Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Hardware wallets
Re: [ESHOP launched] Trezor: Bitcoin hardware wallet
by
sipak
on 28/08/2014, 19:05:50 UTC
Quote from: Perlover on August 28, 2014, 05:04:56 PM
Hi,

I noticed the strange thing.

The Trezor is device for signing all outputs and all outputs should be showed to me in screen and values of each output.
Is it correct?

But i noticed that when i send some money to addresses A, B, C (i did the transaction for 10 addresses) there was 11th output - it's OK, one address is change from my wallet.

BUT! The 11th address is not showed by Trezor (or 1st) - this is the change adress. So one address slips away from my eye. It's very strange.
How the Trezor decides that one address should not be showed (and value too!) to me when i sign the transaction?

I understood that it made may be for easy using. But i would know the algorithm for this decision.
May be there security hole? Can hacker tell to the Trezor that one X address from faked transaction is change address and after this the Trezor could not show to me this address and value in Trezor's screen?

I can imagine that the Trezor could get the change address as path of BIP32/BIP44 and inside itself can recalculate the address and after it decides that this address is a really my own change address and doesn't show one me and value for it. But i am not sure that this done same way. If there in protocol only bit for address (change/not_change) - it will be security hole for trojan.

I think the Trezor should show all outputs and value of each output included a change address. A change address could be showed with remark 'Your Change' or other way. Otherwise, the thought creeps in that the algorithm has a loophole.

How do you think?
And what does Stick or Slush think about this? I don't want to ask this to through ticket system because the Trezor project should be discussed publicly.


When you are composing transaction, you see on the right all output addresses. The change address is represented by path and it is sent by myTrezor wallet to the Trezor device as this path. This is why Trezor doesn't show anything, because it knows, it generates that address itself from the seed. You can pregenerate this internal address by using account xpub and the shown path on bip32.org. If you give this address to Trezor explicitly and fill in the right change ammount, you will have to confirm it on the screen as with every other external ouput. Trezor doesn't recognize it as internal address when it is not sent as a path to it. The same thing is when you send bitcoins bitween accounts in the same Trezor, you have to confirm them, since Trezor doesn't know they are internal with respect to the seed as well.

Anyway, it might be good if user could somehow choose if the change address will be shown explicitly by clicking something like "Send Advanced". In this scenario, Trezor would also show something like "Confirm sending change to an internal address 3/1/18 = 1ase4er4wFASDFdasdfdfdf..."