Comments (25)
- when trying to wipe auto-locked device i'm not asked to unlock it but to confirm wipe, is this intentional ?
yes, this is intentional
from trezor-firmware.
#949 is a necessary prerequisite of this. After that is done, hardness of auto-locking is decreased, so I updated the estimate.
from trezor-firmware.
For QA:
Auto-lock is enabled by default and set to 10 minutes. It cannot be completely disabled, but can be configured for up to ~6 days (technical limitation; setting higher values will silently set the maximum).
Minimum is 10 seconds. Specifying less will set (and show) 10 seconds.
Use trezorctl set auto-lock-delay <seconds>
to set the delay.
Use trezorctl clear-session
(command name will be changed but for now this works) to lock the device manually.
No need to update trezorctl, these commands existed for T1 for quite some time.
Scenarios:
- Device locks after the specified period of inactivity. A lock screen should be displayed.
- Device can be unlocked by tapping the lock screen.
- Device can be unlocked by initiating an action from wallet software.
- Device can be unlocked by a FIDO/U2F request.
- Work with the device for longer than the specified autolock delay. Ensure that the device doesn't lock while you are using it.
- Let the autolock interrupt an action (leave an address screen on; or signtx confirmation; or just the PIN entry for unlocking). The device should lock, and the wallet software should react with "action was cancelled"
- Let the autolock interrupt FIDO/U2F request. Device should lock, FIDO should be rejected.
This is currently blocked in Suite by trezor/trezor-suite#1971, and there is most likely something similar for old Wallet.
from trezor-firmware.
@trezor/qa please do a quick test with Password Manager as well.
from trezor-firmware.
@tsusanka i already sent issue 2 days ago for TT 2.3.2 ;)
trezor/trezor-password-manager#95
i will check it with T1 tomorrow ;)
from trezor-firmware.
Default value as per a6e8a37 is 10 minutes, see trezor/trezor-core@a6e8a37#diff-b325a57e27deacedf04af2b2023c70ccR137
from trezor-firmware.
@sorooris why not get it from CI? From master
artifact core fw regular
.
from trezor-firmware.
@tsusanka thanks, i wasn't sure.
from trezor-firmware.
And let's wait for the old Wallet implementation :). I'll let you know when that's ready. Thanks
from trezor-firmware.
Linked issue from the report retested and is fixed by Connect, removing the needs QA label.
from trezor-firmware.
Configuration value autolock_delay_ms
implemented in a6e8a37
from trezor-firmware.
Also, the wake event should be a human interaction (touch event), not wire communication, to protect device from misbehaving app on desktop.
I believe this is so already.
So what is left is to implement the auto-lock and set the settings (use the configuration value added in a6e8a37).
@prusnak What should be the default value? Auto-lock after what time?
from trezor-firmware.
Let's do this in the following milestone, because it should solve some user-unfriendliness in Wallet. In particular, it prompts the user for passphrase entry selection (host vs device) way too often.
On 'clear cache' we should not forget the passphrase, but just lock the device. The passphrase will remain in cache.
from trezor-firmware.
Not erasing passphrase on ClearSession implemented in 4097f25
from trezor-firmware.
what's the purpose of ClearSession if it doesn't clear the session?
i mean, what is wallet using it for?
from trezor-firmware.
According to how it is being used now the message should have been called LockDevice.
from trezor-firmware.
what's the purpose of ClearSession if it doesn't clear the session?
@matejcik , so the trezorctl
auto-lock-delay
and clear-session
command are still WIP in trezorctl v0.12.0 and FW v2.3.0, or did I miss read?
trezorctl set auto-lock-delay 300
trezorctl clear-session
from trezor-firmware.
@brianddk both have been working fine* on T1 for quite some time. Neither is implemented in TT as of now, i wouldn't even call it "WIP", more like "there is an open issue".
*) for some values of "working fine", mostly depending on what exactly you want ClearSession to do
from trezor-firmware.
@matejcik could you link QA with a non-debug firmware build please? thanks
from trezor-firmware.
currently testing suite branch suite-web/feat/232-pinentry
trezor/trezor-suite@06d90d2 with latest 2.3.2 master e630279
- i often see enter passphrase dialogue before i see correct dialogue after i unlock auto-locked device with some confirmation like change pin or name, after less than second it will disappear and I will see correct dialogue, is this firmware or suite issue ?
After quick check I noticed that this happens with 2.3.1 production c6b2580 FW too and beta version of suite trezor/trezor-suite@06d90d2
do you recommend to send it as Firmware issue or suite issue ?
- when trying to wipe auto-locked device i'm not asked to unlock it but to confirm wipe, is this intentional ?
from trezor-firmware.
i often see enter passphrase dialogue before i see correct dialogue after i unlock auto-locked device with some confirmation like change pin or name, after less than second it will disappear and I will see correct dialogue, is this firmware or suite issue ?
So you have an auto-locked device and you start some action in Suite (such as change pin). You unlock the device and instead of the change pin dialog you see a passphrase dialog on the device for a brief second? Is that correct? What is displayed in the passphrase dialog? Maybe video could help?
from trezor-firmware.
@tsusanka I just sent suite issue, screenshot from video and video included
trezor/trezor-suite#2046
strange is the it only happens once, maybe then passphrase is already cached, i don't know ;)
from trezor-firmware.
So since @bosomt's (1) is not related to the auto-lock (happens on 2.3.1 as well) and (2) is intentional I am closing again. @bosomt were those the only issues you have encountered? In another words, did you successfully test all the other scenarios provided by @matejcik? (On Suite suite-web/feat/232-pinentry
, we still need to test Wallet later)
from trezor-firmware.
@tsusanka tested and all features mentioned by matejcik are working fine.
Let's wait for rest of team so we can say QA OK
from trezor-firmware.
Tested with 2.3.2 14a8da9
Testpad report
from trezor-firmware.
Related Issues (20)
- Make loaders more fluent
- Building on Aarch64 (GCC 13 and Python 3.12) HOT 4
- improve robustness of i2c communication by using DMA
- Improve waking optiga from sleep mode
- Add BOOTLOADER VERSION and BOARDLOADER VERSION to prodtest HOT 1
- Passphrase flows
- "Previous" instead of "Back/Cancel" during Backup recovery/dry run
- Fix backlight timer setting
- Move backlight control fully into Rust
- Homescreen/Lockscreen
- Backup check/Dry run flow
- rounded rect rendering bug
- Swipe up animation between receive address and tap to confirm screen after tap to confirm animation
- Send ETH (EVM)
- Persistent words in recovery
- Screen transitions
- Show last typed PIN number for short period of time before changing it to "*"
- use `storage.cache.set_bool`
- Check backup - wrong Suite response
- Better integration of Slip39_Single backup type
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from trezor-firmware.