General question about Metamask linking

I am trying to gain a better understanding and clarify if I do understand Metamask linking correctly.

There are 2 very basic types of third-party wallet linking.

a) Linking or import/store a Metamask address with its private key into my Trezor devise. Metamask will be the from end for viewing and interacting with that address and private key. Like a glove that slips over the Trezor. Trezor will confirm then allow the private key to be used that it has stored in a secure mannor? This process is done by starting with a blank Trezor device and using the Metamask bkup phrase to restore the Metamask address and private key onto that Trezor device? Then any new Metamask installation can be used like a glove, if you will, to access that address. Using the connect hwde wallet setting in Metamask to link the exact address that was restored? in this case the metamask address restored on the Trezor device. During this process, to clarify, the dropdown list of available address to link will include not only the Metamask address that was restored but many others that were “pre created” during the Trezor restore/activation process. All those pre created address are based in part on the original restored Metamask address/Bkup phase in Trezor? Additionally, the Trezor password phase will also affect the pre created address depending on if it is activated and the phase used? If one of these “pre-created” address are used by linking it to a third-party wallet it is important to know the state of the password phase setting during the original restore/activation process so it can be replicated again for future restores of that pre-created address.

b) Linking “pre-created” Tresor address to Metamask. This process is almost the same except a Metamask bkup phase is not used but rather a Trezor wallet is created in the normal way using best practices. By retaining the bkup phrase as well as the state and details of the password phrase, if any, you should be able to retore those exact pre-configured address?

Is it possible to link the same Tresor “pre-created” address to several different third-party wallets? For example, Could I use the same address with Metamask frontend that has compatibility to one dapp and another non-Metamask wallet as a frontend that has compatibility to a different dapp that Metamask does not have compatibility with. Is it best practice to use different Trezor pre-configured address for linking to different frontend third party wallets?

It is true to state that “any” Trezor linked address to a third-party wallet can only work with coins that Trezor is compatible with for the Trezor device being used for the link and in addition what that third-party wallet is compatible with as well?

As you can tell I am a little new.

Thx

@Bingo

a) don’t do that. Loading a hot wallet seed onto a Trezor defies it’s purpose

b) yes, pair your device with MM and your coins will be protected by Trezor private keys:
https://wiki.trezor.io/Apps:MetaMask

and yes, you can pair Trezor with other 3rd party wallets
https://wiki.trezor.io/Apps

you can only use coins that are supported on Trezor

1 Like

We use trezor because hot wallets are not secure. It is assumed that the seed phrase of the hot wallet has been mastered by the hacker. Since the seed phrases generated by trezor are off-net, hackers cannot get them.
You use a seed phrase that may have been hacked to recover a hardware wallet? What’s the point of doing this? Has the seed phrase been hacked to make it possible for your hardware wallet as well?

1 Like

a) Agreed but I believe some use this to reduce their future attack surface because of past commitments with their hot wallet (ie. Staking). It is more or less a “pray” strategy! I only mentioned it because I wanted to confirm this is possible but personally not something I want to do. Thanks for the clarification and the warning.

I was hoping someone could comment on my analogy of “pre-created” and if I have this correct and in particular how the pw phrase interacts with creation and restore of these addresses. I think I might be a little confused.

Thx