Image : http://gyazo.com/4f65e857958bd7c55add1d8d06cbb4cd
~~MZ~~
Topic: [NOW AVAILABLE] BTChip / Ledger HW1 : Bitcoin Hardware Wallet in a USB smartcard - page 9. (Read 62567 times)
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
January 09, 2015, 02:30:39 PM
Kryptokit not working! Know why? You can concentrate on electrum now, reply when you are free.
Image : http://gyazo.com/4f65e857958bd7c55add1d8d06cbb4cd
~~MZ~~
Image : http://gyazo.com/4f65e857958bd7c55add1d8d06cbb4cd
~~MZ~~
December 27, 2014, 02:30:07 PM
whats the usd cost for ledger hw1 vs ledgerwallet?
around half of it
Please help me! BTChip is working with electrum now and I imported 2 private keys. After that, I tried to sign messages but I am getting errors. Any solution?
~~MZ~~
~~MZ~~
that's weird, it shouldn't be using the chip to sign that as the keys are not in it. It should deny key imports for this wallet.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
December 27, 2014, 10:20:11 AM
Please help me! BTChip is working with electrum now and I imported 2 private keys. After that, I tried to sign messages but I am getting errors. Any solution?
~~MZ~~
~~MZ~~
December 19, 2014, 10:52:36 PM
whats the usd cost for ledger hw1 vs ledgerwallet?
December 19, 2014, 02:48:52 AM
how is this compared to trezor?
it's cheaper, based on a smartcard, but doesn't have a screen or buttons. Functionally speaking it does the same thing differently.
how fast does it ship to east coast usa?
between one and two weeks
is it very easy for someone that is not computer savy?
it's reasonably easy (especially with GreenAddress) but for the easiest experience we offer the Ledger Wallet, based on the same technology with significantly more polish.
December 19, 2014, 01:55:28 AM
how is this compared to trezor?
how fast does it ship to east coast usa?
is it very easy for someone that is not computer savy?
how fast does it ship to east coast usa?
is it very easy for someone that is not computer savy?
December 18, 2014, 07:16:55 PM
Thanks! I used it. I could create a wallet in normal mode to test but now I want to change it to Developer mode and I am getting some errors. How can I wipe the dongle? I entered 3 invalid pins in a row but I didn't see anything about 'wipe'. What is developer key?
Entering 3 invalid PINs in a row will wipe it (i.e. reset the seed and you start with a fresh dongle). The developer key is the Triple DES key used to encrypt private keys that go out of the dongle in developer mode.
P.S. I think 'wipe pin' can be used to create a new seed and what is the pin? Is wipe pin and user pin same but in different places when typing? I think btchip_setOperationMode can be used to change the mode, so this will suffice my need. I found this on the guide:
You can ignore the wipe PIN as it'll be changed soon - for the time being, when entered, it changes the seed to a random value permanently.
in order to use the developer mode, you need to setup the dongle with this mode authorized (i.e. WALLET+DEVELOPER if using the C API if you want to use both). Then you can switch modes with btchip_setOperationMode
Quote
The dongle must be physically reset following this command if switching to a different mode than the current mode.
How to reset the dongle physically?
That's the entering-3-wrong-PINs-thing
Quote
Additional description of setup parameters : When enabled, RFC 6979 deterministic signatures will be used for all operations in wallet, relaxed wallet and server modes.
RFC 6979 deterministic signatures are always available in developer mode.
Note : Using deterministic signatures will make the signing process slower and could possibly create a larger
side channel attack surface due to the way private keys are handled during the computation of the
random value. We suggest to only enable this mode if you don’t trust the chip hardware Random
Number Generator or are sure of understanding the risks.
RFC 6979 deterministic signatures are always available in developer mode.
Note : Using deterministic signatures will make the signing process slower and could possibly create a larger
side channel attack surface due to the way private keys are handled during the computation of the
random value. We suggest to only enable this mode if you don’t trust the chip hardware Random
Number Generator or are sure of understanding the risks.
Can you explain please?
RFC6979 uses an ECC private key as a message component passed to a HMAC, which is not something you usually do - it'll break the "balanced" algorithms, trying to mask the values of private keys as they go from flash to RAM to the cryptoprocessor on a smartcard. So it might open more subtle attacks, but it's too popular to be ignored in Bitcoin space, so it's always used
it doesn't verify outputs (not important for inputs as they're cumulated) one by one because then you'd have to remove / insert the dongle for each output, which is kind of annoying. It's not a technical limitation, more a design limitation. I plan to add this in a future firmware version, maybe not for this product though.
Hmm...
Noob : Can I create a TX from online wallet and then sign the raw TX using BTChip?~~MZ~~
Depending how the wallet is implemented, you can. This is what's done with Coinkite co-signing solution for example (sample over there https://github.com/BitMEX/btchip-signing-tools)
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
December 11, 2014, 08:39:40 AM
You're basically on your own with that - the C API @ https://github.com/LedgerHQ/btchip-c-api is the most documented one with all developer mode functions implemented (btchip_importPrivateKey, btchip_deriveBip32Key, btchip_getPublicKey, btchip_signImmediate). All those functions are well described in the API documentation @ https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html#_developer_mode_apdus
Thanks! I used it. I could create a wallet in normal mode to test but now I want to change it to Developer mode and I am getting some errors. How can I wipe the dongle? I entered 3 invalid pins in a row but I didn't see anything about 'wipe'. What is developer key?
P.S. I think 'wipe pin' can be used to create a new seed and what is the pin? Is wipe pin and user pin same but in different places when typing? I think btchip_setOperationMode can be used to change the mode, so this will suffice my need. I found this on the guide:
it doesn't verify outputs (not important for inputs as they're cumulated) one by one because then you'd have to remove / insert the dongle for each output, which is kind of annoying. It's not a technical limitation, more a design limitation. I plan to add this in a future firmware version, maybe not for this product though.
Hmm...
Noob : Can I create a TX from online wallet and then sign the raw TX using BTChip?~~MZ~~
December 05, 2014, 01:34:57 PM
you can import an arbitrary key in developer mode, but then you have to do everything in developer mode (i.e. you are actually signing arbitrary data, without checking anything about the transaction)
Sorry for asking a dump question : Which wallet should I use to do this? Or should I have to use BTChip-python/C/java - I am not used to this but I can give it a try? Any documentation?
You're basically on your own with that - the C API @ https://github.com/LedgerHQ/btchip-c-api is the most documented one with all developer mode functions implemented (btchip_importPrivateKey, btchip_deriveBip32Key, btchip_getPublicKey, btchip_signImmediate). All those functions are well described in the API documentation @ https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html#_developer_mode_apdus
I don't think there's support for that - also the dongle only supports verifying one payment output (+ one change output) when using the internal second factor (this is not an issue for GreenAddress considering its very specific use case)
Why can't it verify the outputs/inputs one by one? Will it be supported in future?
~~MZ~~
it doesn't verify outputs (not important for inputs as they're cumulated) one by one because then you'd have to remove / insert the dongle for each output, which is kind of annoying. It's not a technical limitation, more a design limitation. I plan to add this in a future firmware version, maybe not for this product though.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
December 05, 2014, 07:44:07 AM
you can import an arbitrary key in developer mode, but then you have to do everything in developer mode (i.e. you are actually signing arbitrary data, without checking anything about the transaction)
Sorry for asking a dump question : Which wallet should I use to do this? Or should I have to use BTChip-python/C/java - I am not used to this but I can give it a try? Any documentation?
I don't think there's support for that - also the dongle only supports verifying one payment output (+ one change output) when using the internal second factor (this is not an issue for GreenAddress considering its very specific use case)
Why can't it verify the outputs/inputs one by one? Will it be supported in future?
~~MZ~~
December 05, 2014, 07:34:22 AM
I'd need to retest on Windows at some point, there are a lot of reasons why accessing the dongle from Python could fail.
I am in no hurry. Take your time.
Is there any way to import an address? Any developer options to do it?
you can import an arbitrary key in developer mode, but then you have to do everything in developer mode (i.e. you are actually signing arbitrary data, without checking anything about the transaction)
P.S. I tried BTChip with Greenaddress wallet but there is no option to send BTC to many address at a time.
~~MZ~~
~~MZ~~
I don't think there's support for that - also the dongle only supports verifying one payment output (+ one change output) when using the internal second factor (this is not an issue for GreenAddress considering its very specific use case)
(edit : there's no support for it in the app, but it's supported in the API or through a BIP 70 request)
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
December 04, 2014, 08:57:26 AM
I'd need to retest on Windows at some point, there are a lot of reasons why accessing the dongle from Python could fail.
I am in no hurry. Take your time.
Is there any way to import an address? Any developer options to do it?
P.S. I tried BTChip with Greenaddress wallet but there is no option to send BTC to many address at a time.
~~MZ~~
December 04, 2014, 02:18:57 AM
There shouldn't be an issue to use those funds, so I'm afraid the answer lies probably in the middle with a BTChip Python bug dealing with long input scripts (around here) . I'll test that, might take a few days due to long trips.
Ok sounds good. No hurry, take your time
This should have been addressed in my latest updates. Can you pull btchip-python and retest ?
Sorry have just seen your post now, can confirm, seems to work fine! Thank you very much
December 03, 2014, 07:11:20 PM
I'd need to retest on Windows at some point, there are a lot of reasons why accessing the dongle from Python could fail.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
December 03, 2014, 10:57:55 AM
did the previous version work ?
(just rechecked, it works fine on Linux, unsurprisingly)
(just rechecked, it works fine on Linux, unsurprisingly)
I didn't do anything. I couldn't install the firmware which I downloaded from hardwarewallet website, so I chose windows to download and install automatically and it did. I already installed BTChip and electrum. But when I am trying to open, it isn't coming.
P.S. I haven't installed linux on my system yet, probably, I will install on Saturday or Sunday. Anything I can do before that to work with Win7?
AND, thanks for 2 for 1 offer!
~~MZ~~
December 02, 2014, 04:24:33 PM
@btchip is there a way to generate the xpub key for a specific path using any of the command line APIs ? In particular I am trying to manually sign "Coinkite" with "0'/0/0" to test their multisig, but I need the xpub key for that path. Thanks.
yes, we and BitMEX recently added this in better Coinkite cosigning integration scripts - have a look at https://github.com/BitMEX/btchip-signing-tools and https://github.com/BitMEX/btchip-signing-tools/blob/master/utils/getKey.py for what you need
December 02, 2014, 12:56:49 PM
@btchip is there a way to generate the xpub key for a specific path using any of the command line APIs ? In particular I am trying to manually sign "Coinkite" with "0'/0/0" to test their multisig, but I need the xpub key for that path. Thanks.
December 02, 2014, 11:50:43 AM
did the previous version work ?
(just rechecked, it works fine on Linux, unsurprisingly)
(just rechecked, it works fine on Linux, unsurprisingly)
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
December 02, 2014, 10:50:06 AM
Not working...
Output of cmd :
~~MZ~~
Output of cmd :
Code:
Traceback (most recent call last):
File "C:\Program Files\Electrum-2.0\gui\qt\installwizard.py", line 393, in run
wallet.create_main_account(password)
File "C:\Program Files\Electrum-2.0\plugins\btchipwallet.py", line 217, in create_main_account
self.create_account('Main account', None) #name, empty password
File "C:\Program Files\Electrum-2.0\lib\wallet.py", line 1413, in create_account
account_id, xpub, addr = self.get_next_account(password)
File "C:\Program Files\Electrum-2.0\lib\wallet.py", line 1397, in get_next_account
xpub, xprv = self.derive_xkeys(self.root_name, derivation, password)
File "C:\Program Files\Electrum-2.0\plugins\btchipwallet.py", line 221, in derive_xkeys
xpub = self.get_public_key(derivation)
File "C:\Program Files\Electrum-2.0\plugins\btchipwallet.py", line 230, in get_public_key
self.get_client() # prompt for the PIN before displaying the dialog if necessary
File "C:\Program Files\Electrum-2.0\plugins\btchipwallet.py", line 204, in get_client
raise Exception("Could not connect to your BTChip dongle. Please verify access permissions, PIN, or unplug the dongle and plug it again")
Exception: Could not connect to your BTChip dongle. Please verify access permissions, PIN, or unplug the dongle and plug it again
~~MZ~~
December 02, 2014, 08:59:44 AM
There shouldn't be an issue to use those funds, so I'm afraid the answer lies probably in the middle with a BTChip Python bug dealing with long input scripts (around here) . I'll test that, might take a few days due to long trips.
Ok sounds good. No hurry, take your time
This should have been addressed in my latest updates. Can you pull btchip-python and retest ?
Jump to: