Chromium 72+ has broken Ledger U2F support

[gre]

Any users that comes on a web app using @ledgerhq/hw-transport-u2f on Chromium 72+ will fall into a bug that breaks Ledger device communication. (U2F TIMEOUT error).

What happened?

Chrome 72+ has started being rolled out around February 21th, 2019. This new version has changes in the U2F protocol implementation that is breaking Ledger's.

What solutions

In the short term, Users can be advised to switch to Opera or Brave but it's probable that these browsers will upgrade Chromium as well.

In the mid term, we are working on a fix for U2F. It will only be a fix on the Ledger device side, meaning users will have to upgrade (the apps). If you are a developer of one of these applications, you can take a look at this for reference, for further questions please get in touch with @btchip or discuss on our Slack Devs.

In the long term, switching to WebUSB is probably going to be the good plan. At the moment, this API is still a draft spec but we anticipate it will be more widely supported in the future. It is much more relevant for Ledger devices (more performant, more features like being able to detect disconnection,..)

Regarding @ledgerhq/hw-transport-webusb current implementation, it works on latest firmware / apps but there are some slight different in the way it works (coming from u2f) which have some UI/UX implication. We'll try to document it better in the next weeks.

[dschuermann]

Hi @gre, do you know if the blocking of CCID and HID classes in Chrome (https://www.yubico.com/support/security-advisories/ysa-2018-02/) affects your plans to use WebUSB?

[gre]

it shouldn't be a problem.

[Luganova]

Hi!I know how to get around this error when signing transactions!

[Luganova]

everything works fine for binance DEX!

[BrendanEich]

https://bugs.chromium.org/p/chromium/issues/detail?id=935131

[Luganova]

We are talking about windows or Linux?

[gre]

@Luganova from what we have seen it affects all platform.

[Luganova]

I agree! It is necessary to confirm the transaction in a split second! I did not have time-time out!

[gre]

It appears that a Chrome update may have solved the problem. Waiting for more confirmations.

[harshjv]

Working on latest chromium's latest revision 637660. https://download-chromium.appspot.com/

[monokh]

On chrome 72, this also causes the error Invalid data received (0x6a80) when using btc.signMessageNew with certain sizes of message.

[brunobar79]

Still seeing this in the latest version of chrome - 73.0.3683.86 (Official Build) (64-bit) Also tried it with the latest firmware + ledger lib and the timeout issue after ~3 seconds is still happening.

[giankotarola]

On chrome 72, this also causes the error Invalid data received (0x6a80) when using btc.signMessageNew with certain sizes of message.

I get the same error with eth.signTransaction with chrome - 73.0.3683.86

[kjarada]

I'm having the same issue, despite the fact that ledger support advised using brave and opera browser but it's still not working in all these platforms with same error U2F Timeout.

[JeanoLee]

1.1.8

[ianaz]

that ledger support advised using brave and opera browser but it's still not working in all these platforms with same error U2F Timeout.

Same here. It used to work with Brave a couple of weeks back but not it's broken there too

[dzsobacsi]

Here too. For me it used to work with Opera some weeks ago but now that does not work either.

[georgeliuyu]

It still timeout when I use the brave

[iicc1]

Not working for me too, I have tried Opera, Brave, last Chromium... How can I send tokens?

[poserr]

@iicc1 for us the workaround was to quickly (during 1 second) confirm twice

[iicc1]

Thanks for you reply @poserr, I didn't see it. I was finally able to do with an old Brave release that I downloaded here: https://github.com/brave/browser-laptop/releases

[dzsobacsi]

@iicc1 which one did you download from those?

[iicc1]

@dzsobacsi v0.25.300

[CiviStation]

Version 73.0.3683.103 (Official Build) (64-bit) U2F timeout still exists

[jakestpeter]

v.0.25.300 didn't work for me ...

[dzsobacsi]

Just realized that I made a stupid mistake. Once you update the Ethereum app on the Ledger, you have to go to settings and set "Contract data" to YES (again). With that setting, it worked for me with the latest release of Brave.

[jakestpeter]

@dzsobacsi - this seems to have fixed the problem ... THANK YOU!

[poserr]

For all users experiencing this issue - try to update Firmware on your device to the latest version (1.5.5) and update your Ethereum app as well (1.2.4)

[intsol]

This problem exists also with the NEO app with 1.5.5 I have found that closing the ledger app, requesting the signing, then opening the app and signing works every time. While not ideal, it seems consistent.

[kjarada]

the problem is still there and driving me mad,i cant access my wallet. i updated to latest firmware ,done everything ,downloaded older releases of chrome,brave and opera nothing is working. please help

[ianaz]

I confirm what @dzsobacsi said. By updating the application you will have to re activate "Contract data"

[FabriceDautriat]

Hello,

u2f time out error should be solved with the latest release of the applications and firmware (1.5.5).

If you still experience issues with applications, please confirm in your message :

• The FW version you have installed
• The name and version of the app you are using
• The companion application you are using (for instance MEW for Ethereum, or ADALite for Cardano)

We'll make sure to try to reproduce on your end.

Thanks a lot for your help.

