Lattice Signature Determinism and SNARKs
Prior to Lattice1 firmware release v0.12.0, all ECDSA signatures were “non-deterministic”, which made them incompatible with some layer 2 applications that use SNARKs. In v0.12.0, GridPlus implemented the RFC6979 standard to overcome this limitation and securely produce deterministic signatures.
To our knowledge, deterministic signatures are not required for any L1 consensus layer (e.g. Ethereum, Polygon) so they are not needed for normal transactions or Ethereum messages. However, it is very difficult for SNARKs to implement standard ECC signature verification (see this for a good technical explanation of ZK-rollups and SNARK limitations), so most ZK-based applications (which are generally quite new) use computationally simpler ECC schemes which are different than ones supported by Ethereum and other EVM chains. To enable ZK cryptography, these apps typically derive a new keypair from a deterministic signature generated by an L1-compatible keypair (e.g. one in your Lattice). Because older versions of Lattice firmware produce random ECC signatures, they are not compatible with these apps.
WARNING: Please be aware that most ZK-apps requiring deterministic signatures use these to generate private keys in your browser. Since the private key securing your ZK-app funds exists in your browser, these funds are NOT fully protected by your hardware wallet.
SafeCard Limitations and Firmware Signing
Prior to v0.12.0 the Lattice requested all signatures from the card itself, which is capable of standard ECDSA. The smart card operating system, however, does not have the cryptography necessary to adopt RFC6979 and thus cannot produce deterministic signatures on its own. To support ZK apps, we therefore need to perform signing operations in the Lattice1’s firmware, which runs in the secure compute environment (SCE). This change was made in v0.12.0. Rest assured, this component is physically protected by an anti-tamper mesh and, as the name implies, is fully secure. For more info, see this page.
In v0.12.0 we also deprecated an option when setting up SafeCards: the non-exportable seed option. Cards setup with non-exportable seeds do not work with this new deterministic signing path, which means they cannot support ZK-based apps or any cryptography that may be added to Lattice firmware in the future (e.g. BLS signing or Edwards curve operations). However, you can convert your card into one with an exportable seed if you wrote your seed phrase down.
Note that onboard Lattice wallets, SafeCard wallets with exportable seeds, and all SafeCard wallets set up on firmware ≥0.12.0 are fully compatible. This non-exportable state only exists for users who set up a SafeCard on firmware <v0.12.0 with the “non-exportable” option enabled.
If you don’t know whether your seed is exportable or not, you can visit zk.money and try to create an account, which involves signing the same message twice. If you have a non-exportable seed, you will not be able to proceed because the signatures will be different.
WARNING: we strongly recommend you not use a non-exportable seed with any ZK-rollup based applications (e.g. Dydx, Zksync, etc): we cannot guarantee compatibility. We expect most of these applications to eventually add the deterministic signature check like zk.money has, but currently most are not enforcing this check.
Converting a non-exportable seed to an exportable one
If you would like to use these apps and you have a non-exportable seed, you can “update” the card using a backup of your seed phrase if you have one. On your Lattice1 home screen, go to Manage Wallets -> Reset SafeCard Wallet to remove the seed on the card — do not do this if you do not have a backup of your seed phrase.
Once the seed has been deleted, you can remove your card, re-insert, and setup the card again with the same seed phrase. You’re now good to go. We recommend this process for the vast majority of Lattice users, as this will also allow usage of future cryptography such as BLS and Edwards curves, which are also not available in the smart card operating system.
