Bitcoin Forum
November 10, 2024, 09:50:15 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Trezor and Nano Ledger private key security.  (Read 282 times)
dimasinteger (OP)
Newbie
*
Offline Offline

Activity: 20
Merit: 1


View Profile
March 23, 2018, 01:57:08 PM
 #1

Hi Folks,

So, we all know that hardware wallets are the safest way to store your crypto-currencies.


I was just thinking how it actually works in terms of storing my private key. when I send a transaction using my trezor, it communicates with the trezor web-interface which means it has to share my private key with it over the internet? or how does it actually work?

i.e with BitcoinCore, blocks are downloaded and the private key is never shared online to access the coins, all happen offline I assume? because the copy of the blockchain is simply downloaded.

However, with trezor, is it the same thing?

 Thanks
MadGamer
Legendary
*
Offline Offline

Activity: 1568
Merit: 1031


View Profile
March 23, 2018, 02:12:56 PM
 #2

The interface is just a way to interact with your hardware wallet. The device does the signing, so the private keys never leave it.
YuginKadoya
Legendary
*
Offline Offline

Activity: 3038
Merit: 1169



View Profile
March 23, 2018, 02:24:49 PM
 #3

I really think the private keys are the ones that you will download and store in you PC, or anything that you can store it with like USB, Cellphone, or even mail it to your self but as you can see it can be hack if you would put it online, And I really think moreover your private key there are 12 given phrase that would will memorize or put it on a notepad, this will let you access your wallet if you might lost your private key but again there is some wallets like that so I think it will be available to your trezor, nano, or cold store device.
dimasinteger (OP)
Newbie
*
Offline Offline

Activity: 20
Merit: 1


View Profile
March 23, 2018, 04:44:45 PM
 #4

I really think the private keys are the ones that you will download and store in you PC, or anything that you can store it with like USB, Cellphone, or even mail it to your self but as you can see it can be hack if you would put it online, And I really think moreover your private key there are 12 given phrase that would will memorize or put it on a notepad, this will let you access your wallet if you might lost your private key but again there is some wallets like that so I think it will be available to your trezor, nano, or cold store device.

Thanks for your reply, I do possess Trezor + Ledger and I have 85% of my crypto on there.
dimasinteger (OP)
Newbie
*
Offline Offline

Activity: 20
Merit: 1


View Profile
March 23, 2018, 04:58:50 PM
 #5

The interface is just a way to interact with your hardware wallet. The device does the signing, so the private keys never leave it.

Thanks for the reply, Your answer makes sense, I know a brief how bitcoin works, so I can understand the signing which is pretty useful in this case.

So, when I am in my trezor interface and I click send, Trezer asks me to confirm and that is the signing bit? correct?

so even if hackers breached into a PC they would not be able to get the private key because it is simply offline even while my Trezor is connected via USB.



DdmrDdmr
Legendary
*
Offline Offline

Activity: 2492
Merit: 11049


There are lies, damned lies and statistics. MTwain


View Profile WWW
March 23, 2018, 05:41:38 PM
 #6

Just yesterday, I read an article on how a 15 year old kid called Saleem Rashid from the UK discovered recently a vulnerability on Ledger Nano S which enabled a system for someone to gain access to your private keys. Not easily, and there is no known malignant known real life case, but the door to manipulation is there.

Ledger Nano S contains within a chip with a secure processor, and another chip with an unsecure microcontroller that commands USB communications, the devices graphical interface, etc. The vulnerable point is precisely the communications that are performed between both chips, being the microcontroller vulnerable to the execution of malicious code.

Nevertheless, the above vulnerability cannot be exploited remotely and requires physical access to your Ledger Nano S. I own one, so no panic from me.

It is notwithstanding very recommendable that we update the firmware to version 1.4.1 to avoid the above vulnerability. A bonus feature is that the firmware update not allows for more crypto apps to be installed simultaneously on the Ledger Nanos S (up to 18 in the best case scenario, but 10 to 12 is the expected average amount).
mk4
Legendary
*
Offline Offline

Activity: 2926
Merit: 3881


📟 t3rminal.xyz


View Profile WWW
March 23, 2018, 05:47:45 PM
 #7

The interface is just a way to interact with your hardware wallet. The device does the signing, so the private keys never leave it.
so even if hackers breached into a PC they would not be able to get the private key because it is simply offline even while my Trezor is connected via USB.

Yes. I'm pretty sure you can safely send a transaction using your Trezor or LedgerNanoS on an malware-infested computer, just make sure that the BTC is actually being sent to the correct address. There are viruses that detects when you copy an address, and when you paste it, it pastes the hacker's wallet address instead. Just take note of that.

» t3rminal.xyz «
Telegram Alert Bots for Traders
rsrb
Newbie
*
Offline Offline

Activity: 350
Merit: 0


View Profile
March 25, 2018, 11:32:04 AM
 #8

14. It is quite sure that anyone can complete a safe transaction by using Trezor or LedgerNanoS. But before that ensuring the correct address it must as viruses can easily identify copied address and drag the currency in the hacker’s wallet instead of the desired address.
squatter
Legendary
*
Offline Offline

Activity: 1666
Merit: 1196


STOP SNITCHIN'


View Profile
March 25, 2018, 12:05:30 PM
 #9

Hi Folks,

So, we all know that hardware wallets are the safest way to store your crypto-currencies.

Says who?

They're less safe with regard to physical access, compared to general-use PCs or storage media. And those Trezor and Ledger logos announce what they are outright to a potential adversary. Beyond that, there were some recent disclosures about vulnerabilities in Ledger's security model. Supposedly, the potential attacks include supply-chain and remote (non-physical) attacks.

I was just thinking how it actually works in terms of storing my private key. when I send a transaction using my trezor, it communicates with the trezor web-interface which means it has to share my private key with it over the internet? or how does it actually work?

The hardware wallet model attempts to simulate offline storage. They are designed to shield your private keys from online connections. Private keys are never sent to the online device. But keep in mind, any security model can potentially be broken. I would avoid putting all funds on any one medium, let alone a hardware wallet.

rsrb
Newbie
*
Offline Offline

Activity: 350
Merit: 0


View Profile
March 25, 2018, 04:59:41 PM
 #10

14. It is quite sure that anyone can complete a safe transaction by using Trezor or LedgerNanoS. But before that ensuring the correct address it must as viruses can easily identify copied address and drag the currency in the hacker’s wallet instead of the desired address.
crazybtclover
Newbie
*
Offline Offline

Activity: 294
Merit: 0


View Profile
March 25, 2018, 05:25:34 PM
 #11

Trezor and Nano ledger is very secured private key that secure you cryptocurrency wallet. When you make a transaction, these private keys are needed to authenticate. In this process you have to face two step verification that ensure the strong privacy.
MintDiceSupport
Member
**
Offline Offline

Activity: 154
Merit: 11

MintDice Support


View Profile WWW
March 25, 2018, 05:37:05 PM
 #12

Trezor uses an open-source software that can be verified and verifiable hardware as well as embedded random RNG in Trezor.

Hope this helps!

Mintdice.com
hussnainali
Newbie
*
Offline Offline

Activity: 132
Merit: 0


View Profile
March 25, 2018, 06:08:28 PM
 #13

Hi Folks,

So, we all know that hardware wallets are the safest way to store your crypto-currencies.


I was just thinking how it actually works in terms of storing my private key. when I send a transaction using my trezor, it communicates with the trezor web-interface which means it has to share my private key with it over the internet? or how does it actually work?

i.e with BitcoinCore, blocks are downloaded and the private key is never shared online to access the coins, all happen offline I assume? because the copy of the blockchain is simply downloaded.

However, with trezor, is it the same thing?

 Thanks

That's just a web interface to connect u with internet, private key never leaves the device, so its 100% secure and safe to do the transactions with your Trezor Or Ledger Nano
squatz1
Legendary
*
Offline Offline

Activity: 1666
Merit: 1285


Flying Hellfish is a Commie


View Profile
April 21, 2018, 03:15:45 AM
 #14

The interface is just a way to interact with your hardware wallet. The device does the signing, so the private keys never leave it.

This right here, you always have your private keys so that's not an issue. HW's are the best things to go with if you're going to be using your coins regularly, or have a mass amounts of coins that you want to keep as safe as possible.

I would hope that more people innovate in the space of HW and buy these wallets, but most people would rather put speed and convenience over safety of their funds -- which they'll learn is one of the most idiotic decisions you can EVER make. I guess some people just need to learn the hardway.




▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄                  ▄▄▄   ▄▄▄▄▄        ▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄
 ▀████████████████▄  ████                 █████   ▀████▄    ▄████▀  ▄██████████████   ████████████▀  ▄█████████████▀  ▄█████████████▄
              ▀████  ████               ▄███▀███▄   ▀████▄▄████▀               ████   ████                ████                   ▀████
   ▄▄▄▄▄▄▄▄▄▄▄█████  ████              ████   ████    ▀██████▀      ██████████████▄   ████████████▀       ████       ▄▄▄▄▄▄▄▄▄▄▄▄████▀
   ██████████████▀   ████            ▄███▀     ▀███▄    ████        ████        ████  ████                ████       ██████████████▀
   ████              ████████████▀  ████   ██████████   ████        ████████████████  █████████████▀      ████       ████      ▀████▄
   ▀▀▀▀              ▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀  ▀▀▀▀        ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀        ▀▀▀▀       ▀▀▀▀        ▀▀▀▀▀

#1 CRYPTO CASINO & SPORTSBOOK
  WELCOME
BONUS
.INSTANT & FAST.
.TRANSACTION.....
.PROVABLY FAIR.
......& SECURE......
.24/7 CUSTOMER.
............SUPPORT.
BTC      |      ETH      |      LTC      |      XRP      |      XMR      |      BNB      |     more
Dexion
Full Member
***
Offline Offline

Activity: 812
Merit: 101



View Profile
April 21, 2018, 11:28:25 PM
 #15

trezor is a hard wallet that provides a high level of security, even if your computer is exposed to malware. trezor can make transactions during online connected.

and how trezor work almost the same as ledger, when you will make a transaction, the bitcoin software will send the template to trezor to sign as a approval that you agree with bitcoin transaction, and your transaction will avoid pishing.

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!