is this already launched?
what's the price?
what's the price?
It will be launched in July. Price will be announced then.
Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 193. (Read 966173 times)
It will be launched in July. Price will be announced then.
is this already launched?
what's the price?
what's the price?
I have a question (to devs or anyone else):
I read trezor uses RFC6979 deterministic ecdsa signatures to prevent leaking of seed or any other private data through the "random" number used in non-deterministic signatures. I read that here
Is there an easy way to check wether this is true by looking at a transaction signed by trezor?
I read trezor uses RFC6979 deterministic ecdsa signatures to prevent leaking of seed or any other private data through the "random" number used in non-deterministic signatures. I read that here
Is there an easy way to check wether this is true by looking at a transaction signed by trezor?
You can easily see that the signatures produced by TREZOR are deterministic, because they produce same result for same combination of private key/message (that's what we use in unit testing afterall ...)
I am not sure if BitcoinJ uses deterministic signatures by default and if they use the same pseudorandom function as described in RFC6979, but if both are true you can try importing TREZOR's seed into Wallet32 and see if they produce the same signatures for the same combination of privkey/message.
iirc knowledge of any deterministic private key compromises whole seed, all addresses
You might need two. 
One more comment: If I understand this correctly, the Trezor use case for signing transaction never reuses adresses. If k=1 was used all the time, only the private keys of the dead address will be revealed. There is still no known way to steal your BTC in this scenario.
iirc knowledge of any deterministic private key compromises whole seed, all addresses
http://satoshilabs.com/news/2013-10-31-celebrate-day-of-bitcoin-with-trezor/#more-206
will you update the number of stolen or lost coins?
The answer to your question is NO. There is no simple way to chech this. There is a difficult way to test that in your particular test scenario RFC6979 is used.
One more comment: If I understand this correctly, the Trezor use case for signing transaction never reuses adresses. If k=1 was used all the time, only the private keys of the dead address will be revealed. There is still no known way to steal your BTC in this scenario. So the RFC6979 is good to have, but you are safe even without it.
Please correct me if I'm wrong.
I have a question (to devs or anyone else):
I read trezor uses RFC6979 deterministic ecdsa signatures to prevent leaking of seed or any other private data through the "random" number used in non-deterministic signatures. I read that here
Is there an easy way to check wether this is true by looking at a transaction signed by trezor?
The answer to your question is NO. There is no simple way to chech this. There is a difficult way to test that in your particular test scenario RFC6979 is used. There is virtually no way to actually check/prove that this happens in all cases. You can prove that the code that is in trezor git repository uses this RFC, but you have to trust devs that the device is running unmodified code.I read trezor uses RFC6979 deterministic ecdsa signatures to prevent leaking of seed or any other private data through the "random" number used in non-deterministic signatures. I read that here
Is there an easy way to check wether this is true by looking at a transaction signed by trezor?
Any wallet, hardware or software, can be malitious and can have backdoors. In the end you have to trust someone and Trezor devs can be trusted in my opinion more than some random guys that appear out of nowhere with their ultra cool android wallets.
The way you can test this RFC is used:
1. Reconstruct private keys from the trezor seed (using wallet32 or some other software).
2. Sign any transaction using Trezor.
3. Do a lot of math or coding to check that the signature was made using deterministic k.
Or just trust what the readme says...
I have a question (to devs or anyone else):
I read trezor uses RFC6979 deterministic ecdsa signatures to prevent leaking of seed or any other private data through the "random" number used in non-deterministic signatures. I read that here
Is there an easy way to check wether this is true by looking at a transaction signed by trezor?
I read trezor uses RFC6979 deterministic ecdsa signatures to prevent leaking of seed or any other private data through the "random" number used in non-deterministic signatures. I read that here
Is there an easy way to check wether this is true by looking at a transaction signed by trezor?
It is possible to generate seed in TREZOR, load recovery words into software that supports BIP39+BIP44 on an offline computer, and let the software generate xprv key for first account. Then import this xprv key into Wallet32.
At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.
Once this process is easy we might offer this a feature for advanced users, but we don't want beginners to enter private seed anywhere, because of the security implications.
At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.
Once this process is easy we might offer this a feature for advanced users, but we don't want beginners to enter private seed anywhere, because of the security implications.
Ah, I didn't think that the individual accounts functioned as private keys on their own. I thought they were keychains, i.e. seeds that determine a list of public keys.
Reading about extended keys might help. I think that's what stick talked about calling the "extended private key" "xprv key"?
It is possible to generate seed in TREZOR, load recovery words into software that supports BIP39+BIP44 on an offline computer, and let the software generate xprv key for first account. Then import this xprv key into Wallet32.
At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.
Once this process is easy we might offer this a feature for advanced users, but we don't want beginners to enter private seed anywhere, because of the security implications.
At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.
Once this process is easy we might offer this a feature for advanced users, but we don't want beginners to enter private seed anywhere, because of the security implications.
Ah, I didn't think that the individual accounts functioned as private keys on their own. I thought they were keychains, i.e. seeds that determine a list of public keys.
It is possible to generate seed in TREZOR, load recovery words into software that supports BIP39+BIP44 on an offline computer, and let the software generate xprv key for first account. Then import this xprv key into Wallet32.
Thats what I wanted to do. I was pretty sure that I can do sth. like this. Not so sure if wallet32 already supports that thoughQuote
At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.
Once this process is easy we might offer this a feature for advanced users,
+5% I want it! :-)Once this process is easy we might offer this a feature for advanced users,
Quote
but we don't want beginners to enter private seed anywhere, because of the security implications.
I wouldn't count myself into that group of users :-) So I could generate the root-seed for the account#1 and use the resulting priv key as new root-key?
can I strip a part of the tree by deriving the privkey of one account and feeding it to some BIP32 enabled wallet to 'share' the subkeys?
You understand my question? I'd like to use 'account#1' for daily stuff on my phone and still have phone+trezor synced!
can I strip a part of the tree by deriving the privkey of one account and feeding it to some BIP32 enabled wallet to 'share' the subkeys?
You understand my question? I'd like to use 'account#1' for daily stuff on my phone and still have phone+trezor synced!
It is possible to generate seed in TREZOR, load recovery words into software that supports BIP39+BIP44 on an offline computer, and let the software generate xprv key for first account. Then import this xprv key into Wallet32.
At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.
Once this process is easy we might offer this a feature for advanced users, but we don't want beginners to enter private seed anywhere, because of the security implications.
concerning Wallet32
Can I export the private key of one account only and use that on wallet-32 compatible with trezor.
Just like exporting only parts of the trezor DH-tree
Can I export the private key of one account only and use that on wallet-32 compatible with trezor.
Just like exporting only parts of the trezor DH-tree
You can't export any private information from TREZOR.
well, to be correct: you can export the root private seed at one point. In fact you should... onto a piece of paper or similar.
can I strip a part of the tree by deriving the privkey of one account and feeding it to some BIP32 enabled wallet to 'share' the subkeys?
You understand my question? I'd like to use 'account#1' for daily stuff on my phone and still have phone+trezor synced!
All accounts determined from the seed would be available on whatever device you load that seed into. In practice, I'm not sure if that's such a great plan, not if you want differentiated protection for accounts derived from the same seed. It's not possible to give different accounts different levels of security with an HD wallet, that's baked into the design inherently.
So, the seed can be loaded into a different device, but the subkeys cannot be separated.
concerning Wallet32
Can I export the private key of one account only and use that on wallet-32 compatible with trezor.
Just like exporting only parts of the trezor DH-tree
Can I export the private key of one account only and use that on wallet-32 compatible with trezor.
Just like exporting only parts of the trezor DH-tree
You can't export any private information from TREZOR.
well, to be correct: you can export the root private seed at one point. In fact you should... onto a piece of paper or similar.
can I strip a part of the tree by deriving the privkey of one account and feeding it to some BIP32 enabled wallet to 'share' the subkeys?
You understand my question? I'd like to use 'account#1' for daily stuff on my phone and still have phone+trezor synced!
I dont even want mine anymore. 
Who wants to buy my paid order for 1x classic for 0.4btc, now? Item will be immediately sent on, as soon as received.
Who wants to buy my paid order for 1x classic for 0.4btc, now? Item will be immediately sent on, as soon as received.
Ordered nearly one year ago now! I just want this fuckin' Trezor Classic, it's more worse then Butterflylabs! Unbelievable!
Our supplier has confirmed that they are on the right track to meet deadlines mentioned in the old announcement: http://satoshilabs.com/news/2014-05-08-trezor-metallics-shipping-classics-eta/
thank you for this update. this is good news.
Any new information about the plastic models?
Protip for Trezor guys: instead of just ignoring questions like this, a quick "sorry, no new information" breeds a lot less resentment.
Agreed, I've noticed questions like this ignored a few times. Not a great service considering it's Trezor who've failed to deliver on time!
"Sorry, no new information."
Our supplier has confirmed that they are on the right track to meet deadlines mentioned in the old announcement: http://satoshilabs.com/news/2014-05-08-trezor-metallics-shipping-classics-eta/
Let me remind all of you that this forum is not an official support channel.
We like to hangout here, because the community is great, but from time to time some urgent issue pops out and we tend to overlook this place (especially when it is impossible to track unanswered posts) and limit our action radius to emails ([email protected] for general information, [email protected] for reporting issues).
Any new information about the plastic models?
Protip for Trezor guys: instead of just ignoring questions like this, a quick "sorry, no new information" breeds a lot less resentment.
Agreed, I've noticed questions like this ignored a few times. Not a great service considering it's Trezor who've failed to deliver on time!
concerning Wallet32
Can I export the private key of one account only and use that on wallet-32 compatible with trezor.
Just like exporting only parts of the trezor DH-tree
Can I export the private key of one account only and use that on wallet-32 compatible with trezor.
Just like exporting only parts of the trezor DH-tree
You can't export any private information from TREZOR.
well, to be correct: you can export the root private seed at one point. In fact you should... onto a piece of paper or similar.
Jump to: