Can a malicious host system trick me into installing tampered firmware?

I am thinking about buying a security key like the one Trezor builds to secure my cryptos and 2FA/U2F logins even if my phone or PC gets hacked.
But then an important question comes to my mind: When I do the initial setup of the Trezor, or later updates, don’t I need to trust the host system not to install any tampered firmware on my Trezor?
Does the Trezor have a built-in security mechanism to verify that the firmware is safe, so I don’t have to trust the host system?

I don’t expect to have any malware on my devices, but if I took that for granted then I wouldn’t need to buy a hardware wallet/security key because I could just use my phone for the same thing.

Obviously, yes. This is a rather obvious attack vector, and a HW wallet vendor with this kind of vulnerability would probably not last over ten years on the market, and definitely wouldn’t get all kinds of praise for their strong security stance :wink:

Firmware images are signed by SatoshiLabs keys. You are allowed to install your own firmware – or a malicious firmware, if you’re so inclined – but in doing so, you need to (a) unlock the bootloader, which will invalidate all subsequent authenticity checks, and (b) click through several warnings, one of which is a red screen with the text “UNSAFE DO NOT USE”.
And that’s every time you plug in the device.

For what it’s worth, this is not all that unusual. In the year 2025, even things like washing machines usually have signed firmware updates. What’s unusual about Trezor is that you can still install your own builds despite this.

So i could to the initial setup and all following updates on a fully compromised device and the Trezor is still safe.
Is the firmware signed by multiple people, or could just one rogue or hacked employee sign malicious firmware?
Sorry that i bother you with this questions, i just want to be sure that everything is safe.

If the firmware is 100% build from the official Trezor Github repo, would the Trezor then mark it as safe or unsafe?

Imagine someone hacking a washing machine :joy: