Skip to main content

Aptos

Keystone is now integrated with the Petra Wallet and Fewcha Wallet

Connect with Keystone

For Aptos, Keystone defines the new UR type crypto-multi-accounts to expose the public keys. Software can utilize these data to generate the desired addresses. Developers can use the SDK to retrieve and parse this data from the QR Code displayed on the Keystone device.

Here is a sample code snippet to scan the animated QR code and parse the data:

import KeystoneSDK, {UR, URType} from "@keystonehq/keystone-sdk"
import {AnimatedQRScanner} from "@keystonehq/animated-qr"

/**
 * Represents a component that handles the scanning of an animated QR code to retrieve
 * the crypto hdkey information from a Keystone hardware wallet.
 * 
 * The component uses the `AnimatedQRScanner` from `@keystonehq/animated-qr` to scan the QR code,
 * and the `KeystoneSDK` to parse the scanned data into a human-readable account information format.
 */

const Account = () => {

  /**
   * Callback function to handle successful QR code scans.
   * 
   * @param {Object} data - The data object containing the type and cbor encoded string.
   * @param {string} data.type - The type of the scanned data.
   * @param {string} data.cbor - The cbor encoded string representing the account information.
   */
  const onSucceed = ({type, cbor}) => {
    // Parses the crypto multi accounts from the scanned QR code data.
    const account = KeystoneSDK.parseMultiAccounts(new UR(Buffer.from(cbor, "hex"), type))
    console.log("multiAccounts: ", multiAccounts);
  }

  /**
   * Callback function to handle errors during QR code scanning.
   * 
   * @param {string} errorMessage - The error message describing what went wrong during scanning.
   */
  const onError = (errorMessage) => {
    console.log("error: ", errorMessage);
  }

  // Renders the AnimatedQRScanner component with the specified handlers for success and error events.
  return <AnimatedQRScanner handleScan={onSucceed} handleError={onError} urTypes={[URType.CryptoMultiAccounts]} />
}

Here is an example of the resulting data:

{
    "masterFingerprint": "f23f9fd2",
    "keys": [
        {
        "chain": "APTOS",
        "path": "m/44'/637'/0'/0'/0'",
        "publicKey": "ac19...",
        "name": "APT-0",
        "chainCode": ""
      },
      {
        "chain": "APTOS",
        "path": "m/44'/637'/1'/0'/0'",
        "publicKey": "5fe3...",
        "name": "APT-1",
        "chainCode": ""
      },
      {
        "chain": "APTOS",
        "path": "m/44'/637'/2'/0'/0'",
        "publicKey": "3fab...",
        "name": "APT-2",
        "chainCode": ""
      },
      ...
    ],
    "device": "Keystone"
}

Here is the type defination of the CryptoMutliAccounts:

interface MultiAccounts {
    masterFingerprint: string  // A 4 bytes hex string indicates the current mnemonic, e.g. 'f23f9fd2'
    keys: Account[]  // An array of public keys
    device?: string  // The device name, e.g. 'Keystone'
    deviceId?: string  // The device id, e.g. '28475c8d80f6c06bafbe46a7d1750f3fcf2565f7'
    deviceVersion?: String  // The device firmware version, e.g. '1.0.2'
}

interface Account {
    chain: string  // The symbol of the coin this key belongs to, e.g. 'APT'
    path: string  // The full derivation path of current key
    publicKey: string  // Public key in hex string
    name?: string  // The address name in hardware wallet
    chainCode: string  // The chain code if exist
    extendedPublicKey?: string  // The bip32 extended public key, e.g. xpub...
    note?: string  // The note for current account
}

Keystone will provide the master fingerprint and the public keys, allowing software wallets to select the necessary data to generate the desired addresses.

