-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TREZOR wallets stored in plaintext #2929
Comments
Probably the best option is to encrypt such wallets using Trezor itself. This should be an option, because it is convenient to observe the current balance and transactions without a connected device. |
I believe other wallets have solved this by allowing two import options for hardware wallets:
Food for thought. Your solution sounds fine as well. |
it is not possible using the trezor itself; they have disabled message decryption |
we could encrypt with a password, but it would be unrelated to trezor |
Yes, it does not make sense. |
@ecdsa We disabled one particular scheme using elliptic curves, but message encryption is clearly possible with TREZOR. Electrum can use for example CipherKeyValue as described in SLIP 11 (https://github.com/satoshilabs/slips/blob/master/slip-0011.md). We use the same for encrypting transaction labels in our wallet (scheme described in SLIP 15). |
@SomberNight see slush's comment |
This should now be resolved due to #3346 |
TREZOR wallets are stored in plaintext, with no option to encrypt. This means full public keys are exposed, along with address lists.
I would expect that a TREZOR wallet would be stored encrypted unless the TREZOR was connected. Alternatively, a separate Electrum encryption password option.
The text was updated successfully, but these errors were encountered: