Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make SSKR generation flow less confusing #30

Open
clouedoc opened this issue Mar 20, 2024 · 4 comments
Open

Make SSKR generation flow less confusing #30

clouedoc opened this issue Mar 20, 2024 · 4 comments
Labels
enhancement New feature or request

Comments

@clouedoc
Copy link

clouedoc commented Mar 20, 2024
edited
Loading

Describe the bug

When opening the app, I'm presented with two choices:

  • Check BIP39 recovery phrase
  • Check SSKR recovery phrase

My intent is to generate SSKR shards to backup my secret key.

I needed to read the README.md to understand that after entering my BIP39 key, I will be able to generate SSKR shards.

Expected behavior

I would like to see a menu item called "Generate SSKR recovery shards".
I would like to not have to type my BIP39 seed (after all, it's supposed to already be inside the device)
@aido
Copy link
Owner

aido commented Mar 20, 2024
edited
Loading

Hi again @clouedoc

I would like to not have to type my BIP39 seed (after all, it's supposed to already be inside the device)

Unfortunately this is how the app has to work.
Even though a seed is stored on a device, due to the security of the Ledger devices apps have no way of accessing the seed directly. This is actually a good thing.

To work around this security feature the app has to make a user prove that they know the seed. It uses a little trick to make sure that the user supplied seed can derive the same master key as the onboarded seed. If the derived master keys match then the user supplied seed is correct. Ledger's own "Recovery Check" app uses the exact same technique.
This is also why the app uses the SSKR standard and cannot use SLIP-39 for share generation. SSKR can do a BIP39 <-> SSKR roundtrip whereas SLIP-39 cannot ... very important

The flow diagram here attempts to explain that a user must first supply the correct BIP39 phrase before they will be offered the option of generating the SSKR shares:

https://github.com/aido/app-seed-tool?tab=readme-ov-file#ledger-nano-application-menus

@aido
Copy link
Owner

aido commented Mar 20, 2024

Also, when app-seed-tool is released for installation via Ledger Live there will be a blog post written explaining the origins and purpose of the app.

This Ledger blog post has been written but not published yet and it will contain some details on how to use the app too.

@clouedoc
Copy link
Author

I see, I understand better the technological constraints behind this decision.

From what's left to salvage in terms of ergonomic, I believe that it would be better to have a menu named "generate SSKR shares" that asks for the seed, rather than having a menu named "Check BIP39 seed".

I was confused before reading the diagram, I thought the SSKR Shares generation feature was just missing because I messed up something when building. It took me a minute before thinking about reading the README.md again.

(btw, it was a nice idea to include the diagram, because I'm not sure I would have taken the time to type my BIP39 seed)

@aido
Copy link
Owner

aido commented Mar 20, 2024

I may add a menu item as you suggest that links back to the same flow as the "Check BIP39 Phase" menu. That may make things less confusing. I am limited to how many menus I can add to Ledger S devices due to the capacity of that device.

@aido aido added the enhancement New feature or request label Mar 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aido @clouedoc