New: Wallet recovery made easy with Ledger Recover, provided by Coincover

Get started
Blog Blog posts

Blog posts, Tech | 07/15/2021

Ethereum Smart Contract plugins

A new frontier for the security of human interactions with smart contracts

Blog Blog posts
Smart Contracts?

Unlike with Bitcoin, where most transactions are simple value transfers from one address to another, Ethereum transactions often contain interactions with Smart Contracts, which are programs running on its blockchain. Every time someone lends coins on Compound, swaps some tokens on Paraswap or pets his Cryptokitties, smart contract transactions are involved. Supporting these use cases on hardware wallets is essential to sustain the growth of the Ethereum ecosystem without making a compromise on its security.

Previous state of smart contract support

Until now, the device could not provide users with a secure display when interacting with smart contracts. One could interact with any smart contract, but the device would just warn the user that “some data was present”, and the user would have to blindly accept signing the data, without being able to double-check the validity of said data.

Nano X showing 'Data Present' when signing unsupported smart contract
Current Ethereum UI when signing a transaction that interacts with an unsupported smart contract
Supporting all smart contracts used to be hard

Adding full support for any given smart contract available in the wild used to be a hard task for many reasons:

  • It required too much knowledge of the Ethereum app’s codebase for third-party developers to be interested.
  • Even if they did, adding full support for many smart contracts would not scale, both in terms of flash space used and technical debt added to the application parsing logic.
Introducing Ethereum plugins:

With the release of Ethereum app v1.8.5, we are laying the foundation to make support addition for a full smart contract on Ledger products much easier and scalable. To do so, the Ethereum transaction parser is now hookable by a new kind of application: plugins. Plugins are small applications dedicated to parsing custom transaction fields and building a custom display to show on screen to the user. They are lightweight apps that can be installed on the device, just like any other app. Users only need to install the plugins for the smart contracts they plan to interact with. This makes supporting smart contracts much more scalable: where previously the Ethereum app would have been bloated with all sorts of different smart contracts support, now the code logic for every smart contract is stored on different plugins, and users simply install what they need!

Ledger Live Manager view, where only little space remains available to install new apps on a Nano S
Memory is a scarce resource, especially on Nano S where just a few apps can be installed before reaching its limits

There are only a few plugins available at the time of this writing (Paraswap), but we hope to have plugins available for every major Ethereum smart contract in the near future: this depends on Ledger, but also on Ledger’s community. By lowering the entry bar to adding smart contract support, we hope to get traction from smart contract programmers so they too, embrace the security of hardware wallets.

Case overview: the Compound plugin

Compound is a well-known set of DeFi smart contracts allowing people to lend and borrow cryptocurrencies in a trustless fashion on the Ethereum blockchain. We recently added support for Compound lending operations and we’re going to present a schematized overview of the flow of a lending transaction process assisted by a plugin.

This schema might seem a little bit complex at first sight, but there’s actually only very little code written to implement it. Every interaction between the Ethereum app and the Compound plugin are pre-defined hooks that a programmer just has to fill with his custom processing logic. This processing logic is often very simple:

  • Copying some values to format them later
  • Making basic security checks
  • Preparing some buffers to display an approval UI to the user
  • etc.

Hence, a plugin is often really easy to write!

🦄 Build your own Ethereum plugin

To implement a plugin for your smart contract, you can start by forking plugin-boilerplate. A documentation of all the hooks and their role is available there, and you can also get inspiration from the ParaSwap plugin.

Quick code iteration can be done via our device emulator, speculos! If you’re new to the Ledger development community, you can also find the basics of the BOLOS platform on readthedocs. You can also reach to us on our developper Slack by requesting access to it here.

Conclusion

Ethereum plugins are a new and powerful yet simple way to improve the security and usability of smart contracts using Ledger hardware wallets, and we hope you’ll enjoy them, and eventually that some of you will even try to build their own. We are committed to improving and maintaining a fertile ground for plugins, so Ethereum DApps can continue to securely grow and thrive.

More articles

Stay in touch

Announcements can be found in our blog. Press contact:
[email protected]

Subscribe to our
newsletter

New coins supported, blog updates and exclusive offers directly in your inbox


Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time using the link included in the newsletter.

Learn more about how we manage your data and your rights.