Hi all,
This topic has been asked around about at least twice and I read the replies so far.
They do not cover my question fully so I hope it is ok to ask here in more detail.
My aim:
I want to reach maximum security in interacting with the blockchain balance using Trezor. In both scenarios, I need to trust someone and since I do not know anyone involved I’d rather go with „trust no one“ sort of Maxime. To fully understand the implications of either alternative let me ask the following
Alternative A) Use Desktop Suite
-
I would need to trust satoshilabs. Is the code open source as is the code for the firmware? How can I be sure that there are no backdoors/malicious functionality?
-
download Desktop app from Trezor: how is it 100% guaranteed, that the file I download is of trezor origin and has not been altered? My guess would be to check if the download has been signed by satoshilabs, which I would do, of course.
How can I additionally make sure that the file is of good origin? Any suggestions? -
How is it guaranteed, that the updates are not adding malicious functionality? How can this be doublechecked? Are the updates loaded within the app or is it necessary to download them manually?
-
What would a malicious desktop app be able to do with the funds, since, at least from what I understand, private keys never leave the trezor? What would be the worst case scenario here?
Alternative B) Use web app
-
I would need to trust the issuer of the browser and the bookmark to be good. The quality and origin of the browser would be checked by issuer signing, as with the desktop app. Any additional suggestions to improve on that point?
-
How can I make 100% sure that the bookmark has not been altered since creation? Check certificate and URL? How would the certificate details need to be, to make sure, it is of good origin and not altered by third party?
-
What would a malicious web app URL be able to do with the funds, since, at least from what I understand, private keys never leave the trezor? What would be the worst case scenario here?
Thanks for reading up to this point - I hope that this additional questions lead to full clarity on the risks of the two options.
Tbh, none of them sound good to me, since additional steps and trust is necessary and, as stated above, we seem to live in „trust no one“ times, sadly. So if possible, a real benefit in product design would be, if the trust-requiring steps would be reduced by design.
Nonetheless I really think that Trezor is the best choice and am hoping that you can shed light on the topics above.
Thank you