Author

Topic: PiTrezor DIY Hardware Wallet (with a twist) (Read 236 times)

legendary
Activity: 2212
Merit: 7064
August 20, 2021, 04:44:02 AM
#17
I have a question about this DIY Trezor One.. I have a Pi, I've tried it myself but I'm a bit reluctant to use it as a HW replacement. Is 8t as safe as a Trezor One provided I followed all steps carefully or are there more risks/flaws with this DIY version than there are
with a Trezor?
I would not use PiTrezor for holding all your coins but more as spending wallet for smaller amount of coins.
Code is open source so you can investigate it yourself, it is almost identical to Trezor One code with few alterations like language change, and it exist for years that means it has been reviewed by more people.
Only difference is that you can remove SDcard but you can also add epoxy glue yourself and make it more like Coldcard and even better than original Trezor, or you can just remove and hide your SDcard.
With multiple passphrases added to your wallet it would be hard for anyone to get your coins even if he gets access to your SDcard and seed words.

How do you know that all hardware wallet manufacturers are already not cooperating with government agencies and that information about who purchased what devices hasn't been shared or sold for years? Doesn't matter if they are open or closed-source, your purchases can still be leaked.
I am 100% sure that Ledger leaked ALL customer information multiple times, so why should I trust them about anything they say when they are amateurs.
There are things you can do when purchasing hardware wallets, PO boxes, alternative address and name, so that nobody would know if you purchased a wallet, but having hidden backdoors are much worse than this and you never know with closed source.
legendary
Activity: 2730
Merit: 7065
For example, how do we know our pubkeys are not being shared around with governments or intel agencies (or Ledger themselves)?
I understand what you are saying and it makes sense. I don't want to derail this topic in discussing possible cooperation of hardware wallet manufacturers with government agencies, but since you brought it up, I will just ask one more thing? How do you know that all hardware wallet manufacturers are already not cooperating with government agencies and that information about who purchased what devices hasn't been shared or sold for years? Doesn't matter if they are open or closed-source, your purchases can still be leaked.
HCP
legendary
Activity: 2086
Merit: 4361
Well... given that to access all the memory you simply need to extract the SDCard and read it as opposed to having to open a sealed unit and downloading data from the flash memory, then I guess one could argue that it's potentially "easier" to execute certain attacks on the PiTrezor than on a standard Trezor ONE.

Otherwise, assuming all the steps are followed, I'd say they are comparable in terms of security etc... with the disclaimer that I have not personally audited the PiTrezor code.
legendary
Activity: 1134
Merit: 1598
What are you basing this on regarding Ledger being totally closed-source? Has it something to do with the reproducibility? The code handling the secure element is closed-source. The Ledger Live app, and the rest of the wallet is open-source if I am not mistaken.

If we can say that nothing bad has happened with Trezor despite them not using a secure element and having a non-fixable seed extraction bug, why can't we say that nothing bad has happened with Ledger devices despite them having a closed-source secure element? Wouldn't you agree? The data leak has nothing to do with it.

Trezor is developing a new and open-source secure element, but they even said themselves that not all components of it will be completely open-source. So, it's again a partially closed-source device even if 99.9% of the code is open-source.    
Do you define "nothing bad" as in no bad happening has been exposed to the public yet? To me personally, it's much more than that.

For example, how do we know our pubkeys are not being shared around with governments or intel agencies (or Ledger themselves)? If a government seizes your Ledger, are they able to bypass security since the Secure Element is closed-source and we have no idea what it does? Are seeds acultually easier to extract from a Ledger through a collab between the Ledger company and a government? I do not think there is any public case in which Ledger has refused the request of a specific gov to hand out proprietary sources, and that's good and concerning at the same time.

To me, closed source means doubts. If something is advertised as safe/secure yet nobody know what it truly does, it cancels the effect of safety/security for me.

That might be just me though. For me, how good/bad the security of a HW is does not only mean whether there has been a history of thefts/vulnerabilities yet. If a government is making use of these SEs, they will most likely never tell you about it publicly.



I have a question about this DIY Trezor One.. I have a Pi, I've tried it myself but I'm a bit reluctant to use it as a HW replacement. Is 8t as safe as a Trezor One provided I followed all steps carefully or are there more risks/flaws with this DIY version than there are
with a Trezor?
legendary
Activity: 2212
Merit: 7064
What are you basing this on regarding Ledger being totally closed-source? Has it something to do with the reproducibility? The code handling the secure element is closed-source. The Ledger Live app, and the rest of the wallet is open-source if I am not mistaken.
Dude I don't care about crappy ledger live app, all their hardware wallet FIRMWARE is 100% closed source and you can confirm that on github doing some basic search.
It has nothing to do with reproducible code, it's just closed source junk like Safepal, Coolwallet, D'CENT and others, so there is nothing to reproduce.
Other hardware wallets are open source, and they have closed source secure elements (ColdCard, BitBox, Passport, Keystone...) so it is possible to make it like that if you want.
legendary
Activity: 2730
Merit: 7065
Not exactly true. Ledger is totally closed source...
What are you basing this on regarding Ledger being totally closed-source? Has it something to do with the reproducibility? The code handling the secure element is closed-source. The Ledger Live app, and the rest of the wallet is open-source if I am not mistaken.

If we can say that nothing bad has happened with Trezor despite them not using a secure element and having a non-fixable seed extraction bug, why can't we say that nothing bad has happened with Ledger devices despite them having a closed-source secure element? Wouldn't you agree? The data leak has nothing to do with it.

Trezor is developing a new and open-source secure element, but they even said themselves that not all components of it will be completely open-source. So, it's again a partially closed-source device even if 99.9% of the code is open-source.   
legendary
Activity: 2212
Merit: 7064
This is cool and most of the component are easy to obtain. But since the microSD could be removed easily, what kind of data could be extracted from it?
Everything is stored on SDcard on PiTrezor and that is the main difference compared with original Trezor wallet,
SD card here have the same function like flash memory in Trezor so anyone with that SD card can access your seed words and get your private key.
That is why adding Passphrase is mandatory for PiTrezor, and removing SDcard separating it from wallet on different place is also good for security, even better than on Trezor.
legendary
Activity: 2212
Merit: 7064
and maybe more vector attacks?
I don't use bunch of shitcoins so I don't care about that, but I know that Trezor model T supports monero, unlike Trezor One.

AFAIK, Pi has no secure element inside so all procedures on generation of keys, their hold and security were left to the  mercy  of code which might  have flaws that open doors to malicious apps relevant to those coins.  I would not trust any homemade product when it comes to cryptocurrencies you posses. Saving a few bucks...hmm, it's not worth it.
Have you seen list I created with hardware wallets with secure elements?
All of them have secure elements but that doesn't make them any better, especially if they are closed source like ledger, they can hide backdoor code for years.
Using passphrase with open source hardware wallet is much better than using closed source cat in the bag hardware wallet.

Speaking of closed source, it's closed exclusively for microcode which runs the security element  and it's not as bad in regard to hardware wallet as it looks.
Not exactly true. Ledger is totally closed source, same like Safepal hardware wallet, maybe BitBox, Coldcard and few other wallets operate like that.
Anom phones also had hidden fbi backdoors and nobody knew about that for years, and you see how closed source iPhone now started to track what people are doing on their phones.

A very cool little DIY project... One of the advantages that the "Trezor" ecosystem has had is that it doesn't rely on a secure element.
2022 should be the year of first open source secure element made by Trezor, and that is game changer new generation hardware wallet.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
No body including Ledger team has my address. I bought my Ledger nano ( in fact two instances of this device) from the official distributer in my country who delivered the  parcel with it to virtual office leased out to me for couple of weeks. When you buy this kind of stuff you must never reveal your personal information and address.  

Most of those who know all this can easily make themselves an airgapped cold wallet with some old hardware they already own and don't need HW at all  Wink
The size of the leak shows that (too) many don't know or simply cannot do this (ordering without personal info). But I feel that we are way off topic. Let's just agree that we cannot agree 100% on all aspects, OK?


Would be interesting to see if someone could get the Trezor T firmware working on a similar setup for the added features that would offer.

Yup. Just it may be a certain amount of work there aren't many willing to do just like that.
HCP
legendary
Activity: 2086
Merit: 4361
A very cool little DIY project... One of the advantages that the "Trezor" ecosystem has had is that it doesn't rely on a secure element.

Would be interesting to see if someone could get the Trezor T firmware working on a similar setup for the added features that would offer.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Speaking of closed source, it's closed exclusively for microcode which runs the security element  and it's not as bad in regard to hardware wallet as it looks. If it were open it would give some  privileges  to hackers who are generally more brilliant than common people. Reputation of HW producer is more important than the matter of the type of code. Leak of customers' addresses have nothing in common with architecture of Ledger nano itself.

I've already said that you do have valid points.

The closed source part is a two-edged sword: on one hand it's good since hackers cannot find problems that easy, on the other hand on open source more people could take a look and find/make improvements (see linux); also open source gives more trust (since in crypto you should not trust anyone, including your HW maker).

