Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Hardware wallets
Re: [ESHOP launched] Trezor: Bitcoin hardware wallet
by
randomguy7
on 10/08/2014, 11:40:56 UTC
Quote from: molecular on August 09, 2014, 10:22:24 PM
Quote from: TwinWinNerD on August 09, 2014, 10:17:37 PM
Quote from: Carlton Banks on August 09, 2014, 10:10:40 PM
Quote from: molecular on August 09, 2014, 09:08:11 PM
However: should you make a mistake and have to enter re-do the whole process, the random words will be known to a keylogger, because trezor chooses different random words every time. So the words identical between the 2 restore-processes (1 failed, 1 succeeded) will be the seed words.

With a 12 word seed theres only 12! = 479,001,600 combinations. So better not "try again" after a failed restore from seed on the same machine if you have a short seed like that... or just just 24 word seed to be safe.


Definitely needs that offline recovery tool

Or a 36 seed recovery.

Another possibility would be that a certain TREZOR has hardware specific "random words" in the seed recovery. So even if you recover twice on the same trezor, the attacker wouldn't know what the wrong words were.

I just discovered random words are not used on 24 word seed. Maybe random words are used just to fill up to 24 words? Would make sense.


Yup. See the link to the source in this post https://bitcointalk.org/index.php?topic=122438.msg8243169#msg8243169