Skip to content

remote-wallet: Trezor support #8378

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
joncinque merged 5 commits into from
Nov 26, 2025
Merged

remote-wallet: Trezor support #8378

joncinque merged 5 commits into from
Nov 26, 2025

Conversation

@joncinque
Copy link

@joncinque joncinque commented Oct 7, 2025

Problem

As noted at #306 and solana-labs#4911, the Trezor wallet is not supported in the Solana CLI.

Summary of Changes

Following the work at #306, get Trezor support into shape to be used. I've been keeping this branch up to date for most of this year and using a personal build with a Trezor wallet, and I haven't run into any issues yet.

@t-nelson you reviewed the previous PR a few times, so if you have time, your input will be appreciated. Otherwise, @rustopian can you take a look?

@t-nelson
Copy link

t-nelson commented Oct 8, 2025

feels #306 (review)

@vadorovsky vadorovsky self-requested a review October 8, 2025 07:11
@joncinque
Copy link
Author

joncinque commented Oct 8, 2025

feels #306 (review)

I did incorporate a lot of that feedback in this branch, but let me know what's still missing. All of the get_ledger functions weren't great, as you pointed out, so I made them more general between either device type

@joncinque joncinque mentioned this pull request Oct 8, 2025
Closed
@joncinque
Copy link
Author

joncinque commented Oct 8, 2025
edited
Loading

Looks like one of the transitive dependencies through trezor-client is failing audit checks, so I put in trezor/trezor-firmware#5967 to see if they'll release a new version soon and if the crate is vulnerable. They released a patched version of the crate, so we're all good!

@codecov-commenter
Copy link

codecov-commenter commented Oct 9, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 51.35135% with 198 lines in your changes missing coverage. Please review.
✅ Project coverage is 82.6%. Comparing base (962f17e) to head (8103d15).
⚠️ Report is 33 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff            @@
##           master    #8378     +/-   ##
=========================================
- Coverage    82.6%    82.6%   -0.1%     
=========================================
  Files         890      891      +1     
  Lines      320903   321273    +370     
=========================================
+ Hits       265277   265493    +216     
- Misses      55626    55780    +154
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@rustopian
Copy link

rustopian commented Oct 16, 2025
edited
Loading

Bug: Omitting --fee-payer in the CLI on Trezor results in an on-device signature flow followed by NoDeviceFound error (CLI says "Error: Dynamic program error: no device found").

Ideal fix: Behavior matches Ledger: the transaction succeeds even when --fee-payer is omitted.
Acceptable: Early, specific error before any on-device flow.

To reproduce:

  1. Build cli (e.g. cargo build --release -p solana-cli)
  2. Trezor connected (I used a Safe 5)
  3. solana-keygen new --no-passphrase -o <JSON>
  4. ./target/release/solana create-stake-account --from 'usb://trezor?key=0/0' <JSON> <AMOUNT> --stake-authority 'usb://trezor?key=0/0' --withdraw-authority 'usb://trezor?key=0/0'

On Trezor, this triggers full on-device signing flow, then throws NoDeviceFound in CLI. On Ledger (with usb://ledger), the transaction succeeds without issue.

Adding --fee-payer to step 4 resolves the issue for Trezor.

@joncinque
Copy link
Author

joncinque commented Nov 21, 2025 

./target/release/solana create-stake-account --from 'usb://trezor?key=0/0' <JSON> <AMOUNT> --stake-authority 'usb://trezor?key=0/0' --withdraw-authority 'usb://trezor?key=0/0'

On Trezor, this triggers full on-device signing flow, then throws NoDeviceFound in CLI. On Ledger (with usb://ledger), the transaction succeeds without issue.

I tried this command, and it works on my side. I tried other commands like transfer with a separate fee-payer, and those also worked. I updated the firmware on my device and it still worked. Any ideas of what I can do to reproduce?

@rustopian
Copy link

rustopian commented Nov 24, 2025
edited
Loading

I tried this command, and it works on my side. I tried other commands like transfer with a separate fee-payer, and those also worked. I updated the firmware on my device and it still worked. Any ideas of what I can do to reproduce?

Interesting. Same device, clean build, updated firmware... but I still get "Dynamic program error: no device found" errors under this very specific circumstance. Explicitly including a fee-payer in the CLI command instantly fixes the issue, and the only difference between the 2 commands is the explicit inclusion of fee-payer.

Given that it's a very minor issue, I suggest you ship this, and hopefully I can uncover the issue subsequently?

@joncinque
Copy link
Author

joncinque commented Nov 24, 2025

Feel free to approve if you dare!

rustopian
rustopian previously approved these changes Nov 25, 2025
View reviewed changes
Copy link

@rustopian rustopian left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🐿️

remote-wallet/src/remote_wallet.rs
}
}

for device in trezor_client::find_devices(false) {
Copy link

@rustopian rustopian Nov 25, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like we don't handle multiple Trezors connected at the same time, for one thing since pubkey is set to None and so multiple Trezors will seem identical to the locator. An edge case for sure, but I just had multiple hardware wallets connected two days ago, so it does happen:D

Not enough to block shipping, but we could use e.g. get_device_id to do this.

p.s.: turns out that this is also why the CLI was demanding 'usb://trezor?key=0/0' rather than just usb://trezor

Copy link
Author

@joncinque joncinque Nov 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah good call! I came up with a way to fix this with 8103d15, let me know what you think

Copy link

@rustopian rustopian Nov 26, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! I don't have two functional Trezors, but will try with two someday. Tested to ensure it doesn't break functionality with one.

@joncinque joncinque requested a review from rustopian November 25, 2025 22:35
@rustopian
Copy link

rustopian commented Nov 26, 2025
edited
Loading

I tried this command, and it works on my side. I tried other commands like transfer with a separate fee-payer, and those also worked. I updated the firmware on my device and it still worked. Any ideas of what I can do to reproduce?

Got it! Upon running solana config get for a different testing reason, I noticed my default keypair was still ledger from earlier tests:
Keypair Path: usb://ledger

Once I set this to Trezor, Trezor works without having to explicitly add --fee-payer. This explains the difficulty I had debugging: Device Not Found was saying "your ledger isn't plugged in", not actually a catch-all error for a Trezor failure, and not some difference between Ledger and Trezor implementations.

cc @joncinque, not sure there's anything to be done here; maybe some clearer message if Device Not Found is triggered by a use of config keypair.

rustopian
rustopian approved these changes Nov 26, 2025
View reviewed changes
Copy link

@rustopian rustopian left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great. I figured out the issue I was having, see #8378 (comment)

Up to you, whether actionable or not.

@joncinque
Copy link
Author

joncinque commented Nov 26, 2025

Once I set this to Trezor, Trezor works without having to explicitly add --fee-payer. This explains the difficulty I had debugging: Device Not Found was saying "your ledger isn't plugged in", not actually a catch-all error for a Trezor failure, and not some difference between Ledger and Trezor implementations.

Ah gotcha, let's address that in follow-up work to make errors clearer. It doesn't impact the Trezor implementation.

@joncinque joncinque added this pull request to the merge queue Nov 26, 2025
Merged via the queue into anza-xyz:master with commit ba4087c Nov 26, 2025
58 checks passed
@joncinque joncinque deleted the trezor branch November 26, 2025 10:12
AvhiMaz pushed a commit to AvhiMaz/agave that referenced this pull request Nov 28, 2025
@joncinque @stevenbooke @AvhiMaz
remote-wallet: Trezor support (anza-xyz#8378)
022771d 
* Trezor support for Solana CLI

* Cleanup and prep for PR

* Sort workspace deps

* Update trezor-client dependency

* Support multiple wallets, add changelog

---------

Co-authored-by: stevenbooke <[email protected]>
@joncinque joncinque mentioned this pull request Dec 3, 2025
Open
@steviez steviez mentioned this pull request Jan 12, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@t-nelson t-nelson Awaiting requested review from t-nelson

@vadorovsky vadorovsky Awaiting requested review from vadorovsky

1 more reviewer

@rustopian rustopian rustopian approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@joncinque @t-nelson @codecov-commenter @rustopian @stevenbooke