Ledger's reputation has suffered a lot after the leak because they lived in denial instead of doing much more for containing the damage. And although indeed the leak has nothing to do with the architecture, what good to protect your coins if one can find out your address and come in and "hack you with a 5$ wrench"?
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Regarding Trezor itself, they have  recognized the possible glitches and intended to embed the  security element  into device, reportedly  in 2022. Until that time my preferences are hardware wallets with security element inside, my private keys that control fund  for every day use reside  in  Ledger nano which has all benefits of having security element inside .

Clearly, at least in theory, without Secure Elements problems can occur. Still, it didn't happen. For years.
I also have a Ledger. But if I'd have to now, I would not buy Ledger products, although it works good. Two things to mention is the leak of customers' addresses and the fact it's closed source.
The thing is.. although it has Secure Elements, you don't know how good it's used.

So while you do have a point, let's stay open for multiple choices.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
maybe more coins?),

and maybe more vector attacks? AFAIK, Pi has no secure element inside so all procedures on generation of keys, their hold and security were left to the  mercy  of code which might  have flaws that open doors to malicious apps relevant to those coins.  I would not trust any homemade product when it comes to cryptocurrencies you posses. Saving a few bucks...hmm, it's not worth it.

Well, Trezor itself doesn't have secure elements and it's going just fine.
Some will prefer to do it homemade because they trust their own hands' work more than anything done by others.
Some just don't have at hand reliable shops where to buy from proper hardware wallets.
It's not only about costs and features, it's more. There's a potential market for this kind of devices. And if one is somewhat unsure he'll succeed in implementing it, a lower price may be handy.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
I found GamePi device locally for around 35$ so I don't have to pay any shipping cost, and online price on other websites is also around $30, I just liked the image I posted from waveshare website.
PiTrezor is supporting same coins as Trezor One, but Trezor Model T is supporting more coins, it has bigger memory and everything is entered on device not on computer.

Oh, then it's very good. At 30-35$ the price is very good for basically a Trezor clone, even if it's "only" Trezor One. It will do.
legendary
Activity: 2212
Merit: 7064
At 67$ GamePi is already at the cost of Nano S.
But I guess that this Pi based design may offer bigger flexibility (maybe more coins?), I didn't look at the git though (I may do that some other day).
I found GamePi device locally for around 35$ so I don't have to pay any shipping cost, and online price on other websites is also around $30, I just liked the image I posted from waveshare website.
PiTrezor is supporting same coins as Trezor One, but Trezor Model T is supporting more coins, it has bigger memory and everything is entered on device not on computer.

Developer comments on his website:
Quote
The current OS is based on yocto but yes in theory another OS like raspbian should work. However, it would require to apply the same patch (kernel linux patch) to work properly.
For the model T, I didn't invest time into it as it would require a color touch screen LCD and that would increase the cost of this project.
Quote
For the model T, I was not considering whenit I started this project as it required a touchscreen color lcd and that was expensive. However, things have change since, price are going down and trezor support only some coins on the model T. So this is something I am considering to check in a near future.
https://www.pitrezor.com/2018/02/pitrezor-homemade-trezor-bitcoin-wallet.html
 
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
At 67$ GamePi is already at the cost of Nano S.
But I guess that this Pi based design may offer bigger flexibility (maybe more coins?), I didn't look at the git though (I may do that some other day).

However, I like it. One more option for those interested. I do like Pi Zero (I have a Pi Zero W for other purpose), maybe that's why I like it even more.
legendary
Activity: 2212
Merit: 7064
Few years ago forum member yheneaul made a cool project PiTrezor DIY wallet based on Raspberry Pi Zero and modified Trezor One code.
Interesting thing is that PiTrezor code is still updated on regular basis, and latest version 1.10.2.0 was released less than a month ago.
Raspberry pi zero can still be purchased easily for only 5$ and it is available on internet or in local electronic shops, all you need is to 3d print the case, OLED screen, cable, and load the code that is fully Open Source.

Original design and case was made by developer, but other people are making their own variations:



Github page:
https://github.com/heneault/yocto-pitrezor

Website and video instructions:
https://www.pitrezor.com/
https://youtu.be/YrKo0QGWIuY

One guy 3d printed alternative version of PiTrezor case, then posted it on reddit, and few more STL files for printing are available for free download on Thingiverse website.
He used Raspberry Pi Zero WH, generic 128x64 OLED screen, and loaded same PiTrezor code by yheneaul.


Reddit source

My twisted idea would be to use GamePi20 that is based on Raspberry Pi Zero, costs around $30, and then load the same PiTrezor code on it.
There is already built in 2 inch IPS display, metal bottom, Micro SD Card, buttons and cool looking retro portable game console casing, so only question is if this can be modified to work with PiTrezor code.
Even better option would be to have modified version of Trezor Model T instead of basic Trezor One, but I would need to talk with developer to see if this is possible.


https://www.waveshare.com/wiki/GamePi20

Jump to: