Version 1.4.0 of Tezos Ledger Nano S Applications and More

Version 1.4.0 of Tezos Wallet and Tezos Baking are now available in Ledger Live! There are also some related updates to Tezos in the pipeline we wanted to share.

Version 1.4.0 Release

First, Tezos Wallet has an improved menu UI similar to other Ledger Nano S applications. It includes a home screen, an 'About' section where you can see the version of the application, and a 'Quit' screen. There are also other improvements that are more 'under the hood', like showing the git hash the application is built from when you use list connected ledgers.

The most notable change to Tezos Baking is that you now must enter the device's PIN to exit the app. Baking with the Ledger Nano S requires the device to stay in an authenticated state. This new feature ensures an attacker can't take advantage of that authenticated state to transfer funds should they have gained physical access to the device and the computer to which it is connected.

We've also added some less visible improvements like the same git hash function mentioned above in Tezos Wallet, plus a query for the authorized baking key which shows the baking key on the Ledger device.

Related updates to Tezos

Not all of the changes you'll see while using Tezos Wallet and Tezos Baking are due to changes in the device apps! Improvements have been made in Tezos as well which you'll see by using your hardware wallet. In this case, they are all visible by running the command tezos-client list connected ledgers.

Here's what the original output of that command currently looks like on mainnet:

Found a Tezos Baking 1.4.0 application running on Ledger Nano S at [0001:003c:00].

To add the root key of this ledger, use one of

 tezos-client import secret key ledger_myusername_ed ledger://tz1VasatP7zmHDxPeBn97YoSFowXLdsBAdW9 # Ed25519 signature
 tezos-client import secret key ledger_myusername_secp ledger://tz2DHCC7PGgzboZRNB6rYinjT61YbjWdjJum # Secp256k1 signature
 tezos-client import secret key ledger_myusername_p2 ledger://tz3NdTPb3Ax2rVW2Kq9QEdzfYFkRwhrQRPhX # P-256 signature

Each of these tz* is a valid Tezos address.

To use a derived address, add a hardened BIP32 path suffix at the end of the URI. For instance, to use keys at BIP32 path m/44'/1729'/0'/0', use one of

 tezos-client import secret key ledger_myusername_ed_0_0 “ledger://tz1VasatP7zmHDxPeBn97YoSFowXLdsBAdW9/0'/0'”
 tezos-client import secret key ledger_myusername_secp_0_0 “ledger://tz2DHCC7PGgzboZRNB6rYinjT61YbjWdjJum/0'/0'”
 tezos-client import secret key ledger_myusername_p2_0_0 “ledger://tz3NdTPb3Ax2rVW2Kq9QEdzfYFkRwhrQRPhX/0'/0'”

In this case, your Tezos address will be a derived tz*.
It will be displayed when you do the import, or using command show ledger path.

It lists 6 total commands for importing keys: 3 for importing the root key for each signing curve, and another 3 for importing a derived address.

The strings that identify the Ledger Nano S (which are shown after ledger://) look very similar to the string that identifies each individual account (the public key hash they generate), which can be confusing because they were sometimes identical... but not always. It can be easy to muddle the two, and it's important that you use the right one.

Here is the new output, currently visible on alphanet and zeronet:

Found a Tezos Baking 1.4.0 (commit 653902f0) application running on Ledger Nano S at [0001:003c:00].

To use keys at BIP32 path m/44'/1729'/0'/0' (default Tezos key path), use one of

 tezos-client import secret key ledger_myusername “ledger://outgoing-gerbil-adorable-dolphin/ed25519/0'/0'”
 tezos-client import secret key ledger_myusername “ledger://outgoing-gerbil-adorable-dolphin/secp256k1/0'/0'”
 tezos-client import secret key ledger_myusername “ledger://outgoing-gerbil-adorable-dolphin/P-256/0'/0'”

The newer, simplified version shows 3 Tezos addresses (still 1 for each signing curve) represented by adjective-animal-adjective-animal identifiers (think crouching-tiger-hidden-dragon). These identifiers are pseudo-unique to each seed phrase, meaning it is possible but very rare for two differently seeded ledgers to have the same identifiers. They are also noticeably different than their related public key hashes. While these identifiers also make it easier to distinguish multiple hardware wallets connected to the same machine, it does not differentiate two paired ledgers with an identical seed.

Who knows, you might get something cute, too! I'm the proud owner of an outgoing gerbil and an adorable dolphin.

Finally, another minor difference in the output is that it now shows the git hash of the application you are using, making issues easier to debug should they arise.

Future Improvements

In addition to expanding functionality to meet the needs of the (rapidly!) growing Tezos community, there are plenty of improvements we're thinking of to improve security and usability. These include better error messages, prompts to help wallet providers improve UX, and parsing more operation parameters to increase the device's ability to display meaningful information. Specifically, in the near term, we'd like to adjust the device display during Tezos Wallet's operation signing to make it quicker to verify transactions, etc. That includes speeding up the scroll, and changing the order of what's displayed so it's more convenient for operation verification (Amount > Fee > Destination > Source).

Are there other improvements you think we should make? Let us know by sending an email to tezos@obsidian.systems! We'd love to hear from you.