Trezor T
- Dieses Thema hat 9 Antworten und 1 Teilnehmer, und wurde zuletzt aktualisiert vor 3 Wochen von
.
-
Beiträge
-
-
Hallo
Also heute habe ich gerade die Trezor T gekauft. Ich bin schon 3 Jahre in Krypto, aber immer noch meine Münzen sind in mehreren Börsen. Meine Priorität ist es, für Jahre zu halten. Ich habe einige Fragen, entschuldigen Sie, wenn diese Fragen sind bereits mehrfach gefragt.
​
\- Einige meiner Münzen werden eine Metamaske benötigen, ich habe schon einige negative Dinge über Metamasken gelesen. Aber mit einer Trezor Cold Wallet wird es mit Metamaske sicherer sein?
\- Wenn ich meinen Seed-Satz auf ein Stück Papier schreibe, reicht das aus? 1 für mich und 1 für meine Eltern.
\- Gibt es irgendwelche Tipps oder Ratschläge, die ich wissen muss, bevor ich eine Cold Wallet verwende? ich frage zum ersten Mal
Danke für die Antwort
​
​
-
When it comes to custody the custodian is usually the weakest link. And very rough order of likelihood these are some of the ways people have gotten rekt.
If you can run the gauntlet and still leave a reasonably clear path for your heirs then you’ve done a good job.
1. Digitizing seedphrase by typing it on ANY keyboard, taking a picture, scanning or speaking it into a mic
2. Giving seedphrase away accidentally or otherwise
3. Losing or forgetting device PIN and seedphrase and/or passphrase
4. Generating a non-random seed from common sayings, stories, songs, poems or using fewer than 20 dice rolls
5. Keeping everything on a hot software wallet
6. Not using a hot software wallet to interact with the cryptosphere
7. Clicking on spear phishing texts or emails
8. Sending assets to the wrong address
9. Sending assets using the wrong blockchain
10.Only checking the first and last 4 characters of addresses
11.Blind signing transactions
12.Interacting with dApps on DeFi
13.Interacting with anything “free” like airdrops, rewards NFT’s and points
14.Downloading a malicious version of a wallet app
15.Not verifying hashes on downloaded software
16.Using a poisoned receive address or a senders change address from transaction history
https://www.cointime.ai/news/address-poisoning-scam-9088017.Having a compromised clipboard
18.Using extraneous, buggy browser plugins.
19.Not using an extension like WalletGuard
20.Using the password manager that came with the browser
21.Using a Windows administrator account for everything
22.Depending solely on Windows Firewall/Defender
23.Downloading an alternate Android keyboard that installs a keylogger
24.Getting SIM swapped and using SMS text for 2FA
25.Connecting cold wallet directly to the cryptosphere instead of a hot wallet
26.Connecting cold bank to the cryptosphere instead of a hot bank
27.Not buying the HWW device from the official source
28.Using actual PII on the HWW order form
29.Leaving assets on an exchange that gets locked up due to KYC/AML
30.Leaving assets on an exchange that the government bans, seizes or shuts down
31.Leaving assets on an exchange that gets hacked
32.Plain old fashioned fraud (Pump & Dump, Affinity, Romance, Impersonation etc…)
33.Evil Maids and Smash & Grabbers
34.$5 Wrench attack
35. Unciphered-style technical seed extracting exploit of physical device
36. Wallet-Fail technical seed extracting exploit of physical device
37. Brute Force Kraken-style pin attack exploit of physical device
38. Wallet maker intentionally or otherwise releases malicious seed extracting firmware
-
Metask: risk of signing malicious contracts, whether you use Trevor or not.
Seed phrase: you have 2 copies. Good.
Tip: do the seed check (recovery check) in trezor suite to see if seeds are correct.
Also: transfer little amount to Trevor, then wipe Trevor, then restore with the seeds and see if funds are restored correctly.
Tip 2: consider using a passphrase, but make sure you know everything about passphrases before you do so.
Tip 3: Never type your seeds anywhere, with exception of your Trezor T. You only type the seeds on the trezor.
-
I’m in the same position, but with a Safe 3
I also need to use metakask.
The good thing is both Trezor Safe 3 and Metamask are open source. We will be fine as long as we DO NOT enter the seed in any on-line connected device.
I have 2 seed backups, one on a piece of paper, one on a metal plate (Keystone Tablet Punch), which is locked and buried someplace safe
Also
Use a passphrase and store it ina diffrent location. This way, if someone has your seed, they still need the passphrase to access your accounts.
Pro tip: In both, Trezor Suite and Metakask, do not enter the passphrase digitally. Opt to enter the passphrase on the Trezor Device itself
This is my plan. -
> But with an Trezor cold wallet will it be more safe with metamask?
SAFER, not safe. Using Metamask WITHOUT Trezor, then everything behind that seed-mnemonic is at risk. With Trezor and Metamaks, the only thing at risk are the ETH accounts that you physically approve malicious contracts for… physically.
No way to guarantee you don’t hit a malicious contract short of actually decoding the TXN you are confirming and reading the underlying code. In the future there will likely be online TXN decoders and contract trust ratings you can refer to, but they are just not in the market yet. Still too soon.
> If i write my seed phrase on a piece of paper will that be enough? 1 for me and 1 for my parents.
Yep, but as you invest more and more you might want to transcribe that scrap of paper into punched steel plates or something less susceptible to flood / fire.
> Is there any tips or advice i need to know before using a cold wallet? first time just asking
Just read the Trezor manual (trezor.io/learn) as well as Metamask. Sounds simple, but so very few people do, you’d be surprised.
-
Have you looked into Shamir backup? You’ve got the one Trezor that allows for a Shamir backup of your keys. You can set two things:
1) How many copies of your seed should be recorded? (Ie 5 Shamir seeds)
2) how many copies of the backup is needed to restore your seed (ie require 3 copies to be accessible to restore your wallet)This way, you can give your mom 1 Shamir backup – and you can store 3 of yours someplace safe. And give 1 to a friend as a backup. Etc. if you ever need to recover your seed, you can get any 3 of these 5 Shamir backups together and restore your wallet.
IMO one of the main reasons for the Model T value is this backup style.
-
-
Others have different ways of doing this, but what I would do is send the ERC-20 based tokens to your ERC20 address on your Trezor (ETH address) and then when it comes time to you wanting to sell, that’s when I’d connect metamask and transfer to another exchange. Personally, I hold my cold storage on my ledger since I can see the tokens in my wallet natively. In Trezor, you’ll only see ETH, DOGE, and BTC and if you send tokens to your wallet, the only way to view them is to use a blockchain explorer or a wallet interface like Metamask. I’d advise against connecting to Metamask to any cold storage until it’s time to sell. That’s just me and others might disagree and I understand.
I have two Trezors and a Ledger. My Trezors are primarily for DeFi and my Ledger is for cold storage.
1. Generate your seed phrase with your NIC (WiFi, Ethernet) off. This ensures if there is a potential remote connection that they don’t see your seed.
2. Write it on a piece of paper and put it somewhere you know it will not get lost or compromised.
3. Do not sign any transactions on your wallet if you intend on holding it for a while. There are security breaches where funds could get compromised. In other words, I wouldn’t personally connect Metamask at all until you want to transfer to an exchange to sell. Technically, connecting to a hardware wallet on Metamask uses a burner address (Would not recommend using it) as an interface and then you’ll have another address which is your ERC20-based address. The “Trezor” address in Metamask does not show your seed from my understanding. -
If your crypto holdings are substantial (something tells me it is), a piece of paper isn’t enough. You need a metal engraved seed, like this: [https://cryptosteel.com/product/cryptosteel-capsule-solo/](https://cryptosteel.com/product/cryptosteel-capsule-solo/)
Paper can be lost, burnt, soaked, etc. Also, it wouldn’t hurt to memorize your seed.
Metamask is fine, just use a separate wallet when connecting to Dapps. Never connect your main wallet (where you store most of your crypto) to anything.
-
-
- Du musst angemeldet sein, um auf dieses Thema antworten zu können.
