Author

Topic: Using Ledger on Electrum - "the sign path is unusual" (Read 127 times)

legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
After doing a ton of research to really understand what was happening, -snip-
You can add these links to your research, the latter may be the answer to the former:

legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
If it was the latest version then it might be a bug it needs to report directly to the ledger about this issue.
Just try to report it and maybe you are also eligible to bug bounty program from here https://donjon.ledger.com/bounty/
This has nothing to do with Ledger. Ledger is rightfully throwing a warning because the derivation path is not standard to them. If anything, either the user is using one that isn't commonly used by Ledger or Electrum is using a derivation path like that. It was an issue previously which Electrum solved, but the issue wasn't for any MultiSig setup which could've had a different derivation path.

As far as possible, try not to rely on whatever Electrum is telling you to be accurate. You should assume that you can only trust whatever Ledger is saying, because it is the one with the secure environment, not your desktop with Electrum.
newbie
Activity: 5
Merit: 0
Where are you sending the funds too? If it's a wallet you control then it might be possible that it's asking you to confirm sending "change" but if you're unsure then I'd try sending it all to the other address/wallet and back to see if that works.

After doing a ton of research to really understand what was happening, this is the route I took, and it worked.  Thank you for the suggestion. 
newbie
Activity: 5
Merit: 0
So this is exactly it.  Regarding Point #2, I see that the address shown that the larger transaction is going to is in my "address" tab on elecrum, as a previous receiving address.  Does this indicate that I am able to approve the message?

I won't say what you should do, I would be uneasy too with such messages (and I don't know how good you checked the addresses, no offense).
I've sent you quite a long message in private, I don't know how your tx looks like, I will post it here too:

Quote
It depends also how you do it.
If you have value_x on Your_Address_1 and just want to send value_y to Coinbase_Address_1, your transaction will be

In: Your_Address_1
Out_1: Coinbase_Address_1
Out_2: Your_Address_2 (the change, meaning value_x - (value_y + tx fee))

Now, if you have made yourself the transaction as "Pay to many" and put yourself Your_Address_2 you wanted, this may be the problem; in my case this was it and I've fixed it by NOT using Pay to Many and instead only send to Coinbase_Address_1 and let the wallet do the rest.

Problem 1: I don't know what you actually done and you don't look as somebody that would have been using pay to many.
Problem 2: This kind of things should be discussed publicly because I may be a scammer trying to get more info from you and steal your money. And it should be public because others may also have good ideas.
Problem 3: I don't know if your Electrum is clean. I don't want to scare you, but another direction would be to uninstall Electrum, download it, verify the signature and install/run it again; just to make sure you don't have some odd Electrum clone that's trying something fishy.  --> update, this may not be the case if the second address is indeed part of your wallet

Since my use case differs from yours, since I didn't do multisig (and I don't have experience with that), I'll leave to the others find a way that maybe the Ledger won't complain. I think that such direction would still be option #1.

OK, done some research, and I understand what a change address is.  And I can confirm that they second transaction is sending the larger amount to a change address that I can match in my address book in electrum, with the label "change" next to it.  I feel like I should be ok to approve this, but man is this scary.  LOL. 


legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
So this is exactly it.  Regarding Point #2, I see that the address shown that the larger transaction is going to is in my "address" tab on elecrum, as a previous receiving address.  Does this indicate that I am able to approve the message?

I won't say what you should do, I would be uneasy too with such messages (and I don't know how good you checked the addresses, no offense).
I've sent you quite a long message in private, I don't know how your tx looks like, I will post it here too:

Quote
It depends also how you do it.
If you have value_x on Your_Address_1 and just want to send value_y to Coinbase_Address_1, your transaction will be

In: Your_Address_1
Out_1: Coinbase_Address_1
Out_2: Your_Address_2 (the change, meaning value_x - (value_y + tx fee))

Now, if you have made yourself the transaction as "Pay to many" and put yourself Your_Address_2 you wanted, this may be the problem; in my case this was it and I've fixed it by NOT using Pay to Many and instead only send to Coinbase_Address_1 and let the wallet do the rest.

