feat(ledger): implement DMK offscreen handler and dependencies

[montelaidev]

Description

Implements the real Ledger DMK (Device Management Kit) offscreen handler, replacing the PR 1 stub that delegated to legacy.

PR 3 of 3 (stacked on #43488):

1. Router + legacy refactor (refactor(ledger): add offscreen router and refactor legacy handler #43487)
2. ledgerDmk feature flag + runtime mode switching (feat(ledger): wire ledgerDmk flag to offscreen mode switching #43488)
3. Real DMK handler + dependencies (this PR)

Changes:

• Full LedgerDMKBridgeHandler with session lifecycle, device discovery, and action routing
• Preview bump of @metamask/eth-ledger-bridge-keyring plus Ledger DMK packages
• EIP-7702 delegation authorization signing in offscreen bridge
• getLedgerMode UI action, LedgerAdapter / RPC error utils updates
• Unit tests for DMK handler (including Jest virtual mock for ESM-only @ledgerhq/device-transport-kit-web-hid)

Changelog Entry

CHANGELOG entry: null

Related Issues

Fixes: N/A

Manual Testing Steps

1. Enable ledgerDmk via .manifest-overrides.json (see PR 2 instructions) or LaunchDarkly.
2. Build and load the extension (yarn build:test recommended for LavaMoat parity).
3. Connect a Ledger via hardware wallet onboarding.
4. Verify unlock, sign transaction, sign message, and sign typed data.
5. If testing EIP-7702 flows, verify delegation authorization signing completes on device.
6. Toggle ledgerDmk off and confirm legacy handler still works.

Pre-merge Author Checklist

• Followed MetaMask Contributor Docs and MetaMask Extension Coding Standards
• Completed the PR template to the best of ability
• Included tests if applicable
• Documented code using JSDoc format if applicable
• Applied the right labels on the PR (see labeling guidelines)

Made with Cursor

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[mm-token-exchange-service]

✨ Files requiring CODEOWNER review ✨

🔑 @MetaMask/accounts-engineers (5 files, +1006 -25)

• 📁 app/
  • 📁 offscreen/
    • 📁 hardware-wallets/
      • 📄 ledger-dmk.test.ts +446 -0
      • 📄 ledger-dmk.ts +494 -22
  • 📁 scripts/
    • 📁 lib/
      • 📁 offscreen-bridge/
        • 📄 ledger-offscreen-bridge.ts +15 -3
• 📁 ui/
  • 📁 contexts/
    • 📁 hardware-wallets/
      • 📁 adapters/
        • 📄 LedgerAdapter.ts +36 -0
        • 📄 rpcErrorUtils.ts +15 -0

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​ledgerhq/​device-management-kit@​1.5.1
	@​ledgerhq/​device-transport-kit-web-hid@​1.2.3
	@​ledgerhq/​device-signer-kit-ethereum@​1.16.0
	@​ledgerhq/​context-module@​2.1.0

View full report

[socket-security]

Caution

MetaMask internal reviewing guidelines:

• Do not ignore-all
• Each alert has instructions on how to review if you don't know what it means. If lost, ask your Security Liaison or the supply-chain group
• Copy-paste ignore lines for specific packages or a group of one kind with a note on what research you did to deem it safe.
  @SocketSecurity ignore npm/PACKAGE@VERSION

Action	Severity	Alert  (click "▶" to expand/collapse)
Block		Obfuscated code: npm @ledgerhq/device-management-kit is 93.0% likely obfuscated Confidence: 0.93 Location: Package overview From: package.json → npm/@ledgerhq/device-management-kit@1.5.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@ledgerhq/device-management-kit@1.5.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Obfuscated code: npm ethers is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: ? → npm/@ledgerhq/device-signer-kit-ethereum@1.16.0 → npm/@ledgerhq/context-module@2.1.0 → npm/ethers@6.14.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/ethers@6.14.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm @sentry/utils is 100.0% likely to have a medium risk anomaly Notes: The code is a conventional utility module for an error-tracking SDK. No malicious behavior detected. The only notable concern is the Math.random() fallback in UUID generation when crypto is unavailable, which is a known compromise and should be documented if cryptographic strength is required in a given deployment. Overall security risk is low to moderate depending on use case, with no external data leakage evident in this fragment. Confidence: 1.00 Severity: 0.60 From: ? → npm/@ledgerhq/device-transport-kit-web-hid@1.2.3 → npm/@ledgerhq/device-management-kit@1.5.1 → npm/@sentry/utils@6.19.7 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@sentry/utils@6.19.7. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm @sentry/utils is 100.0% likely to have a medium risk anomaly Notes: The code provides environment detection and dynamic module loading designed to support mixed bundler environments. It does not itself implement malicious logic, but its dynamic loading paths present a non-trivial supply-chain risk: if moduleName is influenced by untrusted input, arbitrary modules may be loaded at runtime. A critical reliability issue is the undefined 'module' reference in loadModule’s first call, which should be addressed. Implement input validation, restrict loading to a whitelist of allowed modules, explicitly pass a safe module context, and ensure 'module' is defined or replaced with a controlled loader interface. Confidence: 1.00 Severity: 0.60 From: ? → npm/@ledgerhq/device-transport-kit-web-hid@1.2.3 → npm/@ledgerhq/device-management-kit@1.5.1 → npm/@sentry/utils@6.19.7 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@sentry/utils@6.19.7. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm ethers is 100.0% likely to have a medium risk anomaly Notes: The analyzed code fragment appears to be a conventional ABI interface utility (likely from a library like ethers.js) used to parse, encode, and decode Ethereum function calls, events, and errors. There is no evidence of malicious behavior such as data exfiltration, remote control, or code injection. Minor anomalies (typo in an error message and a partially commented/unfinished block) are present but do not constitute malicious activity. Overall security risk from this fragment is low, assuming it is used as intended within a trusted library context. Confidence: 1.00 Severity: 0.60 From: ? → npm/@ledgerhq/device-signer-kit-ethereum@1.16.0 → npm/@ledgerhq/context-module@2.1.0 → npm/ethers@6.14.1 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/ethers@6.14.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report