parity-signer
parity-signer copied to clipboard
novasamatech
Key Portability from other Apps
I am trying to bring my keys from Airgap Vault.
I think, in theory, it should work.
I use the same mnemonic phrase, which seems to work, then I attempt custom key derivation with the path used in Airgap Vault.
The path seems to have a different format, Airgap uses:
m/44'/354'/0'/0/0 which resembles the BIP 44 specification that I see around.
I cannot use that derivation path with parity signer.
Is it possible to port the keys from other apps? how?
In general, it should work. However, there are a few limitations. First of all, please make sure that you use sr25519 crypto in other app - other crypto options are not yet ready in Signer (but will be ready very soon). Second, please see this article on key derivation. Note the difference between hard and soft derivation. The Signer should comply exactly with the specifications from there, if it is not - please let me know, we are taking that very seriously.
Thus, please confirm that the account you are trying to import complies to these conditions, if it does not - please do tell me more and I'll see if we could add another account importing feature.
I am trying to move from AirGap, which is one of the wallets that I found recommended on Polkadot wiki, and certainly it is a good option to get started.
I could not found out if they use sr25519, but I guess they do.
I have made a few tests but I don't seem top get the custom path right. I don't get a polkadot address matching the one AirGap produced.
I think I need help.... I asked at AirGap support and they gave a similar reply: could work, look at the specs.
Would be nice to have a wallet portability wiki.
I don't get a polkadot address matching the one AirGap produced.
I looked at the code; this is probably not possible, or at least they should be considered incompatible for safety's sake. AirGap does not follow subkey spec, which is the only standard defined for Substrate derivations. This is somewhat common problem, unfortunately - wallets derivation implementations deviating from standard. I could only promise that the Signer will follow the standard; there is a good chance we'll allow adding external accounts in raw format, but that doesn't solve your problem at all.
Would be nice to have a wallet portability wiki.
Nice idea; while at it, we could also communicate with other wallet developers that the subkey standard must be followed around substrate. Of course, it takes some effort (even in Signer), but what's the point in derivations if they do not follow standard? What if the code changes slightly, users might lose their accounts? You could as well randomly generate addresses all the time then. I'll pass this message around.
If you are willing to try it on an air gaped machine, subkey can be used more easily to check various paths, passwords, and more. It also exposes the raw hex seed so you can check against what you expect.
This script I made to fuzz paths would need modification, but you could try using it as a base: https://gist.github.com/NukeManDan/b8587d676c38c4578634aa6fdf72b06b
Are you able to create the raw hex seed from AirGap? The raw public & private keys can help here in getting things moved.
Thanks @NukeManDan
I actually thought about using subkey and trying to match a test wallet. But as @Slesarew points it might be not possible. I am not sure I have access to the RAW key in AirGap.
I guess if this doesn't work my option is: un-stake, wait one month, and transfer to the parity signer wallet, right?
There is no way I can skip the one-month wait, right?
You can add your new account as a proxy over your airgap account, this will require only one signature. This way you don't have to unstake. I'll look for clear instructions on how to do that.
Sounds like a fantastic option. If I understand correctly, I would need to prepare a QR code with Polkadot.js that would need to be signed by AirGap Vault, right?
@AndreasGassmann do you think that would work?
If I understand correctly, I would need to prepare a QR code with Polkadot.js that would need to be signed by AirGap Vault,
Yes, this is correct; the general guideline is in #772 comments - I haven't done this procedure myself yet so I couldn't guide you further. Afterwards if you forget the key in airgap, you'll end up with anonymous proxy. Please refer to this:
https://wiki.polkadot.network/docs/en/learn-proxies
We did a test and were able to import an account that was created in AirGap in Parity Signer.
AirGap does not follow subkey spec, which is the only standard defined for Substrate derivations.
When we implemented Polkadot, we went with the standard that would allow our users to have the most cross-compatibility with other wallets, so we chose the same standard that the Ledger HW wallet uses.
The specification might recommend something else, but I'm not sure how widely this is actually adopted. If you import the same mnemonic on polkadot.js.org and in Parity Signer, then the address is also different. (The same is true for polkadot.js.org and AirGap Vault, because they don't use the same path as the Ledger, that is expected, but can be fixed by adjusting the path in either app, see: https://support.airgap.it/currencies/polkadot/wallet-compatibility).
To import an AirGap Vault mnemonic in the Parity Signer you have to go to the main page and select "Add Network Account". Select "Create Custom Path". Now enter //44//354//0/0/0 as the path and choose a Display Name (eg. AirGap). The "Account Network" should be "Polkadot" and the optional password has to be empty. That should give you the same account as you have in AirGap Vault.
@AndreasGassmann that path worked magically. I was so near! just missed the last /0
To import an AirGap Vault mnemonic in the Parity Signer you have to go to the main page and select "Add Network Account". Select "Create Custom Path". Now enter
//44//354//0/0/0as the path and choose a Display Name (eg. AirGap). The "Account Network" should be "Polkadot" and the optional password has to be empty. That should give you the same account as you have in AirGap Vault.
Thank you. Now I just need to add this to Signer's manual (PRs are welcome) when I'm done with long overdue release.
Ok @AndreasGassmann @Slesarew I am writing a PR for doc on this.
I am actually enjoining this feature, and I keep using both wallets as they have different strong points.
Just one question, what would be the derivation path or process when porting keys in the other direction? like from Parity Signer to Airgap?
I will add it also to the doc.
I guess it would be easy to add also instruction for Kusama in both directions.
Not sure about ethereum, and I guess Bitcoin is not supported in Parity Signer...
Hopefully we can add a bunch of examples.
Just one question, what would be the derivation path or process when porting keys in the other direction? like from Parity Signer to Airgap?
Again, I'm pretty sure this is only possible in some particular cases but generally should not be relied on. Please use proxy features.
Not sure about ethereum, and I guess Bitcoin is not supported in Parity Signer...
We are planning to drop Ethereum support soon, it's actually been broken for a while and there is not much support from hot wallets. There is no reason to keep all the extra attack surface.