KeepKey keine Verbindung mit Electrum 3.3.6 unter Windows 10 Build 1903

[TheNightProducer]

Keine Verbindung mehr möglich unter neuer Windows Build vorheriges Build ging es noch. Im Geräte Manager wird der KeepKey erkannt und mit Originaler App funktioniert es.

[SomberNight]

This is likely related to https://github.com/spesmilo/electrum/issues/5420

[TheNightProducer]

https://puu.sh/DHDkL/90337ff378.png

[EchterAgo]

I've diagnosed this issue a bit today and it seems that hidapi is not enumerating KeepKey anymore starting with Windows 10 Build 1903. libusb1 and other Windows tools enumerate it just fine, and it shows up under HID devices in device manager. Trezor is likely similarly affected but I can't test that. The difference between Trezor and KeepKey is that Trezor registers an enumeration function that uses hidapi and libusb1 to enumerate devices while KeepKey does not and only relies on the hidapi enumeration done by the device manager.

The fix for this would be to either to register a custom enumerate function with device manager that uses the KeepKey enumeration functions or use libusb1 to enumerate in device manager. I'm not sure what the better solution is.

[EchterAgo]

So from reading the other issue it seems like just using libusb will not fix this. I will investigate this more tomorrow.

[EchterAgo]

Running as admin does work. I was also able to make it work by using a custom enumeration function in the KeepKey plugin. This probably only fixes the WebUSB KeepKeys (USB PID 0x0002) but leaves the HID ones (USB PID 0x0001) broken.

[cculianu]

Trezor broke too with windows 10 1903. But running as admin it works again.

They probably changed their permissions or something in their USB layer after adding universal 2fa support in 1903? (This is just a hypothesis/guess).

But running as admin does make it work again.

Oh microsoft...

[EchterAgo]

So Windows 10 version 1903 blocks attempts to open USB HID interfaces that have a U2F usage. Only admin users are allowed to open those.

https://github.com/node-hid/node-hid/issues/312

Ledger seems to address this by dropping U2F (and maybe HID too?):

https://www.ledger.com/windows-10-update-sunsetting-u2f-tunnel-transport-for-ledger-devices/

At least WebUSB is working on Windows when the winusb.sys driver is installed for the device. I've had success using libusb to enumerate WebUSB KeepKeys, but I'll need some more time to test it doesn't break on older Windows versions.

I'm not sure but it looks like we can't support the old KeepKey (USB PID 0x0001) on Windows 1903+ as it has only HID support. Does anyone know if it has U2F?

Theres also the possibility that Microsoft will just silently revert this change soon:

https://stackoverflow.com/questions/53761417/createfile-over-usb-hid-device-fails-with-access-denied-5-since-windows-10-180

[SomberNight]

I'm not sure but it looks like we can't support the old KeepKey (USB PID 0x0001) on Windows 1903+ as it has only HID support. Does anyone know if it has U2F?

It depends on the firmware version.

Firmware version < 6.0 used hidapi; >= 6.0 uses webusb/libusb and some firmware versions also supported U2F but I don't remember which ones.

[keepkeyjon]

v6.0.0 and later have WebUSB + U2F + USB PID == 0x0002.

v5.10.1 is the only earlier version with U2F, but we had to revert it in v5.10.2 because of issues on windows with changing the USB descriptors (which is why we changed the PID when adding WebUSB support).

[keepkeyjon]

So Windows 10 version 1903 blocks attempts to open USB HID interfaces that have a U2F usage. Only admin users are allowed to open those.

damn, that's annoying

[TheNightProducer]

Danke euch, das ich es wenigstens als Administrator noch nutzen kann. MFG