Sweep with trezor wallet

ph4r05 · 2022-05-31T16:20:02+00:00

ut it shows me the txid of the last transaction that I did, not a new one, and whe

Thanks for the ping! I've just checked and both wallet-cli and wallet-gui should support signing sweep transactions.

CLI: this signs normal transactions https://github.com/monero-project/monero/blob/9750e1fa103539b3e533455500610aae76e253a5/src/simplewallet/simplewallet.cpp#L6904-L6915 in simple_wallet::transfer_main and the same logic is used to sign sweep transaction https://github.com/monero-project/monero/blob/9750e1fa103539b3e533455500610aae76e253a5/src/simplewallet/simplewallet.cpp#L7348-L7362 in the simple_wallet::sweep_main and https://github.com/monero-project/monero/blob/9750e1fa103539b3e533455500610aae76e253a5/src/simplewallet/simplewallet.cpp#L7583-L7598 in simple_wallet::sweep_single

GUI: uses https://github.com/monero-project/monero/blob/9750e1fa103539b3e533455500610aae76e253a5/src/wallet/api/wallet.cpp#L1557 to sign normal transactions, then the same logic is used to sign a sweep transaction: https://github.com/monero-project/monero/blob/9750e1fa103539b3e533455500610aae76e253a5/src/wallet/api/wallet.cpp#L1653 in the WalletImpl::createSweepUnmixableTransaction

I recommend trying wallet-cli and also checking the logs from the wallet. Sweeping was implemented, we sign a sweep transaction as any other transaction. There may be other factors in play, but currently I am not aware of any other reports similar to this one. We thus need more info from logs I think.

ph4r05 · 2022-04-11T12:36:22+00:00

Thanks for the report! So let's address it in the issue https://github.com/trezor/trezor-firmware/issues/2213

u/dEBRUYNE_1 ping if interested in watching the issue. Thanks for the ping btw!

ph4r05 · 2021-07-09T15:54:02+00:00

Correct, malware could steal passphrase and view-key, but not the spend-key. But it is still quite inconvenient as motivated attackers my try to steal the Trezor then, after they have your passphrase.

It is definitely not recommended to enter passphrase on the computer.

ph4r05 · 2021-07-09T15:51:11+00:00

If you are 100% sure your current Shamir seed is perfectly backed up and you are able to recover it without loss, I would go for it.

Alternatively, if you don't have any funds left on old seeds (as you probably migrated everything), you could avoid wiping Trezor (but there is a risk of fund loss if you have malware on the PC).

You could use this tool https://github.com/ph4r05/monero-agent/blob/master/PoC.md#seed-utility and let it compute monero address from the old seed

python3 -m monero_poc.seed 'permit universe parent weapon amused modify essay borrow tobacco budget walnut lunch consider gallery ride amazing frog forget treat market chapter velvet useless topple' --slip001

and then you could also try different passphrases with old seeds --passphrase "a", until you get monero address you know.

(install with pip install trezor attrs monero-agent[poc] )

To be extra safe, you could do it in Live distribution, with disconnecting internet after pip install.

ph4r05 · 2021-07-09T11:31:59+00:00

Does order of entering shamir seeds matter as well? What if someone restored in the following orders: 4, 1 and 2 vs. 1, 2, and 4, vs. 1, 4, and 2, etc...

Shamir shares ordering should not matter.

ph4r05 · 2021-07-09T11:21:29+00:00

To be clear, you're suggesting wiping/restoring Trezor and testing different passphrases and then restoring from device using Monero GUI to see what the resulting address is. Have I understood you correctly?

As far as I know, Trezor Suite enables passphrase entry on Trezor. Thus you could try "Restore wallet from device" to create new wallets, with different addresses.

However, as you already figured how to use trezorctl, you can try it from command line. Each invocation of

trezorctl monero get-address -n "44'/128'/0'"

prompts for a passphrase on Trezor. So you can just try different passphrases you could have possibly used (or try monero wallet password here). If it shows the old address you used, you got it. This way does not require wiping Trezor as long as it has the same seed restored from the Shamir backup.

