Problem with masternode support and Trezor wallets re delegate keys

[ashmoran]

This is from my testing feedback on the Dash Forum.

To activate a masternode you need a private key you can sign locally and upload to a server. If you're using a Trezor it's impossible to export private keys, so you can't use a Trezor wallet to generate delegate keys. You also can't import new keys into the wallet (that I can see!). So I wondered if it would be possible to use a parallel Electrum wallet with a local seed. But the masternode interface doesn't allow specifying a private key, only an address. The closest it has is is a masternode.conf import feature. So I tried to export a private key from the seed-based Electrum wallet to see if I could create a fake masternode.conf file with just the key, that would import into the Trezor wallet. But Electrum on the one side exports private keys in some Xxxx format (which is different to the 7xxx format private keys I've seen everywhere before), but on the other won't import it with the masternode.conf import feature because it's an incorrect format.

The only thing I haven't tried is to just generate a loose private key and see if it will import that, but I think that should be a last resort, as the main benefit of using Electrum is deterministic wallets.

Is this a limitation in the current version of Electrum-Dash, or have I missed some means to do this?

[Kefkius]

You're correct in that a Trezor key can't be used as a delegate key, because the delegate key must be known to both the masternode and the Electrum-DASH client. The reason that the more recommended route is to import a masternode.conf file is because it's easier for people to do.

The common practice is to generate a (delegate) key with your remote masternode, and copy that private key to your local node so you can sign it with your collateral key, thus making it a valid delegate.

I recommend against using one of your wallet keys as the delegate in general, because you have to export the private key from the safety of your wallet.

Private keys may start with '7' or 'X'. They are valid either way; you may have some private keys that start with '7' and some that start with 'X'. Importing masternode.conf will work either way as well :)

[ashmoran]

I recommend against using one of your wallet keys as the delegate in general, because you have to export the private key from the safety of your wallet.

My plan was to use a seed-based Electrum wallet that would never be used to handle money to generate a delegate key. This way it can be backed up on paper rather than electronically. It also means if the key is compromised you can generate a new one without needing to modify the backup, and likewise if you add another masternode. Basically everything about BIP 32 wallets is easier than keys managed manually :)

I'm not sure (even after looking at the BIP32 spec) if revealing multiple private keys is a security risk. And the number of keys here is so small, and the consequences of losing them so insignificant, that it's probably not worth worrying about.

Private keys may start with '7' or 'X'. They are valid either way; you may have some private keys that start with '7' and some that start with 'X'. Importing masternode.conf will work either way as well :)

I could not make Electrum-Dash import an Xx format key. I get the error Invalid masternode private key of alias "testmn". (My throwaway private key from Electrum-Dash was XEhoFC8Sa6cx4CGxsy6AVWkzZ9Vft7KVaouKk4zZvtw7UDNPrwSi.)

I've now tried Dash-QT (0.12.1) and used masternode genkey, which gave me the key 92oFXHFK4feU9jr8C6d2iFSkaUzesykNTMrGPz1ULrL3kg2jfm7 (tt seems I get a new key format every time I try something!!!), but I get the same error.

Finally I just tried masternode genkey in Dash-QT 0.12.0.56 and I yet again get the same error using key 7rSumGv8sM6r6A6aELJDWUdpoaZdrZQSoZ6GjRGqLHxa1CYMYCp.

If the last one failed, I must be doing something wrong, surely?

[ashmoran]

Update: while the BIP32 description does not make it clear if exporting Electrum private keys is a security risk due to key derivation, this Stack Exchange answer quite unambiguously does :) http://bitcoin.stackexchange.com/a/11517

[Kefkius]

This post and the comment that's linked to may be helpful re: BIP32 keys and safety.

Are you sure that your masternode.conf is formatted correctly? There should be five items on a line, with a space separating each of them. It sounds like the problem is not with the keys themselves, but with the masternode importing process.

Have you tried importing those keys via the regular Key Import to see if that works?