What we learned at the MIT Bitcoin Expo
Over the weekend, during the MIT Bitcoin Expo in Boston, Charles Guillemet, Chief Security Officer of Ledger (a competing hardware wallet), presented several attacks against Trezor hardware wallets. From what I can glean, some of these attacks were well-known after the wallet.fail team disclosed them and have since been patched. However, there is an attack that Ledger has decided not to make public because they do not believe it is patchable. I am certainly waiting with bated breath to hear Trezor's response to this claim.
As someone who uses a Trezor and recommends the product to others, this is certainly disconcerting. However, not surprising because a lot of these types of attacks have been part of my assumptions for a while as they require physical access to the device. For any of you freaks using any type of hardware wallet out there, you should assume that if someone has possession of it they can find a way to access and send your bitcoins to a wallet of their choice.
We've discussed it in this rag and on the airwaves many times, but it can never be reiterated enough; taking custody of your wealth by sending BTC to a personal wallet comes with extreme ownership. That means being aware of how your device can be exploited and how you should protect against it. Right now, it seems like the best advice I can give is to make sure your hardware wallets are well protected and out of reach + (more importantly) mind of would-be attackers and that you have strong PINs and passphrases. I think I can confidently say that most Trezor owners are going to be okay unless they are personally, and physically targeted by attackers who can gain access to their devices. The likelihood of someone scooping your BTC while it's locked in a safe in a place only known to you is very low. Unless you've entered your seed phrase on a computer infected with keystroke malware, then you may have reason to worry. However, even if you did this, having long PINs and Passphrases overlayed on your wallet makes these attacks precipitously harder or outright impossible.
If anything, Charles' presentation highlights the nascence of this technology and the rawness of handling it directly. The solutions that exist today are far from perfect and come with a lot of risks. Before you take your UTXOs into your possession, seriously consider if you are willing to take on these risks and react accordingly. On top of this, we should be pushing for the creation of better UX around multisig setups so users can easily create webs of trust that make the costs and effort needed to execute these types of attacks considerably more arduous, dissuading people from even thinking about executing them in the first place. I am confident that we will see better UX and security like this in the future, but in the meantime, we must be upfront with the realities we face and react accordingly.
Lastly, I must note, that I noticed at least one factual error in Charles' talk when he said that Trezor Model T users were vulnerable to one of the attacks because they can only enter their passphrase via a computer that could be keystroked. This is false, the Model T allows users to enter their passphrase on the device itself, which is how I would recommend one enter their passphrase when using this device.
Final thought...
I can smell "light jacket rooftop happy hour + sunset season" and I am all about it. A great smell.