Bitcoin Forum
September 22, 2018, 11:45:22 PM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Trezor wallet private key security  (Read 1909 times)
dex9
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
July 17, 2015, 07:06:21 PM
 #1

I suspect my question is dumb, but still - after 30 minutes of active search I haven't found an answer, so here it goes.

We know that Trezor's architecture is such that it keeps private keys inside the device and never exposes them (that's what we read in the FAQ: http://doc.satoshilabs.com/trezor-faq/ )
We also know that whenever new Bitcoin address is generated, there is a pair of keys - public and private associated with each address, and the only way to spend balance from the given address is via its private key.

So in my understanding, if the wallet is guarded by Trezor, then each new address generated for such wallet should be generated by Trezor (otherwize private keys would be exposed).
However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.

So my question is - where are the private keys for the generated addresses are stored, and if not in the device - then what's the purpose of the device? What other private keys does it keep and how does it help protect the balance in my Bitcoin addresses, if their private keys are not in Trezor?

Maybe I should check Trezor's source for an answer, but I figured I post here first...
1537659922
Hero Member
*
Offline Offline

Posts: 1537659922

View Profile Personal Message (Offline)

Ignore
1537659922
Reply with quote  #2

1537659922
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537659922
Hero Member
*
Offline Offline

Posts: 1537659922

View Profile Personal Message (Offline)

Ignore
1537659922
Reply with quote  #2

1537659922
Report to moderator
1537659922
Hero Member
*
Offline Offline

Posts: 1537659922

View Profile Personal Message (Offline)

Ignore
1537659922
Reply with quote  #2

1537659922
Report to moderator
Carlton Banks
Legendary
*
Offline Offline

Activity: 2128
Merit: 1339



View Profile
July 17, 2015, 07:17:07 PM
 #2

I suspect my question is dumb, but still - after 30 minutes of active search I haven't found an answer, so here it goes.

We know that Trezor's architecture is such that it keeps private keys inside the device and never exposes them (that's what we read in the FAQ: http://doc.satoshilabs.com/trezor-faq/ )
We also know that whenever new Bitcoin address is generated, there is a pair of keys - public and private associated with each address, and the only way to spend balance from the given address is via its private key.

So in my understanding, if the wallet is guarded by Trezor, then each new address generated for such wallet should be generated by Trezor (otherwize private keys would be exposed).
However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.

So my question is - where are the private keys for the generated addresses are stored, and if not in the device - then what's the purpose of the device? What other private keys does it keep and how does it help protect the balance in my Bitcoin addresses, if their private keys are not in Trezor?

Maybe I should check Trezor's source for an answer, but I figured I post here first...


Trezor uses a concept called "deterministic" public keys. From the private key, a solitary master public key is derived. From that single master public key, any number of extended public key can be derived. Each extended public key corresponds to a Trezor "account". For each extended public key, any number of actual public keys (i.e. bitcoin address) can be derived.

So, the private keys are only on the device, but either the master public key, or any of the xpub keys are transmitted from the device to both your web browser and to mytrezor.com servers. So, the private keys are not designed or intended to leave the device, and they are not required to generate new addresses safely.

Vires in numeris
d4n13
Full Member
***
Offline Offline

Activity: 210
Merit: 101


“Create Your Decentralized Life”


View Profile
July 17, 2015, 09:05:02 PM
 #3

However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.
The process you describe indicates that the wallet program you use is not properly supporting Trezor.  You likely have a mixed bag of keys.  Attempting to generate keys when Trezor is detached should flag an error.  If it doesn't, open an issue against the wallet maker and ask Trezor to remove that wallet maker from their support list.

You are right to be concerned.

dex9
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
July 18, 2015, 04:43:08 AM
 #4

However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.
The process you describe indicates that the wallet program you use is not properly supporting Trezor.  You likely have a mixed bag of keys.  Attempting to generate keys when Trezor is detached should flag an error.  If it doesn't, open an issue against the wallet maker and ask Trezor to remove that wallet maker from their support list.

You are right to be concerned.
Transaction Rescue Bounty Campaign, ... Charitable Transaction Rescue Service



I am using Trezor's manufacturer website https://mytrezor.com/ . Are you saying that Trezor website is not properly supporting Trezor?
dex9
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
July 18, 2015, 05:01:51 AM
 #5

Trezor uses a concept called "deterministic" public keys. From the private key, a solitary master public key is derived. From that single master public key, any number of extended public key can be derived. Each extended public key corresponds to a Trezor "account". For each extended public key, any number of actual public keys (i.e. bitcoin address) can be derived.

So, the private keys are only on the device, but either the master public key, or any of the xpub keys are transmitted from the device to both your web browser and to mytrezor.com servers. So, the private keys are not designed or intended to leave the device, and they are not required to generate new addresses safely.

Thank you, that makes some sense. Going to research "deterministic" public keys...
d4n13
Full Member
***
Offline Offline

Activity: 210
Merit: 101


“Create Your Decentralized Life”


View Profile
July 18, 2015, 06:15:09 AM
 #6

However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses (PUBLIC KEYS) for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.
Highlights added are mine.

The process you describe indicates that the wallet program you use is not properly supporting Trezor.  You likely have a mixed bag of keys.  Attempting to generate PRIVATE keys when Trezor is detached should flag an error.  If it doesn't, open an issue against the wallet maker and ask Trezor to remove that wallet maker from their support list.
Highlights added are mine

I am using Trezor's manufacturer website https://mytrezor.com/ . Are you saying that Trezor website is not properly supporting Trezor?
I too need to read up more on HD Keygen

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!