Replacing Ledger Nano S w/ Trezor hardware wallet
With the recent issues with Ledger I have lost trust in the device and the company. If you haven't heard, a 15 year old kid was able to extra private keys from the Ledger Nano S and Ledger downplayed the significance and even lied? about the fact it can be done.
Upgrading my Ledger Nano S to 1.4.1 firmware to patch the security issue and allow for more tokens was a very painful process, taking far more work and time than it should have. At many points I thought I would need to start over and wipe the device and do a recovery.
I picked up a Trezor on sale for $70 off Amazon. The device setup really easily, and was able to just move my wallets from the Nano S to the Trezor inside of 15-20 minutes.
When you get the device, just like the Ledger Nano S, you need to initialize it and setup your 24 key seed. In my case I was recovering from another wallet so I just used my existing seed words.
The first step is to update the firmware to the latest version. Once this is done, it will ask if you want to do setup a new device or recovery from an old one. You choose recovery from old device if you want to move from a Ledger Nano S or even a software wallet that uses 24 seed word algorithm.
After entering in the 24 words (they are asked in random order) you are all done. That's it!
The device is now setup with your new or existing wallet and you can access the native apps to access your wallet. The Chrome apps are now retired and it is all done via a native app.
I really like how they do the passcode entry, you are presented with a randomized set of numbers 0-9 on the device, then you press the appropriate buttons on the computer screen where those numbers are. This prevents applications from gathering your passcode as the buttons you press each time are randomized but the passcode remains the same. On the Ledger Nano S, it was done with physical buttons.
The Trezor suports fewer coins, and requires Dropbox if you want to label accounts or put notes on transactions, otherwise the experience with painless and easy to do. So far I like the device a lot, I really hope the number of coins supported catches up to Ledger and they add labeling without requiring using Dropbox. Although it is encrypted, it makes me uncomfortable about having a third party dependency.
One other thing I am not happy about is the lack of native Ethereum support. Apparently this is coming, but for now you have to use MyEtherWallet site to access your Ethereum tokens. On the Ledger you only needed this for your ERC20 tokens, but with the Trezor you need it for Eth as well. That is very disappointing, especially with the uncertainty going on with MyEtherWallet right now.
I also prefer the Trezor interface - much easier to have everything in one place than a slew of apps, and I find the PIN entry less cumbersome. Once it is available, I would recommend looking into the Trezor Model T. I just received my preorder, and am very impressed so far...the best feature for me is the ability to enter an encryption passphrase on the device, so it is not susceptible to keyloggers. Also very fast and convenient to use.
I wanted a Model T but I don't think they will be available for a while unless you pre-ordered and the difference didn't seem all that big.
How does the encryption passphrase work?
In addition to the PIN, there is the option to add a separate encryption passphrase. This passphrase encrypts the wallet seed, and is needed to access your wallet either with the Trezor or with the recovery phrase. One advantage is you can create multiple wallets hidden behind multiple passphrases (in effect, every passphrase is correct and will lead to a distinct wallet). This way, you can create decoy wallets with different passphrases, and hand these over in the case of extortion, customs agents, etc. It also renders the recovery seed useless without the encryption passphrase, so if another person gains access to your seed, you are safe. Same thing if your physical device is somehow compromised, as was demonstrated in the past...an encryption passphrase would nullify these problems.
This option is also available on Trezor One, but the passphrase had to be entered on your computer keyboard, which is vulnerable to keylogger hacking. The difference with the Model T is you can enter this passphrase directly on the device, making it the most secure hardware wallet yet in my option. Trezor One is still extremely safe, and it would take a multi-point attack to defeat a Trezor One with passphrase enabled (access to seed plus the passphrase, or compromise the device plus access passphrase).
Other than this, it's mostly just convenience in favor of the Model T, although in the future they are planning to add data encryption and other features (there is a micro SD card slot on the Model T).
Model T is already out. I already got mine ordered in december
I wasn't sure if I should be worried or not about this. I have heard about it here and there, but I truly appreciate your article and write up about it. Your perspective is very helpful in my upcoming decisions about my crypto storage. I have been using a Ledger Nano S and have been pondering replacing it with a Trezor. This explanation has definitely given me some information to chew on! Nice post. -Respect
I have used Trezor for several years now and have always found them great. Additionally their customer service is really good if you ever need to contact them.
What makes you think that Trezor is more secure?
It may or may not, but they don't try to pretend there isn't an issue and hide it.
Although my upvote is small I am happy to share it with you.
Welcome to Trezor. It a breeze to use and all the updates, and BTC/Bitcoin cash split was so easy. I was thinking of getting the Ledger Nano because they hold more coins. The TrezorT has the capacity for dev teams to add their own wallets to it.
This is really interesting, as I hadn't yet heard about Ledger's downfalls recently. The big reason I would have picked Ledger over Trezor about 6 months ago, would have been because of being compatible with more coins.
Has Trezor updated their compatibility recently?
And do you have any opinion on KeepKey? I would have rated it under both Ledger and Trezor previously, but with this change up, I wonder how relevant KeepKey will become.
Very nice article, thanks for sharing. I've smashed the upvote button for you!
I live in Prague, so i felt i had to get a Trezor (Means safe in Czech), don't regret my purchase at all though!
If you are looking to get hold of some crypto without investing or mining, look into https://www.crowdholding.com. They are a co-creation platform were you get rewarded for giving feedback to crypto startups on the platform. You can earn Crowdholding's token as well as DeepOnion, ITT, Smartcash and many other ERC-20 tokens.
Guys, sorry to say so, but Trezor has even bigger problems and they just hide it: https://medium.com/@Zero404Cool/trezor-security-glitches-reveal-your-private-keys-761eeab03ff8
It had an issue before 1.5, but it was fixed and not pushed under the table. Ledger it is acting as if it never happened.
Agreed. They admitted to this, highlighted it to users and pushed out a patch to fix it. Even with issues like this, coins are much safer in a Trezor than any online exchange or wallet.
This is a very big slap on ledger. Every bug that is crypto-related reduce the chance of mass adoption, even if it is by a fraction. Am i right?