Ledger baking skipping nonce reveals?

While working on ledger integration for bakinbacon.io I’ve come across an issue where the ledger won’t sign nonce reveals. In reading the ledger source code, I don’t see where it parses the nonce data. I can see that it does parse for endorsements which use the 0x02 watermark (same watermark is used for nonce signs). When manually trying to sign a nonce reveal, I get errors back from the ledger.

Can anyone confirm that their ledger is properly signing nonce reveals?

Nonce revelations are anonymous operations, they are not supposed to be signed.

@eugenz The watermark of a nonce reveal is 0x02, correct? Which is not anonymous operation, right?

But they can be? I can sign them with a private key and inject and they are accepted. Maybe this was the assumption.

@eugenz
Take a look at the JSON for this block. Block 512002 on tzkt.io Search for this ophash: onybZ55V3x3 and opa3D9Fx1L
There’s a signature attached to these nonce reveals.

Indeed, they can be signed, even if they don’t have to.

Then I don’t know if that’s related to the errors you get from the ledger.

Well, that might explain why this issue hasn’t ever been seen/noticed in 3+ years. :slight_smile:
When I saw those examples in the chain, I assumed they needed to be signed. So I started working on the software wallet implementation and everything worked, nonces got injected/etc. Then started working on ledger support and my abstraction layer just passed along a similar signing request to the device. Since they are 0x02, ledger treated it like an endorsement which failed to parse. This lead me to believe that ledgers had been silently failing to sign nonces.

Now I need to go back and take off the signing aspect of nonce reveals and verify they are still injectable.

Very informative post. I really do hope and pray this stuff works!