Pages:
Author

Topic: Trezor Suite Lite for mobile (Read 367 times)

hero member
Activity: 406
Merit: 443
June 29, 2023, 11:40:04 PM
#26
Trezor has released its June 2023 update of Ledger Suite Lite.
Trezor Suite Lite Wink

The newest version allows unlocking the app using fingerprint or facial verification on iPhones. Trezor claims their users requested to have these features. Hopefully, we won't see a Trezor Recover because "users requested it".
Quote
You asked for it, and we delivered! We have added the option to secure the app using facial or fingerprint verification
I think that by the word "You" they may mean Chainalysis, Chainalysis now has access to your face and your fingerprint, this is closer to indirectly KYC data, if it cooperates with government agencies which Chainalysis does, they will easily be able to identify your identity.
legendary
Activity: 2730
Merit: 7065
June 29, 2023, 11:42:59 AM
#25
Trezor has released its June 2023 update of Trezor Suite Lite.
https://twitter.com/Trezor/status/1674337738600902656

The newest version allows unlocking the app using fingerprint or facial verification on iPhones. Trezor claims their users requested to have these features. Hopefully, we won't see a Trezor Recover because "users requested it".  
Quote
You asked for it, and we delivered! We have added the option to secure the app using facial or fingerprint verification
legendary
Activity: 2296
Merit: 2892
#SWGT CERTIK Audited
June 25, 2023, 07:59:23 PM
#24
Please be aware of a malicious application appearing in the top search results in App Store: it asks users for wallets' mnemonic words and sends this information to a fake app operator, which naturally results in immediate losses of cryptocurrency.

Source: https://www.nobsbitcoin.com/fake-trezor-wallet-app-tops-search-results-for-trezor-in-apples-app-store/

I tried searching with the keyword 'Trezor Wallet Suite' in the App Store (Indonesian region). It seems that the fake Trezor application, it no longer exists.



Likewise, other fake applications, as I mentioned before, are no longer there.

https://apps.apple.com/id/app/mytrez%C5%8Dr-suite-one-edition/id1672152406
https://apps.apple.com/id/app/tr-e-z-or-suite-manager-app/id6447076691

However, other fake applications may reappear.
I suggest using the link from the official website instead of using the search menu in the app store to avoid being fooled by fake apps.
legendary
Activity: 2450
Merit: 4414
🔐BitcoinMessage.Tools🔑
June 20, 2023, 04:52:37 PM
#23
Please be aware of a malicious application appearing in the top search results in App Store: it asks users for wallets' mnemonic words and sends this information to a fake app operator, which naturally results in immediate losses of cryptocurrency.

Source: https://www.nobsbitcoin.com/fake-trezor-wallet-app-tops-search-results-for-trezor-in-apples-app-store/
legendary
Activity: 1162
Merit: 2025
Leading Crypto Sports Betting & Casino Platform
June 10, 2023, 12:52:03 PM
#22
I would not have much problem on it, but sharing the public keys with an application and even through a smartphone camera is kind of concerning, in my opinion. I would assume all xpub scanned or copy/pasted that way to be compromised and held somewhere in a Apple/Google server.
It could be so, but I'm not sure about that. Currently, in the Trezor Suite Lite settings, I can't even find it for backing up to the cloud drive. It differs from several other wallet applications, such as Unstoppable and Phoenix, which provide a backup feature to the cloud.



But I think it must first connect the Trezor device as in the Trezor suite desktop app for safer (more private) access to the xpub.

To see the XPUB of your account in Trezor Suite, plug in your Trezor and open the Trezor Suite desktop app, -snip-

Thanks for the information.
And I think the Suite Lite not having a backup option is good, but if we are realistic on the level of mass surveillance nowadays, it is likely that the XPUB still gets extracted from the phone easily, if the software/hardware providers (apple/google) were asked to do so by some government.

Also, Even though i can see the advantages of using a phone together with a Trezor during situation where a personal computer is not available, like during a travel. I am not sure how easy it would be to find a Type-C - Micro USB cable for those who have got a model one.

I assume Type C - Type C is easier and more commercial.  Tongue
legendary
Activity: 2296
Merit: 2892
#SWGT CERTIK Audited
May 26, 2023, 07:43:29 PM
#21
I would not have much problem on it, but sharing the public keys with an application and even through a smartphone camera is kind of concerning, in my opinion. I would assume all xpub scanned or copy/pasted that way to be compromised and held somewhere in a Apple/Google server.
It could be so, but I'm not sure about that. Currently, in the Trezor Suite Lite settings, I can't even find it for backing up to the cloud drive. It differs from several other wallet applications, such as Unstoppable and Phoenix, which provide a backup feature to the cloud.



But I think it must first connect the Trezor device as in the Trezor suite desktop app for safer (more private) access to the xpub.

To see the XPUB of your account in Trezor Suite, plug in your Trezor and open the Trezor Suite desktop app, -snip-
legendary
Activity: 1162
Merit: 2025
Leading Crypto Sports Betting & Casino Platform
May 24, 2023, 08:52:10 PM
#20
I have tested it today to see how goes and I must say that there is something that greatly caught my attention.
For several months or years there has been people asking Trezor to include an option some people could track the evolution of the holdings in FIAT in the form of a simple portfolio tracker.

For some unknown reason, they never did so on the main Suit Desktop app, probably they did not deem it to be a priority. But now this application does exactly that, it is as if Satoshilabs was aware of the request and decided to make people to track the ups and downs of the crypto on a phone, rather on Suite.

I would not have much problem on it, but sharing the public keys with an application and even through a smartphone camera is kind of concerning, in my opinion. I would assume all xpub scanned or copy/pasted that way to be compromised and held somewhere in a Apple/Google server.
legendary
Activity: 2212
Merit: 7064
May 24, 2023, 05:00:54 PM
#19
The main goal of hardware wallets is to generate your private key in an environment that is not and will not be connected to the internet, so if there is any hardware wallet application that allows you to import private keys, it is best to stop using it and (destroy that wallet) Joking Tongue.
Importing seed phrase with a QR code scan could be a good idea for all hardware wallets with camera, and this can potentially increase security of that device.
Some DIY devices (like Krux)are using this technique to compensate for the lack of secure element for protection, and this does mean you would have to have QR code each time when you start your device.
For Hardware wallets with secure elements this could be used as optional feature.

For privacy only reason, the ability to connect to Tor is supposed to be integrated, but according to the above, there is no option for that, so you can trust that Trezor Suite nodes will not send your IP addresses to a third party.
I am not sure how good Tor or mobile devices really is, it's totally different situation on desktop computers.
legendary
Activity: 2296
Merit: 2892
#SWGT CERTIK Audited
May 24, 2023, 06:46:34 AM
#18
-snip-
What does the 'Sync my coins' button do that we can see at the bottom of your first page? Can it help to refresh the portfolio view? If you place your finger anywhere on the screen, hold, and swipe downwards, does that refresh the page or does the app miss that option?

How does adding coins work? Does Trezor Suite Lite display them automatically or do you have to add them from some sort of list? I am guessing you only need to import the master public keys.
Apart from tapping the Try Again button, I have also tried to hold and swipe the screen to refresh the home view, but it still doesn't work even when the application is opened and closed. Even though I don't think it's an important feature, it should work if it's already provided in the application.

The 'Sync my coins' button functions to select the coin you want to scan the Public Key for.

hero member
Activity: 406
Merit: 443
May 24, 2023, 04:52:23 AM
#17
Does it allow you to import externally generated address? For example, the address which is generated from https://kimbatt.github.io/btc-address-generator/?page=paper-wallet, would it allow me to add that as well.

The main goal of hardware wallets is to generate your private key in an environment that is not and will not be connected to the internet, so if there is any hardware wallet application that allows you to import private keys, it is best to stop using it and (destroy that wallet) Joking Tongue.

As you mentioned it's watch only wallet, so is it like just to check the balance? I mean I can do that using block explorer in blink of an eye, not sure what's so special about it or what is the thought behind it.  Cheesy

For privacy only reason, the ability to connect to Tor is supposed to be integrated, but according to the above, there is no option for that, so you can trust that Trezor Suite nodes will not send your IP addresses to a third party.

there are a very few block explorers that allow you to import the master public key.

