Bitcoin Forum
November 04, 2024, 04:22:09 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Using Ledger on Electrum - "the sign path is unusual"  (Read 121 times)
amraskin (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
September 14, 2021, 01:06:30 PM
 #1

I have a multi-sig wallet, set up on electrum with ledgers.  When I'm trying to move some BTC out of my wallet ,the ledger says "the sign path is unusual.  Reject if you're not sure".  Then it gives me two transactions to approve.  the first one matches what I'm trying to send, the second one is larger.  I don't feel comfortable approving this, and I feel like my coins are stuck in this wallet.

Anyone have any suggestions?
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 2856
Merit: 3071


https://bit.ly/387FXHi lightning theory


View Profile
September 14, 2021, 01:13:27 PM
 #2

Where are you sending the funds too? If it's a wallet you control then it might be possible that it's asking you to confirm sending "change" but if you're unsure then I'd try sending it all to the other address/wallet and back to see if that works.
Pmalek
Legendary
*
Offline Offline

Activity: 2940
Merit: 7538


Playgram - The Telegram Casino


View Profile
September 14, 2021, 01:23:48 PM
Merited by hosseinimr93 (1)
 #3

Is your Ledger Bitcoin crypto app updated to the newest version? There was a derivation path vulnerability in the past, but it should have been fixed with Bitcoin app v 1.4.6. The error seems to be related to a wrong derivation path by the wallet software compared to the derivation path used by the coin's app according to this source by Ledger.

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
ranochigo
Legendary
*
Offline Offline

Activity: 3038
Merit: 4420


Crypto Swap Exchange


View Profile
September 14, 2021, 01:26:12 PM
 #4

Ledger enforces a check on the derivation path, which means that if the software asks Electrum to sign a transaction using keys from a different derivation path, it will display an error message.

What version of Electrum are you using?

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
NeuroticFish
Legendary
*
Offline Offline

Activity: 3850
Merit: 6583


Looking for campaign manager? Contact icopress!


View Profile
September 14, 2021, 01:30:23 PM
Merited by hosseinimr93 (1)
 #5

Anyone have any suggestions?

I don't remember the exact error message, but I've got some similar strange error (but it was telling about the change path - is there a chance you've misread the message?) when I wanted to send the change of a transaction to one of the funding addresses in my wallet. (But it was not multi-sig).
My point is that:
1. I'd agree with the previous post that's probably 2 outputs, not 2 transactions.
2. I'd expect that the large transaction is the change. In that case, if you go on this path, make sure it indeed goes to an address from within your wallet.
3. If you want to avoid that error, look at the transaction you make and change something (like for example don't set the address for the change yourself, if it's the case)

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
amraskin (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
September 14, 2021, 01:36:53 PM
 #6

Is your Ledger Bitcoin crypto app updated to the newest version? There was a derivation path vulnerability in the past, but it should have been fixed with Bitcoin app v 1.4.6. The error seems to be related to a wrong derivation path by the wallet software compared to the derivation path used by the coin's app according to this source by Ledger.

I am using version 1.6.3.
BitMaxz
Legendary
*
Offline Offline

Activity: 3430
Merit: 3165


Playbet.io - Crypto Casino and Sportsbook


View Profile WWW
September 14, 2021, 02:08:45 PM
 #7

What wallet did you generate the transaction?
Is that from Ledger live or in Electrum?

If it's in Electrum what version do you currently use?

If it was the latest version then it might be a bug it needs to report directly to the ledger about this issue.
Just try to report it and maybe you are also eligible to bug bounty program from here https://donjon.ledger.com/bounty/

███████████████
█████████████████████
██████▄▄███████████████
██████▐████▄▄████████████
██████▐██▀▀▀██▄▄█████████
████████▌█████▀██▄▄██████
██████████████████▌█████
█████████████▀▄██▀▀██████
██████▐██▄▄█▌███████████
██████▐████▀█████████████
██████▀▀███████████████
█████████████████████
███████████████

.... ..Playbet.io..Casino & Sportsbook.....Grab up to  BTC + 800 Free Spins........
████████████████████████████████████████
██████████████████████████████████████████████
██████▄▄████████████████████████████████████████
██████▐████▄▄█████████████████████████████████████
██████▐██▀▀▀██▄▄██████████████████████████████████
████████▌█████▀██▄▄█████▄███▄███▄███▄█████████████
██████████████████▌████▀░░██▌██▄▄▄██████████████
█████████████▀▄██▀▀█████▄░░██▌██▄░░▄▄████▄███████
██████▐██▄▄█▌██████████▀███▀███▀███▀███▀█████████
██████▐████▀██████████████████████████████████████
██████▀▀████████████████████████████████████████
██████████████████████████████████████████████
████████████████████████████████████████
amraskin (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
September 14, 2021, 02:13:44 PM
 #8

Anyone have any suggestions?

I don't remember the exact error message, but I've got some similar strange error (but it was telling about the change path - is there a chance you've misread the message?) when I wanted to send the change of a transaction to one of the funding addresses in my wallet. (But it was not multi-sig).
My point is that:
1. I'd agree with the previous post that's probably 2 outputs, not 2 transactions.
2. I'd expect that the large transaction is the change. In that case, if you go on this path, make sure it indeed goes to an address from within your wallet.
3. If you want to avoid that error, look at the transaction you make and change something (like for example don't set the address for the change yourself, if it's the case)

So this is exactly it.  Regarding Point #2, I see that the address shown that the larger transaction is going to is in my "address" tab on elecrum, as a previous receiving address.  Does this indicate that I am able to approve the message?
NeuroticFish
Legendary
*
Offline Offline

Activity: 3850
Merit: 6583


Looking for campaign manager? Contact icopress!


