molecular
Donator
Legendary
 Offline
Activity: 2772
Merit: 1019
|
 |
October 02, 2014, 05:09:23 AM |
|
Wow.. Gratz mr Palatinus... im proud of your acheivement.. first one to create a pool.. and first really reliable and commercialized hardware wallet... Thank you very much for all those years of hardwork and for keeping the good work until the end and further more  you're my best.. Have a nice life Slush +1. I also thank stick, cor and the others (I don't know them) who worked (and continue to work) hard on the trezor project. |
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
|
chrisrico
|
|
October 02, 2014, 06:19:48 AM |
|
Can the Trezor use all inputs for outgoing transactions? I think there (myTREZOR.com) is minimum for transaction inputs.
It's not worth using them. It creates a bigger transaction and you'll end up paying more in the end (because the transaction fee will be higher). Also, the Trezor isn't exactly a powerhouse. I signed a couple transactions with tens of mining reward inputs. One time it took over ten minutes to complete. |
|
|
|
|
|
Perlover
|
|
October 02, 2014, 02:01:31 PM |
|
Can the Trezor use all inputs for outgoing transactions? I think there (myTREZOR.com) is minimum for transaction inputs.
It's not worth using them. It creates a bigger transaction and you'll end up paying more in the end (because the transaction fee will be higher). Fine And how can i empty my account in the Trezor after this?  For example i have in account 10.00000002 BTC, from these 10 BTC are my coins and 0.00000002 BTC are spam coins So should i remember all time about spammers if i want to empty account but after this i have 0.00000002 BTC? Now i have 0.00000003 BTC! All money are moved by one transaction and i do not care, i will pay 0.0001 BTC or 0.0002 BTC (i am about sum for example >=10 BTC). In many cases if the Trezor will use these spam transactions the size of transaction will be multiple of the 1 Kb with/without these spam inputs... P.S. There would be nice feature - "Use all coins for send" in account of the Trezor. Now i should guess the amount for these. But it's not important as to use so small coins for transaction. |
|
|
|
|
gothsurf
Newbie
Offline
Activity: 2
Merit: 0
|
|
October 02, 2014, 05:16:09 PM
Last edit: October 02, 2014, 06:07:14 PM by gothsurf |
|
|
|
|
|
|
instagibbs
Member
Offline
Activity: 114
Merit: 12
|
|
October 02, 2014, 07:04:19 PM |
|
|
|
|
|
|
|
cryptworld
|
|
October 03, 2014, 02:54:58 AM |
|
I read it on reddit and would like to know an answer too |
|
|
|
|
keithers
Legendary
Offline
Activity: 1456
Merit: 1001
This is the land of wolves now & you're not a wolf
|
|
October 03, 2014, 03:29:28 AM |
|
I read it on reddit and would like to know an answer too I'd like to hear a few takes on this as well even though I am not too sure what a bootloader even is....is this raising security concerns? |
|
|
|
|
binford
Newbie
Offline
Activity: 52
Merit: 0
|
|
October 03, 2014, 07:08:05 AM |
|
I think bootloader is the first program that starts when trezor is powered up.
the program responsible for checking firmware signatures and low level calls.
It might be a bad idea to open source it since this is the place where the manufacturer's keys are stored and i have a quite strong opinion about keeping it closed source.
|
|
|
|
|
|
stick
|
|
October 03, 2014, 09:17:02 AM |
|
Keys stored in the bootloader are public as asymmetric cryptography is used there. There is no security reason why bootloader should stay closed, but we were quite hesitant to open it because that's the last piece of mosaic that our competition is missing from making a perfect TREZOR clone.
|
|
|
|
|
klokan
|
|
October 03, 2014, 09:39:19 AM |
|
Keys stored in the bootloader are public as asymmetric cryptography is used there. There is no security reason why bootloader should stay closed, but we were quite hesitant to open it because that's the last piece of mosaic that our competition is missing from making a perfect TREZOR clone.
Either the bootloader binary can be retrieved using custom firmware or it can't. In the first case, it's simple for competition to get all they need. In the latter case, the bootloader cannot be verified. In the first case it makes no sense to hide the code, in the second case it won't help much to release it. Can you please clarify if it can be read? |
|
|
|
|
binford
Newbie
Offline
Activity: 52
Merit: 0
|
|
October 03, 2014, 10:32:54 AM |
|
Keys stored in the bootloader are public as asymmetric cryptography is used there.
what was I thinking ... There is no security reason why bootloader should stay closed, but we were quite hesitant to open it because that's the last piece of mosaic that our competition is missing from making a perfect TREZOR clone.
protecting IP, makes also sense. genuine fakes generic trezor arriving in 5, 4, 3, ... |
|
|
|
|
someone42
Member
Offline
Activity: 78
Merit: 11
Chris Chua
|
|
October 03, 2014, 11:01:30 AM |
|
Keys stored in the bootloader are public as asymmetric cryptography is used there. There is no security reason why bootloader should stay closed, but we were quite hesitant to open it because that's the last piece of mosaic that our competition is missing from making a perfect TREZOR clone.
Anyone who wants to clone your code can just upload (unsigned) firmware that dumps the bootloader. The STM32F2xx's level 2 code protection does not prevent flash from being read by code that is running within the microcontroller. No, this won't get you the source, but if you're going to be making a 1:1 copy, you don't need source. |
|
|
|
|
binford
Newbie
Offline
Activity: 52
Merit: 0
|
|
October 03, 2014, 11:39:04 AM |
|
... if you're going to be making a 1:1 copy, you don't need source.
but a verbatim bootloader copy would only work with original satoshilabz firmware and complain about any other (unsigned) release ... but if the copy-cat would be only after income from sales of generic trezor device without intention of providing own firmware, then this could be no issue since it should be compatible. i had to write it down to think about it, sorry for the spam |
|
|
|
|
|
stick
|
|
October 03, 2014, 12:00:36 PM |
|
Can you please clarify if it can be read?
Yes, it can be read. |
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
|
|
October 03, 2014, 01:03:38 PM |
|
Can you please clarify if it can be read?
Yes, it can be read. So it can be read, disassembled, and the public key replaced. |
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated! |
|
|
slush (OP)
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
October 03, 2014, 01:30:39 PM |
|
Wow.. Gratz mr Palatinus... im proud of your acheivement.. first one to create a pool.. and first really reliable and commercialized hardware wallet... Thank you very much for all those years of hardwork and for keeping the good work until the end and further more you're my best.. Thanks Dominique! :-) I remember our very first tx in 11/2010 and it was fun ;-). |
|
|
|
instagibbs
Member
Offline
Activity: 114
Merit: 12
|
|
October 03, 2014, 06:49:53 PM |
|
Can you please clarify if it can be read?
Yes, it can be read. So it can be read, disassembled, and the public key replaced. I don't think you can *change* what's there easily, but you could just clone a Trezor, adding in a backdoor. But that's always the case without some sort of self-attestation system. AFAIK |
|
|
|
|
|
btchip
|
|
October 03, 2014, 11:03:27 PM |
|
for what it's worth as an independant audit, the bootloader functionally does what it's supposed to do and doesn't contain a backdoor. (+ proof of RE) |
|
|
|
|
GreatBug
|
|
October 04, 2014, 03:20:48 AM |
|
for what it's worth as an independant audit, the bootloader functionally does what it's supposed to do and doesn't contain a backdoor. (+ proof of RE) Who performed this audit? What exactly was audited? Where are the results? How is that code proof of RE (I assume you mean 'reverse engineering')? It appears to only check the signatures. |
|
|
|
|
|
chrisrico
|
|
October 04, 2014, 06:09:17 AM |
|
for what it's worth as an independant audit, the bootloader functionally does what it's supposed to do and doesn't contain a backdoor. (+ proof of RE) The bootloader is written in Python? I'm a bit surprised about that. |
|
|
|
|
|
