Security News
The Push to Ban Ransom Payments Is Gaining Momentum
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
@binance-chain/bsc-ledger-bridge-keyring
Advanced tools
Readme
An implementation of MetaMask's Keyring interface, that uses a Ledger hardware wallet for all cryptographic operations.
In most regards, it works in the same way as eth-hd-keyring, but using a Ledger device. However there are a number of differences:
Because the keys are stored in the device, operations that rely on the device will fail if there is no Ledger device attached, or a different Ledger device is attached.
It does not support the signMessage
, signTypedData
or exportAccount
methods, because Ledger devices do not support these operations.
Because extensions have limited access to browser features, there's no easy way to interact wth the Ledger Hardware wallet from the MetaMask extension. This library implements a workaround to those restrictions by injecting (on demand) an iframe to the background page of the extension, (which is hosted here.
The iframe is allowed to interact with the Ledger device (since U2F requires SSL and the iframe is hosted under https) using the libraries from LedgerJS hw-app-eth and hw-transport-u2f and establishes a two-way communication channel with the extension via postMessage.
The iframe code it's hosted in the same repo under the branch gh-pages and it's being served via github pages. In the future we might move it under the metamask.io domain.
In addition to all the known methods from the Keyring class protocol, there are a few others:
isUnlocked : Returns true if we have the public key in memory, which allows to generate the list of accounts at any time
unlock : Connects to the Ledger device and exports the extended public key, which is later used to read the available ethereum addresses inside the Ledger account.
setAccountToUnlock : the index of the account that you want to unlock in order to use with the signTransaction and signPersonalMessage methods
getFirstPage : returns the first ordered set of accounts from the Ledger account
getNextPage : returns the next ordered set of accounts from the Ledger account based on the current page
getPreviousPage : returns the previous ordered set of accounts from the Ledger account based on the current page
forgetDevice : removes all the device info from memory so the next interaction with the keyring will prompt the user to connect the Ledger device and export the account information
Run the following command:
yarn test
This code was inspired by eth-ledger-keyring and eth-hd-keyring
FAQs
A MetaMask compatible keyring, for ledger hardware wallets
We found that @binance-chain/bsc-ledger-bridge-keyring demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
Application Security
New SEC disclosure rules aim to enforce timely cyber incident reporting, but fear of job loss and inadequate resources lead to significant underreporting.
Security News
The Python Software Foundation has secured a 5-year sponsorship from Fastly that supports PSF's activities and events, most notably the security and reliability of the Python Package Index (PyPI).