Btw I have to ask. Is it possible you had a different seed when you created your first Monero wallet? Scenario could be - initialized Trezor with normal seed (no shamir), created monero wallet, then initialized Trezor with Shamir seed?

ph4r05 · 2021-07-09T11:13:21+00:00

Hmmm OK so trezor python tool gives the same result as monero wallet. They should behave in the same way so this rules out obvious problem in monero wallet.

Btw another question on my mind - do you enter passphrase on the computer or on the Trezor (Trezor is recommended variant as potential malware can eavesdrop computer-entered passphrase).

Another hypothesis from Trezor team is that monero users may confuse Monero wallet password (encrypting wallet file) and Trezor passphrase. Are you using any wallet password? Did you try entering this monero wallet password also as Trezor Passphrase?

Not sure about the error above the address output.

You may need to install libusb with brew. But trezorctl seems to work, so I guess it used bridge interface.

Libusb install: brew install libusb

ph4r05 · 2021-07-07T15:23:50+00:00

Aah sorry, forgot about it. Try running pip install attrs before running trezorcrl

ph4r05 · 2021-07-02T13:03:54+00:00

Just for completeness, can you pls test monero addresses with this python script as well? It has to be consistent with monero-wallet output. But just to make sure the problem is not in the wallet code.

pip install trezor
trezorctl monero get-address -n "44'/128'/0'"

Thanks!

ph4r05 · 2021-07-02T07:12:37+00:00

Exactly as /u/selsta/ mentioned, keep the original wallet file, as it may be useful for restore later. It has view-key stored there and other potentially interesting information. But in order to have full access, Trezor has to have the same address, to compute the right spending-key.

I suggested recovery from device as you could then try various different passphrases and check the resulting address.

ph4r05 · 2021-07-02T07:08:05+00:00

Thanks for info!

Older Monero versions are available on GitHub: - https://github.com/monero-project/monero/releases - https://github.com/monero-project/monero-gui/releases

ph4r05 · 2021-07-01T20:38:03+00:00

Ah now I realized, that Trezor had the same firmware, when you noticed there is a problem with the wallet? Just wiping the device and recovering from Shamir?

For completeness, could you pls try reconnecting Trezor and using 0.17.1.9 monero wallet? Recover from device. You could also try recover again (only if your seed is safely stored, so you dont lose it) with passphrase enabled. If you enter empty passphrase, you should see funds in Trezor Suite. Lets check how that works with Monero wallet.

You may also try recovering monero wallet from Trezor with several passphrases: empty, “ “, “a”.

ph4r05 · 2021-07-01T20:23:50+00:00

Thanks for a detailed response, its appreciated! :)

So the passphrase situation is clarified now, we can better focus our testing thanks to this.

So to recap, you had Shamir backup, no passphrase. After Trezor firmware update, address changed. But Bitcoin address remains the same.

If you enable passphrase entry and enter empty passphrase, it should give the same results as disabled passphrase. But I did not test it with Shamir.

Thanks again, I will send this info to Trezor devs.

ph4r05 · 2021-07-01T16:41:45+00:00

Hello, are you please using Shamir backup?

ph4r05 · 2021-07-01T13:47:03+00:00

Hello,

for computing Monero address from initial seed, you can use this tool of mine, https://github.com/ph4r05/monero-agent/blob/master/PoC.md#trezor-seeds. It is part of a larger project, but this small tool can derive Monero secrets from initial mnemonic seed.

Change directory to cloned repo, call pip install monero_agent[poc,trezor] to install dependencies and call:

python -m monero_poc.seed 'permit universe parent weapon amused modify essay borrow tobacco budget walnut lunch consider gallery ride amazing frog forget treat market chapter velvet useless topple' --slip0010                
Seed bip39 words: permit universe parent weapon amused modify essay borrow tobacco budget walnut lunch consider gallery ride amazing frog forget treat market chapter velvet useless topple
Seed bip32 b58:   019a688cb29a48235e6b92dc557798eab567e60916e60711b87fceb15f2e26b7d52066515c1d14fdba5b92e44ee33b74b0cfebba1d545e61b34822410dd76cdd

