[edited out]
I am really sorry if you are feeling I am not real person and create some confusion here because I am not here for anything wrong just for information, and you already provide good links which I will read and try to understand because few things are very important before jumping into any field but still I am really thankful for your kind information and other details. Just last thing which is a better way to keep my bitcoin safe because I check mostly exchanges needs personal information and I have no problem to provide them this all but is this safe to keep bitcoin on these exchanges or any other way is better, thanks.
I am not opposed to holding some value on exchanges (or with third parties. In some cases it might be practical while you are learning how to be your own bank), maybe up to a few thousand dollars, and surely for each person the threshold will be different in terms of at what point you are going to want to bring some (or all) of that value off of the exchanges.. and surely you should want to try to learn about some private ways to hold your coins.. so it gives you options to have your coins in private wallets in which no one can stop you from being able to spend them and other potential powers that you might have from having your own keys that may or may not be readily apparent or even something that everyone seeks for themselves, but on the other hand, there is always a threat of either rug pull or various kinds of locking up of your funds when 3rd parties hold your keys.
There are likely several different ways to hold your bitcoin, and Trezor is pretty good.. either the Trezor one (which is cheaper) or the more expensive Trezor Model T and you want to make sure you get it from an authorized source (or authorized reseller) and with trezor it seems better to use the extra word too and also maybe to have some decoy value that you keep on the regular section that does not have the extra word... and of course, it is up to you how you might organize the various accounts on the trezor and get used to it...
Passport and Coldcard are likely good too. but a bit more sophisticated as compared with the Trezor, and there are other members who like Electrum, Spectrum and Sparrow, but I have not really used them... and there are other wallets and forum threads on the topic, and there are some members who like paper wallets, but I am not really accustomed to them, either...
You can also use Bluewallet, but I am a bit weary of keeping too much value on your phone... and maybe Phoenix and Breez are good lightning network wallets, and maybe guys have other recommendations, and there are forum threads on a lot of these topics that could get in depth and just require you to figure out what kinds of tradeoffs that you might be wanting to make to ensure that you have your coins privately and that they are sufficiently safe from getting taken including being careful not to create systems that are so complicated that you end up locking yourself out of your own coins, since there are responsibilities in being your own bank that can sometimes not be exactly straight-forward in terms of learning or even realizing if you might be putting your coins in jeopardy.
Trezor is excellent. I can vouch for Model One (the original). T can maybe do more
altshitcoins better, but One is more than enough for BTC -- at least that's the way I use it. Just to reiterate (have covered this topic extensively in the past) that Trezor is just a tool for user-friendly access to your wallet. The actual wallet is the 24(+1)-word seed. It's not material. It's numbers in number-space. So, even if the physical device is lost, stolen, damaged, or even sunk in a failed seastead attempt or boating accident, your wallet is still out there, as it will always be, for all eternity, set in stone by math & science, and only accessible via the seed. It's the seed that one should secure and never lose.
...
afaik, for the Trezor to be
absolutely safe in case of theft you would want a 128 bits entropy passphrase.
Alternatively you can use a PIN with 39 digits (Model T). Note: it will be more than 39 digits for the small Trezor as its PIN numbers include only numerals from 1-9 and not 0-9 like the Model T.
PSA: Trezor doesn't have the oft-mentioned seed extraction vulnerability. Use a strong PIN.
https://www.reddit.com/r/Bitcoin/comments/sdx4r6/psa_trezor_doesnt_have_the_oftmentioned_seed/A nice table for entropy requirements:
The purpose of the Trezor PIN is to delay the thief and give you enough time to restore the seed to another device and transfer your coins to another wallet. A simple 8-digit PIN is more than adequate for this purpose. Even a 4-digit PIN will likely delay a thief for sufficient time, considering that a Trezor delays retries by a time window that increases by a factor of a power of 2 after each failed attempt.
...
I'm afraid, your explanation is outdated and gives a false sense of security.
The delay you mention won't really work anymore, since said
Trezor's vulnerability was detected.
A thief with standard equipment can extract the encrypted seed from the Trezor's chip within
minutes and can decrypt it with the usual brute force.
So with your 8 digits PIN your seed can be known within 15 minutes. Good luck detecting the theft and moving your funds before the thief starts that process.
So with Trezor please use a proper 128 bits PIN. If you don't, you should have a proper 128 bits passphrase.Edit just recognized Lucius beat me to it:
https://bitcointalk.org/index.php?topic=178336.650480Many thanks (and to Lucius) for this information, I stand corrected! I remember I read this article a while back, but thought it was something that could be patched with a f/w update. According to the article, it isn't patchable, at least in the h/w versions affected, and I'm not sure whether or not it has been resolved in current versions. The vulnerability is in the STM32 chip they're using, so they need to change the chip, which isn't easy.
Taking this into account, one should definitely use a very strong passphrase (a.k.a. 25-th word) as well as a strong PIN. That's the way I've set up mine. This should give us enough time to take measures against theft.
In any case, a h/w wallet beats an unsecured paper wallet hands down, since a paper wallet is essentially an open wallet, ready to be snatched by anyone who finds it -- no brute force or hacking required.
Edit: I have already updated my original post with this information, and links to your posts, so that readers are aware of it.
afaik, the "problem" is that you have to decide between the use of a closed source secure element or an open source chip whose data can be extracted. I prefer the open source version, because you can counter the seed extraction with a strong PIN or a passphrase encryption.
Also I don't wanna trust secure element manufacturers.
There are some wallets that try to keep it open source while using secure elements like Bitbox, or wallets like Jade that use an outsourced blind oracle to add to PIN protection.
However even if 128 bits is the most secure, lower securities make it already expensive enough to brute force a passphrase or a PIN.
If an attacker needs to pay 10k$ to crack a wallet he must be very sure that it's worth it. So not bragging about your holdings is another easy security layer.
@AlcoHoDL, Trezor vulnerability is something that has been known for years, there was a lot of discussion about it in the technical discussion boards, but luckily every user can protect himself by setting a passphrase, and there is also another option, which is the use of an SD card.
When it comes to passphrase, the conclusion is that they should be at least 37 characters long :
A physical access to a Trezor One, Trezor T, Keepkey, or B-wallet allows an attacker to extract the 12/24-words within a few minutes using a low-cost setup (~100$), with a very high reproducibility (we had 100% success). We finally proved it can be fully automated allowing anyone to use it in case someone would sell the Extraktor box (similar to old Playstation hacks). This attack can not be fixed. The only mitigation is to use a strong passphrase: we recommend 37 random characters to maintain the same level of security.
For those who are interested in how to protect themselves additionally with the help of an SD card :
Trezor T (2.3.0) and Trezor One (1.9.0) firmware updateAlso, one thing I forgot is that it is possible to set a so-called fake PIN that can be left as a bait, and if it is entered, all data from the hardware wallet will be deleted.
The Wipe Code
Another exciting new feature is the wipe code that acts as a “self-destruct PIN” that erases your Trezor if someone tries to unlock your device without your consent. If the wipe code is entered into any PIN entry dialog, then all private data will be immediately erased from your Trezor and the device will be reset to factory defaults. You can write the wipe code somewhere near your Trezor as a decoy PIN, so if someone tries to unlock the device without your consent, they will cause it to erase itself. You can also use the wipe code to reset your Trezor without using a host device. This update can be enabled on both Trezor models.
A 128 bits PIN should do the trick as well, as it is used to encrypt the seed on the chip.
(Please let me know if you think I'm wrong)
