Ledger Seed is different from Daedalus/Yoroi/Adalite seed

It’s not really an issue, something that someone wants to have resolved. It is well-known that Ledger and software wallet apps use different methods of deriving the master key and I’m not aware of any initiative to change that.

Wallet apps would be free to offer the additional possibility of importing from Ledger seed phrases, but as far as I know there is still none that does it.

Would be good to avoid having to buy another Ledger.

Would be bad, because people could use that not being aware that it totally spoils the security of their hardware wallet. Having done support in these forums for a few months: The latter will happen. A lot! No matter how many warnings you put before it.

I totally understand the security of a ledger hardware wallet and protecting the private keys and would never advise anyone to enter there recovery phrase into a software wallet online. My reasoning behind the question is purely hypothetical. If for instance say ledger went out of business and there was very few hardware devices left and your ledger was damaged for some reason the question is this. I’m left with a recovery phrase that is not able to retrieve my ADA without using another ledger hardware wallet. If I use my hardware wallet recovery phrase to recover any other assets with my ledger private key using a software wallet like Bitcoin, ethereum etc then I could recover them no problem.

This was a thread posted by @SebastienGllmt

Theoretically possible? Yes. In a user-friendly interface? No, unfortunately not. This is because Cardano has a custom way of deriving the root private key from a recovery phrase but Ledger instead uses the standard that other cryptocurrencies follow (that’s why you can’t just type the recovery phrase into Daedalus and have it magically work).

You can see the code required to extract a Ledger private key here: https://repl.it/repls/EvenFairInformation#index.js (pls don’t actually enter your recovery phrase into a website though). However, even with the root key, you will have to write a custom script to use it (no handy tools for importing a wallet from a private key as far as I know)

You can learn more about deriving the root key from a recovery phrase in CIP3: https://github.com/cardano-foundation/CIPs/pull/3

Probably not a lot of people know about this but I do think it’s an issue as you are relying on third party hardware to stay in existence and to always be on the market. You shouldn’t have to rely on third party hardware to gain access to your crypto no matter what. No other crypto has this issue with a ledger recovery phrase only ADA

1 Like

In this hypothetical scenario, I’m sure there will be a lot of software Ledgers in due time.

As you know yourself, the key derivation of Ledger is documented in CIP 3 and enough people know about it to just implement it if the need arises.

I don’t think you will reach a lot of wallet app developers with this thread. You could try to raise feature requests with them to add that option now.

1 Like

Yeah that’s fair enough and I suppose you’re right. I’m sure there would be plenty of devs implementing it within weeks if that happened :laughing: Thanks for the quick response

If I ever come to extending my seed recovery tool to a complete wallet app/client, I might be inclined to add that.

For seed recovery, you definitely want it, anyway.

And it’s only a couple of lines of code. The Icarus master key derivation I already have there are six lines (and 26 lines of documentation/tests): https://github.com/HeptaSean/PySeedRecover/blob/main/seedrecover/keyderiv.py#L115-L146

I would deem it not that risky in a command line client. People finding the correct switch will hopefully know not to shoot themselves in the foot. Hopefully!

1 Like

This is the point. End users will loose trust in ADA, if a seed phrase does not lead to the same wallet, no matter, which hardware/software wallet you are using to recover a wallet. Always!

To my knowledge this is the case with all other cryptos except ADA. I understand the security concerns, but please look through the eyes of the end user.

The solution to this mess is not too complicated: During recovering an ADA wallet the recovering algorithm just has try the different ADA derivation paths and look for a non-empty wallet.

If you look at Trezor-T, they are already scanning different ADA key paths. The same with Solflare on recovering a Solano wallet.

I’m just an end user, and I don’t have the skills to implement this. But the initial ADA key-derivation-mess could be hidden from the end user with this wallet-scanning during a wallet recovery operation.

1 Like

I have never used another cryptocurrency and certainly did not expect Ledger phrases to work in software wallet apps. :man_shrugging: (They should – almost – never be put in there, anyway.)

Detail: The derivation paths are exactly the same. Only the master key derivation is different. And the one of Ledger is an abomination that hurts to be implemented. But sure, wallet apps could implement that. Try to convince them!

2 Likes