Would it be possible to request a specific address from the Ledger API?
E.g. requesting the address of the path "44'/0'/0'/0/0" and get that specific address back.
I opened an issues describing the details about this on github: https://github.com/LedgerHQ/ledger-wallet-api/issues/2
Topic: [NOW AVAILABLE] BTChip / Ledger HW1 : Bitcoin Hardware Wallet in a USB smartcard - page 3. (Read 62446 times)
November 18, 2015, 03:39:19 AM
November 05, 2015, 02:04:21 PM
definitely doable, I'll push that and the other question to the team dealing with Starter
Thanks for taking my feature requests to the team.Generating the security card will be very trivial, we'll start working on it asap.
Looking forward using the next release.The two other features are doable but will require more work. The Chrome app team has an idea about that which could be very interesting if we can make it work, so stay tuned!
Hopefully you can do it.In the mean time I'll reanimate my old notebook with a CD-ROM and update the ledger with a Live-System. :-)
November 05, 2015, 01:43:17 PM
definitely doable, I'll push that and the other question to the team dealing with Starter
Wow!! Very nice! I'll be looking forward to the new starter!
November 05, 2015, 10:39:40 AM
A short list of features I would like to see in the Ledger Starter distro:
- update the Nano/HW.1 OS
- generate the security card (like on https://www.ledgerwallet.com/wallet/keycard)
- reprogram the Nano/HW.1 with a different security card (so that I could change the security card myself every x days)
Would this be possible?
- update the Nano/HW.1 OS
- generate the security card (like on https://www.ledgerwallet.com/wallet/keycard)
- reprogram the Nano/HW.1 with a different security card (so that I could change the security card myself every x days)
Would this be possible?
Hi!
The Starter can already be upgraded very simply: by dropping a new rootfs image on the flash drive. When we'll publish a new version, you will be able to download it (+ match the file with our signature) and then overwrite the previous one.
Generating the security card will be very trivial, we'll start working on it asap.
The two other features are doable but will require more work. The Chrome app team has an idea about that which could be very interesting if we can make it work, so stay tuned!
November 05, 2015, 10:16:17 AM
definitely doable, I'll push that and the other question to the team dealing with Starter
November 05, 2015, 04:03:54 AM
A short list of features I would like to see in the Ledger Starter distro:
- update the Nano/HW.1 OS
- generate the security card (like on https://www.ledgerwallet.com/wallet/keycard)
- reprogram the Nano/HW.1 with a different security card (so that I could change the security card myself every x days)
Would this be possible?
- update the Nano/HW.1 OS
- generate the security card (like on https://www.ledgerwallet.com/wallet/keycard)
- reprogram the Nano/HW.1 with a different security card (so that I could change the security card myself every x days)
Would this be possible?
November 04, 2015, 06:13:00 AM
I think it can already do that
Could you tell me how?
I did not find any menu item to initiate the upgrade.
Thanks.
November 04, 2015, 05:47:10 AM
Is there a better way to upgrade?
Could the Ledger Starter be enhanced with the possibility to upgrade?
Could the Ledger Starter be enhanced with the possibility to upgrade?
I think it can already do that
November 04, 2015, 02:07:25 AM
A question regarding the upgrade process.
I'm asked to enter the 32 letters of my security card.
As any computer could be compromised I have to assume that this input is intercepted and thus I loose another layer of security.
The pin code and the security card would be known to the attacker.
Is there a better way to upgrade?
Could the Ledger Starter be enhanced with the possibility to upgrade?
I'm asked to enter the 32 letters of my security card.
As any computer could be compromised I have to assume that this input is intercepted and thus I loose another layer of security.
The pin code and the security card would be known to the attacker.
Is there a better way to upgrade?
Could the Ledger Starter be enhanced with the possibility to upgrade?
November 02, 2015, 03:15:02 PM
Would it make sense to have this functionality in the Ledger Starter distribution?
I think it does it by default - you can boot starter, plug the device when it's supposed to write something and it'll just write it where the focus is currently set.
November 02, 2015, 09:41:49 AM
if you're signing something critical, that's the best option. Note that you can use anything that recognizes a HID keyboard - it could be a phone or a smart TV or a Windows PC with no session open for example.
Would it make sense to have this functionality in the Ledger Starter distribution?
October 31, 2015, 05:55:16 PM
Could he change the text and trick me in signing a different message?
yes, that's the idea. Nothing else but that's bad enough.
Actually there is no way I can know with certainty if my computer is compromised.
Thus best practice would be to use an air gaped computer to get the 2FA pin, or is this overkill?
Thus best practice would be to use an air gaped computer to get the 2FA pin, or is this overkill?
if you're signing something critical, that's the best option. Note that you can use anything that recognizes a HID keyboard - it could be a phone or a smart TV or a Windows PC with no session open for example.
The next firmware version will provide an option to verify the message content on the paired smartphone when signing.
October 31, 2015, 05:27:43 PM
When signing a message I'm asked to use a different computer if the current one is compromised.
Let's assume the computer is compromised.
What are the possibilities of a hacker?
Could he change the text and trick me in signing a different message?
Are there other things a hacker could do?
Actually there is no way I can know with certainty if my computer is compromised.
Thus best practice would be to use an air gaped computer to get the 2FA pin, or is this overkill?
Let's assume the computer is compromised.
What are the possibilities of a hacker?
Could he change the text and trick me in signing a different message?
Are there other things a hacker could do?
Actually there is no way I can know with certainty if my computer is compromised.
Thus best practice would be to use an air gaped computer to get the 2FA pin, or is this overkill?
October 27, 2015, 11:16:32 AM
On the other hand if my xpubkey is leaked then all the future public keys for all my accounts could be generated by a third party, right?
No, only one account privacy will be compromised as you have to get an xpub per account (the account index being an hardened BIP32 derivation)
October 27, 2015, 09:26:45 AM
Thanks for your replies.
This way I can create new pulic keys even without having the ledger wallet with me.
On the other hand if my xpubkey is leaked then all the future public keys for all my accounts could be generated by a third party, right?
This looks to me as the easiest and safest way to do it for now.
You have a BIP32 xpub, so just use a tool like this: https://bitcore.io/playground/#/hdkeys
This way I can create new pulic keys even without having the ledger wallet with me.
On the other hand if my xpubkey is leaked then all the future public keys for all my accounts could be generated by a third party, right?
you do it on Ledger Wallet Chrome app through the API - https://www.ledgerwallet.com/api/demo.html use "Get Xpub" with the BIP 44 path
(44'/0'/0'/0/x with x being the index, for the first account)
(44'/0'/0'/0/x with x being the index, for the first account)
This looks to me as the easiest and safest way to do it for now.
October 27, 2015, 02:26:36 AM
Is there a way to create more than 1 new address (within the same account)?
you do it on Ledger Wallet Chrome app through the API - https://www.ledgerwallet.com/api/demo.html use "Get Xpub" with the BIP 44 path
(44'/0'/0'/0/x with x being the index, for the first account)
October 25, 2015, 02:08:49 PM
Is there a way to create more than 1 new address (within the same account)?
For example if I want to ask multiple people to pay later with each having his individual address so that I can track who actually paid.
I have tried with the Ledger Wallet Chrome app and Mycelium but they only give me the next address and as long as no transaction is registered on it I can't get a new one.
For example if I want to ask multiple people to pay later with each having his individual address so that I can track who actually paid.
I have tried with the Ledger Wallet Chrome app and Mycelium but they only give me the next address and as long as no transaction is registered on it I can't get a new one.
You have a BIP32 xpub, so just use a tool like this: https://bitcore.io/playground/#/hdkeys
October 25, 2015, 04:30:16 AM
Is there a way to create more than 1 new address (within the same account)?
For example if I want to ask multiple people to pay later with each having his individual address so that I can track who actually paid.
I have tried with the Ledger Wallet Chrome app and Mycelium but they only give me the next address and as long as no transaction is registered on it I can't get a new one.
For example if I want to ask multiple people to pay later with each having his individual address so that I can track who actually paid.
I have tried with the Ledger Wallet Chrome app and Mycelium but they only give me the next address and as long as no transaction is registered on it I can't get a new one.
October 05, 2015, 07:23:31 AM
looks like i'm a victim of this malleability i read about here: http://cointelegraph.com/news/115374/the-ongoing-bitcoin-malleability-attack
is there anything i can do to sync my hw1 ledgerwallet to show the correct amount? at the moment I have a transaction that has been duplicated. it was a simple funds movement between accounts on my hw1. one transaction has cleared and the other is unconfirmed. the consequence is one of my wallets reads as balance of 0.5 btc but has a usd balance of -118.38 (because of the duplicate spend) and the other obviously has too much funds in it. but i believe the total funds across all wallets are correct.
is there anything i can do to sync my hw1 ledgerwallet to show the correct amount? at the moment I have a transaction that has been duplicated. it was a simple funds movement between accounts on my hw1. one transaction has cleared and the other is unconfirmed. the consequence is one of my wallets reads as balance of 0.5 btc but has a usd balance of -118.38 (because of the duplicate spend) and the other obviously has too much funds in it. but i believe the total funds across all wallets are correct.
looks like an uninstall and reinstall of the ledger chrome app did the trick. thanks eric.
October 04, 2015, 11:20:41 PM
looks like i'm a victim of this malleability i read about here: http://cointelegraph.com/news/115374/the-ongoing-bitcoin-malleability-attack
is there anything i can do to sync my hw1 ledgerwallet to show the correct amount? at the moment I have a transaction that has been duplicated. it was a simple funds movement between accounts on my hw1. one transaction has cleared and the other is unconfirmed. the consequence is one of my wallets reads as balance of 0.5 btc but has a usd balance of -118.38 (because of the duplicate spend) and the other obviously has too much funds in it. but i believe the total funds across all wallets are correct.
is there anything i can do to sync my hw1 ledgerwallet to show the correct amount? at the moment I have a transaction that has been duplicated. it was a simple funds movement between accounts on my hw1. one transaction has cleared and the other is unconfirmed. the consequence is one of my wallets reads as balance of 0.5 btc but has a usd balance of -118.38 (because of the duplicate spend) and the other obviously has too much funds in it. but i believe the total funds across all wallets are correct.
Jump to: