-
-
Notifications
You must be signed in to change notification settings - Fork 204
Validate BIP32 paths according to BIP44, etc. #326
Comments
Yes, as a part of bigger refactoring, we are going to validate all used BIP32 paths. If an unknown path is encountered, a warning/error is shown, depending on the coin. Coin strictly adhering to SLIP44 will use error, bitcoin-like coins will show warning to support non-BIP44 wallets and various claim tools. |
Recognized paths for all coins:
Recognized paths for all coins which use change addresses:
Recognized paths for segwit-enabled coins:
For |
Ok, great! Just a recap: we introduce a function, which takes address_n and coin as an argument and returns a node. Along the way it checks the bip-32 path against the list provided by @prusnak. In case of bitcoin-like coins failure leads to a warning, in other coins it is a hard error. I'll take this. |
What about multisig wallets? Are they expected to use the same paths or different paths? |
@yura-pakhuchiy yes, for multisig we should rather check BIP45 and BIP48 schemes. |
BTW, firmware 2.0.7 partially fixed this issue in 51df249 |
@alepop the Lisk bip32 path should start |
@tsusanka no, Lisk doesn't have "change" concept. But I prefer to have |
@alepop what is the rational behind having an |
Hi all, I have proposed something like this to be implemented in Lisk wallets, Lisk accounts are more similar to ethereum than to Bitcoin, however Lisk allows to enable second signature to each account.
and respectively second signature (if requested)
I'm neither strong, nor very familiar with cryptography but I believe that ed25519 provides 2^126 bits of security, so enabling second signature in Lisk should actually increase security up to 2^127 (?) either way, since this is common in Lisk to have second signature in account - enabling it with another path in Trezor, sounds good to me. Here is simple script utilising trezorctl with mentioned paths implemented. |
I don't like the idea you presented. I think the usage should be the following: m/44'/134'/0' Can you describe the "second signature" concept? It seems dubious at best. |
@prusnak in the future Lisk will drop SDK for developing side chains and this will allow creating dApp's on Lisk blockchain. I think it is better to provide the next usage for Lisk bip32 - About the second signature.
|
I think let's allow |
How about second signature? It is very commonly used. While adding it from the same device provides rather minimal increase of security there could be an option in Lisk wallets to add it with another Trezor device. |
@karek314 as said, let's deal with the basic scenario first. If we add multiple signature support to trezor, we'll allow those paths.
Great. |
@karek314 It's a warning, so user will still be able to do this. But anyway, I would advise stricly against using these two schemes: m/44'/134'/a'/0'/0' They are non-systematic and not very obvious why it was selected like this. If I were you, I'd retract the two pull requests you linked above. |
@prusnak So what else do you propose, because I think that using 5000 is just example, it can be max value of allowed variable, but still. Isn't better design than what I proposed and I don't see any other possibilities |
|
Let's move that discussion to another issue please. |
@prusnak Can we agree that it will be official path of generating second signature for Lisk in the same device? So I can adjust my cli wallet and amend accordingly issues raised in Lisk wallets repos ? |
@karek314 yes |
Why |
This is a soft limit.
|
This is done and was merged. It does not yet work for Bitcoin's GetPublicKey, which needs some modifications in trezor wallet (maybe already done). Will be done in https://github.com/trezor/trezor-core/issues/406 |
Altcoins use constants for
coin_type'
path inbip32
that are defined in slip-0044. ButTrezor
does not validate this path for altcoins and you can pass for exampleETH
address toLisk
functions and vice versa. Should validation be implemented in a device or it is not worth for it?The text was updated successfully, but these errors were encountered: