Shielded Support for Ledger HW Wallet + Maintenance + Ledger Live Integration

Context - Ledger HW Wallet App with shielded support

Zondax developed a Ledger app with Sapling z-address support as part of a Zcash Foundation grant. More recently Zondax upgraded the app, improving its application structure, refactoring it and adding support for new Ledger Devices (Ledger Nano S plus) and completed integration with the Zecwallet Lite Desktop wallet.

We presented at the Zcon3 conference our complete Ledger support for the shielded Zcash transaction in Zecwallet Lite Desktop (Zondax).

Unfortunately, because Zecwallet Lite Desktop is part of a different organization we were not able to ensure that our PR was accepted or released in that repository. The lack of desktop wallet support resulted in our deliverable not being accessible to users or published by Ledger SAS.

This is the PR that was submitted: Add support for Ledger Hardware Wallet by becominginsane · Pull Request #106 · adityapk00/zecwallet-light-cli · GitHub

Proposal

Our primary objective is to get the Zcash Ledger app with shielded support approved and released by Ledger publicly.

In a second phase, we plan to upgrade the app to include Orchard and unified addresses. Orchard is a new protocol that improves the privacy and efficiency of Zcash transactions, while unified addresses simplify the sending and receiving of funds. Finally, we will integrate the app with Ledger Live, which is Ledger’s companion software that allows users to manage their cryptocurrency holdings from a single interface.

Once we have completed this integration we will concentrate on documenting the process via blogs to allow other developers to understand the integration process. This will facilitate further integrations in the ecosystem.

M1 - Enabling Web-Wallet support and submission to Ledger

​​Our plan is to create a fork of Zecwallet Lite Desktop and make the necessary changes to support the Ledger Nano App that we have developed, which includes Sapling support.

To ensure the security of the Ledger App modifications, we will have them audited by an external audit firm approved by Ledger. This audit will review the modifications and ensure that they meet the necessary security standards required for public release by Ledger.

M1 Scope Summary:

• Zecwallet Lite Desktop fork with integration of Ledger HW Wallet app with Sapling support

• External security audit of the Ledger App

• Submission to Ledger and coordination

Budget for this Milestone: 55’700 $

M2 - Maintenance of Zecwallet Lite Desktop fork + Ledger App

We will take responsibility for maintaining this fork, including the necessary infrastructure (i.e. Zcash node and lightwalletd server) and operations, for 12 months after we submit the application to Ledger. While our team would be interested in continuing to maintain the fork beyond this period, that is not within the scope of this grant. By maintaining the fork for 12 months, the team is committing to ensuring that the modified version of Zecwallet Lite Desktop continues to work properly and can be used with the Ledger Nano App during that time.

During this period we will also maintain the Ledger App covering the following areas:

• Ledger SDK or firmware upgrades that affect the application

• Device support for Ledger Nano, Nano Plus, Nano X and Stax

• Security fixes related to Ledger SDK layers

• Repository and issue monitoring and triage

• Resource availability (ensure internal training in your chain, rotation of resources, etc.)

• Analysis and early warnings in the case of known security issues that may affect the application

• Early warnings and prioritization in the case of urgent issues or vulnerabilities

• Periodic coordination with Ledger

Note* This does not include development of new features or upgrades to new protocols.

M2 Scope Summary:

• 12 months of operations + maintenance of Zecwallet Lite Desktop fork
• 12 months of basic maintenance of Zcash Ledger App

Budget for this Milestone: 58’800 $

M3 Upgrade to Orchard and Unified Addresses

During this milestone, our team intends to make the necessary modifications to the Zcash Ledger app to add support for both Orchard addresses and Unified Addresses. This will make the app more efficient and user-friendly, while still maintaining the privacy and security features that make Zcash unique.

M3 Scope Summary:

• Adaptation of the Ledger App (all devices) to support Orchard and Unified Addresses
• Integration into Zecwallet Lite Desktop fork maintained by Zondax
• Submission to Ledger and coordination
• External security audit of the Ledger App

Budget for this Milestone: 62’800 $

M4 Ledger Live Integration (w/Shielded support)

This milestone will involve integrating the new Ledger application with Shielded support into Ledger Live, and providing infrastructure and DevOps support for 24 months

M4 Scope Summary:

• Ledger Live Initial Integration:

• Review and verify required data (ticker, coin, logos, etc.)

• Verify, develop or migrate typescript integration library

• Common Lib support

• CLI support

• CLI Bot test cases

• Ledger-Live-Desktop/Mobile integration

• Infrastructure

  • Provide dedicated servers to run infrastructure, nodes, APIs, etc. for 24 months.
  • DevOps support

• Ledger Review

  • Preparation and coordination of the submission
  • Corrections and review support

Budget for this Milestone: 105’600 $

Financial Overview

• M1: Enabling Web-Wallet support and submission to Ledger: 55’700 $
• M2: Maintenance of Zecwallet Lite Desktop fork + Ledger App: 58’800 $
• M3: Upgrade to Orchard and Unified Addresses: 62’800 $
• M4 Ledger Live Integration (w/Shielded support) : 105’600 $

Total Budget requested: 282’900 $

About Zondax Team

Experience and Repositories

Zondax is a growing and distributed team with experience and projects for more than 50 blockchains. Zondax has been contributing to the Blockchain ecosystem since 2018-2019. The team has received and completed a large number of grants and currently maintains most Ledger apps for the ecosystem (+30). Our team includes experts in most blockchain aspects, cryptography and programming languages.

Most of our contributions to the blockchain ecosystem can be found in our GitHub organization: github(dot)com/zondax

We have experience in the review and release process by Ledger and have a streamlined workflow to simplify this. Zondax has successfully delivered over 30 Ledger Nano App projects/docs(dot)zondax.ch/ledger-apps/overview and 4 Ledger Live integrations that are either publicly released (eg. zondax(dot)ch/blog/zondax-delivers-full-ledger-live-integration-for-filecoin)) or currently under security review.

Legal structure

Zondax AG

Dammstrasse 16

Zug 6300

Switzerland

UID CHE-491.796.576

License: Zondax source code will be delivered under Apache 2.0 License and/or MIT License (this is also required by Ledger). Deliverables will include source code, unit tests, continuous integration, and integration tests.

Here link to official proposal: Gallery View: Zcash Community Grants Program

Could you comment on how your proposal relates to this recently approved grant: Shielded Support for Ledger Hardware Wallets (NanoS+, NanoX)?

Is there overlap? What is different between the two proposals? What is the benefit to Zcash of having both proposals succeed?

I ask because at a high-level they seem similar (Ledger + shielded Zcash) and your proposal does not discuss the active proposal linked above.

Thanks!

Have you guys try to approach the Zingo team? While I don’t think everyone should be aware of all the projects in the community, I would be concerned if a grant that wants to integrate a Zecwallet fork did not approach the team with a working wallet built from a code fork of Zecwallet Lite.

I mean, cool I guess but what took you guys so long? The lack of communication + follow-through was not a good look.

I think you should just deliver a working app for Ledger Live with Orchard support (maybe ask ECC and Ledger if BOSL license would work ?).

We will have YWallet support soon, and unlike zecwallet lite it is audited & actively developped.

I totally agree on this one.

Why work on Sapling when we already have Orchard ?
Especially when we hear talks about deprecation of older pools.

Except if M1 is a question of 1-2 months or even less, then I’m totally supportive for M1 (and M2).

As for M3 and M4 - those are just « must have » !

What is ETA for M3 ?
I heard that submissions to Ledger could take more than 6 months…

Hello @David_Heisenberg,

This proposal relates in the sense that it’s based on top of our previous work and attempts to reach the public release stage. However the process for public release is complex and this proposal doesn’t tackle most the key requirements defined by Ledger to get the application publicly released. Please also note the fact that this proposal is stating “working with the Zondax team” while we were not consulted for this.

Is there an overlap ? Partially, there is an overlap on the nano application orchard upgrade. However not only are the wallets different but we also plan to go way further by maintaining the application and the ledger live integration. We also account for an external security audit which is a key requirement to reach public release and the above proposal simply doesn’t take it into consideration. To be transparent this simply is a misunderstanding of the Ledger development and release process. Note the fact that we are the team that develops most of the Ledger applications and we are in continuous collaboration with the Ledger team. The benefits of Hahn’s proposal would be to add orchard support to our app (yet it still wouldn’t be able to reach public release) + Ywallet integration. Our proposal would also add the orchard support (hence the overlap) but it would actually be able to reach public release and would be maintained + Ledger live integration and maintenance of the Ledger App. Note also that Ledger updates the firmware frequently, specially now with the recent changes due to the upcoming stax device, which we also plan to support.

