ETH signing for second passphrase wallet signs with wrong address + signature

Using trezor to connect to a dapp.

After connecting and entering my passphrase the right address is returned and connected.

I am proceeding to initiate a transaction on ETH, the transaction (call) prints correctly and I sign.

But the returned signature and address (from in the tx) is not the address I was using to connect. So the transaction fails on the node as that address is unfunded. Also, that wrong address is changing every time I am trying this. Did not happen before my last firmware update (I might have skipped a couple).

cheers

I can provide the code of the implementation (am dev)

does the wrong address match any passphrase that you are using?

my first guess is that the last passphrase you used with Connect stays cached there.

1 Like

Well, it does not match any address (as I said, it is changing every time I am trying to sign) and I would hope it is using the same address as the one I am connected with. (so using the right passphrase)

So once again what I did:

  • connect the wallet with:
    await TrezorConnect.ethereumGetAddress({
    path: derivationPathToString(this.derivationPath),
    showOnTrezor: true,
    });

  • then I paste in the passphrase (I dont type, it wouldnt even matter if I typed as that is not the problem hiere)

  • I get the correct address returned

  • I initiate a transaction signing with
    const { success, payload } = await TrezorConnect.ethereumSignTransaction({
    path: derivationPathToString(this.derivationPath),
    transaction: formattedTx,
    })

  • it pops up in the device and I verify

  • I get a signature but it is from a different address as the one I just connected

  • yes all other instances and tabs that could use trezor are closed

  • the address+signature combo I am getting is always different

  • node throws an error on broadcasting as that address+signature is empty (its none of mine)

Are you uhhhh maybe misinterpreting the result?

It’s a raw signature in the form of (v, r, s), where v is the parity bit and r, s are hex encoded scalars of the ECDSA signature. You need to take these three values and RLP-encode them together with the rest of the transaction data, in order to get a valid transaction packet (see e.g. here).

They are not “address” and “signature”, indeed, they have a wrong length for the address.

Even so, these should always be the same given the same transaction, but perhaps you’re updating the transaction (different nonce or so), so :woman_shrugging:

If that’s not it, then I can’t advise, because “address and signature is different every time” is impossible. We’d have to look into possibilities like (a) your Trezor being broken, (b) you have faulty RAM corrupting your data, (c) you have a virus that happens to corrupt the data, and similar weird magics.

Non passphrase wallets work as expected.

would think that rules out parsing the signature wrong.

1 Like