trezor-firmware icon indicating copy to clipboard operation
trezor-firmware copied to clipboard

Published 20 hours ago verified publisher icon trezor

Support Ledger Live legacy Ethereum derivation

Open mastercyb opened this issue 4 years ago • 10 comments

(edit by @matejcik) Ledger Live historically used a 4-part pattern m/44'/60'/0'/address for Ethereum addresses. With the introduction of path patterns, Trezor stopped supporting this pattern; we support 3-part SEP-5 pattern, or 5-part BIP44 pattern, but not the 4-part variant.

original report kept for posterity:

I'm not sure that this repo is the correct location of this feature request.

I've used Ledger for several years. Now I am pretty sure I am not gonna use the product of this company ever. Reasons are:

  • no respect to the user
  • no privacy guaranties
  • VPN dependency
  • almost zero reliability of the device
  • low usability of the device given recent changes

The only question is how to switch from this hell. While seed phrases are interoperable, derivation paths are not. I do not have an option to transfer to different accounts because (1) it would be crazy expensive and (2) in several cases I need several years due to different locks.

So if Trezor want support from a horde of guys who was fucked by Ledger, I beg you - add support for their derivation path

mastercyb avatar Aug 05 '21 04:08 mastercyb

You'll need to be more specific than that. There is no One True Derivation Path. Each coin can use one or more derivation paths. As far as we know, Bitcoin and bitcoin-like derivation paths are standardized, and the same between Ledger and Trezor.

matejcik avatar Aug 05 '21 08:08 matejcik

Sorry to hear about your bad experience. It also seems to me that you should be able to switch by simply performing a wallet recovery on Trezor using your existing backup seed. If you have a more specific use case, please feel free to contact our support team at https://trezor.io/support/ they would be happy to help.

stepmes avatar Aug 16 '21 08:08 stepmes

@stepmes That doesn't work because Trezor doesn't currently support either of the derivation paths used by Ledger. @matejcik FWIW, they are (apparently) not "standardized": Ledger uses m/44'/60'/0' (which happens to be the same path as used by something called "Lightstreams" and thereby seems to work, at least via myEtherWallet... it doesn't work for my softwaere, though: I'm getting "Forbidden key path" <- edit: OK, this also doesn't work! the user I'm trying to help reported that it only looked like it worked until they tried to make a transaction, and then myEtherWallet also returned "Forbidden key path") and Ledger Live (the one being discussed in this issue, as Ledger doesn't even have a single standardized path with itself ;P) uses m/44'/60', which Trezor seems to reject (myEtherWallet is getting "Not a valid path" if I try to manually add this path, though I'm honestly not entirely sure where that error comes from). Notably, I am pretty sure that this used to work on Trezor firmware 1.8.3 (as I still have some Trezors on that firmware version), but is now broken at least on Trezor 1.11.1... it might be that I can bypass this, though, using "set safety-checks prompt", per #1255?

WhatsApp Image 2022-07-05 at 11 49 50 AM

saurik avatar Jul 05 '22 19:07 saurik

@saurik let me repeat myself:

You'll need to be more specific than that. There is no One True Derivation Path. Each coin can use one or more derivation paths.

matejcik avatar Jul 06 '22 09:07 matejcik

@matejcik I provided the exact derivation path for "Ledger Live"--which is a specific term used by Ledger for a specific product that had a specific derivation path, as even provided in a screenshot I provided of the Ledger software --so I'm not sure how much more "specific" I can be. Maybe instead of repeating yourself, you can try to be helpful? It frankly seems like you are the person here with a misunderstanding of the issue here... as a hardware wallet developer, I'd argue one of your primary jobs is to know the state of play on derivation paths :/.

FWIW, for anyone else running into this: I've verified that if you disable "strict checks" on the device -- which I figured out how to do using the ApplySettings management message via the USB protocol (as I'm a low-level tooling developer), but which it sounds like you can adjust using something called "trezorctl" (which I haven't used, but maybe can help others if it comes up) -- you can get it to support the Ledger Live derivation path (<- this being the answer the Trezor people should have provided instead of just stonewalling and defending).

saurik avatar Jul 07 '22 03:07 saurik

@saurik there is no such thing as "Ledger Live derivation path", which I just confirmed by a google search -- because, again, repeating myself, there is no such thing as "one true derivation path". A derivation path depends on the cryptocurrency in question and also usage. A piece of "specific" information that would help is which cryptocurrency you are talking about. Your screenshot seems to indicate Ethereum? That word did not appear in any text in this issue until just now. "ledger live derivation path ethereum" yields this which seems to suggest that Ledger uses m/44'/60'/x'/0/0 -- which I just confirmed is supported by Trezor.

Neither derivation path that you mention looks like a complete derivation path -- but m/44'/60'/0' is supported by Trezor. I highly doubt that anyone anywhere is using keys at m/44'/60' to generate their address -- for one, then it would not be possible to have multiple addresses because there is no variable part in that path, so that would mean one Ethereum address per wallet.

Please come back with some more precise information, and/or specification that says m/44'/60' should be supported as a stand-alone address. Otherwise there is not much we can do about it.

matejcik avatar Jul 07 '22 10:07 matejcik

Hello, @saurik is correct. And there are many articles/posts about how and why Ledger Live does this and why this breaks things for people moving their wallets to other devices. I've spent 3 days down the rabbit hole to gain access to my funds again.

