Failed to sign PSBT using ledger

[thomaseizinger]

I've been building a PoC for using this lib to sign PSBTs and I've run into an issue that I can't resolve.

My PoC is here: https://github.com/thomaseizinger/rust-ledger-poc
You can run the shell script with a ledger plugged in and it should error with:

Error: failed to get signatures from device

Caused by:
    Ledger device: APDU Response error `Code 6985 ([APDU_CODE_CONDITIONS_NOT_SATISFIED] Conditions of use not satisfied)`

Any ideas of what could be the issue?

[prestwich]

What version of the ledger firmware and ledger Bitcoin app are you on? There have been some recent changes to the necessary apdus

[thomaseizinger]

I was on 1.5.5 and upgraded to 1.6.0 yesterday, however that didn't change anything. Same error in both cases.

[prestwich]

are you signing witness or legacy inputs? My legacy support is spotty at the moment

[thomaseizinger]

I skimmed the APDU code and tried to cross reference with the spec but I didn't get very far.

Some things I noticed:

• P2 for UNTRUSTED_HASH_TX_INPUT_START is always set to 0x02 (https://github.com/summa-tx/bitcoins-rs/blob/master/ledger-btc/src/utils.rs#L65) although the spec says it should be set to 0x80 in some cases: https://blog.ledger.com/btchip-doc/bitcoin-technical-beta.html#_untrusted_hash_transaction_input_start
• Your code is making use of response_length. I ran this other example and that one worked although that one is using a hardcoded transaction and that is not using response length.

[thomaseizinger]

are you signing witness or legacy inputs? My legacy support is spotty at the moment

All native segwit unless I messed it up somewhere :D
But the inputs are all funded to bech32 addresses and I am spending to bech32 as well.

[prestwich]

0x80 is usually a continuation flag. I'll try to take some time tomorrow to dive into this

[thomaseizinger]

I tried to set the PoC up in a "nice" way :)
You should be able to run it (see the included shell script) end to end with the ledger plugged in if that helps with anything!

[prestwich]

The psbt crate has a basic ledger signer that I have run a few times. It's overdue for a refactor to deprecate the txin witness (see #44)

[thomaseizinger]

Ah I missed that one, I was using the psbt stuff from rust-bitcoin 😅

Will give that a go and see if it works!

[prestwich]

its probably riddled with bugs 👌

[thomaseizinger]

I've pushed a branch here: https://github.com/thomaseizinger/rust-ledger-poc/tree/use-bitcoins-psbt

Unfortunately, I can't even parse the psbt from base64 😬
It fails with: Error: failed to fill whole buffer

That is the psbt I used:

cHNidP8BAHECAAAAAeBANSdI+VT5VJvVfchN4UEUniZ5cfeucBkBuoA475wjAAAAAAD+////AgDh9QUAAAAAFgAU7gEhvO/VGbeMDvk2DeqaTVkRQh8AERAkAQAAABYAFCQ8xyUkB4v4DqmV7T6aVADqs8M5AAAAAAABAR8A8gUqAQAAABYAFO4BIbzv1Rm3jA75Ng3qmk1ZEUIfIgYDbXrhM7lpiaTJhxwJSplsX1r33gCcoD9xL4wEteLypE8YRwNsJ1QAAIABAACAAAAAgAAAAAAAAAAAACICA2164TO5aYmkyYccCUqZbF9a994AnKA/cS+MBLXi8qRPGEcDbCdUAACAAQAAgAAAAIAAAAAAAAAAAAAiAgONam8JJOdoEr/jubocGRelQAnn2NfLVM7jLliPK0n8KBhHA2wnVAAAgAEAAIAAAACAAQAAAAAAAAAA`

I also needed to fix another compile error 😅 #65

[prestwich]

failed to fill whole buffer

this would be a (de)serialization issue. I have narrowed it down to an issue with the input bip32 derivation deserialization

[prestwich]

the schema was passing an incorrect length to the KeyDerivation deserialization. Fixed in 5668e6a

[prestwich]

I'll check your example routines when I get a second.

Typically the 6985 error is triggered here: Code. It often means there was some missing information and a signature was requested before the device was ready to produce it.

[thomaseizinger]

I'll check your example routines when I get a second.

Typically the 6985 error is triggered here: Code. It often means there was some missing information and a signature was requested before the device was ready to produce it.

Thanks! I also stumbled over that code path in the source code but I couldn't really conclude on what to do differently as a result 😅

I will try again with the fix when I get around to it :)

[prestwich]

okay, I started a new job so progress on this issue has been slow. I pushed a branch that fixes osx compilation errors afaict

[thomaseizinger]

Congratulations! :)

That is okay, we ended up going back to using JavaScript and the ledgerjs package for what we are currently trying to achieve. I am still curious on what the issue is though!

Note that I also opened LedgerHQ/app-bitcoin#164 although looking at the other issues, the Ledger team doesn't seem to give too much attention to the OSS community 🙃

[prestwich]

if you're in JS, the WASM target uses the ledger JS transports and the PSBT should be able to sign with it. I still need to check your example and see where the bug is

[prestwich]

dropping this here for more digging

out.log