The guy who paid 10000BTC for the pizza back in the day would like to refund as well.  If that guy would be refunded, he would probably get 10USD back (provided he will return the pizza). BTC is deflation currency and the refunds don't work with those. Your lawyer should learn some basic rules of economy.

You can still get refunded though, because there are people willing to pay the amount of money you paid for this one. BTC was worth 80-120USD during the preorder period. I would pay you 330USD for it myself.

There is no limit for the number of "hidden volumes". Trezor does not keep their list. It just can recover all those account addresses  when you enter that particular passphrase again. I don't understand the "no-passphrase entry" question. Can you please rephrase it? You have two options for setup: You either create 1. passphrase protected Trezor or 2. Trezor without passphrases. In the latter, you will never be prompted for passphrases. What does "no access to anything when a passphrase is not entered" mean? You are able to store your BTC on Trezor in second setup (without passphrases) as well.

Back to the original question:
"Is this just as secure as a paper wallet?" No. It cannot be. However it's much more useful, because from this wallet you can actually spend. It's also very easy to use. Creating a really secure paper wallet is difficult. Setting up and using Trezor is easy.

"requires you the manufacturer to actually have access to the private keys" This statement is dead wrong. In many services out there, the main premise is that end user cannot keep his private keys secure, thus he should keep it with some online service that will take care of security. This creates just another issue for the user, because he now has to keep his service credentials secure and he has to trust the service provider so he is in even more difficult situation. Trezor is different. It lets you own your private keys without manufacturer knowing anything about you. In theory, Satoshi Labs can recover your seed from the device if the device is still working and they have physical access to it. But that is only if you are not using passphrases and give them the device and they actually want to recover your seed.

Without the physical access to the hardware, there is only a single way manufacturer could get your keys: backdoor. There is a catch though. If your bitcoins are stolen by a malware or a hacker, then you are just screwed. If your btc is stolen by an open software, open hardware backdoored device, then you can sue somebody. I assume their liability for a software bug is at the zero level. Their liability for a money stealing backdoors is a complete different story. That is fraud and you can sue it everywhere in the world.

Also, your statement that checking the software is not viable in practice is wrong. They use deterministic build so everybody can check that the software is what it is supposed to be. Also, the software is single purpose, thus small, thus verifiable for backdoors.

Yes it does. Not to the point of breakability, but it's less secure if keylogged: https://bitcointalk.org/index.php?topic=122438.msg8243033#msg8243033
If you plan to test it, then it's a good idea to do it on a secure computer.

What makes you think that the "no password" is the same wallet as an "empty password"? I doubt it is true. If you switched that flag, you would probably loose access to your "no password" account. Just reinitialize the device with the passphrase enabled.

This is normal and the probability of this happening is 13%. You may even have more words repeating. If you do recovery on a compromised computer, you reveal your words to the attacker, but not their order. In this scenario, it makes your mnemonic 2 times easier to crack if you have 1 repeating word. The number of combinations decreases from 6E23 to 3E23. If you don't do recovery on a compromised computer (and you should almost never need to do recovery) then your seed is as good as a seed without a repeating word.

The BIP32 node displayed in myTrezor wallet for account 0 is m/44'/0'/0'. Thus entering it in bip32.org and doing two more derivations /0/0 gives me my account addresses m/44'/0'/0'/0/0. I did not have to do fake screenshots. I have other things to do. All Trezor owners can do the same and see it just works. Your argument is invalid. It works.


That is why I mentioned you can use python-trezor to get seed from mnemonic. If' you don't like python, you can use gui from trezor-crypto. There are plenty of ways, but you are not going to use them.


This was not what was asked from you. Guys asked which transaction are you questioning. You never provided this information according to the screenshot you posted.


That is related to the above answer. You are concerned about a transaction that may get through, but you never provided any information about which transaction that is and what are the source and destination address of this transaction in question.


They released their product two weeks ago. I believe it is normal that not all tickets are answered on the same day. They acknowledged in this forum that they had some delay in answering all the tickets. This should be over soon. Be patient. (ouch, you can't do that)


Yes.


The device works fine. It is bitcoinj, third party library that does not work. This library is not part of the device and is not used by the device itself. It is used by the free web wallet you are using. Use some paid solution if you are not satisfied with it. According to my understanding, satoshilabs never wanted to create ANY wallet. They did it as a proof of concept, but you are using this web wallet for free.


python-trezor is for free, bip32.org is for free, trezor-crypto gui is for free. electrum might be unstable BUT you are confirming your transaction on Trezor. You see receiving address on display. Trezor is stable and it is designed to work with computer that is trying to steal your coins. Using it with unstable electrum build is safe as long as you verify your transaction on Trezor display.

For wallet32, you don't have to use your own android device. You can use friend's device (if you have a friend). If none of these workarounds work for you, then just wait. They will fix it eventually.

You are wrong again. BIP44 is an extension that defines which paths should be used. http://bip32.org/ is enough to generate your addresses if you enter correct path. Let me show you:

You take your account BIP32 key from myTrezor web wallet:



Plug it into bip32.org:



and you can generate all your Trezor adresses. For example the one on the image above is the first address on my first account. I can see it in my transaction history:



Now, what I showed you is how you generate public ones only, but if you used python-trezor you could have generated master seed from your recovery words, enter it into bip32.org and get every single private key of your wallet. Then you could use it with any other wallet you like. For instance Armory as suggested in the post you are answering.

Let me remind you, what you did instead:
1. You contacted support and did not provide them answers to the question they needed.
2. You demanded fix to your problem immediately. It is understandable, because your money are blocked (please note the difference between blocked and lost). But on the other hand, it does not work like this with fixing errors in free web wallet with error being in another free third party library. The fixes do not fall out of the sky on the next day.
3. Then you alienated all the people who can help you by yelling at them and putting negative trust feedback on them.
4. You also rejected all the workarounds thrown at you.

I'm sorry, but there is no help for a guy like you....

The difficulty of fixing an unknown script transaction in js does not depend on whether you know the line of error. It depends on how difficult is to handle such transaction. It might be the case that handling it would involve design changes and fix won't be out there for weeks. It also depends on the amount of documentation about this particular transaction type. If you don't know what kind of beast it is, you cannot add handling for it. So please refrain for commenting about how difficult it is, because you know shit about it.

A) You claim you are a software developer. You should know that you are just wrong. Bug fixing time does not depend on how simple it seems to somebody, or whether you know the line, where the bug is. It depends on how difficult the fix is. Now you have the opportunity to fix this small bug yourself for 100USD. Grab it.
B) You can check if it was broadcasted. If it was you may be sure, it will not be re-broadcasted. If it was not broadcasted, then your single choice to "prevent" it is to spend BTC from that particular address. You can do that on Trezor by simply sending ALL your BTC from that particular account to a new address. That is, of course, provided your transaction history is not broken. Thus there is perfect chance to fix A) and claim a double-win for you.
C) You want your answer for problem B) but you never answered which particular transaction is in question. If you request answers about a transaction, but you don't say about which one, then nobody can answer you.
D) If you find error in Win (and I'm sure there are still plenty, you are just not so lucky to find one) then I would like to see how the communication with the Win support would go.
E) Let me remind you, that what you have bought is a device that works fine. What does not work for you is the web wallet. The disclaimer on the page says: "MyTrezor is a FREE service provided for Trezor owners." You did not pay anything for the web wallet. If you wanted to have support for the wallet, you should have waited for a company that would sell you wallet with Trezor support with a support. You are demanding support for something you get for free and you are yelling at people about it. That's not a good way to achieve something.

Dear gweedo, if you are referring to me calling you retarded than I want it to be noted that I'm not a Trezor support guy and I'm in no contract relationship with satoshilabs. So it's not "trezor support insulting customers". I understand that you have your balance blocked and that is frustrating. And it also seems that I misunderstood the problem, so please accept my apology for being rude. Even though I have no obligation to you, because you are not my customer.

I believe that gweedo is able to send btc to his client via other means. He is just concerned than the original transaction may still get broadcasted (double spend), but that can be easily prevented. You just need to resend the money spent in your dangling unbroadcasted transaction. Then the dangling transaction cannot be accepted anymore thus the doublespend is avoided and everybody is happy.

Edit: It might not be so simple if the transaction history is broken because of the issue stick talks about above. I'd like to hear when and how this resolves.

Dude, send all your money to a new address. If this new transaction does confirm, the old one cannot confirm anymore. Then send BTC to your client again. If any of that fails, then it *might* be a trezor issue. If this does work then you or server had some network glitch, with no harm whatsoever and you are just retarded to scream like a child about it.

Pre-Trezor release interview with some big guys: http://www.youtube.com/watch?v=t-7mNiU_9Ak&t=48m15s

Try different usb cable/usb port. The usb cables they send in the box are shit, but these are standard micro-usb so you may have one more at home.

To spend coins you have to enter your PIN on a one time keyboard. There is no one time code. It is always your PIN, it just has different forms depending on keyboard layout. Thief who does not know your pin cannot spend your btc.

Try another USB cable. If that does not help, write to support.

Unfortunately, this is also the scenario of people trying to be smart and generate their own entropy with dice. The problem is that they have no good way to import it in the device. Not recovering the device is something you can do if you trust the random number generators, which in general is not a good idea. But for now, I trust the mix of pc and hw rng much more then the recovery pc...

I'm pretty sure it does not ask for more words in case of 24 words seed: https://github.com/trezor/trezor-mcu/blob/master/firmware/recovery.c#L97

You need to put this into perspective. When using 24 words, the Trezor seed is 256bit long, i.e., 1E77. Any single address generated is 160bit long, i.e., 1E48. Those are some huge numbers. 1E23 is child's play compared to that. If the number of combinations is 1E77 before you keylog the words and it becomes 1E23 after you keylog them, then the recovered Trezor is 1,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 times less secure then the unrecovered one. Please note that Trezor uses key stretching techniques, so to find whether the 24 words that have been keylogged contain(ed) some BTC, you need to do more than 10^23 hashes. It should be something like 10^28. But there is also 10^13 Hash/s hardware out there. If something like that was manufactured for Trezor breaking then you would need 10^8 of those to break one recovered Trezor in a year time. I guess that considering price of such equipment and the possibility you break an empty(emptied) Trezor rules out such attack (for now). I would still recommend to transfer your funds to unrecovered Trezor after recovery to get 1E77 protection back. I would also not recommend using less than 24 words.