Hi, I am trying to sign some transactions with my Trezor One and with other software and hardware wallets with the same keys to test whether I obtain the same signature.
Clearly, I am doing this to be sure that the device is using deterministic nonces and is not backdoored (for instance with Dark Skippy).
However I am getting different signatures for some specific transactions. The pattern is unclear, sometimes the signature matches and sometimes it doesn’t depending on the transaction.
Repeating the test with the same transaction always lead to the same result (both when it is ok and when the signature is different).
The software wallets used both as reference and as interfaces to sign with the Trezor One are Sparrow and Electrum.
My current firmware is 1.11.2 Bitcoin-only, I tried to upgrade but trezorctl replies that to upgrade to 1.12.1 it is necessary to have 1.12.0 and such a firmware is not available for my device.
I managed to confirm that an independent Trezor One with the latest firmware version (bitcoin-only) produces the same signatures of the Trezor One originally tested. So, they are likely both genuine, but the signature does not match the one produced by Sparrow and Electrum in some scenarios.