chore: fix ledger payload size signing - canary

ivan-angjelkoski · ivan-angjelkoski · commit 01b85bbfb87f · 2025-12-18T17:04:49.000+01:00
diff --git a/packages/wallets/wallet-ledger/src/strategy/Ledger/Base.ts b/packages/wallets/wallet-ledger/src/strategy/Ledger/Base.ts
@@ -23,8 +23,13 @@ import {
   DEFAULT_NUM_ADDRESSES_TO_FETCH,
 } from '@injectivelabs/wallet-base'
 import LedgerHW from './hw/index.js'
-import { domainHash, messageHash } from './utils.js'
 import { LedgerEip1193Provider } from './Eip1193Provider.js'
+import {
+  domainHash,
+  messageHash,
+  type EIP712Message,
+  isEIP712PayloadTooBig,
+} from './utils.js'
 import type { Hash } from 'viem'
 import type { PublicClient } from 'viem'
 import type { EvmChainId } from '@injectivelabs/ts-types'
@@ -211,15 +216,19 @@ export default class LedgerBase
     const derivationPath = await this.getDerivationPath(address)
     const object = JSON.parse(eip712json)
 
+    if (isEIP712PayloadTooBig(object)) {
+      console.log('Payload is too big, signing with hashed message')
+      return this.signEIP712HashedMessage(derivationPath, object)
+    }
+
     try {
+      console.log('Payload is not too big, signing with message')
       const ledger = await this.ledger.getInstance()
       const result = await ledger.signEIP712Message(derivationPath, object)
 
-      const v = result.v.toString(16).padStart(2, '0')
-      const combined = `${result.r}${result.s}${v}`
-
-      return combined.startsWith('0x') ? combined : `0x${combined}`
+      return this.formatSignatureResult(result)
     } catch (e: unknown) {
+      console.log('Error signing EIP712 message:', e)
       const errorMessage = (e as any).message
       const isKnownNanoSError =
         errorMessage.includes('instruction not supported') ||
@@ -235,28 +244,43 @@ export default class LedgerBase
         })
       }
 
-      try {
-        const ledger = await this.ledger.getInstance()
-        const result = await ledger.signEIP712HashedMessage(
-          derivationPath,
-          domainHash(object),
-          messageHash(object),
-        )
+      return this.signEIP712HashedMessage(derivationPath, object)
+    }
+  }
 
-        const v = result.v.toString(16).padStart(2, '0')
-        const combined = `${result.r}${result.s}${v}`
+  private async signEIP712HashedMessage(
+    derivationPath: string,
+    object: EIP712Message,
+  ): Promise<string> {
+    try {
+      const ledger = await this.ledger.getInstance()
+      const result = await ledger.signEIP712HashedMessage(
+        derivationPath,
+        domainHash(object),
+        messageHash(object),
+      )
 
-        return combined.startsWith('0x') ? combined : `0x${combined}`
-      } catch (e) {
-        throw new LedgerException(new Error((e as any).message), {
-          code: UnspecifiedErrorCode,
-          type: ErrorType.WalletError,
-          contextModule: WalletAction.SignTransaction,
-        })
-      }
+      return this.formatSignatureResult(result)
+    } catch (e) {
+      throw new LedgerException(new Error((e as any).message), {
+        code: UnspecifiedErrorCode,
+        type: ErrorType.WalletError,
+        contextModule: WalletAction.SignTransaction,
+      })
     }
   }
 
+  private formatSignatureResult(result: {
+    v: number
+    r: string
+    s: string
+  }): string {
+    const v = result.v.toString(16).padStart(2, '0')
+    const combined = `${result.r}${result.s}${v}`
+
+    return combined.startsWith('0x') ? combined : `0x${combined}`
+  }
+
   async signAminoCosmosTransaction(_transaction: {
     address: string
     signDoc: StdSignDoc
@@ -299,10 +323,7 @@ export default class LedgerBase
         uint8ArrayToHex(stringToUint8Array(toUtf8(data))),
       )
 
-      const v = result.v.toString(16).padStart(2, '0')
-      const combined = `${result.r}${result.s}${v}`
-
-      return combined.startsWith('0x') ? combined : `0x${combined}`
+      return this.formatSignatureResult(result)
     } catch (e: unknown) {
       throw new LedgerException(new Error((e as any).message), {
         code: UnspecifiedErrorCode,
diff --git a/packages/wallets/wallet-ledger/src/strategy/Ledger/ledgerUtils.spec.ts b/packages/wallets/wallet-ledger/src/strategy/Ledger/ledgerUtils.spec.ts
@@ -1,4 +1,104 @@
-import { domainHash, messageHash } from './utils.js'
+import { domainHash, messageHash, isEIP712PayloadTooBig } from './utils.js'
+
+const tooBigPayload = {
+  types: {
+    EIP712Domain: [
+      {
+        name: 'name',
+        type: 'string',
+      },
+      {
+        name: 'version',
+        type: 'string',
+      },
+      {
+        name: 'chainId',
+        type: 'uint256',
+      },
+      {
+        name: 'verifyingContract',
+        type: 'address',
+      },
+      {
+        name: 'salt',
+        type: 'string',
+      },
+    ],
+    Tx: [
+      {
+        name: 'context',
+        type: 'string',
+      },
+      {
+        name: 'msgs',
+        type: 'string',
+      },
+    ],
+  },
+  primaryType: 'Tx',
+  domain: {
+    name: 'Injective Web3',
+    version: '1.0.0',
+    chainId: '0x1',
+    verifyingContract: '0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC',
+    salt: '0',
+  },
+  message: {
+    context:
+      '{"account_number":1607336,"chain_id":"injective-1","fee":{"amount":[{"denom":"inj","amount":"452096000000000"}],"gas":904192,"payer":"inj1065f86fh88ptyrg8h5048zu0vyx7ex8ymwgr6h"},"memo":"","sequence":8,"timeout_height":146288343}',
+    msgs: '[{"@type":"/cosmos.authz.v1beta1.MsgGrant","granter":"inj1qa8jmnd0tql2uc7yachkyqc22dqnz2uxcs9ra6","grantee":"inj1hcsytnq2salprkkscr73fzj7y9p8srgpncjhqx","grant":{"authorization":{"@type":"/cosmos.authz.v1beta1.GenericAuthorization","msg":"/injective.exchange.v1beta1.MsgWithdraw"},"expiration":"2030-12-17T23:00:00Z"}},{"@type":"/cosmos.authz.v1beta1.MsgGrant","granter":"inj1qa8jmnd0tql2uc7yachkyqc22dqnz2uxcs9ra6","grantee":"inj1hcsytnq2salprkkscr73fzj7y9p8srgpncjhqx","grant":{"authorization":{"@type":"/cosmos.authz.v1beta1.GenericAuthorization","msg":"/injective.exchange.v1beta1.MsgBatchUpdateOrders"},"expiration":"2030-12-17T23:00:00Z"}},{"@type":"/cosmos.authz.v1beta1.MsgGrant","granter":"inj1qa8jmnd0tql2uc7yachkyqc22dqnz2uxcs9ra6","grantee":"inj1hcsytnq2salprkkscr73fzj7y9p8srgpncjhqx","grant":{"authorization":{"@type":"/cosmos.authz.v1beta1.GenericAuthorization","msg":"/injective.exchange.v1beta1.MsgCreateSpotMarketOrder"},"expiration":"2030-12-17T23:00:00Z"}},{"@type":"/injective.wasmx.v1.MsgExecuteContractCompat","sender":"inj1qa8jmnd0tql2uc7yachkyqc22dqnz2uxcs9ra6","contract":"inj1hcsytnq2salprkkscr73fzj7y9p8srgpncjhqx","msg":"{\\"create_strategy\\":{\\"bounds\\":[\\"4000000\\",\\"5000000\\"],\\"levels\\":3,\\"subaccount_id\\":\\"0x074f2dcdaf583eae63c4ee2f62030a5341312b860000696e6a2d757364742d70\\",\\"fee_recipient\\":\\"inj1jv65s3grqf6v6jl3dp4t6c9t9rk99cd8dkncm8\\",\\"slippage\\":\\"0.1\\",\\"strategy_type\\":{\\"perpetual\\":{\\"margin_ratio\\":\\"0.83\\"}}}}","funds":"10000000peggy0xdAC17F958D2ee523a2206206994597C13D831ec7"}]',
+  },
+}
+
+const validPayload = {
+  types: {
+    EIP712Domain: [
+      {
+        name: 'name',
+        type: 'string',
+      },
+      {
+        name: 'version',
+        type: 'string',
+      },
+      {
+        name: 'chainId',
+        type: 'uint256',
+      },
+      {
+        name: 'verifyingContract',
+        type: 'address',
+      },
+      {
+        name: 'salt',
+        type: 'string',
+      },
+    ],
+    Tx: [
+      {
+        name: 'context',
+        type: 'string',
+      },
+      {
+        name: 'msgs',
+        type: 'string',
+      },
+    ],
+  },
+  primaryType: 'Tx',
+  domain: {
+    name: 'Injective Web3',
+    version: '1.0.0',
+    chainId: '0x1',
+    verifyingContract: '0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC',
+    salt: '0',
+  },
+  message: {
+    context:
+      '{"account_number":1607336,"chain_id":"injective-1","fee":{"amount":[{"denom":"inj","amount":"89625000000000"}],"gas":179250,"payer":"inj1065f86fh88ptyrg8h5048zu0vyx7ex8ymwgr6h"},"memo":"","sequence":8,"timeout_height":146288649}',
+    msgs: '[{"@type":"/injective.exchange.v1beta1.MsgCreateSpotLimitOrder","sender":"inj1qa8jmnd0tql2uc7yachkyqc22dqnz2uxcs9ra6","order":{"market_id":"0xa508cb32923323679f29a032c70342c147c17d0145625922b0ef22e955c844c0","order_info":{"subaccount_id":"0x074f2dcdaf583eae63c4ee2f62030a5341312b86000000000000000000000000","fee_recipient":"inj1jv65s3grqf6v6jl3dp4t6c9t9rk99cd8dkncm8","price":"0.000000000004601000","quantity":"434000000000000000.000000000000000000","cid":""},"order_type":"BUY","trigger_price":"0.000000000000000000"}}]',
+  },
+}
 
