +// +// Description | Length +// -------------------------------------------------+---------- +// Number of BIP 32 derivations to perform (max 10) | 1 byte +// First derivation index (big endian) | 4 bytes +// ... | 4 bytes +// Last derivation index (big endian) | 4 bytes +// RLP transaction chunk | arbitrary +// +// And the input for subsequent transaction blocks (first 255 bytes) are: +// +// Description | Length +// ----------------------+---------- +// RLP transaction chunk | arbitrary +// +// And the output data is: +// +// Description | Length +// ------------+--------- +// signature V | 1 byte +// signature R | 32 bytes +// signature S | 32 bytes +func (wallet *ledgerWallet) sign(tx *types.Transaction, chainID *big.Int) (*types.Transaction, error) { + // We need to modify the timeouts to account for user feedback + defer func(old time.Duration) { wallet.device.ReadTimeout = old }(wallet.device.ReadTimeout) + wallet.device.ReadTimeout = time.Minute + + // Flatten the derivation path into the Ledger request + path := make([]byte, 1+4*len(ledgerDerivationPath)) + path[0] = byte(len(ledgerDerivationPath)) + for i, component := range ledgerDerivationPath { + binary.BigEndian.PutUint32(path[1+4*i:], component) + } + // Create the transaction RLP based on whether legacy or EIP155 signing was requeste + var ( + txrlp []byte + err error + ) + if chainID == nil { + if txrlp, err = rlp.EncodeToBytes([]interface{}{tx.Nonce(), tx.GasPrice(), tx.Gas(), tx.To(), tx.Value(), tx.Data()}); err != nil { + return nil, err + } + } else { + if txrlp, err = rlp.EncodeToBytes([]interface{}{tx.Nonce(), tx.GasPrice(), tx.Gas(), tx.To(), tx.Value(), tx.Data(), chainID, big.NewInt(0), big.NewInt(0)}); err != nil { + return nil, err + } + } + payload := append(path, txrlp...) + + // Send the request and wait for the response + var ( + op = ledgerP1InitTransactionData + reply []byte + ) + for len(payload) > 0 { + // Calculate the size of the next data chunk + chunk := 255 + if chunk > len(payload) { + chunk = len(payload) + } + // Send the chunk over, ensuring it's processed correctly + reply, err = wallet.exchange(ledgerOpSignTransaction, op, 0, payload[:chunk]) + if err != nil { + return nil, err + } + // Shift the payload and ensure subsequent chunks are marked as such + payload = payload[chunk:] + op = ledgerP1ContTransactionData + } + // Extract the Ethereum signature and do a sanity validation + if len(reply) != 65 { + return nil, errors.New("reply lacks signature") + } + signature := append(reply[1:], reply[0]) + + // Create the correct signer and signature transform based on the chain ID + var signer types.Signer + if chainID == nil { + signer = new(types.HomesteadSigner) + } else { + signer = types.NewEIP155Signer(chainID) + signature[64] = (signature[64]-34)/2 - byte(chainID.Uint64()) + } + // Inject the final signature into the transaction and sanity check the sender + signed, err := tx.WithSignature(signer, signature) + if err != nil { + return nil, err + } + sender, err := types.Sender(signer, signed) + if err != nil { + return nil, err + } + if sender != wallet.address { + glog.V(logger.Error).Infof("Ledger signer mismatch: expected %s, got %s", wallet.address.Hex(), sender.Hex()) + return nil, fmt.Errorf("signer mismatch: expected %s, got %s", wallet.address.Hex(), sender.Hex()) + } + return signed, nil +} + +// exchange performs a data exchange with the Ledger wallet, sending it a message +// and retrieving the response. +// +// The common transport header is defined as follows: +// +// Description | Length +// --------------------------------------+---------- +// Communication channel ID (big endian) | 2 bytes +// Command tag | 1 byte +// Packet sequence index (big endian) | 2 bytes +// Payload | arbitrary +// +// The Communication channel ID allows commands multiplexing over the same +// physical link. It is not used for the time being, and should be set to 0101 +// to avoid compatibility issues with implementations ignoring a leading 00 byte. +// +// The Command tag describes the message content. Use TAG_APDU (0x05) for standard +// APDU payloads, or TAG_PING (0x02) for a simple link test. +// +// The Packet sequence index describes the current sequence for fragmented payloads. +// The first fragment index is 0x00. +// +// APDU Command payloads are encoded as follows: +// +// Description | Length +// ----------------------------------- +// APDU length (big endian) | 2 bytes +// APDU CLA | 1 byte +// APDU INS | 1 byte +// APDU P1 | 1 byte +// APDU P2 | 1 byte +// APDU length | 1 byte +// Optional APDU data | arbitrary +func (wallet *ledgerWallet) exchange(opcode ledgerOpcode, p1 ledgerParam1, p2 ledgerParam2, data []byte) ([]byte, error) { + // Construct the message payload, possibly split into multiple chunks + var chunks [][]byte + for left := data; len(left) > 0 || len(chunks) == 0; { + // Create the chunk header + var chunk []byte + + if len(chunks) == 0 { + // The first chunk encodes the length and all the opcodes + chunk = []byte{0x00, 0x00, 0xe0, byte(opcode), byte(p1), byte(p2), byte(len(data))} + binary.BigEndian.PutUint16(chunk, uint16(5+len(data))) + } + // Append the data blob to the end of the chunk + space := 64 - len(chunk) - 5 // 5 == header size + if len(left) > space { + chunks, left = append(chunks, append(chunk, left[:space]...)), left[space:] + continue + } + chunks, left = append(chunks, append(chunk, left...)), nil + } + // Stream all the chunks to the device + for i, chunk := range chunks { + // Construct the new message to stream + header := []byte{0x01, 0x01, 0x05, 0x00, 0x00} // Channel ID and command tag appended + binary.BigEndian.PutUint16(header[3:], uint16(i)) + + msg := append(header, chunk...) + + // Send over to the device + if glog.V(logger.Core) { + glog.Infof("-> %03d.