[ESHOP launched] Trezor: Bitcoin hardware wallet

[Erdogan]

I expect my TREZOR to arrive some time this week! In the meantime, I have a few questions about the setup. I have read the online User Guide, but there are some details that are not clear to me:

1) At what point during the first time setup is it ok to unplug the TREZOR from the computer?  Do I have to wait for the full recovery seed recording to be completed?  Or is it safe to unplug the TREZOR, and still complete the initial setup?

2) If I want to set up a Multi-Passphrase Encryption, what are the exact sequence of actions.  The instructions are extremely vague, and I do not want to make a mistake.  (Does it only work right after the first time setup, or can I force a second setup after lots of use?  Is there a second set of recovery seeds that I need to record?)

3) Once there are more than one passphrase set up correctly, how do I access one when I plug it in?

4) Is there any detailed description or screenshots of how to use the multiple Accounts and their associated addresses?  (The user guide is sparse on details.)

Thanks

This is what I found out:

If you want to use passphrases, check the passphrases box when initializing. You can use it with no password, except the password dialog appears when you plug in, just click enter. To change from one passphrase to another, you have to issue the "forget device" function.

Just remember that the passwords are a part of the seed, so you need to safely write down both your 24 seed words and your passphrases.

[blossbloss]

Another question:

I like the confirmation on the TREZOR when I am sending to an address to ensure that the myTREZOR site has not been compromised.  However, it does not appear that there is any confirmation of the addresses shown on myTREZOR for receiving funds.  When I see an address on myTREZOR (to provide to someone to send me money), how can I be sure that it is actually an address associated with my TREZOR (and not a rogue address on a malicious computer)?  I would hope to be able to see the selected address on the computer replicated on the TREZOR so that I can be sure it is legitimate.  Is this how it works, but just not in the documentation?

[arorts]

Could you please provide us with the installation steps for a Mac OS X? Linux steps in that path don't seem to work 

Have you installed the Command Line Tools (or Xcode) and Brew ?

I do have Xcode and Brew. What should I do then? BTW, I'm also seeing people pointing out to python-trezor so that's yet another thing I'm trying to make sense out of it in addition to the Electrum plug-in for OS X.
Thx for your help.

[AussieHash]

I do have Xcode and Brew. What should I do then? BTW, I'm also seeing people pointing out to python-trezor so that's yet another thing I'm trying to make sense out of it in addition to the Electrum plug-in for OS X.
Thx for your help.

I sucessfully installed Electrum 1.9.8 release from the github repo following the MacOSX instructions here
https://electrum.org/download.html

As you already have xcode and brew installed I assume you are comfortable with the command line !

I haven't yet tried the latest master with the Trezor commits as I am still awaiting my classic first edition to reach me.
https://github.com/spesmilo/electrum/commits/master

This plugin
https://github.com/m0mchil/electrum/blob/master/plugins/trezor.py

clearly requires python-trezor
https://github.com/trezor/python-trezor/tree/master/trezorlib

Code:

try:
    from trezorlib.client import types
    from trezorlib.client import proto, BaseClient, ProtocolMixin
    from trezorlib.qt.pinmatrix import PinMatrixWidget
    from trezorlib.transport import ConnectionError
    from trezorlib.transport_hid import HidTransport
    TREZOR = True
except ImportError:
    TREZOR = False

The webbrowser plugin is completely different, you need it to setup your Trezor with myTrezor (unless you want to setup/restore your Trezor with the python tools)

[anarchoatheist]

I just finished setting up my trezor wallet. While copying down the seed I noticed that one of my seed words came up twice in the seed of 24 words. Is this normal? should I wipe the trezor and make a new seed?

[molecular]

I just finished setting up my trezor wallet. While copying down the seed I noticed that one of my seed words came up twice in the seed of 24 words. Is this normal? should I wipe the trezor and make a new seed?

No, that's ok.

EDIT: just calculated the probability of getting a seed with a "double word": 13.67%.

So if you disallowed these, you would reduce entropy quite a bit.

[Valzador]

Has anyone in Australia actually received their Bitcoin Trezor?

[klokan]

I just finished setting up my trezor wallet. While copying down the seed I noticed that one of my seed words came up twice in the seed of 24 words. Is this normal? should I wipe the trezor and make a new seed?

This is normal and the probability of this happening is 13%. You may even have more words repeating. If you do recovery on a compromised computer, you reveal your words to the attacker, but not their order. In this scenario, it makes your mnemonic 2 times easier to crack if you have 1 repeating word. The number of combinations decreases from 6E23 to 3E23. If you don't do recovery on a compromised computer (and you should almost never need to do recovery) then your seed is as good as a seed without a repeating word.

[AussieHash]

I just finished setting up my trezor wallet. While copying down the seed I noticed that one of my seed words came up twice in the seed of 24 words. Is this normal? should I wipe the trezor and make a new seed?

If it works like electrum, then it shouldn't matter, there isn't a 1:1 correlation between words from that list and the hexadecimal seed, ie : if your seed were [abandon, ability, able, abandon, ability, able, abandon, ability, able] your seed would not be 010203010203010203
https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt

Having said that ... maybe BIP39 generates the mnemonic from entropy, and then the hexadecimal seed from that.  
https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#Generating_the_mnemonic
Electrum does it in reverse, the mnemonic is just a "human readable form" of the hexadecimal seed.

Edit : electrum's seed routines still confuse the heck out of me
NOTE: Below I am talking about electrum's native mnemonic seed, this is a separate scheme to the Trezor routines that are used by the trezor plugin

https://github.com/spesmilo/electrum/blob/master/lib/mnemonic.py#L1656

Code:

# Note about US patent no 5892470: Here each word does not represent a given digit.
# Instead, the digit represented by a word is variable, it depends on the previous word.

def mn_encode( message ):
    assert len(message) % 8 == 0
    out = []
    for i in range(len(message)/8):
        word = message[8*i:8*i+8]
        x = int(word, 16)
        w1 = (x%n)
        w2 = ((x/n) + w1)%n
        w3 = ((x/n/n) + w2)%n
        out += [ words[w1], words[w2], words[w3] ]
    return out

Code:

>> import electrum
>> electrum.mnemonic.mn_encode('01010101010101010101010101010101')
['mystery', 'trade', 'bench', 'mystery', 'trade', 'bench', 'mystery', 'trade', 'bench', 'mystery', 'trade', 'bench']
>> electrum.mnemonic.mn_encode('00000000000000000000000000000000')
['like', 'like', 'like', 'like', 'like', 'like', 'like', 'like', 'like', 'like', 'like', 'like']
>> electrum.mnemonic.mn_encode('0000010000000101000000010101000000000000')
['almost', 'almost', 'almost', 'sorry', 'sorry', 'sorry', 'just', 'just', 'just', 'test', 'yesterday', 'bowl', 'like', 'like', 'like']
>> electrum.mnemonic.mn_encode('000001000000010100000001010100000000000001000000000000000000000')
['almost', 'almost', 'almost', 'sorry', 'sorry', 'sorry', 'just', 'just', 'just', 'test', 'yesterday', 'bowl', 'like', 'like', 'like', 'white', 'metal', 'beside', 'like', 'like', 'like']
>> electrum.mnemonic.mn_encode('01000000000000000000000000000000')
['white', 'metal', 'beside', 'like', 'like', 'like', 'like', 'like', 'like', 'like', 'like', 'like']
>> electrum.mnemonic.mn_encode('010203010203010203010203010203010203010203010203')
                                ^^^^^^^^^^^^^^^^^^^^^^^^
['child', 'shock', 'admit', 'less', 'hand', 'ever', 'beaten', 'violence', 'depend', 'child', 'shock', 'admit', 'less', 'hand', 'ever', 'beaten', 'violence', 'depend']
>> 

Code:

>> electrum.mnemonic.mn_decode(['like', 'like', 'like', 'like'])
'00000000'
>> electrum.mnemonic.mn_decode(['like', 'just', 'love', 'like', 'just', 'love','like', 'just', 'love','like', 'just', 'love'])
'00285dfe00285dfe00285dfe00285dfe'
 ^^^^^^^^        ^^^^^^^^
>> electrum.mnemonic.mn_decode(['like', 'just', 'like', 'like', 'like', 'like','like', 'just', 'love','like', 'just', 'like', 'like', 'like', 'like'])
'10014565e0000000000285dfe10014565e00000000'
>> electrum.mnemonic.mn_decode(['just', 'just', 'just', 'just', 'just', 'just','just', 'just', 'just','just', 'just', 'just'])
'00000001000000010000000100000001'
>> 

[bitpop]

Yes. Actually there are 5 and we use 3-of-5 scheme.

Do you store those signing keys themselves on a Trezor?

Of course not, just the public ones.

[molecular]

Yes. Actually there are 5 and we use 3-of-5 scheme.

Do you store those signing keys themselves on a Trezor?

Of course not, just the public ones.

I think he didn't mean "on every trezor out there", but "do you use trezors to store the signing keys?".

I'm guessing they wont reveal any details about how they protect the signing keys.

[bitpop]

Yes. Actually there are 5 and we use 3-of-5 scheme.

Do you store those signing keys themselves on a Trezor?

Of course not, just the public ones.

I think he didn't mean "on every trezor out there", but "do you use trezors to store the signing keys?".

I'm guessing they wont reveal any details about how they protect the signing keys.

Oh they probably use offline computers. It's a while different algorithm that has to read the entire file. Or maybe just the hash.

[TwinWinNerD]

Some feedback: After a week of usage, I am very pleased with the trezor and it works flawlessly (well, except the 3xxxx bug). Thank you again for that great tool!

[joshbtcmint]

So in that photo a ways back..the classics you showed were black, is there any chance of getting those instead of white?

I would order two more just because.

[JarvisTechnology]

damn gonna get me one of these!!!!!  Then Ill put in a safe, lol

I would suggest using them they are awesome!

[stick]

So in that photo a ways back..the classics you showed were black, is there any chance of getting those instead of white?

There might be good news next week for you :-) *wink*

[TwinWinNerD]

So in that photo a ways back..the classics you showed were black, is there any chance of getting those instead of white?

There might be good news next week for you :-) *wink*

Please don't tell me that I need to buy another one because you now have black ones... damn

[mmeijeri]

I think he didn't mean "on every trezor out there", but "do you use trezors to store the signing keys?".

Yeah, that's what I meant.

I'm guessing they wont reveal any details about how they protect the signing keys.

It would be nice we could get some reassurance they won't get compromised.

[stick]

Do you store those signing keys themselves on a Trezor?

Of course not, just the public ones.

Right. TREZOR bootloader just contains the public keys against which the firmware signatures are checked.

It would be nice we could get some reassurance they won't get compromised.

They won't.

[blossbloss]

I expect my TREZOR to arrive some time this week! In the meantime, I have a few questions about the setup. I have read the online User Guide, but there are some details that are not clear to me:

1) At what point during the first time setup is it ok to unplug the TREZOR from the computer?  Do I have to wait for the full recovery seed recording to be completed?  Or is it safe to unplug the TREZOR, and still complete the initial setup?

2) If I want to set up a Multi-Passphrase Encryption, what are the exact sequence of actions.  The instructions are extremely vague, and I do not want to make a mistake.  (Does it only work right after the first time setup, or can I force a second setup after lots of use?  Is there a second set of recovery seeds that I need to record?)

3) Once there are more than one passphrase set up correctly, how do I access one when I plug it in?

4) Is there any detailed description or screenshots of how to use the multiple Accounts and their associated addresses?  (The user guide is sparse on details.)

Thanks

This is what I found out:

If you want to use passphrases, check the passphrases box when initializing. You can use it with no password, except the password dialog appears when you plug in, just click enter. To change from one passphrase to another, you have to issue the "forget device" function.

Just remember that the passwords are a part of the seed, so you need to safely write down both your 24 seed words and your passphrases.

Here is what I think you are saying to set up multiple passphrases:
a) check the advanced box to enable the passphrase
b) enter a passphrase and then record the 24 words. Let's call this passphrase1 and seed1
c) select the forget device function
d) enable and enter a new passphrase and record a new set of 24 words.  These are passphrase2 and seed2.
e) always forget device before leaving myTrezor so that it forces me to enter a passphrase

These details are fuzzy and I'm not sure if this is how it works.  Are there two separate sets of seeds words when you use multiple passphrases?

thanks