Pages:
Author

Topic: [NOW AVAILABLE] BTChip / Ledger HW1 : Bitcoin Hardware Wallet in a USB smartcard - page 9. (Read 62446 times)

hero member
Activity: 560
Merit: 506
I prefer Zakir over Muhammed when mentioning me!
Kryptokit not working! Know why? You can concentrate on electrum now, reply when you are free. Smiley

Image : http://gyazo.com/4f65e857958bd7c55add1d8d06cbb4cd

   ~~MZ~~
hero member
Activity: 623
Merit: 500
CTO, Ledger
whats the usd cost for ledger hw1 vs ledgerwallet?

around half of it

Please help me! BTChip is working with electrum now and I imported 2 private keys. After that, I tried to sign messages but I am getting errors. Any solution?

   ~~MZ~~

that's weird, it shouldn't be using the chip to sign that as the keys are not in it. It should deny key imports for this wallet.
hero member
Activity: 560
Merit: 506
I prefer Zakir over Muhammed when mentioning me!
Please help me! BTChip is working with electrum now and I imported 2 private keys. After that, I tried to sign messages but I am getting errors. Any solution?




   ~~MZ~~
hero member
Activity: 770
Merit: 500
🌟 COMSA ICO: 10/02/17 🌟
whats the usd cost for ledger hw1 vs ledgerwallet?
hero member
Activity: 623
Merit: 500
CTO, Ledger
how is this compared to trezor?

it's cheaper, based on a smartcard, but doesn't have a screen or buttons. Functionally speaking it does the same thing differently.

how fast does it ship to east coast usa?

between one and two weeks

is it very easy for someone that is not computer savy?

it's reasonably easy (especially with GreenAddress) but for the easiest experience we offer the Ledger Wallet, based on the same technology with significantly more polish.
hero member
Activity: 770
Merit: 500
🌟 COMSA ICO: 10/02/17 🌟
how is this compared to trezor?


how fast does it ship to east coast usa?


is it very easy for someone that is not computer savy?
hero member
Activity: 623
Merit: 500
CTO, Ledger

Thanks! I used it. I could create a wallet in normal mode to test but now I want to change it to Developer mode and I am getting some errors. How can I wipe the dongle? I entered 3 invalid pins in a row but I didn't see anything about 'wipe'. What is developer key?

Entering 3 invalid PINs in a row will wipe it (i.e. reset the seed and you start with a fresh dongle). The developer key is the Triple DES key used to encrypt private keys that go out of the dongle in developer mode.


P.S. I think 'wipe pin' can be used to create a new seed and what is the pin? Is wipe pin and user pin same but in different places when typing? I think btchip_setOperationMode can be used to change the mode, so this will suffice my need. I found this on the guide:

You can ignore the wipe PIN as it'll be changed soon - for the time being, when entered, it changes the seed to a random value permanently.

in order to use the developer mode, you need to setup the dongle with this mode authorized (i.e. WALLET+DEVELOPER if using the C API if you want to use both). Then you can switch modes with btchip_setOperationMode

Quote
The dongle must be physically reset following this command if switching to a different mode than the current mode.

How to reset the dongle physically? Huh

That's the entering-3-wrong-PINs-thing

Quote
Additional description of setup parameters : When enabled, RFC 6979 deterministic signatures will be used for all operations in wallet, relaxed wallet and server modes.
RFC 6979 deterministic signatures are always available in developer mode.

Note : Using deterministic signatures will make the signing process slower and could possibly create a larger
side channel attack surface due to the way private keys are handled during the computation of the
random value. We suggest to only enable this mode if you don’t trust the chip hardware Random
Number Generator or are sure of understanding the risks.

Can you explain please? Smiley

RFC6979 uses an ECC private key as a message component passed to a HMAC, which is not something you usually do - it'll break the "balanced" algorithms, trying to mask the values of private keys as they go from flash to RAM to the cryptoprocessor on a smartcard. So it might open more subtle attacks, but it's too popular to be ignored in Bitcoin space, so it's always used Smiley

it doesn't verify outputs (not important for inputs as they're cumulated) one by one because then you'd have to remove / insert the dongle for each output, which is kind of annoying. It's not a technical limitation, more a design limitation. I plan to add this in a future firmware version, maybe not for this product though.

Hmm... Sad Noob : Can I create a TX from online wallet and then sign the raw TX using BTChip?

