[ESHOP launched] Trezor: Bitcoin hardware wallet

[lemonte]

Any new information about the plastic models?

[xeroc]

concerning Wallet32

Can I export the private key of one account only and use that on wallet-32 compatible with trezor.

Just like exporting only parts of the trezor DH-tree

[stick]

concerning Wallet32

Can I export the private key of one account only and use that on wallet-32 compatible with trezor.

Just like exporting only parts of the trezor DH-tree

You can't export any private information from TREZOR.

[xeroc]

concerning Wallet32

Can I export the private key of one account only and use that on wallet-32 compatible with trezor.

Just like exporting only parts of the trezor DH-tree

You can't export any private information from TREZOR.

Oh .. damnit .. right ... thats the whole purpose of that thing .. woops :-)

[chrisrico]

Any new information about the plastic models?

Protip for Trezor guys: instead of just ignoring questions like this, a quick "sorry, no new information" breeds a lot less resentment.

[molecular]

concerning Wallet32

Can I export the private key of one account only and use that on wallet-32 compatible with trezor.

Just like exporting only parts of the trezor DH-tree

You can't export any private information from TREZOR.

well, to be correct: you can export the root private seed at one point. In fact you should... onto a piece of paper or similar.

[lemonte]

Any new information about the plastic models?

Protip for Trezor guys: instead of just ignoring questions like this, a quick "sorry, no new information" breeds a lot less resentment.

Agreed, I've noticed questions like this ignored a few times. Not a great service considering it's Trezor who've failed to deliver on time!

[stick]

Any new information about the plastic models?

Protip for Trezor guys: instead of just ignoring questions like this, a quick "sorry, no new information" breeds a lot less resentment.

Agreed, I've noticed questions like this ignored a few times. Not a great service considering it's Trezor who've failed to deliver on time!

"Sorry, no new information."

Our supplier has confirmed that they are on the right track to meet deadlines mentioned in the old announcement: http://satoshilabs.com/news/2014-05-08-trezor-metallics-shipping-classics-eta/

Let me remind all of you that this forum is not an official support channel.

We like to hangout here, because the community is great, but from time to time some urgent issue pops out and we tend to overlook this place (especially when it is impossible to track unanswered posts) and limit our action radius to emails (info@bitcointrezor.com for general information, support@bitcointrezor.com for reporting issues).

[kkurtmann]

Our supplier has confirmed that they are on the right track to meet deadlines mentioned in the old announcement: http://satoshilabs.com/news/2014-05-08-trezor-metallics-shipping-classics-eta/

thank you for this update. this is good news.

[LOBSTER]

Ordered nearly one year ago now! I just want this fuckin' Trezor Classic, it's more worse then Butterflylabs! Unbelievable!

[stereotype]

I dont even want mine anymore. 
Who wants to buy my paid order for 1x classic for 0.4btc, now? Item will be immediately sent on, as soon as received.

[xeroc]

concerning Wallet32

Can I export the private key of one account only and use that on wallet-32 compatible with trezor.

Just like exporting only parts of the trezor DH-tree

You can't export any private information from TREZOR.

well, to be correct: you can export the root private seed at one point. In fact you should... onto a piece of paper or similar.

So I could generate the root-seed for the account#1 and use the resulting priv key as new root-key?
can I strip a part of the tree by deriving the privkey of one account and feeding it to some BIP32 enabled wallet to 'share' the subkeys?

You understand my question? I'd like to use 'account#1' for daily stuff on my phone and still have phone+trezor synced!

[Carlton Banks]

concerning Wallet32

Can I export the private key of one account only and use that on wallet-32 compatible with trezor.

Just like exporting only parts of the trezor DH-tree

You can't export any private information from TREZOR.

well, to be correct: you can export the root private seed at one point. In fact you should... onto a piece of paper or similar.

So I could generate the root-seed for the account#1 and use the resulting priv key as new root-key?
can I strip a part of the tree by deriving the privkey of one account and feeding it to some BIP32 enabled wallet to 'share' the subkeys?

You understand my question? I'd like to use 'account#1' for daily stuff on my phone and still have phone+trezor synced!

All accounts determined from the seed would be available on whatever device you load that seed into. In practice, I'm not sure if that's such a great plan, not if you want differentiated protection for accounts derived from the same seed. It's not possible to give different accounts different levels of security with an HD wallet, that's baked into the design inherently.

