A few questions about hardware wallets

[BlackHatCoiner]

I think I'll buy a trezor one, since I make many transactions daily and I can't open the laptop with electrum every single time I want to transact. I need to just connect a usb with my PC and be able to move bitcoins. Although, I have some questions to make before giving the 59 EUR.

• What happens if someone steals it? I assume that once you write the 24 words, anyone with the device and its PIN has access to your funds.
• I know that the firmware is open-source, but how can I verify that? Telling me that a software is open-source means that I can build it and ensure that the program is the binaries of the source code. But on firmware, how exactly can I build it?
• Is it necessary, for the mnemonic, to be 24 words? Can't it be 12 words? There's no reason to write 24 words, unless you want to brute force it sometime in the future.
• How's the electrum experience? Is it easy to use it? Is the LN also available?
• What are the dangers? AFAIK, the hardware wallet signs the transaction and sends it back to the computer, thus the private keys never "touch" your computer. But is there anything I should be afraid of? For example, should I connect my hardware wallet on a publicly shared computer, that is most probably virus/malware infected, or not?

Thank you.

[NeuroticFish]

I think I'll buy a trezor one, since I make many transactions daily and I can't open the laptop with electrum every single time I want to transact. I need to just connect a usb with my PC and be able to move bitcoins. Although, I have some questions to make before giving the 59 EUR.

• What happens if someone steals it? I assume that once you write the 24 words, anyone with the device and its PIN has access to your funds.
• I know that the firmware is open-source, but how can I verify that? Telling me that a software is open-source means that I can build it and ensure that the program is the binaries of the source code. But on firmware, how exactly can I build it?
• Is it necessary, for the mnemonic, to be 24 words? Can't it be 12 words? There's no reason to write 24 words, unless you want to brute force it sometime in the future.
• How's the electrum experience? Is it easy to use it? Is the LN also available?
• What are the dangers? AFAIK, the hardware wallet signs the transaction and sends it back to the computer, thus the private keys never "touch" your computer. But is there anything I should be afraid of? For example, should I connect my hardware wallet on a publicly shared computer, that is most probably virus/malware infected, or not?

Thank you.

I have Ledger, but I've also read a lot about Trezor and I think that I know some of the answers you need:

• If somebody steals it you'd better move the funds away asap since physical tampering can allow them steal your funds. It was discussed here on Bitcointalk.
• I think that I've seen a discussion on this not long ago, but I couldn't find it now
• the Electrum experience is nice. I recommend it. I use Electrum with my HW and it's not much different from simple (no-HW) use. You do have to plug in the HW at very start and you'll also need it for signing tx, and most of the details of the tx will also be on the HW screen for verification. But the rest is normal use, really, you may almost forget that HW is there.
• I didn't use LN but as long as you have bech addresses on, I think that LN should be possible (I cannot check now since right now I'm not on bech addresses).
• You have to be careful and avoid unknown computers. Especially a malicious wallet can still do bad surprises (for example the change address is not displayed on my HW and that could be exploited). I'm not a hacker, but I am sure that this is not the only potential problem. Instead of an unknown computer I prefer (for emergencies) my own phone with Mycelium and the HW on OTG.

[dkbit98]

...

If someone steals your Trezor wallet they can potentially extract your seed words and steal your funds IF you are not using bip39 passphrase, 25th word that only you know and it is not stored on your hardware wallet.

Everything is open source for Trezor, checked by many security experts all the time and you can make your own if you follow Instructions

It is not necessary but it is better to use 24 words and most wallets are now using that as default, and Electrum with Trezor is working just fine.

Use your common sense, no reason for connecting your hardware wallet with publicly shared or infected computer, and there could be some keyloggers installed for catching what you are typing and your passphrase.

[BlackHatCoiner]

If someone steals your Trezor wallet they can potentially extract your seed words and steal your funds IF you are not using bip39 passphrase, 25th word that only you know and it is not stored on your hardware wallet.

Why should I enter a password? Why does it keep the mnemonic inside the wallet? It adds extra steps to the entire procedure. Keeping a mnemonic without a password should be equally secure.

It is not necessary but it is better to use 24 words and most wallets are now using that as default, and Electrum with Trezor is working just fine.

Oh, you can use 12 too? Nice. I just consider not practical having 12 additional words on your mnemonic, since both options offer you the same security.

Use your common sense, no reason for connecting your hardware wallet with publicly shared or infected computer, and there could be some keyloggers installed for catching what you are typing and your passphrase.

