TREZOR – Review
TREZOR is a hardware device which allows users to their Bitcoins safely while allowing them to make secure Bitcoin transactions. The hardware device was designed and manufactured by SatoshiLabs, a company created by experienced enthusiasts located in Prague. The company projects are linked to a large range of topics that go from bitcoin mining to secure bitcoin transactions and storage. The company designed Trezor focusing on user experience and top security.
This is a pretty good hardware solution designed for large Bitcoin holders who want extra security and usability functionality without the harassment of implementing cold-storage. With Trezor, the user private keys are generated offline on the hardware device. There is no possible tampering with the private keys since they are securely stored offline. With this hardware device transactions are completely safe even when done on a compromised station. Trezor designed an isolated environment for offline transaction signing, so no matter what kind of security used, the users’ coins are always safe.
Gavin Adresen a developer from the Bitcoin Foundation says:
“Hardware devices like the TREZOR that cannot be infected by malware will make holding bitcoins as easy and secure as holding paper money. They are an exciting step in the evolution of Bitcoin from an experiment for geeks to a payment system anybody can use.”
The Trezor device is a pretty intuitive, simple and easy-to-use device. TREZOR can be used on Windows, OS X and Linux systems. All the user needs to do is to connect his TREZOR to the computer and follow the instructions. There are only two buttons, to confirm or to deny the action, so using TREZOR is an easy task.
The device itself is small and extremely light. It is made out of a smooth plastic material. The device comes with two USB cables, a blue one and a black one and it pretty much looks like an odd USB stick or an MP3 player with a small screen and two buttons. The screen lights up to return information to the user. A micro-USB slot for connecting it to a PC is also included at the bottom of the device.
Trezor’s uses the website MyTrezor.com and a browser plugin to load and interact with the device. So the first step should be for the user to need to download the Trezor plugin, which is compatible with the most recent browser versions. The MyTrezor.com website, which is accessed via SSL and https://mytrezor.com triggers the Trezor wallet plugin.
Then the user needs to set up a PIN. The PIN should be up long; the longer the better. It can go up to 10 numbers long. Once the wallet is prepared, the Trezor asks the user to set up the recovery seed. This consists of 24 words displayed in sequence on the Trezor device display. These need to be copied down and verified.
If the user loses or, damages his device this recovery seed would act as my backup seed to rebuild the address database and return access to the private keys stored on the device.
Then the user needs to decide what wallet he will use. The user can opt by a wide variety, from Multibit to electrum wallet. The Trezor hardware wallet is compatible with a few software Bitcoin wallets. The Trezor device can also be used along with the Mycelium Android wallet where the device can be connected using an Android On-The-Go USB adapter.
The Hardware device security is very hard to test and I don’t have the skills the equipment neither the software to attempt brute-force or other tricks, and that gives a glimpse of what kind of security we can expect from the security on the device.
Every time the user wants to send Bitcoin or any other action, the device requires the user to confirm twice. The MyTrezor.com wallet site also allows using the private keys stored on the Trezor to be used to sign messages and to verify messages signed by others. The signature and verification uses a bitcoin address in order to sign or verify said messages. This option can accessed through the MyTrezor.com wallet via the “Sign & Verify” tab. Every time the user does some action the device will ask him to confirm.
Trezor offers users a functional software and is a solid security solution. It is able to store the private keys and does signing on device with easy user interaction enforced between the Trezor and the machine running the client. The private keys are never exposed, thus reducing hacking even if the user computer or phone is compromised. Trezor is definitely a good buy!