So, the seed can be loaded into a different device, but the subkeys cannot be separated.

[stick]

So I could generate the root-seed for the account#1 and use the resulting priv key as new root-key?
can I strip a part of the tree by deriving the privkey of one account and feeding it to some BIP32 enabled wallet to 'share' the subkeys?

You understand my question? I'd like to use 'account#1' for daily stuff on my phone and still have phone+trezor synced!

It is possible to generate seed in TREZOR, load recovery words into software that supports BIP39+BIP44 on an offline computer, and let the software generate xprv key for first account. Then import this xprv key into Wallet32.

At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.

Once this process is easy we might offer this a feature for advanced users, but we don't want beginners to enter private seed anywhere, because of the security implications.

[xeroc]

It is possible to generate seed in TREZOR, load recovery words into software that supports BIP39+BIP44 on an offline computer, and let the software generate xprv key for first account. Then import this xprv key into Wallet32.

Thats what I wanted to do. I was pretty sure that I can do sth. like this. Not so sure if wallet32 already supports that though

At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.

Once this process is easy we might offer this a feature for advanced users,

+5% I want it! :-)

but we don't want beginners to enter private seed anywhere, because of the security implications.

I wouldn't count myself into that group of users :-)

[Carlton Banks]

It is possible to generate seed in TREZOR, load recovery words into software that supports BIP39+BIP44 on an offline computer, and let the software generate xprv key for first account. Then import this xprv key into Wallet32.

At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.

Once this process is easy we might offer this a feature for advanced users, but we don't want beginners to enter private seed anywhere, because of the security implications.

Ah, I didn't think that the individual accounts functioned as private keys on their own. I thought they were keychains, i.e. seeds that determine a list of public keys.

[molecular]

It is possible to generate seed in TREZOR, load recovery words into software that supports BIP39+BIP44 on an offline computer, and let the software generate xprv key for first account. Then import this xprv key into Wallet32.

At the moment it is a theoretical thing, because all these processes are not very easy to do yet and you have to trust your offline computer that does the computation.

Once this process is easy we might offer this a feature for advanced users, but we don't want beginners to enter private seed anywhere, because of the security implications.

Ah, I didn't think that the individual accounts functioned as private keys on their own. I thought they were keychains, i.e. seeds that determine a list of public keys.

Reading about extended keys might help. I think that's what stick talked about calling the "extended private key" "xprv key"?

[molecular]

I have a question (to devs or anyone else):

I read trezor uses RFC6979 deterministic ecdsa signatures to prevent leaking of seed or any other private data through the "random" number used in non-deterministic signatures. I read that here

Is there an easy way to check wether this is true by looking at a transaction signed by trezor?

[klokan]

I have a question (to devs or anyone else):

I read trezor uses RFC6979 deterministic ecdsa signatures to prevent leaking of seed or any other private data through the "random" number used in non-deterministic signatures. I read that here

Is there an easy way to check wether this is true by looking at a transaction signed by trezor?

 The answer to your question is NO. There is no simple way to chech this. There is a difficult way to test that in your particular test scenario RFC6979 is used. There is virtually no way to actually check/prove that this happens in all cases. You can prove that the code that is in trezor git repository uses this RFC, but you have to trust devs that the device is running unmodified code.
  Any wallet, hardware or software, can be malitious and can have backdoors. In the end you have to trust someone and Trezor devs can be trusted in my opinion more than some random guys that appear out of nowhere with their ultra cool android wallets.

The way you can test this RFC is used:
1. Reconstruct private keys from the trezor seed (using wallet32 or some other software).
2. Sign any transaction using Trezor.
3. Do a lot of math or coding to check that the signature was made using deterministic k.

Or just trust what the readme says...

[klokan]

  The answer to your question is NO. There is no simple way to chech this. There is a difficult way to test that in your particular test scenario RFC6979 is used.

One more comment: If I understand this correctly, the Trezor use case for signing transaction never reuses adresses. If k=1 was used all the time, only the private keys of the dead address will be revealed. There is still no known way to steal your BTC in this scenario. So the RFC6979 is good to have, but you are safe even without it.

Please correct me if I'm wrong.