April 10, 2023
–
2 min read
News
Data
Security
As core developers for Cosmos, the team at Zondax is dedicated to making significant contributions to the ecosystem. Our efforts have been focused on several areas, including hardware wallet support, cryptography, and the integration of Rosetta into the Cosmos SDK. We're especially proud of our work on Sign Mode Textual, which is a new sign mode that allows hardware devices to sign transactions more securely. Cosmos SDK used to rely on a sign mode called Amino Json Mode to sign transactions. Ho
As core developers for Cosmos, the team at Zondax is dedicated to making significant contributions to the ecosystem. Our efforts have been focused on several areas, including hardware wallet support, cryptography, and the integration of Rosetta into the Cosmos SDK.
We're especially proud of our work on Sign Mode Textual, which is a new sign mode that allows hardware devices to sign transactions more securely. Cosmos SDK used to rely on a sign mode called Amino Json Mode to sign transactions. However, Amino has limitations and Cosmos has been making an effort to remove it from their SDK. Our team worked on the ledger app side to deliver support for Sign Mode Textual, ensuring that it did not break any backwards compatibility with other sign modes, like Amino. The transaction is rendered into a textual representation that is then sent to a secure ledger for the user to review and sign. This representation is displayed on screens in sequence, allowing for complete display even on small devices like Ledger. This new sign mode enables secure and efficient signing of transactions with hardware devices, solving the limitations of the previous sign mode.
Another area where we have been active is in the implementation of Rosetta in the Cosmos SDK. This involves the development of a standardized API that facilitates the integration of blockchain networks with other financial systems such as exchanges and wallets. Our team has been working hard to test and improve this integration to ensure that Cosmos can be easily integrated with other systems.
We have also been focusing on cryptography-related topics, such as the migration from bcrypt to AEAD, which makes our implementation more secure and retrocompatible. We use Argon2 for key derivation and have switched from symmetric encryption with Salsa20 to chacha20poly. This new method is more secure and efficient, utilizing the necessary tools to meet the demands of today's cryptography landscape.
We also discovered that the implementation of the secp256k1 algorithm in Cosmos' SDK is not constant time. We put this ticket on hold while we wait for a resolution to the implementation in GO. We have found that there is no audited code that meets the implementation requirements, and the cost/benefit ratio is not ideal.
Zondax has made significant contributions to the Cosmos blockchain platform, with a focus on enhancing its user-friendliness and security. Our work on Sign Mode Textual, Rosetta integration, and cryptography-related topics have made us an important contributor to the Cosmos ecosystem. We are committed to continue our efforts to make Cosmos an even more innovative and secure blockchain platform, and we are excited to be at the forefront of this ongoing development.
Relevant Links:
https://github.com/cosmos/cosmos-sdk/issues/7051https://github.com/cosmos/cosmos-sdk/issues/3129https://github.com/cosmos/cosmos-sdk/blob/1f7f35878e95b91467d9abf867ef5041237c08f7/docs/architecture/adr-050-sign-mode-textual.mdhttps://github.com/Zondax/cosmos-sdk/pull/509
Read More
Announcing Lotus v1.28.1: Elevating Filecoin to Network Version 23 (Waffle) 🧇
Filecoin's Lotus v1.28.1, codenamed Waffle, introduces Network Version 23, enhancing features and performance. Upgrade on 2024-08-06 at 12:00 UTC. Key updates include FIP improvements and Fast Finality.
Ensuring a Smooth Transition: Using the Migration App for the Universal Polkadot Application
The new Polkadot app is here! Use the Migration App on Ledger to easily transfer your funds from your existing account to a new account with the updated Polkadot app.
Bridging the Gap: A Guide to the ICP-EVM Proxy
The ICP-EVM Proxy is a PoC bridging ICP and Ethereum ecosystems. It translates ICP canister data into Ethereum-compatible formats, enabling cross-chain interaction and use of tools. Opeing doors for cross-chain dApps and simplified on-chain event tracking.
Other Articles
February 7, 2025
The ICP-EVM Proxy is a PoC bridging ICP and Ethereum ecosystems. It translates ICP canister data into Ethereum-compatible formats, enabling cross-chain interaction and use of tools. Opeing doors for cross-chain dApps and simplified on-chain event tracking.
October 16, 2024
Interview with Ayelen Murano, front-end developer at Zondax, on Beryx's evolution from concept to its final milestone. Discover the journey behind the product's success.
Protocol
April 9, 2024
Sign Mode Textual introduces a secure, user-friendly method for transaction signing with hardware devices, advancing efficiency and security in the Cosmos SDK.
Interview with Ayelen Murano, front-end developer at Zondax, on Beryx's evolution from concept to its final milestone. Discover the journey behind the product's success.
Protocol
Sign Mode Textual introduces a secure, user-friendly method for transaction signing with hardware devices, advancing efficiency and security in the Cosmos SDK.
© 2024 Zondax. All rights reserved.