 const payload = {
   types: {
@@ -48,3 +148,15 @@ describe('Ledger Utils', () => {
     expect(expected).toMatch(messageHashOutput)
   })
 })
+
+describe('isEIP712PayloadTooBig', () => {
+  test('returns true if payload is too big', () => {
+    const result = isEIP712PayloadTooBig(tooBigPayload)
+    expect(result).toBe(true)
+  })
+
+  test('returns false if payload is valid', () => {
+    const result = isEIP712PayloadTooBig(validPayload)
+    expect(result).toBe(false)
+  })
+})
diff --git a/packages/wallets/wallet-ledger/src/strategy/Ledger/utils.ts b/packages/wallets/wallet-ledger/src/strategy/Ledger/utils.ts
@@ -2,7 +2,7 @@ import { hashDomain, hashStruct } from 'viem'
 
 type TypeDefinition = Record<string, Array<{ name: string; type: string }>>
 
-interface EIP712Message {
+export interface EIP712Message {
   types: TypeDefinition
   domain: Record<string, any>
   primaryType: string
@@ -24,3 +24,99 @@ export const messageHash = (message: EIP712Message): `0x${string}` => {
     primaryType: message.primaryType,
   })
 }
+
+/**
+ * Checks if an EIP-712 payload is too large for Ledger hardware wallet signing
+ * @param {Object} eip712Payload - The EIP-712 typed data object
+ * @returns {boolean} - Returns true if payload is too big, false otherwise
+ */
+export function isEIP712PayloadTooBig(eip712Payload: any) {
+  // Ledger-specific limits (based on observed behavior and firmware constraints)
+  const LIMITS = {
+    // Maximum size of the entire JSON payload in bytes
+    MAX_TOTAL_SIZE: 8000,
+
+    // Maximum size of the message.msgs field (often the largest field)
+    MAX_MSGS_SIZE: 4000,
+
+    // Maximum size of the message.context field
+    MAX_CONTEXT_SIZE: 2000,
+
+    // Maximum nesting depth for escaped JSON strings
+    MAX_NESTING_DEPTH: 3,
+
+    // Maximum number of messages in a batch transaction
+    MAX_MESSAGE_COUNT: 3,
+  }
+
+  try {
+    // Check 1: Total payload size
+    const totalSize = JSON.stringify(eip712Payload).length
+    if (totalSize > LIMITS.MAX_TOTAL_SIZE) {
+      console.log(
+        `❌ Total payload size (${totalSize} bytes) exceeds limit (${LIMITS.MAX_TOTAL_SIZE} bytes)`,
+      )
+      return true
+    }
+
+    // Check 2: Message msgs field size
+    if (eip712Payload.message?.msgs) {
+      const msgsSize = eip712Payload.message.msgs.length
+      if (msgsSize > LIMITS.MAX_MSGS_SIZE) {
+        console.log(
+          `❌ msgs field size (${msgsSize} bytes) exceeds limit (${LIMITS.MAX_MSGS_SIZE} bytes)`,
+        )
+        return true
+      }
+
+      // Check 3: Count number of messages in the array
+      try {
+        const msgsArray = JSON.parse(eip712Payload.message.msgs)
+        if (
+          Array.isArray(msgsArray) &&
+          msgsArray.length > LIMITS.MAX_MESSAGE_COUNT
+        ) {
+          console.log(
+            `❌ Message count (${msgsArray.length}) exceeds limit (${LIMITS.MAX_MESSAGE_COUNT})`,
+          )
+          return true
+        }
+
+        // Check 4: Detect deeply nested escaped JSON (common in contract calls)
+        for (const msg of msgsArray) {
+          if (msg.msg && typeof msg.msg === 'string') {
+            const escapeCount = (msg.msg.match(/\\\\/g) || []).length
+            if (escapeCount > 10) {
+              console.log(
+                `❌ Detected deeply nested/escaped JSON (${escapeCount} escape sequences)`,
+              )
+              return true
+            }
+          }
+        }
+      } catch (e: any) {
+        // If we can't parse msgs, it might be malformed
+        console.warn('⚠️ Could not parse msgs field:', (e as any).message)
+      }
+    }
+
+    // Check 5: Context field size
+    if (eip712Payload.message?.context) {
+      const contextSize = eip712Payload.message.context.length
+      if (contextSize > LIMITS.MAX_CONTEXT_SIZE) {
+        console.log(
+          `❌ context field size (${contextSize} bytes) exceeds limit (${LIMITS.MAX_CONTEXT_SIZE} bytes)`,
+        )
+        return true
+      }
+    }
+
+    // All checks passed
+    // console.log('✅ Payload size is within acceptable limits')
+    return false
+  } catch (_error) {
+    // console.error('Error validating payload:', _error)
+    // If we can't validate, assume it might be too big
+    return true
+  }
+}
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
