Pages:
Author

Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 44. (Read 966246 times)

legendary
Activity: 2461
Merit: 1058
Don't use bitcoin.de if you care about privacy!
just tried to use my trezor with the bridge from mytrezor.com. after multiple failed downloads the one copy that did make it down errored on install. then tried on firefox. same deal. the finished dl errors everywhere on install (cant write blah blah).

latest firefox and a brand new chrome install, win7 64 bit pro.

computer runs flawlessly with everything else. its this computer.

trezor runs fine on my phone, a note 4 with mycelium.

so whats up. user error I assume but..

How about using Trezor with electrum on this Computer? Does this work?
legendary
Activity: 4354
Merit: 3614
what is this "brake pedal" you speak of?
just tried to use my trezor with the bridge from mytrezor.com. after multiple failed downloads the one copy that did make it down errored on install. then tried on firefox. same deal. the finished dl errors everywhere on install (cant write blah blah).

latest firefox and a brand new chrome install, win7 64 bit pro.

computer runs flawlessly with everything else. its this computer.

trezor runs fine on my phone, a note 4 with mycelium.

so whats up. user error I assume but..
legendary
Activity: 1372
Merit: 1000
Guys I need to sell this. I needf the BTC. Metalic Trezor WITH cryptosteel.:
https://bitcointalksearch.org/topic/wts-limited-edition-trezor-metallic-22-btc-unopened-1410576
full member
Activity: 133
Merit: 100
Thanks for the information. I guess I need to spend more time learning Electrum.

After digging into it, it seems Iwas wrong, the Trezor+Electrum 2.6.4 currently does not work for truly offline signing. 

When loading a transaction from file/text/whatever to sign with the Trezor, the Electrum plugin checks to see if the necessary inputs are present. In a truly offline Electrum wallet, synchronization will never take place, so the plugin will try to talk to the server and fail instead of simply instructing the hardware wallet to sign the transaction and let the online Electrum reconcile whether or not there's money to spend.

BitcoinNewsMagazine, I understand this is not a standard use case for the Trezor, but if I can get it to work, it will certainly give me an extra bit of security.  Peace of mind that my (self-generated) mnemonic will never touch an online computer means I don't have to worry about the unlikely chance of the Trezor getting compromised (however minuscule the chances are)
full member
Activity: 133
Merit: 100
I only setup ONE wallet with the Trezor after initializing it.  Why are there two Master Public Keys?

In Electrum, it says I have "Account 1"  and "Main Account."

I want to perform offline signing with the Trezor on an airgapped computer, with a watch-only Electrum for broadcasting, and would like to know which master public key to import for the watch-only side and why.

Thanks in advance.


Interesting idea but you are trying to use Trezor with Electrum in a way contrary to instructions in the user manual. A developer would have to chime in here.

Well I got it to work on Electrum 2.6.4 by importing the "Main Account" xpub on the watch-only Electrum on the online computer.  Created transaction there, then loaded it up on the offline computer, plugged my Trezor in and signed it, then copied the signed transaction back to the watch-only Electrum to broadcast it.  Still not sure where the "Account 1" xpub comes from or what it is for though.

Interestingly, my KeepKey did not work this way, while the Trezor did.
legendary
Activity: 1806
Merit: 1164
I only setup ONE wallet with the Trezor after initializing it.  Why are there two Master Public Keys?

In Electrum, it says I have "Account 1"  and "Main Account."

I want to perform offline signing with the Trezor on an airgapped computer, with a watch-only Electrum for broadcasting, and would like to know which master public key to import for the watch-only side and why.

Thanks in advance.


Interesting idea but you are trying to use Trezor with Electrum in a way contrary to instructions in the user manual. A developer would have to chime in here.
full member
Activity: 133
Merit: 100
I only setup ONE wallet with the Trezor after initializing it.  Why are there two Master Public Keys?

In Electrum, it says I have "Account 1"  and "Main Account."

I want to perform offline signing with the Trezor on an airgapped computer, with a watch-only Electrum for broadcasting, and would like to know which master public key to import for the watch-only side and why.

Thanks in advance.

hero member
Activity: 692
Merit: 500
legendary
Activity: 1806
Merit: 1164
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!

that's interesting.  any experience with Bitcore?  is it just another implementation of Bitcoin Core as a full node?
sorry but isnt be a bit "off topic" ? whe are in Trezor Bitcoin hardware wallet  thread (  no offense here , just to put a reminder.. Wink Thanx.

Pardon? The ability to use Trezor and myTrezor.com with a backend other than Bits of Proof is on topic and a welcome advance. Just not here yet, slush mentioned 25 days ago would be implemented into myTrezor.com soon. 
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?

... another thing to note here is that the 'backing up' of trezor is no more than writing down the seed phrase.

I like to think of trezor as more of an empty vessel that generates keys on demand rather than a key container. You can have multiple wallets with different seed phrases and, depending on the purpose at the time, wipe the trezor and load up the seed phrase you currently need. If you get used to regularly wiping the trezor and loading new seeds on securely it makes the trezor more versatile in what it can accomplish.
legendary
Activity: 1120
Merit: 1002
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!

that's interesting.  any experience with Bitcore?  is it just another implementation of Bitcoin Core as a full node?
sorry but isnt be a bit "off topic" ? whe are in Trezor Bitcoin hardware wallet  thread (  no offense here , just to put a reminder.. Wink Thanx.
legendary
Activity: 3430
Merit: 3080
I assume you will have to run the daemon and the wallet service then point myTrezor.com to the wallet service as the backend instead of Bits of Proof. Uncharted waters here for me sounds like fun.

