[ESHOP launched] Trezor: Bitcoin hardware wallet - page 196.

stick

sr. member

Activity: 441

Merit: 268

Quote from: klokan on May 30, 2014, 08:02:52 AM

Quote from: btcKaboom on May 30, 2014, 07:47:13 AM

but, if the recovery seed uses common words aren't they very easy for some one to guess and 'recover' the keys even without touching your device? they could just guess all combos?

There are 4,000,000,000,000,000,000,000,000,000,000,000,000,000 combinations of common words in BIP39 with 12 words (least secure choice) You can take your guess.

Also another problem is that you can't effectively check if the combination is correct. You need to derive the master public key, then you have to generate first account, then you have to generate first address, then you need to check it's transaction history. And still you might have missed a correct combination if the first address is unused for some reason (i.e. the user is deliberately avoiding the first address of first account because of this theoretical possibility of attack).

klokan

full member

Activity: 120

Merit: 100

Quote from: btcKaboom on May 30, 2014, 07:47:13 AM

this looks great.
but, if the recovery seed uses common words aren't they very easy for some one to guess and 'recover' the keys even without touching your device? they could just guess all combos?

one more thing, I can imagine this in a point of sale at the shops, the USB cable would be a little annoying.
blutooth maybe, but that is not very secure is it.
What about some device on the counter you push the trezor into a slot which lines up the usb and everything correctly.
you could take it out for a sec to check the details, then back in to send the tx.

There are 4,000,000,000,000,000,000,000,000,000,000,000,000,000 combinations of common words in BIP39 with 12 words (least secure choice) You can take your guess.

slush

legendary

Activity: 1386

Merit: 1097

Quote from: btcKaboom on May 30, 2014, 07:47:13 AM

but, if the recovery seed uses common words aren't they very easy for some one to guess and 'recover' the keys even without touching your device? they could just guess all combos?

http://www.bitcointrezor.com/faq/#how-can-seed-made-several-simple-words-be-more-sec

Quote

this in a point of sale at the shops

Trezor is primary bitcoin *safe*, not mobile wallet for spending coins in bar. Wallet for change money don't need to be as secure, because people usually don't take all their lifetime savings to bar.

I believe there's no need for custom bitcoin mobile wallet, because everybody will soon have smartphone or other general purpose device which will be able to keep small amounts of bitcoin.

btcKaboom

newbie

Activity: 26

Merit: 0

this looks great.
but, if the recovery seed uses common words aren't they very easy for some one to guess and 'recover' the keys even without touching your device? they could just guess all combos?

one more thing, I can imagine this in a point of sale at the shops, the USB cable would be a little annoying.
blutooth maybe, but that is not very secure is it.
What about some device on the counter you push the trezor into a slot which lines up the usb and everything correctly.
you could take it out for a sec to check the details, then back in to send the tx.

slush

legendary

Activity: 1386

Merit: 1097

Thanks :-)

chriswilmer

legendary

Activity: 1008

Merit: 1000

Quote from: slush on May 30, 2014, 07:14:20 AM

Quote from: chriswilmer on May 30, 2014, 06:56:33 AM

Bitcoin address labels
Account labels (instead of Account #1, Account #2, etc.)

This is planned for next release.

Quote

Tx Fee override?

Our conclusion of long discussions is that mytrezor won't allow custom tx fees. mytrezor is aiming mostly to common users and overriding fees can lead to unpredictable behaviour while sending transaction. As I know from teams of other clients, "I sent transaction and it is hanging unconfirmed. What should I do now?" is the most common reported issue which we want to avoid.

Fair enough!

I know a lot of people have said this already but.... YOU GUYS ROCK!!!!!!!!!!!!!!!!!!!!!

slush

legendary

Activity: 1386

Merit: 1097

Quote from: chriswilmer on May 30, 2014, 06:56:33 AM

Bitcoin address labels
Account labels (instead of Account #1, Account #2, etc.)

This is planned for next release.

Quote

Tx Fee override?

Our conclusion of long discussions is that mytrezor won't allow custom tx fees. mytrezor is aiming mostly to common users and overriding fees can lead to unpredictable behaviour while sending transaction. As I know from teams of other clients, "I sent transaction and it is hanging unconfirmed. What should I do now?" is the most common reported issue which we want to avoid.

chriswilmer

legendary

Activity: 1008

Merit: 1000

Quote from: cor on May 30, 2014, 05:53:06 AM

Quote from: xeroc on May 30, 2014, 05:35:57 AM

Quote from: cor on May 30, 2014, 05:35:09 AM

Quote from: kkurtmann on May 30, 2014, 12:27:00 AM

Sweet! So all the bugs should be worked out by the time my classic preorder arrives.

not just that.. we are also working on adding new funcionalities Wink

You have a public Roadmap/Feature List?

Multisig? P2SH?

sign text
multisend
spend all
multisig

etc..

Bitcoin address labels
Account labels (instead of Account #1, Account #2, etc.)
Tx Fee override?

cor

full member

Activity: 121

Merit: 100

Quote from: xeroc on May 30, 2014, 05:35:57 AM

Quote from: cor on May 30, 2014, 05:35:09 AM

Quote from: kkurtmann on May 30, 2014, 12:27:00 AM

Sweet! So all the bugs should be worked out by the time my classic preorder arrives.

not just that.. we are also working on adding new funcionalities Wink

You have a public Roadmap/Feature List?

Multisig? P2SH?

sign text
multisend
spend all
multisig

etc..

xeroc

sr. member

Activity: 345

Merit: 250

Quote from: cor on May 30, 2014, 05:35:09 AM

Quote from: kkurtmann on May 30, 2014, 12:27:00 AM

Sweet! So all the bugs should be worked out by the time my classic preorder arrives.

not just that.. we are also working on adding new funcionalities Wink

You have a public Roadmap/Feature List?

Multisig? P2SH?

cor

full member

Activity: 121

Merit: 100

Quote from: kkurtmann on May 30, 2014, 12:27:00 AM

Sweet! So all the bugs should be worked out by the time my classic preorder arrives.

not just that.. we are also working on adding new funcionalities Wink

kkurtmann

sr. member

Activity: 475

Merit: 250

Sweet! So all the bugs should be worked out by the time my classic preorder arrives.

slush

legendary

Activity: 1386

Merit: 1097

We've just deployed new version of myTREZOR.com which fixes many minor bugs reported by first Trezor users. Thank you for all your inputs!

slush

legendary

Activity: 1386

Merit: 1097

Quote from: Mandrik on May 28, 2014, 09:09:22 AM

Next to "Account #1" I can see the three loading bars, but none of the information is received.

This was caused by restarting backend server. I'm sorry for short downtime, it was back in 10 minutes.

Mandrik

member

Activity: 106

Merit: 11

My balance & transactions aren't displaying when I go to https://mytrezor.com. Next to "Account #1" I can see the three loading bars, but none of the information is received. I've tried a couple computers & USB cables, and the results are the same.

edit - nevermind, it works now. Tongue

I hit "Forget device," unplugged & replugged the Trezor, and then tried to connect via an incognito window. Loaded up instantly!

coininaction

member

Activity: 103

Merit: 10

Quote from: molecular on May 27, 2014, 06:37:23 AM

Quote from: coininaction on May 27, 2014, 04:43:27 AM

Quote

No. We want to keep the project independent and that’s why we have decided to do a crowdfunding. Instead of issuing shares, we will allow our early supporters to participate on our success by earning bitcoins from referral sales.

sounds great

where did you quote that from?

http://www.bitcointrezor.com/faq/#crowdfunding-pricing
Do you accept investment proposals or issue shares?

chriswilmer

legendary

Activity: 1008

Merit: 1000

Quote from: klokan on May 27, 2014, 08:49:08 AM

Quote from: slush on May 27, 2014, 07:16:19 AM

Quote from: chriswilmer on May 27, 2014, 06:44:51 AM

Can I use the Trezor recovery seed in Electrum (or Multibit) to restore my wallet?

Not yet. Client need to support BIP39 to understand Trezor's recovery seed.

This is probably not very convinient, but you can use 3rd tool like https://github.com/weilu/bip39 to generate priv key. However, if I understand it correctly, BIP39 is not enough and you will need BIP44 in addition to that to get your wallet priv key through derivation from what you get using the tool.

Thanks!

klokan

full member

Activity: 120

Merit: 100

Quote from: slush on May 27, 2014, 07:16:19 AM

Quote from: chriswilmer on May 27, 2014, 06:44:51 AM

Can I use the Trezor recovery seed in Electrum (or Multibit) to restore my wallet?

Not yet. Client need to support BIP39 to understand Trezor's recovery seed.

This is probably not very convinient, but you can use 3rd tool like https://github.com/weilu/bip39 to generate priv key. However, if I understand it correctly, BIP39 is not enough and you will need BIP44 in addition to that to get your wallet priv key through derivation from what you get using the tool.

chriswilmer

legendary

Activity: 1008

Merit: 1000

Quote from: slush on May 27, 2014, 07:16:19 AM

Quote from: chriswilmer on May 27, 2014, 06:44:51 AM

Can I use the Trezor recovery seed in Electrum (or Multibit) to restore my wallet?

Not yet. Client need to support BIP39 to understand Trezor's recovery seed.

Thanks. Been playing with my Trezor all morning... really awesome!

slush

legendary

Activity: 1386

Merit: 1097

Quote from: chriswilmer on May 27, 2014, 06:44:51 AM

Can I use the Trezor recovery seed in Electrum (or Multibit) to restore my wallet?

Not yet. Client need to support BIP39 to understand Trezor's recovery seed.

Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 196. (Read 966173 times)