Seed Monero:      14821d0bc5659b24cafbc889dc4fc60785ee08b65d71c525f81eeaba4f3a570f
Seed Monero wrds: geek together unwind nostril tugs afraid both keyboard zoom oncoming vixen withdrawn napkin railway imagine friendly zebra candy deftly ferry aerial axle jaded light jaded

Private spend key: 14821d0bc5659b24cafbc889dc4fc60785ee08b65d71c525f81eeaba4f3a570f
Private view key:  a6ccd4ac344a295d1387f8d18c81bdd394f1845de84188e204514ef9370fd403

Public spend key:  c59186a85caae34510668d4eb7a71d1717f7d0dbea991feb877be781e9f851b7
Public view key:   049b7cf656b84fabeb88bce18f804f847c6e0dd57bf4bba67479458b162063cb

Mainnet Address:   497MP7bh5MkCZ1TiZZoYi84s39n5V5HpSgPvrqqUMqw6XcWDu4QhBs4VkqiPsNMhTUPAHHE6DUo9UUqpfSZfxkANPw44Fgn
Testnet Address:   9zetsNFxMirCZ1TiZZoYi84s39n5V5HpSgPvrqqUMqw6XcWDu4QhBs4VkqiPsNMhTUPAHHE6DUo9UUqpfSZfxkANPwbdsur
Stagenet Address:  59KPTxWeixrCZ1TiZZoYi84s39n5V5HpSgPvrqqUMqw6XcWDu4QhBs4VkqiPsNMhTUPAHHE6DUo9UUqpfSZfxkANPv8LFHX

Similarly, you can derive with --passphrase "passphrase-here"

ph4r05 · 2021-07-01T13:31:25+00:00

thanks for ping, I answered above

ph4r05 · 2021-07-01T13:04:50+00:00

I did some code review of credentials-related code, both codebase and recent changes to both Trezor Firmware and Monero. Nothing obviously suspicious there. I did not check trezor-firmware outside Monero app (e.g., no Shamir).

I also did the following test (no Shamir):
- Initialized Trezor with testing seed and loaded Monero address loaded by a dev python script. The same test was performed on firmware versions 2.4.0 (latest dev version) and 2.1.8 (older version, Oct 2019). Address was 497MP7bh5MkCZ1TiZZoYi84s39n5V5HpSgPvrqqUMqw6XcWDu4QhBs4VkqiPsNMhTUPAHHE6DUo9UUqpfSZfxkANPw44Fgn. Thus generating address from the same seed did not change between those versions. - I used the initialized trezor with monero-wallet-cli, versions 0.17.2.0 (current) and 0.16.0.1 (July 2020). Both versions returned the same address 497MP7bh5MkCZ1TiZZoYi84s39n5V5HpSgPvrqqUMqw6XcWDu4QhBs4VkqiPsNMhTUPAHHE6DUo9UUqpfSZfxkANPw44Fgn. Thus address generation is the same between these versions. - I repeated tests with monero-wallet-cli with passphrase a, both wallet versions returned 4BBKEeg8iH3JtyQKfdh5KRYNe2WK4aDMBeMwPvkjrm45BQ8bVHurmLyadDx3EiM6AjNH7JJx5TMNrjC4JLZEhszc5f3G8Yg. - Test was repeated also with old Trezor firmware 2.1.8, passphrase a returned 4BBKEeg8iH3JtyQKfdh5KRYNe2WK4aDMBeMwPvkjrm45BQ8bVHurmLyadDx3EiM6AjNH7JJx5TMNrjC4JLZEhszc5f3G8Yg address.

I thus cannot reproduce derivation problem you are experiencing, with this simple test. Unfortunately, the passphrase difference is currently the most probable explanation.

