bug: Keychain - Disable shielded key import for nano S (#1953)

Author: jurevans

apps/extension/src/Setup/Ledger/LedgerConnect.tsx

@@ -59,16 +59,16 @@ export const LedgerConnect: React.FC<Props> = ({
       if (returnCode !== LedgerError.NoErrors) {
         throw new Error(errorMessage);
       }
-      const canImportShielded = await ledger?.isZip32Supported();
-      setIsZip32Supported(canImportShielded);
+      const isMaspSupported = await ledger?.isZip32Supported();
+      setIsZip32Supported(isMaspSupported);
 
       setIsLedgerConnecting(true);
       setCurrentApprovalStep(1);
       const { address, publicKey } = await ledger.showAddressAndPublicKey(
         makeBip44Path(chains.namada.bip44.coinType, bip44Path)
       );
 
-      if (canImportShielded) {
+      if (isMaspSupported) {
         // Import Shielded Keys
         const path = makeSaplingPath(chains.namada.bip44.coinType, {
           account: zip32Path.account,
@@ -157,8 +157,8 @@ export const LedgerConnect: React.FC<Props> = ({
 
         {isLedgerConnecting && !isZip32Supported && (
           <Alert type="warning">
-            Shielded key import will be enabled in NamadaApp v
-            {LEDGER_MIN_VERSION_ZIP32}
+            Shielded key import is not available for the Nano S or on versions
+            below {LEDGER_MIN_VERSION_ZIP32}
           </Alert>
         )}
 

packages/sdk/src/index.ts

@@ -1,5 +1,6 @@
 // Make Ledger available for direct-import as it is not dependent on Sdk initialization
 export {
+  LEDGER_MASP_BLACKLISTED,
   LEDGER_MIN_VERSION_ZIP32,
   Ledger,
   initLedgerUSBTransport,

packages/sdk/src/ledger.ts

@@ -28,9 +28,12 @@ export type LedgerProofGenerationKey = {
 export type LedgerStatus = {
   version: ResponseVersion;
   info: ResponseAppInfo;
+  deviceId?: string;
+  deviceName?: string;
 };
 
 export const LEDGER_MIN_VERSION_ZIP32 = "3.0.0";
+export const LEDGER_MASP_BLACKLISTED = "nanoS";
 
 export type Bparams = {
   spend: {
@@ -119,10 +122,13 @@ export class Ledger {
   public async status(): Promise<LedgerStatus> {
     const version = await this.namadaApp.getVersion();
     const info = await this.namadaApp.getAppInfo();
+    const device = this.namadaApp.transport.deviceModel;
 
     return {
       version,
       info,
+      deviceId: device?.id,
+      deviceName: device?.productName,
     };
   }
 
@@ -235,7 +241,7 @@ export class Ledger {
     promptUser = true
   ): Promise<LedgerViewingKey> {
     try {
-      await this.validateVersionForZip32();
+      await this.validateZip32Support();
 
       const { xfvk }: ResponseViewKey = await this.namadaApp.retrieveKeys(
         path,
@@ -268,7 +274,7 @@ export class Ledger {
     promptUser = true
   ): Promise<LedgerProofGenerationKey> {
     try {
-      await this.validateVersionForZip32();
+      await this.validateZip32Support();
 
       const { ak, nsk }: ResponseProofGenKey =
         await this.namadaApp.retrieveKeys(
@@ -343,21 +349,33 @@ export class Ledger {
   public async isZip32Supported(): Promise<boolean> {
     const {
       info: { appVersion },
+      deviceId,
     } = await this.status();
-    return !semver.lt(appVersion, LEDGER_MIN_VERSION_ZIP32);
+    const isSupportedVersion = !semver.lt(appVersion, LEDGER_MIN_VERSION_ZIP32);
+    const isSupportedDevice = deviceId !== LEDGER_MASP_BLACKLISTED;
+
+    return isSupportedVersion && isSupportedDevice;
   }
 
   /**
-   * Validate the version against the minimum required version for Zip32 functionality.
+   * Validate the version against the minimum required version and
+   * device type for Zip32 functionality.
    * Throw error if it is unsupported or app is not initialized.
    * @async
    * @returns void
    */
-  private async validateVersionForZip32(): Promise<void> {
+  private async validateZip32Support(): Promise<void> {
     if (!(await this.isZip32Supported())) {
       const {
         info: { appVersion },
+        deviceId,
+        deviceName,
       } = await this.status();
+
+      if (deviceId === LEDGER_MASP_BLACKLISTED) {
+        throw new Error(`This method is not supported on ${deviceName}!`);
+      }
+
       throw new Error(
         `This method requires Zip32 and is unsupported in ${appVersion}! ` +
           `Please update to at least ${LEDGER_MIN_VERSION_ZIP32}!`

packages/sdk/src/tests/ledger.test.ts

@@ -100,17 +100,23 @@ describe("ledger", () => {
     it("should return the status of the ledger", async () => {
       const version = { version: "1.0.0" };
       const info = { info: "info" };
+      const deviceId = "nanoSP";
+      const deviceName = "Ledger Nano S+";
+
       const namadaApp = {
         getVersion: jest.fn().mockReturnValue(version),
         getAppInfo: jest.fn().mockReturnValue(info),
+        transport: {
+          deviceModel: { id: deviceId, productName: deviceName },
+        },
       };
       const ledger: Ledger = new (Ledger as any)(namadaApp as any);
 
       const res = await ledger.status();
 
       expect(namadaApp.getVersion).toHaveBeenCalled();
       expect(namadaApp.getAppInfo).toHaveBeenCalled();
-      expect(res).toEqual({ version, info });
+      expect(res).toEqual({ version, info, deviceId, deviceName });
     });
   });