   ~~MZ~~

Depending how the wallet is implemented, you can. This is what's done with Coinkite co-signing solution for example (sample over there https://github.com/BitMEX/btchip-signing-tools)
hero member
Activity: 560
Merit: 506
I prefer Zakir over Muhammed when mentioning me!
You're basically on your own with that - the C API @ https://github.com/LedgerHQ/btchip-c-api is the most documented one with all developer mode functions implemented (btchip_importPrivateKey, btchip_deriveBip32Key, btchip_getPublicKey, btchip_signImmediate). All those functions are well described in the API documentation @ https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html#_developer_mode_apdus

Thanks! I used it. I could create a wallet in normal mode to test but now I want to change it to Developer mode and I am getting some errors. How can I wipe the dongle? I entered 3 invalid pins in a row but I didn't see anything about 'wipe'. What is developer key?

P.S. I think 'wipe pin' can be used to create a new seed and what is the pin? Is wipe pin and user pin same but in different places when typing? I think btchip_setOperationMode can be used to change the mode, so this will suffice my need. I found this on the guide:

it doesn't verify outputs (not important for inputs as they're cumulated) one by one because then you'd have to remove / insert the dongle for each output, which is kind of annoying. It's not a technical limitation, more a design limitation. I plan to add this in a future firmware version, maybe not for this product though.

Hmm... Sad Noob : Can I create a TX from online wallet and then sign the raw TX using BTChip?

   ~~MZ~~
hero member
Activity: 623
Merit: 500
CTO, Ledger
you can import an arbitrary key in developer mode, but then you have to do everything in developer mode (i.e. you are actually signing arbitrary data, without checking anything about the transaction)

Sorry for asking a dump question : Which wallet should I use to do this? Or should I have to use BTChip-python/C/java - I am not used to this but I can give it a try? Any documentation?

You're basically on your own with that - the C API @ https://github.com/LedgerHQ/btchip-c-api is the most documented one with all developer mode functions implemented (btchip_importPrivateKey, btchip_deriveBip32Key, btchip_getPublicKey, btchip_signImmediate). All those functions are well described in the API documentation @ https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html#_developer_mode_apdus

I don't think there's support for that - also the dongle only supports verifying one payment output (+ one change output) when using the internal second factor (this is not an issue for GreenAddress considering its very specific use case)

Why can't it verify the outputs/inputs one by one? Will it be supported in future?

   ~~MZ~~

it doesn't verify outputs (not important for inputs as they're cumulated) one by one because then you'd have to remove / insert the dongle for each output, which is kind of annoying. It's not a technical limitation, more a design limitation. I plan to add this in a future firmware version, maybe not for this product though.
hero member
Activity: 560
Merit: 506
I prefer Zakir over Muhammed when mentioning me!
you can import an arbitrary key in developer mode, but then you have to do everything in developer mode (i.e. you are actually signing arbitrary data, without checking anything about the transaction)

Sorry for asking a dump question : Which wallet should I use to do this? Or should I have to use BTChip-python/C/java - I am not used to this but I can give it a try? Any documentation?

I don't think there's support for that - also the dongle only supports verifying one payment output (+ one change output) when using the internal second factor (this is not an issue for GreenAddress considering its very specific use case)

Why can't it verify the outputs/inputs one by one? Will it be supported in future?

   ~~MZ~~
hero member
Activity: 623
Merit: 500
CTO, Ledger
I'd need to retest on Windows at some point, there are a lot of reasons why accessing the dongle from Python could fail.

I am in no hurry. Take your time. Smiley

Is there any way to import an address? Any developer options to do it?

you can import an arbitrary key in developer mode, but then you have to do everything in developer mode (i.e. you are actually signing arbitrary data, without checking anything about the transaction)

P.S. I tried BTChip with Greenaddress wallet but there is no option to send BTC to many address at a time. Sad

   ~~MZ~~

I don't think there's support for that - also the dongle only supports verifying one payment output (+ one change output) when using the internal second factor (this is not an issue for GreenAddress considering its very specific use case)

(edit : there's no support for it in the app, but it's supported in the API or through a BIP 70 request)
hero member
Activity: 560
Merit: 506
I prefer Zakir over Muhammed when mentioning me!
I'd need to retest on Windows at some point, there are a lot of reasons why accessing the dongle from Python could fail.

