Pages:
Author

Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 59. (Read 966249 times)

donator
Activity: 2772
Merit: 1019
Hey all, I just got a trezor and have a question.

Initially set it up w/ only PIN protection. If I enable password protection and leave some funds in the 'non password protected' accounts as well as the newly created 'password protected account'....

How does the recovery process work in this case? When doing the seed recovery process would I check the box 'password encrypted'(or w/e it is) ... if so would this restore both my 'non password protected' & 'password protected' accounts?(even tho the 'non password protected' accounts have no password?)

You should be able to use both "wallets" in parallel (or rather alternatingly) without using the restore process in between. Depending on which pw you use (empty or "something"), a different wallet is loaded. I don't know exactly how it works with myTrezor (I use electrum), but entering a different password (or no password) should do the trick.

Maybe someone who is doing this with myTrezor could chip in?

It doesn't matter if you set 'password encrypted' during recovery, you can change it later after recovery to access your password protected funds. The password function disabled technically is like entering an empty password so you can only access those funds while you have the feature disabled. Enable the feature and your other funds get accessible with the correct password.

tl-dr: yes it works, it will restore both (all) accounts.

I got ya guys, thanks! I see how it works now =)

Thats pretty badass you can have any number of password'd unique wallets on ur device!
Im guessing the way it works is the seed is simply encrypted w/ a password and the HD tree is generated from the encrypted seed unique to whatever password u use.

Yes, that is correct but if you forget the password you lose the coins, period. No way to recover them if you cannot remember the password(s).


No, that's not how it works.

wallet seed = device seed + passphrase

What I call "device seed" here (those are the words you write down) is not encrypted in any way (at least not with the passphrase). The passphrase is sent to the trezor device and simply added to that seed in some way (xor, concatenation + hash or something) and that results in the HD wallet seed used by the device to generate the wallet (addresses, xpub, private keys,...)

But of course it's true: you need the password(s) to access the wallet(s).

EDIT: here's the relevant code in the trezor firmware:

Code:
if (storage.has_passphrase_protection && storage.passphrase_protection && strlen(sessionPassphrase)) {
// decrypt hd node
uint8_t secret[64];
uint8_t salt[12];
memcpy(salt, "TREZORHD", 8);
layoutProgressSwipe("Waking up", 0);
pbkdf2_hmac_sha512((const uint8_t *)sessionPassphrase, strlen(sessionPassphrase), salt, 8, BIP39_PBKDF2_ROUNDS, secret, 64, get_root_node_callback);
aes_decrypt_ctx ctx;
aes_decrypt_key256(secret, &ctx);
aes_cbc_decrypt(sessionRootNode.chain_code, sessionRootNode.chain_code, 32, secret + 32, &ctx);
aes_cbc_decrypt(sessionRootNode.private_key, sessionRootNode.private_key, 32, secret + 32, &ctx);
}
memcpy(node, &sessionRootNode, sizeof(HDNode));

Now I'm not so sure any more Wink
legendary
Activity: 1246
Merit: 1024
Hey all, I just got a trezor and have a question.

Initially set it up w/ only PIN protection. If I enable password protection and leave some funds in the 'non password protected' accounts as well as the newly created 'password protected account'....

How does the recovery process work in this case? When doing the seed recovery process would I check the box 'password encrypted'(or w/e it is) ... if so would this restore both my 'non password protected' & 'password protected' accounts?(even tho the 'non password protected' accounts have no password?)

You should be able to use both "wallets" in parallel (or rather alternatingly) without using the restore process in between. Depending on which pw you use (empty or "something"), a different wallet is loaded. I don't know exactly how it works with myTrezor (I use electrum), but entering a different password (or no password) should do the trick.

Maybe someone who is doing this with myTrezor could chip in?

It doesn't matter if you set 'password encrypted' during recovery, you can change it later after recovery to access your password protected funds. The password function disabled technically is like entering an empty password so you can only access those funds while you have the feature disabled. Enable the feature and your other funds get accessible with the correct password.

tl-dr: yes it works, it will restore both (all) accounts.

I got ya guys, thanks! I see how it works now =)

Thats pretty badass you can have any number of password'd unique wallets on ur device!
Im guessing the way it works is the seed is simply encrypted w/ a password and the HD tree is generated from the encrypted seed unique to whatever password u use.

Yes, that is correct but if you forget the password you lose the coins, period. No way to recover them if you cannot remember the password(s).
legendary
Activity: 2450
Merit: 1002
Hey all, I just got a trezor and have a question.

Initially set it up w/ only PIN protection. If I enable password protection and leave some funds in the 'non password protected' accounts as well as the newly created 'password protected account'....

How does the recovery process work in this case? When doing the seed recovery process would I check the box 'password encrypted'(or w/e it is) ... if so would this restore both my 'non password protected' & 'password protected' accounts?(even tho the 'non password protected' accounts have no password?)

You should be able to use both "wallets" in parallel (or rather alternatingly) without using the restore process in between. Depending on which pw you use (empty or "something"), a different wallet is loaded. I don't know exactly how it works with myTrezor (I use electrum), but entering a different password (or no password) should do the trick.

Maybe someone who is doing this with myTrezor could chip in?

It doesn't matter if you set 'password encrypted' during recovery, you can change it later after recovery to access your password protected funds. The password function disabled technically is like entering an empty password so you can only access those funds while you have the feature disabled. Enable the feature and your other funds get accessible with the correct password.

tl-dr: yes it works, it will restore both (all) accounts.

I got ya guys, thanks! I see how it works now =)

Thats pretty badass you can have any number of password'd unique wallets on ur device!
Im guessing the way it works is the seed is simply encrypted w/ a password and the HD tree is generated from the encrypted seed unique to whatever password u use.
donator
Activity: 2772
Merit: 1019
While you guys are on this topic....

I plan on buying a Trezor in the next 2 or 3 weeks and was planning on buying 3 but it seems like this is not needed seeing as you can have more than one account on a Trezor.

Is my understanding correct in that you can have say a sort of 'hot' wallet or rather everyday use wallet (with no password) and then say two further wallets each with their own password. If one starts up the Trezor you then only need to enter the relevant password for the wallet you are trying to access?

If the above is correct, is there a limit on the number of wallets you can have on a single Trezor?



Yes, that's correct. Technically, the passphrase is added to the seed to generate the HD seed. Knowing that it's easy to see that one can generate a very large number of different wallets this way (probably even all possible wallets, but not sure about that).

I would call these "wallets", by the way, because "account" is already used inside HD wallets.
legendary
Activity: 1246
Merit: 1024
Is my understanding correct in that you can have say a sort of 'hot' wallet or rather everyday use wallet (with no password) and then say two further wallets each with their own password. If one starts up the Trezor you then only need to enter the relevant password for the wallet you are trying to access?

yes

If the above is correct, is there a limit on the number of wallets you can have on a single Trezor?

no (not practically at least, it's limited by the maximum amount of possible passwords)

Just keep in mind that if you forget a password the coins associated with that password are inaccessible forever. No way to recover from lost password as the password is used in the encryption to create a unique set of keys.
hero member
Activity: 527
Merit: 500
Is my understanding correct in that you can have say a sort of 'hot' wallet or rather everyday use wallet (with no password) and then say two further wallets each with their own password. If one starts up the Trezor you then only need to enter the relevant password for the wallet you are trying to access?

yes

If the above is correct, is there a limit on the number of wallets you can have on a single Trezor?

no (not practically at least, it's limited by the maximum amount of possible passwords)
sr. member
Activity: 336
Merit: 251
While you guys are on this topic....

I plan on buying a Trezor in the next 2 or 3 weeks and was planning on buying 3 but it seems like this is not needed seeing as you can have more than one account on a Trezor.

Is my understanding correct in that you can have say a sort of 'hot' wallet or rather everyday use wallet (with no password) and then say two further wallets each with their own password. If one starts up the Trezor you then only need to enter the relevant password for the wallet you are trying to access?

If the above is correct, is there a limit on the number of wallets you can have on a single Trezor?

hero member
Activity: 527
Merit: 500
Hey all, I just got a trezor and have a question.

Initially set it up w/ only PIN protection. If I enable password protection and leave some funds in the 'non password protected' accounts as well as the newly created 'password protected account'....

How does the recovery process work in this case? When doing the seed recovery process would I check the box 'password encrypted'(or w/e it is) ... if so would this restore both my 'non password protected' & 'password protected' accounts?(even tho the 'non password protected' accounts have no password?)

You should be able to use both "wallets" in parallel (or rather alternatingly) without using the restore process in between. Depending on which pw you use (empty or "something"), a different wallet is loaded. I don't know exactly how it works with myTrezor (I use electrum), but entering a different password (or no password) should do the trick.

Maybe someone who is doing this with myTrezor could chip in?

It doesn't matter if you set 'password encrypted' during recovery, you can change it later after recovery to access your password protected funds. The password function disabled technically is like entering an empty password so you can only access those funds while you have the feature disabled. Enable the feature and your other funds get accessible with the correct password.

tl-dr: yes it works, it will restore both (all) accounts.
donator
Activity: 2772
Merit: 1019
Hey all, I just got a trezor and have a question.

Initially set it up w/ only PIN protection. If I enable password protection and leave some funds in the 'non password protected' accounts as well as the newly created 'password protected account'....

How does the recovery process work in this case? When doing the seed recovery process would I check the box 'password encrypted'(or w/e it is) ... if so would this restore both my 'non password protected' & 'password protected' accounts?(even tho the 'non password protected' accounts have no password?)

You should be able to use both "wallets" in parallel (or rather alternatingly) without using the restore process in between. Depending on which pw you use (empty or "something"), a different wallet is loaded. I don't know exactly how it works with myTrezor (I use electrum), but entering a different password (or no password) should do the trick.

Maybe someone who is doing this with myTrezor could chip in?
legendary
Activity: 2450
Merit: 1002
Hey all, I just got a trezor and have a question.

Initially set it up w/ only PIN protection. If I enable password protection and leave some funds in the 'non password protected' accounts as well as the newly created 'password protected account'....

How does the recovery process work in this case? When doing the seed recovery process would I check the box 'password encrypted'(or w/e it is) ... if so would this restore both my 'non password protected' & 'password protected' accounts?(even tho the 'non password protected' accounts have no password?)
legendary
Activity: 1974
Merit: 1003
is the trezor back end down right now?   I just tried to pull up my wallet, but it keeps circling...

Is there a website or feed that displays when trezor is down?   That would be nice...  or a red light and a green light

Actually the red light and a green light is not a bad idea  Cheesy
legendary
Activity: 1456
Merit: 1001
This is the land of wolves now & you're not a wolf
is the trezor back end down right now?   I just tried to pull up my wallet, but it keeps circling...

Is there a website or feed that displays when trezor is down?   That would be nice...  or a red light and a green light
newbie
Activity: 55
Merit: 0
been playing around with the Linux Chrome extension.

i thought we were supposed to be able to construct and send tx's thru it alone w/o going to mytrezor.com?  i couldn't figure out any other way to do this than to go to mytrezor.com.

anyone else play with it?

is there any way to get the xpub off the Trezor and onto Mycelium by using the extension?

You configure it with the extension and when you use Mycelium just plug it in and select the accounts tab and add another account and select the hardware wallet option. (I don't think it shows the xpub but it does show qr codes for your addresses just like another other HD account)

so in other words, the extension is just for configuration purposes only?  it also forced me to go to myTrezor.com to add a password.  is that normal?
I know the extension was made in a way that configuration can occur without mytrezor.com (In fact you can do it all while your computer is offline if you were so inclined) but the extension is also used for mytrezor.com wallet features for those who want it. I don't remember the password part but that is easily spoofed with just entering a simple fake password. (Just don't use the addresses that it generates of course). For computer usage I use Electrum and Mycelium on phone. Both can share the same trezor.
legendary
Activity: 1764
Merit: 1002
been playing around with the Linux Chrome extension.

i thought we were supposed to be able to construct and send tx's thru it alone w/o going to mytrezor.com?  i couldn't figure out any other way to do this than to go to mytrezor.com.

anyone else play with it?

is there any way to get the xpub off the Trezor and onto Mycelium by using the extension?

You configure it with the extension and when you use Mycelium just plug it in and select the accounts tab and add another account and select the hardware wallet option. (I don't think it shows the xpub but it does show qr codes for your addresses just like another other HD account)

so in other words, the extension is just for configuration purposes only?  it also forced me to go to myTrezor.com to add a password.  is that normal?
newbie
Activity: 55
Merit: 0
been playing around with the Linux Chrome extension.

i thought we were supposed to be able to construct and send tx's thru it alone w/o going to mytrezor.com?  i couldn't figure out any other way to do this than to go to mytrezor.com.

anyone else play with it?

is there any way to get the xpub off the Trezor and onto Mycelium by using the extension?

You configure it with the extension and when you use Mycelium just plug it in and select the accounts tab and add another account and select the hardware wallet option. (I don't think it shows the xpub but it does show qr codes for your addresses just like another other HD account)
legendary
Activity: 1764
Merit: 1002
been playing around with the Linux Chrome extension.

i thought we were supposed to be able to construct and send tx's thru it alone w/o going to mytrezor.com?  i couldn't figure out any other way to do this than to go to mytrezor.com.

anyone else play with it?

is there any way to get the xpub off the Trezor and onto Mycelium by using the extension?
donator
Activity: 2772
Merit: 1019
Update for trezor on android is released or not?

Are you aware mycelium has trezor support now?
full member
Activity: 238
Merit: 100
Update for trezor on android is released or not?
hero member
Activity: 496
Merit: 500
Yes but there is a choice - the Trezor finds the addresses on demand and send to server via the web-page, or the webpage, knowing the XPUB, sends the addresses to the server, or the server gets the XPUB. Three possibilities. I looked over the bitcointrezor.com site in hope of finding the answer, but I didn't. So you are probably right, the XPUB is sent from the Trezor all the way to the server.

It's not #1, the Trezor doesn't know which outputs it owns, or which addresses are used.

Pretty sure it's #3, it makes the most sense. Otherwise the JS client would either have to send the server a large number of addresses at once, or check them a few at a time. Looking at the source code here, it seems to support this.
legendary
Activity: 1512
Merit: 1005
I thought they changed it.


They extended the Chrome app so that you can configure the Trezor without sending any data to Satoshi Labs (or anyone). However, myTREZOR (or the wallet of your choice) still needs to know which addresses have been used in order to determine your balance and history.

Yes but there is a choice - the Trezor finds the addresses on demand and send to server via the web-page, or the webpage, knowing the XPUB, sends the addresses to the server, or the server gets the XPUB. Three possibilities. I looked over the bitcointrezor.com site in hope of finding the answer, but I didn't. So you are probably right, the XPUB is sent from the Trezor all the way to the server.

Pages:
Jump to: