/biz/ - Business & Finance

Trezor is not "compromised". But YES, malicious firmware can extract the private keys, this applies to ALL hardware wallets.

And you are still trusting Trezor / SatoshiLabs. When you receive the device in the mail, you have NO WAY of knowing or proving whether the hardware follows that spec.

When you download the latest Trezor firmware, you also don't know whether it is following the open-source spec. And no, you can't just compare the binary file with locally built firmware, it will be different (compiler/tool versions, environment, not to mention SatoshiLabs' code signature all cause different output with the same source code, and so artifact hashes will be completely different).

If you want to maximize trustlessness, then you go full DIY on the hardware AND software. No, not the prefab trezor-shaped PCBs that they sell, you can't trust those either. Build it yourself with a raspi kit, then load your locally-built firmware.

The seed phrase will just be encrypted on a naked SD card, but that is not much different than the actual thing, because Trezor is the only one of these hardware wallets to NOT HAVE a secure element chip in the first place (I mean what would be the point since it's open source).

You should also be inspecting the code that you checkout from GitHub, especially recent commits. The open source community will prevent most bugs or nefarious things from being introduced, but it's not perfect. At least run diffs to make sure the code you have on your local machine matches exactly the code that the community is vetting.

ANYTHING SHORT of building the hardware and software from scratch yourself is putting trust in Trezor / SatoshiLabs. If you are okay with that then cool, but then don't pretend that you aren't placing trust in them.

>>55058935
You are still trusting Trezor / SatoshiLabs. When you receive the device in the mail, you have NO WAY of knowing or proving whether the hardware follows that spec.

When you download the latest Trezor firmware, you also don't know whether it is following the open-source spec. And no, you can't just compare the binary file with locally built firmware, it will be different (compiler/tool versions, environment, not to mention SatoshiLabs' code signature all cause different output with the same source code, and so artifact hashes will be completely different).

If you want to maximize trustlessness, then you go full DIY on the hardware AND software. No, not the prefab trezor-shaped PCBs that they sell, you can't trust those either. Build it yourself with a raspi kit, then load your locally-built firmware.

The seed phrase will just be encrypted on a naked SD card, but that is not much different than the actual thing, because Trezor is the only one of these hardware wallets to NOT HAVE a secure element chip in the first place (I mean what would be the point since it's open source).

You should also be inspecting the code that you checkout from GitHub, especially recent commits. The open source community will prevent most bugs or nefarious things from being introduced, but it's not perfect. At least run diffs to make sure the code you have on your local machine matches exactly the code that the community is vetting.

ANYTHING SHORT of building the hardware and software from scratch yourself is putting trust in Trezor / SatoshiLabs. If you are okay with that then cool, but then don't pretend that you aren't placing trust in them.

>>55008347
Yes. See >>54993842

I originally said that it differed from the actual device because there's no Secure Element. However now after reading up some more, I learned that Trezor DOES NOT EVEN HAVE a Secure Element at all.

So yeah, go for the raspi, it's not much different. Your seed phrase is literally just encrypted on a naked SD card, as long as you're okay with that and you make sure to use a good strong passphrase.