Blank passphrase is not cached on Cardano #1659
Comments
|
I can reproduce this as well after updating to trezor firmware 2.4.0 |
|
The empty passphrase works for me on wallet.trezor.io and suite.trezor.io @try777772 Does it happen for you on other wallets too or just Adalite? @uj What wallet did you use to reproduce? |
|
I tried several online wallets, and these 2 are the only ones I found so far that do not work: You don't actually need any crypto in your account to try it, you don't even need to have ever visited the site before. Just plug in the trezor, go to the website, and connect with a blank password. |
|
I also googled it and found a reddit thread for it https://www.reddit.com/r/TREZOR/comments/nw5cq4/adalite_not_working_after_upgrade_240/ |
|
I'm able to log in to Adalite with blank passphrase with the following sequence:
Weird, but tried several times and works perfectly fine. |
|
Localy installed SW wallet for Cardano - Daedalus works fine, cardano-hw-cli not affected as well |
|
@trezor/qa please retest. On both adalite and in Suite. |
|
Adalite - still not working, just discovered that if I confirm the blank passphrase 7x then I can get in I'm entering my passphrase on the device if that helps |
|
@tsusanka i can confirm loop behaviour in adalite wallet Screen.Recording.2021-06-10.at.12.13.37.mov |
|
@bosomt thx, could you please also try other Connect-based? E.g. mycrypto or similar |
|
Confirmed in firmware. The problem is that the new cache conflates |
What coins are affected? |
|
User-side workaround is clicking Enter repeatedly until the dialog goes away. ISTM it always takes seven clicks to load, one or two for every subsequent operations. @bosomt if you're more familiar with adalite, can you confirm? This is AFAICT the principle behind @lunarpool's method: you enter the empty passphrase enough times to fetch the appropriate data, and then use |
only Cardano |
|
@tsusanka mycrypto works as expected, previous transactions/used addresses are loaded |
Yup, I can confirm this. Adalite works fine for me when I confirm the blank passphrase 7 times (on the device) |
|
Confirming @matejcik's and @lunarpool's method - took me ~6 confirmations of empty passphrase to get into Adalite wallet and ~4 confirmations on mycrypto. Model T 2.4.0 ea3596a |
Is mycrypto also able to access Cardano? I can't reproduce there. |
I'm so sorry, no Cardano there afaik, we were asked to test mycrypto on Slack (where there's a different behavior in which the Connect popup opens about 4 times). I'm not used to testing of 3rd party apps, my mistake. |
|
Ok, so I guess conclude this is Cardano-only? |
|
Btw just a note: we have intentionally not released Connect yet. So JFYI at least Cardano-only users should not be affected. I know that is a minority but at least something. |
|
@sorooris just to be clear: mycrypto opens the pop-up multiple times, but only asks for passphrase once and the subsequent popups do not ask, correct? |
matejcik
changed the title
|
@matejcik correct ⬇️
|
|
@trezor/qa could one of you please retest on adalite.io? Someone on reddit reported it seems fixed so I am wondering if Adalite folks did some hotfix. |
|
@tsusanka nah, still same result, adalite+connect asks for passphrase over and over again |
|
To clarify - Adalite exports multiple keys in bulk as it has support for multiple accounts and this bug results for the prompt being triggered for every single key. So after 5-6 confirmations (the amount of keys exported in the first bulk) the user will indeed eventually log in. Of course this is still a significant hurdle, unfortunately the only option is to wait for the fix on the connect side A partial fix (in case the users use only one account in Adalite) for the time being is to manually disable bulk key export in Adalite (there's a checkbox for it below the hardware wallet selection screen), in which case "only" three keys get exported and hence "only" three prompts are triggered. Of course, as soon as the problem in trezor connect is fixed, it's worth re-enabling it. |
|
QA OK Info:
|
Trezor Connect will NOT work with a blank passphrase after updating to 2.4.0
Downgrade to 2.3.6 and it works again.
For example:
When you go to adalite.io, trezor-connect asks for your passphrase like it always does. It has a message to leave it blank for standard non-hidden wallet.
If you leave it blank on 2.4.0, it will never go past that screen. It continues to re-ask you over and over. Broken.
If you leave it blank on 2.3.6, it opens the wallet properly. Works.
Windows 10, Chrome current version.
The text was updated successfully, but these errors were encountered: