near-cli
near-cli copied to clipboard
near
Unclear error message when transaction doesn't fit on Ledger
Sending this:
{"request": {"receiver_id": "bf3209f5dc7b133dcfdaeaa15d9f0dc2e52b9d67.lockup.near", "actions": [
{"type": "FunctionCall", "method_name": "terminate_vesting", "args": "eyJ2ZXN0aW5nX3NjaGVkdWxlX3dpdGhfc2FsdCI6eyJ2ZXN0aW5nX3NjaGVkdWxlIjp7InN0YXJ0X3RpbWVzdGFtcCI6IjE1Nzc5MTk2MDAwMDAwMDAwMDAiLCJjbGlmZl90aW1lc3RhbXAiOiIxNjA5NDU1NjAwMDAwMDAwMDAwIiwiZW5kX3RpbWVzdGFtcCI6IjE3MDQxNTAwMDAwMDAwMDAwMDAifSwic2FsdCI6IjdiYzcwOWMyMjgwMTExOGI3NDNmYWUzODY2ZWRiNGRlYTE2MzBhOTdhYjljZDY3ZTk5MzQyOGI5NGEwZjM5N2EifX0=", "deposit": "0", "gas": "150000000000000"}
]}}
fails with message: Ledger device: UNKNOWN_ERROR (0x6990), before singing UI appears on Ledger.
But shortening message
{"request": {"receiver_id": "bf3209f5dc7b133dcfdaeaa15d9f0dc2e52b9d67.lockup.near", "actions": [
{"type": "FunctionCall", "method_name": "terminate_vesting", "args": "eyJ2ZXN0aW5nX3NjaGVkdWxlX3dpdGhfc2FsdCI6eyJ2ZXN0aW5nX3NjaGVkdWxlIjp7InN0YXJ0X3RpbWVzdGFtcCI6IjE1Nzc5MTk2MDAwMDAwMDAwMDAiLCJjbGlmZl90aW1lc3RhbXAiOiIxNjA5NDU1NjAwMDAwMDAwMDAwIiwiZW5kX3RpbWVzdGFtcCI6IjE3MDQxNTAwMDAwMDAwMDAwMDAifSwi", "deposit": "0", "gas": "150000000000000"}
]}}
passes and signs.
We should make it clear what is going on by:
- returning explicit error code from Ledger for transaction being too big
- handling it in near-ledger-js / near-api-js / near-shell / near-wallet
@vgrichina is there any plan to somehow address the limitation, so transactions of a reasonable size can be signed with Ledger? (bumped into it in https://near.cli.rs implementation now: https://github.com/FroVolod/near-cli/issues/33)
/cc @khorolets
@frol what do you mean by reasonable size? Ledger only has about 4K of RAM available for app.
It's possible to implement streaming of larger transactions (while hashing it on the fly), however it has it's drawbacks:
- it's pain in the ass to implement
- implementation complexity might increase security risk
- if you have user sign large transaction in Ledger, it means that user doesn't really read what is inside of transaction. If so – why use Ledger for this transaction in the first place?
Far better security would be doing smth like following on app side:
- submit whatever large stuff needed to a smart contract using app-specific key
- confirm submitted request using key on Ledger and including only params that user can for real verify into this transaction
@vgrichina I see
if you have user sign large transaction in Ledger, it means that user doesn't really read what is inside of transaction. If so – why use Ledger for this transaction in the first place?
Good point. Yet, the two-step signing is not always that convenient, and not immediately obvious that you may hit this issue along your way and only with Ledger (it does not matter for NEAR protocol how you get a signed transaction).
I don't think we can do much about it, so I will keep the workaround in mind
Just chiming in here -- no way to deploy contracts with ledger. Would love to see that supported somehow
happen to me when I try to use REF :
Error
Sorry an error has occurred. You may want to try again.
View FAQ
Ledger device: UNKNOWN_ERROR (0x6990)
happen to me when I try to use REF :
Error Sorry an error has occurred. You may want to try again. View FAQ Ledger device: UNKNOWN_ERROR (0x6990)
Same issue for me
It seems there is no other way than to add the support of streaming signing on the NEAR Ledger app side. While I agree that users should be able to review the transactions they sign, Ledger is not always there only for security reasons, but also for convenience reasons. NEAR Ledger app should not artificially limit users from signing big transactions just because it is believed that Ledger device should only be used for security critical applications where users must review the transaction thoroughly, and humans can only review when something is short.
Guys are you serious? I can’t use REF through my Ledger, and you say that «Nah, we are not going to do anything with that, try less secure authorization methods». Mass adoption 👍
@vgrichina please check my message in Discord on this issue: https://discord.com/channels/490367152054992913/542945453533036544/1010924371654738063 It would partially solve the problem for Nano X.