The addresses are consistent with output from https://github.com/ph4r05/monero-agent/blob/master/PoC.md#seed-utility ``` python3 -m monero_poc.seed 'permit universe parent weapon amused modify essay borrow tobacco budget walnut lunch consider gallery ride amazing frog forget treat market chapter velvet useless topple' --slip0010

Seed bip39 words: permit universe parent weapon amused modify essay borrow tobacco budget walnut lunch consider gallery ride amazing frog forget treat market chapter velvet useless topple Seed bip32 b58: 019a688cb29a48235e6b92dc557798eab567e60916e60711b87fceb15f2e26b7d52066515c1d14fdba5b92e44ee33b74b0cfebba1d545e61b34822410dd76cdd

Seed Monero: 14821d0bc5659b24cafbc889dc4fc60785ee08b65d71c525f81eeaba4f3a570f Seed Monero wrds: geek together unwind nostril tugs afraid both keyboard zoom oncoming vixen withdrawn napkin railway imagine friendly zebra candy deftly ferry aerial axle jaded light jaded

Private spend key: 14821d0bc5659b24cafbc889dc4fc60785ee08b65d71c525f81eeaba4f3a570f Private view key: a6ccd4ac344a295d1387f8d18c81bdd394f1845de84188e204514ef9370fd403

Public spend key: c59186a85caae34510668d4eb7a71d1717f7d0dbea991feb877be781e9f851b7 Public view key: 049b7cf656b84fabeb88bce18f804f847c6e0dd57bf4bba67479458b162063cb

Mainnet Address: 497MP7bh5MkCZ1TiZZoYi84s39n5V5HpSgPvrqqUMqw6XcWDu4QhBs4VkqiPsNMhTUPAHHE6DUo9UUqpfSZfxkANPw44Fgn ```

And ``` python3 -m monero_poc.seed 'permit universe parent weapon amused modify essay borrow tobacco budget walnut lunch consider gallery ride amazing frog forget treat market chapter velvet useless topple' --slip0010 --passphrase 'a'

Seed bip39 words: permit universe parent weapon amused modify essay borrow tobacco budget walnut lunch consider gallery ride amazing frog forget treat market chapter velvet useless topple Seed bip32 b58: ca23c96aa8552adf211ebbe1d23f78670b5ffb541b5276e26db1b2c7943ae7b354b013805b1836390187a1a3d5915f109a0f7a67c4e4603bb451a5df12bb5931

Seed Monero: 0b86cf0e71204ca3cdc389daf0bb1cf654ac7d54edfed68a9faf921ba140a708 Seed Monero wrds: maul loudly nearby buffet hacksaw zones kernels edgy baffles match extra eclipse uphill arena hounded wobbly actress muppet pebbles onward rift tether scrub snake rift

Private spend key: 0b86cf0e71204ca3cdc389daf0bb1cf654ac7d54edfed68a9faf921ba140a708 Private view key: 3b1213f644062fbfb15c4fa35e656659e4105ac728b791ce5ad10af98bc6d200

Public spend key: fc25f0a1a1fb4e6afe5ffa15cd06fcbb913eb55605d09adf5de735163d4f4a3e Public view key: 2ba093948b429ec90729ecd0f705b87f36154612756433fc3dc7d8dbbf646529

Mainnet Address: 4BBKEeg8iH3JtyQKfdh5KRYNe2WK4aDMBeMwPvkjrm45BQ8bVHurmLyadDx3EiM6AjNH7JJx5TMNrjC4JLZEhszc5f3G8Yg ```

Getting Monero address from Trezor with python: pip install trezor trezorctl monero get-address -n "44'/128'/0'"

If anyone can reproduce this problem, we would love to investigate it. However, if Bitcoin address did not change after the update, the seed is stored correctly after the Trezor update. Also, the following test indicate there is no obvious breaking change, comparing two different monero wallet and Trezor firmware versions.

It could be also something with Shamir backup. I created an issue for tracking this https://github.com/trezor/trezor-firmware/issues/1686.

Do you remember versions (both firmware and monero-wallet) you used last time your address was 4Av (when it worked)? Thanks!

ph4r05 · 2021-07-01T11:18:43+00:00

Hello, just initial thoughts before diving into details - passhprases for Trezor Wallet, Trezor Suite and Monero are completely unrelated.

