• Stars
    star
    140
  • Rank 261,473 (Top 6 %)
  • Language
    Java
  • License
    GNU Affero Genera...
  • Created almost 11 years ago
  • Updated almost 9 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Ledger Unplugged - Java Card implementation of Ledger Bitcoin Hardware Wallet

Ledger Unplugged - Open Source Java Card applet

Overview

This applet is an implementation of the Ledger Wallet Hardware Wallet specification emulating an NFC Forum Type 4 tag to display the second factor, with specific extensions

It is compatible with the core API with a few limitations if not using a proprietary API to recover public keys - the public key cache needs to be provisioned from the client side.

A demonstration of this application and workaround if no proprietary API is present is provided in the Python API and also in Mycelium

Several other integration examples are provided on Ledger Unplugged product page

Developers can also check if a Java Card platform is supported and its performance with the Eligibility applet

All applet code is provided under the GNU Affero General Public License v3 - for any question or commercial licensing, reach us at [email protected]

Differences with Ledger Unplugged commercial versions

Ledger Unplugged sold by Ledger on the Fidesmo platform or downloaded on a Fidesmo enabled device includes an NXP implementation of the ProprietaryAPI interface which is only available under NDA, providing better performance regarding the speed of cryptographic operations.

Users are free to switch between the commercial version and their own version compiled from those sources, after deleting it.

The commercial version is also provisioned with an attestation key pair signed by a shared Ledger public key (see below) allowing a third party to check for genuine applications.

Building

Due to heavy optimizations using a C preprocessor, building is currently recommended on a Unix platform or with MinGW on Windows. Pre built files are provided for reference only.

If you don't need to rebuild the preprocessed files, you can use an automated build with Ant. Otherwise, keep reading.

First download a recent Java Card SDK (at least 3.0.1) from Oracle and install it

Then choose a building script - if building for an NFC only platform, build-no-ndef.sh is recommended. If you wish to test the NDEF second factor (typically on a platform supporting both NFC and a different interface), you can use build.sh instead

Then modify the build script to point JCENV to the installation directory, and possibly the applet and ELF AIDs if necessary. For example Fidesmo mandates a specific AID according to your account configuration.

Finally run the build script to generate a loadable .cap file in the build/ directory

Installing

Installing on a generic Java Card platform

Installation can be done using global platform tools such as GlobalPlatformPro or GPShell

Specific optional installation parameters are described in the Java Card application specification

Installing on a Fidesmo device

First you'll need to register a Fidesmo account

Then you can use Fidesmo API to upload the generated CAP file, and create a recipe to install and delete the application

You can use the following samples

For the App Description

{
    	"name": "Ledger Unplugged Development",
    	"description": {
		"en": "Test Ledger Unplugged application"
    	}
}

For a service recipe to install the application (without installation parameters), replacing with your AIDs, provided by Fidesmo

{
	"description": {
	"title": "Install Ledger Unplugged",
	"description": [{
  		"lang": "en",
      "value": "Test Ledger Unplugged install"
	  }
	],
  },
	"actions": [
    {
        "endpoint": "/ccm/install",
        "content": {
            "executableLoadFile" : "a0000006170054bf6aa95001",
            "executableModule" : "a0000006170054bf6aa94901",
            "application" : "a0000006170054bf6aa94901"
        }
    }
  ],
  "successMessage": "Application was installed",
  "failureMessage": "Application couldn't be installed"	  
}

For a service recipe to delete the application

{
	"description": {
		"title": "Delete Ledger Unplugged",
		"description": [{
  			"lang": "en",
  			"value": "Delete Test Ledger Unplugged"
  		}
	]
  	},
	"actions": [
	    {
    	    "endpoint": "/ccm/delete",
        	"content": {
            	"application" : "a0000006170054bf6aa95001",
            	"withRelated" : true
        	}
    	}
	],
	"successMessage": "Application was deleted",
	"failureMessage": "Application couldn't be deleted"
}

Personalizing

Manual personalization

To perform a manual personalization, you'll need at least to :

  • Select the application AID
  • Issue a FACTORY INITIALIZE KEYCARD SEED command
  • Issue a SETUP command

Personalization through Ledger Wallet Android application

You'll need to rebuild a version of Ledger Wallet application with your specific AID

Using the application

Mycelium

Mycelium supports natively custom built versions of the application - just specify your instance AID in the Settings menu on the Ledger options group.

