Bitcoin is often marketed as allowing people to “be your own bank”. The caveat, however, is that you have to take the responsibility worthy of a banker. It may sound simple; all it requires is to keep the private key safe, but the simplicity can be deceiving.
A Bitcoin private key is a long string of alphanumeric. They are all unique but look sort of like one another. While the entropy makes it hard to crack by random guessing, it is quite impractical to memorize for most.
Many people use paper wallets, which is the written or printed form of private keys. While this is a relatively secure way of storing the bitcoins, it is rather troublesome for those who need to spend their funds often. Many of them would rather use a third party online wallet service such as Blockchain.info, at the cost of increased risks.
The quest for paper wallet-grade security without compromising the convenience of online wallets led to what is known as hardware wallet.
Though nobody claims to be inventor of the Bitcoin hardware wallet, one of the pioneers who posited the concept is Clement Cap, a professor at University of Rostock in Prague.
In a 2011 speech, Prof. Gap described the requirements of a Bitcoin hardware wallet as:
My Trezor arrives in a square plastic-sealed box. Rip the wrap off, you will see a sealing sticker. It has a warning message that reads: "Make sure the sticker is intact before opening”. Take this warning seriously because at stake is more than the 100 USD you paid for the device, but whatever amount of Bitcoin that you will trust it with.
Look at the Internet and it is not hard to get the impression that hardware wallets are reminiscent of mobile phones in the early days – there seem no unified design language or standard to speak of. While some, with touch screens and wireless connections, look like smart phones, the plainness of Trezor reminds me of my first MP3 player bought over a decade ago.
Simplicity is definitely in the heart of Trezor’s design. The designers seem to have tried to remove all unnecessary parts and stick to the essentials: a screen, two buttons, a tiny electronic board with a USB port. The benefit of simplicity is increased reliability. Compare a decade-oldNokia and a new iPhone, as much as you may enjoy the rich user experience that the later offers, you may have to admit that the former is much less likely to crash.
For the paranoid, they may be interested to know the conditions under which these devices are manufactured. Even though the hardware is supposed to be open-source, most of us don’t have the capacity to examine it, so we still have to trust Satoshi Labs who designed it and the manufacturer that it chooses to work with. I contacted Satoshi Labs customer support and was told that the devices were made In Czech Republic, where Satoshi Labs was based. In the email, I was told that: “All components are stored in a restricted access area watched by cameras 24/7…Only chosen employees can get into the area. The plastic casing parts are joined with an ultrasound that melts the material together so it's impossible to replace the internals without a notable damage to it.”
All the assurance notwithstanding, the little thing still looks a little too flimsy to inspire much confidence in me. For that matter, the company also has an aluminum version, with a metal body that give some extra psychological comfort. But on the flip side, that Trezor doesn’t look like something that can potentially keep money (and a lot) is actually not a bad idea. After all, you don’t want it to attract too much unwanted attention to your safe.
The first step is setting up a pin – the pin is password that you have to use when sending money out. It is quite different from setting up an email password: A 3*3 grid appears on Trezor’s screen, each grid containing one of the digits from 1 to 9, all scrambled out of order. On the computer screen there is another 3*3 grid, identical except each grid contains a question mark. It may sound complicated, but the real process is quite ingenious. Basically, you move the cursor and click on the question mark on the computer screen that correspond to the digit you would like to select on the Trezor screen. This is designed to prevent malicious programs from secretly recording your keystrokes.
Then you will need to set up a recovery seed. In case you lose your Trezor or forget the pin, the recovery seed is all you can count on to recover your funds. The seed is a string of randomly selected English words. Write them down on a piece of paper (or the tiny notebook that comes with Trezor). Once you are done, put it away. Don't put it too close to your Trezor. You would lose your money if you lose both.
The thing I like most about Trezor is the ease of use. Even when compared with online wallets, it is just more convenient. Blockchain.info for example, requires one to type in the password every time. When you have the two factor authentication activated, you will also have to type in the verification code. With Trezor, to check the balance, all you need to do is to plug in and go to Mytrezor.com.
One thing that users may frown at is the current lack of support from other websites. There should be alternative sites if Mytrezor.com experiences a server failure. But these alternatives don’t exist at the moment (at least I didn't see any information on Mytrezor.com). Another issue that may prevent the device from becoming more successful is that it doesn’t have multilanguage support. So if you want to use a Trezor, some basic English reading skill is a requisite.