Trezor vs Ronin Connection

Hi everyone,

I need your advice. I am playin Axie and have connected my ronin account to my trezor, let’s call it Trezor Ronin account. Everything is smooth so far. However, I don’t fully understand on the connection of Ronin account and Trezor. Here are my questions :

  1. I just checked my trezor suite and found nothing related with Ronin account. Is it supposed to be like this? I only found my crypto fund that is not related with Ronin
    2, I understand that the hackers can not get into my Trezor Ronin account, unless they have my seed phrase. In this case, I can only get hacked if the hacker knows my Trezor seed phrase. Is it correct?
  2. Should my Trezor seed phrase is compromised, what should I do? with my Trezor suite and Trezor Ronin account. I use passphrase and I read that passphrase is your last fortress. You can lose your Trezor device and seed phrase, but can not get hacked until your passphrase is stolen. Do I understand it correctly.
  3. Should I connect my Trezor Ronin account using public wifi, will it be dangerous? Previously I assume it will not be harmful since every transaction in Trezor Ronin account needs to be validated by the device.

Thank you in advance.

1 Like

Hi @Trezor2

  1. As Ronin network is not natively supported by any Trezor interface you have to use third party app such as Ronin wallet which you can pair with your Trezor HW wallet (so all the addresses you use are derived from your Recovery seed which is always securely kept offline on your device).
    And yes as long as you keep your recovery seed safe, your funds are safe as well. (especially when you use passpshrase feature).

  2. The best option would be to transfer immediately your remaining funds (if there would still be any) to another (preferably) cold wallet. See also:
    User manual:Emergency situations - Trezor Wiki
    Second part of your question regarding passphrase feature as an ultimate protection for your funds is also correct. Just bear in mind that it is advance feature and by using the passphrase feature, you, the user, gain lots of additional personal responsibility in direct proportion to the security enhancements.
    More info:
    Passphrase - Trezor Wiki
    Passphrase — the Ultimate Protection for Your Accounts | by SatoshiLabs | Trezor Blog

  3. correct again, as long as you will not expose your recovery seed online it always stays securely kept offline in your Trezor device as stated before.

1 Like

Hi @MichalZ ,

Thank you for your prompt reply. Additional questions from me, in relation to point no 2 :
2a. Say I feel my seed phrase is compromised, but my passphrase is safe, is it ok for me not to reset my Trezor wallet?
2b. By resetting my Trezor wallet, I understand that I will get new seed phrase. How about my PIN and passphrase, these two will be reset too?

Kindly advise.

2 Likes

Help me please how can fix my own problems

1 Like

2a Yes It is safe to reset your Trezor wallet (and recover it afterwards) - because when the same recovery seed is used and the same passphrase is entered (if enabled and used), the same wallet is accessed. There is no exception. It always generates the same wallet including the same accounts having the same addresses in the same order. The public-key cryptography ensures it generates always the same result.

However this doesn’t really resolve your issue with recovery seed being potentially compromised (as the recovery seed will remain the same when you wipe and recover your wallet).

2b It is important to distinguish between resetting/wiping your device and creating new wallet and recovering the old one:

If you wipe your device it will delete all data associated with the pre-existing accounts (your recovery seed) and settings associated with the device, such as the PIN.

Apart from that you can also proceed to factory reset which will erase everything on your device except bootloader. (so this will delete firmware as well).

After each of previously mentioned processes you will have an option to either create new wallet or recover already existing one.

So in case that your recovery seed would be compromised but your passphrase would remain safe your funds are still safe as well! However potential attackers would be already “half way there” (even though the second half of breaking into your wallet could still be almost impossible as the passphrase would exist ideally only in your head). But security best practice would be to transfer your funds to a newly created wallet (fresh recovery seed) and hidden wallet (same or different passphrase).

Note that in general to make such transfer you always have to use right combination of recovery seed and passphrase (if enabled and used) in order to be able to sign the transaction:

When first initialized, a Trezor device generates a random number which is converted into a mnemonic sentence (recovery seed) and stored in the memory. Subsequently, whenever the device is used, it derives a cryptocurrency wallet from a magical formula; mnemonic+passphrase (extremely simplified).
If you do not input any passphrase (default setting), an empty string is used. When the feature is activated, you will be prompted to enter the passphrase which is then combined with the recovery seed on the device, and a new wallet is generated (and you would need to use this sort of “formula” - combination of recovery seed and passphrase - every time you want to make a transaction.

1 Like

Hi @MichalZ ,

Many thanks for your comprehensive explanation.
Just want to confirm few things :

  1. For me, security best practice is doing the factory reset in order to get the new seed phrase. However, beforehand, I need to transfer all of my funds to somewhere else, say other Trezor wallet/online wallet/online exchanger. Is it correct?
  2. On your “But security best practice would be to transfer your funds to a newly created wallet (fresh recovery seed) and hidden wallet (same or different passphrase)” statement, sorry I don’t understand why I can still use the same passphrase even though the device has been reset to factory setting. My guess, it’s just merely no one has the information of my passphrase, so it will be safe to proceed with the same/old passphrase when creating new wallet, isn’t it?

Last thing, kindly inform how to give the rating for you. You have been very helpful.

Thank you.

1 Like
  1. technically you have two options:
    either transfer your funds to your backup wallet first and then use the same Trezor device to generate new wallet and transfer your funds from your backup wallet there.
    or you could also wipe your device, create new wallet and generate necessary receiving addresses, wipe the device again, recover the initial wallet - from there send funds to the addresses previously generated and then finally recover the previous wallet and keep using that one.

However as you can tell the second option is quite complicated and very lengthy and laborious…
Because of that It is recommended to have a spare Trezor device for situations like these so you can use it as your backup wallet (and don’t have to use the hot wallet which would be more vulnerable to potential attacks).

These steps are also described in second half of this article.

  1. Yes your assumption is absolutely correct!
    You can use the same passphrase only if you are absolutely sure that it has not been compromised.
    Of course this is totally up to you and you can create also new hidden wallet using fresh passphrase just keep in mind, more passphrases you use more tricky or even messy it can get when trying to access desired wallet.

I believe these answers shed some more light on the problem however if you would have any further questions or wouldn’t be sure about something please do not hesitate to ask again…
It is better to be safe than sorry, right? :slight_smile:

And regarding the rating… don’t worry about it, I am happy to help and it is my job.

2 Likes

You can always “like” his answers by clicking on the heart symbol under his posts.
That will show your gratitude. :slight_smile:

2 Likes

Hi @MichalZ ,

Sorry for my late reply. It’s a comprehensive information again.

Many thanks for it. Really appreciate.

All the best for you!!

Hi @Petosiris ,
Thanks for the info. I have liked his answer and give you one too :slight_smile:

1 Like