Derivation path of Cardano Shelly on Yoroi and Trust Wallet

Hi guys, what are the derivation paths of Cardano Shelly on Yoroi and Trust Wallet?

For a same mnemonic, Trust and Yoroi generates different wallet addresses.

For the receive addresses, the derivation paths are m/1852'/1815'/<account>'/0/<n>, for change addresses m/1852'/1815'/<account>'/1/<n>, and the stake address is m/1852'/1815'/<account>'/2/0.

But the difference is probably not in the derivation path, but in the generation of the master key – the m at the beginning of the derivation path – from the seed phrase.

Most (all?) Cardano software wallet apps use the method described under “Icarus” in https://github.com/cardano-foundation/CIPs/tree/master/CIP-0003#history, while Ledger hardware wallets (and probably also Trust Wallet) use the method described under “Ledger/BitBox02”.

4 Likes

I have read your post and am trying to understand the implications for wallet transferability. To be specific, consider the following scenario:

  1. A Ledger device with known 24 word seed phrase and ADA stored in addresses generated by this device.

  2. Take the 24 word seed phrase and setup a Yoroi desktop software wallet. Will the ADA-containing addresses (created by the Ledger) be visible and usable from the Yoroi software wallet?

(Never mind the poor security implications of taking a hardware wallet seed phrase to initialize a software wallet. This is a thought experiment only.)

My motivation to understand wallet transferability is because reliance on a specific wallet vendor would create a vulnerability in long-term access to funds on a block chain. Until I read your post, I thought that BIP39 seed phrases combined with the use of standard derivation paths would provide guaranteed wallet transferabity…

No, Yoroi (or another wallet app) would open a totally different wallet.

I don’t see the problem as that big. The algorithm used by Ledger is known, it could be implemented in software at any time. So, it’s not really a vendor lock-in.

It probably already is by scammers and fraudsters, since they won’t go through the hassle of importing all their victims’ phrases into real hardware wallets.

Would be nice if some wallet apps would offer importing Ledger seeds in software, though. When this was discussed the last time, I even proposed it to the Eternl devs, but if it comes, it will be very low priority.

1 Like

Thanks @HeptaSean
If it is convenient enough for you, can you point me in the direction of some API documentation/examples for creating master keys and for creating addresses from derivation chains?

Sorry for the delay!

IOG has a command line tool for that: https://github.com/input-output-hk/cardano-addresses

For cardano-serialization-lib, some examples can be found here: https://github.com/Emurgo/cardano-serialization-lib/blob/master/doc/getting-started/generating-keys.md

For a somewhat limited use case, I have implemented it in Python and documented it with a lot of test cases and links to the specifications, here: https://github.com/HeptaSean/PySeedRecover/blob/main/seedrecover/keyderiv.py

Thanks! I’ll take a look.