1. How do I move coins directly from a paper wallet to the Trezor?
2. Could the My Trezor web wallet ever be hacked without my Trezor?
3. Theoretically could the Trezor firmware be rewritten to be malicious and steal info from the Trezor in some way?
4. If someone gets my public address for one account can they use blockchain analytics to find another account?
5. If I have one account with 1BTC and 1 account with 10BTC and someone tries to force me to access my Trezor with violence is it possible to load up the smaller account without revealing any details about the fact that the other account even exists?
Thanks a lot
All your questions except one are pretty much gone over in the Trezor
user manual. If you want to sweep paper wallet private keys to an address managed by your Trezor you will have to use Electrum or Mycelium instead of the Trezor web wallet.
So what you're saying is 1. There is no way to sweep a private key from a cold storage paper wallet onMy Trezor Web Wallet? I would have to use one of the other two. That's a little annoying as I now have to trust them too.
I looked into the user manual and found the answer to 2 and 5. Thanks.
Regarding 3. I found this in the security threats section -
"Reflashing the TREZOR with evil firmware
Official TREZOR firmware is signed by the SatoshiLabs master key. Installing unofficial firmware on the TREZOR is possible, but doing so will wipe the device storage and TREZOR will show a warning every time it starts. Reprogramming the bootloader is impossible because all TREZORs ship with their secure programming fuse blown."
Lets say the evil genius is working for or owns SatoshiLabs. If he had control go he master key is it then possible? This would then make the safety features around the unofficial firmware useless. I've got no idea what a bootloader is or why/how it would be good to do so.
Regarding 4. Is it just standard analytics then? Lets say I have 2 addresses that are on my Trezor. If I send to both from the same address these accounts could potentially be linked.
Thanks again for reading