HW wallets - z-transactions

In my talk at Zcon1 I demonstrated the necessary primitives for z-addrs on a hardware wallet, specifically the RedJubjub signature scheme running on a Ledger Nano S. The main problem is that the hardware wallets have very constrained environments, and it needs an efficient implementation that fits the available stack space in addition to all the other logic that needs to be there. My demo was only the core signature primitive, because I was unable to fit RedJubjub signatures using our Rust implementation of Jubjub on top of the existing Bitcoin Ledger app. There’s also a separate issue where the ZIP 32 derivation process would not work in a Ledger without Ledger themselves adding support for Jubjub and ZIP 32 into their closed-source firmware, because (understandably) the raw seed is never exposed directly to an app.

8 Likes