Merge branch 'release'

.github/workflows/build-mobile-reusable.yml

@@ -106,8 +106,13 @@ jobs:
           skip-pod-cache: "false"
           skip-turbo-cache: "false"
           turbo-server-token: ${{ secrets.TURBOREPO_SERVER_TOKEN }}
-      - name: install dependencies
-        run: pnpm i --filter="live-mobile..." --filter="ledger-live" --no-frozen-lockfile --unsafe-perm
+      - uses: nick-fields/retry@v3
+        name: install dependencies
+        with:
+          max_attempts: 2
+          timeout_minutes: 15
+          command: pnpm i --filter="live-mobile..." --filter="ledger-live" --no-frozen-lockfile --unsafe-perm 
+          new_command_on_retry: rm -rf ~/.cocoapods/ && pnpm clean && pnpm i --filter="live-mobile..." --filter="ledger-live" --no-frozen-lockfile --unsafe-perm 
       - name: bundle ios and android js
         run: |
           pnpm build:llm:deps --api="http://127.0.0.1:${{ steps.caches.outputs.port }}" --token="${{ secrets.TURBOREPO_SERVER_TOKEN }}" --team="foo"

.github/workflows/release-final-nightly.yml

@@ -57,7 +57,7 @@ jobs:
           git add .
           git commit -m "chore(nightly): :rocket: nightly release"
       - name: publish nightly
-        run: pnpm changeset publish
+        run: pnpm changeset publish --no-git-tag
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPMJS_TOKEN }}
       - uses: LedgerHQ/ledger-live/tools/actions/get-package-infos@develop
@@ -68,18 +68,10 @@ jobs:
         id: post-mobile-version
         with:
           path: ${{ github.workspace }}/apps/ledger-live-mobile
-      - name: tag desktop
-        if: ${{ steps.desktop-version.outputs.version != steps.post-desktop-version.outputs.version }}
-        run: |
-          git tag @ledgerhq/live-desktop@${{ steps.post-desktop-version.outputs.version }}
-      - name: tag mobile
-        if: ${{ steps.mobile-version.outputs.version != steps.post-mobile-version.outputs.version }}
-        run: |
-          git tag live-mobile@${{ steps.post-mobile-version.outputs.version }}
       - name: push changes
         if: ${{ !cancelled() }}
         run: |
-          git push origin nightly --follow-tags
+          git push origin nightly
       - uses: actions/github-script@v7
         name: trigger nightly build of desktop
         if: ${{ steps.desktop-version.outputs.version != steps.post-desktop-version.outputs.version }}

.github/workflows/release-prerelease.yml

@@ -86,27 +86,19 @@ jobs:
           git commit -m "chore(prerelease): :rocket: ${{ inputs.ref }} prerelease [LLD(${{ steps.post-desktop-version.outputs.version }}), LLM(${{ steps.post-mobile-version.outputs.version }})]" ||
           echo ""
       - name: publish prerelease
-        run: pnpm changeset publish
+        run: pnpm changeset publish --no-git-tag
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPMJS_TOKEN }}
-      - name: tag desktop
-        if: ${{ steps.desktop-version.outputs.version != steps.post-desktop-version.outputs.version }}
-        run: |
-          git tag @ledgerhq/live-desktop@${{ steps.post-desktop-version.outputs.version }}
-      - name: tag mobile
-        if: ${{ steps.mobile-version.outputs.version != steps.post-mobile-version.outputs.version }}
-        run: |
-          git tag live-mobile@${{ steps.post-mobile-version.outputs.version }}
       - name: push changes (push event)
         if: ${{ github.event_name == 'push' }}
         run: |
           git pull --rebase
-          git push origin ${{ github.ref_name }} --follow-tags
+          git push origin ${{ github.ref_name }}
       - name: push changes (other events)
         if: ${{ github.event_name == 'workflow_dispatch' }}
         run: |
           git pull --rebase
-          git push origin ${{ inputs.ref }} --follow-tags
+          git push origin ${{ inputs.ref }}
       - uses: actions/github-script@v7
         name: trigger prerelease build for desktop
         if: ${{ steps.desktop-version.outputs.version != steps.post-desktop-version.outputs.version }}

