Bitcoin Forum
March 19, 2024, 05:04:05 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Trezor wallet private key security  (Read 2012 times)
dex9 (OP)
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
July 17, 2015, 07:06:21 PM
 #1

I suspect my question is dumb, but still - after 30 minutes of active search I haven't found an answer, so here it goes.

We know that Trezor's architecture is such that it keeps private keys inside the device and never exposes them (that's what we read in the FAQ: http://doc.satoshilabs.com/trezor-faq/ )
We also know that whenever new Bitcoin address is generated, there is a pair of keys - public and private associated with each address, and the only way to spend balance from the given address is via its private key.

So in my understanding, if the wallet is guarded by Trezor, then each new address generated for such wallet should be generated by Trezor (otherwize private keys would be exposed).
However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.

So my question is - where are the private keys for the generated addresses are stored, and if not in the device - then what's the purpose of the device? What other private keys does it keep and how does it help protect the balance in my Bitcoin addresses, if their private keys are not in Trezor?

Maybe I should check Trezor's source for an answer, but I figured I post here first...
In order to achieve higher forum ranks, you need both activity points and merit points.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
Carlton Banks
Legendary
*
Offline Offline

Activity: 3430
Merit: 3068



View Profile
July 17, 2015, 07:17:07 PM
 #2

I suspect my question is dumb, but still - after 30 minutes of active search I haven't found an answer, so here it goes.

We know that Trezor's architecture is such that it keeps private keys inside the device and never exposes them (that's what we read in the FAQ: http://doc.satoshilabs.com/trezor-faq/ )
We also know that whenever new Bitcoin address is generated, there is a pair of keys - public and private associated with each address, and the only way to spend balance from the given address is via its private key.

So in my understanding, if the wallet is guarded by Trezor, then each new address generated for such wallet should be generated by Trezor (otherwize private keys would be exposed).
However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.

So my question is - where are the private keys for the generated addresses are stored, and if not in the device - then what's the purpose of the device? What other private keys does it keep and how does it help protect the balance in my Bitcoin addresses, if their private keys are not in Trezor?

Maybe I should check Trezor's source for an answer, but I figured I post here first...


Trezor uses a concept called "deterministic" public keys. From the private key, a solitary master public key is derived. From that single master public key, any number of extended public key can be derived. Each extended public key corresponds to a Trezor "account". For each extended public key, any number of actual public keys (i.e. bitcoin address) can be derived.

So, the private keys are only on the device, but either the master public key, or any of the xpub keys are transmitted from the device to both your web browser and to mytrezor.com servers. So, the private keys are not designed or intended to leave the device, and they are not required to generate new addresses safely.

Vires in numeris
d4n13
Full Member
***
Offline Offline

Activity: 210
Merit: 101


“Create Your Decentralized Life”


View Profile
July 17, 2015, 09:05:02 PM
Last edit: July 18, 2015, 10:13:16 AM by d4n13
 #3

However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.
The process you describe indicates that the wallet program you use is not properly supporting Trezor.  You likely have a mixed bag of keys.  Attempting to generate keys when Trezor is detached should flag an error.  If it doesn't, open an issue against the wallet maker and ask Trezor to remove that wallet maker from their support list.

You are right to be concerned.

dex9 (OP)
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
July 18, 2015, 04:43:08 AM
 #4

However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.
The process you describe indicates that the wallet program you use is not properly supporting Trezor.  You likely have a mixed bag of keys.  Attempting to generate keys when Trezor is detached should flag an error.  If it doesn't, open an issue against the wallet maker and ask Trezor to remove that wallet maker from their support list.

You are right to be concerned.
Transaction Rescue Bounty Campaign, ... Charitable Transaction Rescue Service



I am using Trezor's manufacturer website https://mytrezor.com/ . Are you saying that Trezor website is not properly supporting Trezor?
dex9 (OP)
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
July 18, 2015, 05:01:51 AM
 #5

Trezor uses a concept called "deterministic" public keys. From the private key, a solitary master public key is derived. From that single master public key, any number of extended public key can be derived. Each extended public key corresponds to a Trezor "account". For each extended public key, any number of actual public keys (i.e. bitcoin address) can be derived.

So, the private keys are only on the device, but either the master public key, or any of the xpub keys are transmitted from the device to both your web browser and to mytrezor.com servers. So, the private keys are not designed or intended to leave the device, and they are not required to generate new addresses safely.

Thank you, that makes some sense. Going to research "deterministic" public keys...
d4n13
Full Member
***
Offline Offline

Activity: 210
Merit: 101


“Create Your Decentralized Life”


View Profile
July 18, 2015, 06:15:09 AM
Last edit: July 18, 2015, 10:10:08 AM by d4n13
 #6

However, my experience with Trezor proves that it is not the case.
After I set up my account and wallet at https://mytrezor.com/ with the Trezor device, I detached the device and had no problem generating as many new addresses (PUBLIC KEYS) for my wallet as I like (with no Trezor attached). Consequently, private keys for these new addresses could NOT have been stored in Trezor.
Highlights added are mine.

The process you describe indicates that the wallet program you use is not properly supporting Trezor.  You likely have a mixed bag of keys.  Attempting to generate PRIVATE keys when Trezor is detached should flag an error.  If it doesn't, open an issue against the wallet maker and ask Trezor to remove that wallet maker from their support list.
Highlights added are mine

I am using Trezor's manufacturer website https://mytrezor.com/ . Are you saying that Trezor website is not properly supporting Trezor?
I too need to read up more on HD Keygen

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!