%03d: %x", wallet.device.Bus, wallet.device.Address, msg) + } + if _, err := wallet.input.Write(msg); err != nil { + return nil, err + } + } + // Stream the reply back from the wallet in 64 byte chunks + var reply []byte + for { + // Read the next chunk from the Ledger wallet + chunk := make([]byte, 64) + if _, err := io.ReadFull(wallet.output, chunk); err != nil { + return nil, err + } + if glog.V(logger.Core) { + glog.Infof("<- %03d.%03d: %x", wallet.device.Bus, wallet.device.Address, chunk) + } + // Make sure the transport header matches + if chunk[0] != 0x01 || chunk[1] != 0x01 || chunk[2] != 0x05 { + return nil, fmt.Errorf("invalid reply header: %x", chunk[:3]) + } + // If it's the first chunk, retrieve the total message length + if chunk[3] == 0x00 && chunk[4] == 0x00 { + reply = make([]byte, 0, int(binary.BigEndian.Uint16(chunk[5:7]))) + chunk = chunk[7:] + } else { + chunk = chunk[5:] + } + // Append to the reply and stop when filled up + if left := cap(reply) - len(reply); left > len(chunk) { + reply = append(reply, chunk...) + } else { + reply = append(reply, chunk[:left]...) + break + } + } + return reply[:len(reply)-2], nil +} diff --git a/accounts/usbwallet/ledger_test.go b/accounts/usbwallet/ledger_test.go new file mode 100644 index 000000000..aeab2f0f0 --- /dev/null +++ b/accounts/usbwallet/ledger_test.go @@ -0,0 +1,75 @@ +// Copyright 2017 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +package usbwallet + +/* +func TestLedgerHub(t *testing.T) { + glog.SetV(6) + glog.SetToStderr(true) + + // Create a USB hub watching for Ledger devices + hub, err := NewLedgerHub() + if err != nil { + t.Fatalf("Failed to create Ledger hub: %v", err) + } + defer hub.Close() + + // Wait for events :P + time.Sleep(time.Minute) +} +*/ +/* +func TestLedger(t *testing.T) { + // Create a USB context to access devices through + ctx, err := usb.NewContext() + defer ctx.Close() + ctx.Debug(6) + + // List all of the Ledger wallets + wallets, err := findLedgerWallets(ctx) + if err != nil { + t.Fatalf("Failed to list Ledger wallets: %v", err) + } + // Retrieve the address from every one of them + for _, wallet := range wallets { + // Retrieve the version of the wallet app + ver, err := wallet.Version() + if err != nil { + t.Fatalf("Failed to retrieve wallet version: %v", err) + } + fmt.Printf("Ledger version: %s\n", ver) + + // Retrieve the address of the wallet + addr, err := wallet.Address() + if err != nil { + t.Fatalf("Failed to retrieve wallet address: %v", err) + } + fmt.Printf("Ledger address: %x\n", addr) + + // Try to sign a transaction with the wallet + unsigned := types.NewTransaction(1, common.HexToAddress("0xbabababababababababababababababababababa"), common.Ether, big.NewInt(20000), common.Shannon, nil) + signed, err := wallet.Sign(unsigned) + if err != nil { + t.Fatalf("Failed to sign transactions: %v", err) + } + signer, err := types.Sender(types.NewEIP155Signer(big.NewInt(1)), signed) + if err != nil { + t.Fatalf("Failed to recover signer: %v", err) + } + fmt.Printf("Ledger signature by: %x\n", signer) + } +}*/ diff --git a/accounts/usbwallet/usb.go b/accounts/usbwallet/usb.go new file mode 100644 index 000000000..550f05ba6 --- /dev/null +++ b/accounts/usbwallet/usb.go @@ -0,0 +1,27 @@ +// Copyright 2017 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +// Package usbwallet implements support for USB hardware wallets. +package usbwallet + +import "github.com/karalabe/gousb/usb" + +// deviceID is a combined vendor/product identifier to uniquely identify a USB +// hardware device. +type deviceID struct { + Vendor usb.ID // The Vendor identifer + Product usb.ID // The Product identifier +} diff --git a/node/config.go b/node/config.go index f3b4dcc73..9ae9406a9 100644 --- a/node/config.go +++ b/node/config.go @@ -28,6 +28,7 @@ import ( "github.com/ethereum/go-ethereum/accounts" "github.com/ethereum/go-ethereum/accounts/keystore" + "github.com/ethereum/go-ethereum/accounts/usbwallet" "github.com/ethereum/go-ethereum/common" "github.com/ethereum/go-ethereum/crypto" "github.com/ethereum/go-ethereum/logger" @@ -432,6 +433,15 @@ func makeAccountManager(conf *Config) (am *accounts.Manager, ephemeralKeystore s if err := os.MkdirAll(keydir, 0700); err != nil { return nil, "", err } - ks := keystore.NewKeyStore(keydir, scryptN, scryptP) - return accounts.NewManager(ks), ephemeralKeystore, nil + + // Assemble the account manager and supported backends + backends := []accounts.Backend{ + keystore.NewKeyStore(keydir, scryptN, scryptP), + } + if ledgerhub, err := usbwallet.NewLedgerHub(); err != nil { + glog.V(logger.Warn).Infof("Failed to start Ledger hub, disabling: %v", err) + } else { + backends = append(backends, ledgerhub) + } + return accounts.NewManager(backends...), ephemeralKeystore, nil }