apps/cli/CHANGELOG.md

@@ -1,5 +1,46 @@
 # @ledgerhq/live-cli
 
+## 24.7.1
+
+### Patch Changes
+
+- Updated dependencies [[`642c714`](https://github.com/LedgerHQ/ledger-live/commit/642c714d52eaaccb1b8ac3a2ee0391b641d19303), [`ced792c`](https://github.com/LedgerHQ/ledger-live/commit/ced792c37b42135f2b7596228c14ccd0783a803f), [`b0d535b`](https://github.com/LedgerHQ/ledger-live/commit/b0d535b72d9c6ac7e474de2b598bc4964a515d93), [`ea4edf3`](https://github.com/LedgerHQ/ledger-live/commit/ea4edf306a52fad556273afae7fd907f610c9aba), [`0a16ae4`](https://github.com/LedgerHQ/ledger-live/commit/0a16ae4cb58ad9f2e67c7f3494b0dc52cb7423a1), [`6f0d39f`](https://github.com/LedgerHQ/ledger-live/commit/6f0d39f46ef5d3e24439421aa68dfe7aadcd1dbc), [`00cab1d`](https://github.com/LedgerHQ/ledger-live/commit/00cab1db1d67eb0cf35059eeeb9e2d8bd328f8f3), [`b0d535b`](https://github.com/LedgerHQ/ledger-live/commit/b0d535b72d9c6ac7e474de2b598bc4964a515d93), [`a47e68b`](https://github.com/LedgerHQ/ledger-live/commit/a47e68b568a3b888a241c30345b4935557404215), [`9032845`](https://github.com/LedgerHQ/ledger-live/commit/9032845a3cbadf40d545d6832e0280880e0be3d7), [`3652e83`](https://github.com/LedgerHQ/ledger-live/commit/3652e83e02876856f1370cccab47f4272b71a7d3), [`07a242d`](https://github.com/LedgerHQ/ledger-live/commit/07a242d9c54a4b70d9fec7ef390b8e8ab7de4df7), [`3824e06`](https://github.com/LedgerHQ/ledger-live/commit/3824e06ba2c94bc0697d2a40d865efe766d1f102), [`d962cf1`](https://github.com/LedgerHQ/ledger-live/commit/d962cf13667a383b77a1d30bf26bec27702d9af4)]:
+  - @ledgerhq/live-common@34.11.0
+  - @ledgerhq/live-env@2.4.0
+  - @ledgerhq/ledger-key-ring-protocol@0.5.0
+  - @ledgerhq/hw-ledger-key-ring-protocol@0.2.0
+  - @ledgerhq/live-wallet@0.7.0
+  - @ledgerhq/coin-bitcoin@0.8.3
+  - @ledgerhq/coin-framework@0.18.3
+  - @ledgerhq/device-core@0.4.2
+  - @ledgerhq/live-countervalues@0.2.8
+  - @ledgerhq/cryptoassets@13.6.1
+  - @ledgerhq/live-network@2.0.2
+
+## 24.7.1-next.1
+
+### Patch Changes
+
+- Updated dependencies [[`ea4edf3`](https://github.com/LedgerHQ/ledger-live/commit/ea4edf306a52fad556273afae7fd907f610c9aba)]:
+  - @ledgerhq/live-common@34.11.0-next.1
+
+## 24.7.1-next.0
+
+### Patch Changes
+
+- Updated dependencies [[`642c714`](https://github.com/LedgerHQ/ledger-live/commit/642c714d52eaaccb1b8ac3a2ee0391b641d19303), [`ced792c`](https://github.com/LedgerHQ/ledger-live/commit/ced792c37b42135f2b7596228c14ccd0783a803f), [`b0d535b`](https://github.com/LedgerHQ/ledger-live/commit/b0d535b72d9c6ac7e474de2b598bc4964a515d93), [`0a16ae4`](https://github.com/LedgerHQ/ledger-live/commit/0a16ae4cb58ad9f2e67c7f3494b0dc52cb7423a1), [`6f0d39f`](https://github.com/LedgerHQ/ledger-live/commit/6f0d39f46ef5d3e24439421aa68dfe7aadcd1dbc), [`00cab1d`](https://github.com/LedgerHQ/ledger-live/commit/00cab1db1d67eb0cf35059eeeb9e2d8bd328f8f3), [`b0d535b`](https://github.com/LedgerHQ/ledger-live/commit/b0d535b72d9c6ac7e474de2b598bc4964a515d93), [`87b706c`](https://github.com/LedgerHQ/ledger-live/commit/87b706c8a807f14c72c7d47206e9ee767f50a04c), [`a47e68b`](https://github.com/LedgerHQ/ledger-live/commit/a47e68b568a3b888a241c30345b4935557404215), [`9032845`](https://github.com/LedgerHQ/ledger-live/commit/9032845a3cbadf40d545d6832e0280880e0be3d7), [`3652e83`](https://github.com/LedgerHQ/ledger-live/commit/3652e83e02876856f1370cccab47f4272b71a7d3), [`07a242d`](https://github.com/LedgerHQ/ledger-live/commit/07a242d9c54a4b70d9fec7ef390b8e8ab7de4df7), [`3824e06`](https://github.com/LedgerHQ/ledger-live/commit/3824e06ba2c94bc0697d2a40d865efe766d1f102), [`d962cf1`](https://github.com/LedgerHQ/ledger-live/commit/d962cf13667a383b77a1d30bf26bec27702d9af4)]:
+  - @ledgerhq/live-common@34.11.0-next.0
+  - @ledgerhq/live-env@2.4.0-next.0
+  - @ledgerhq/ledger-key-ring-protocol@0.5.0-next.0
+  - @ledgerhq/hw-ledger-key-ring-protocol@0.2.0-next.0
+  - @ledgerhq/live-wallet@0.7.0-next.0
+  - @ledgerhq/coin-bitcoin@0.8.3-next.0
+  - @ledgerhq/coin-framework@0.18.3-next.0
+  - @ledgerhq/device-core@0.4.2-next.0
+  - @ledgerhq/live-countervalues@0.2.8-next.0
+  - @ledgerhq/cryptoassets@13.6.1-next.0
+  - @ledgerhq/live-network@2.0.2-next.0
+
 ## 24.7.0
 
