Nano S with 1.2 firmware vs EIP-155: Successful recovery of 24 ETH and $50+k worth of ERC-20 tokens (seed lost)

Originally published on reddit: https://www.reddit.com/r/ledgerwallet/comments/nbcukn/nano_s_with_12_firmware_vs_eip155_successful/

TL;DR - Don't lose your recovery seed!

A client came to us with an old Nano S with firmware 1.2, known PIN but lost seed, and trying to recover access to 24 ETH and $50+k worth of ERC-20 tokens.

The old Nano firmware 1.2 cannot be updated, and even if it could, it would have been too risky since the client had lost their seed. The Ethereum app on their ledger does not have a version number, but it has the "Browser support" option. So we decided to attempt recovery using an old version of MyCrypto, that could communicate with the old ledger (and used to work for such recoveries). We were able to sign a test Tx on the device, but when broadcasting the Tx to the network, now we got an error: only replay-protected (EIP-155) transactions allowed over RPC. Hmmmm...

So we figured maybe we should try with the low-level tools that we used for an earlier recovery of ETH from an older ledger (see link at the end, successful_recovery_story_how_we_recovered_100 ).

So we shipped a bootable Linux virtual image with the low level tools to our client, and were able to sign a test Tx with their ledger, and when we broadcast it to the Ethereum network, we got the same Error:

Failed to broadcast the Tx:{'code': -32000, 'message': 'only replay-protected (EIP-155) transactions allowed over RPC'}.

After investigating, we discovered that since the recent Ethereum Berlin hard fork, all Ethereum Nodes now reject pre-EIP-155 Tx's, i.e. Tx's that do not include the ChainID used for Replay Protection.

See details here: github . com/ethereum/EIPs/blob/master/EIPS/eip-155.md

So we modified our low-level tools to generate and sign EIP-155 transactions with the correct ChainID.

But we found out that the Ledger Ethereum apps older than version 1.0.8 (firmware 1.2) generate an invalid signature if EIP-155 transactions are passed to them . They produce a garbage signature with v=27 or v=28, instead of a correct EIP-155 signature with v=37 or v=38 (for ChainID=1). Ethereum apps version 1.0.8 (used on Nano S with firmware 1.3.1) and all later versions are able to sign correctly EIP-155 transaction (we checked that).

Therefore it looked quite problematic to recover ETH and ERC-20 tokens from those old ledgers (firmware 1.0, 1.1 and 1.2), given that the Ethereum app cannot be updated on those devices (and that Ethereum app v1.0.8, even if it could be side-loaded using development tools, is likely not compatible with those older firmware, so a custom version of the Ethereum app would probably have to be developed just for recovery, which is a lot of work).

Luckily, Ethereum people confirmed that for now, EIP-155 is only enforced when a signed Tx is submitted, and it is not enforced internally in the Ethereum network, but internal enforcement is in the Ethereum roadmap. When this happens, this will likely make such recoveries way more complicated if not impossible (as it would require developing and side-loading a customized Ethereum app on the old ledgers).

So we configured a private Geth Ethereum Node on our server, setup to accept those old pre-EIP-155 signed Tx's and broadcast them to the Ethereum network.

Using our customized Ethereum Node, together with our low level tools running on linux in a virtualbox on our client computer, we were able to sign and successfully broadcast the transactions to recover the ETH.

We panicked a little when the ledger returned an "unknown error" when trying to sign transactions that had contract data (to recover the ERC-20 tokens)... until we realized that "contract data" had just not been enabled on the client's ledger Ethereum app.

In the end, we were able to successfully recover all the funds after a couple of hours of work!

Recovery would have been trivial if client didn't lose their recovery seed, of course.

Comments: you can read and post comments on reddit, even if the post was "removed by reddit filters".

In the same Recovery series: Other crypto recovery reports by loupiote2

Contact loupiote2 via chat or message from reddit profile: https://www.reddit.com/user/loupiote2/