Ledger Live seems to create all the Ethereum Wallet under an HD path of m/44'/60'/0'.

So when you have migrated/restored your passphrase from Ledger to Trezor, Trezor Suite does not detect your Ledger Live as the default path, instead the default path for Trezor/MEW/Metamask etc (m/44'/60'/0'/0), which if you were using Ledger Live, now shows zero funds in any wallets and none of the address are familiar.

When you use Metamask with Ledger it asks you which HD path do you want to use: Ledger Live Legacy (m/44'/60'/0') or another (sorry I can't remember right now what it was called, maybe "default", my Ledger is broken hence migration to Trezor) The other path is basically the default path for other wallets which is the one Trezor finds with no funds.

So as per @saurik, in order to access your funds you can ONLY use MEW and you must choose Lightstreams Network (m/44'/60'/0'), (Metamask does not detect the other HD path from the trezor when it launches and you can only choose the default one) and once you use that path you can see all your Ledger Live funds. But then when you try send funds you get the error: "Not a valid path"

I found a fix for this however based on this post: https://forum.trezor.io/t/how-to-fix-error-forbidden-key-path/8642 If you set the safety checks to "Prompt" then the trezor no longer sends the error to MEW stating this is an invalid path and you can send your funds.

So Ideally, Trezor and Trezor Suite should be aware of this use case and when discovering HD paths it should also discover this Ledger Live HD path (for apps like Metamask) and give the user an option or mechanism to select their default path in some way.

psypher246 avatar Aug 10 '22 07:08 psypher246

Additionally, when you import your trezor into brave wallet, it only shows a "Default" HD path with an option to switch but the drop down list only shows Default, which has zero funds. When you do the same with Ledger, it shows both the Legacy Ledger Live Path and the Default one. Choosing Ledger Live shows all your funds. So whatever mechanism Ledger Live is using to list those HD paths in these Web Wallets, is what's missing from Trezor, and without this, no Ledger Live user can easily migrate to Trezor. See attached screenshot.

Screenshot from 2022-08-10 10-12-33

psypher246 avatar Aug 10 '22 08:08 psypher246

So as per @saurik, in order to access your funds you can ONLY use MEW and you must choose Lightstreams Network (m/44'/60'/0'), (Metamask does not detect the other HD path from the trezor when it launches and you can only choose the default one) and once you use that path you can see all your Ledger Live funds. But then when you try send funds you get the error: "Not a valid path"

Thank you, this is the first piece of information that actually helps with reproducing the issue.

I am reopening the issue an updating the summary.

when you import your trezor into brave wallet, it only shows a "Default" HD path

this is unfortunately fully on Brave. Trezor has no mechanism for indicating the HD paths to wallets -- so ISTM Brave is detecting Ledger specifically and adding the option.

matejcik avatar Aug 10 '22 09:08 matejcik

@matejcik thanks for confirming. I guess we would need to reach out to Brave and Metamask to support this and for Trezor not to see it as a security risk so the prompt setting is no longer needed.

Is there any way to get Trezor suite to interact with this HD path?

psypher246 avatar Aug 10 '22 11:08 psypher246

QA OK

2.5.3

trezorctl ethereum get-address --address "m/44'/60'/0'/0"
Error: DataError: Forbidden key path

2.5.4 revision: ff35c77bad82c7acac1df6245940ebe0d6454642

trezorctl ethereum get-address --address "m/44'/60'/0'/0"
0x1ec5C1854e3E9F1674c34D6C2Be1bf13DFc0Fd8F

bosomt avatar Dec 13 '22 10:12 bosomt

Why not just let users feed in an arbitrary bip32 path? It's just bip32. "m" is a valid bip32 path. If valid bip32 paths aren't going to be accepted then why even call it bip32?

I am getting "Not a valid path" when I pass in "m" which according to the bip32 spec is in fact a valid bip32 path.

kanzure avatar May 05 '23 21:05 kanzure

I am getting "Not a valid path" when I pass in "m" which according to the bip32 spec is in fact a valid bip32 path.

could be an issue in your host software.

i am getting:

% trezorctl ethereum get-address -n m                                              
Error: DataError: Forbidden key path

which is the correct response

generally the reason why not allow just any old path is to avoid cross-contamination of keys between different usecases, and also to prevent a certain class of ransom attacks (where an attacker gets you to send funds to "your" receive address at some insane path, but then you can't spend them without actually finding the path)

if you insist on setting your Ethereum account to m, which doesn't actually have any advantages but exposes you to a number of subtle risks, you can do that by lowering the safety checks setting, e.g., via trezorctl set safety-checks prompt

matejcik avatar May 09 '23 10:05 matejcik

edit: I forgot about hardened derivation paths. ignore this comment.

FWIW I do not get "Forbidden key path", but I am not using trezorctl.

I recognize this is probably off-topic for this issue so I'll open a different issue somewhere else if this persists. "Not a valid path" appears to be from this layer: https://github.com/trezor/connect/blob/develop/src/js/utils/pathUtils.js

kanzure avatar May 09 '23 15:05 kanzure