 ### Minor Changes

apps/cli/README.md

@@ -376,6 +376,40 @@ Usage: ledger-live i18n       # Test e2e functionality for device localization s
 Usage: ledger-live listApps   # list all installed apps on the device
  -d, --device <String>        : provide a specific HID path of a device
 
+Usage: ledger-live ledgerKeyRingProtocol # Ledger Key Ring Protocol command
+ -d, --device <String>        : provide a specific HID path of a device
+     --initMemberCredentials  : Init member credentials for Ledger Key Ring Protocol
+     --getKeyRingTree         : Get or create a Ledger Key Ring Protocol Tree
+     --encryptUserData        : Encrypt user data with the current private key secured by the Ledger Key Ring Protocol
+     --decryptUserData        : Encrypt user data with the current private key secured by the Ledger Key Ring Protocol
+     --getMembers             : Get members of the Ledger Key Ring Protocol Tree
+     --restoreKeyRingTree     : Restore a Ledger Key Ring Protocol Tree
+     --destroyKeyRingTree     : Destroy a Ledger Key Ring Protocol Tree
+     --pubKey <String>        : pubkey for Ledger Key Ring Protocol Tree retrieved from initMemberCredentials result
+     --privateKey <String>    : privatekey for Ledger Key Ring Protocol Tree retrieved from initMemberCredentials result
+     --rootId <String>        : The immutable id of the Tree root retrieved from getKeyRingTree result
+     --walletSyncEncryptionKey <String>: The secret used to encrypt/decrypt the wallet sync data retrieved from getKeyRingTree result
+     --applicationPath <String>: privatekey for Ledger Key Ring Protocol Tree from initMemberCredentials result
+     --message <String>       : message to be encrypted/decrypted
+     --applicationId <Number> : application identifier
+     --name <String>          : name of the instance
+     --apiBaseUrl <String>    : api base url for Ledger Key Ring Protocol
+
+Usage: ledger-live ledgerSync # Ledger Sync command
+     --push                   : Init member credentials for Ledger Key Ring Protocol
+     --pull                   : Get or create a Ledger Key Ring Protocol Tree
+     --pubKey <String>        : pubkey for Ledger Key Ring Protocol Tree retrieved from initMemberCredentials result
+     --privateKey <String>    : privatekey for Ledger Key Ring Protocol Tree retrieved from initMemberCredentials result
+     --rootId <String>        : The immutable id of the Tree root retrieved from getKeyRingTree result
+     --walletSyncEncryptionKey <String>: The secret used to encrypt/decrypt the wallet sync data retrieved from getKeyRingTree result
+     --applicationPath <String>: privatekey for Ledger Key Ring Protocol Tree from initMemberCredentials result
+     --data <String>          : data to be pushed to Ledger Sync
+     --version <Number>       : version of the data
+     --applicationId <Number> : application identifier
+     --name <String>          : name of the instance
+     --apiBaseUrl <String>    : api base url for Ledger Key Ring Protocol
+     --cloudSyncApiBaseUrl <String>: api base url for Cloud Sync
+
 Usage: ledger-live liveData   # utility for Ledger Live app.json file
  -d, --device <String>        : provide a specific HID path of a device
      --xpub <String>          : use an xpub (alternatively to --device) [DEPRECATED: prefer use of id]

