Unanticipated behaviour of **Check BIP39**, and feature request : stateless ephemeral SSKR share generation

[InfiniteQE]

Unlike the anticipated behaviour from this flowchart, Check BIP39 requires the Ledger to have already been initialised with the exact mnemonic seed, or else it will produce an error. Therefore if the user wants to use Seed Tool to generate SSKR shares in an airgapped manner, I don't think it is possible.

Step 1 : Settings > Security > Reset Device (or incorrect PIN 3 times) Step 2 : Restore mnemonic seed -> all Ledger apps are wiped Step 3 : User would need to connect Ledger via USB to Mac/PC to re-install "Seed Tool"

I don't see any other way to change the Ledger's stored mnemonic seed without using Reset Device.

Could you modify Seed Tool such that it can shard any user entered mnemonic seed into SSKR shares, and not exclusively the Ledger's mnemonic seed. I assume this behaviour is due to the "recovery check" roots of this project, perhaps you could add a warning when the user enters a non-matching valid mnemonic seed that the entered seed doesn't match, or add a 3rd menu option for the user to SSKR shard an ephemeral mnemonic seed.

I really to think having a stateless signing device like Seedsigner or Coldcard Temporary Seed are an important use case, and it would be great for Ledger devices to support ephemeral SSKR share generation.

[aido]

Check BIP39 requires the Ledger to have already been initialised with the exact mnemonic seed, or else it will produce an error.

Yes. This is by design. The app makes sure that the user knows the BIP39 phrase for the device on which they are generating the SSKR shares.

Therefore if the user wants to use Seed Tool to generate SSKR shares in an airgapped manner, I don't think it is possible.

I disagree. When first initialising a Ledger device a user writes down or backs up their BIP39 phrases. Later, the user may wish to backup their seed as SSKR rather than BIP39. So, the user then generates their SSKR phrases from their known BIP39 phrases. Once they have their SSKR phrases they may now destroy their BIP39 backup. All this may be done in an air gapped manner.

[InfiniteQE]

By airgapped, I mean the mnemonic seed has never connected to a hot internet connected device.

Ledger wipe airgapped, check Ledger restore airgapped, check Install app-seed-tool, must be connected to a PC/Mac to install, and the mnemonic seed must have first been loaded on Ledger before connecting it to the PC/Mac

[aido]

Install app-seed-tool, must be connected to a PC/Mac to install, and the mnemonic seed must have first been loaded on Ledger before connecting it to the PC/Mac

Fair enough, A Ledger device does need to be connected to a computer at some stage of it's life in order to install applications. No getting around that.

[InfiniteQE]

Correct.

I didn't have luck with Recovery Mode (power on holding the left button).
With a wiped uninitialised Nano S Plus, Recovery mode does let you install apps both via ledgerblue and via LedgerLive. However rebooting again (uninitialised) into Recovery Mode = all apps are deleted.
Rebooting in normal mode, then restoring a mnemonic seed = all apps deleted.