Wie wird der Trezor mit Luft versorgt?

Home Foren Trezor Wallet Wie wird der Trezor mit Luft versorgt?

  • Dieses Thema hat 4 Antworten sowie 1 Teilnehmer und wurde zuletzt vor vor 1 Jahr, 9 Monaten von blaze1234 aktualisiert.
Ansicht von 4 Antwort-Themen
  • Autor
    Beiträge
    • 29. Mai 2023 um 16:44 Uhr #2302809
      root_s2yse8vt
      Administrator
      Up
      0
      Down
      ::

      Vielleicht kann mir jemand, der den Code gelesen hat, sagen, wie genau der Trezor airgapped ist. Ich weiß, dass die Seed-Phrase das Gerät nie verlässt, aber welche Sicherheitsmaßnahmen sind implementiert, um das zu gewährleisten?

      Der Speicherplatz, in dem die Seed-Phrase gespeichert ist, lässt nichts nach außen dringen, was nicht in Form einer signierten Transaktion vorliegt, oder?

    • 29. Mai 2023 um 16:44 Uhr #2302810
      matejcik
      Gast
      Up
      0
      Down
      ::

      >The memory location that the seed phrase is stored in does not allow anything to get out

      That’s not how things work.

      See, in a typical flash drive, the job of the controller chip is to make all that memory visible to the PC that you plug it into.

      But if I solder a 64GB memory chip into my mouse, it won’t turn into a flash drive. It will still be just a mouse and the PC will not even know about the memory chip. (for that matter, the mouse itself won’t know either, even though technically speaking it _could_ talk to the memory).

      Trezor does not present to the PC as a flash drive or anything similar. There is nothing the PC can reasonably do to read Trezor’s memory — for all the PC knows, there _isn’t_ any memory to access.

      Instead, Trezor presents a predefined set of instructions. „Sign a transaction“ is one of them. „Read seed“ is not there however.

      With that said, Trezor is _not_ airgapped. Hypothetically speaking, there could be a security issue, kind of along the lines of, if the PC sends a carefully crafted sequence of the instructions that _are_ allowed, it might cause Trezor to return something that it shouldn’t. Most of the security research happens in this space.

    • 29. Mai 2023 um 16:44 Uhr #2302811
      brianddk
      Gast
      Up
      0
      Down
      ::

      > Maybe someone who read the code can tell me how exactly is Trezor airgapped. I know the seed phrase never leaves the device, but what security measures are implemented to make sure of that?

      Because the comms to the device are using a custom made protocol to pass messages back and forth. [Here’s the workflow](https://docs.trezor.io/trezor-firmware/common/message-workflows.html) in simple English (no code). There is no message `get_seed` message, only a `set_seed` message (in `LoadDevice`). That means the seed can be pushed to the device, but never pulled from the device.

      So no way to REMOTELY access the seed. To that, consider that smarter people than I would have made fame and glory if they could publish a remote exploit on something like Trezor or Ledger. The two companies have been trying to hack each other for almost a decade. Ledger (Donjon) would have definitely called out Trezor if anything like that was possible.

    • 29. Mai 2023 um 16:44 Uhr #2302812
      dadlif3
      Gast
      Up
      0
      Down
      ::

      Is it plugged in? If yes, it is not airgapped. If no, it is airgapped.

    • 29. Mai 2023 um 16:44 Uhr #2302813
      blaze1234
      Gast
      Up
      0
      Down
      ::

      The device that holds the secrets never touches the internet, or any network.

      The device that does may be completely compromised by malware, but has no way to get access to the secrets.

      The HW wallet receives the transaction data and SIGNS it using a private key. Only public keys and addresses travel in the messages exchanged.

  • Autor
    Beiträge
Ansicht von 4 Antwort-Themen
  • Du musst angemeldet sein, um auf dieses Thema antworten zu können.