Ledger device: UNKNOWN_ERROR (0xb008) on many multisig operations (v2.2.0-beta)

[waldenraines]

While using the bitcoin testnet 2.2.0-beta app I am getting the following on any operation that requires registering (such as signing, confirming addresses, or confirming the wallet policy):

Ledger device: UNKNOWN_ERROR (0xb008)

Can easily reproduce by initializing a device as per the instructions at https://unchained-capital.github.io/caravan/#/test and running through the testnet part of the test suite.

The only thing that is working in our test suite on the testnet 2.2.0-beta firmware exporting testnet public keys and xpubs.

[bigspider]

Hi @waldenraines, thanks for the report! That's strange as there shouldn't be any change related to non-miniscript policies.

Any chance the weird version 2.2.0-beta somehow messes with the Ledger app version detection used in Caravan? That seems compatible with using the old hw-app-btc (which does not support multisig with the new app) instead of ledger-bitcoin.

I'm able to run the test suite locally on the ae03b7a commit (master appears to be broken, btw - I can't run tests at all). Is there an easy way to print the USB logs during the tests?

[waldenraines]

I'm able to run the test suite locally on the ae03b7a commit (master appears to be broken, btw - I can't run tests at all).

I'll have to look into master being broken.

What I'm calling the test suite here is a test harness that can be run in the browser. It is available hosted on github pages here: https://unchained-capital.github.io/caravan/#/test. You restore your physical device to the supplied wallet words and then you can run through a series of tests on both testnet and mainnet.

Any chance the weird version 2.2.0-beta somehow messes with the Ledger app version detection used in Caravan? That seems compatible with using the old hw-app-btc (which does not support multisig with the new app) instead of ledger-bitcoin.

We do detect the version of the ledger bitcoin app here to distinguish between the legacy app and the new app, but that logic appears to be fine with 2.2.0-beta. I just quickly tested it in the browser:

[bigspider]

I tried with the 2.1.3 and 2.1.2 versions and it fails in the same way. I think it's an unintended change on the caravan test suite side.

The 0xb008 error means that a signature/hmac check failed, and indeed the tests with wallet registration do reach completion, but the final hmac is not matching. Other tests that check the hmac at the beginning (verifying addresses, signing), fail immediately.

The hmac changes if the wallet policy is not byte-by-byte identical to the one used when registering. For example, using a different name when registering, or changing/removing a cosigner's fingerprint, or changing the order of keys in a sortedmulti, makes the policy hash different (despite being semantically equivalent), and therefore the hmac will also be different.

[waldenraines]

I tried with the 2.1.3 and 2.1.2 versions and it fails in the same way. I think it's an unintended change on the caravan test suite side.

Hmm okay, sorry to waste your time on this.

[bigspider]

Hmm okay, sorry to waste your time on this.

No problem at all!