Although most bitcoin users rely on freely-available web and mobile wallets, recent security scares clearly illustrate the need for safer alternatives. Here, we take a closer look at one device designed to address the problem.
The Trezor hardware wallet is targeted at bitcoiners who wish to maintain a substantial stash of coins, but do not want to rely on third-party bitcoin storage services or impractical forms of cold storage. Developed by Czech startup SatoshiLabs, the $99 device is essentially a USB dongle designed to add an extra authentication layer to all outbound bitcoin transactions. By virtue of its design, Trezor can be used to sign transactions on 'unsafe' computers and is impervious to keyloggers and many other vectors of attack, so even if your host PC is compromised, the attacker has no way of getting your private key.
That's also where the device gets its name, as 'trezor' translates into 'vault' in most Slavic languages, including Czech. A kind of 'vault' for your private bitcoin key, Trezor claims to use a number of clever tricks to maintain security even on compromised and unsafe machines. Here, we take a closer look at these failsafes one at a time, from setup to transaction. Unboxing and specsThe device is roughly the size of an average USB stick, albeit somewhat wider, and ships in a very small package.
The box features a holographic sticker on top and a warning urging users to get in touch with support in case they suspect the package was opened. The sticker feels redundant however, as there is so much glue holding the box together that it is practically impossible to open without causing an obvious amount of damage in the process.
The box includes the Trezor device, a USB to micro-USB cable, an installation manual and a (very) small lanyard. As for the device itself, we got a white, plastic sample. It also comes in grey and black. Although the company developed and marketed metal units, they are no longer on offer and the first batches went out to early Trezor backers earlier this year. The CE and RoHS-certified device measures 60 x 30 x 6mm (2.4 x 1.2 x 0.2 inches) and weighs in at 12g (0.42oz). While not certified as fully waterproof, the company says the device is at least water resistant.
In terms of hardware, Trezor is based on an ARM Cortex M3 processor clocked at 120MHz. It has a 128 x 64 pixel OLED screen that is both legible and crisp. The second component of the user interface comes in the form of two hardware buttons, used to perform a number of actions necessary to set up the device and sign transactions. A standard micro-USB port is located at the bottom. The micro-USB port is the device's only communication with the outside world and only source of power, as there is no battery on board.
As far as build quality goes, things could have been better. The top of the device and the edges feel very robust, but the same cannot be said of the centre, between the buttons and micro USB port. This part of the device exhibits a bit of flex and it squeaks when pressure is applied. However, the white plastic has a matte anti-scratch finish and it should be able to stand up to a fair bit of abuse. The plastic lanyard pin is surrounded by sharp edges and the opening is poorly shaped, so inserting a lanyard can be frustrating. This may sound like a case of nitpicking, so let's be clear: for a USB dongle, the build quality and design are excellent, but consumers spoiled by bulletproof high-end smartphones may find these minor issues annoying.
Installing the device is straightforward, but it involves a bit of work. There is no way of getting around this, as you must jump through a number of hoops since you are dealing with a secure device. After connecting the device, the first step is to head over to myTREZOR and download a browser plugin. The process is automated, although the user needs to allow the plugin to install. Once the plugin is activated, myTREZOR will prompt you to enter a PIN. This is where the keylogger protection kicks in. You don't actually type the PIN, you have to click on an obscured numerical pad displayed in the browser.
The position of each number changes randomly, so every time you enter the PIN you will have to check your Trezor device for the layout. An attacker using a simple keylogger, or even an attacker with complete remote access to the desktop, would not be able to determine the numbers, as they are displayed only on the Trezor device. The next order of business is to write down a randomly generated 24-word seed. This seed will allow you to reconstruct your Trezor wallet in case you lose the device. This is the only backup that can be used to recover your wallet in case of loss or theft. Trezor uses BIP39 and BIP44 standards for creating new wallets, so the generated seed can be recovered and used by other compatible wallets. SatoshiLabs confirmed that users can use Mycelium 2.0, Wallet32 or Multibit HD to load Trezor's recovery seed to their computer.
Technically, the device does not use standard random algorithms, as they would make it prone to random generator attacks. Instead, it uses deterministic signatures and external random entropy sources, which means it uses multiple different sources to generate the 'random' seed. The whole setup should take no more than 10-15 minutes. Convenience and everyday useThe Trezor wallet tries to reconcile two opposite extremes. On one hand it adds a new layer of security, but at the same time tries to make the user experience as simple as possible.
The device tackles the problem admirably, since there is not a lot of work left after the initial setup.
Using Trezor is not time consuming and a transaction can be approved in a matter of clicks, with minimal interaction with the device. You have to punch in the PIN to access the wallet and each transaction must be approved on the device.
While the default myTrezor wallet offers a sleek design and works quite well, it still relies on a single service.
For this reason, users wanting to avoid any form of centralisation can opt for either third-party wallet. The device currently supports Multibit HD (beta) and Electrum 2.0 wallets.
You don't need the device to receive bitcoins, only to send them. Even then, the process is rather straightforward, but Trezor isn't intended for every bitcoin transaction you make. Ideally it should be used to secure a substantial cache of bitcoins, transferring them to more convenient mobile wallet platforms for smaller transactions.
One potential issue for the device is its lack of mobile support. For the time being, the Trezor device can only work with desktop operating systems such as Windows, OS X and Linux. This means you cannot pair it with your mobile phone or tablet, unless you happen to use a Windows 8.1 tablet. However, Satoshi Labs is working on enabling USB On-The-Go (OTG) functionality, which would enable its use on Android devices. This is planned for future releases and an open-source library for Android OTG support is already available on GitHub. Another update will enable support for BIP70, the latest bitcoin payment protocol designed to offer additional security-oriented features.
The Trezor hardware wallet works as advertised. It offers a number of advantages over traditional wallets and renders your private key impervious to many forms of attack. The downside is that it is simply not an on-the-go device that can be used to make everyday transactions. Rather, it is a niche product for people looking to secure their bitcoins and top up mobile wallets from time to time. In other words, if you do not have a bitcoin stash at all times, Trezor (and other hardware wallets) are simply not designed for you. Crypto enthusiasts, BTC hoarders and small businesses are the target audience. It lives up to its name, as it is more of a crypto vault than a wallet. Since Trezor has no battery and relies on external power, it could work as a mobile solution, provided Android support is implemented. It is compact enough to carry around on a keychain and connect to a phone when necessary, so we expect Satoshi Labs to tackle OTG support soon.