Adding Palm Support to Trezor Hardware Wallets
Palm is a new blockchain network built on the Ethereum ecosystem and optimized for non-fungible tokens (NFTs). Trezor, created by SatoshiLabs, is the original hardware wallet for storing cryptocurrency holdings. There are currently two hardware models: Trezor One, the original, and Trezor T, the newest model. Trezor currently supports more than 1,000 coins and tokens.
Originally, both Trezor hardware wallets did not work with the Palm network. This was because the chainID, the unique value that identifies each Ethereum blockchain, of the Palm blockchain is higher than what the Trezor wallets supported. Trezor Wallets used 32 bits to store chainIDs, and since chainIDs can never be negative, the largest chainID that they could hold was (2³² — 1) or 4,294,967,295. The Palm chainID is 11,297,108,109, which needs at least 34 bits to store.
To support larger chain IDs, there were two pieces of software that needed to be updated:
1. Trezor One Firmware: This is the code that runs on the Trezor One device.
2. Trezor Connect: This is middleware that allows MetaMask to communicate with the Trezor devices.
The Trezor T only needed Trezor Connect to be updated while Trezor One needed updates to both.
The Trezor Firmware and Trezor Connect is open source which allows anyone to read and modify the code. If code modifications are approved by the Trezor team, they will be added to the next release. Palm asked Arbitrary Execution to investigate this issue and submit a fix to Trezor for approval.
Firmware Changes
We first had to decide on how many bits to use to store the chainID. Doubling the number of bits to 64 seemed a logical choice. 64-bit integers are basic types in most programming languages and allow chainIDs up to (2⁶⁴ — 1), which would seem to be large enough for a (hopefully) very long time.
Before making any changes, we researched to find the largest chainID allowed by the Ethereum ecosystem. The original Ethereum specification did not have chainIDs and from what we can tell were not added until EIP-155 (https://eips.ethereum.org/EIPS/eip-155). However, while EIP-155 describes how chain IDs should work, it does not specify the size of the chainID.
The closest we could find to a definition of the size was in EIP-712 (https://eips.ethereum.org/EIPS/eip-712). EIP-712 defines a chainID as an unsigned 256-bit integer but has been in the review stage since 2017.
In the end we decided to stick with 64-bit since that is a smaller change than 256-bit and was more likely to be accepted by Trezor.
The Trezor One and Trezor T firmwares are quite different from each other. Trezor One is considered legacy firmware and is largely written in C. The Trezor T is considered the core firmware and is written in a variety of languages like Python, C, Rust and Google Protobuf definitions.
Even though the Trezor T was able to handle the larger chainIDs without modification, it shares some code with Trezor Connect that needed to be updated so that Trezor Connect would work.
We updated the code for both devices and verified that they work with the Palm network by transferring Palm over the Palm Mainnet using command line tools like trezorctl.
MetaMask and Trezor Connect
MetaMask is a browser plugin that can be used as a software wallet and also acts as an interface to hardware wallets including Trezor. We proved that the Trezor Firmware was now working with Palm, but an error occurred when using MetaMask to transfer Palm from a Trezor wallet. We suspected that the issue did not originate from MetaMask but rather from Trezor Connect, which enables Metamask to communicate with Trezor devices.
One of the advantages of the newer core firmware is that Google Protobuf definitions are used for defining the structure of messages and these structures are shared in related projects, such as Trezor Control. We suspected that if Trezor Connect is rebuilt with the new structure definitions that supported 64-bit chainIDs, then MetaMask would work with Palm. We rebuilt and tested Trezor Connect with the new definitions and proved that Palm works with MetaMask with Trezor as the wallet.
Submitting the Updates
The Trezor firmware can be found on Github. We created a fork of this code in our own code repository. Once we made the changes, we created a Pull Request (PR-1771) and asked the Trezor team to review it. After we made some updates based on comments from the Trezor team, the code was merged into another PR, PR-1794 created by the Trezor team that has other related changes so they can be reviewed as a whole.
Current Status
The updates were accepted and merged into Trezor’s main branch. Since this merge, new firmware releases for both Trezor T and Trezor One were made that did not include the updates for Palm. We expect the next release to have these changes.
At the same time as the firmware releases, Trezor Connect was updated and this update contains the Palm changes. Trezor Connect is updated on the server so users do not have to do anything to use the new version with MetaMask.
Trezor T only needed an updated Trezor Connect so it is currently working with MetaMask on the Palm network.
Trezor One will still need a new version of its firmware before it works with the Palm network.
Looking for smart contract audit, or other decentralized technology security services? Check us out at arbitraryexecution.com.