[AdvocateOne]

I'm having this error as well. Have tried all suggestions above and no luck. Ledger Nano S Firmware: 1.5.5 Ethereum App: 1.2.7 Tried using Chrome, Opera, and Brave Windows 7 Professional (up-to-date security patches) Tried with MEW and MyCrypto

Please help since I am effectively unable to access any of my tokens except for ETH (using Ledger Live)

[jakestpeter]

@AdvocateOne did you do what @dzsobacsi suggested above? (5 days ago) - That seemed to have done the trick for me ...

[AdvocateOne]

@AdvocateOne did you do what @dzsobacsi suggested above? (5 days ago) - That seemed to have done the trick for me ...

Yes I did-- contract data set to yes. Still get the timeout, unfortunately. This is extremely frustrating.

[harshjv]

See https://github.com/LedgerHQ/ledgerjs/issues/332 for a possible workaround.

[FabriceDautriat]

@AdvocateOne, thank you for the information you provided.

We suspect this is related to USB driver on Windows 7. Can you try updating them ?

https://support.ledger.com/hc/en-us/articles/115005165269-Fix-connection-issues

Thanks a lot.

[AdvocateOne]

@AdvocateOne, thank you for the information you provided.

We suspect this is related to USB driver on Windows 7. Can you try updating them ?

https://support.ledger.com/hc/en-us/articles/115005165269-Fix-connection-issues

Thanks a lot.

That was the problem. Thanks!

[jakestpeter]

I should have stated I was on a Mac - didn't even occur to me.

[intsol]

I have a reproducible case:

• Ledger Nano S
• Google Chrome Mac Version 74.0.3729.131 (Official Build) (64-bit)
• Firmware 1.5.5
• NEO App 1.3.3
• Switcheo Exchange Neo Wallet - NEO Deposit & Withdraw (https://switcheo.exchange)

If the signing is approved within 1 second of appearing on the Ledger display, it works. If signing is delayed over 5 seconds, the result is a U2F timeout by the dApp.

I am part of the support team at Switcheo, so if you require further info please advise.

intsol

[FabriceDautriat]

Hello @intsol ,

Indeed the version 1.3.3 of the NEO app may induce error when used with a web browser. This is the standard u2f issue and will be solved with version 1.3.5 (compiled with new SDK and to be released soon).

However, we don't officially support https://switcheo.exchange.

The main reason is that DEX operations are not correctly displayed within the NEO application. Users are required to sign without verifying any transaction details.

I advise you to contact the NEO app developer to implement the necessary features to get validated.

So far the only wallet Ledger tested is https://neonwallet.com/.

Regards,

Fabrice Dautriat

[kjarada]

@AdvocateOne thank you very much, I only needed to update the USB drivers on windows 7 and now is working perfectly on chrome.

[fuorissimo]

With Opera, the same problem. Nano X don't work with MEW.

Considering that you don't add erc20 native, i ask refund and i back you Nano X. Useless wallet

[amukhanchikov]

Same problem

• Ledger Nano X (Nano S as well)
• Google Chrome Windows Version 74.0.3729.169 (Official Build) (64-bit)
• Firmware 1.2.4-1 (1.5.5 on Nano S)
• Ethereum 1.2.7 + http://mycrypto.com
• Wanchain 1.2.7 + https://mywanwallet.io
• ICON 1.0.5 + ICONex

Everywhere above U2F TIMEOUT error. Nothing helps.

Windows 10 64-bit with all drivers up-to-date.

The same error on Brave browser.

[gre]

@fuorissimo if you can afford to wait ~1 month , we will have LedgerLive supporting erc20 soon

[fuorissimo]

Ok, this is a good news. Thanks for your support

[amukhanchikov]

https://github.com/LedgerHQ/ledgerjs/issues/306#issuecomment-498055291

After updating to Chrome 75 - nothing changed. Still doesn't work. Any help or comment?

On windows 7 - all the same.

[marcinsx]

Ledger Nano S Operating system: MS Windows 10. Firmware: 1.4.2-das MCU 1.6 (it is Ledger Nano S modified for DasCoin)

Hi, what are my options to transfer ETH which are secured with Ledger Nano S?

I already tried MyEtherWallet at Chrome, Opera, Brave browsers. It worked in Februwary 2019 without any problems. Now the Ledger can't accept the transaction - I click accept at Ledger but no information goes to the Browser.

I also tried to connect it to Ledger Live app - but I even can't add ETH there - when I'm trying to do it, it discoveres Ledger but it goes back when I enter ETH app on Ledger.

What options do I have to just transfer my ETH? Are there any or I'm now blocked??? Maybe there are any other applications than web browsers and Ledger Live, which allow to access ETH wallet secured with Ledger?

[marcinsx]

OK I will answer myself. The only option I found is to install an OLD version of webbrowser - Opera or Chrome.

OId versions of Opera You can find here: http://get.opera.com/ftp/pub/opera/desktop/ (I chose the 58.0.3135.53 version, You can find it here: http://get.opera.com/ftp/pub/opera/desktop/58.0.3135.53/win/ IMPORTANT: chose Setup version not Autoupdate, because You want to install an OLD version without updating to the newest one)

Old versions of Chrome You can find here (I didn't check downloading from here because I used Opera): https://www.slimjet.com/chrome/google-chrome-old-version.php

After installing an OLD version of web browser, just simply go to mywetherwallet.com and viola! It works!

Good Luck!

[fuorissimo]

@fuorissimo if you can afford to wait ~1 month , we will have LedgerLive supporting erc20 soon

You confirm is on the road, ERC20 support? when do you think is done?