app-seed-tool icon indicating copy to clipboard operation
app-seed-tool copied to clipboard
verified publisher icon aido

Application freezes when choosing 1 of 2 threshold value for SSKR shares

Open aido opened this issue 8 months ago • 2 comments

Describe the bug When generating SSKR shares choosing a 1 of 2 threshold value causes the application to freeze.

To Reproduce Steps to reproduce the behaviour:

  1. Enter recovery phrase in the "Check BIP39" tool. All goes well.
  2. Select "Generate SSKR" shares
  3. Choose 2 shares
  4. Choose threshold value of 1
  5. Error: Nothing displayed
  6. Erase threshold value of 1 and choose a different value
  7. Error: Device freezes
  8. Have to plug in USB to revive device
  9. App has crashed so have to start process again

Expected behaviour Choosing a 1 of 2 threshold is not supported by SSKR. The following warning should be displayed when these values are chosen: 1-of-m shares where m > 1 is not supported

Screenshots Not provided

Device type:

  • Device: Flex
  • Firmware version: 1.2.2
  • App Version: v1.8.0

Additional context Thanks to @vforgeoux-ledger for finding and reporting this issue

aido avatar Apr 28 '25 18:04 aido

Hi,

I have been able to reproduce this bug on Flex AND Stax. Here are some of my observations:

  • This error only happens in very specific circumstances i.e. when 1-of-2 is selected. Values such as 2-of-2 etc. work as normal
  • The app freezes after second attempt to enter values because by that stage the memory has been cleared after the first attempt so the app is now attempting to generate SSKR shares from a empty seed array. I shall cheekily call this a good thing. It means the memory is cleared as soon as possible when not needed; a security feature not a bug 😉
  • This exact scenario of 1-of-2 shares was tested previously and was fine.
  • The problem most likely lies in this block of code that validates threshold values for both Stax and Flex: https://github.com/aido/app-seed-tool/blob/8ab6d37580b6082d3be30d25bbf6e0bdf02df9c5/src/nbgl/ui.c#L663-L687

Further investigations are ongoing....

aido avatar Apr 28 '25 22:04 aido

Cause of issue found.

I am too embarrassed to say what it was. Fix will be in v1.8.1 after some thorough testing.

My previous statement was half correct:

  • This exact scenario of 1-of-2 shares was tested previously and was fine.

It would appear that it was tested on Nano devices but not on Stax or Flex.

aido avatar Apr 29 '25 00:04 aido