Ledger public key

Each unique attestation public key is signed by the following Ledger public key on SECp256k1 for official applications

045f68bcd470ba883aa646d90fd8cfee7ac3208e3a1e926bd6895eba5ae22bcd96ddeba7dfe25c7cec546f0f425b9d737de47302bf604f33fa5097a9992b4baf06

More Repositories

1

ledger-live-desktop

⛔️ DEPRECATED - Ledger Live (Desktop)
JavaScript
954
star
2

ledgerjs

⛔️ MOVED to monorepo "ledger-live"
TypeScript
574
star
3

ledger-live

Mono-repository for packages related to Ledger Live and its JavaScript ecosystem.
JavaScript
410
star
4

ledger-live-mobile

⛔️ DEPRECATED - Ledger Live (Mobile)
JavaScript
381
star
5

ledger-nano-s

Ledger Nano S, a personal security device from Ledger (blockchain / bitcoin / ethereum / FIDO)
277
star
6

app-monero

Monero wallet application for Ledger Nano S & X
Python
267
star
7

app-ethereum

Ethereum wallet application for Ledger devices
C
178
star
8

ledger-wallet-chrome

Ledger Wallet Chrome application
JavaScript
162
star
9

satstack

Bitcoin full node with Ledger Live
Go
148
star
10

ledger-live-common

⛔️ DEPRECATED - Common ground for the Ledger Wallet apps
TypeScript
135
star
11

speculos

Ledger Nano/Blue apps emulator
C
129
star
12

app-bitcoin

Bitcoin wallet application for Ledger Blue and Nano S
C
118
star
13

blue-loader-python

Python Loader for Ledger Blue (all), Nano S (all) and Nano X (developer units)
Python
114
star
14

openpgp-card-app

OpenPGP Card Application
C
110
star
15

nanos-secure-sdk

Secure (ST31) SDK for Ledger Nano S
C
94
star
16

app-bitcoin-new

Modern Bitcoin Application based on PSBT and Descriptors
C
93
star
17

ledger-wallet-api

High level API to the Ledger Wallet Chrome app
HTML
82
star
18

lib-ledger-core

C++
79
star
19

app-ssh-agent

Simple SSH and GPG agent for Ledger Blue and Nano S
C
78
star
20

udev-rules

udev rules to support Ledger devices on Linux
Shell
76
star
21

app-passwords

Password Manager application for Ledger Blue and Nano S
C
74
star
22

ledger-wallet-ripple

JavaScript
65
star
23

ledger-u2f-javacard

Java Card FIDO U2F authenticator for Ledger Unplugged
Java
63
star
24

btchip-python

Ledger HW.1 Python API
Python
60
star
25

ledger-wallet-ethereum-chrome

Ledger Wallet Ethereum Chrome application
JavaScript
55
star
26

ledger-sample-apps

Sample Applications for Ledger Nano S and Ledger Blue
C
54
star
27

ledgerjs-examples

LedgerJS examples
JavaScript
53
star
28

ledger-manager-chrome

Ledger Manager Chrome application
Scala
50
star
29

android-u2f-bridge

Generic support for USB U2F tokens on Android
Java
49
star
30

ledger-dotnet-api

.NET API for Ledger
C#
48
star
31

xpub-scan

Tool to perform master public key analysis
TypeScript
45
star
32

ledger-blue

Ledger Blue, a personal security device from Ledger (blockchain / bitcoin / ethereum / FIDO)
41
star
33

ledger-device-rust-sdk

Rust SDK for Ledger device applications
Rust
38
star
34

wallet-api

Wallet API Monorepo
TypeScript
38
star
35

ledgerctl

A library to control Ledger devices
Python
37
star
36

bolos-enclave

BOLOS community enclave for SGX & simulator
C
34
star
37

ledger-wallet-ios

Ledger Wallet iOS application
Swift
34
star
38

app-u2f

FIDO U2F Application for Ledger Blue and Nano S
C
33
star
39

app-boilerplate

Boilerplate application for Ledger Nano S/X
C
33
star
40

recover-whitepaper

33
star
41

developer-portal

MDX
32
star
42

app-boilerplate-rust

Rust boilerplate application for Ledger Nano S/S+/X
Python
31
star
43

bolos-tee

Implementation of Ledger BOLOS for TEE applications
C
29
star
44

ledger-dev-doc

DEPRECATED - please use https://github.com/LedgerHQ/developer-portal
Python
28
star
45

nanos-ui

UI application for Ledger Nano S
C
26
star
46

blue-devenv

DEPRECATED - Development Environment for Ledger Blue and Nano S
26
star
47

OUTDATED_ledger-wallet-android

OUTDATED – for Ledger Live mobile, the correct repository is here =>
Scala
26
star
48

solidity-exercise

A RPG multiplayer game that will be used for interviews and internal workshops.
Solidity
22
star
49

app-streaming

Develop apps without any constraints
C
22
star
50

ledger-app-builder

Docker image to compile app for the Ledger Nano S.
Dockerfile
22
star
51

ledger-secure-os

C
20
star
52

rust-app-demo

(DEPRECATED) Proof of concept setup for a Rust App on Nano
Rust
19
star
53

nanox-secure-sdk

This repository has been replaced by https://github.com/LedgerHQ/ledger-secure-sdk/. Please read the new repository README for more information.
C
19
star
54

app-xrp

Ripple wallet application for Ledger Blue and Nano S
C
18
star
55

connect-kit

TypeScript
16
star
56

rust-app-password-manager

Rust
15
star
57

ui

⛔️ MOVED to monorepo "ledger-live"
TypeScript
15
star
58

app-starknet

Official Ledger Starknet application (Rust implementation)
Python
15
star
59

ledger-wallet-webtool

A utility application used to deploy utility functions to Ledger users
JavaScript
14
star
60

ledger-fresh-management

This is where product topics are discussed for Ledger Fresh
14
star
61

nanos-nonsecure-firmware

Non Secure (STM32) Firmware for Ledger Nano S
C
14
star
62

cargo-ledger

(Moved in the ledger device rust SDK --> https://github.com/LedgerHQ/ledger-device-rust-sdk). Load code on a Ledger device with a `cargo` subcommand
Rust
14
star
63

live-app-sdk

TypeScript
13
star
64

ledger-live-wagmi-connector

Wagmi JS lib Connector for Ledger Live Dapp Browser
TypeScript
13
star
65

lascar

Mirror of lascar (https://github.com/Ledger-Donjon/lascar)
Python
13
star
66

app-starknet-zondax

Starknet application for Ledger Nano S, SP, X
Rust
13
star
67

moosig

Fun with MuSig2 and Ledger devices 🎵
Python
13
star
68

nanos-nonsecure-firmware-releases

Non Secure (STM32) Firmware releases for Ledger Nano S
12
star
69

blue-secure-sdk

Secure (ST31) SDK for Ledger Blue
C
12
star
70

web3allowlist

Allowlist data for Web3Checks
Python
12
star
71

lib-ledger-core-node-bindings

C++
12
star
72

btchip-c-api

Ledger HW.1 C APIs
C
12
star
73

resigner

The hottest miniscript signing server
Python
12
star
74

innovation-contracts-solidity

Collection of smart contracts written in Solidity
Solidity
11
star
75

app-plugin-boilerplate

C
10
star
76

ledger-nano-piv

Hackathon project, not production ready (yet)
Rust
9
star
77

ledger-repl

DEPRECATED, this project moved to https://github.com/LedgerHQ/ledger-live – this repository will be archived once we migrated the website too
JavaScript
9
star
78

btchip-doc

Ledger HW.1 firmware documentation
HTML
9
star
79

ledger-javacard-eligibility

Java Card applet to test features and performance of a Hierarchical Deterministic Bitcoin Hardware Wallet implementation
Java
9
star
80

ledger-asset-dapps

Python
9
star
81

device-sdk-ts

✨ A library enabling applications to communicate with Ledger devices.
TypeScript
8
star
82

app-age

Rust
8
star
83

passwords-backup

JavaScript
8
star
84

ledger-starter-iso

Ledger Starter ISO recipe
Python
8
star
85

vanadium-legacy

Unlimited power for apps
C
8
star
86

lib-ledger-core-react-native-bindings

Java
8
star
87

ledger-app-otherdime

Offchain private key exchange as an attestation demonstration for Ledger Blue and Nano S
C
8
star
88

app-recovery-check

C
7
star
89

app-exchange

Exchange application to SWAP and SELL with Ledger Live
C
7
star
90

CTF

C
7
star
91

ragger

Small wrapper around Speculos, LedgerWallet & LedgerComm to ease instrumentation
Python
7
star
92

app-security-key

C
7
star
93

wallet-connect-live-app

TypeScript
7
star
94

btchip-js-api

Ledger HW.1 JavaScript APIs
JavaScript
7
star
95

starknet-wallet-contracts

Python
7
star
96

ethereum-plugin-sdk

C
7
star
97

bitcoin-lib-grpc

A modular gRPC service to interact with the Bitcoin protocol. ₿
Go
7
star
98

blue-nonsecure-firmware

Non Secure (STM32) Firmware for Ledger Blue
C
7
star
99

ledger-fresh-web

Frontend of Ledger fresh, our open source web wallet based on the account abstraction
TypeScript
7
star
100

ledgercomm

Library to communicate with Ledger Nano S/X and Speculos
Python
7
star