Security News
The Push to Ban Ransom Payments Is Gaining Momentum
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
@ledgerhq/hw-transport
Advanced tools
Readme
@ledgerhq/hw-transport
implements the generic interface of a Ledger Hardware Wallet transport.
unsubscribe
function (): voidType: Object
type: add or remove event descriptor: a parameter that can be passed to open(descriptor) deviceModel: device info on the model (is it a nano s, nano x, ...) device: transport specific device info
type
("add"
| "remove"
)descriptor
DescriptordeviceModel
DeviceModel??device
Device?Type: $ReadOnly<{next: function (event: Ev): any, error: function (e: any): any, complete: function (): any}>
Transport defines the generic interface to share between node/u2f impl A Descriptor is a parametric type that is up to be determined for the implementation. it can be for instance an ID, an file path, a URL,...
low level api to communicate with the device This method is for implementations to implement but should not be directly called. Instead, the recommanded way is to use send() method
_apdu
Bufferapdu
the data to sendReturns Promise<Buffer> a Promise of response data
set the "scramble key" for the next exchanges with the device. Each App can have a different scramble key and they internally will set it at instanciation.
_key
stringkey
the scramble keyclose the exchange with the device.
Returns Promise<void> a Promise that ends when the transport is closed.
Listen to an event on an instance of transport. Transport implementation can have specific events. Here is the common events:
"disconnect"
: triggered if Transport is disconnectedStop listening to an event on an instance of transport.
Enable or not logs of the binary exchange
Set a timeout (in milliseconds) for the exchange call. Only some transport might implement it. (e.g. U2F)
exchangeTimeout
numberDefine the delay before emitting "unresponsive" on an exchange that does not respond
unresponsiveTimeout
numberwrapper on top of exchange to simplify work of the implementation.
cla
numberins
numberp1
numberp2
numberdata
Buffer (optional, default Buffer.alloc(0)
)statusList
Array<number> is a list of accepted status code (shorts). [0x9000] by default (optional, default [StatusCodes.OK]
)Returns Promise<Buffer> a Promise of response buffer
Statically check if a transport is supported on the user's platform/browser.
Type: function (): Promise<boolean>
List once all available descriptors. For a better granularity, checkout listen()
.
Type: function (): Promise<Array<Descriptor>>
TransportFoo.list().then(descriptors => ...)
Returns any a promise of descriptors
Listen all device events for a given Transport. The method takes an Obverver of DescriptorEvent and returns a Subscription (according to Observable paradigm https://github.com/tc39/proposal-observable )
a DescriptorEvent is a { descriptor, type }
object. type can be "add"
or "remove"
and descriptor is a value you can pass to open(descriptor)
.
each listen() call will first emit all potential device already connected and then will emit events can come over times,
for instance if you plug a USB device after listen() or a bluetooth device become discoverable.
Type: function (observer: Observer<DescriptorEvent<Descriptor>>): Subscription
observer
is an object with a next, error and complete function (compatible with observer pattern)const sub = TransportFoo.listen({
next: e => {
if (e.type==="add") {
sub.unsubscribe();
const transport = await TransportFoo.open(e.descriptor);
...
}
},
error: error => {},
complete: () => {}
})
Returns any a Subscription object on which you can .unsubscribe()
to stop listening descriptors.
attempt to create a Transport instance with potentially a descriptor.
Type: function (descriptor: Descriptor, timeout: number): Promise<Transport<Descriptor>>
descriptor
: the descriptor to open the transport with.timeout
: an optional timeoutTransportFoo.open(descriptor).then(transport => ...)
Returns any a Promise of Transport instance
create() allows to open the first descriptor available or throw if there is none or if timeout is reached. This is a light helper, alternative to using listen() and open() (that you may need for any more advanced usecase)
TransportFoo.create().then(transport => ...)
FAQs
Ledger Hardware Wallet common interface of the communication layer
The npm package @ledgerhq/hw-transport receives a total of 127,363 weekly downloads. As such, @ledgerhq/hw-transport popularity was classified as popular.
We found that @ledgerhq/hw-transport demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
Application Security
New SEC disclosure rules aim to enforce timely cyber incident reporting, but fear of job loss and inadequate resources lead to significant underreporting.
Security News
The Python Software Foundation has secured a 5-year sponsorship from Fastly that supports PSF's activities and events, most notably the security and reliability of the Python Package Index (PyPI).