Example of using the Ledger Nano S with Beem

in HiveDevs5 years ago

Example of using the Ledger Nano S with Beem

hive ledger


Earlier today, @holger80 announced the release of Beem v0.23.8 which has support for signing transactions via the Hive application on the Ledger Nano S. You can find that post here: https://peakd.com/hive-139531/@holger80/update-for-beem-support-for-ledger-nano-sx-has-been-added

This post will give a quick demonstration of using the cli_wallet to configure your account to be able to use your Ledger Nano S for signing.

First thing's first, install Beem

  • pip install -U beem

Getting your new Public Key

The first step of configuring your account to use the Ledger Nano S is to get your public key from the device.

  • beempy -u listkeys
+-------------------------------------------------------+
| Available Key for 48'/13'/0'/0'/0'                    |
+-------------------------------------------------------+
| STM8SZg3gBcuAEkz9xGKVMnwJHWESHcXFYWDbRcSBCz322dH6jPwy |
+-------------------------------------------------------+

You can see the path is 48'/13'/0'/0'/0'. For now we are going to ignore the reason for that specific path and just proceed using it as it is the default path. The public key that you get from the result relates to the path shown above; changing the path, changes the key.

Configuring your Account

Now that you have obtained the public key from your Ledger Nano S you can proceed with configuring your account using the cli_wallet. This guide will assume you already have knowledge of installing and using the cli_wallet and have imported your account's owner private key already.

Next, let's use the get_account method to list our current keys. Here is the current sample output of my @nettybot account:

  "name": "nettybot",
  "owner": {
    "weight_threshold": 1,
    "account_auths": [],
    "key_auths": [[
        "STM5NDUssdRuiqJB6inoK3KRhFbGfxMPsF5f4wdTs5QBad7Bv11du",
        1
      ]
    ]
  },
  "active": {
    "weight_threshold": 1,
    "account_auths": [],
    "key_auths": [[
        "STM8SZg3gBcuAEkz9xGKVMnwJHWESHcXFYWDbRcSBCz322dH6jPwy",
        1
      ]
    ]
  },
  "posting": {
    "weight_threshold": 1,
    "account_auths": [],
    "key_auths": [[
        "STM7PCZiSjxkLcP5KeQLWDSoP7AKRFBbZagrrpJSXNt4PyiQ3nuLB",
        1
      ]
    ]
  },
  "memo_key": "STM5qQY3f2ByahSuYw5pkR2fAFrhDFB6T9jm8mvzFFpRkNVZfyFLB",

With that out of the way, you can use the update_account command. First let's check the help for this command:

This method updates the keys of an existing account.

Parameters:
    accountname: The name of the account (type: string)
    json_meta: New JSON Metadata to be associated with the account (type:
    string)
    owner: New public owner key for the account (type: public_key_type)
    active: New public active key for the account (type: public_key_type)
    posting: New public posting key for the account (type: public_key_type)
    memo: New public memo key for the account (type: public_key_type)
    broadcast: true if you wish to broadcast the transaction (type: bool)

Now we can use the information we have and put everything together.

update_account nettybot "" STM8SZg3gBcuAEkz9xGKVMnwJHWESHcXFYWDbRcSBCz322dH6jPwy STM8SZg3gBcuAEkz9xGKVMnwJHWESHcXFYWDbRcSBCz322dH6jPwy STM7PCZiSjxkLcP5KeQLWDSoP7AKRFBbZagrrpJSXNt4PyiQ3nuLB STM5qQY3f2ByahSuYw5pkR2fAFrhDFB6T9jm8mvzFFpRkNVZfyFLB true

The above command will set @nettybot's owner and active key to the result we got from the Ledger Nano S using listkeys. (note: in this example I am setting the owner and active key to the same key. For optimal security, you should use a different key for each but since we are using a Ledger Nano S and @nettybot is a test account, I am going to use a single key for both).

After running the update_account command, we can check the result again by using get_account once more.

  "name": "nettybot",
  "owner": {
    "weight_threshold": 1,
    "account_auths": [],
    "key_auths": [[
        "STM8SZg3gBcuAEkz9xGKVMnwJHWESHcXFYWDbRcSBCz322dH6jPwy",
        1
      ]
    ]
  },
  "active": {
    "weight_threshold": 1,
    "account_auths": [],
    "key_auths": [[
        "STM8SZg3gBcuAEkz9xGKVMnwJHWESHcXFYWDbRcSBCz322dH6jPwy",
        1
      ]
    ]
  },
  "posting": {
    "weight_threshold": 1,
    "account_auths": [],
    "key_auths": [[
        "STM7PCZiSjxkLcP5KeQLWDSoP7AKRFBbZagrrpJSXNt4PyiQ3nuLB",
        1
      ]
    ]
  },
  "memo_key": "STM5qQY3f2ByahSuYw5pkR2fAFrhDFB6T9jm8mvzFFpRkNVZfyFLB",

Success .. the owner and active key are now protected inside my Ledger Nano S. There is very little risk of me ever having these keys stolen or lost. If my Ledger Nano S ever breaks, I can use my backup words to initialize a new Ledger Nano S and generate the same exact keys again.

Hopefully you noticed that means you should ALWAYS KEEP YOUR LEDGER RECOVERY PHRASE OFFLINE.

Using our Account with Beem + Ledger

Alright, now that our account is configured to have the proper key setup, we can use beem to perform operations on the Hive blockchain.

  • Want to vote on this post?
    beempy -u upvote -w 100 -a nettybot "@netuoso/example-of-using-the-ledger-nano-s-with-beem"

  • Want to vote for a witness?
    beempy -u approvewitness -a nettybot netuoso

  • Want to delegate some HP?
    beempy -u delegate -a nettybot "1000.000 HIVE" netuoso

  • Want to send some tokens?
    beempy -u transfer -a nettybot netuoso 1000.000 HIVE "Ledger Nano S tip :)"


That's pretty the idea .. no need to import keys to Beem because the keys are all stored inside the Ledger Nano S hardware wallet. This is the absolute most secure way possible to configure your Hive account and execute transactions on the blockchain.

Beem is going to keep growing because @holger80 is a badass dev so be sure to tell him thanks for making this integration so awesome. Soon hopefully we will even see Keychain integrations.

By the way, a Vessel Ledger Nano S integration is also around the corner. Stay tuned for that as more and more options for using the Ledger Nano S with your Hive account become available.

Vote for @netuoso for Hive Witness and be sure to vote for @holger80 as well!

Sort:  

Very cool. :)

Does 48'/13'/0'/0'/0' map to a slip code? I created an issue here and was hoping to have HIVE added so that when I talk to wallets related to stuff I'm doing with @fioprotocol I can reference the proper slip code. I'm hoping to get more wallets using Hive such as Edge Wallet. Paul Puey is on the FIO board with me.

Hive was added to the Slip 48,
it still needs to be added to slip 44.

Huh. I didn't even know that was a thing. Thanks!