-
-
Notifications
You must be signed in to change notification settings - Fork 204
Stellar: invalid signature for the changeTrustOp #421
Comments
@istrau2 writes:
|
@zulucrypto the signature is the same for Trezor One as for Trezor T. Would you be interested in looking into this? |
@tsusanka Any updates on this? We are trying to include Trezor support in our next release... |
Few questions:
Answers for those would speed up things, otherwise I'll have to dive into the stellar eco system, which will take a while. |
|
Ok, thank you. One more question, how do you proceed? Using connect or python's trezorlib? |
@tsusanka using trezor-connect (js library). |
@tsusanka - Would you still like help looking into this? |
@zulucrypto if you have a bit of time, it'd be great! I haven't been able to figure out much more than that the digest to be signed in Trezor differs from the ones I'm getting from the offical JS SDK, see stellar/js-stellar-sdk#211 or at least that's what it seems like. But at the same time, that applies for the Payment operation, which I have tested myself and it worked, so I'm a bit confused here. |
@tsusanka - It looks like this is a bug somewhere in Connect. tl;dr is that if you run the transaction that istrau2 provided you're asked to confirm an amount of I checked out the master branch of python trezor, trezor-mcu, and trezor core and then found the account used by the default emulator setups:
I used that to recreate istrau2's transaction (on the testnet): Then I ran it through both emulators (Trezor T and One):
They both return the expected signature. Using https://trezor.github.io/connect-explorer/#/stellar-signtx I set up the following JSON (default path and on the testnet):
When I ran that through the emulator, I noticed that it's not parsing the limit correctly and you're asked to confirm the wrong value. |
That's great I believe we're finally getting somewhere. Also thanks to the issue on Stellar's SDK I've finally realized why the data before signing differed. The reason is that both trezor firmware and Connect work with stroops rather than lumens. This is a design choice which is used for every coin to avoid floats. That means that value We have agreed with @szymonlesisz that Connect will check if the amount is float and if so raise an error (trezor/connect#278). Only integers are valid. @istrau2 could you try the same transaction but with the limit specified in stroops? If I am not mistaken that should be |
@tsusanka @zulucrypto Ok, I tried this tx:
The emulator shows 922337203685.4774784 on the confirmation screen. Once the transaction is signed, I still get an invalid signature (that is rejected by the stellar network). |
I'll look into this next week at the latest |
@tsusanka great, looking forward. We are waiting on this to release Trezor support to all Stellarport users. |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
@istrau2 do you by any chance have any public beta where I could try trezor with the ChangeTrustOp easily? Our trezor.io/stellar currently does not support this op, so it might speed things a bit. |
So I've tried this using the Stellar's Python SDK and trezor generates the same pre-signature hash as the SDK does for the ChangeTrustOp. So I doubt this is a firmware bug. So the only other option is that this is a Connect issue, but the fields are defined correctly. @istrau2 could you please try if you're still having this issue? Please use the newest Connect and don't forget we use lumens instead of XLMs. If you still experience the issue, please provide an example script where you use Connect with Trezor and the network rejects the transaction. |
@tsusanka Hi, how can I get in touch with you (I tried gitter and telegram)? |
@istrau2 I'll be on gitter |
So the problem is Connect currently does not support numbers larger then 2^53 (trezor/connect#302). There was a good reason Satoshi chose 21 mil cap for Bitcoin, because it fits in the IEEE-754 floating point standard. This is not the case for Stellar which works with numbers up to 2^63 and recommends using "big number" librariers, which we are currently not using in Connect. Although we are aware of this issue as tracked in trezor/connect#302, it will take a while to fix this because it means a significant rework of our stack. In the meantime I believe the most straightforward solution to this is not to set the Does this sound reasonable? Could you try to send 2^53 - 1 in your Stellarport instead of the max value? |
Also note, I've fixed the memo issue I believe you've reported earlier. It now defaults to memo type none if not defined. ea775c2#diff-53ecaee988a138eb845ea2e0df5e94dfR83 |
@tsusanka Ok, thanks I will check it out later today. |
@tsusanka I just tried the proposed solution. Unfortunately, it has not solved the issue. Can you please reopen? |
@tsusanka My apologies. Looking again at the code, I realized that I changed the number in the json representation being sent to the trezor to sign but I hadn't changed the number in the actual transaction being submitted to the network. Obviously then, this resulted in an incorrect signature. I will try again today. |
This transaction supposedly creates an invalid transaction.
The text was updated successfully, but these errors were encountered: