And SE and passphrase on device and low price tag. And bitcoin edition 🔥

Shamir’s Secret Sharing (SSS) is often not the silver bullet many think it is. It still has a few weaknesses people should be aware of:

As SSS relies on splitting a private key up into multiple shards, that key must exist on a single device at the time of splitting and then also later on whenever you need to spend funds or even generate a new receiving address. If the device is compromised at either of these points in time (or in between), your funds can be stolen. For example, through a rouge employee, government coercion or other means Trezor could push a malicious software update. There could also just be a flaw in the hardware or software of the device that’s exploited. The next time you bring your shards together to spend or receive funds, the device would reconstruct the single signature key and poof, no more funds. Multisig on the other hand protects against this as there are multiple, separate private keys and potentially even multiple separate devices from different manufacturers

A number of other “custom SSS implementations” have suffered from major security vulnerabilities in the past due to the added complexity of implementing SSS, putting all users funds from that company at risk. For example, Armory’s Fragmented Backups feature which used SSS had a vulnerability found in it while the 3 of 5 HTC Exodus setup also ended up allowing for full key reconstruction if an attacker had just 1 of the keys. These both serve as valuable historic lessons showing that the added complexity of SSS compared to the straightforward creation of a Multisig wallet is not a preferred security practice

Is a Multisig setup perfect? No. Multisig is more complicated for users to manage. You have to backup not just more keys, but more configuration data in the form of a wallet descriptor file as well. If an attacker finds that wallet descriptor information they can see all the information about your wallet which can be a big breach of security and privacy. The transactions that are made using Multisig are bigger (in kilobytes) and so cost more in fees than Single Signature ones.

As is very common in matters of security, it depends on your own specific goals and technical capabilities, but in general you should try to KISS (Keep It Simple Stupid) 🙂

Why is the shamir thing a good thing? Haha, please bare with me 😅

Yes. First time Trezor has a secure element.

The original Trezor onion site was trezoriovpjcahpzkrewelclulmszwbqpzmzgub37gbcjlvluxtruqad.onion, but that redirects to clearnet domain.

But the web suite still works on an onion domain: http://suite.trezoriovpjcahpzkrewelclulmszwbqpzmzgub37gbcjlvluxtruqad.onion/web/

It's not open source, but the Trezor firmware remains open source, unlike Ledger. Trezor picked this one because no NDA is required, so bugs can be reported transparently.

Chips are hard, technically the other chips that Trezor has had since day 1 are not open source either. But the code that runs on them is.

Just use SeedSigner.

lol the video is great

SeedSigner is definitely an excellent open source project and one we recommend. SeedQR and stateless is a super awesome way to role as well. Buying and building it can be a bit too technical for some though and annoyingly (at least for us) doesn't use USB-C.

We're very fond of the Blockstream Jade too as their recent update now allows it to be used in a very similar way (which we cover in our review). The camera on the Jade is a little... finicky? and obviously the hardware is not general purpose, but it's super cheap (cheaper with our code) and has a battery in it which makes the air gapped, SeedQR experience really nice.

The Foundation Passport is also another super premium HWW that will soon support SeedQR style workflows too.

We'd recommend all 3 over any Trezor.

What's your opinion on Block stream's Jade?