Adding passphrase to trezor is essential

[Oshosondy]

I have being looking for a good hardware wallet, I was able to know airgapped wallets are just the best, but the ease of transaction signing can be difficult but good for holding. I was looking for some hardware wallets online. I like ledger nano but I found out the secure element used in seed phrase generation and storage is close source, that automatically means ledger nano is close source. Ledger nano may be good, but I want things to remain standard, like everything about bitcoin is built with open source codes included bitcoin core which other wallets should follow.

About trezor, it has good reputation and it is open source, but I saw some few challenges about the wallet and I will like us to discuss about it to know if it is true or not true. I watched a YouTube video about how a stolen trezor can be compromised.

https://m.youtube.com/watch?v=6pKuHYwrGkU

Is it true stolen trezor seed phrase can be known with this method of extraction in the video above?

Though trezor is said to be safe is if passphrase is included, in this way the private key can not be known as the passphrase can not be bruth forced the way the seed was, also because passphrase will give rise to another seed, privatele, and other kyes and addresses.

[1715370105]

1715370105

[1715370105]

1715370105

[dkbit98]

Is it true stolen trezor seed phrase can be known with this method of extraction in the video above?

Kraken labs would not post a video and article about it if it wasn't possible, but it is still not easy task for average person.
Only way to be sure is if you have good passphrase, and you can have more than one for multiple accounts, but remember that if you forgot passphrase you will lose all your crypto.
Trezor wallet is working on their own open source secure element but I don't expect to see it released in next few years.

[jackg]

The size of password you can use on a trezor is limited so that's a bit annoying atm.

"how to choose a strong password - computerphile" is the best I've seen so far on YouTube for creating a password with good strength (choosing 4 random words through a series of dice throws).

[dkbit98]

The size of password you can use on a trezor is limited so that's a bit annoying atm.

He said passphrase, not password. Don't mix this things.

That are two totally different things, as PIN password is stored on device and can be extracted.
Passphrase is like a salt added to seed words to generate totally new addresses and it is not stored anywhere.

2min video explanation:
https://www.youtube.com/watch?v=DR5SKuhF-50

[o_e_l_e_o]

Though trezor is said to be safe is if passphrase is included, in this way the private key can not be known as the passphrase can not be bruth forced the way the seed was

So, it's important to note that the seed phrase is not being brute forced. It is simply being extracted from the Trezor device.* If someone knows your seed phrase and you are not using a passphrase, then obviously they can steal all your coins. However, if someone knows your seed phrase and you are using a passphrase, they can still attempt to brute force your passphrase. At this point, the security of your coins depends entirely on the strength of your passphrase. If you use a weak passphrase of one or two words, for example, then your coins will likely be stolen. If you use a totally random passphrase of 30+ random characters, then your coins will be safe.

*It is extracted in an encrypted format that requires brute forcing of the PIN on an attached computer, but this is trivial (in the region of a few minutes).

[zasad@]

Are there the same vulnerabilities for the ledger?
If it is so easy to hack any hardware wallet that does not have a passphrase, then a huge number of hardware wallet owners are at risk.
The passphrase is very inconvenient to use if you often use a hardware wallet for work.
If the passphrase consists of 30 characters, then you will get tired of entering this value on the wallet.

[ranochigo]

Are there the same vulnerabilities for the ledger?
If it is so easy to hack any hardware wallet that does not have a passphrase, then a huge number of hardware wallet owners are at risk.

No. There isn't any similar vulnerabilities affecting Ledger to the same effect.

There is also SD encryption available on Trezor as well and having one without the other would be useless. [1]

[1] https://wiki.trezor.io/User_manual:SD_card_protection

[zasad@]

Doesn't exist or we don't know about it - these are completely different things.
The zero day market is actively working, and we will learn about many of the vulnerabilities of iPhones in a year or more.
For greater security, it is probably better to use a multisignature wallet from a ledger and trezor.
This will be very inconvenient, but for long-term hodling, a combination of different protection options would be an excellent option.

[Lucius]

Are there the same vulnerabilities for the ledger?

If such a vulnerability existed at the moment, don’t you think someone wouldn’t publish it? If no one else, then competition that would only profit because it would sell more of its products. Ledger has much bigger problems with allowing them to be hacked (database), so now every criminal in the world has at least 300 000 potential targets that can attack remotely (phishing), or in person in a way to plan a physical robbery or kidnapping.

If it is so easy to hack any hardware wallet that does not have a passphrase, then a huge number of hardware wallet owners are at risk.

Well, this is not a new vulnerability - at least 2 years have passed since it was made public, so anyone who has followed the crypto scene could react and protect themselves.

The passphrase is very inconvenient to use if you often use a hardware wallet for work.
If the passphrase consists of 30 characters, then you will get tired of entering this value on the wallet.

I don't know how things are with Trezor, but with Ledger it is possible to have 2 unique PINs, one of which unlocks exactly the account that is protected with passphrase. After all, the account protected with paraphrase is not something that should be accessed often - there should be most of the funds stored for long-term.

[o_e_l_e_o]

If such a vulnerability existed at the moment, don’t you think someone wouldn’t publish it?

If someone knew about it, and if that person was benevolent, then yes, we could expect it to be published. Neither of those are given. There could be a malicious party who knows about a vulnerability but hopes to exploit it and so is keeping it secret, or it could be that there is a vulnerability yet to be discovered by anyone. This applies equally to all hardware wallets.

I don't know how things are with Trezor, but with Ledger it is possible to have 2 unique PINs, one of which unlocks exactly the account that is protected with passphrase.

This would potentially negate the benefit of a passphrase against such an attack, though. The whole point of using a passphrase with the Trezor attack is because while the seed phrase is stored on the device and therefore vulnerable to being extracted, the device keeps no record of the passphrase and so it cannot be extracted. If a similar attack existed against Ledger devices, in which the seed phrase could be extracted from the device, then there is also the possibility that any passphrase which is stored on the device and attached to a secondary PIN could also be extracted.

[ranochigo]

Doesn't exist or we don't know about it - these are completely different things.

Correct. You can't rule out anything in this aspect but they can only mitigate the possible attack vectors to a certain extent. Intrusive attacks like those are fortunately preventable the same way as you store your valuables; in a safe.

For greater security, it is probably better to use a multisignature wallet from a ledger and trezor.
This will be very inconvenient, but for long-term hodling, a combination of different protection options would be an excellent option.

I'd say if you want to be safe, then that's probably the way to go. Most people probably can't afford to have both and have marginal benefits. If the common attack vectors for all(?) of the hardware wallet is through opening it up and glitching it, then there's an easy way to eliminate this. I'm not an expert so probably someone more knowledgeable in this field can correct me, I would assume that such attacks becomes harder with a secure element as similar attacks require the secure element to be compromised which is something it is designed to be resistant against.

[Oshosondy]

Are there the same vulnerabilities for the ledger?

Ledger nano make use of secure element, this makes this impossible, but all hardware wallets I have browsed about that make use of secure element are all close source.

Doesn't exist or we don't know about it - these are completely different things.
The zero day market is actively working, and we will learn about many of the vulnerabilities of iPhones in a year or more.
For greater security, it is probably better to use a multisignature wallet from a ledger and trezor.
This will be very inconvenient, but for long-term hodling, a combination of different protection options would be an excellent option.

Multisig wallet has been the best even for software wallet, but it comes with inconveniences, about hardware wallet, the inconveniences will be more as more trezor will be needed to create the multisig. But it is even better to create multisig on online wallets as it is also safe if it is proerly created. If I want to use multisig, I will go for electrum multisig which is safe enough.

[zasad@]

https://medium.com/@1700constantino/protect-your-bitcoin-with-an-electrum-multi-sig-wallet-with-coldcard-ledger-and-trezor-96397e4ce287
When Bitcoin will cost $ 100,000, such decisions will no longer seem crazy.

When I was choosing a wallet, I read that the ledger uses special Secure Element ST33J2M0 chips and proprietary software, and the trezor uses a regular STM32F4 chip, which is also used in household appliances, its open source software.
Perhaps the openness of the chip and made possible a vulnerability for the Trezor wallet

[Lucius]

If a similar attack existed against Ledger devices, in which the seed phrase could be extracted from the device, then there is also the possibility that any passphrase which is stored on the device and attached to a secondary PIN could also be extracted.

Good thinking, I didn't think that the PIN in the Ledger case is something that could be easily bypassed in such a case, and that it's much better to have a safer solution in the form of setting a temporary passphrase which, if I understood correctly, is not stored inside the secure element, and cannot be extracted by any method?

The bottom line is, in fact, that all possibilities and options should always be reconsidered, and that not all eggs should be kept in the same basket - in the sense that only one hardware wallet should be blindly believed.

[o_e_l_e_o]

a temporary passphrase which, if I understood correctly, is not stored inside the secure element, and cannot be extracted by any method?

A temporary passphrase is used to derive the relevant seed number and private keys for the current session only. It is not stored on Ledger devices, and is wiped from the device whenever it restarts or is unplugged. The seed phrase, on the other hand, must be stored on the device so it can derive new wallets from any newly entered passphrase. In the event of such a hypothetical attack against Ledger devices, a temporary passphrase that you enter every time you need it would provide the maximum amount of protection, since it is not stored on the device and therefore not available to be extracted.

If Trezor offered an option to store a passphrase and link it to a secondary PIN, then it could well be vulnerable to the same attack which can extract the seed phrase.

[ranochigo]

The same can be said with the ledger nano right?  But isn't trezor open source or close source which make it suspectible to hacking?

No and No. The secure element within those are designed to resist tempering attacks and you can't do all that much even if you were able to desolder and try to reverse engineer the secure element like in this case. It doesn't allow bruteforcing on the chip itself as it'll erase the contents after several attempts. This doesn't mean that secure elements are immune against them though. People were able to introduce faults into the secure element by using a laser fault injection which was fairly expensive to do.

It doesn't matter if it is open source or close source if the chip was poorly designed in the first place.

[Oshosondy]

The same can be said with the ledger nano right?  But isn't trezor open source or close source which make it suspectible to hacking?

Ledger nano is close source, it generates its seed phrase through secure element, the secure element can not make this to happen, but I can not trust close source wallets either be hardware or online. Trezor has no secure element, this makes it possible to reveal seed phrase if stolen, but if passphrase is used, you are still safe, it will also be most safe to use a strong passphrase that will be very difficult to brute force.

[ranochigo]

Ledger nano is close source, it generates its seed phrase through secure element, the secure element can not make this to happen, but I can not trust close source wallets either be hardware or online.

Ledger Nano has most of its codes open source, the secure element is close source which is probably due to their NDA but could provide security through obscurity. If that is your main concern, then you'll probably have to choose some other HW wallets that is fully open source.

Trezor has no secure element, this makes it possible to reveal seed phrase if stolen, but if passphrase is used, you are still safe, it will also be most safe to use a strong passphrase that will be very difficult to brute force.

The seed extraction is due to the design of their microcontroller. While secure element can help to prevent this, the lack of it isn't the main reason why you can extract information from their microcontroller.