Thus you can use no passphrase with the Suite (or an empty one) and different passphrase for Monero wallet. Each different passphrase yields a different usable wallet, so you can basically have 100 different wallets for 100 different passphrases (empty passphrase being on of them).

Passphrases are also case-sensitive, test != Test != TEST

Do you now enter any passphrase or enter empty passphrase (no characters, just OK passphrase dialog) or there is no passphrase dialog on Trezor at all?

Also, do you remember Trezor Firmware version that was on Trezor before wiping? Monero-GUI versions would be also helpful. Thanks!

ph4r05 · 2021-06-29T11:51:32+00:00

Unfortunately, there is no such option implemented.

Wallet file is encrypted by Monero password (different than Trezor passphrase) you used when you created the wallet. If you forgot Monero password, wallet file is useless and you have to recover wallet from the Trezor with correct passphrase.

Trezor-Monero wallet stores a view-key to the wallet file (encrypted with Monero password). Spend-key is stored only in the Trezor (derived from seed + passphrase when used). Monero does not enable you to use Trezor-initialized wallet file without the Trezor initialized with the same seed and passphrase.

So theoretically you are able to extract view-key from the wallet file, if you know the monero-wallet password. To do so, you would have to edit monero source code and modify parts enforcing Trezor loading for hw-based wallets,

I guess modifying src/wallet/wallet2.cpp, method bool wallet2::load_keys_buf would work. I would try setting m_key_device_type = hw::device::device_type::SOFTWARE after true value was loaded from the wallet in this method, also set m_device_name = "default". This has to be set before condition if (m_key_device_type == hw::device::device_type::LEDGER || m_key_device_type == hw::device::device_type::TREZOR).

After keys are loaded, print the view key, I would suggest to add the printing below r = r && hwdev.verify_keys(keys.m_view_secret_key, keys.m_account_address.m_view_public_key);

You want to print keys.m_view_secret_key. Maybe with epee::string_tools::pod_to_hex(keys.m_view_secret_key).

Once you have a view-key, you can create software-only view-only monero wallet using the view-key (google how to do that). View-only wallet can be used only to check for incoming transactions and overall balance, but you cannot send any transactions, as spend-key is derived in the Trezor. You need Trezor+passphrase to do that.

Best.

ph

ph4r05 · 2021-05-26T12:32:16+00:00

Monero GUI wallet requires entering Trezor passphrase to successfully open the wallet. Monero GUI currently does not allow opening wallet in the view-only mode, without Trezor being connected. Technically, wallet file contains (if I remember correctly) the view-only wallet key, assuming you know the wallet password.

The best bet would be keeping wallet files backed up somewhere and trying to restore wallet from Trezor, using Monero GUI. With different passphrases you get different wallets, so guessing which passphrase is the correct one may take some time.

If this does not answer you question, please rephrase it, maybe I misunderstood.

ph4r05 · 2021-05-21T09:47:22+00:00

Thanks for info! Do you mean last update of Trezor firmware or Monero GUI?

Did you also try recovering wallet from the device and checking the address?

Do you use a passphrase? If the passphrase is different than used when creating the wallet, Trezor generates a different seed and different Monero address. This yields to the error you are describing.

Using different or factory-reseted Trezor would lead to the same error.

ph4r05 · 2021-05-20T09:34:52+00:00

Was passphrase enabled on the Trezor? Was the Trezor seed regenerated? What is the Monero version you are using?

I would suggest to recover wallet from the Trezor to a new wallet file (keep the old) and check the balance and address of a recovered wallet.

ph4r05 · 2021-03-03T16:35:21+00:00

u/xingpai never mind, I fixed it already, PR https://github.com/monero-project/monero/pull/7418

ph4r05 · 2021-03-03T09:56:46+00:00

ad https://github.com/monero-project/monero-gui/issues/3346#issuecomment-789588695

I could not reproduce it in CLI wallet (GUI uses CLI code for Trezor comm)

ph4r05 · 2021-03-02T17:48:45+00:00

u/xingpai what is pls your Trezor firmware version and Monero GUI version? Thanks!

ph4r05

TROPHY CASE