From 759a23194ca60a8c66a313d2d9f74a5c36c2a230 Mon Sep 17 00:00:00 2001
From: Antonio Salazar Cardozo <antonio@thesis.co>
Date: Sun, 14 Jul 2024 21:27:38 -0400
Subject: [PATCH] Fix Ledger message signing on built-in non-ETH/MATIC networks

Ledger was checking specifically for those two networks from a constant
that was never updated. We switch instead to check whether the network
in question shares a derivation path with the one used by the Eth app
(aka the Ethereum derivation path).

Custom networks added by users currently don't set a derivation path, so
they will still fail this test (as well as the guards on signing
messages and typed messages, which are already using derivation paths).
---
 background/constants/networks.ts    |  2 --
 background/services/ledger/index.ts | 13 ++++++++-----
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/background/constants/networks.ts b/background/constants/networks.ts
index b6022a93d..4d493eb3a 100644
--- a/background/constants/networks.ts
+++ b/background/constants/networks.ts
@@ -162,8 +162,6 @@ export const TEST_NETWORK_BY_CHAIN_ID = new Set(
   [SEPOLIA, ARBITRUM_SEPOLIA].map((network) => network.chainID),
 )
 
-export const NETWORK_FOR_LEDGER_SIGNING = [ETHEREUM, POLYGON]
-
 // Networks that are not added to this struct will
 // not have an in-wallet Swap page
 export const CHAIN_ID_TO_0X_API_BASE: {
diff --git a/background/services/ledger/index.ts b/background/services/ledger/index.ts
index 525044174..93c70161c 100644
--- a/background/services/ledger/index.ts
+++ b/background/services/ledger/index.ts
@@ -15,7 +15,6 @@ import {
 import {
   isEIP1559TransactionRequest,
   isKnownTxType,
-  sameNetwork,
   SignedTransaction,
   TransactionRequestWithNonce,
 } from "../../networks"
@@ -25,7 +24,7 @@ import { ServiceCreatorFunction, ServiceLifecycleEvents } from "../types"
 import logger from "../../lib/logger"
 import { getOrCreateDB, LedgerAccount, LedgerDatabase } from "./db"
 import { ethersTransactionFromTransactionRequest } from "../chain/utils"
-import { NETWORK_FOR_LEDGER_SIGNING } from "../../constants"
+import { ETHEREUM } from "../../constants"
 import { normalizeEVMAddress } from "../../lib/utils"
 import { AddressOnNetwork } from "../../accounts"
 
@@ -542,10 +541,14 @@ export default class LedgerService extends BaseService<Events> {
     { address, network }: AddressOnNetwork,
     hexDataToSign: HexString,
   ): Promise<string> {
+    // Currently the service assumes the Eth app, which requires a network that
+    // uses the same derivation path as Ethereum, or one that starts with the
+    // same components.
+    // FIXME This should take a `LedgerAccountSigner` and use `checkCanSign`
+    // FIXME like other signing methods.
     if (
-      !NETWORK_FOR_LEDGER_SIGNING.find((supportedNetwork) =>
-        sameNetwork(network, supportedNetwork),
-      )
+      network.derivationPath !== ETHEREUM.derivationPath &&
+      !network.derivationPath?.startsWith(ETHEREUM.derivationPath ?? "")
     ) {
       throw new Error("Unsupported network for Ledger signing")
     }