Skip to content

Add Ledger hardware wallet keychain implementation #182

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: add-cubesigner-keychain
Choose a base branch
from
Open

Add Ledger hardware wallet keychain implementation #182

wants to merge 4 commits into from

Conversation

felipemadero
Copy link
Collaborator

Why this should be merged

This PR adds Ledger hardware wallet integration to the SDK, enabling users to perform secure transaction signing using their Ledger devices for Avalanche transactions. Ledger hardware wallets are widely-used secure key storage devices that provide enterprise-grade key management for blockchain operations by keeping private keys isolated in hardware.

This implementation allows users to:

  • Sign P-Chain, X-Chain, and C-Chain transactions using Ledger devices
  • Integrate seamlessly with existing Avalanche wallet infrastructure
  • Derive addresses using BIP-32/BIP-44 hierarchical deterministic paths
  • Support both Avalanche native addresses and Ethereum-compatible addresses

How this works

The PR adds a new keychain/ledger package that implements both keychain.Keychain and c.EthKeychain interfaces:

  • ledger_device.go - Device implementation that communicates with Ledger hardware via the Avalanche Ledger app
  • ledger_keychain.go - Core keychain implementation that manages address derivation and provides signing capabilities for Avalanche addresses
  • Supports both Avalanche native addresses (P/X chains) and Ethereum addresses (C-Chain)
  • Automatic address derivation using configurable BIP-32 paths (default: m/44'/9000'/0'/0)
  • Comprehensive README with usage examples and complete example program demonstrating all transaction types

The implementation includes:

  • examples/validate-ledger-txs.go - Comprehensive example demonstrating subnet creation, blockchain creation, validator addition, P→C and C→P cross-chain transfers, and C-Chain EVM operations

How this was tested

  • Unit tests
  • Included example program for all P/X/C txs, most for custom local network, some on fuji

Need to be documented in RELEASES.md?

@felipemadero
Add ledger keychain implementation
5a4fce9 
Implements a keychain that integrates with Ledger hardware wallets for
secure transaction signing with physical device confirmation.

Features:
- Hardware-secured transaction signing via Ledger device
- Support for P-Chain, X-Chain, and C-Chain operations
- Compatible with keychain.Keychain and c.EthKeychain interfaces
- Automatic key derivation using BIP-44 path (m/44'/9000'/0'/0/n)
- Support for both full transaction signing and hash signing
- Retry logic for transient USB communication errors

The implementation uses github.com/ava-labs/ledger-avalanche-go for
hardware wallet communication.
@felipemadero
Add package structure section to ledger keychain README
fb79716 
Adds a tree diagram showing the package file structure and descriptions
of the core files to help users understand the organization.
@felipemadero
add package structure section to cubesigner keychain README
e66a39f
@felipemadero felipemadero changed the base branch from main to add-cubesigner-keychain October 10, 2025 19:49
This was referenced Oct 10, 2025
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@felipemadero