Sign in Subscribe

Proposed Solution For Ledger Integration Compatible With All Polkadot Parachains

Proposed Solution For Ledger Integration Compatible With All Polkadot Parachains

In this article, we’ll discuss the issues of Ledger integration by Polkadot parachains and present a possible solution. Ledger integration with Polkadot parachains presents numerous opportunities for users yet requires each parachain to implement the support. To enhance the user experience, we've proposed the development of one app implemented for use across multiple parachains using a specific signature standard - similar to Keplr in Cosmos or Metamask with EVM-based blockchains.

Downsides of custom Ledger app integration by parachains

The integration of custom Ledger apps by parachains presents various challenges.

  • Ledger developers are busy, which leads to extended response times.
  • Each parachain features a unique account resulting in a special derivation path for each app. The implementation makes the application experience non-intuitive and confusing.
  • Additionally, using Ledger to participate in crowdloans requires exporting mnemonics to less secure environments, which is time-consuming and unsupported by all projects.
  • Derivation path selection functionality requires developers to add a new option for every new parachain, which complicates the user experience.
  • Finally, parachains do not have a custom Ledger app, forcing users to rely on less secure browser extensions and mobile apps. The app acts as a decoder with hard-coded pallet numbers and methods, which, combined with long response times, can cause users to lose access to funds for months.

To provide a clearer picture of the challenges described above, the table below summarizes the issues and their impact on the integration of custom Ledger apps by parachains.

Proposed solution

A viable solution is eliminating calldata decoding on the device to address the issues mentioned above. Decoding calldata for each transaction signature is the primary reason each chain requires a unique app, as exemplified by the Ethereum app decoding transfer transactions, but not most others. However, with Ledger, users can sign transactions in _BLIND SIGNING_ mode without decoding them. Users can verify transaction data in Metamask and then sign the transaction in Ledger, providing an improved compromise between security and user experience for the entire ecosystem.

In contrast, Polkadot apps currently decode calldata in browser extensions and mobile apps. As a result, it is possible to show the transaction hash on Ledger and the extension/app to ensure that the correct transaction is signed on Ledger. To enhance security, we recommend displaying the parachain's Genesis hash. If the parachain is on the list of known chains, the name of the parachain can be displayed instead of the Genesis hash.

This solution is a balanced approach that improves security and user experience for the entire ecosystem.

Demonstration

Let’s now examine our app demo to highlight how the proposed solution could work.

First, we need to open Substrate app on Ledger.

We’ll then run the demo script.

Initial logs:

Getting information from Ledger
App version: {
"return_code": 36864,
"error_message": "No errors",
"test_mode": false,
"major": 0,
"minor": 1,
"patch": 0,
"deviceLocked": false,
"target_id": "31100004"
}
Ledger account: {
"pubKey": "d8a1f451162e6163488001efd01ecc0f9db7494834664b34d0fd225d67f0b72d",
"address": "15u3TJt3hc2oevVZi6YToyjdaymttFscQEoQNLn5CgLRvNtL",
"return_code": 36864,
"error_message": "No errors"
}

Signing transaction on Equilibrium parachain demonstration

Signer ss58 address: cg817PN4M6ZkNJ7Epx8QyqxR7Cb3JxYaZrEHyqSZQMcFXhzJy

Tx hash: 0x57e11ae24382d340e5195def4ff8c57da3c9f1645e61225870e9c713c6a7220d

Let’s compare the details with Ledger in order to verify the transaction.

Here’s the transaction hash display on Ledger:

The app detected the addition of Equilibrium Genesis hash to the list of known chains and printed out the chain name:

We’ll then approve transaction in Ledger and return to the console.

Ledger response: {
"return_code": 36864,
"error_message": "No errors",
"signature": "00cc82b71a16f1d41dc5c0d390e606762d2a9a6f0bdcaf66e59127a1c1917958dc403882a88a5d4ff5429b08b700a8da947f9d2e25270f23f960b222a4998d8707"
}
Signature is valid: true

Signed tx as bytes: 0x85028400d8a1f451162e6163488001efd01ecc0f9db7494834664b34d0fd225d67f0b72d00cc82b71a16f1d41dc5c0d390e606762d2a9a6f0bdcaf66e59127a1c1917958dc403882a88a5d4ff5429b08b700a8da947f9d2e25270f23f960b222a4998d8707520014000f0071650000000000004c388c1b04512ee6dd3afd3355fe0498f55c57773d1f4862bdf6aa27d12e387f00ca9a3b000000000000000000000000
Signed tx as json: {
"isSigned": true,
"method": {
"args": {
"asset": "25,969",
"to": "cg4q1NRDwhj1ocFmfnJubbSxekchEdDXBc95KCQxHdzfVcBtL",
"value": "1,000,000,000"
},
"method": "transfer",
"section": "eqBalances"
},
"era": {
"MortalEra": {
"period": "8",
"phase": "5"
}
},
"nonce": "5",
"signature": "0xcc82b71a16f1d41dc5c0d390e606762d2a9a6f0bdcaf66e59127a1c1917958dc403882a88a5d4ff5429b08b700a8da947f9d2e25270f23f960b222a4998d8707",
"signer": {
"Id": "cg817PN4M6ZkNJ7Epx8QyqxR7Cb3JxYaZrEHyqSZQMcFXhzJy"
},
"tip": "0"
}

We can review the signed transaction on chain after sending it.

Submitted tx hash: 0x7ca2d7464003d7f561b29411c286c831607ad9d98f190329b408a629f91be99e
Subscan link: https://equilibrium.subscan.io/extrinsic/0x7ca2d7464003d7f561b29411c286c831607ad9d98f190329b408a629f91be99e

Conclusion

Ledger integration can be a drawn-out and tedious process. Our design for a common Ledger app is a compromise between security and user experience that could decrease the barrier to Ledger integration for both new and existing Polkadot parachains.

For more detailed information please refer to the app, demo, and example which includes Equilibrium, Bifrost, and Khala transactions.