parity-signer
parity-signer copied to clipboard
novasamatech
Make derivation system clear and self-explanatory to avoid further user's confusion.
- I created a new Polkadot account within Parity Signer
- Imported that account into the Browser plugin by typing in the 12 seed words
- Inject account into Polkadot.js , setting network (also) to Polkadot
- I have a different address in Parity Signer than in Browser plugin !!
What am I missing ?
12ukAcCa1.... Parity Signer 16UX6GQU.... Browser-plugin & Polkadot.js
Are you sure the crypto algorithm in polkadot.js is set to sr25519? Which version of Signer is this? Did you check that derivation path matches? Old Signer was creating something like //polkadot by default, not sure what current browser plugin proposes.
This is 99% a derivation issue, as we got many such reports in the past
Old Signer was creating something like //polkadot by default
I wouldn't call it old, this is what's live, and what ppl have access to today! The Polkadot apps/extension, subkey, and any other wallet out there don't have derivation per default, unlike Signer.
TL;DR @SvenMeyer Parity Signer adds a derivation "//[netowrk]" by default when you create an account. Polkadot.js doesn't hence the different address. So either you should make sure to create a custom derived account from the root, with no derivation, or you should add this derivation manually in the extension, by adding at the end of the mnemonic //[network], and replacing [network] by kusama or polkadot.
@Tbaut Thanks for the insights. Looks like exactly as you described :
Parity Signer shows //polkadot next to the user icon - I would have never come up with the idea that this is a derivation path, I always thought it has to be in a format like m/44’/60’/0’/0
Looking into the Polkadot browser extension, I could not find any option for the derivation path (why should I bother anyway, in Metamask I do not have to deal with it as well, it 'just works' after entering a seed) ... but looking closer there was a "Advanced" dropdown which revealed an empty input field ... who, even an early adopter in crypto would know what to put in there (and there should be no need to bother in the standard use case).
@Slesarew Of course I was looking for a solution to secure my funds, now it looks really messy and with all the workarounds I don't think that at the moment it will make the setup more secure and prevent loss of funds better than just using the browser plugin. Although , the multi-sig approach might be an alternative, thanks for pointing that out.
I really appreciate the work which has been done, but I thought we would be further along the way to a secure setup , now that Kusama and Polkadot & parachains all go live and Millions, if not Billions are being handled ... what use is an outstanding blockchain if the funds get lost in the UI ?
(mass) user adoption quite far off ...
P.S.: Sorry for "just complaining" and not contributing code (at this stage), but happy to try out new releases and do QA.
@SvenMeyer please have a look at this document - IMO the best explanation of the derivations out there. https://substrate.dev/docs/en/knowledgebase/integrate/subkey Yes, these are different thing from the old good bitcoin format, they are confusingly similar, but that's because that Substrate's derivations are somewhat backwards-compatible with normal format yet more versatile.
Browser extensions system is being developed synchronously with Signer now (by pretty much same people in different roles), so some changes towards usability should be released soon as well. Thanks for your suggestions.
@AndreiEres @goldsteinsveta @vas3k calling you to read this user experience story. It's quite typical and we should have a clear and easy to find FAQ at least and self-explanatory UI/UX everywhere ideally.
P.S.: Sorry for "just complaining" and not contributing code (at this stage), but happy to try out new releases and do QA.
And these user reports are much more valuable for the project at this moment than any code contributions. Thank you.