Please login or register.

Experimental trezor firmware testing

DO NOT UPGRADE YOUR FIRMWARE IF YOU DON'T HAVE YOUR RECOVERY SEEDS

I worked on a trezor firmware which supports XMR awhile back but stopped development around August last year. I want to "complete" the firmware soon and then release the source to github when it's somewhat stable. I'm releasing the binary since I need help testing the current version.

While there are user interaction limitations, the firmware is fully functional and can be used to sync accounts as well as transfer XMR from active accounts. Only simplewallet is supported at the moment and from my testing, windows is fairly stable while linux needs some work [FIXED].

The firmware is compatible with BTC and does not remove any functionality available in the official firmware. The source is upstream compatible and can be merged to the official source (if they want to). XMR uses the same seed as BTC so you can restore your old seed anytime and regain your old account.

There are important points to note:

  • The viewkey is sent to the client. A bad client could potentially store these keys and see all incoming transactions to your account, privacy is then compromised.
  • The client has no access to the sendkey and can only request the device to generate key images or sign transactions. Your funds are safe.
  • It takes about 40ms to generate each key image. For large wallets, re-sync is going to take a while, so keep the wallet bin files.
  • [FIXED] The send confirmation prompt is incomplete. It will be fixed in subsequent versions.
  • [FIXED] There is no reconnect/retry implemented in simplewallet at the moment.
  • Max mix level is 9

V0925: trezor_xmr_test_firmware_0925

  • Updated to trezor source v1.4.0

V0313: trezor_xmr_test_firmware_0313_win64

V0313: trezor_xmr_test_firmware_0313_linux64

V0313: trezor_xmr_test_firmware_0313_osx64

  • Fixed Bus: 10 error

V0311

  • Added reconnect handler when trezor is unplugged while simplewallet is active
  • Added tx_seckey storage support to firmware
  • Added support for 'address' simplewallet command
  • Fixed support for entering passwords when trezor is initialized/recovered with password protection enabled

V0306

  • Added binaries for linux-64 and osx-64
  • Fixed usb transport bug in linux/osx
  • Updated source to master b96147030cf06b7adacafebff196bc23a4b19199
  • Added trezorctl to wipe, reset, recover the trezor
  • Added trezorctl option to recover the monero mnemonic from the trezor seed given a specific address index

V0303

  • Added send prompts when transferring xmr with multi destination support.
  • Fix: added error handler when mixin level is > 9
  • Fix: added error handler when sending to > 10 addresses in a single transaction.

V0301

  • Test release

Upgrade instructions:

  1. Disconnect the trezor from the USB cable.
  2. Press both buttons on the trezor then connect the USB cable.
  3. Run upload.bat. Wait until new firmware upload is completed.
  4. Verify firmware fingerprint (from fingerprint.txt)
  5. Disconnect then reconnect trezor to USB.
  6. Go to MyTrezor.com (using CHROME) and initialize your device. (You have the option to restore your SEED words if you want to keep using the trezor with your current BTC (etc.) account.
  7. Close CHROME. Otherwise, it will not release the trezor USB device and simplewallet will not find it.
  8. Run simplewallet.exe --hardware-wallet n (n can be any reasonable number eg. --hardware-wallet 0)

PIN Entering: https://github.com/trezor/python-trezor

47AYtJeNKJjYNZLj71nBW938mbFSFwq1x4qVcNhBmdfUjhaqiGN7wqpVjH419eLYPzHFeF3TgzY2fDivz5EyGBYUSbAXwed

Replies: 58
mmortal03 posted 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

"The viewkey is sent to the client. A bad client could potentially store these keys and see all incoming transactions to your account, privacy is then compromised."

A bad client, meaning only if simplewallet itself has been swapped out for something malicious on the machine, or is the communication channel that is passing the viewkey between the Trezor and simplewallet potentially insecure?

Reply to: mmortal03
NoodleDoodle edited 8 years ago Weight: 0 | Link [ - ]

A "bad client" refers to any software that communicates with the trezor, including a malicious simplewallet like you stated. The future GUI wallet, even a web based wallet like mymonero (in the future) can be used with the trezor, so this weakness has to be kept in mind.

The communications channel can be sniffed either through hardware or software. In order to mitigate this, a client first has to establish a "session" with the trezor, aftewards, all communication is encrypted. While this is not foolproof, it makes it harder to sniff data like viewkeys etc, using the usb interface. In contrast, the BTC part of the trezor never passes anything similar to a viewkey to a client, hence, there is no need to protect the raw information being passed. Technically, we can also introduce a similar mode with trezor (I'll call it the paranoid mode), in theory though, instead of taking about 3-5 minutes for the initial wallet sync, it would probably take days to do it (just a guesstimate, but it would be quite slow nonetheless).

skaht posted 8 years ago Weight: 0 | Link [ - ]

Tried a migration from the V313 firmware to V0925 firmware. Loaded okay and noticed the naming convention of the file was the firmware's fingerprint. However, I had to wipe and reset seed, PIN and password. I could access funds for prior account with no password. However, the funds for the same account with a password were invisible because a new address resulted from the upgrade. Rolling back to the older firmware. FYSA - If issues were opened up at https://github.com/NoodleDoodleNoodleDoodleNoodleDoodleNoo/trezor-mcu, this posting would have been made there.

skaht posted 8 years ago Replies: 2 | Weight: 0 | Link [ - ]

With neither the V313 nor V0925 firmware it is not possible to use trezorctl recover_mnemonic index passphrase language BIP39_word_list to recreate Wallet address: when there is a password. However, if the password is left as an empty string, the recover_mnemonic will cause trezorctl to synthesize the proper 25 Electrum seed words (used for traditional wallet recovery) and associated Monero address for both firmware versions. Wondering if the password recovery issue is somewhere after https://github.com/NoodleDoodleNoodleDoodleNoodleDoodleNoo/trezor-xmr/blob/master/client/tools/trezorctl.cpp#L264 section of code opposed to inside the firmware?

Reply to: skaht
throughnothing edited 7 years ago Weight: 0 | Link [ - ]

Thanks for all the info you've provided on this skaht. Is there any information around how to either a) transfer XMR stored in a V0313 Trezor wallet WITH password to a new wallet, or b) retrieve the propery 24/25 word mnemonic or otherwise get the original key into a monero-wallet-cli somehow?

Edit: Also curious if someone has a fork of the original source code before it was taken down that they'd be willing to share (publicly or privately).

Reply to: skaht
NoodleDoodle posted 8 years ago Weight: 0 | Link [ - ]

It should be fixed here https://github.com/NoodleDoodleNoodleDoodleNoodleDoodleNoo/trezor-xmr/commit/a28b2731ba2e14fa1b781578f5ee04ef7f5cebb6. You need to clone monero then issue a submodule update before compiling.

NUKE1989 posted 8 years ago Weight: 0 | Link [ - ]

Not wanting to be pushy or something but are there any updates on it? I would really love to use my new trezor with monero. In fact i bought it especially for when xmr can be stored on it (loved it and i should have bought one earlier).

Are there any problems or simply not enough time?

leotreasure edited 8 years ago Weight: 0 | Link [ - ]

I'm on a mac (El Capitan) and stuck at this step:

Run simplewallet.exe --hardware-wallet n (n can be any reasonable number eg. --hardware-wallet 0)

Leos-MacBook-Pro:monero0-9-4-0 ./simplewallet --hardware-wallet 0

Failed to parse arguments: unrecognised option '--hardware-wallet'

Edit: Solved, just needed to run the simplewallet included in the firmware download.

leotreasure edited 8 years ago Weight: 0 | Link [ - ]

Got it working - this is really neat!! Thanks! I sent a small donation the other day. Any chance you or someone from the Trezor team can help us make an easier way to enter the pin similar to the way mytrezor.com works?

ferretinjapan posted 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

I tried loading the firmware usng your instructions onto a completely new Trezor, loaded the firmware and initialised without a hitch. However, on running simplewallet, it returns the error that the library libdb_cxx-6.0.dll could not be found. I'm running a win7 64 bit machine.

Reply to: ferretinjapan
NoodleDoodle posted 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

I've updated the archive with the missing dll's, hopefully this fixes the problem.

Reply to: NoodleDoodle ferretinjapan
ferretinjapan posted 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

Thanks, that did the trick! It runs, but I have no idea how to input the pin properly when it is requested. How does that work on the command line?

Reply to: ferretinjapan NoodleDoodle ferretinjapan
NoodleDoodle edited 8 years ago Replies: 2 | Weight: 0 | Link [ - ]

Please use the numeric keypad to input the corresponding box.

Reply to: NoodleDoodle ferretinjapan NoodleDoodle ferretinjapan
ferretinjapan posted 8 years ago Weight: 0 | Link [ - ]

Ta. It looks pretty good so far. Wallet loads up after initialisation in chrome on mytrezor.com, loaded up with simplewallet no problem, made a watching wallet from the viewkey which is synched on the 9.1 version of simplewallet. Looks like the watchonly wallet see all the transactions it is supposed to. Sent a Monero to the Trezor address and recognised the transaction on the network. Once it unlocked I sent some of it back after confirming it on the Trezor. Recognised by the network no problem. So far so good! Fantastic work getting this up and going BTW, I thought we'd be waiting more than a year for something even close to a Monero hardware wallet.

Reply to: NoodleDoodle ferretinjapan NoodleDoodle ferretinjapan
wedgy2k posted 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

I've only got the stoopid little MAC wireless keyboard :-( I'll nip off and dig my other one out

Reply to: wedgy2k NoodleDoodle ferretinjapan NoodleDoodle ferretinjapan
NoodleDoodle posted 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

Use your imagination and lay out the normal num keys in a 3x3 matrix. :P

Reply to: NoodleDoodle wedgy2k NoodleDoodle ferretinjapan NoodleDoodle
wedgy2k posted 8 years ago Weight: 0 | Link [ - ]

LOL - you knew if it works for me it'll be fine for anyone.....

Works a treat, I plugged in old "BIG" Keyboard and have a hardware wallet address for XMR - thank you

I'm going to play with it via my remote RPi2 Node and send 1 or 2 back an forwards from / to Polo.

I'll even try and work out my 3x3 square..... :-D (Happy to do an idiots guide, by an idiot if you like?)

pa edited 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

Is this ready for testing on OS X?

Reply to: pa
NoodleDoodle edited 8 years ago Weight: 0 | Link [ - ]

Not yet. Will set up a build env after I add the retry/reconnect functions.

NoodleDoodle posted 8 years ago Weight: 0 | Link [ - ]

Client and firmware updated to V0303

ferretinjapan posted 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

Did a little further testing today and tried restoring the 24 word deterministic seed generated on the Trezor via simplewallet, unfortunately simplewallet requires 25 words. :/ If I recall the 25th word is something like an error checking word or something. I'm guessing this is something that will need to be added to the todo list.

Reply to: ferretinjapan
NoodleDoodle edited 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

The 24 word recovery seed is intended for the trezor hardware itself and not for simplewallet (et al.). Please follow the following instructions when you want to recover your "old" account using the 24 word seed -> https://doc.satoshilabs.com/trezor-user/recovery.html

Reply to: NoodleDoodle ferretinjapan
ferretinjapan posted 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

Hmmm, I'm not sure I follow. restoring the Trezor with the 24 word seed is straightforward, but what would I do if I lost the Trezor, but still had the seed and wanted to just use simplewallet's wallet functionality without the Trezor? How do you load the 24 word seed with simplewallet so that you can recover your funds?

Reply to: ferretinjapan NoodleDoodle ferretinjapan
NoodleDoodle edited 8 years ago Replies: 1 | Weight: 0 | Link [ - ]

With BTC, you'll need another application like Electrum to recover your trezor accounts. The same process is applicable to XMR. I'll publish a tool to output a mnemonic for a specific account index or maybe even add it as a simplewallet command line option. Once the source is out, anybody can do this as well.

Reply to: NoodleDoodle ferretinjapan NoodleDoodle ferretinjapan
ferretinjapan posted 8 years ago Weight: 0 | Link [ - ]

Cool, I look forward to it.

palexander edited 8 years ago Weight: 0 | Link [ - ]

When I try to run this after following the instructions, simplewallet asks for a password immediately. When I can't supply one (just press enter) or if I supply one, it faults out with the message "error: failed to initialized hardware wallet". This was performed on a brand new Trezor with no initialization until I started following the instructions. Does the Trezor need setup with bitcoin first via mytrezor.com?

ERROR C:/trezor/new2/bitmonero/src/simplewallet/simplewallet.cpp:2825

Also, all my Monero related files are on another drive. (other than C: if that makes any difference)

Edit: Nevermind, yeah, you have to follow through with setting up Trezor on mytrezor.com initially.

wpalczynski edited 8 years ago Weight: 0 | Link [ - ]

I sent xmr to Trezor, sent from Trezor to Polo with ID and both transactions worked flawlessly using mixing of 2. Are there any particular things we should be focusing on to test this new Firmware? Which functionality is most likely buggy?

Great job NoodleDoodle, this is awesome!

  • using Windows 8.1
NoodleDoodle posted 8 years ago Weight: 0 | Link [ - ]

V0306 now up. Added binaries for linux/osx 64-bit.

dnaleor posted 8 years ago Weight: 0 | Link [ - ]

Testing on linux now :)

the trezor.bin wasn't in the linux map, so I copied the file from the windows map. Just FYI