Authentication System Failure error

[keeganquigley]

A user has reported experiencing an "Authentication System Failure" error on following device:

Cellphone: Samsung S8 – SM-G950F Android 9

Airplane mode security mode encription Bluetooth, NFC disabled Parity Signer (Public Beta): v5.0.1

Attempted solutions: Close/re-open app Reboot phone Change PIN Factory Reset

Here is a reference to the error. Does anyone know of any compatibility issues or what could be causing this?

[gsanjaime]

Today have tried with 3 different android devices and the result the same Did you test the app on android devices? I am very frustrated, I don't find documentation, I don't get support. It seem thay the project no have interest

[Dmitry-Borodin]

Is screen lock enabled on this device? (pin/fingerprint et.c.) Adding proper explanation that screen lock is required is planned soon as app onboarding flow.

[gsanjaime]

Yes I have screen lock with password

[keeganquigley]

@gsanjaime Is it possible that you originally had a fingerprint set and then changed to a PIN or something similar? The error states that the BIOMETRIC_STATUS is unknown.

[gsanjaime]

ohh with fingerprint works!!!

[keeganquigley]

@gsanjaime Great! Thanks for letting us know. If you originally set the authentication with a fingerprint than it would make sense that you need it to unlock it. Thanks @gsanjaime I will let you close the issue.

[gsanjaime]

I would like to work only with PIN. Is there any way to avoid fingerprint?

[gsanjaime]

No, I never used fingerpint.

De: Keegan | W3F @.> Enviado el: miércoles, 19 de octubre de 2022 16:50 Para: paritytech/parity-signer @.> CC: gsanjaime @.>; Mention @.> Asunto: Re: [paritytech/parity-signer] Authentication System Failure error (Issue #1370)

@gsanjaimehttps://github.com/gsanjaime Great! Thanks for letting us know. If you originally set the authentication with a fingerprint than it would make sense that you need it to unlock it.

— Reply to this email directly, view it on GitHubhttps://github.com/paritytech/parity-signer/issues/1370#issuecomment-1284139403, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ANYYC3UGHQD4WBF7AROWMT3WEAC73ANCNFSM6AAAAAARIIXFIE. You are receiving this because you were mentioned.Message ID: @.**@.>>

[gsanjaime]

updating the metadata for each chain is a tedious task. For each chain I need about 10 minutes. Is there another way to make it faster?

[Tbaut]

Use a more recent device. It's less than a minute on a pixel 3a. It's the cost of security unfortunately. I'm also using a 5+ year old device and it's tedious indeed.

You can follow this issue regarding possible solutions https://github.com/paritytech/parity-signer/issues/1048

[gsanjaime]

Thanks Tbaut

Parity signer is intended only for Polkadot.js? or in the future will it also be integrated into other wallets? (Keplr, safepal, etc...)

[Tbaut]

I think we're diverging a lot from the original issue here, I'll answer but please ask any other question in a dedicated issue or on Element. Also note that I'm a contributor, not part of Parity any more. Parity Signer supports Polkadot, Kusama and any substrate related chains, some of them very close to Ethereum (EVM based). It does not support any other ecosystem like Cosmos, Solana etc..

Any Polkadot related wallet can support Parity Signer. It's the case of Polkadot.js extension, Subwallet, Polkadot.js plus, and hopefully soon Talisman (they are not open source as of now unfortunately).

[Originalimoc]

It should not simply call the fingerprint/biometric sensor to do authentication IMHO. Call the Android Keystore to get the ENCRYPTED SEED stored in /data/data which to be decrypted by a key(generated or manually set) stored in TEE then load into memory only for that session instead. This way even though device /data/data is leaked/accessed by another app/backed up by whatever brand Android cloud service, the seed is safe. Same apply to iOS.