Genereate the sign request

For Aptos, Keystone introdue the new UR type aptos-sign-request to encode the Aptos transaction data or message. The request can also be splited into these two types:

  • Transaction
  • Message

Here is the sample data structure for aptos-sign-request:

requestId: String // UUID for current request
signData: String // the serialized unsigned transaction data, in hex string
signType: Enum // supported data type. Currently supports single, multi and message
accounts: Array (
    path: String // the HD path to tell which private key should be used to sign the data
    xfp: String // master fingerprint provided by Keystone when getting accounts
    key: Optional(String) // the public key for request this signing
)
origin: Optional(String) // source of the request, wallet name etc

Here is a sample code snippet demonstrating how to use the SDK to generate the sign request :

 import KeystoneSDK, { KeystoneAptosSDK } from "@keystonehq/keystone-sdk"
 import {AnimatedQRCode} from "@keystonehq/animated-qr"

 let aptosSignRequest = {
     requestId: "17467482-2654-4058-972D-F436EFAEB38E",
     signData: "B5E97DB07FA0BD0E5598AA3643A9BC6F6693BDDC1A9FEC9E674A461EAA00B1931248CD3D5E09500ACB7082497DEC1B2690384C535F3882ED5D84392370AD0455000000000000000002000000000000000000000000000000000000000000000000000000000000000104636F696E087472616E73666572010700000000000000000000000000000000000000000000000000000000000000010A6170746F735F636F696E094170746F73436F696E0002201248CD3D5E09500ACB7082497DEC1B2690384C535F3882ED5D84392370AD04550880969800000000000A000000000000009600000000000000ACF63C640000000002",
     signType: KeystoneAptosSDK.SignType.SingleSign,
     accounts: [{
         path: "m/44'/637'/0'/0'/0'",
         xfp: "F23F9FD2"
     }],
     origin: "Petra"
 }

 const Aptos = () => {
     const keystoneSDK = new KeystoneSDK();
     const ur = keystoneSDK.aptos.generateSignRequest(aptosSignRequest);

     return <AnimatedQRCode type={ur.type} cbor={ur.cbor.toString("hex")}/>
 }
options={{
    size: number, // optional, QR code width and length in UI, default 180px
    capacity: number, // optional, the capacity of a single QR code, default 400 bytes per image
    interval: number // optional, the QR code change time interval in mill seconds for animated QR code, default 100ms
}}

Here is a javascript sample code snippet demonstrating how to use the Keystone SDK to encode an aptos transaction into the UR type aptos-sign-request and embed it into QR codes.

AnimatedQRCode will decide whether the animated QR codes are needed, the option props of AnimatedQRCode component can be used to control the size, capacity and the update interval of QR code. Please avoid setting the capacity too high, as larger value can make it more difficult for Keystone to scan.

Extract signature

After Keystone scans the QR Codes, it will verify and display the transaction details for user confirmation. Once Keystone signs the data, it generates a signature and encodes it into a QR Code. An new UR type aptos-signature is introduced, After the signing is completed, a software wallet can scan the QR Code to retrieve the signature. The signature is a 64-byte hex string.

Signature (
    requestId: String // the requestId from sign request
    signature: String // the serialized signature in hex string
    authenticationPublicKey: String // indicate which signer signed the transaction
)

Here are some code samples demonstrating how to use the SDK to achieve this.

import KeystoneSDK, {UR, URType} from "@keystonehq/keystone-sdk"
import {AnimatedQRScanner} from "@keystonehq/animated-qr"

const Aptos = () => {
    const keystoneSDK = new KeystoneSDK();

    const onSucceed = ({type, cbor}) => {
        const signature = keystoneSDK.aptos.parseSignature(new UR(Buffer.from(cbor, "hex"), type))
        console.log("signature: ", signature);
    }
    const onError = (errorMessage) => {
        console.log("error: ", errorMessage);
    }

    return <AnimatedQRScanner handleScan={onSucceed} handleError={onError} urTypes={[URType.AptosSignature]} />
}

AnimatedQRScanner helps scan the QR code on Keystone hardware wallet and returns signature which can be parsed by KeystoneSDK.

After getting the signature, software wallet can get the it and construct the transaction, then broadcast it.