apps/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ledgerhq/live-cli",
-  "version": "24.7.0",
+  "version": "24.7.1",
   "description": "ledger-live CLI version",
   "repository": {
     "type": "git",
@@ -33,7 +33,9 @@
     "@ledgerhq/device-core": "workspace:^",
     "@ledgerhq/devices": "workspace:^",
     "@ledgerhq/errors": "workspace:^",
+    "@ledgerhq/ledger-key-ring-protocol": "workspace:^",
     "@ledgerhq/hw-app-btc": "workspace:^",
+    "@ledgerhq/hw-ledger-key-ring-protocol": "workspace:^",
     "@ledgerhq/hw-transport": "workspace:^",
     "@ledgerhq/hw-transport-http": "workspace:^",
     "@ledgerhq/hw-transport-mocker": "workspace:^",

apps/cli/src/commands-index.ts

@@ -54,6 +54,8 @@ import balanceHistory from "./commands/live/balanceHistory";
 import countervalues from "./commands/live/countervalues";
 import envs from "./commands/live/envs";
 import exportAccounts from "./commands/live/exportAccounts";
+import ledgerKeyRingProtocol from "./commands/live/ledgerKeyRingProtocol";
+import ledgerSync from "./commands/live/ledgerSync";
 import liveData from "./commands/live/liveData";
 import portfolio from "./commands/live/portfolio";
 import synchronousOnboarding from "./commands/live/synchronousOnboarding";
@@ -118,6 +120,8 @@ export default {
   countervalues,
   envs,
   exportAccounts,
+  ledgerKeyRingProtocol,
+  ledgerSync,
   liveData,
   portfolio,
   synchronousOnboarding,

apps/cli/src/commands/live/ledgerKeyRingProtocol.ts

@@ -0,0 +1,195 @@
+import { getSdk } from "@ledgerhq/ledger-key-ring-protocol/index";
+import { crypto } from "@ledgerhq/hw-ledger-key-ring-protocol";
+import { withDevice } from "@ledgerhq/live-common/hw/deviceAccess";
+import { getEnv } from "@ledgerhq/live-env";
+import { deviceOpt } from "../../scan";
+
+export default {
+  description: "Ledger Key Ring Protocol command",
+  args: [
+    deviceOpt,
+    {
+      name: "initMemberCredentials",
+      type: Boolean,
+      desc: "Init member credentials for Ledger Key Ring Protocol",
+    },
+    {
+      name: "getKeyRingTree",
+      type: Boolean,
+      desc: "Get or create a Ledger Key Ring Protocol Tree",
+    },
+    {
+      name: "encryptUserData",
+      type: Boolean,
+      desc: "Encrypt user data with the current private key secured by the Ledger Key Ring Protocol",
+    },
+    {
+      name: "decryptUserData",
+      type: Boolean,
+      desc: "Encrypt user data with the current private key secured by the Ledger Key Ring Protocol",
+    },
+    {
+      name: "getMembers",
+      type: Boolean,
+      desc: "Get members of the Ledger Key Ring Protocol Tree",
+    },
+    {
+      name: "restoreKeyRingTree",
+      type: Boolean,
+      desc: "Restore a Ledger Key Ring Protocol Tree",
+    },
+    {
+      name: "destroyKeyRingTree",
+      type: Boolean,
+      desc: "Destroy a Ledger Key Ring Protocol Tree",
+    },
+    {
+      name: "pubKey",
+      type: String,
+      desc: "pubkey for Ledger Key Ring Protocol Tree retrieved from initMemberCredentials result",
+    },
+    {
+      name: "privateKey",
+      type: String,
+      desc: "privatekey for Ledger Key Ring Protocol Tree retrieved from initMemberCredentials result",
+    },
+    {
+      name: "rootId",
+      type: String,
+      desc: "The immutable id of the Tree root retrieved from getKeyRingTree result",
+    },
+    {
+      name: "walletSyncEncryptionKey",
+      type: String,
+      desc: "The secret used to encrypt/decrypt the wallet sync data retrieved from getKeyRingTree result",
+    },
+    {
+      name: "applicationPath",
+      type: String,
+      desc: "privatekey for Ledger Key Ring Protocol Tree from initMemberCredentials result",
+    },
+    {
+      name: "message",
+      type: String,
+      desc: "message to be encrypted/decrypted",
+    },
+    {
+      name: "applicationId",
+      type: Number,
+      default: 16,
+      desc: "application identifier",
+    },
+    {
+      name: "name",
+      type: String,
+      default: "CLI",
+      desc: "name of the instance",
+    },
+    {
+      name: "apiBaseUrl",
+      type: String,
+      default: getEnv("TRUSTCHAIN_API_STAGING"),
+      desc: "api base url for Ledger Key Ring Protocol",
+    },
+  ],
+  job: ({
+    device,
+    initMemberCredentials,
+    getKeyRingTree,
+    encryptUserData,
+    decryptUserData,
+    getMembers,
+    restoreKeyRingTree,
+    destroyKeyRingTree,
+    pubKey,
+    privateKey,
+    rootId,
+    walletSyncEncryptionKey,
+    applicationPath,
+    message,
+    applicationId = 16,
+    name = "CLI",
+    apiBaseUrl = getEnv("TRUSTCHAIN_API_STAGING"),
+  }: Partial<{
+    device: string;
+    initMemberCredentials: boolean;
+    getKeyRingTree: boolean;
+    getMembers: boolean;
+    encryptUserData: boolean;
+    decryptUserData: boolean;
+    restoreKeyRingTree: boolean;
+    destroyKeyRingTree: boolean;
+    pubKey: string;
+    privateKey: string;
+    rootId: string;
+    walletSyncEncryptionKey: string;
+    applicationPath: string;
+    message: string;
+    applicationId: number;
+    name: string;
+    apiBaseUrl: string;
+  }>) => {
+    if (!applicationId) return "applicationId is required";
+    if (!name) return "name is required";
+    if (!apiBaseUrl) return "apiBaseUrl is required";
+
+    const context = {
+      applicationId,
+      name,
+      apiBaseUrl,
+    };
+    const sdk = getSdk(false, context, withDevice);
+
+    if (initMemberCredentials) {
+      return sdk.initMemberCredentials();
+    }
+
+    if (getKeyRingTree) {
+      if (!pubKey || !privateKey) return "pubKey and privateKey are required";
+      return sdk
+        .getOrCreateTrustchain(device || "", { pubkey: pubKey, privatekey: privateKey })
+        .then(result => result.trustchain);
+    }
+
+    if (getMembers || restoreKeyRingTree || destroyKeyRingTree) {
+      if (!pubKey || !privateKey) return "pubKey and privateKey are required";
+      if (!rootId) return "pubKey and privateKey are required";
+      if (!walletSyncEncryptionKey) return "walletSyncEncryptionKey is required";
+      if (!applicationPath) return "applicationPath is required";
+
+      const sdkMethod = getMembers
+        ? "getMembers"
+        : restoreKeyRingTree
+          ? "restoreTrustchain"
+          : "destroyTrustchain";
+      return sdk[sdkMethod](
+        { rootId, walletSyncEncryptionKey, applicationPath },
+        { pubkey: pubKey, privatekey: privateKey },
+      );
+    }
+
+    if (encryptUserData || decryptUserData) {
+      if (!rootId) return "rootId is required";
+      if (!walletSyncEncryptionKey) return "walletSyncEncryptionKey is required";
+      if (!applicationPath) return "applicationPath is required";
+      if (!message) return "message is required";
+
+      if (encryptUserData) {
+        return sdk
+          .encryptUserData(
+            { rootId, walletSyncEncryptionKey, applicationPath },
+            new TextEncoder().encode(message),
+          )
+          .then(array => Buffer.from(array).toString("hex"));
+      }
+      return sdk
+        .decryptUserData(
+          { rootId, walletSyncEncryptionKey, applicationPath },
+          crypto.from_hex(message),
+        )
+        .then(array => new TextDecoder().decode(array));
+    }
+
+    return "command does not exist";
+  },
+};