Fido not working with M1 Mac Safari

[SandboChang]

As Safari starts to look for a USB key and as soon as I open the Fido app, Ledger will toggle in and out of authenticating. That is, the display flickers between "Allow ...." and "Ready to authenticate".

Safari version is 15.4, and macOS version is 12.3.1 Nano X firmware is 2.0.2

A video of the issue can be found here on my Reddit post: https://www.reddit.com/r/ledgerwallet/comments/ukit81/ledger_fido_not_working_with_m1_mac_safari_stuck/

[mramsden]

This is not isolated to M1 Mac Safari. I have observed this behaviour on Safari Version 15.6 (17613.3.9.1.5), running on macOS 12.5 as well as Safari on iOS 15. This is also on Nano X firmware 2.0.2.

The dialog appears on Safari asking for a device to be connected and I connect the device using USB-C. After connecting the display keeps on flipping back and forth between the Allow message and Ready to authenticate.

[SandboChang]

This is not isolated to M1 Mac Safari. I have observed this behaviour on Safari Version 15.6 (17613.3.9.1.5), running on macOS 12.5 as well as Safari on iOS 15. This is also on Nano X firmware 2.0.2.

Whilst the dialog appears on Safari asking for a device to be connected and I connect the device the display keeps on flipping back and forth between the Allow message and Ready to authenticate.

From Ledger, this is actually because of the Fido version of 1 with Ledger's current implementation, and Safari only works with Fido2. For now you would need to use Chrome on Mac to get it to work. From what they said, they are in the progress of updating Fido to 2 which should solve this problem.

[momenbasel]

this issue still exists, and it doesn't work with apple security key stuff as well.

[xchapron-ledger]

A new Security Key application which support both U2F and FIDO2 has been published for NanoSp and Nanox.

• You can find the code here: https://github.com/LedgerHQ/app-security-key/
• And a blog post with some explanations here: https://blog.ledger.com/security-key/

this one should be allowed by Apple devices over USB.

[SandboChang]

A new Security Key application which support both U2F and FIDO2 has been published for NanoSp and Nanox.

• You can find the code here: https://github.com/LedgerHQ/app-security-key/
• And a blog post with some explanations here: https://blog.ledger.com/security-key/

this one should be allowed by Apple devices over USB.

Thanks for the update, however when I tried today, with Ledger Live version 2.55.0, I am still getting a Fido app version of 1.2.9 which does not support Fido2 as I tested. Could you advise on when the update will be delivered?

[xchapron-ledger]

Thanks for the update, however when I tried today, with Ledger Live version 2.55.0, I am still getting a Fido app version of 1.2.9 which does not support Fido2 as I tested. Could you advise on when the update will be delivered?

You should use a different application named "Security Key" which is only available for Nano X and Nano S+

[SandboChang]

Thanks for the update, however when I tried today, with Ledger Live version 2.55.0, I am still getting a Fido app version of 1.2.9 which does not support Fido2 as I tested. Could you advise on when the update will be delivered?

You should use a different application named "Security Key" which is only available for Nano X and Nano S+

Thanks for the heads-up, but I cannot find any app with the name "Security Key" within the app catalog (where I saw FidoU2F) inside Ledger Manager of Ledger Live. Could you point me to the right section?

I am with my Nano X btw.

[xchapron-ledger]

@SandboChang Is your Nano X up to date? I can see it in Ledger Live with Nano X in firmware 2.1.0 (using normal provider and without developer mode).

[xchapron-ledger]

@SandboChang ok, depending on the plateform you are using, it is not always available on P1 without developper mode. Should be soon, but else you can to enable developper mode and use Ledger Provider 4.

[xchapron-ledger]

Ok should be available for everyone once cache is refreshed (2 hours).

[SandboChang]

Ok should be available for everyone once cache is refreshed (2 hours).

Thanks for the prompt follow-up, now I can see the app being available. Indeed, I forgot to mention that I am using Mac.