Nested Keys

[Vyryn]

Description

Related to #1183

Ledger keys can not sign anything that uses an "account@permission" permission instead of a direct key permission. Issue #1183 says this is due to Ledger API not providing enough info. However, I accidentally stumbled on something that may make a potential workaround easy to implement.

Steps:

• Log into Bloks.io on WAX network with an active permission set to a ledger key
• Update the permissions for this account:
• create a new key account@signer1, set to the same ledger key
• change the permission for account@active, removing the key and adding the account account@signer1
• Import account@signer1 into anchor
• Log into bloks with account@signer1
• Attempt to sign an action that requires account@active

  Error action declares irrelevant authority '{"actor":"account","permission":"signer1"}'; minimum authority is {"actor":"account","permission":"active"} This is expected per 1183.

• Switch active bloks accounts to the still-present account@active login (which, recall, now only has the indirect account@signer1 permission as signer, not the key directly)
• Attempt to sign the same action that requires account@active

  Bloks sends the action to anchor as account@active. Sign it on ledger, and it successfully executes.

This seems to indicate that altering the signing account, as long as it is a valid signer for the requested account, is completely transparent to applications and to Ledger. Thus a possible workaround for 1183 is, on the "Identity Request" page, add an option to allow users to manually edit the "Prove Identity" field to the desired top level permission without editing the "Select an account" field, which can be unchanged from present. I've made a rough mock up below of what this might look like to the user:

Platform

Desktop (MacOS)

Steps To Reproduce

Steps:

• Log into Bloks.io on WAX network with an active permission set to a ledger key
• Update the permissions for this account:
• create a new key account@signer1, set to the same ledger key
• change the permission for account@active, removing the key and adding the account account@signer1
• Import account@signer1 into anchor
• Log into bloks with account@signer1
• Attempt to sign an action that requires account@active

  Error action declares irrelevant authority '{"actor":"account","permission":"signer1"}'; minimum authority is {"actor":"account","permission":"active"}

Relevant log output

No response

Contact Details

No response

Anything else?

A workaround like this would be greatly appreciated, in that it would allow most of the range of robust permission management EOSIO offers to be used by Ledger users.

[aaroncox]

Hey - thanks for the report here. I haven't had a chance yet to reproduce the issue and check it out, but it's on my radar to check out. I'll leave this here until we get a chance to dive in and take a look at this.