I am using Mycelium wallet, which does not seem to be properly build for the iOS, its simple yet complicated type of wallet for me. Sometime I am feeling to only use newly generated bitcoin and keep the private keys stores and never import them until I see a proper wallet to do so.

You can choose bluewallet wallet as a bitcoin wallet for iPhone devices, after downloading the wallet, choose “Import wallet” then post your private key or WIF.
staff
Activity: 3500
Merit: 6152
May 23, 2023, 01:58:05 PM
#16
How does adding coins work? Does Trezor Suite Lite display them automatically or do you have to add them from some sort of list? I am guessing you only need to import the master public keys.

The "Sync coins" let you choose a coin, then scan the XPUB key for it.

-snip-

Yes, you can import from other wallets but only the master public key (for BTC). The app doesn't allow importing individual addresses.

Compared to other watch-only wallets? there's nothing special about it but compared to block explorers, then this app is obviously more convenient since you can watch your whole wallet.
full member
Activity: 1092
Merit: 227
May 23, 2023, 12:12:34 PM
#15
Thanks for sharing this.

Does it allow you to import externally generated address? For example, the address which is generated from https://kimbatt.github.io/btc-address-generator/?page=paper-wallet, would it allow me to add that as well.

I am using Mycelium wallet, which does not seem to be properly build for the iOS, its simple yet complicated type of wallet for me. Sometime I am feeling to only use newly generated bitcoin and keep the private keys stores and never import them until I see a proper wallet to do so.

As you mentioned it's watch only wallet, so is it like just to check the balance? I mean I can do that using block explorer in blink of an eye, not sure what's so special about it or what is the thought behind it.  Cheesy
legendary
Activity: 2730
Merit: 7065
May 23, 2023, 09:40:09 AM
#14
After a few days of trying Trezor Suite Lite, I found a problem, including the number of assets displayed in the Portfolio balance on the home menu. The graphic didn't appear even though I had tried tapping the 'Try again' button. The graphic only appears when I tap on a previously synced coin asset.
What does the 'Sync my coins' button do that we can see at the bottom of your first page? Can it help to refresh the portfolio view? If you place your finger anywhere on the screen, hold, and swipe downwards, does that refresh the page or does the app miss that option?

How does adding coins work? Does Trezor Suite Lite display them automatically or do you have to add them from some sort of list? I am guessing you only need to import the master public keys.
legendary
Activity: 2296
Merit: 2892
#SWGT CERTIK Audited
May 22, 2023, 08:13:35 PM
#13
People should never trust Play/App store reviews, but sometimes those can help. -snip-
The risk of finding an application that turns out to be fake can occur when using keywords to find certain applications on the Play Store/App Store. It's safer to use a link that comes from the official website.
In the past, I even found several applications on behalf of Electrum in the play store (https://bitcointalksearch.org/topic/m.55773085).


After a few days of trying Trezor Suite Lite, I found a problem, including the number of assets displayed in the Portfolio balance on the home menu. The graphic didn't appear even though I had tried tapping the 'Try again' button. The graphic only appears when I tap on a previously synced coin asset.

 
legendary
Activity: 1162
Merit: 2025
Leading Crypto Sports Betting & Casino Platform
May 21, 2023, 08:54:03 PM
#12
Thanks for the headsup!
I am going to take a look at it, but eventually, I think I won't stay in the long run with this application, out the security concerns, unfortunately it opens a new universe for fraud  possibilities for scammers to launch fake apps on the stores, as already you guys have pointed out.

Not only that, the fact the application is on the phone, could easily give a hint to some malicious person on our Bitcoin holdings. If Trezor really wants this app to the a success in the long run, they need to make it more discreet and appealing, beyond being a simple portfolio tracker, which there are already many in this market.  Tongue

I am willing to give the benefit of the doubt for now, let us see. If all goes as intended, I would gladly connect a Trezor to my phone in the future, easier if there is no laptop at hand reach.
legendary
Activity: 2730
Merit: 7065
May 20, 2023, 03:49:57 AM
#11
People should never trust Play/App store reviews, but sometimes those can help. More importantly, it helps looking at the number of downloads if you know the exact app you are looking for. For example, the Trezor Suite Lite (released recently) already has +1k downloads, which is expected. This number will increase to tens of thousands after a while. On the other hand, the fake one on Google Play Store only has +10. It makes no sense that a Trezor app would have that little interest from customers. And obviously, you should never perform a search on an app store and trust the results shown. You find the correct link on the official website. 
legendary
Activity: 2296
Merit: 2892
#SWGT CERTIK Audited
May 18, 2023, 11:05:17 PM
#10
A fake copy of Trezor Suite is also present on Google Play, so be careful when using search engines to find a genuine application.
Apps with a similar name Trezor Suite are also in the AppStore, so be careful too.



https://apps.apple.com/id/app/mytrez%C5%8Dr-suite-one-edition/id1672152406
https://apps.apple.com/id/app/tr-e-z-or-suite-manager-app/id6447076691


While the original Trezor Suite (https://apps.apple.com/id/app/trezor-suite-lite/id1631884497) looks like this:




This is basically a portfolio tracker with the added function of master public keys, allowing you to generate and share receiving addresses. What is missing is the option to send crypto as no seeds and private keys are coupled with it obviously. Perhaps, it's the beginning of full support for mobile device onboarding, which still doesn't work with Trezor.     
The Trezor mobile application was included in their roadmap when the desktop version of the Trezor Suite was released in 2021 (https://blog.trezor.io/trezor-suite-launches-8958c1d37d33).

On the roadmap are coin control, full node support, CoinJoin, a Trezor mobile app and password manager, and support for more languages!

However, it seems that users who want the Trezor mobile application still have to wait until there is an option to send transactions directly from the Trezor mobile lite application, which was recently released.
legendary
Activity: 2212
Merit: 7064
May 18, 2023, 03:30:28 PM
#9
Why do I feel that this application will work as a chainalysis backdoor to track all your portfolio easily, it is a GUI XPUB import APK app.
I am not going to use this app but I think they release most of their stuff as open source, so this app should be no different and code should be checked by security experts.
Trezor can be criticized for some things and I ram not recommending their devices atm, but I have to give them credits for staying on open source path for so long.
Any app installed and used on smartphone should be considered as privacy risk for obvious reasons.

Can I contact using Tor?
Trezor desktop app have Tor integrated, but they didn't do a very good job and some stuff got leaked, until someone reported issues on their github and it was fixed.
That is why open source and community contribution is great.
staff
Activity: 3500
Merit: 6152
May 18, 2023, 01:10:26 PM
#8
This is basically a portfolio tracker with the added function of master public keys, allowing you to generate and share receiving addresses. What is missing is the option to send crypto as no seeds and private keys are coupled with it obviously. Perhaps, it's the beginning of full support for mobile device onboarding, which still doesn't work with Trezor.     

Yes, that's the plan: https://twitter.com/Trezor/status/1658126561218895876

-snip-
Can I contact using Tor?

No, the 'Privacy and security' settings offer two options only:

1. Hide balances
2. Usage data

But I would imagine that using something like Orbot would offer the same level of privacy
legendary
Activity: 2730
Merit: 7065
May 18, 2023, 08:21:34 AM
#7
As for Trezor Suite Lite for mobile, it definitely looks unfinished because it lacks certain important features, particularly:

1) It doesn't allow generating proof that I control a certain address in my self-hosted wallet.
Proof in what form? You mean verifying the address is correct on the screen of your hardware wallet? The purpose of this is to have an app you can use with limited features that don't require you connecting your Trezor HW. Your job is to import the correct master public keys. I am guessing that's how it's supposed to work.

2) It doesn't implement a CoinJoin feature so that blockchain analysis companies can associate my geoposition with addresses I register for CoinJoin rounds.
You can't participate in coinjoins because the app won't have the necessary private keys to sign transactions or the hardware device connected to confirm the transactions physically.
Pages:
Jump to: