Types of apps and global architecture

Estimated reading time: 3 minutes

Sections in this page

• Types of apps
  • Ledger apps
  • DApp plugins
  • Utility applications
• Global architecture

Types of apps

Ledger apps

This is the application that allows the users to manage their crypto-assets with their Ledger devices. It is the first step to an integration of your coin or token to the Ledger environment and to an integration of your blockchain to Ledger Live. The following sections will help you develop this type of application. For more information about the role of the Ledger embedded app, read this Academy article.

DApp plugins

DApp Plugins are developed to integrate an Ethereum DApp to Ledger live. Ledger Live has a DApp browser where your DApp will be visible and usable through an iframe. Ethereum DApps can be developed for example to lend or borrow, swap, trade, pay with cryptoassets or manage your portfolio. More information here.

Utility applications

These applications leverage Ledger technology but are not involved in managing crypto assets. They interact with Ledger devices and BOLOS operating system and can serve many purposes. They can be, for example, a password manager application, or a two-factor authentication application.

Global architecture

Let’s see the typical end-to-end architecture of a BOLOS application, in the case of an app for a cryptocurrency:

End-to-end architecture of a BOLOS application

Three pieces of software are required:

• A BOLOS application, written in C, running on a Ledger device
• The with business logic and typically a GUI, running on a computer or a phone connected to the Ledger device
• A transaction explorer that interfaces between the front-end and the cryptocurrency daemon, running either locally (in the case of a full node) or remotely (light wallet)

If you’re not developing an app adding support for a cryptocurrency, then you can ignore the 3rd piece. Depending on your use case, the wallet app might be a simple daemon or a command line tool, without a GUI.

The Ledger Manager is the service which centralizes the distribution of BOLOS applications on Ledger devices. It is the place where both Ledger’s apps and third party apps are distributed to users.

The Ledger Manager

When these pieces are ready for deployment, they must be sent to Ledger for a security review. One of the things we’re going to do is review the security of the BOLOS application code, and check that it functions as intended in conjunction with its wallet app. Here is a non-exhaustive list of what we’re looking at during the review process:

• Backdoors
• Buffer overflows
• Correct use of the device (for example, minimizing NVRAM wearing)
• Correct use of the SDK
• Application stability, correct handling of errors
• Correct usability (see Design Guidelines)

Review time depends on Ledger’s available resources and code complexity. The more unique and complex the code, the longer the review. Please note that forks of supported BOLOS apps will require a new review. The decision to reject or revoke an app is at Ledger’s sole discretion. We will make our best efforts to provide a rationale for such decisions. Upon fixing identified issues, app authors will be allowed to re-submit their apps.

---

Did you find this page helpful?

How would you improve this page for developers?

I am a developer.
Contributors will be chosen randomly to receive rewards. Check this box to send your email and participate.

Ledger collects your email address to send you rewards for your contribution to improve the Developer Portal documentation. Learn more about how we manage your data and your rights.

By providing your email address, you consent that Ledger may contact you for rewards delivery purposes. If you are part of the randomly selected contributors, we will send you an email to ask for your physical address and if necessary, ask you for additional information on the suggestion you made. Your information will only be available to Ledger and will be retained for no longer than 90 days. It may be transferred to non-European countries that ensure an adequate level of protection or under the standard contractual clauses adopted by the EU Commission.

Please note that you may withdraw your consent at any time, access your data and request their rectification or deletion. You may also request the limitation of the processing of your data. To exercise your rights or for any question on the processing of your data, please contact LEDGER’s Data Protection Officer here. If nevertheless you believe LEDGER did not adequately address your concerns and mishandled your data, you may lodge a complaint with the personal data protection authority of your country.

Developing and submitting an Embedded App

← Previous

Required programming skills

Next →