[ESHOP launched] Trezor: Bitcoin hardware wallet - page 44.

Lincoln6Echo

legendary

Activity: 2461

Merit: 1058

Don't use bitcoin.de if you care about privacy!

Quote from: vapourminer on April 26, 2016, 06:19:18 AM

just tried to use my trezor with the bridge from mytrezor.com. after multiple failed downloads the one copy that did make it down errored on install. then tried on firefox. same deal. the finished dl errors everywhere on install (cant write blah blah).

latest firefox and a brand new chrome install, win7 64 bit pro.

computer runs flawlessly with everything else. its this computer.

trezor runs fine on my phone, a note 4 with mycelium.

so whats up. user error I assume but..

How about using Trezor with electrum on this Computer? Does this work?

vapourminer

legendary

Activity: 4354

Merit: 3614

what is this "brake pedal" you speak of?

just tried to use my trezor with the bridge from mytrezor.com. after multiple failed downloads the one copy that did make it down errored on install. then tried on firefox. same deal. the finished dl errors everywhere on install (cant write blah blah).

latest firefox and a brand new chrome install, win7 64 bit pro.

computer runs flawlessly with everything else. its this computer.

trezor runs fine on my phone, a note 4 with mycelium.

so whats up. user error I assume but..

gravitate

legendary

Activity: 1372

Merit: 1000

Guys I need to sell this. I needf the BTC. Metalic Trezor WITH cryptosteel.:
https://bitcointalksearch.org/topic/wts-limited-edition-trezor-metallic-22-btc-unopened-1410576

Bridgewater

full member

Activity: 133

Merit: 100

Thanks for the information. I guess I need to spend more time learning Electrum.

After digging into it, it seems Iwas wrong, the Trezor+Electrum 2.6.4 currently does not work for truly offline signing.

When loading a transaction from file/text/whatever to sign with the Trezor, the Electrum plugin checks to see if the necessary inputs are present. In a truly offline Electrum wallet, synchronization will never take place, so the plugin will try to talk to the server and fail instead of simply instructing the hardware wallet to sign the transaction and let the online Electrum reconcile whether or not there's money to spend.

BitcoinNewsMagazine, I understand this is not a standard use case for the Trezor, but if I can get it to work, it will certainly give me an extra bit of security. Peace of mind that my (self-generated) mnemonic will never touch an online computer means I don't have to worry about the unlikely chance of the Trezor getting compromised (however minuscule the chances are)

Bridgewater

full member

Activity: 133

Merit: 100

Quote from: BitcoinNewsMagazine on April 18, 2016, 06:32:03 PM

Quote from: Bridgewater on April 18, 2016, 05:46:39 PM

I only setup ONE wallet with the Trezor after initializing it. Why are there two Master Public Keys?

In Electrum, it says I have "Account 1" and "Main Account."

I want to perform offline signing with the Trezor on an airgapped computer, with a watch-only Electrum for broadcasting, and would like to know which master public key to import for the watch-only side and why.

Thanks in advance.

Interesting idea but you are trying to use Trezor with Electrum in a way contrary to instructions in the user manual. A developer would have to chime in here.

Well I got it to work on Electrum 2.6.4 by importing the "Main Account" xpub on the watch-only Electrum on the online computer. Created transaction there, then loaded it up on the offline computer, plugged my Trezor in and signed it, then copied the signed transaction back to the watch-only Electrum to broadcast it. Still not sure where the "Account 1" xpub comes from or what it is for though.

Interestingly, my KeepKey did not work this way, while the Trezor did.

BitcoinNewsMagazine

legendary

Activity: 1806

Merit: 1164

Quote from: Bridgewater on April 18, 2016, 05:46:39 PM

I only setup ONE wallet with the Trezor after initializing it. Why are there two Master Public Keys?

In Electrum, it says I have "Account 1" and "Main Account."

I want to perform offline signing with the Trezor on an airgapped computer, with a watch-only Electrum for broadcasting, and would like to know which master public key to import for the watch-only side and why.

Thanks in advance.

Interesting idea but you are trying to use Trezor with Electrum in a way contrary to instructions in the user manual. A developer would have to chime in here.

Bridgewater

full member

Activity: 133

Merit: 100

I only setup ONE wallet with the Trezor after initializing it. Why are there two Master Public Keys?

In Electrum, it says I have "Account 1" and "Main Account."

I want to perform offline signing with the Trezor on an airgapped computer, with a watch-only Electrum for broadcasting, and would like to know which master public key to import for the watch-only side and why.

Thanks in advance.

AussieHash

hero member

Activity: 692

Merit: 500

Now live

BitcoinNewsMagazine

legendary

Activity: 1806

Merit: 1164

Quote from: defcon23 on April 10, 2016, 05:15:57 AM

Quote from: cypherdoc on April 09, 2016, 08:36:10 PM

Quote from: BitcoinNewsMagazine on April 09, 2016, 06:47:45 PM

I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!

that's interesting. any experience with Bitcore? is it just another implementation of Bitcoin Core as a full node?

sorry but isnt be a bit "off topic" ? whe are in Trezor Bitcoin hardware wallet thread ( no offense here , just to put a reminder.. Wink

Thanx.

Pardon? The ability to use Trezor and myTrezor.com with a backend other than Bits of Proof is on topic and a welcome advance. Just not here yet, slush mentioned 25 days ago would be implemented into myTrezor.com soon.

marcus_of_augustus

legendary

Activity: 3920

Merit: 2349

Eadem mutata resurgo

Quote from: klondike_bar on April 08, 2016, 01:31:00 PM

is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?

... another thing to note here is that the 'backing up' of trezor is no more than writing down the seed phrase.

I like to think of trezor as more of an empty vessel that generates keys on demand rather than a key container. You can have multiple wallets with different seed phrases and, depending on the purpose at the time, wipe the trezor and load up the seed phrase you currently need. If you get used to regularly wiping the trezor and loading new seeds on securely it makes the trezor more versatile in what it can accomplish.

defcon23

legendary

Activity: 1120

Merit: 1002

Quote from: cypherdoc on April 09, 2016, 08:36:10 PM

Quote from: BitcoinNewsMagazine on April 09, 2016, 06:47:45 PM

I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!

that's interesting. any experience with Bitcore? is it just another implementation of Bitcoin Core as a full node?

sorry but isnt be a bit "off topic" ? whe are in Trezor Bitcoin hardware wallet thread ( no offense here , just to put a reminder.. Wink

Thanx.

Carlton Banks

legendary

Activity: 3430

Merit: 3080

Quote from: BitcoinNewsMagazine on April 09, 2016, 10:05:19 PM

I assume you will have to run the daemon and the wallet service then point myTrezor.com to the wallet service as the backend instead of Bits of Proof. Uncharted waters here for me sounds like fun.

That's where the proposition loses me (using a web browser), not to mention that I have a feeling that Bitcore might be a somewhat of a can of worms..... I wouldn't really trust Bitpay (who develop Bitcore) to compile their own binaries, so I would have to do that for myself. And what if their tagged source won't compile? Contact Bitpay for help? There goes some of your anonymity straight away. Don't like it.

BitcoinNewsMagazine

legendary

Activity: 1806

Merit: 1164

Quote from: cypherdoc on April 09, 2016, 08:36:10 PM

Quote from: BitcoinNewsMagazine on April 09, 2016, 06:47:45 PM

I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!

that's interesting. any experience with Bitcore? is it just another implementation of Bitcoin Core as a full node?

No experience yet but will be setting up on linux soon. See https://bitcore.io/ both 64 bit Mac OS X and GNU/Linux are currently supported. I assume you will have to run the daemon and the wallet service then point myTrezor.com to the wallet service as the backend instead of Bits of Proof. Uncharted waters here for me sounds like fun.

cypherdoc

legendary

Activity: 1764

Merit: 1002

Quote from: BitcoinNewsMagazine on April 09, 2016, 06:47:45 PM

I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!

that's interesting. any experience with Bitcore? is it just another implementation of Bitcoin Core as a full node?

BitcoinNewsMagazine

legendary

Activity: 1806

Merit: 1164

I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo!

Carlton Banks

legendary

Activity: 3430

Merit: 3080

FWIW, If you want to look at it purely technically, features like deterministic signing and offline private keys are roughly equal between them (although heavily user dependent with Armory), but I've gotta say I'm a little bit more comfortable with Armory, but maybe that's because I've been using Armory so much longer and so it's more of a feeling than a critical evaluation. I simply like having a short hash comparison for the online and offline portions of signing/broadcasting transactions, and possibly the (maybe false sense of security) that scrutinising each and every step through composing, signing and broadcasting each tx. Saying that though, the Trezor is a little more convenient in about 10 different ways, lol. I guess I'll be happiest when goatpig gets Trezor support into Armory Cool

(which is possibly not so long in the making, I'll probably be helping to test it)

cypherdoc

legendary

Activity: 1764

Merit: 1002

Quote from: Carlton Banks on April 09, 2016, 04:50:27 AM

Quote from: klondike_bar on April 08, 2016, 01:31:00 PM

is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?

It depends on what the changes in the firmware are.

If anything in the changelog is related to security issues, especially something described as "urgent" or "severe", update update update. Anything about adding a new altcoin, or fixing a bug you've never experienced, you will be OK.

I guess you're living proof that missing security updates isn't guaranteed to compromise your device. But to me, hardware wallets are about ultimate protection of BTC accounts, knowing that attackers are now aware of flaws in the firmware I'm running would cause me concern.

My recommendation for securely updating the firmware: use an offline PC for the update.

Download firmware from as secure machine as possible
Burn the firmware to CD-ROM (yes, CD-ROM)
Take a hash of the files burnt onto the CD-ROM (or take an image file of the whole CD and do the same)
Ensure that CD/USB autoplay etc is disabled on OFF-line machine
Take a hash of the files/CD image on the OFF-line machine
Compare to the hash you took using the ON-line machine (the file/s you supply to the hash command must be the same comparison)
If the hashes match, proceed with the firmware flashing on the offline machine using your newly hash-checked update file/s.
If the hashes do not match, find a new online machine and try again

I would take similar levels of precaution when installing the OS to the offline machine in the first place, otherwise you might end up with a trojaned/backdoored OS on the offline machine, and the the whole rigmarole may be a total waste of time (particularly if you did compromise your funds somehow due to the oversight)

Carlton, out of curiosity. which platform do you view as more secure today; Armory or Trezor?

sana98212

newbie

Activity: 31

Merit: 0

Quote from: klondike_bar on April 08, 2016, 01:31:00 PM

my trezor is still using firmware from about a year ago and working just fine.

is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?

You could be fine except for the problem you may get if you want to use it with a new coin only coming in the last updates.
My trezor had 2 year old firmware.

Carlton Banks

legendary

Activity: 3430

Merit: 3080

Quote from: klondike_bar on April 08, 2016, 01:31:00 PM

is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?

It depends on what the changes in the firmware are.

If anything in the changelog is related to security issues, especially something described as "urgent" or "severe", update update update. Anything about adding a new altcoin, or fixing a bug you've never experienced, you will be OK.

I guess you're living proof that missing security updates isn't guaranteed to compromise your device. But to me, hardware wallets are about ultimate protection of BTC accounts, knowing that attackers are now aware of flaws in the firmware I'm running would cause me concern.

My recommendation for securely updating the firmware: use an offline PC for the update.

Download firmware from as secure machine as possible
Burn the firmware to CD-ROM (yes, CD-ROM)
Take a hash of the files burnt onto the CD-ROM (or take an image file of the whole CD and do the same)
Ensure that CD/USB autoplay etc is disabled on OFF-line machine
Take a hash of the files/CD image on the OFF-line machine
Compare to the hash you took using the ON-line machine (the file/s you supply to the hash command must be the same comparison)
If the hashes match, proceed with the firmware flashing on the offline machine using your newly hash-checked update file/s.
If the hashes do not match, find a new online machine and try again

I would take similar levels of precaution when installing the OS to the offline machine in the first place, otherwise you might end up with a trojaned/backdoored OS on the offline machine, and the the whole rigmarole may be a total waste of time (particularly if you did compromise your funds somehow due to the oversight)

klondike_bar

legendary

Activity: 2128

Merit: 1005

ASIC Wannabe

my trezor is still using firmware from about a year ago and working just fine.

is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?

Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 44. (Read 966173 times)