If Trezor's servers go down, what would happen to wallets w/ 25th password?

[Coin-Keeper]

I would also suggest you consider setting a self-destruct PIN on your Trezor.  At least you would have an option to consider if you were forced to reveal your PIN.  Setting a unique PIN that if entered will WIPE all wallet and/or SEED info - completely - would be your call at that time.

If you find yourself in a situation where someone is threatening your life or the life of your family members, do you really want to wipe your device clean in front of them and go: "fuck you, now you have nothing. Btw, please don't hurt my family, I love them".

Plausible deniability is still the better choice. Keep a few grands that you can access with a separate PIN and hand them over. Just enough for the thieves to get something and not go berserk on you, your family, or your property, but also not the majority of your holdings.  

As I mentioned above I primarily use my self destruct PIN for a theft of my Trezor, which is almost impossible, but just in case.  In the other parts of my post I thought some instances could present themselves where a user could employ the self destruct PIN.  Maybe something like a local LE or similar leaning on you.  Not every situation is going to be a $5 wrench attack.

I could envision a situation where I determine that something really BAD is going to happen and I am carrying my Trezor.  I could quickly pop it up and enter my destruct PIN.

There is NO danger in having the OPTION to enter the PIN in a pinch.  If you don't have the feature enabled ahead of time you limit your options.  Hopefully users can make their own adult determination if its in their interest to immediately wipe the Trezor.

Further:  an Advanced $5 wrench attacker is NEVER going to believe you have only one dummy wallet.  Even if they hit you a few times and you provide another wallet with 5-10 BTC they still will assume there is a third wallet, and a fourth, etc.....   BUT a wiped Trezor clearly indicates there is nothing that can be done without going to another location to reload it...   These are horrible thoughts and I am praying never to need to make that call.

[o_e_l_e_o]

Yeah, the self destruct PIN is primarily for the scenario of theft, as far as I see it. In an extreme case, where a physical attacker doesn't believe that you do not have another passphrased wallet which you are not revealing, regardless of how many you have already revealed, and regardless of whether or not you have revealed all your wallets, then by self destructing your Trezor they will merely switch to demanding the location of your seed phrase back up or back up hardware device.

[20kevin20]

For an extreme case, one probably wants to preapre themselves for the worst. Therefore, I think a good idea is to keep multiple separate PINs that would look like this:
 - 1 PIN containing a few hundred bucks worth of BTC (initial decoy)
 - 1 PIN containing a few more hundred bucks worth of BTC (secondary decoy)
 - 1 PIN containing a few thousand bucks worth of BTC and multiple shitcoins worth a few hundred each (the main deceiver)

In the worst case, say you are asked for your PIN code and you enter the first. If the thief does not believe you, they will keep demanding for more. If even the second pin is not enough for the thief, the third one could be a very good decoy to deceive him. The main decoy's purpose is to look as similar to the behavior of an active crypto user as possible. Here's how I'd do it:

The Initial Decoy:
 - Has $500 worth of BTC
 - Has a few received txs and 0 spent

The Secondary Decoy:
 - Has $700 worth of BTC
 - Has a few received txs and 0 spent
 - First transaction happened after the first deposit to the Initial Decoy

The Main Deceiver:
 - Has $2000 worth of BTC
 - Has a few alts (LTC, DOGE, etc.. some with cheap fees) worth a total of $100-500
 - Has many received txs over the course of a few months but also at least a few spent every now and then
 - First transaction happened months before the first deposit to the Initial Decoy
 - Last transaction happened at least a few months before the Secondary Decoy

Perhaps the first two decoys could be coins that are stored on the Trezor's separate PINs and the Main Deceiver could be a completely different seed so that in case the thief demands the location of your seed, you can pull out the last card. If even after this the thief still doesn't believe you, then I guess there isn't much left you can do. This is an extreme prepping for an extreme situation that could easily turn very unpredictable.

[Coin-Keeper]

Yeah, the self destruct PIN is primarily for the scenario of theft, as far as I see it. In an extreme case, where a physical attacker doesn't believe that you do not have another passphrased wallet which you are not revealing, regardless of how many you have already revealed, and regardless of whether or not you have revealed all your wallets, then by self destructing your Trezor they will merely switch to demanding the location of your seed phrase back up or back up hardware device.

Two things on this quote:

1.  Your comment about demanding the location of the seed backup is likely correct.  That is why I specifically keep my SEED in my bank safe deposit box, where only my physical presence can gain access to it.  Once inside the bank the authorities are everywhere around me.  Of course the f*** U, you can't get my SEED unless you can break into my bank deposit vault, might find me floating face down in a river.  This is a call I would have to make at that time.

2. The destruct PIN is for theft security on my end.  I keep my Trezor in a case with a scribbled reminder note that the PIN is my home address.  I make it look like I am afraid to forget my PIN and keep the note, which clearly would not go mobile with me, in the case.  My bet, is that IF someone ever found my Trezor (not going to happen almost surely) they would enter my home address.  Very few users know how to enable destruct PIN so I further bet that a thief wouldn't even consider this possibility.  By the way, my microSD SALT file (used for encryption) is nowhere near the Trezor.  As a reference for those that don't know; the destruct PIN works even without the microSD present during the PIN entering attempt.  Normally if you enter any PIN (other than the special destruct PIN) without the microSD present the Trezor just sits there and the entry attempt does nothing.  The actual PIN and the SEED are encrypted and the HW device cannot recognize any entry without the needed SALT file.  The trezorctl code places the destruct PIN outside of that constraint.


Lastly, there is another "play" that might be safer than a password protected wallet for mobile Trezor uses.  How about considering walking around with the password feature turned OFF?  If you were to keep a small but reasonable amount in a "password less" generic wallet, it would appear that you are a typical user NOT even aware what a password extended word wallet is.  Then an attacker could compel you to provide your PIN and they would see the default wallet and that there is NO password option even active.  It only takes a few seconds to enable the password feature when you need it.  BTW - I don't need to know your PIN to see if the Trezor has the password feature enabled so you cannot hide behind the PIN to conceal the use of the password feature.  Turn it off or know the attacker will see it even without knowing your PIN unless they are complete rookies, doubt it!