amesterdamer
Sr. Member
 Offline
Activity: 334
Merit: 251
Designer and CryptoCurrency Enthusiast.
|
 |
April 07, 2016, 08:06:00 AM |
|
Is it possible to integrate an altcoin (VeriCoin) to trezor?
|
|
|
|
|
|
cor
|
|
April 07, 2016, 09:29:09 AM |
|
Is it possible to integrate an altcoin (VeriCoin) to trezor?
Trezor itself (the firmware) already supports several altcoins and adding another is one line of code, providing that altcoin is derived from bitcoin. I must stress though, that our dev team is reluctant to add just about any coin unless that coin is really supported / used by the community. myTrezor.com is designed as a lightweight web interface to Trezor only supporting Bitcoin. To use Trezor with an altcoin - the altcoin wallet has to implement Trezor support + have a functional blockchain explorer. Implementing Trezor into web/mobile wallets and bitcoin services is fairly easy with the TREZOR Connect API |
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3080
|
|
April 07, 2016, 11:19:24 AM |
|
I must stress though, that our dev team is reluctant to add just about any coin unless that coin is really supported / used by the community.
Surely embracing the open source nature of your product would be another way to handle altcoin implementation? Then Satoshi Labs just need to review the code, which still takes time, but still less time than writing/testing the code too (not that I'm interested in using altcoins with the Trezor myself) |
Vires in numeris
|
|
|
vapourminer
Legendary
Offline
Activity: 4550
Merit: 4174
what is this "brake pedal" you speak of?
|
|
April 07, 2016, 11:48:08 PM |
|
id kinda like to see the trenzor stay more focused on btc.
more code = more opportunities for bugs. sure open source vetted and such but i like devices that handle money to be simple, somewhat specialized to their purpose (as opposed to general propose do it all) and reliable.
|
|
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3080
|
|
April 08, 2016, 07:36:57 AM |
|
id kinda like to see the trenzor stay more focused on btc.
more code = more opportunities for bugs. sure open source vetted and such but i like devices that handle money to be simple, somewhat specialized to their purpose (as opposed to general propose do it all) and reliable.
Kind of agree on balance, although remember what cor said: any alt that's close enough in design to Bitcoin itself (i.e. forked codebases of the Satoshi original) requires very simple changes to the code (no logic changes, just extra declarations) |
Vires in numeris
|
|
|
klondike_bar
Legendary
Offline
Activity: 2128
Merit: 1005
ASIC Wannabe
|
|
April 08, 2016, 06:31:00 PM |
|
my trezor is still using firmware from about a year ago and working just fine.
is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?
|
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3080
|
|
April 09, 2016, 09:50:27 AM
Last edit: April 09, 2016, 02:09:12 PM by Carlton Banks |
|
is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?
It depends on what the changes in the firmware are. If anything in the changelog is related to security issues, especially something described as "urgent" or "severe", update update update. Anything about adding a new altcoin, or fixing a bug you've never experienced, you will be OK. I guess you're living proof that missing security updates isn't guaranteed to compromise your device. But to me, hardware wallets are about ultimate protection of BTC accounts, knowing that attackers are now aware of flaws in the firmware I'm running would cause me concern. My recommendation for securely updating the firmware: use an offline PC for the update. - Download firmware from as secure machine as possible
- Burn the firmware to CD-ROM (yes, CD-ROM)
- Take a hash of the files burnt onto the CD-ROM (or take an image file of the whole CD and do the same)
- Ensure that CD/USB autoplay etc is disabled on OFF-line machine
- Take a hash of the files/CD image on the OFF-line machine
- Compare to the hash you took using the ON-line machine (the file/s you supply to the hash command must be the same comparison)
- If the hashes match, proceed with the firmware flashing on the offline machine using your newly hash-checked update file/s.
- If the hashes do not match, find a new online machine and try again
I would take similar levels of precaution when installing the OS to the offline machine in the first place, otherwise you might end up with a trojaned/backdoored OS on the offline machine, and the the whole rigmarole may be a total waste of time (particularly if you did compromise your funds somehow due to the oversight) |
Vires in numeris
|
|
|
sana98212
Newbie
Offline
Activity: 31
Merit: 0
|
|
April 09, 2016, 12:02:00 PM |
|
my trezor is still using firmware from about a year ago and working just fine.
is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?
You could be fine except for the problem you may get if you want to use it with a new coin only coming in the last updates. My trezor had 2 year old firmware. |
|
|
|
|
cypherdoc
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
April 09, 2016, 03:35:26 PM |
|
is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?
It depends on what the changes in the firmware are. If anything in the changelog is related to security issues, especially something described as "urgent" or "severe", update update update. Anything about adding a new altcoin, or fixing a bug you've never experienced, you will be OK. I guess you're living proof that missing security updates isn't guaranteed to compromise your device. But to me, hardware wallets are about ultimate protection of BTC accounts, knowing that attackers are now aware of flaws in the firmware I'm running would cause me concern. My recommendation for securely updating the firmware: use an offline PC for the update. - Download firmware from as secure machine as possible
- Burn the firmware to CD-ROM (yes, CD-ROM)
- Take a hash of the files burnt onto the CD-ROM (or take an image file of the whole CD and do the same)
- Ensure that CD/USB autoplay etc is disabled on OFF-line machine
- Take a hash of the files/CD image on the OFF-line machine
- Compare to the hash you took using the ON-line machine (the file/s you supply to the hash command must be the same comparison)
- If the hashes match, proceed with the firmware flashing on the offline machine using your newly hash-checked update file/s.
- If the hashes do not match, find a new online machine and try again
I would take similar levels of precaution when installing the OS to the offline machine in the first place, otherwise you might end up with a trojaned/backdoored OS on the offline machine, and the the whole rigmarole may be a total waste of time (particularly if you did compromise your funds somehow due to the oversight) Carlton, out of curiosity. which platform do you view as more secure today; Armory or Trezor? |
|
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3080
|
|
April 09, 2016, 10:01:52 PM |
|
FWIW, If you want to look at it purely technically, features like deterministic signing and offline private keys are roughly equal between them (although heavily user dependent with Armory), but I've gotta say I'm a little bit more comfortable with Armory, but maybe that's because I've been using Armory so much longer and so it's more of a feeling than a critical evaluation. I simply like having a short hash comparison for the online and offline portions of signing/broadcasting transactions, and possibly the (maybe false sense of security) that scrutinising each and every step through composing, signing and broadcasting each tx. Saying that though, the Trezor is a little more convenient in about 10 different ways, lol. I guess I'll be happiest when goatpig gets Trezor support into Armory  (which is possibly not so long in the making, I'll probably be helping to test it) |
Vires in numeris
|
|
|
BitcoinNewsMagazine
Legendary
Offline
Activity: 1806
Merit: 1164
|
|
April 09, 2016, 11:47:45 PM |
|
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo! |
|
|
|
cypherdoc
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
April 10, 2016, 01:36:10 AM |
|
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo! that's interesting. any experience with Bitcore? is it just another implementation of Bitcoin Core as a full node? |
|
|
|
|
BitcoinNewsMagazine
Legendary
Offline
Activity: 1806
Merit: 1164
|
|
April 10, 2016, 03:05:19 AM |
|
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo! that's interesting. any experience with Bitcore? is it just another implementation of Bitcoin Core as a full node? No experience yet but will be setting up on linux soon. See https://bitcore.io/ both 64 bit Mac OS X and GNU/Linux are currently supported. I assume you will have to run the daemon and the wallet service then point myTrezor.com to the wallet service as the backend instead of Bits of Proof. Uncharted waters here for me sounds like fun. |
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3080
|
|
April 10, 2016, 09:27:08 AM |
|
I assume you will have to run the daemon and the wallet service then point myTrezor.com to the wallet service as the backend instead of Bits of Proof. Uncharted waters here for me sounds like fun.
That's where the proposition loses me (using a web browser), not to mention that I have a feeling that Bitcore might be a somewhat of a can of worms..... I wouldn't really trust Bitpay (who develop Bitcore) to compile their own binaries, so I would have to do that for myself. And what if their tagged source won't compile? Contact Bitpay for help? There goes some of your anonymity straight away. Don't like it. |
Vires in numeris
|
|
|
defcon23
Legendary
Offline
Activity: 1120
Merit: 1002
|
|
April 10, 2016, 10:15:57 AM |
|
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo! that's interesting. any experience with Bitcore? is it just another implementation of Bitcoin Core as a full node? sorry but isnt be a bit "off topic" ? whe are in Trezor Bitcoin hardware wallet thread ( no offense here , just to put a reminder..  Thanx. |
|
|
|
|
marcus_of_augustus
Legendary
Offline
Activity: 3920
Merit: 2349
Eadem mutata resurgo
|
|
April 11, 2016, 01:33:00 AM |
|
is there any REAL reason to update the firmware, or is it recommended to leave it be and avoid the risks and complications of backing-up/offloading the coins, formatting, then moving everything back on again?
... another thing to note here is that the 'backing up' of trezor is no more than writing down the seed phrase. I like to think of trezor as more of an empty vessel that generates keys on demand rather than a key container. You can have multiple wallets with different seed phrases and, depending on the purpose at the time, wipe the trezor and load up the seed phrase you currently need. If you get used to regularly wiping the trezor and loading new seeds on securely it makes the trezor more versatile in what it can accomplish. |
|
|
|
BitcoinNewsMagazine
Legendary
Offline
Activity: 1806
Merit: 1164
|
|
April 11, 2016, 01:59:03 AM |
|
I used Armory for years, liked it but tired of using two computers for cold storage and changed to Trezor and have not looked back. Armory has been promising Trezor support but it never comes. I doubt it is a priority now. I am aware of the privacy advantages of running your own full node and Trezor owners will have that option soon according to this post on reddit. Mytrezor release with Bitpay Bitcore support is coming soon. If you do not want to run a Bitcore node on your own Linux box you will have the option in myTrezor.com to connect to other public Bitcore servers. Woohoo! that's interesting. any experience with Bitcore? is it just another implementation of Bitcoin Core as a full node? sorry but isnt be a bit "off topic" ? whe are in Trezor Bitcoin hardware wallet thread ( no offense here , just to put a reminder.. Thanx. Pardon? The ability to use Trezor and myTrezor.com with a backend other than Bits of Proof is on topic and a welcome advance. Just not here yet, slush mentioned 25 days ago would be implemented into myTrezor.com soon. |
|
|
|
|
|
|
Bridgewater
|
|
April 18, 2016, 10:46:39 PM |
|
I only setup ONE wallet with the Trezor after initializing it. Why are there two Master Public Keys?
In Electrum, it says I have "Account 1" and "Main Account."
I want to perform offline signing with the Trezor on an airgapped computer, with a watch-only Electrum for broadcasting, and would like to know which master public key to import for the watch-only side and why.
Thanks in advance.
|
|
|
|
|
BitcoinNewsMagazine
Legendary
Offline
Activity: 1806
Merit: 1164
|
|
April 18, 2016, 11:32:03 PM |
|
I only setup ONE wallet with the Trezor after initializing it. Why are there two Master Public Keys?
In Electrum, it says I have "Account 1" and "Main Account."
I want to perform offline signing with the Trezor on an airgapped computer, with a watch-only Electrum for broadcasting, and would like to know which master public key to import for the watch-only side and why.
Thanks in advance.
Interesting idea but you are trying to use Trezor with Electrum in a way contrary to instructions in the user manual. A developer would have to chime in here. |
|
|
|
|
