✨ (solana-signer): Add clear sign commands

Author: fAnselmi-Ledger

.changeset/public-cases-slide.md

@@ -0,0 +1,5 @@
+---
+"@ledgerhq/device-signer-kit-solana": minor
+---
+
+Add solana clear sign commands

packages/signer/signer-solana/src/internal/app-binder/command/PromptUiDisplayCommand.test.ts

@@ -0,0 +1,96 @@
+import {
+  ApduResponse,
+  CommandResultFactory,
+  InvalidStatusWordError,
+  isSuccessCommandResult,
+} from "@ledgerhq/device-management-kit";
+
+import { SolanaAppCommandError } from "./utils/SolanaApplicationErrors";
+import {
+  CLA,
+  INS,
+  P1,
+  P2,
+  PromptUiDisplayCommand,
+} from "./PromptUiDisplayCommand";
+
+describe("PromptUiDisplayCommand", () => {
+  const command = new PromptUiDisplayCommand();
+
+  describe("name", () => {
+    it("should be 'promptUiDisplay'", () => {
+      expect(command.name).toBe("promptUiDisplay");
+    });
+  });
+
+  describe("getApdu", () => {
+    it("builds an empty-data APDU with CLA/INS/P1/P2 = 0xE0/0x0B/0x00/0x00", () => {
+      const apdu = command.getApdu();
+
+      expect(apdu.cla).toBe(CLA);
+      expect(apdu.ins).toBe(INS);
+      expect(apdu.p1).toBe(P1);
+      expect(apdu.p2).toBe(P2);
+      expect(apdu.data).toStrictEqual(new Uint8Array());
+      expect(apdu.getRawApdu()).toStrictEqual(
+        Uint8Array.from([0xe0, 0x0b, 0x00, 0x00, 0x00]),
+      );
+    });
+  });
+
+  describe("parseResponse", () => {
+    it("returns success on 9000 (user approved)", () => {
+      const result = command.parseResponse(
+        new ApduResponse({
+          statusCode: Uint8Array.from([0x90, 0x00]),
+          data: new Uint8Array(),
+        }),
+      );
+
+      expect(result).toStrictEqual(CommandResultFactory({ data: undefined }));
+    });
+
+    it("maps 6985 to a typed Solana app error (user-refused / session incomplete)", () => {
+      const result = command.parseResponse(
+        new ApduResponse({
+          statusCode: Uint8Array.from([0x69, 0x85]),
+          data: new Uint8Array(),
+        }),
+      );
+
+      expect(isSuccessCommandResult(result)).toBe(false);
+      // @ts-expect-error narrowed by isSuccessCommandResult
+      expect(result.error).toBeInstanceOf(SolanaAppCommandError);
+      // @ts-expect-error narrowed by isSuccessCommandResult
+      expect(result.error.errorCode).toBe("6985");
+    });
+
+    it("maps 6A80 to a typed Solana app error (merge engine failure)", () => {
+      const result = command.parseResponse(
+        new ApduResponse({
+          statusCode: Uint8Array.from([0x6a, 0x80]),
+          data: new Uint8Array(),
+        }),
+      );
+
+      expect(isSuccessCommandResult(result)).toBe(false);
+      // @ts-expect-error narrowed by isSuccessCommandResult
+      expect(result.error).toBeInstanceOf(SolanaAppCommandError);
+      // @ts-expect-error narrowed by isSuccessCommandResult
+      expect(result.error.errorCode).toBe("6a80");
+    });
+
+    it("rejects unexpected data on 9000", () => {
+      const result = command.parseResponse(
+        new ApduResponse({
+          statusCode: Uint8Array.from([0x90, 0x00]),
+          data: Uint8Array.from([0x01]),
+        }),
+      );
+
+      expect(isSuccessCommandResult(result)).toBe(false);
+      // @ts-expect-error narrowed by isSuccessCommandResult
+      expect(result.error).toBeInstanceOf(InvalidStatusWordError);
+    });
+  });
+});

packages/signer/signer-solana/src/internal/app-binder/command/PromptUiDisplayCommand.ts

@@ -0,0 +1,60 @@
+import {
+  type Apdu,
+  ApduBuilder,
+  type ApduResponse,
+  type Command,
+  type CommandResult,
+  CommandResultFactory,
+  InvalidStatusWordError,
+} from "@ledgerhq/device-management-kit";
+import { CommandErrorHelper } from "@ledgerhq/signer-utils";
+import { Maybe } from "purify-ts";
+
+import {
+  SOLANA_APP_ERRORS,
+  SolanaAppCommandErrorFactory,
+  type SolanaAppErrorCodes,
+} from "./utils/SolanaApplicationErrors";
+
+export const CLA = 0xe0;
+export const INS = 0x0b;
+export const P1 = 0x00;
+export const P2 = 0x00;
+
+/**
+ * Triggers the descriptor-augmented review UI on the device.
+ *
+ * The device returns:
+ *  - 9000 on user approval (provisional fingerprint armed for DELAYED)
+ *  - 6985 on user rejection or incomplete session (buffer preserved)
+ *  - 6A80 if the merge engine cannot produce a coherent display
+ *    (session discarded)
+ */
+export class PromptUiDisplayCommand
+  implements Command<void, void, SolanaAppErrorCodes>
+{
+  readonly name = "promptUiDisplay";
+  private readonly errorHelper = new CommandErrorHelper<
+    void,
+    SolanaAppErrorCodes
+  >(SOLANA_APP_ERRORS, SolanaAppCommandErrorFactory);
+
+  getApdu(): Apdu {
+    return new ApduBuilder({ cla: CLA, ins: INS, p1: P1, p2: P2 }).build();
+  }
+
+  parseResponse(
+    response: ApduResponse,
+  ): CommandResult<void, SolanaAppErrorCodes> {
+    return Maybe.fromNullable(
+      this.errorHelper.getError(response),
+    ).orDefaultLazy(() => {
+      if (response.data.length !== 0) {
+        return CommandResultFactory({
+          error: new InvalidStatusWordError("Unexpected data in response"),
+        });
+      }
+      return CommandResultFactory({ data: undefined });
+    });
+  }
+}

packages/signer/signer-solana/src/internal/app-binder/command/ProvideAltResolutionCommand.test.ts

@@ -0,0 +1,127 @@
+import {
+  ApduResponse,
+  CommandResultFactory,
+  InvalidStatusWordError,
+  isSuccessCommandResult,
+} from "@ledgerhq/device-management-kit";
+
+import { P2_EXTEND, P2_MORE } from "./utils/clearSignChunking";
+import { SolanaAppCommandError } from "./utils/SolanaApplicationErrors";
+import {
+  CLA,
+  INS,
+  P1,
+  ProvideAltResolutionCommand,
+} from "./ProvideAltResolutionCommand";
+
+describe("ProvideAltResolutionCommand", () => {
+  const payload = new Uint8Array([0x11, 0x22, 0x33]);
+
+  describe("name", () => {
+    it("should be 'provideAltResolution'", () => {
+      expect(
+        new ProvideAltResolutionCommand({
+          payload,
+          isFirstChunk: true,
+          hasMore: false,
+        }).name,
+      ).toBe("provideAltResolution");
+    });
+  });
+
+  describe("getApdu", () => {
+    it("builds INS=0x28 / P1=0x00 with chunking flags applied to P2", () => {
+      const apdu = new ProvideAltResolutionCommand({
+        payload,
+        isFirstChunk: true,
+        hasMore: false,
+      }).getApdu();
+
+      expect(apdu.cla).toBe(CLA);
+      expect(apdu.ins).toBe(INS);
+      expect(apdu.p1).toBe(P1);
+      expect(apdu.p2).toBe(0x00);
+      expect(apdu.data).toStrictEqual(payload);
+    });
+
+    it("first of many: P2 = P2_MORE", () => {
+      const apdu = new ProvideAltResolutionCommand({
+        payload,
+        isFirstChunk: true,
+        hasMore: true,
+      }).getApdu();
+      expect(apdu.p2).toBe(P2_MORE);
+    });
+
+    it("middle: P2 = P2_MORE | P2_EXTEND", () => {
+      const apdu = new ProvideAltResolutionCommand({
+        payload,
+        isFirstChunk: false,
+        hasMore: true,
+      }).getApdu();
+      expect(apdu.p2).toBe(P2_MORE | P2_EXTEND);
+    });
+
+    it("last: P2 = P2_EXTEND", () => {
+      const apdu = new ProvideAltResolutionCommand({
+        payload,
+        isFirstChunk: false,
+        hasMore: false,
+      }).getApdu();
+      expect(apdu.p2).toBe(P2_EXTEND);
+    });
+
+    it("throws a typed error if a chunk exceeds 255 bytes", () => {
+      const command = new ProvideAltResolutionCommand({
+        payload: new Uint8Array(256),
+        isFirstChunk: true,
+        hasMore: false,
+      });
+      expect(() => command.getApdu()).toThrow(/too large/i);
+    });
+  });
+
+  describe("parseResponse", () => {
+    const command = new ProvideAltResolutionCommand({
+      payload,
+      isFirstChunk: true,
+      hasMore: false,
+    });
+
+    it("returns success on 9000", () => {
+      const result = command.parseResponse(
+        new ApduResponse({
+          statusCode: Uint8Array.from([0x90, 0x00]),
+          data: new Uint8Array(),
+        }),
+      );
+      expect(result).toStrictEqual(CommandResultFactory({ data: undefined }));
+    });
+
+    it("maps non-success status words to a typed Solana error", () => {
+      const result = command.parseResponse(
+        new ApduResponse({
+          statusCode: Uint8Array.from([0x6a, 0x80]),
+          data: new Uint8Array(),
+        }),
+      );
+
+      expect(isSuccessCommandResult(result)).toBe(false);
+      // @ts-expect-error narrowed by isSuccessCommandResult
+      expect(result.error).toBeInstanceOf(SolanaAppCommandError);
+    });
+
+    it("rejects unexpected response data on 9000", () => {
+      const result = command.parseResponse(
+        new ApduResponse({
+          statusCode: Uint8Array.from([0x90, 0x00]),
+          data: Uint8Array.from([0x01]),
+        }),
+      );
+
+      expect(isSuccessCommandResult(result)).toBe(false);
+      // @ts-expect-error narrowed by isSuccessCommandResult
+      expect(result.error).toBeInstanceOf(InvalidStatusWordError);
+    });
+  });
+});

packages/signer/signer-solana/src/internal/app-binder/command/ProvideAltResolutionCommand.ts

@@ -0,0 +1,73 @@
+import {
+  type Apdu,
+  ApduBuilder,
+  type ApduResponse,
+  type Command,
+  type CommandResult,
+  CommandResultFactory,
+  InvalidStatusWordError,
+} from "@ledgerhq/device-management-kit";
+import { CommandErrorHelper } from "@ledgerhq/signer-utils";
+import { Maybe } from "purify-ts";
+
+import { assertChunkSize, buildChunkP2 } from "./utils/clearSignChunking";
+import {
+  SOLANA_APP_ERRORS,
+  SolanaAppCommandErrorFactory,
+  type SolanaAppErrorCodes,
+} from "./utils/SolanaApplicationErrors";
+
+export const CLA = 0xe0;
+export const INS = 0x28;
+export const P1 = 0x00;
+
+export type ProvideAltResolutionCommandArgs = {
+  readonly payload: Uint8Array;
+  readonly isFirstChunk: boolean;
+  readonly hasMore: boolean;
+};
+
+/**
+ * Provides one signed `ALT_RESOLUTION` TLV carrying
+ * `(altAddress, entryIndex, resolvedAddress)`. The TLV is challenge-bound:
+ * the caller must issue `GET CHALLENGE` immediately before this command so
+ * the device can verify the binding.
+ *
+ * The caller pre-builds the wire payload (2-byte BE length prefix followed
+ * by the `ALT_RESOLUTION` TLV) and splits it into ≤255-byte chunks.
+ */
+export class ProvideAltResolutionCommand
+  implements Command<void, ProvideAltResolutionCommandArgs, SolanaAppErrorCodes>
+{
+  readonly name = "provideAltResolution";
+  private readonly errorHelper = new CommandErrorHelper<
+    void,
+    SolanaAppErrorCodes
+  >(SOLANA_APP_ERRORS, SolanaAppCommandErrorFactory);
+
+  constructor(readonly args: ProvideAltResolutionCommandArgs) {}
+
+  getApdu(): Apdu {
+    assertChunkSize(this.args.payload, INS);
+    const p2 = buildChunkP2(this.args.isFirstChunk, this.args.hasMore);
+
+    return new ApduBuilder({ cla: CLA, ins: INS, p1: P1, p2 })
+      .addBufferToData(this.args.payload)
+      .build();
+  }
+
+  parseResponse(
+    response: ApduResponse,
+  ): CommandResult<void, SolanaAppErrorCodes> {
+    return Maybe.fromNullable(
+      this.errorHelper.getError(response),
+    ).orDefaultLazy(() => {
+      if (response.data.length !== 0) {
+        return CommandResultFactory({
+          error: new InvalidStatusWordError("Unexpected data in response"),
+        });
+      }
+      return CommandResultFactory({ data: undefined });
+    });
+  }
+}