Skip to content

Commit 9a33b6e

Browse files
authored
Merge pull request #57 from oasisprotocol/matevz/ledger-derivation-paths
docs: Update FAQ for Ledger derivation paths
2 parents 95f066a + e748d60 commit 9a33b6e

1 file changed

Lines changed: 34 additions & 7 deletions

File tree

  • docs/general/manage-tokens

docs/general/manage-tokens/faq.md

Lines changed: 34 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -68,16 +68,43 @@ Here's a task for you:
6868
6969
As an additional exercise, you can also create an Oasis wallet using the BIP39 mnemonic from the step 1 above. You will notice that the imported account's base64-encoded private key in the account details screen is different from the one in step 7 above. That's because Oasis uses a different _derivation path_ than Ethereum.
7070
71-
### How can I use my Oasis Wallet mnemonics in Ledger?
72-
73-
Starting from Oasis app for Ledger v2.3.1 a standardized key derivation path as defined in [ADR 0008](/oasis-core/adr/0008-standard-account-key-generation) is supported. This means that you can copy the mnemonics keyphrase you use in the Oasis Wallet - Web or in the Chrome extension directly to your Ledger device. Ledger will then derive the same Oasis wallet address and can be used to sign transactions and send funds. Similarly, you can export your keyphrase from Ledger and use it the Oasis Wallets.
74-
75-
:::caution
76-
77-
Versions of Oasis app for Ledger prior to v2.3.1 used a non-standard key derivation path. Mnemonics could be imported to Ledger, but the derived wallet address and the private key would be different compared to the Oasis Wallets.
71+
### Which derivation path should I use on Ledger? ADR 0008 or Legacy? {#ledger-derivation-paths}
72+
73+
To convert your mnemonic phrase into a private key for signing trasactions,
74+
each wallet (hardware or software) performs a *key derivation*. The Oasis
75+
Protocol Foundation standardized the key derivation for official Oasis wallets
76+
in a document called [ADR 0008] back in January 2021. However, the Ledger
77+
hardware wallet already supported signing transactions at that time using a
78+
custom (we now call it *legacy*) derivation path which is incompatible with
79+
the one defined in ADR 0008. Later, in Oasis app for Ledger v2.3.1 support for
80+
ADR 0008 was added so the wallet can request either derivation from the Ledger
81+
device.
82+
83+
The key derivation path defined in ADR 0008 has the following advantages
84+
compared to the legacy one:
85+
86+
- Derivation path is shorter which results in approximately twice as fast
87+
key derivation (and transaction signing) without compromising security.
88+
- In case your Ledger device is broken or lost and you are unable to retrieve
89+
a new one, you will be able to import your Ledger mnemonic and restore your
90+
private key in any Oasis wallet which implements ADR 0008.
91+
92+
For reasons above, we recommend the usage of ADR 0008. However, since there are
93+
no security considerations at stake, Oasis wallets will support legacy
94+
derivation on Ledger for the foreseeable future.
95+
96+
:::danger
97+
98+
If you happen to import your Ledger mnemonic to a software wallet, consider
99+
that mnemonic *potentially exposed/compromised*, i.e. not appropriate for a
100+
hardware wallet mnemonic anymore. If you use a new hardware wallet in the
101+
future, **never restore it from the mnemonic that was previously used by any
102+
software wallet!**
78103
79104
:::
80105
106+
[ADR 0008]: /oasis-core/adr/0008-standard-account-key-generation
107+
81108
### The wallet gives me _Invalid keyphrase_ error when importing my wallet from mnemonics. How do I solve it?
82109
83110
Please check that:

0 commit comments

Comments
 (0)