# Ledger Support
Ledger is a popular hardware wallet that is supported on the Oasis Network.
Before following this guide, make sure you've followed the Operator Docs'
Prerequisites Guide to install the
To use the Oasis Ledger App, install it via Ledger Live's Manager. You will have to set developer mode to on in order to find it.
The Oasis Ledger App will not be available for installation via Ledger Live's Manager until after it has been approved by Ledger.
Once installed, the application will use the generated mnemonic stored on the Ledger device to generate a pair of private and public keys.
# Identifying the Ledger device
To identify your Ledger device for use with the oasis-node CLI, unlock your device and make sure you have the Oasis Ledger App open.
Run the following command to identify your device by the generated address:
oasis-node signer ledger list_devices
If your device is properly connected, you should see an output similar to the one below:
============ Device found Oasis App Version : 302e31322e33 Oasis App Address : oasis19hpt4y2reqwyfqcd53asjchdqf468chr673y6jn07xjp36w32jlscf0me
From now on, use the
Oasis App Address to identify the Ledger device you want
to use for signing.
For convenience, set the
OASIS_APP_ADDRESS environment value to its value.
# Exporting the Public Key to Entity
Before you can sign anything, you need to export the public key from the device and use it to generate an entity. This will also be used later as another check to ensure that you are signing a transaction with the correct key.
Using the address you retrieved in the previous section , run the following:
oasis-node signer export \ --signer.backend ledger \ --signer.dir /localhostdir/entity/ \ --signer.ledger.address $OASIS_APP_ADDRESS \ --signer.ledger.index 1
You can omit the
--signer.ledger.address flag and
oasis-node will try to
connect to any available Ledger device.
This will create an
entity.json file in
/localhostdir/entity/ that contains
the public key generated on the device associated with
--signer.ledger.address, derived from a path with an account index of
--signer.backend ledger flag is important here as
it specifies use of the Ledger backend.
This command must be run anytime a new account index is to be used, with a
# Generating and Signing Transactions
As described in the Operator Docs' Stake Management Guide, you need to set the appropriate base flags and signer flags for each transaction you want to generate.
For convenience, you can set the
TX_FLAGS environment variable like below
(replacing Ledger device's address index appropriately):
TX_FLAGS="--genesis.file /localhostdir/genesis.json \ --signer ledger \ --signer.ledger.address $OASIS_APP_ADDRESS \ --signer.ledger.index 1 \ --signer.dir /localhostdir/entity/"
Then, you can generate and sign a transaction, e.g. a transfer transaction, by running:
oasis-node stake account gen_transfer \ $TX_FLAGS \ --stake.amount <AMOUNT-TO-TRANSFER> \ --stake.transfer.destination <DESTINATION-ACCOUNT-ADDRESS> \ --transaction.file tx_transfer.json \ --transaction.nonce 1 \ --transaction.fee.gas 1000 \ --transaction.fee.amount 2000
<DESTINATION-ACCOUNT-ADDRESS> are replaced
with the amount of tokens to transfer and the address of the transfer's
destination account, respectively.
For a more detailed explanation of the transaction flags that were set, see Operator Docs' Stake Management Guide.
Next, unlock your Ledger device and verify the transaction's fields on your device's screen.
After you've confirmed the transaction's fields are correct, sign the transaction on your Ledger device by double-pressing the Sign transaction screen.