EIP-712 for KeepKey/HDWallet

EIP-712 (“Ethereum typed structured data hashing and signing”) is an important technical building block for interaction with EVM-based DAOs, enabling off-chain message signatures that can be verified and acted upon on-chain. This can be used, for example, to build things like the Gas Station Network, which enables users to pay gas for dapp interactions with ERC-20 tokens like FOX instead of ETH, or for dapps to subsidize the gas costs for certain contract calls, like onboarding (or, say, airdrop claims). There are many other exciting uses as well, but ETH-less transactions by themselves seem pretty darn compelling.

Hardware wallet support for EIP-712 messages isn’t great yet; Ledger’s does it and Trezor’s working on it, but neither actually display the data you’re about to sign, just a hash. That means you have to trust that your computer isn’t lying to the device, because the device can’t verify that the hash actually matches the message. On the other hand, KeepKey’s large screen makes it particularly suited to display and verification of this kind of structured data, and EIP-712 support could turn it into the hardware wallet of choice for use with Ethereum DAOs.

I’d like to propose that the DAO fund work to bring EIP-712 message signing to KeepKey.

EIP-712’s hashing algorithm is written in a way that makes it optimized for on-chain verifiers but quite difficult to do securely onboard a resource-constrained platform like a hardware wallet. However, on my own time I’ve developed a novel method which maintains security while keeping the resources needed at a small, constant levels (as in, O(1) in the size of the message) while still allowing KeepKey-style confirmation of each part of the message. My PoC only uses ~5KB of RAM, which is small enough to work.

More work still needs to be done to support arrays (the last unimplemented part of the spec), ensure the time/memory tradeoffs are tuned appropriately, write the appropriate supporting tests, and get it running on the device and plumbed into the USB message interface. HDWallet will also need to be updated to expose the functionality to apps, and to add EIP-712 support to native wallets (which is almost trivial without the RAM limitation).

(I don’t know how much FOX would be appropriate for this effort; I’ll defer to the more DAO-experienced members of the community - cough cough @willy cough cough – to help me hammer out that part of the idea.)

4 Likes

This is a great idea and I would definitely support this work, would something like a 15k FOX bounty on this work seem sufficient? Is this also something you are saying you could work on and do yourself @MrNerdHair ? How long do you expect the work would take from start to deployment in production?

I can finish the implementation part myself, and even do some testing on-device, but C code is notoriously easy to screw up and needs extra-thorough review to maintain security. I anticipate @markrypto being a key part of that effort.

For KeepKey, “deployment” is somewhat different than a regular project. We typically target no more than one release per month, so depending on exactly when in the release cycle the work was completed there might be an associated delay. That said, I anticipate the development work being done and “in the queue” after about a month. I could also imagine that It could be somewhat faster – maybe two weeks – if I could work on it during business hours; but that, of course, is a question of priorities for ShapeShift US, not the DAO.

I’m notoriously bad at valuing my own time and effort, so 15 kilofox sounds reasonable but so does basically every other number between 5 and 50. I’ll defer to the community on this, and I trust that they are incentivised to not screw me over.

(As a side note, I had a very bad experience with a particular past employer treating me quite poorly, so I came into ShapeShift US somewhat gun-shy about the possible dysfunctions of the employer-employee power relationship. Since then, I’ve been convinced that the company is Good People, and I’m enormously grateful to be part of a DAO community made of people that have earned that kind of trust.)

1 Like

That all sounds great to me @MrNerdHair maybe work with @willy to help turn this into a more formal proposal and forma team of whoever you think is needed to make this happen. I’d love to see this happen outside of normal work hours if it is not necessary for open source efforts (but you will know that better than me what is needed on that front). I would support a bounty around 15-20k FOX if this was just you and maybe a bit more if you pull in more team members. I would say go forward with turning this into a more formal proposal and maybe we could get a vote going in the next week on this?

1 Like

Would love to work with you on this @MrNerdHair! Let’s chat.

Fun fact, here’s a slide from a presentation I gave internally in 2018 when EIP-712 was first released as part of a broader vision to focus on DeFi and being the bridge between users and the decentralized universe, and now here we are finally doing it :partying_face: I agree that this is one of the biggest UX challenges in DeFi and opportunities to improve the experience. It’s also something that I don’t think any other major hardware wallet supports yet, although I can see here that Trezor has an open PR to add support: Adding support of EIP-712 into Ethereum app by xlab · Pull Request #1568 · trezor/trezor-firmware · GitHub

1 Like

total agree, upside down and backwards is my favorite

2 Likes

This is a really cool and needed feature, as daos are becoming more common getting clear insights in the signed txn is a great advantage and keepkey is definitely “best positioned” with its huge screen size.

1 Like