npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

ubq-trezor-keyring

v0.10.0

Published

A Sparrow compatible keyring, for trezor hardware wallets

Downloads

10

Readme

ubq-trezor-keyring

An implementation of MetaMask's Keyring interface, that uses a TREZOR hardware wallet for all cryptographic operations.

In most regards, it works in the same way as eth-hd-keyring, but using a TREZOR device. However there are a number of differences:

  • Because the keys are stored in the device, operations that rely on the device will fail if there is no TREZOR device attached, or a different TREZOR device is attached.
  • It does not support the signMessage, signTypedData or exportAccount methods, because TREZOR devices do not support these operations.
  • The method signPersonalMessage requires the firmware version 2.0.7+ for TREZOR Model T and 1.6.2+ on TREZOR ONE
  • As of trezor-connect: 8.2.1, passing an EIP-1559 transaction to signTransaction requires the firmware version 2.4.2+ for TREZOR Model T, and is unsupported on all firmwares for TREZOR ONE.

Using

In addition to all the known methods from the Keyring class protocol, there are a few others:

  • isUnlocked : Returns true if we have the public key in memory, which allows to generate the list of accounts at any time

  • unlock : Connects to the TREZOR device and exports the extended public key, which is later used to read the available ubiq addresses inside the trezor account.

  • setAccountToUnlock : the index of the account that you want to unlock in order to use with the signTransaction and signPersonalMessage methods

  • getFirstPage : returns the first ordered set of accounts from the TREZOR account

  • getNextPage : returns the next ordered set of accounts from the TREZOR account based on the current page

  • getPreviousPage : returns the previous ordered set of accounts from the TREZOR account based on the current page

  • forgetDevice : removes all the device info from memory so the next interaction with the keyring will prompt the user to connect the TREZOR device and export the account information

Contributing

Setup

  • Install Node.js version 12
    • If you are using nvm (recommended) running nvm use will automatically choose the right node version for you.
  • Install Yarn v1
  • Run yarn setup to install dependencies and run any requried post-install scripts
    • Warning: Do not use the yarn / yarn install command directly. Use yarn setup instead. The normal install command will skip required post-install scripts, leaving your development environment in an invalid state.

Testing and Linting

Run yarn test to run the tests.

Run yarn lint to run the linter, or run yarn lint:fix to run the linter and fix any automatically fixable issues.

Release & Publishing

The project follows the same release process as the other libraries in the MetaMask organization. The GitHub Actions action-create-release-pr and action-publish-release are used to automate the release process; see those repositories for more information about how they work.

  1. Choose a release version.

    • The release version should be chosen according to SemVer. Analyze the changes to see whether they include any breaking changes, new features, or deprecations, then choose the appropriate SemVer version. See the SemVer specification for more information.
  2. If this release is backporting changes onto a previous release, then ensure there is a major version branch for that version (e.g. 1.x for a v1 backport release).

    • The major version branch should be set to the most recent release with that major version. For example, when backporting a v1.0.2 release, you'd want to ensure there was a 1.x branch that was set to the v1.0.1 tag.
  3. Trigger the workflow_dispatch event manually for the Create Release Pull Request action to create the release PR.

    • For a backport release, the base branch should be the major version branch that you ensured existed in step 2. For a normal release, the base branch should be the main branch for that repository (which should be the default value).
    • This should trigger the action-create-release-pr workflow to create the release PR.
  4. Update the changelog to move each change entry into the appropriate change category (See here for the full list of change categories, and the correct ordering), and edit them to be more easily understood by users of the package.

    • Generally any changes that don't affect consumers of the package (e.g. lockfile changes or development environment changes) are omitted. Exceptions may be made for changes that might be of interest despite not having an effect upon the published package (e.g. major test improvements, security improvements, improved documentation, etc.).
    • Try to explain each change in terms that users of the package would understand (e.g. avoid referencing internal variables/concepts).
    • Consolidate related changes into one change entry if it makes it easier to explain.
    • Run yarn auto-changelog validate --rc to check that the changelog is correctly formatted.
  5. Review and QA the release.

    • If changes are made to the base branch, the release branch will need to be updated with these changes and review/QA will need to restart again. As such, it's probably best to avoid merging other PRs into the base branch while review is underway.
  6. Squash & Merge the release.

    • This should trigger the action-publish-release workflow to tag the final release commit and publish the release on GitHub.
  7. Publish the release on npm.

    • Be very careful to use a clean local environment to publish the release, and follow exactly the same steps used during CI.
    • Use npm publish --dry-run to examine the release contents to ensure the correct files are included. Compare to previous releases if necessary (e.g. using https://unpkg.com/browse/[package name]@[package version]/).
    • Once you are confident the release contents are correct, publish the release using npm publish.

Attributions

This code was inspired by eth-ledger-keyring and eth-hd-keyring