That’s correct, no secure element on Trezor. Probably not that important, right #[4] ? 😜
Discussion
🤦🏻♂️🤦🏻♂️🤦🏻♂️
The folks over at Tresor are fucking cowboys. Disgusting
Unpopular opinion: the purpose of a #Bitcoin signing device is to protect your secret material from leaks during use. Ability to protect secret material at rest against an adversary with physical access is out of scope.
You packed some signal into that note. I also liked it when Samson Mow said something to the effect that digital PK storage devices should never be considered anything more than conveniences.
If that’s the purpose of a signing device, I’ll still take the added bonus of a device that can provide security when physical access is compromised.
Security is measured in time. That is, the time it takes a knowledgeable attacker with the right tools and physical access to break in.
The best physical safes have time ratings on the order of tens of minutes. A TL-30 can withstand 30 minutes of attack, costs thousands of dollars, must be bolted to the floor, weigh 600+ pounds, and is considered top of the line by retail standards.
Expecting more than a few minutes of resistance against a knowledgeable attacker with the right tools and physical access is unrealistic. Especially considering that your attackers can be improving their techniques while your material is at rest.
#BlockstreamJade 
You don't actually need a secure element with the Trazor Model T. I would never trust a so-called secure element.
Use a high entropy pass phrase with the Trezor and your secure. Even if they hack your HW. They can't steal your Bitcoin. Back up and store your seed phrase and passphrase separately.
You're welcome..🤔🙂
So not possible to hack passphrase from a signing device?
That's correct. If it's a high entropy passphrase. My pass phrase is around 300 bits of entropy. Excluding the hard coded hashing function. Which makes the entropy even greater.
Trezor does not store the passphrase in the HW. So it can't be hacked. But If you lose the passphrase at 256-300 bits of entropy you're screwed..😐🙂
Good to know. Everyone should use a passphrase in my opinion. Back up your passphrase in separate location from seed. This would make it quite difficult to hack seed from a device then also gain access to passphrase in separate location.
300 bits of entropy for a passphrase is massive. That's equivalent to 28 bip39 words! And this is on top of the maximum of 256 bits provided by the seed phrase. That's a lot to type in.
Yea seems excessive
Here's where the magic happens. I use keepass, and let it create a high entropy passphrase for me. Then I let keepass type the passphrase in for me.
Everyone says don't inter your seed phrase online, and I agree. I only enter my passphrase online. And keepass has a number of settings to circumvent key loggers.
But let's face it. If by some miracle someone spoofed my passphrase. They still need my seed phrase. The likelihood of getting both is slimming and none, and slim has left the building..💻💎🧡🤠🗽
This is true with just about any HWW that allows you to add a BIP39 passphrase, but the challenge is that people tend to interpret the device’s access control mechanisms as infallible b/c they’re marketed that way, and then not use a passphrase. It’s a nuance of the traditional HWW security model that is a big problem.
Unpopular opinion: don’t store your backup seed phrase separately from your device. This creates a poor-man’s 1-of-2 multisig, where access to either gives you the coin.
If you want 1-of-2 multisig, then set up genuine 1-of-2 multisig with two different seeds on two different signing devices in two different locations.
I don't care if it's unpopular. It's correct, and the most secure way back up your Trezor Wallet. It has nothing to do with multisig. That's a separate issue..🤔