[ESHOP launched] Trezor: Bitcoin hardware wallet

[hazek]

By the way, I was talking to Chris (of BitSafe) at the conference and he brought up a good point we haven't considered before.

The combination of TREZOR/BitSafe and the payment protocol means you can get money out of the device safely, assuming the entity you're paying is signing their payment requests. But how do you get money into it? If your computer is compromised, this is hard.

Not really? Why would it be hard? The same way the device asks you to authorize a transaction it should be able to ask you to authorize a signature for a certain address. And if you are signing for a public key that a virus put there instead of the real public key, the hardware wallet signature wont be valid with that public key.

The virus could send his own signature to the exchange. You would confirm something on Trezor but its signature would never even reach the exchange.

Without getting the correct signature the exchange would not send to that public key.

[VeeMiner]

Stop trying to get customers and merchants hacked.

What he's saying is that the device could be attacked - obviously not by design, it's designed to not allow the private key to be read by issuing commands to the Trezor. But depending on the chip they've chosen, physical possession of the Trezor by an attacker would allow him to run other types of attacks (power analysis, etc.) to extract the private keys from the memory.

I don't really expect any merchant to allow you to just randomly walk in and plug a device (_any_ device) into an USB port on their computer. Especially one that implements the HID protocol (presents itself as a keyboard). See http://hakshop.myshopify.com/products/usb-rubber-ducky for an example of what I mean.

As far as I understand, the Trezor is meant to keep your private keys secure in case your computer is infected with malware. It's not something you would use at a merchant.

you could use it at a merchant with no worries

I don't want anyone to get hacked, all I'm saying is that trezor is safe to plug in to whichever computer (even full of malware and keyloggers) and send your bitcoins to whomever you want from it. If you understood the concept of Trezor then you would agree with me.

The thing is that you are only signing the transaction with your trezor and the only way that it can be done is by pressing the hardware button. So you are spreading fud by saying Trezor is not safe. Read and research more on this topic before making more claims please.

[firefop]

Just watching and waiting...

[caveden]

Not really? Why would it be hard? The same way the device asks you to authorize a transaction it should be able to ask you to authorize a signature for a certain address. And if you are signing for a public key that a virus put there instead of the real public key, the hardware wallet signature wont be valid with that public key.

The virus could send his own signature to the exchange. You would confirm something on Trezor but its signature would never even reach the exchange.

Without getting the correct signature the exchange would not send to that public key.

But what would be a correct signature? How would the exchange know that the address really belongs to you? The signature could be provided by the virus, using the attacker's private key.

[hazek]

Not really? Why would it be hard? The same way the device asks you to authorize a transaction it should be able to ask you to authorize a signature for a certain address. And if you are signing for a public key that a virus put there instead of the real public key, the hardware wallet signature wont be valid with that public key.

The virus could send his own signature to the exchange. You would confirm something on Trezor but its signature would never even reach the exchange.

Without getting the correct signature the exchange would not send to that public key.

But what would be a correct signature? How would the exchange know that the address really belongs to you? The signature could be provided by the virus, using the attacker's private key.

Steps:
1: tell exchange your public key which then gets locked in
2: exchanges shows you which public key you submitted and to submit a message signed with the corresponding private key
2a: if you see some other address you abort
2b: if you see the correct address proceed to signing the message
3: send the signed message to exchange + 2FA time based PIN to authorize the withdrawal (hell, the message could be the PIN)
4: exchange sends bitcoins to the public key

What this does?
It prevents a virus from replacing the address you submit to an exchange as a destination for a withdrawal with an attackers address

What this doesn't do?
Helps you in anyway if an attacker has access to your account, obviously.

[neoranga]

I have a doubt about the construction of the operation and confirming the information on the Trezor.
The images and videos I saw so far show that Trezor displays the address you send money to and the amount you send, but there are several things in that transaction that a malicious client (modified by an attacker) can modify and I need to review in the Trezor in order to accept the transaction.

My doubt is, how do I know when signing on the Trezor that the fee is not incredibly high or the change address is not mine (attacker redirecting the founds to another address)?

[jackjack]

I have a doubt about the construction of the operation and confirming the information on the Trezor.
The images and videos I saw so far show that Trezor displays the address you send money to and the amount you send, but there are several things in that transaction that a malicious client (modified by an attacker) can modify and I need to review in the Trezor in order to accept the transaction.

My doubt is, how do I know when signing on the Trezor that the fee is not incredibly high or the change address is not mine (attacker redirecting the founds to another address)?

I think, and hope that Trezor would display all inputs and all outputs

[Mike Hearn]

Steps:
1: tell exchange your public key which then gets locked in

Remember that the threat model here is a compromised computer. So how do you tell the exchange your public key? Through their website? Not going to work. Phone them up and read it out over the phone? Could work, but hardly user friendly.

The simplest way is to just order the hardware from the exchange company itself. This is good for everyone - the exchange gets a new way to make a bit of money, TREZOR gets free advertising and a new source of orders, users are made aware of the availability of the security hardware and have a one-click purchasing option that automatically sets up their exchange account with the correct public key.

Hence - reverse payment protocol, which is what Chris suggested.

Neoranga, the device shows you the fee, I believe. There's some stuff in the protocol so it can calculate that. The device won't sign the transaction if the change address doesn't belong to itself.

The real risk is of course that the address you see in your web browser and on the device are identical, but not actually owned by the person/company you think you're paying (they were both substituted by a virus). That's what the payment protocol is for.

[chrisrico]

Maybe because the Trezor protocol requires the computer to be able to build transactions and thus know the contents of your wallet, including your root public key and so your balance + past/future transactions ?

Come on stick. You know as well as I do that Trezor does not mean "you don't have to trust the computer". It means "the computer cannot steal your money". That is NOT the same thing. The computer still gets to have a lot of private, sensitive financial data that I wouldn't want random coffee shop baristas to have.

I hadn't considered this aspect of using the Trezor in such a way. I agree that it makes this use case pretty unlikely to occur. Though people happily hand their credit cards over to total strangers, giving them all the information they would need to empty their checking accounts...

In order to get the full benefits of the (normal) payment protocol, does the Trezor itself need to understand it, or can the host computer (even possibly infected) do so an reliably pass the payment information to the Trezor? I'm thinking it wouldn't be useful to the Trezor since it can't independently grab and verify the X509 certificate. Is that correct?

[caveden]

Steps:
1: tell exchange your public key which then gets locked in
2: exchanges shows you which public key you submitted and to submit a message signed with the corresponding private key
2a: if you see some other address you abort
2b: if you see the correct address proceed to signing the message

The virus can just put itself in the middle of the communication. It sends the attacker's key to the exchange, but display your own to you.

If the exchange uses a second channel (like SMS) to confirm the public key, then perhaps it might work safely enough, as we can consider it unlikely for the attacker to control both channels.

What this doesn't do?
Helps you in anyway if an attacker has access to your account, obviously.

We're always assuming the user's system is under control of an attacker, so yeah, the attacker is in control of your account in the exchange as well.

[hazek]

Steps:
1: tell exchange your public key which then gets locked in

Remember that the threat model here is a compromised computer. So how do you tell the exchange your public key? Through their website? Not going to work. Phone them up and read it out over the phone? Could work, but hardly user friendly.

The simplest way is to just order the hardware from the exchange company itself. This is good for everyone - the exchange gets a new way to make a bit of money, TREZOR gets free advertising and a new source of orders, users are made aware of the availability of the security hardware and have a one-click purchasing option that automatically sets up their exchange account with the correct public key.

Well you go ahead and offer your solution, I don't accept it because I do not want you or anyone else to know my private key.

[hazek]

Steps:
1: tell exchange your public key which then gets locked in
2: exchanges shows you which public key you submitted and to submit a message signed with the corresponding private key
2a: if you see some other address you abort
2b: if you see the correct address proceed to signing the message

The virus can just put itself in the middle of the communication. It sends the attacker's key to the exchange, but display your own to you.

If the exchange uses a second channel (like SMS) to confirm the public key, then perhaps it might work safely enough, as we can consider it unlikely for the attacker to control both channels.

What this doesn't do?
Helps you in anyway if an attacker has access to your account, obviously.

We're always assuming the user's system is under control of an attacker, so yeah, the attacker is in control of your account in the exchange as well.

But then this is a non issue since he can already withdraw to any address he wishes. I mean if that's the case I don't even understand what threat we are talking about anymore. In case you didn't notice, I work for an exchange and we don't have problems with people getting their Bitcoin addresses swapped right under their noses, we do have a problem when occasionally users get their account access information compromised and an attacker logs into their account robbing them, something 2FA and now email confirmation deal with very effectively.


Anyway.. I would never ever buy and use a hardware wallet for which the seed wasn't generated by me. Period.

[nimda]

I have a doubt about the construction of the operation and confirming the information on the Trezor.
The images and videos I saw so far show that Trezor displays the address you send money to and the amount you send, but there are several things in that transaction that a malicious client (modified by an attacker) can modify and I need to review in the Trezor in order to accept the transaction.

My doubt is, how do I know when signing on the Trezor that the fee is not incredibly high or the change address is not mine (attacker redirecting the founds to another address)?

I think, and hope that Trezor would display all inputs and all outputs

I'd hope for Trezor to spit out the signed raw transaction, without the computer automatically publishing it, so you can decoderawtransaction just to make sure. Of course the software would display it in a very user-friendly way, so the grandmas wouldn't have to actually use the debug console / bitcoind.

[Mike Hearn]

In order to get the full benefits of the (normal) payment protocol, does the Trezor itself need to understand it, or can the host computer (even possibly infected) do so an reliably pass the payment information to the Trezor? I'm thinking it wouldn't be useful to the Trezor since it can't independently grab and verify the X509 certificate. Is that correct?

The payment protocol was designed with Trezor in mind - it embeds the X.509 chain into the payment request itself. The host device streams the entire request to the device which can then verify all the signatures itself.

But then this is a non issue since he can already withdraw to any address he wishes. I mean if that's the case I don't even understand what threat we are talking about anymore. In case you didn't notice, I work for an exchange and we don't have problems with people getting their Bitcoin addresses swapped right under their noses, we do have a problem when occasionally users get their account access information compromised and an attacker logs into their account robbing them, something 2FA and now email confirmation deal with very effectively.

Obviously in a world in which exchanges sell Trezor's, you would not be able to withdraw to any address you want. It'd have to be a Trezor address.

You can still generate your own private key. All that is required is that the Trezor has its own certificate signed by the manufacturer, and that this cert chain was snapshotted by the exchange prior to shipping. You can generate or provide your own seed after receiving it, no problem. When the Trezor takes part in the reverse payment protocol it simply provides its certificate chain proving that it contains the private key for the address in question.

I'm sure that currently you don't have such problems. Currently we don't seem to have problems with local encrypted wallets getting stolen either, even though we've known since the feature was first shipped that all it does is raise the bar. But we will have these problems sooner or later. As the amount of money in the Bitcoin community gets higher and higher, even 2-factor authentication as practiced today won't be sufficient. We know this without a doubt because banks already experience such attacks on a routine basis.

Trezor and the payment protocol are long term, high-difficulty projects that the community is putting in place because we know what's coming.

[caveden]

Anyway.. I would never ever buy and use a hardware wallet for which the seed wasn't generated by me. Period.

You're confusing bitcoin keys with the certificate and key used for the address verification protocol. They are not the same. You'd still generate the bitcoin seed yourself.

[Delver]

I'm confused as to why the PIN code is entered into the wallet application, rather than the device itself - surely that increases the risk of a successful physical theft. Assuming the PIN code is not changed on a regular basis, using the device on an infected workstation would essentially render the PIN code useless if attacked through a combination of both digital and physical means. On the other hand, if the code was to be entered on the Trezor itself, such a scenario is not possible unless the PIN code is provided by the owner under duress.

[farlack]

What happens if you lose it?

[bitpop]

You make a new one with the seed you wrote down.

What happens if you lose it?

[neoranga]

I'm confused as to why the PIN code is entered into the wallet application, rather than the device itself - surely that increases the risk of a successful physical theft. Assuming the PIN code is not changed on a regular basis, using the device on an infected workstation would essentially render the PIN code useless if attacked through a combination of both digital and physical means. On the other hand, if the code was to be entered on the Trezor itself, such a scenario is not possible unless the PIN code is provided by the owner under duress.

I recommend watching this speech from Bitcoin 2013 conference https://www.youtube.com/watch?v=3t18a-wXBnw
The guy explains the Trezor and shows how the PIN code works and why it's there.

[Delver]

I recommend watching this speech from Bitcoin 2013 conference https://www.youtube.com/watch?v=3t18a-wXBnw
The guy explains the Trezor and shows how the PIN code works and why it's there.

Unfortunately the speech does nothing to alleviate my concerns. In fact, it is what triggered them in the first place. Antonin merely demonstrates that the PIN code is entered on the computer, claiming it is a safety measure in case the device gets stolen. The scenario I mentioned is not discussed in the presentation.

/.../ and PIN is another protection for case when you lose this device or it's stolen. This gives you some time to reconstruct this wallet in some software and send money out of this wallet into some safe place and do it more quickly than someone who found this device and tried all PIN combinations.

That does not explain why the PIN code is not entered on the Trezor itself, as suggested in my original post.