Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ Ref: https://keepachangelog.com/en/1.0.0/
* (server) [#24720](https://github.com/cosmos/cosmos-sdk/pull/24720) add `verbose_log_level` flag for configuring the log level when switching to verbose logging mode during sensitive operations (such as chain upgrades).
* (crypto) [#24861](https://github.com/cosmos/cosmos-sdk/pull/24861) add `PubKeyFromCometTypeAndBytes` helper function to convert from `comet/v2` PubKeys to the `cryptotypes.Pubkey` interface.
* (abci_utils) [#25008](https://github.com/cosmos/cosmos-sdk/pull/25008) add the ability to assign a custom signer extraction adapter in `DefaultProposalHandler`.
* (crypto/ledger) [#25435](https://github.com/cosmos/cosmos-sdk/pull/25435) Add SetDERConversion to reset skipDERConversion and App name for ledger.

### Improvements

Expand Down
50 changes: 49 additions & 1 deletion crypto/ledger/ledger_secp256k1.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ import (
// options stores the Ledger Options that can be used to customize Ledger usage
var options Options

// AppName defines the Ledger app used for signing. Cosmos SDK uses the Cosmos app
const AppName = "Cosmos"

type (
// discoverLedgerFn defines a Ledger discovery function that returns a
// connected device or an error upon failure. Its allows a method to avoid CGO
Expand Down Expand Up @@ -66,7 +69,7 @@ func initOptionsDefault() {
options.createPubkey = func(key []byte) types.PubKey {
return &secp256k1.PubKey{Key: key}
}
options.appName = "Cosmos"
options.appName = AppName
options.skipDERConversion = false
}

Expand All @@ -90,6 +93,51 @@ func SetSkipDERConversion() {
options.skipDERConversion = true
}

// SetDERConversion configures whether DER signature conversion should be enabled.
// When enabled (true), signatures returned from the Ledger device are converted
// from DER format to BER format, which is the standard behavior for Cosmos SDK chains.
// When disabled (false), raw signatures are used without conversion, which is
// typically required for Ethereum/EVM-compatible chains.
//
// Parameters:
// - enabled: true to enable DER conversion (Cosmos chains), false to disable (Ethereum chains)
//
// Example usage for different coin types in a key management CLI:
//
// switch coinType {
// case 60:
// // Ethereum/EVM chains - disable DER conversion for raw signatures
// cosmosLedger.SetDiscoverLedger(func() (cosmosLedger.SECP256K1, error) {
// return evmkeyring.LedgerDerivation()
// })
// cosmosLedger.SetCreatePubkey(func(key []byte) cryptotypes.PubKey {
// return evmkeyring.CreatePubkey(key)
// })
// cosmosLedger.SetAppName(evmkeyring.AppName)
// cosmosLedger.SetDERConversion(false) // Disable DER conversion for Ethereum
// case 118:
// // Cosmos SDK chains - enable DER conversion for signature compatibility
// cosmosLedger.SetDiscoverLedger(func() (cosmosLedger.SECP256K1, error) {
// device, err := ledger.FindLedgerCosmosUserApp()
// if err != nil {
// return nil, err
// }
// return device, nil
// })
// cosmosLedger.SetCreatePubkey(func(key []byte) cryptotypes.PubKey {
// return &secp256k1.PubKey{Key: key}
// })
// cosmosLedger.SetAppName(cosmosLedger.AppName)
// cosmosLedger.SetDERConversion(true) // Enable DER conversion for Cosmos
// default:
// return fmt.Errorf(
// "unsupported coin type %d for Ledger. Supported coin types: 60 (Ethereum app), 118 (Cosmos app)", coinType,
// )
// }
func SetDERConversion(enabled bool) {
options.skipDERConversion = !enabled
}

// NewPrivKeySecp256k1Unsafe will generate a new key and store the public key for later use.
//
// This function is marked as unsafe as it will retrieve a pubkey without user verification.
Expand Down
Loading