I am in no hurry. Take your time. Smiley

Is there any way to import an address? Any developer options to do it?

P.S. I tried BTChip with Greenaddress wallet but there is no option to send BTC to many address at a time. Sad

   ~~MZ~~
sr. member
Activity: 313
Merit: 250
There shouldn't be an issue to use those funds, so I'm afraid the answer lies probably in the middle with a BTChip Python bug dealing with long input scripts (around here) . I'll test that, might take a few days due to long trips.

Ok sounds good. No hurry, take your time  Cool

This should have been addressed in my latest updates. Can you pull btchip-python and retest ?


Sorry have just seen your post now, can confirm, seems to work fine! Thank you very much Smiley
hero member
Activity: 623
Merit: 500
CTO, Ledger
I'd need to retest on Windows at some point, there are a lot of reasons why accessing the dongle from Python could fail.
hero member
Activity: 560
Merit: 506
I prefer Zakir over Muhammed when mentioning me!
did the previous version work ?

(just rechecked, it works fine on Linux, unsurprisingly)

I didn't do anything. I  couldn't install the firmware which I downloaded from hardwarewallet website, so I chose windows to download and install automatically and it did. I already installed BTChip and electrum. But when I am trying to open, it isn't coming. Huh Sad

P.S. I haven't installed linux on my system yet, probably, I will install on Saturday or Sunday. Anything I can do before that to work with Win7?

AND, thanks for 2 for 1 offer! Grin

   ~~MZ~~
hero member
Activity: 623
Merit: 500
CTO, Ledger
@btchip is there a way to generate the xpub key for a specific path using any of the command line APIs ? In particular I am trying to manually sign "Coinkite" with "0'/0/0" to test their multisig, but I need the xpub key for that path. Thanks.

yes, we and BitMEX recently added this in better Coinkite cosigning integration scripts - have a look at https://github.com/BitMEX/btchip-signing-tools and  https://github.com/BitMEX/btchip-signing-tools/blob/master/utils/getKey.py for what you need
hero member
Activity: 692
Merit: 500
@btchip is there a way to generate the xpub key for a specific path using any of the command line APIs ? In particular I am trying to manually sign "Coinkite" with "0'/0/0" to test their multisig, but I need the xpub key for that path. Thanks.
hero member
Activity: 623
Merit: 500
CTO, Ledger
did the previous version work ?

(just rechecked, it works fine on Linux, unsurprisingly)
hero member
Activity: 560
Merit: 506
I prefer Zakir over Muhammed when mentioning me!
Not working...





Output of cmd :

Code:
Traceback (most recent call last):
  File "C:\Program Files\Electrum-2.0\gui\qt\installwizard.py", line 393, in run
    wallet.create_main_account(password)
  File "C:\Program Files\Electrum-2.0\plugins\btchipwallet.py", line 217, in create_main_account
    self.create_account('Main account', None) #name, empty password
  File "C:\Program Files\Electrum-2.0\lib\wallet.py", line 1413, in create_account
    account_id, xpub, addr = self.get_next_account(password)
  File "C:\Program Files\Electrum-2.0\lib\wallet.py", line 1397, in get_next_account
    xpub, xprv = self.derive_xkeys(self.root_name, derivation, password)
  File "C:\Program Files\Electrum-2.0\plugins\btchipwallet.py", line 221, in derive_xkeys
    xpub = self.get_public_key(derivation)
  File "C:\Program Files\Electrum-2.0\plugins\btchipwallet.py", line 230, in get_public_key
    self.get_client() # prompt for the PIN before displaying the dialog if necessary
  File "C:\Program Files\Electrum-2.0\plugins\btchipwallet.py", line 204, in get_client
    raise Exception("Could not connect to your BTChip dongle. Please verify access permissions, PIN, or unplug the dongle and plug it again")
Exception: Could not connect to your BTChip dongle. Please verify access permissions, PIN, or unplug the dongle and plug it again

   ~~MZ~~
hero member
Activity: 623
Merit: 500
CTO, Ledger
There shouldn't be an issue to use those funds, so I'm afraid the answer lies probably in the middle with a BTChip Python bug dealing with long input scripts (around here) . I'll test that, might take a few days due to long trips.

Ok sounds good. No hurry, take your time  Cool

This should have been addressed in my latest updates. Can you pull btchip-python and retest ?
Pages:
Jump to: