Several people have lost Neo due to a fluke in the Neon wallet and Ledger Nano S.

[OrEagle97327]

I came from - https://discord.cityofzion.io to make this post. ...We need support.

I ask all that experienced this problem, join this thread so we can compare notes.

Hopefully; we can get Neo and Ledger to join the support, instead of claim 3rd party software.

---

On December 22, I installed Neon Wallet 0.0.7. After connecting to Ledger Nano S, I transferred 108 Neo from the Bittrex exchange, using copy/paste of public key in Neon wallet. ...I kept the wallet open until I saw the transaction complete. It showed my transfer as expected. I closed the wallet and went to bed. (1:00 AM)

The next morning, I opened the Neon wallet to check it out. There was a ZERO balance. After more examination, I realized, the public key was different. That makes two public keys, and only one being addressed by Neon wallet attached to Ledger.

In my search for support, I found my way here on gethub ... https://github.com/CityOfZion/neon-wallet/issues/416. The person who posted that thread invited me to "discord.cityofzion.io" We are getting referred back here.

Coranos got involved in that discussion, and finally gave up. I quote him here: "Sir, your neo is gone. Finding the defect that caused your car to explode is not the same thing as un-exploding your car. Simmilarly, imagining ways a car can explode is not helpful, when trying to find why a specific car exploded in a specific way. Best I can do at this point is to warn people that at some point, their car may explode, and they better test their recovery process at least once before putting more than 2 NEO in any address. I've muted this thread." I feel like it is something else that blew up like a car. My "bullion/Neo" in the car/wallet is still lost. Where can we go to find the answer to recover the missing Neo? There is more than just a couple of us.

To add chaos to the problem; On Jan 10, I upgraded to the Neon wallet from 0.0.7 to 0.0.9. Now I have another public key. That makes three, the one that got the Neo, the new one I had the next morning, and the one I have now. I have uninstalled the Neon wallet and reinstalled, still the third public key. Even if I uninstall ver 0.0.9 and reinstall 0.0.7, I get the third key. (I have reinstalled it back to 0.0.9) When I run my 24 Ledger phrase, through https://coranos.github.io/neo/ledger-nano-s/recovery/, it now returns the third public key at the top of the list.

ATTENTION: All who suffered this loss; join this conversation here, Let us all compare notes, so we can get to the bottom of what happened.

[OrEagle97327]

@numero41 - The painful part of loss is watching exactly how much investment "shuddaCuddaWudda"

Seem the issue could be: ..."phantom/hidden" wallets still open, when users think they have moved on. Hopefully devs will incorporate "close wallet" more aggressively. (HoweverThatCouldBe)

While considering common ground, another issue to consider; ...Where these transactions come from. My observation: Most were from the Bittrex exchange, a few were from Binance. I know of none that were from other than these two exchanges. Let me also note here: Bittrex's ...Neo wallet has been unavailable for some time now.

Most were on Mac OS while I know of two on PC/Win10.

Do others have input on common ground. These and others.

?? neo/eth/xrp/...etc ??

[ghost]

@OrEagle97327 Sorry to hear that (I'm also a ledger user). Just thinking out loud - is there any chance that just before sending funds to your 1st NEO address, you played with the ledger settings clicking on the 'temporary passphrase' option and entered something (maybe just something simple like 'a' or 'aa' which would result in showing you different addresses till next time your restarted your device)?

[Gazby]

please, noob here needing help. i have the 0.0.7 wallet, use it with a nano s ledger and up till acouple days ago could see my balance. now i cant. it says block is 0. my coins are still intact in the tracker, but what do i do to get my balance showing?

[OrEagle97327]

@Gazby Hopefully someone here can help. This is why I set up this thread. I am kind of a newbee myself. My Neo is still unavailable for the time being, and possibly forever.

May I suggest you try to take notes, on every step you have done so we can try to replicate "what went wrong" so the devs here can help.

Your issue has a variation than mine, and others I have conferred with. Have you been in and out of the Neon wallet, more than once, when zero balance occurred? You are still on version 0.0.7, so was I. There have been several versions released since.
(Feels like we are the beta test grounds here.)

May I suggest; Wait to compare notes before, upgrading to a newer version of Neon Wallet

[Gazby]

@OrEagle97327 Thanks so much. update:, i later tried again and my coins showed up. So very thankful because thats the bulk of my portfolio right now....twas a right scare. BUUUT now im sooo wary of upgrading to a new version....i started with 0.07 and ledger s. Ideas on how to upgrade without losing wallet i what im looking for now

[numero41]

@chenshak @OrEagle97327 Somebody solved his problem (xrp wallet) with this, but for myself I never touched this option...

And the issue would appear ONLY if you reset your Ledger in between, right? I tried a reset/restore of the device, but it wasn't working already before that.

[OrEagle97327]

@numero41 Your last post did not include a link. I am not sure what xrp wallet solution was.

[numero41]

@OrEagle97327

He answered my post on reddit. When he first used the Ledger, he set up a passphrase. Then reset the Ledger, and forgot to set the passphrase again. He reconnected his Ledger again > that lead to the same issue as us which is different public address.

And yesterday, he remembered that at the first setup he added a passphrase. He entered it again, and found his first address.

He explains it here : https://www.reddit.com/r/ledgerwallet/comments/7rd798/should_we_be_concerned_about_the_ledger/dt7rim7/

Do you remember seting a passphrase ever?

[OrEagle97327]

I did "NOT" set up a pass phrase, unless by accident.

That is why I am wondering if Bip-39 can wildcard for passphrase.

[numero41]

I don't understand why users are left alone with no advices, here, on mew, or on Ledger support... Nobody seems to care...

Did you see on my Mew ticket, I found an interesting file in my recovery data named "ledger-ethereum-chrome-logs-1515971263779.logs".

In this file I can see transactions listed at the same time I did my withdrawals, on the 14th of january. Except that I wasn't doing any transactions from the chrome app (was using mew), and the txids, and the from addresses have nothing to do with my transactions! I also have after each transaction the error "org.json.JSONException: No value for to"

This is freaking... Maybe all the issues with transactions stucked, or missing accounts could be related to our issues? People complaining since a week are numerous : https://www.reddit.com/r/ledgerwallet/ https://support.ledgerwallet.com/hc/en-us/community/topics/115000374034-Ledger-Nano-S

Some people are getting completely crazy... But I think for most of them it's only server issues and their issues will be solved automatically. For us I fear that we'll never get any help. I am starting to wonder if there is a possibility that Ledger's servers could have been hacked...

[numero41]

@OrEagle97327 Do you know if the other ones still have the issue? They don't seem very active... Maybe they didn't lose anything?

108 Neo is worth $15000 now... I hate to see the account where my tokens are, maybe in 6 months it'll be worth $100k...

[OrEagle97327]

Others still have the issue, as well as me. Still hoping for the solution.

There are two that have more tied up than me.

I have a whole lot more in MEW, and afraid to look since your post.

I will donate my Neo to someone who solves this for all.

[ghost]

So I have a solution in the works that should prevent this from happening in the future, but it's going to take a month or so to implement.

Nobody has done it before, so it's not something I can just plug in.

Here's the solution: Sign the public key, and check the signature on the client side before using it. It should be cryptographically impossible for the public key to be signed by the private key, and also be a valid public key/signature combination.

I know of 12 people that lost NEO, Etherium and Ripple due to this bug.

You should look, I mean, at least you'll know.

[OrEagle97327]

@lostis4d Did you ever solve your Neo issue?

[curatedcryptocurrencynews]

I just lost two (2) NEO...

https://github.com/neo-project/neo/issues/158

Hello,

I sent two (2) NEO from Binance to my Ledger Nano S wallet, however after approximately an hour, my balance is still not reflected on my NEO Ledger Nano S. When i check the scan, it shows that it was successfully sent and Binance shows a "successful" confirmation on their end as well.

Txid: e1aa2ceaabcd774d60fe2e65938f950a315d1c18ca7a04dad986aa9fbbf17f6d Link: https://neoscan.io/transaction/e1aa2ceaabcd774d60fe2e65938f950a315d1c18ca7a04dad986aa9fbbf17f6d

Has anyone else been experiencing this issue?

[OrEagle97327]

@coranos @numero41 I finally checked MEW. All is well

[ghost]

Which company? Also you realize this is github, for defect tracking, not your own personal Facebook page.

[numero41]

A few more links referring to similar behaviors :

https://www.reddit.com/r/Wavesplatform/comments/7qpjkv/same_seed_different_wallet_address/ https://ethereum.stackexchange.com/questions/35062/myetherwallet-is-giving-me-another-address https://github.com/kvhnuke/etherwallet/issues/573 https://github.com/kvhnuke/etherwallet/issues/360

The issue could be bigger than just related to Ledger, or Neo, etc. I think a higher level bug could happen.

[jagjjb]

My mistake then and my apology. Clicked the link from Nano Ledger that popped this up. was not intentional.

[ghost]

Ah ok :)

If you scroll up, you'll see I have already identified a fix for neon-wallet.

https://github.com/CityOfZion/neon-wallet/issues/524#issuecomment-360945038

it will not be quick, so the recommendation for NEO is to always send 1 NEO and claim gas on your ledger before sending any large amounts.

[numero41]

@coranos Will it be a fix to avoid further errors, or will it also be able to "reverse" the previous ones?

[ghost]

@numero41 a fix for further errors. The previous errors appear to be irreversible.

[numero41]

Did you receive advises/recommandations from Ledger to code that fix?

[ghost]

I've received advice on how to code the fix, yes.

https://github.com/LedgerHQ/blue-sample-apps/blob/master/blue-app-samplesign/demo.py#L49

It's covered in their example code, but their example is in python, and I'll have to port it to JavaScript.

Their example is how to validate a signature given a public key. If I sign the public key, then either the signature is invalid (and validation fails) or the public key is invalid (and validation fails) so it should be a sufficient fix.

[numero41]

ok, that's what I thought. well, I guess it won't be the end of the path for all the ones who lost a lot.

[jagjjb]

Ive seen the fixes, but my issue seems to be the device itself. Ive been trying to get Ledger to address it for over 2 weeks. The reason I wound up on this site. On the Nano manager I get Hardware Device error

[ghost]

Ok so Hardware Device error means your ledger nano is bad and you need to buy a new one or get them to ship you a replacement.

If you just want to get your coins out, you can use the recovery site to recover a WIF:

https://coranos.github.io/neo/ledger-nano-s/recovery/

[jagjjb]

Correct! That's why Im so aggravated. Purchased directly from Ledger, paid additional charge for expedited shipping and weeks later I still hear nothing from their company.

Thank for the help!

[numero41]

@coranos This is very simple code, why do you say it's hard to implement?

[stevesbrain]

@numero41 If it's simple for you, then please submit a PR and help out the project :)

[numero41]

:) well, I would love to! but unfortunately I have way too much work currently, and I spend all my nights trying to figure out my issue with Mew... hopefully, one day my remaining coins will be worth enough to allow me to spend less time at work and more time on such exciting applications lol

hey, let me just clarify if it wasn't : I did say this example code is simple, but if coranos need to re-write all the related modules, yes, I guess it's a lot of work. I was simply assuming that he could just bind this function into a javaScript one, and eval the python imports inside it. Did not want to create any tensions here

[OrEagle97327]

I am excited you people know what you are talking about.

Sort of over my head - even though I had a more than basic computer background a couple dozen years ago.

---

I have found what looks to be a Neo Keystore file dated just about the time I downloaded Neon Wallet 0.0.7. Think it is empty Neo wallet, but I do not know enough to try to access it.

I was thinking of asking one of you how to wildcard scan my hard drive for any files that look like Keystore / JSON File(s) with dates close to my loss. (including hidden files) anywhere on the system

---

I am on a pc/win10 system. Been careful not to do any wipe routines (that I control).

[numero41]

You can use Agent Ransack for instance. http://www.clubic.com/telecharger-fiche10751-agent-ransack.html

I found valuable information in sql files and blob files, browser cache, etc. You can try to search at first your public address, or keyword "cipherparam", or the name of the wallet, etc.

[stevesbrain]

@numero41 No worries at all - I wasn't trying to cause tensions either; just wanted to try and prevent this chat from turning into a thread where we end up "ripping on" the devs. I know sometimes one or two people will make a statement like the above, then a lot more people end up getting mad because the devs can't implement the claimed simple code quickly :)

I too wish you luck with your coins - I hope they increase in value so you afford to give up work and chase those dreams :D

[OrEagle97327]

I have done some of the things you suggest. Wildcard search of address Neo went to (nothing)

Just wondering what kind of letter or words would be in a Neo Keystore file.

Eth Keystore files starts with "UTC" plus dated created (I think)

Then I will wildcard scan the hard drive and any thub drives I had at the time.

I am so simple I do not know how to use the trackers and the like.

[numero41]

That's far from my intention, on the contrary. I was juste curious... I'm a dev for 20 years, I work for CG industry, I do python 9 hours a day and I love it lol And I also know the difficult relationship dev/users sometimes. I have a lot of users, 30% of my time is solving bugs.

That's also why I am so involved in finding a solution for all of us.

If Ledger provides some code to assure full integrity of transactions (2 years old code), why didn't they advise to use it from the start, that's strange. So whatever happens from now, I won't give up on this.

[ghost]

I said "it will not be quick", not "it will be hard".

Like five lines of code, but you write one bug and the world comes breathing down your shoulders.

So, forgive me, but I want to make sure to test it thoroughly.

This is fixing a bug that happened only 14 times between Oct 2017 and Jan 2018, odds of hitting it upwards of 1 in 40,000 given the number of ledgers sold. You are more likely to be killed at work than hit this bug. So I want to make sure it's fixed, and for good.

[OrEagle97327]

Radio Repair School, US Army 1968 - I learned - "Intermittent problems are hardest to diagnose."

Can anyone tell me what to wildcard search for Neon Keystore files? @coranos

[numero41]

Yes I understand your concerns, and I totally agree with you with taking it so seriously of course. Apologies if I was misandertood.

Anyway, knowing the existence of the possibility of the bug, even so little, knowing how to prevent it, involves Ledger responsibility to me for now. I just wait how it'll go in the next days / weeks to have a more accurate picture of all this.

[penobe]

I had same problem as described in OP on my Mac running OS X 10.11.6, and then (several hours later) installed the Neon wallet on a tablet running Windows 10 Pro, hooked up my Ledger Nano S, and the GAS showed up when I plugged in my Ledger to the Windows computer... WHEW!

[numero41]

@OrEagle97327

You can search on your hard drive (most likely in the userData folder) for keywords such as : blockSize, accounts, address. This tool is cool : http://www.clubic.com/telecharger-fiche10751-agent-ransack.html

Your keystore file contains these keywords, with associated values, those are the informations that the wallet app needs to decode your private key, and generate your public address. It's called a dictionnary.

Even if the keystore file is deleted, you might be able to find the correct content in cache files from Chrome, most likely sql or blob files.

You can also use a tool to recover "permanently" deleted files such as https://datarecovery.wondershare.com/recycle-bin/restore-recycle-bin-or-trash.html

be sure to recover those files on an external hard drive with at least 200Gb free space, then search for a file beginning with "UTC" or the keywords I gave above.

If you manage to recover a keystore file, you'll still need the associated password to access the account.

[numero41]

@OrEagle97327 @coranos

Did you manage to forward the other people tickets ids to Ledger as Eric requested?

[OrEagle97327]

@d0ngit is the person whom had a past ticket. I have informed him on Discord, he is going to search for it (thinks it is expired). Also left him a post here on GetHub, look for #416 to see. He is the only one I know that filed a support ticket. I and others have sent E-mail: contact@neo.org - zero response (located at bottom of Neo website) https://neo.org/

[numero41]

It's important that they write down their issue as soon as possible.

I had an email from Eric today, they are willing to find a solution. I have the feeling he is taking this very seriously and want the issues addressed to him directly. He told me the support team is not involved anymore and that he is our interlocutor from now on.

But if people don't manifest themselves they won't be contacted by magic and they'll remain with their issue. It's important for us too to show that we are more than 3. If they did not send ticket id, they just could give me or you their names, emails, and description of the issue (steps, OS, firewall, antivirus, dates, details) so that we send the relevant informations directly to Eric.

[numero41]

@penobe I'm not sure your issue is the same, I think it's more likely related to the Ledger network issues. Can you explain in a more detailed way what happened to you?

[cosmic-springs]

My 1 lost Neo mysteriously appeared in my wallet a couple of days ago. I am very grateful to whoever spent time recovering it. I think any platform will have teething problems, especially of this magnitude, i expect that all issues will be sorted eventually. The scale is immense and growing, a shame to waste developer time on resolving these issues but on the upside, i guess the more problems resolved now will lead to a more stable, idiot proof and secure platform. I have faith in the project and negative slanderous comments will likely be advantageous in the long run for us Hodlers. It's frustrating yes, especially if you bought loads i expect but at least you cant panic sell at the wrong time and i'm sure they will reappear soon enough. If you are trading i'm sure that it is more than inconvenient but personally i'm delighted as traders attempt to manipulate markets and often make their money from people with very little with money that is often not their own. They are also interested in the money rather than the really exciting tech. Suck it up traders....Please could developers return their assets last! ;)

[dlv14]

Hello @OrEagle97327 @numero41

This is my old ticket ID: #90507

I've sent this suport ticket to Ledger 2 months ago but have no response from them then they closed my ticket.

[cosmic-springs]

I am indeed not too bright. I didn’t realise NEO had a formal support mechanism. How would I submit a support ticket if I needed to?

[stevesbrain]

@cosmic-springs That's a ticket to Ledger - not NEO :)

[cosmic-springs]

No support then?? Oh dear!