A Trezor is a mini computer keeping access to the seed contained to an isolated component with on-device display / confirmation. It's wrong to expect that an attacker with physical access won't be able to extract the seed. That remains true with an obfuscated secure element too.
Conversation
This Tweet is from a suspended account. Learn more
Replying to
A Trezor is useful for avoiding trust in a general purpose computer with far more attack surface, but it provides very little protection against an attacker with physical access. Using a processor like developer.arm.com/products/proce could be an obstacle but is far from a solution.
BIP39 standardizes the seed phrase used to encode / backup the main key including support for a passphrase. The passphrase feature is by far the best way of defending against an attacker gaining physical access, but it depends on choosing and remembering a good passphrase.
1
2
An attacker could also gain access to the seed phrase backup(s) on paper which is the same data stored on the Trezor. If you don't have a passphrase, someone finding the seed phrase backups gains access to all the funds. They don't even need to extract the seed from the device.
4