My common sense, tells me that if there are no private keys on the computer, then no hackers can get my money. Changing address while you're pasting it from trojan is the worst I can think of. As for the passphrase, what is it? PIN? An alpha-numeric password? What happens if I forgot it?

[Rath_]

What happens if someone steals it? I assume that once you write the 24 words, anyone with the device and its PIN has access to your funds.

Posters above have already mentioned the unfixable seed extraction exploit. You can mitigate it using a passphrase. If you changed your mind and bought a model T instead then you could enable the SD card protection which encrypts the contents of the device.

Is it necessary, for the mnemonic, to be 24 words? Can't it be 12 words? There's no reason to write 24 words, unless you want to brute force it sometime in the future.

You can use trezorctl to initialize your wallet and generate a 12, 18 or 24 word seed. Trezor T generates a 12 word seed by default.

Is the LN also available?

Yes and it works fine. Trezor is only used to sign the channel opening transaction. You don't need to plug it in to pay someone over the Lightning Network. Keep in mind that your recovery seed won't restore your Lightning channels.

[BlackHatCoiner]

If you changed your mind and bought a model T instead then you could enable the SD card protection which encrypts the contents of the device.

I just checked it, it seems nice, I just don't understand why it costs 3 times more than Trezor One. Anyway, thank you guys, I may buy the Trezor one, but as a hot wallet, not cold. Just for daily transactions with small risks. I still don't get why it keeps the mnemonic inside, though.

[Rath_]

I just checked it, it seems nice, I just don't understand why it costs 3 times more than Trezor One.

Its hardware is slightly faster (some coins are not supported on the first model). Its large touchscreen must be the most expensive part. Honestly, I wouldn't buy it again - I don't like the fact that the built-in SD card has only one application and it's been already 3 years since it was released. The developers seem to be completely focused on the Trezor Suite right now.

I still don't get why it keeps the mnemonic inside, though.

If not the mnemonic, it would have to store your Master Private Key derived from it. Either way, it could still be extracted using this exploit.

[Coin-Keeper]

I have read through this thread and I own multiple Trezor 1's and T's.  As someone in the "crypto sphere" for the long haul I would get the T.  BTC is on the doorstep of 50K for a single coin.  That being the case are you really going to debate 60 bucks vs 150 bucks when storing coins at 50K each?  Not mentioned above is that the T comes with a C connection over the micro usb.  Its much more stable and connects to modern equipment providing a better physical handshake.  While the SD Encrypt feature is slick as can be, and it is, you can actually use the other space on the Micro SD card for storing files, even encrypted containers to use on other systems.  Its easy.

[Pmalek]

What happens if someone steals it? I assume that once you write the 24 words, anyone with the device and its PIN has access to your funds.

Nobody replied to this part directly so I will. The PIN code is not required to restore the accounts on your Trezor. All the thief would need is your recovery phrase. The PIN code only unlocks that particular hardware device when you want to use it.

I know that the firmware is open-source, but how can I verify that?

Check the GitHub repositories and read more about it here > https://wiki.trezor.io/Open-source_hardware.

Why should I enter a password? ... It adds extra steps to the entire procedure. Keeping a mnemonic without a password should be equally secure.

That extra step is what can make the difference if someone steals your hardware wallet and knows how to extract its seed phrase. A seed without a passphrase is secure if no one knows it. If someone got access to the seed, they still wouldn't be able to steal your crypto without knowing (or bruteforcing) your passphrase as well.   

[NeuroticFish]

Nobody replied to this part directly so I will. The PIN code is not required to restore the accounts on your Trezor. All the thief would need is your recovery phrase. The PIN code only unlocks that particular hardware device when you want to use it.

All the first answers have covered this. Neither the PIN, nor seed, they are not necessary if the device can be physically accessed, since the seed can be extracted and used in another wallet.
Somebody has written than adding a passphrase fixes this though.

I may buy the Trezor one, but as a hot wallet, not cold. Just for daily transactions with small risks.

I agree, this is the best use of a hardware wallet.
For cold storage you can safely generate with the device a different seed which you can use more or less like paper wallet.

[Pmalek]

All the first answers have covered this. Neither the PIN, nor seed, they are not necessary if the device can be physically accessed, since the seed can be extracted and used in another wallet.
Somebody has written than adding a passphrase fixes this though.

You are correct, but only if the person who steals the device knows how to extract the seed from it. It's not implied that the thief knows how to extract it or knows about the vulnerability in the first place. I wanted to point out that BlackHatCoiner shouldn't think that the PIN is needed anywhere during the restoration of the wallet. In case he himself forgot his PIN, he can reset the device, restore it from seed, and access his funds even without it.