Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 263. (Read 966173 times)

IMHO, an impossible to re-flash hardware is much more "security freakishness" than password-protected files...

And, why making an impossible to re-flash or read keys hardware if the whole wallet will likely be stored unencrypted on paper in the same physical building than the device? Somebody with physical access to the device will likely have physical access to the paper backup.

Finally, if you don't consider encrypting the keys in the device, then you're not considering plausible deniability. Somebody willing to physically steal the device is much more likely to simply physically force the user to give him the money ($5 wrench attack). If you don't have multiple encrypted volumes, and you're not some sort of Rambo capable of counter-attack in meatspace, then you lose.


I know. I just think it'd be nice if everybody could easily have the option of having the same level of safety and security as well, including people who don't know what the heck a "live distro" is.


Pardon my ignorance, but why does it need to be initialized on an unsecured machine?


PS; Please don't take what I say here as bashing criticism. Even if this device is not "physically safe/secure" at all, it would still be awesome as a protection against hackers, which are the real danger most bitcoin users face today - and will remain the sole sensible danger for years. So, just want to make sure you understand I fully support your initiative either way. I'd just like it more if it had these encryption features, that's all.


EDIT: Sorry, I had not seen the previous message:


Again I respectfully disagree. Most young people at least would likely find it easier to store things on their google accounts than to physically store paper in an organized and safe manner. But anyway, that's now pointless, since...


If that's the case, then yeah, there's no way to encrypt things on the device.

Even small keybords like those in some cellphones are that expensive? I'm really ignorant on this.


If it's cheap enough, different people could have their different devices anyway. It's definitely not a showstopper not to be multiuser.

We're targeting to average users, for common usage. But security freaks are free to boot live distro from trusted source, write down the seed to text file, encrypt that and do with it whatever they want. Actually if you know what you're doing, you'll make encrypted backup of the seed in less than 10 minutes.

However, as I said, it is almost impossible to encrypt the seed while initializing the device on untrusted machine, so encrypting seed during this process would be false promise.

For average user, keeping piece of paper in secret is much easier than to store piece of digital information for long enough time (for years). Don't forget that most of users don't do backups and if so, they do it in wrong way.

Actually Bitcoins are usually the only case why people must care about security of their computers. Except of bitcoins, users stores on their computers mostly photos from their holiday, which are uploaded on Facebook anyway, so data loss isn't so big issue there.

In the opposite of digital information, people are used to store physical things safely as all of them are doing so for some important documents or money. Purpose of this project is to make Bitcoin as much physical as possible, so people don't need to change their habits.


We considered multi-wallet support like this and it would be possible, but it goes against of our motto - make it now and make it easy. All of these ideas are making the device more complicated even for usage (wallet won't be recognized automatically when plugged into computer). However I might consider this in the future for "advanced" product version.

Fine enough, as long as the passphrase is typed only in the secure device, which will be the one encrypting it. I shouldn't need another secure device only to backup. Actually, I wouldn't bother if the paper backup is already printed encrypted. This way I can safely scan the paper in a unsecured device and back it up.


A passphrase need not to be super complex, it only need to be long. The device could display a strength meter. And, again, this doesn't need to be the sole option, it could still have a printer.
Plus, I hardly think people would store the value for decades and never reopen the wallet in between. This is more like your "bank account", the place where you store your salary for instance. You take some money out with the same frequency you go to an ATM. People normally don't put their life savings in "money", it's usually in the form of financial assets. (it's true that if this device supports OT, perhaps one day people could actually have their life savings in it... but still, they would open the wallet once in a while)


I respectfully disagree - unless the content printed is encrypted.


If you want the user to be fully responsible of his security, why even bother with this project? We should help them, and I honestly believe an encrypted backup on the cloud is safer than a piece of paper.


I only know one person who has a safe at home - and that's because he's a gun owner, legally required to keep his gun in a safe. I actually have never seen a home with a safe. But anyway, that's just me. It's possible to please everyone here.

Dere ya go:

Why not just type the paper backup into a .txt file, and encrypt that?

Honestly, asking people to type a passphrase and expecting them to make it complicated enough that it cannot be hacked in any reasonable number of years (at least until well past the time they die) as well as not forget it is just as impractical as a piece of paper.  Guess how they are going to remember their complex decades-future-proofed password? 

And that's even assuming they choose a password strong enough!  Anyone who doesn't would have a good chance of their coins being stolen from their "ultra secure" device, and sudden, that device gets a bad rap from it.

No, slush is making a very wise choice in only supporting paper/manual backups.  It puts all the blame unquestionably on the user if anything bad happens.  People put all kinds of valuables in safes and fire safes in their homes - why would this need be any different?  Write down the seed, put it in the safe, and it's there along with other things like jewelry, gold, and social security cards.  I would hope people aren't storing paper backups just any old place in their house...!

First of all, my sincere congratulations for the initiative!


I'm really not a big fan of paper backups. There are so many ways paper could be destroyed/lost, and there's no way to encrypt paper and send it safely to remote backup servers distributed all over the globe. Plus, if you consider an attacker gaining physical access to the device, you should consider him getting physical access to the paper backup too.

I'd strongly suggest an alternative: allow the user to type a passphrase during initialization. Use this passphrase to encrypt the seed and save only the encrypted copy outside the device via USB. Obviously, instruct the user to use a strong passphrase and to back up the file as much as he can.

I realize that I can scan the paper backup, encrypt it and do it myself. But then again, I would need a safe device just for this task...


Cool. These are important features. But honestly, a thief willing to physically steal the device will likely not even bother hacking it, he'll just perform a $5 wrench attack (or variant) and get the money.
The only potential protection I can think of against $5 wrench attacks is plausible deniability (hidden volumes) - and even that will not protect you if the attacker knows how much money you've got.

By the way, "plausible deniability" may also translate to "multiuser". Each wallet user may have a different password (plus a few "fake users" just for the thieves ), which would represent a different hidden volume in the device. This way, a family for example could share the same device, with each family member having its own wallet. I think you should consider implementing this, not only for security reasons, but also for this nice safe multiuser feature.


Me too!


That could be quite cool too! Particularly if you could easily run an OT-server in it. If I understand OT correctly, you may have multiple servers and exchange tokens from different servers, can't you? This way each asset issuer could easily have their own safe servers, even those issuers which are not tech savvy people. But something tells me that you cannot have a server in the device while preserving its strong security constraints... a server would likely need to be upgraded frequently, I suppose. Even still, it'd be safer than using a generic computer.

Very nice, love that project !

Well tought, seems to me that this project have real good chance to become a widely sold/used product !

Congratulations   Keep up the good work, I'll enjoy reading developpement about it

I've no usable knowledge to help, but if any funds needed for a mass production startup, I'll sure participate in raising funds !


Slush, AFAIK, you made the first mining pool, I'm confident you and the community that help you will manage to acheive successfully this nice project !

Long live to everybody participating to this

Can I preorder please?

Very nice project. Let's see if we can get PG to design a leather carry case for this nifty wallet.

Not yet, we're still evaluating final platform and the design of the casing, which can move final price in tens of percents in both direction. And I don't want to give you false promises...


Definitely yes!

We discussed that option with audio jack heavily and we rejected the idea for now. By a coincidence stick has some experience with this interface. The reason for "not now" is that we don't want to focus just for Apple devices and it is really hard to implement audio interface correctly for wide range of Andoid devices because of significant differences in specifications between various Andoid phones manufacturers.

So our primary target is to finalize first product which will talk to desktop machines over the USB and if the product will be succesful, then continue with alternative solutions like this.

Any estimated price?. And, would it be payable in Bitcoins?

You should make it pluggable to iPhone,
like this:

If it's going to be open-source, I'd like to help with UIX for the device.

Well, both software and hardware design will be opensource, so everybody interested in peer review is welcome. We're already in touch with one security group which will potentially make professional security review of the design.

How about hardening the device against side-channel attacks by organizing a hackaton following the beta release? Could be part of some Bitcoin conference if timing is right.

There will be two different devices - one for DYI hackers, built on Raspberry Pi and second on custom hardware.

You can install anything you want on that RPi device (although it won't be recommended for security reasons!). Second device will be running custom software directly on 70MHz processor without any operating system, with built-in 128kB flash ROM...

I want one immediately.

Very exciting!

I am interested in this for OT. What can you tell us about the platform, OS, RAM, etc? I would like to make sure OT is able to run on your device.