Replying to Avatar Neo ⚡️

Yes, if no one has physical access to it, it should be secure. But if you still have to buy maybe better to buy a Coldcard or Passport imo.
Avatar
Petroit 2y ago

It's not so black & white. If you use passphrase feature on Trezor, it will make this attack almost impossible. (Unless you use weak passphrase)

In addition you can use micro SD card in your Trezor to further encrypt and add protection to your PIN code which would also render this attack near impossible.

The attack is known for some time, it's called Read Protection Downgrade Attack and Trezor from the very beginning expects that hack might be found in the future, that's why passphrase feature is available, so you don't have to trust only the hardware device.

Reply to this note

Please Login to reply.

Discussion

Avatar
Neo ⚡️ 2y ago

But why should someone use Trezor instead of a Coldcard, Passport etc. in this scenario?

Avatar
Petroit 2y ago

Well... Where to start:

1. Trezor T supports Shamir backup unlike the competition

2. Only HW wallet with coinjoin baked into it

3. FULLY open source unlike coldcard and others. Coldcard is open source to view the code but others can't reuse it. But coldcard actually started with the code from Trezor they took and modified and then closed sourced it. I don't like this behavior of Coldcard from moral standpoint.

4. No secure element in Trezor. Meaning there is no way for backdoor. Closed source secure elements bring level of unknown into the wallet. Even if you find vulnerability in secure element, you have NDA signed which stops you from disclosing it to customers. And you're dependent on the secure element to be fixed in future batches. For me it's better the devil you know. Rather than have in HW something I can't verify and therefore can't trust.

5. It also supports before mentioned passphrase and SD card encryption which are additional super useful layers or security.

6. Trezor supports coin control to choose which UTXO to spend

etc. etc.

Hope this helps.