certusone
/
cosmos-sdk
mirror of https://github.com/certusone/cosmos-sdk.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge PR #3649: improve ledger docs

This commit is contained in:
gamarin2 2019-02-14 16:50:39 +01:00 committed by Jack Zampolin
parent d66db6a772
commit fb2d902c43
2 changed files with 71 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/gaia/delegator-guide-cli.md
View File

@ -178,6 +178,10 @@ Then, to create an account, use the following command:
gaiacli keys add <yourAccountName> --ledger gaiacli keys add <yourAccountName> --ledger
``` ```
::: warning
**This command will only work while the Ledger is plugged in and unlocked**
:::
- `<yourKeyName>` is the name of the account. It is a reference to the account number used to derive the key pair from the mnemonic. You will use this name to identify your account when you want to send a transaction. - `<yourKeyName>` is the name of the account. It is a reference to the account number used to derive the key pair from the mnemonic. You will use this name to identify your account when you want to send a transaction.
- You can add the optional `--account` flag to specify the path (`0`, `1`, `2`, ...) you want to use to generate your account. By default, account `0` is generated. - You can add the optional `--account` flag to specify the path (`0`, `1`, `2`, ...) you want to use to generate your account. By default, account `0` is generated.
@ -380,8 +384,8 @@ gaiacli tx distr withdraw-all-rewards --from <delegatorKeyName> --gas auto --gas
gaiacli tx staking unbond <validatorAddress> <amountToUnbond> --from <delegatorKeyName> --gas auto --gas-prices <gasPrice> gaiacli tx staking unbond <validatorAddress> <amountToUnbond> --from <delegatorKeyName> --gas auto --gas-prices <gasPrice>
``` ```
::: tip ::: warning
If you use a connected Ledger, you will be asked to confirm the transaction on the device before it is signed and broadcast to the network **If you use a connected Ledger, you will be asked to confirm the transaction on the device before it is signed and broadcast to the network. Note that the command will only work while the Ledger is plugged in and unlocked.**
::: :::
To confirm that your transaction went through, you can use the following queries: To confirm that your transaction went through, you can use the following queries:

83
docs/gaia/ledger.md
View File

@ -1,29 +1,76 @@
# Ledger Nano Support # Ledger Nano Support
### Ledger Support for account keys ## A note on HD wallet
`gaiacli` now supports derivation of account keys from a Ledger seed. To use this functionality you will need the following: HD Wallets, originally specified in Bitcoin's [BIP32](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki), are a special kind of wallet that let users derive any number of accounts from a single seed. To understand what that means, let us first define some terminology:
- A running `gaiad` instance connected to the network you wish to use. - **Wallet**: Set of accounts obtained from a given seed.
- A `gaiacli` instance configured to connect to your chosen `gaiad` instance. - **Account**: A pair of public key/private key.
- A LedgerNano with the `ledger-cosmos` app installed - **Private Key**: A private key is a secret piece of information used to sign messages. In the blockchain context, a private key identifies the owner of an account. The private key of a user should never be revealed to others.
* Install the Cosmos app onto your Ledger by following the instructions in the [`ledger-cosmos`](https://github.com/cosmos/ledger-cosmos/blob/master/docs/BUILD.md) repository. - **Public Key**: A public key is a piece of information obtained by applying a one-way mathematical function on a private key. From it, an address can be derived. A private key cannot be found from a public key.
* A production-ready version of this app will soon be included in the [Ledger Apps Store](https://www.ledgerwallet.com/apps) - **Address**: An address is a public string with a human-readable prefix that identifies an account. It is obtained by applying mathematical transformations to a public key.
- **Digital Signature**: A digital signature is a piece of cryptographic information that proves the owner of a given private key approved of a given message without revealing the private key.
- **Seed**: Same as Mnemonic.
- **Mnemonic**: A mnemonic is a sequence of words that is used as seed to derive private keys. The mnemonic is at the core of each wallet. NEVER LOSE YOUR MNEMONIC. WRITE IT DOWN ON A PIECE OF PAPER AND STORE IT SOMEWHERE SAFE. IF YOU LOSE IT, THERE IS NO WAY TO RETRIEVE IT. IF SOMEONE GAINS ACCESS TO IT, THEY GAIN ACCESS TO ALL THE ASSOCIATED ACCOUNTS.
> **NOTE:** Cosmos keys are derived acording to the [BIP 44 Hierarchical Deterministic wallet spec](https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki). For more information on Cosmos derivation paths [see the hd package](https://github.com/cosmos/cosmos-sdk/blob/develop/crypto/keys/hd/hdpath.go#L30). At the core of a HD wallet, there is a seed. From this seed, users can deterministically generate accounts. To generate an account from a seed, one-way mathematical transformations are applied. To decide which account to generate, the user specifies a `path`, generally an `integer` (`0`, `1`, `2`, ...).
Once you have the Cosmos app installed on your Ledger, and the Ledger is accessible from the machine you are using `gaiacli` from you can create a new account key using the Ledger: By specifying `path` to be `0` for example, the Wallet will generate `Private Key 0` from the seed. Then, `Public Key 0` can be generated from `Private Key 0`. Finally, `Address 0` can be generated from `Public Key 0`. All these steps are one way only, meaning the `Public Key` cannot be found from the `Address`, the `Private Key` cannot be found from the `Public Key`, ...
```bash ```
$ gaiacli keys add { .Key.Name } --ledger Account 0 Account 1 Account 2
NAME: TYPE: ADDRESS: PUBKEY:
{ .Key.Name } ledger cosmos1aw64xxr80lwqqdk8u2xhlrkxqaxamkr3e2g943 cosmospub1addwnpepqvhs678gh9aqrjc2tg2vezw86csnvgzqq530ujkunt5tkuc7lhjkz5mj629 +------------------+ +------------------+ +------------------+
| | | | | |
| Address 0 | | Address 1 | | Address 2 |
| ^ | | ^ | | ^ |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| + | | + | | + |
| Public key 0 | | Public key 1 | | Public key 2 |
| ^ | | ^ | | ^ |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| + | | + | | + |
| Private key 0 | | Private key 1 | | Private key 2 |
| ^ | | ^ | | ^ |
+------------------+ +------------------+ +------------------+
| | |
| | |
| | |
+--------------------------------------------------------------------+
|
|
+---------+---------+
| |
| Mnemonic (Seed) |
| |
+-------------------+
``` ```
This key will only be accessible while the Ledger is plugged in and unlocked. To send some coins with this key, run the following: The process of derivating accounts from the seed is deterministic. This means that given the same path, the derived private key will always be the same.
The funds stored in an account are controlled by the private key. This private key is generated using a one-way function from the mnemonic. If you lose the private key, you can retrieve it using the mnemonic. However, if you lose the mnemonic, you will lose access to all the derived private keys. Likewise, if someone gains access to your mnemonic, they gain access to all the associated accounts.
## Ledger Support for account keys
At the core of a Ledger device, there is a mnemonic that is used to generate private keys. When you initialize you Ledger, a mnemonic is generated.
::: danger
**Do not lose or share your 12 words with anyone. To prevent theft or loss of funds, it is best to ensure that you keep multiple copies of your mnemonic, and store it in a safe, secure place and that only you know how to access. If someone is able to gain access to your mnemonic, they will be able to gain access to your private keys and control the accounts associated with them.**
:::
This mnemonic is compatible with Cosmos accounts. The tool used to generate addresses and transactions on the Cosmos Hub network is called `gaiacli`, which supports derivation of account keys from a Ledger seed. Note that the Ledger device acts as an enclave of the seed and private keys, and the process of signing transaction takes place within it. No private information ever leaves the Ledger device.
To use `gaiacli` with a Ledger device you will need the following:
- [A Ledger Nano with the `COSMOS` app installed and an account](./delegator-guide-cli.md#using-a-ledger-device)
- [A running `gaiad` instance connected to the network you wish to use.](./delegator-guide-cli.md#accessing-the-cosmos-hub-network)
- [A `gaiacli` instance configured to connect to your chosen `gaiad` instance.](./delegator-guide-cli.md#setting-up-gaiacli)
Now, you are all set to start [sending transactions on the network](./delegator-guide-cli.md#sending-transactions).
```bash
$ gaiacli tx send { .Destination.AccAddr } 10stake --from { .Key.Name } --chain-id=gaia-7000
```
You will be asked to review and confirm the transaction on the Ledger. Once you do this you should see the result in the console! Now you can use your Ledger to manage your Atoms and Stake!