Ledger-Mitbegründer fragen mich, wie ich den Trezor-Code “verifizieren” kann.
- Dieses Thema hat 6 Antworten und 1 Teilnehmer, und wurde zuletzt aktualisiert vor 9 Monaten, 2 Wochen von
.
-
Beiträge
-
-
Und ich verweise ihn auf die Github-URL.[https://github.com/trezor/trezor-firmware](https://github.com/trezor/trezor-firmware)
Und er antwortete:
\> Das ist Lesen, ich habe nach dem Laufen gefragt.
Und er hat einen Punkt, brauche ich einen Trezor-Emulator, um diesen Code auszuführen und zu überprüfen, ob er läuft?
-
To add to my previous statement.
Trezor-T architecture is as follows:
1. Boardloader firmware is burned at the factory onto a read-only part. It cannot be reprogrammed.
2. Boardloader will reject any bootloader that isn’t signed with the Satoshi Labs key
3. Bootloader will WARN if any firmware is found without the Satoshi Labs keySo the only way to make fake firmware appear real is to rebuild the entire Trezor-T with new guts (non-trivial). Such a hack will no longer check for the Satoshi-Labs key, so if you can flash an unsigned bootloader, you know your boardloader is broken. It’s trivial to strip the sig-block from the production firmware if you are inclined to test this.
-
-
You can verify that the flash file is correct by running the build and comparing it to the flash file
https://docs.trezor.io/trezor-firmware/common/reproducible-build.html
If that is beyond you, you can trust that others have done it for you and rely on their work
https://github.com/brianddk/attestation
You can ensure that what you flashed is running by examining the new features and flashing firmware with and without those features. Things such as `sd-protect` and `wipe-pin` and even some new blockchains. Flash to an old firmware and enable sd-protect and watch it fail. Up flash and watch it succeed.
For attacker to “spoof” every possible feature change across every possible firmware is just real tinfoil hat thinking, and pretty easy counter.
If you really want to get paranoid, you can avoid the firmware flasher all together and [use the boardloader to flash](https://www.reddit.com/r/TREZOR/comments/13umfly/hyper_paranoid_trezort_autowipe_method/).
Alternatively if you do complete the reproducible build, just change the version number to Pi or something like that and load that. As you suggest, you can try on [the emulator](https://www.reddit.com/r/TREZOR/comments/13umfly/hyper_paranoid_trezort_autowipe_method/) if you want. I think it’s a great tool.
But as you suspect, this is so off it in the weeds it is pure theater. No one is launching that intricate an attack to grab some redditors coin. WAY easier to do just a simple and broad attack like the Ledger pre-populated seed-card. By all accounts, that got LOTs of users (surprisingly).
-
-
-
-
- Du musst angemeldet sein, um auf dieses Thema antworten zu können.