We didn’t discuss the above proposal as we consider that it’s better to build our proposal on what we can do to improve the situation rather than opposing the two proposals. But indeed we should have mentioned it so the community members that didn’t follow have a clear view of the context. Thanks for pointing that out !

Hi @pkr,

You’re totally right, and I am deeply sorry about the delay in submitting this. We developed the Nano app as per request from the Zcash foundation. However our scope didn’t include a web wallet integration which is a requirement to get the app public. Usually wallet developers are doing this integration, we did offer to help but no wallet responded to this proposition. This is why the situation was in standby for so long, It has taken me longer than I wished to put this together. I was also in contact with both the Zcash Foundation, ZCG and Ledger to define the scope and fully understand what is needed to really, but for real really get this publicly released. Ledger was blocking this because there is no current support of the sapling implementation with a web wallet. As per the community involvement this is something we’re fully aware of we were not doing great in the past and we’re trying to improve.

Hi @tokidoki

Our main commitment is towards reaching public release in short amount of time. We have a proven experience of delivering this, however, in the case of zcash app as mentioned in the proposal there were issues that arose because we were not in control of the integration with the web-wallet, which is one of the main requirements from Ledger towards public release. This is why we are proposing the fork to be able to deliver without external dependencies.

Hi @joris,

Before being able to deliver to push the app to public stage, Ledger requires a web-wallet integration. The app is ready and fully working, and in consultation with the Zcash Foundation we decided to fork zec wallet because we had already a PR open with the current zec wallet that we would need to update, but we have already some previous knowledge on this. (See here PR)

Yes, YWallet is audited and actively developed, but we were not consulted on the submission of the proposal.

Hi @tim_ukrainian,

Thank you for the support.

Why work on Sapling when we already have Orchard ? → since the implementation of sapling on the Nano App is ready we are in a very good position as soon as we have support with the web wallet to submit this to review. This would speed up a lot the process towards Ledger release.
Yes, M1 is going to take less than 2 months.

As per the ETA for M3, we plan to initiate this work as soon as we submit sapling. We expect this phase to take no longer than 2 months.

I heard that submissions to Ledger could take more than 6 months…. → It shouldn’t take that long given that our proposal also includes an external security audit with one of the approved partners by Ledger and this would reduce the review process to several weeks.

Thank you for pointing out the mention of Zondax in my proposal. The ZCG and I discussed and we decided to go without their involvement at this point. This was agreed on before the approval. I have now updated my proposal and removed any mention of Zondax.
This is also clearly stated here:

Thanks for your reply.

It is amazing to me how much dysfunction has occurred in the Zcash wallet ecosystem to due lack of coordination and collaboration. For instance, ZWL was given a grant as recently as June '22, but support from them seems to have dropped off the map, not to mention apparently not collaborating with Zondax to get Ledger to work.

I’m not a historian on all the whole process like others here, but I can at least say I’m glad you are trying to see it through with Zcash. Stability and a good working relationship with facilitators like the ZF (and Ledger) definitely counts for something.

I am confused by this:

Since I also read this:

I guess a meeting between @hanh and Zondax did take place, but ultimately, collaboration did not result?

While it seems like your team has the know-how to get the app onto Ledger, I am worried about sync times. For me, no other wallet than Ywallet with its Warp Sync algorithm has been usable since May 2022. What are your thoughts on this?

Thanks

P.S. Frankly speaking, I think the Zcash Foundation should consider building a light wallet. The amount of stability and support the dev fund organizations receive is head and shoulders above what third-parties have. At the end of the day, a wallet in someone’s hands is the concrete expression of our goals and values, and I think it would be a very high leverage way of providing financial privacy for the public good.

@ainhoa-zondax, thank you for your grant submission. The @ZcashGrants Committee has recently voted to reject this proposal, & the meeting minutes regarding this decision will be posted soon.