That's where the proposition loses me (using a web browser), not to mention that I have a feeling that Bitcore might be a somewhat of a can of worms..... I wouldn't really trust Bitpay (who develop Bitcore) to compile their own binaries, so I would have to do that for myself. And what if their tagged source won't compile? Contact Bitpay for help? There goes some of your anonymity straight away. Don't like it.
legendary
Activity: 1806
Merit: 1164
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!

that's interesting.  any experience with Bitcore?  is it just another implementation of Bitcoin Core as a full node?

No experience yet but will be setting up on linux soon. See https://bitcore.io/ both 64 bit Mac OS X and GNU/Linux are currently supported. I assume you will have to run the daemon and the wallet service then point myTrezor.com to the wallet service as the backend instead of Bits of Proof. Uncharted waters here for me sounds like fun.
legendary
Activity: 1764
Merit: 1002
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!

that's interesting.  any experience with Bitcore?  is it just another implementation of Bitcoin Core as a full node?
legendary
Activity: 1806
Merit: 1164
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!
legendary
Activity: 3430
Merit: 3080
FWIW, If you want to look at it purely technically, features like deterministic signing and offline private keys are roughly equal between them (although heavily user dependent with Armory), but I've gotta say I'm a little bit more comfortable with Armory, but maybe that's because I've been using Armory so much longer and so it's more of a feeling than a critical evaluation. I simply like having a short hash comparison for the online and offline portions of signing/broadcasting transactions, and possibly the (maybe false sense of security) that scrutinising each and every step through composing, signing and broadcasting each tx. Saying that though, the Trezor is a little more convenient in about 10 different ways, lol. I guess I'll be happiest when goatpig gets Trezor support into Armory Cool (which is possibly not so long in the making, I'll probably be helping to test it)
legendary
Activity: 1764
Merit: 1002
is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?

It depends on what the changes in the firmware are.

If anything in the changelog is related to security issues, especially something described as "urgent" or "severe", update update update. Anything about adding a new altcoin, or fixing a bug you've never experienced, you will be OK.

I guess you're living proof that missing security updates isn't guaranteed to compromise your device. But to me, hardware wallets are about ultimate protection of BTC accounts, knowing that attackers are now aware of flaws in the firmware I'm running would cause me concern.

My recommendation for securely updating the firmware: use an offline PC for the update.

  • Download firmware from as secure machine as possible
  • Burn the firmware to CD-ROM (yes, CD-ROM)
  • Take a hash of the files burnt onto the CD-ROM (or take an image file of the whole CD and do the same)
  • Ensure that CD/USB autoplay etc is disabled on OFF-line machine
  • Take a hash of the files/CD image on the OFF-line machine
  • Compare to the hash you took using the ON-line machine (the file/s you supply to the hash command must be the same comparison)
  • If the hashes match, proceed with the firmware flashing on the offline machine using your newly hash-checked update file/s.
  • If the hashes do not match, find a new online machine and try again


I would take similar levels of precaution when installing the OS to the offline machine in the first place, otherwise you might end up with a trojaned/backdoored OS on the offline machine, and the the whole rigmarole may be a total waste of time (particularly if you did compromise your funds somehow due to the oversight)

Carlton, out of curiosity.  which platform do you view as more secure today; Armory or Trezor?
newbie
Activity: 31
Merit: 0
my trezor is still using firmware from about a year ago and working just fine.

is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?

You could be fine except for the problem you may get if you want to use it with a new coin only coming in the last updates.
My trezor had 2 year old firmware.
legendary
Activity: 3430
Merit: 3080
is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?

It depends on what the changes in the firmware are.

If anything in the changelog is related to security issues, especially something described as "urgent" or "severe", update update update. Anything about adding a new altcoin, or fixing a bug you've never experienced, you will be OK.

I guess you're living proof that missing security updates isn't guaranteed to compromise your device. But to me, hardware wallets are about ultimate protection of BTC accounts, knowing that attackers are now aware of flaws in the firmware I'm running would cause me concern.

My recommendation for securely updating the firmware: use an offline PC for the update.

  • Download firmware from as secure machine as possible
  • Burn the firmware to CD-ROM (yes, CD-ROM)
  • Take a hash of the files burnt onto the CD-ROM (or take an image file of the whole CD and do the same)
  • Ensure that CD/USB autoplay etc is disabled on OFF-line machine
  • Take a hash of the files/CD image on the OFF-line machine
  • Compare to the hash you took using the ON-line machine (the file/s you supply to the hash command must be the same comparison)
  • If the hashes match, proceed with the firmware flashing on the offline machine using your newly hash-checked update file/s.
  • If the hashes do not match, find a new online machine and try again


I would take similar levels of precaution when installing the OS to the offline machine in the first place, otherwise you might end up with a trojaned/backdoored OS on the offline machine, and the the whole rigmarole may be a total waste of time (particularly if you did compromise your funds somehow due to the oversight)
legendary
Activity: 2128
Merit: 1005
ASIC Wannabe
my trezor is still using firmware from about a year ago and working just fine.

is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?
Pages:
Jump to: