I have model one, thinking of upgrading to Model T or NGRAVE or Ledger - Not sure what to do

Hey everyone,

So I have Model One at the moment, and thinking of getting extra and upgrading my wallets. Especially with this entire FTX FUD(Hopefully). Started to think about the risks of this whole thing around wallets and not your keys = not your crypto.

I am thinking of getting Model T, however I also noticed few other wallets out there. The people with Model T are you happy with it? Should I get one too?

Otherwise I am thinking of purchasing.

NGRAVE ZERO → Looks sexy af but pricey
Ledger Nano X → Looks ok, but hate that tampon shape
What would you recommendation? Why Model T instead of those wallets? Or do you have other wallets that are worth checking out too??

My use would be mainly to store Bitocin and Ethereum. Dont really have nft’s.

Help thx

sorry for this thread, kinda lost in the search of it all.

1 Like

Hi @thatguy,

I use Trezor Model T and like it. It could support more coins but so could other hardware wallets. If you’re mainly going to store Bitcoin (BTC) and Ehtereum (ETH) then it doesn’t matter which wallet you choose, as they all should support those coins.

So it really depends on what you mean by “mainly”. Be sure to pick a hardware/cold wallet that support the coins you’re going to store and you’ll be fine.

Sorry if my answer doesn’t end with a recommendation for a specific wallet, but with the general information you provide it’s the best answer I can give you at this time.

1 Like

Hey @thatguy,

I have both Model T and NGRAVE ZERO, but I use them differently. I take my Trezor with me everywhere but it has only a small amount of crypto on it because after everything that happened I have zero trust in anything that’s online so I use it in a way I’d use a hot wallet. I realise many people would just use a hot wallet and if they lose that small amount it’s whatever, but I am super paranoid about security so I found this to be a comfortable solution for me, even though it’s a bit inconvenient.

However, the majority of my crypto is on the NGRAVE ZERO and that is my true “cold” wallet that I keep in a safe and use for transactions if I’m at home. I’ve done extensive research and when I found out that you can actually generate your own key on the ZERO I was sold - you mention price but honestly heck that if the manufacturer has my private key. Who says we can trust them? I don’t just take people’s word when my money is involved. You mentioned you have only Bitcoin and Ethereum and for those coins I’d honestly just invest in an NGRAVE.

Hiii @thatguy

Well one or main differences I see.

the NGRAVE if not mistaken is not opensource which means you can’t verify the code they are running and what it can do.

Trezor is fully Opensource anyone who understands can check trezor code.

another thing I noticed is they have this nGRAVE perfect key

Never herd of this and don’t think it is a industry standard. Meaning it may not be compatible with other wallets if you ever need to change.

TREZOR uses industry standards that have been battle tested along the years.

One thing I can say about NGRAVE is that it works airgapped, so you don’t ever need to connect directly to a machine.

With all this said, it is your duty to learn and study about both and comeup with your own conclusion.

Something might work for you but not others. Just make sure to do your own research and study very well these because you will be putting money on them.

Ps: I have a model T and love it

Hope this Helps

Good Luck

@rimaS Jumping in here cuz I posted above about my own experience. The Perfect Key it’s completely compatible with other devices, the thing that makes it “perfect” (and what I also mentioned above) is that you, as the user, generates your own key. It’s the very thing that convinced me to buy my ZERO cuz literally no one else but me knows the key. It’s a huge selling point of NGRAVE and a reason to buy it, not something that drags it down.

1 Like

that is exactly what Trezor and other HW wallets do

I am not familiar wit Ngrave but reading on their website, their biggest concerns are:

that manufacturer knows your private key (Trezor is opensource, so this can be verified) and a single point of failure in case of loss (this is solved in case of Trezor by Shamir backup where you can split the backup in multiple shares, up to 16) and set a threshold on how to recover.

Plus there is always a passphrase that you can use that is not stored anywhere and protects in case of lost seed.

2 Likes

agreed @forgi

uffffff I would say this is a major concern.

Also and like you @forgi and I mentioned It is NOT OPENSOURCE so you cannot verify what they are say the product does.

I would also be suspicious of anything that claims to be perfect like they mention on there website several times

1 Like

I had a look at Why Randomness Is Central To Crypto, But So Hard To Achieve | NGRAVE and I honestly think that the “Perfect Key” is pure marketing technobabble.

Claim: they combine internal TRNG + data from light sensor + fingerprint scan to get randomness.
Security: same as if you throw out the fingerprint and the light sensor and just go with the TRNG.
Verification: no way to verify.
What they could be doing: give you one of the 2048 built-in keys that the manufacturer already knows.

Claim: the user can shuffle parts of the key as they like.
Security: there are 8 groups, so at best this adds 8! = 40320 variants of the same key.
Verification: yes, you can check that this is really your key by importing into another wallet
What they could be doing: simply allow the user to do this. Assuming the key is one of the 2048 known ones, the manufacturer only has like 82 million tries to find your actual seed.

Claim: this is all fully offline.
Security: that helps … except, see below.
Verification: no real way to verify.
What they could be doing: when you synchronize with your phone via QR code, the QR code could exfiltrate your private key.

To be clear, I don’t think NGRAVE is actually doing this.

My point is that the “Perfect Key” has zero practical impact on security. If you want a way to generate your key fully privately, you’ll need to have a look at BitBox (or ColdCard allows the same thing IIRC).


What is Trezor doing on this front?

Trezor creates your seed out of two parts:

  • internal entropy that comes from the TRNG,
  • external entropy that comes from the host PC.

You can verify that both parts are actually used, using some Python and trezorctl:

  1. wipe your Trezor
  2. set it up via: trezorctl -v device setup --show-entropy
  3. write down the Internal Entropy shown on your Trezor screen
  4. confirm the entropy on Trezor
  5. while showing your seed word(s), the terminal on your PC will show something like:
    [2022-11-09 15:24:52,898] trezorlib.client DEBUG: sending message: EntropyAck
    EntropyAck (34 bytes) {
        entropy: 32 bytes 
    0x7859d88b9ed02d8b8be4069206d7f807cd41df2c5194e12923e5d906c313647b,
    }
    
    Save this message too.
  6. Write down the seed words
  7. download mnemonic_check.py from the firmware repository
  8. run it: python mnemonic_check.py
  9. First, fill in the value of entropy that you saved previously (without the starting 0x).
  10. Second, fill in the value of “Internal Entropy” that you copied off your Trezor screen.
  11. Fill out the number of words in your seed.
  12. The script will now print the same seed that your Trezor has generated. This means that Trezor must have used both the internal and the external entropy to generate it.

You can do this several times, to make sure that Trezor is always using both sources of entropy. Afterwards, wipe the Trezor and use it to generate your actual seed.

3 Likes

@matejcik loved this, very helpful thanks for sharing your developer insight.

:+1::ok_hand:

1 Like

Re: Ledger Nano X

  1. We dislike the inconvenience of having to repeatedly enter our PIN every 5 minutes to keep the device unlocked while we’re at home using it with Ledger Live. All crypto transfers require PIN so the constant signing out and signing back in is a chore.

  2. Ledger violated our trust by not securing the personal data of purchasers, who are now getting threats of violence & blackmail as a result.

QUESTION: CAN ANYONE TELL US… What are the automatic timeouts on Trezor or the device you use?

@CryptoBuro

Hi @CryptoBuro,

The amount of time that elapses before the device automatically locks (and requires PIN to unlock) can be adjusted in settings.

Hi @CryptoBuro,

I don’t remember what the default timeout on my Trezor T is and I’m about to run to a doctor’s appointment right now so I don’t have time to check, but I do know that you can adjust the timeout in Trezor Suite software. I did that on day two after I received my Trezor device, because, just like you, I was annoyed by the default timeout value, so I set it to a full day in Trezor Suite. :slight_smile: Then it never time out until I disconnect the device.