View Profile
September 14, 2021, 02:20:07 PM
 #9

So this is exactly it.  Regarding Point #2, I see that the address shown that the larger transaction is going to is in my "address" tab on elecrum, as a previous receiving address.  Does this indicate that I am able to approve the message?

I won't say what you should do, I would be uneasy too with such messages (and I don't know how good you checked the addresses, no offense).
I've sent you quite a long message in private, I don't know how your tx looks like, I will post it here too:

Quote
It depends also how you do it.
If you have value_x on Your_Address_1 and just want to send value_y to Coinbase_Address_1, your transaction will be

In: Your_Address_1
Out_1: Coinbase_Address_1
Out_2: Your_Address_2 (the change, meaning value_x - (value_y + tx fee))

Now, if you have made yourself the transaction as "Pay to many" and put yourself Your_Address_2 you wanted, this may be the problem; in my case this was it and I've fixed it by NOT using Pay to Many and instead only send to Coinbase_Address_1 and let the wallet do the rest.

Problem 1: I don't know what you actually done and you don't look as somebody that would have been using pay to many.
Problem 2: This kind of things should be discussed publicly because I may be a scammer trying to get more info from you and steal your money. And it should be public because others may also have good ideas.
Problem 3: I don't know if your Electrum is clean. I don't want to scare you, but another direction would be to uninstall Electrum, download it, verify the signature and install/run it again; just to make sure you don't have some odd Electrum clone that's trying something fishy.  --> update, this may not be the case if the second address is indeed part of your wallet

Since my use case differs from yours, since I didn't do multisig (and I don't have experience with that), I'll leave to the others find a way that maybe the Ledger won't complain. I think that such direction would still be option #1.

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
amraskin (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
September 14, 2021, 03:25:00 PM
 #10

So this is exactly it.  Regarding Point #2, I see that the address shown that the larger transaction is going to is in my "address" tab on elecrum, as a previous receiving address.  Does this indicate that I am able to approve the message?

I won't say what you should do, I would be uneasy too with such messages (and I don't know how good you checked the addresses, no offense).
I've sent you quite a long message in private, I don't know how your tx looks like, I will post it here too:

Quote
It depends also how you do it.
If you have value_x on Your_Address_1 and just want to send value_y to Coinbase_Address_1, your transaction will be

In: Your_Address_1
Out_1: Coinbase_Address_1
Out_2: Your_Address_2 (the change, meaning value_x - (value_y + tx fee))

Now, if you have made yourself the transaction as "Pay to many" and put yourself Your_Address_2 you wanted, this may be the problem; in my case this was it and I've fixed it by NOT using Pay to Many and instead only send to Coinbase_Address_1 and let the wallet do the rest.

Problem 1: I don't know what you actually done and you don't look as somebody that would have been using pay to many.
Problem 2: This kind of things should be discussed publicly because I may be a scammer trying to get more info from you and steal your money. And it should be public because others may also have good ideas.
Problem 3: I don't know if your Electrum is clean. I don't want to scare you, but another direction would be to uninstall Electrum, download it, verify the signature and install/run it again; just to make sure you don't have some odd Electrum clone that's trying something fishy.  --> update, this may not be the case if the second address is indeed part of your wallet

Since my use case differs from yours, since I didn't do multisig (and I don't have experience with that), I'll leave to the others find a way that maybe the Ledger won't complain. I think that such direction would still be option #1.

OK, done some research, and I understand what a change address is.  And I can confirm that they second transaction is sending the larger amount to a change address that I can match in my address book in electrum, with the label "change" next to it.  I feel like I should be ok to approve this, but man is this scary.  LOL. 


amraskin (OP)
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
September 14, 2021, 04:07:25 PM
 #11

Where are you sending the funds too? If it's a wallet you control then it might be possible that it's asking you to confirm sending "change" but if you're unsure then I'd try sending it all to the other address/wallet and back to see if that works.

After doing a ton of research to really understand what was happening, this is the route I took, and it worked.  Thank you for the suggestion. 
ranochigo
Legendary
*
Offline Offline

Activity: 3038
Merit: 4420


Crypto Swap Exchange


View Profile
September 14, 2021, 05:54:59 PM
 #12

If it was the latest version then it might be a bug it needs to report directly to the ledger about this issue.
Just try to report it and maybe you are also eligible to bug bounty program from here https://donjon.ledger.com/bounty/
This has nothing to do with Ledger. Ledger is rightfully throwing a warning because the derivation path is not standard to them. If anything, either the user is using one that isn't commonly used by Ledger or Electrum is using a derivation path like that. It was an issue previously which Electrum solved, but the issue wasn't for any MultiSig setup which could've had a different derivation path.

As far as possible, try not to rely on whatever Electrum is telling you to be accurate. You should assume that you can only trust whatever Ledger is saying, because it is the one with the secure environment, not your desktop with Electrum.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
nc50lc
Legendary
*
Offline Offline

Activity: 2590
Merit: 6327


Self-proclaimed Genius


View Profile
September 15, 2021, 03:14:49 AM
Merited by NeuroticFish (2)
 #13

After doing a ton of research to really understand what was happening, -snip-
You can add these links to your research, the latter may be the answer to the former:


█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!