Ok, one more question. How does the flow look from technical point of view? I assume it would be something along the lines:
- software wallet packs transaction into binary form and
- either sends it to the Ledger in full, with deserializer running in its firmware (so it can show the user what is being signed) or
- computes digest and sends only that for signing (user can't be presented with the content of transaction)
Or maybe something else entirely?
Both. By default, the software wallet sends serialized transaction which gets deserialized in a device to display everything to the user before it's accepted and signed. But there are hardware limitations like CPU and RAM, so not every transaction could be signed in such flow - therefore there is a second option to sign only the digest of the transaction. This method is disabled by default and needs to be explicitly enabled in the Hive app in settings.