Pages:
Author

Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 57. (Read 966249 times)

legendary
Activity: 3430
Merit: 3080
Isn't it possible to use an offline PC to sign the transaction using electrum+trezor and broadcast the transaction on a online PC

I too thought that was possible, but it's not.

It is not necessary. The point of the trezor is to be the offline computer.


Thanks, but I know. Offline Trezor usage is not what I'm interested in, protecting the chain of public keys is. My bad, I didn't leave the quotes for the whole discussion in the post.

Why are so keen in protecting your Extended Public key?   Please educate me.   I was under the impression that only protection of the Private keys was important.

Yep, privacy.

1. The 3rd parties who broadcast your Trezor transactions for you necessarily know the xpub (and possibly the entire public key seed too). That information could be used to discover all the money you have/had with that Trezor seed.  

2. If you want to use "Sign in with Trezor", depending on the way that scheme is implemented, could also reveal xpub or public key seed to the services you use it to sign in with. That provides a possible way to link your website profiles together (and the email, real name, real address, other real world info etc), and also to link those profiles with all the money you have/had with that Trezor seed.

I realise there are good reasons to trust MyTrezor.com, an Electrum server or a miner you resolve your Multibit SPV transactions with. But that doesn't account for hacks/mistakes at their end. My preference would be to eliminate the need to trust those people with the xpub information altogether. Rule #1 of keeping information off the internet: don't even make the information available to begin with.
sr. member
Activity: 475
Merit: 250
Because of privacy.
legendary
Activity: 3430
Merit: 3080
Isn't it possible to use an offline PC to sign the transaction using electrum+trezor and broadcast the transaction on a online PC

I too thought that was possible, but it's not.

It is not necessary. The point of the trezor is to be the offline computer.


Thanks, but I know. Offline Trezor usage is not what I'm interested in, protecting the chain of public keys is. My bad, I didn't leave the quotes for the whole discussion in the post.
legendary
Activity: 1512
Merit: 1005
Isn't it possible to use an offline PC to sign the transaction using electrum+trezor and broadcast the transaction on a online PC

I too thought that was possible, but it's not.

It is not necessary. The point of the trezor is to be the offline computer.
legendary
Activity: 3430
Merit: 3080
Isn't it possible to use an offline PC to sign the transaction using electrum+trezor and broadcast the transaction on a online PC

I too thought that was possible, but it's not.
sr. member
Activity: 434
Merit: 250
Running your own Electrum server: https://www.sky-ip.org/configure-electrum-server-debian-ubuntu.html

It appears that running your own Electrum server is the only way right now to use a Trezor while maintaining public key privacy. It's not so simple to setup, but the instructions seem comprehensive and well written.



Isn't it possible to use an offline PC to sign the transaction using electrum+trezor and broadcast the transaction on a online PC, kind of defeats the convenience of a trezor, but it shouldn't leak anything. Also, no need to setup your own server. ...?
legendary
Activity: 3430
Merit: 3080
Running your own Electrum server: https://www.sky-ip.org/configure-electrum-server-debian-ubuntu.html

It appears that running your own Electrum server is the only way right now to use a Trezor while maintaining public key privacy. It's not so simple to setup, but the instructions seem comprehensive and well written.

legendary
Activity: 3430
Merit: 3080

That information isn't complete. It does imply that there is no way of keeping your xpub/master public key private, but python-trezor isn't on the list.
legendary
Activity: 3430
Merit: 3080
https://github.com/trezor/python-trezor/blob/master/trezorctl#L317

Re:python-trezor

Looking at this part of the trezorctl.py code, it looks alot like transactions cannot be signed using python-trezor. What option is there for those who don't want xpubs and master xpubs disclosed to all the 3rd party services that offer Trezor transaction signing/broadcasting? Surely not nothing?
legendary
Activity: 1372
Merit: 1000
will you be doing the Stainless steel version again>?
full member
Activity: 126
Merit: 100
Was thinking of this or one of those usb ones(forgot the name of it).
Seems alot better than bit-core with all the problems they have had in the last few months.
sr. member
Activity: 441
Merit: 268

myTREZOR backend runs full node and I recently upgraded it to 0.10.2 so this should be a non-issue.
legendary
Activity: 1143
Merit: 1000

The same stuff, trezor holds privatecoins and can't see the blockchain thus imagine it as a hardware that only cointains a privkey; therefor, if you send anybitcoin to trezor's address you might receive it if its confirmed on the right blocks, if the transaction was built on an invalied SPV block you'll see that it will vanish since it was done in a fake blockchain, just wait 30 more confirmations to be sure.
legendary
Activity: 1708
Merit: 1066
Vouch for trezor!Using this all the time

im not exaclty that happy

mytrezor plugin freezes in firefox chrome and ie even before i plugin in the trezor on

 2 different machines one windows7 desktop

one vista laptop same mytrezor crashes freezes in all brozers even before i plugin device

im trying electrum now and trezor is hang at signing transaction for over one hour , i have latest firmware on trezor

i was geting 30 minutes 45 minutes 1 hour transaction signing times even before wen it was barelly workin with firefox


any ideas? im livid

heeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeelp


ps. i already tried different usb cables and on 2 different systems same result

also i installed electrum on 2 different pcs  and same results over 1 hour 2hour wait and signing transaction bar barelly moves

Try MultiBit HD.
It has support out of the box for Trezor (though only what's labelled 'Account 1' in myTrezor.com).

There's a bit of a sync when you first create a Trezor wallet (10 mins or so) whilst it trawls through the blockchain but after that it syncs from where you left off.

The integration really is plug in your Trezor and follow the instructions.
sr. member
Activity: 441
Merit: 268
mytrezor plugin freezes in firefox chrome and ie even before i plugin in the trezor on

Uninstall Plugin and try using Chrome Extension.
full member
Activity: 162
Merit: 100
Vouch for trezor!Using this all the time

im not exaclty that happy

mytrezor plugin freezes in firefox chrome and ie even before i plugin in the trezor on

 2 different machines one windows7 desktop

one vista laptop same mytrezor crashes freezes in all brozers even before i plugin device

im trying electrum now and trezor is hang at signing transaction for over one hour , i have latest firmware on trezor

i was geting 30 minutes 45 minutes 1 hour transaction signing times even before wen it was barelly workin with firefox


any ideas? im livid

heeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeelp


ps. i already tried different usb cables and on 2 different systems same result

also i installed electrum on 2 different pcs  and same results over 1 hour 2hour wait and signing transaction bar barelly moves
sr. member
Activity: 476
Merit: 250
Vouch for trezor!Using this all the time
hero member
Activity: 836
Merit: 1030
bits of proof
Can someone from the TREZOR team please let us know what to expect with regards to mytrezor.com and the acquisition of Bits Of Proof by Digital Asset Holdings.

http://www.coindesk.com/blythe-masters-blockchain-startups-hyperledger-bits-of-proof/

Yes. I would also like to know how much data Bits_of_Proof has about trezor users' habits that have connected to mytrezor.com that will become the property of Digital Assets Holdings?

Does Bits-of_Proof have any of the following:

- data about IP addresses used by mytrezor.com users connecting to mytrezor.com
- data about bitcoin public addresses used by mytrezor.com users
- data about timing of bitcoin transactions by mytrezor.com users
- data about sizes of bitcoin transactions by mytrezor.com users
??

Appreciate your candid and timely reply in ensuring faith with the open source community of trezor users and contributors.

Bits of Proof has no access to the servers of myTREZOR.

Bits of Proof wrote the software behind myTREZOR. It was a more than year ahead of alternate solutions, enabled the TREZOR product offer in the first place and has been serving thousands of customer daily since then.

The software was delivered in source code to Satoshilabs, was compiled and deployed by Satoshilabs. There were a few source code patches delivered and applied to the orginal code base, last in February this year. They were again applied and deployed by Satoshilabs.

I offered them a patch a few weeks ago for a marginal issue, they did not even reply to that message. I have no Idea if they used it.
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
Can someone from the TREZOR team please let us know what to expect with regards to mytrezor.com and the acquisition of Bits Of Proof by Digital Asset Holdings.

http://www.coindesk.com/blythe-masters-blockchain-startups-hyperledger-bits-of-proof/

Yes. I would also like to know how much data Bits_of_Proof has about trezor users' habits that have connected to mytrezor.com that will become the property of Digital Assets Holdings?

Does Bits-of_Proof have any of the following:

- data about IP addresses used by mytrezor.com users connecting to mytrezor.com
- data about bitcoin public addresses used by mytrezor.com users
- data about timing of bitcoin transactions by mytrezor.com users
- data about sizes of bitcoin transactions by mytrezor.com users
??

Appreciate your candid and timely reply in ensuring faith with the open source community of trezor users and contributors.

From what I understand Bits of Proof only supplied backend code to the Trezor team that was incorporated into the website. As far as I know Bits of Proof does not, and has never, had anything to do with the actual operation of the MyTrezor website. Possibly, someone from Team Trezor can confirm this?


As I understand, it was a piece of closed source, javascript plug-in to be specific. We would have to take Bits-of-Proof's word what it actually did, without serious wire analysis and deep packet inspection on it's comms. icbw
Pages:
Jump to: