A Trezor is a mini computer keeping access to the seed contained to an isolated component with on-device display / confirmation. It's wrong to expect that an attacker with physical access won't be able to extract the seed. That remains true with an obfuscated secure element too.
Conversation
The BIP39 passphrase feature (passphrase appended to the seed phrase before key derivation) is the fundamental defense against an attacker gaining physical access. Trezor Model T has a much better implementation than the original by supporting on-device entry of the passphrase.
1
2
11
An attacker with physical access can extract data stored on a device. Secure elements can make data extraction more expensive but it's still possible. The benefit of dedicated hardware wallets is isolating access to the seed/passphrase for orders of magnitude less attack surface.
Replying to
Quote Tweet
The passphrase feature works by appending the passphrase to the seed phrase which is used as the input for key derivation. It doesn't encrypt the seed with it but rather appends it to the seed phrase to derive a different key / wallet. It doesn't store it or any outputs from it.
1
1
2
Quote Tweet
Replying to @DanielMicay
It's important to keep in mind that the seed is not just on the device. There's at least one physical backup of the seed, generally written down with pencil and paper, and an attacker could obtain that rather than the hardware wallet. The hardware wallet is for using the seed.
1
3
Replying to
Although I absolutely agree nothing is 100% secure, a good secure element should be way towards the 'impossible' end of the feasibility spectrum. Unfortunately, it's often the app code that's an issue, not the HW.
1
Replying to
What's a good secure element making data extraction with physical access infeasible or extremely difficult / expensive? I don't think making it beyond the means of an independent security researcher with very limited resources and time to dedicate to it is a big success story.
1
Show replies