Incompatible with Ledger in multi-sig setup

Creating new musig wallet with 1 xpub exported from ledger live, which has no fingerprint, cant be imported as multisig wallet config into Passport.

ERROR: “Only an xpub was imported, a fingerprint (xfp) is needed”. And it cant sign a multisig transaction, even though “skip verificiation” is on.

The problem appears 2 sided: Ledger Live exporting xpubs without fingerprint and Passport unable to import a multi-sig coordination setup where one of the keys has no fingerprint. Other hardware wallets are capable of importing the same multi-sig coordination setup where 1 of the keys has no fingerprint.

Seems like a pretty strange use-case. What is the reason for exporting the xpub without a derivation and FP from ledger live and not the ledger device itself?

Which software are you using to coordinate this?

Not sure what’s strange about having a Ledger and wanting to upgrade to a multi-sig which includes a Passport, feels like a pretty common use case.

In the Ledger Live app the xpub is always exported without fingerprint, they are explicit about this. It does include derivation path. It doesn’t seem possible to export the xpub including the fingerprint.

Besides the weirdness of Ledger, which should export xpub with fingerprint. Perhaps that’s possible but haven’t found it.

This issue is about Passport being unable to import the multi-sig coordination setup where 1 key does not have a fingerprint that was exported from Ledger Live, so in essence they don’t comply with BIP32. But I’d think/hope that “skip verification” on Passport would allow to import such a coordination setup. Now it’s not possible to be part of such a setup with Passport and it can’t co-sign such transactions.

To be clear here, I’m not suggesting that including a Ledger into a multisig configuration is strange. The question was specifically around the export of an xpub for the Ledger Live (the software app) rather than the physical Ledger device.

I don’t have a lot of experience with Ledger, but I’m quietly confident that if you coordinated the multisig wallet in something like Sparrow and added the Ledger using the physical device, it would share all of the relevant details, including the fingerprint, and Passport would pose no problem here.

On the ‘why’ of Passport not importing an incomplete multisig configuration, I’ll need to do some further checks and come back to you.

You’re probably right but the client was using Ledger Live and forcing him to move to Sparrow, which in itself is not ideal for managing multi-sig IMO, is not a very fluent onboarding to bypass a rather strict BIP32 check on Passports behalf when “skip verification” is enabled.

I’d love to see the strict fingerprint check removed in Passport when that setting is enabled to smoothen Ledger Live clients onboarding onto a multi-sig where Passport is part of the setup.

The coordinator used was Blue, it did not error on fingerprint absence.
Other keyslice was Keystone, it also did not error on fingerprint absence.

What message is Passport displaying when attempting to sign a tx from this wallet?

Can’t recall exactly. I only got the exact error when trying to import the multi-sig coordination setup then the error is: “Only an xpub was imported, a fingerprint (xfp) is needed”.

Which shouldn’t be an error but a warning when “skip verification” is enabled IMO

Thanks. We are investigating.

@Bitsaga you don’t happen to have a sample file of what the export from Ledger Live looks like, do you?

No i dont, but it was a json format like this:

{
"xpub": "zpub...",
"derivation": "m/84..."
}
1 Like

So we’ve been experimenting with Ledger and Bluewallet ourselves. As it turns out, Bluewallet does complain about Ledger not providing a fingerprint, and throws the following error:

Then it goes ahead and assigns the fingerprint 00000000 if you don’t provide one, which seems to be what Passport complains about. We will look into having Passport identify this and either overwrite the zeroes with the proper fingerprint, or maybe accept it as is. Thank you for bringing this up to our attention! We will keep you posted with progress