Bitcoin Forum

When a Ledger Nano S is connected to Electrum, and the HWW contains the corresponding private keys for the attached Electrum wallet, the ledger symbol lights up in green.


How does Electrum confirm the device is holding the correct private key to spend the UTXO's contained in the Electrum wallet?


Does it simply receive the XPub stated by the device, and trust that the device holds the private keys for said XPub, or is there verification (ie: some type of signing) to confirm it?



In short, does Electrum verify that a device is accurately stating the private keys it holds or is verification only done during signing and prior to this the green ledger light on Electrum is an indicator only (trusting that the device holds the corresponding keys because the device says so)?

If you're not being asked for a PIN then it's not asking for any signatures. It'll only ask for them when you go to spend your coins.

I think that's an accurate assumption.  I'm no programmer, but it's my understanding that Electrum can only assemble the transactions, then they are signed internally by the Ledger (any hardware wallet) then the signed Tx is broadcast by Electrum.  Electrum has no access the private keys, not even when the hardware wallet is connected.

I don't know exactly what you want !
by the way if you are 'Ledger Nano S' use  so thing have interface for manage 'Ledger Nano S' why you used connect electrum ?
but suggested electrum desktop wallet only.

Ledger Live lacks some features which are available if you pair your hardware wallet with Electrum. The most notable feature is coin control. Private keys are not exposed to the computer in any way.

This is quite an interesting question and I don't think anyone answered it (I also don't know the answer), the question is: what is used to encrypt the wallet file so only the hardware device has access to it.

If you have a hardware wallet (I use a trezor with electrum), the wallet won't load up unless the trezor is plugged in so something must be done to decrypt the wallet (even if it is a public key on the device or an initial unique certificate associated to that seed maybe at an odd derivation path - using symmetric encryption).

---

I had to make a second watching only wallet in order to see transactions from my trezor for when I didn't have it avaliable to plug in.

e.g

https://i.imgur.com/rp8XpvV.png

That's actually interesting because it does not apply to my setup. When I open my wallet, the following message box is shown.

https://i.imgur.com/GFP1Mca.png.

When I select 'No' or simply close the box, I can see the list of all transactions. Everything looks as if I were using a watch-only wallet.

Edit: I quickly found out that I can enable the encryption manually just like in a normal Electrum wallet.

https://i.imgur.com/WFQV6K6.png

A password derived from the xpub.

Just want to say that this does happen with the Ledger Nano S. Unless I create a watch-only address with my Ledger's xpub, I can't see anything about it unless I connect it and unlock with my PIN. After the wallet is unlocked, I can disconnect it.

My Electrum+Nano S combo does not require this... but that is because I explicitly chose not to encrypt the wallet when setting it up! ;) :P

https://talkimg.com/images/2023/11/15/z4ggm.png


So, I just get a warning on startup that the Nano isn't connected:
https://talkimg.com/images/2023/11/15/z48dW.png

If I choose "No" the wallet is still opened and syncs like a "watching only" wallet.

Looks like you are right. I have never noticed this option.

I just imported it again but this time with the option unchecked. This makes things easier, so... thanks. :)