So I have Model One at the moment, and thinking of getting extra and upgrading my wallets. Especially with this entire FTX FUD(Hopefully). Started to think about the risks of this whole thing around wallets and not your keys = not your crypto.
I am thinking of getting Model T, however I also noticed few other wallets out there. The people with Model T are you happy with it? Should I get one too?
Otherwise I am thinking of purchasing.
NGRAVE ZERO → Looks sexy af but pricey
Ledger Nano X → Looks ok, but hate that tampon shape
What would you recommendation? Why Model T instead of those wallets? Or do you have other wallets that are worth checking out too??
My use would be mainly to store Bitocin and Ethereum. Dont really have nft’s.
Help thx
sorry for this thread, kinda lost in the search of it all.
I use Trezor Model T and like it. It could support more coins but so could other hardware wallets. If you’re mainly going to store Bitcoin (BTC) and Ehtereum (ETH) then it doesn’t matter which wallet you choose, as they all should support those coins.
So it really depends on what you mean by “mainly”. Be sure to pick a hardware/cold wallet that support the coins you’re going to store and you’ll be fine.
Sorry if my answer doesn’t end with a recommendation for a specific wallet, but with the general information you provide it’s the best answer I can give you at this time.
I have both Model T and NGRAVE ZERO, but I use them differently. I take my Trezor with me everywhere but it has only a small amount of crypto on it because after everything that happened I have zero trust in anything that’s online so I use it in a way I’d use a hot wallet. I realise many people would just use a hot wallet and if they lose that small amount it’s whatever, but I am super paranoid about security so I found this to be a comfortable solution for me, even though it’s a bit inconvenient.
However, the majority of my crypto is on the NGRAVE ZERO and that is my true “cold” wallet that I keep in a safe and use for transactions if I’m at home. I’ve done extensive research and when I found out that you can actually generate your own key on the ZERO I was sold - you mention price but honestly heck that if the manufacturer has my private key. Who says we can trust them? I don’t just take people’s word when my money is involved. You mentioned you have only Bitcoin and Ethereum and for those coins I’d honestly just invest in an NGRAVE.
Never herd of this and don’t think it is a industry standard. Meaning it may not be compatible with other wallets if you ever need to change.
TREZOR uses industry standards that have been battle tested along the years.
One thing I can say about NGRAVE is that it works airgapped, so you don’t ever need to connect directly to a machine.
With all this said, it is your duty to learn and study about both and comeup with your own conclusion.
Something might work for you but not others. Just make sure to do your own research and study very well these because you will be putting money on them.
@rimaS Jumping in here cuz I posted above about my own experience. The Perfect Key it’s completely compatible with other devices, the thing that makes it “perfect” (and what I also mentioned above) is that you, as the user, generates your own key. It’s the very thing that convinced me to buy my ZERO cuz literally no one else but me knows the key. It’s a huge selling point of NGRAVE and a reason to buy it, not something that drags it down.
that is exactly what Trezor and other HW wallets do
I am not familiar wit Ngrave but reading on their website, their biggest concerns are:
that manufacturer knows your private key (Trezor is opensource, so this can be verified) and a single point of failure in case of loss (this is solved in case of Trezor by Shamir backup where you can split the backup in multiple shares, up to 16) and set a threshold on how to recover.
Plus there is always a passphrase that you can use that is not stored anywhere and protects in case of lost seed.
Claim: they combine internal TRNG + data from light sensor + fingerprint scan to get randomness. Security: same as if you throw out the fingerprint and the light sensor and just go with the TRNG. Verification: no way to verify. What they could be doing: give you one of the 2048 built-in keys that the manufacturer already knows.
Claim: the user can shuffle parts of the key as they like. Security: there are 8 groups, so at best this adds 8! = 40320 variants of the same key. Verification: yes, you can check that this is really your key by importing into another wallet What they could be doing: simply allow the user to do this. Assuming the key is one of the 2048 known ones, the manufacturer only has like 82 million tries to find your actual seed.
Claim: this is all fully offline. Security: that helps … except, see below. Verification: no real way to verify. What they could be doing: when you synchronize with your phone via QR code, the QR code could exfiltrate your private key.
To be clear, I don’t think NGRAVE is actually doing this.
My point is that the “Perfect Key” has zero practical impact on security. If you want a way to generate your key fully privately, you’ll need to have a look at BitBox (or ColdCard allows the same thing IIRC).
What is Trezor doing on this front?
Trezor creates your seed out of two parts:
internal entropy that comes from the TRNG,
external entropy that comes from the host PC.
You can verify that both parts are actually used, using some Python and trezorctl:
wipe your Trezor
set it up via: trezorctl -v device setup --show-entropy
write down the Internal Entropy shown on your Trezor screen
confirm the entropy on Trezor
while showing your seed word(s), the terminal on your PC will show something like:
First, fill in the value of entropy that you saved previously (without the starting 0x).
Second, fill in the value of “Internal Entropy” that you copied off your Trezor screen.
Fill out the number of words in your seed.
The script will now print the same seed that your Trezor has generated. This means that Trezor must have used both the internal and the external entropy to generate it.
You can do this several times, to make sure that Trezor is always using both sources of entropy. Afterwards, wipe the Trezor and use it to generate your actual seed.
We dislike the inconvenience of having to repeatedly enter our PIN every 5 minutes to keep the device unlocked while we’re at home using it with Ledger Live. All crypto transfers require PIN so the constant signing out and signing back in is a chore.
Ledger violated our trust by not securing the personal data of purchasers, who are now getting threats of violence & blackmail as a result.
QUESTION: CAN ANYONE TELL US… What are the automatic timeouts on Trezor or the device you use?
I don’t remember what the default timeout on my Trezor T is and I’m about to run to a doctor’s appointment right now so I don’t have time to check, but I do know that you can adjust the timeout in Trezor Suite software. I did that on day two after I received my Trezor device, because, just like you, I was annoyed by the default timeout value, so I set it to a full day in Trezor Suite. Then it never time out until I disconnect the device.