Problem 1: I don't know what you actually done and you don't look as somebody that would have been using pay to many.
Problem 2: This kind of things should be discussed publicly because I may be a scammer trying to get more info from you and steal your money. And it should be public because others may also have good ideas.
Problem 3: I don't know if your Electrum is clean. I don't want to scare you, but another direction would be to uninstall Electrum, download it, verify the signature and install/run it again; just to make sure you don't have some odd Electrum clone that's trying something fishy.  --> update, this may not be the case if the second address is indeed part of your wallet

Since my use case differs from yours, since I didn't do multisig (and I don't have experience with that), I'll leave to the others find a way that maybe the Ledger won't complain. I think that such direction would still be option #1.
newbie
Activity: 5
Merit: 0
Anyone have any suggestions?

I don't remember the exact error message, but I've got some similar strange error (but it was telling about the change path - is there a chance you've misread the message?) when I wanted to send the change of a transaction to one of the funding addresses in my wallet. (But it was not multi-sig).
My point is that:
1. I'd agree with the previous post that's probably 2 outputs, not 2 transactions.
2. I'd expect that the large transaction is the change. In that case, if you go on this path, make sure it indeed goes to an address from within your wallet.
3. If you want to avoid that error, look at the transaction you make and change something (like for example don't set the address for the change yourself, if it's the case)

So this is exactly it.  Regarding Point #2, I see that the address shown that the larger transaction is going to is in my "address" tab on elecrum, as a previous receiving address.  Does this indicate that I am able to approve the message?
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
What wallet did you generate the transaction?
Is that from Ledger live or in Electrum?

If it's in Electrum what version do you currently use?

If it was the latest version then it might be a bug it needs to report directly to the ledger about this issue.
Just try to report it and maybe you are also eligible to bug bounty program from here https://donjon.ledger.com/bounty/
newbie
Activity: 5
Merit: 0
Is your Ledger Bitcoin crypto app updated to the newest version? There was a derivation path vulnerability in the past, but it should have been fixed with Bitcoin app v 1.4.6. The error seems to be related to a wrong derivation path by the wallet software compared to the derivation path used by the coin's app according to this source by Ledger.

I am using version 1.6.3.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Anyone have any suggestions?

I don't remember the exact error message, but I've got some similar strange error (but it was telling about the change path - is there a chance you've misread the message?) when I wanted to send the change of a transaction to one of the funding addresses in my wallet. (But it was not multi-sig).
My point is that:
1. I'd agree with the previous post that's probably 2 outputs, not 2 transactions.
2. I'd expect that the large transaction is the change. In that case, if you go on this path, make sure it indeed goes to an address from within your wallet.
3. If you want to avoid that error, look at the transaction you make and change something (like for example don't set the address for the change yourself, if it's the case)
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Ledger enforces a check on the derivation path, which means that if the software asks Electrum to sign a transaction using keys from a different derivation path, it will display an error message.

What version of Electrum are you using?
legendary
Activity: 2730
Merit: 7065
Is your Ledger Bitcoin crypto app updated to the newest version? There was a derivation path vulnerability in the past, but it should have been fixed with Bitcoin app v 1.4.6. The error seems to be related to a wrong derivation path by the wallet software compared to the derivation path used by the coin's app according to this source by Ledger.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
Where are you sending the funds too? If it's a wallet you control then it might be possible that it's asking you to confirm sending "change" but if you're unsure then I'd try sending it all to the other address/wallet and back to see if that works.
newbie
Activity: 5
Merit: 0
I have a multi-sig wallet, set up on electrum with ledgers.  When I'm trying to move some BTC out of my wallet ,the ledger says "the sign path is unusual.  Reject if you're not sure".  Then it gives me two transactions to approve.  the first one matches what I'm trying to send, the second one is larger.  I don't feel comfortable approving this, and I feel like my coins are stuck in this wallet.

Anyone have any suggestions?
Jump to: