Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Hardware wallets
Re: [ESHOP launched] Trezor: Bitcoin hardware wallet
by
JorgeStolfi
on 19/08/2014, 21:38:42 UTC
Quote from: souspeed on August 19, 2014, 04:36:11 PM
Quote from: JorgeStolfi on August 19, 2014, 04:19:32 PM
Quote from: gmannn on August 19, 2014, 03:39:47 PM
Quote from: truthstalker on August 19, 2014, 03:19:43 PM
Is this just as secure as a paper wallet? I should imagine it isn't because it requires you the manufacturer to actually have access to the private keys?
The keys are generated using entropy from the trezor plus entropy from the computer you plug into.  There's no way for the manufacturer to know your keys.
Well, if the manufacturer of a hardware wanted to get the client's keys, they could do it very easily. 
If you use a special-purpose hardware to store your keys, you have to trust the manufacturer.  I see no way around it.
The hardware can be checked and the software is open source.
Checking the hardware is viable only with sophisticated lab equipment.  To check the software, someone whould have to carefully check the source code (at every release) for malicious backdoors or weaknesses, and then the client would have to check that the compiled firmware that he is loading, duly signed by the manufacturer,  matches that source code.  Obviously neither is viable in practice, except after the fact.