From Trezor Wiki
Jump to: navigation, search

This article describes the layers of protection used to protect Trezor from potential security threats. Scroll through the article or see the contents to search for a specific threat.


If you wish to make a payment to someone on the internet, you need to know their receiving address. Unlike Trezor, computers are not necessarily secure, and it is possible that the address displayed on your screen is maliciously modified.

To be sure, always check the receiving address on your Trezor device screen as well (see Receiving payments). To be extra safe, we recommend confirming the recipient's address using an additional second channel, such as SMS, phone call, or a face-to-face meeting.

For more information about phishing attacks on Trezor Wallet, see the blog article Phishing attacks used to steal your coins.

WarningNever give your recovery seed to anyone and never enter it anywhere in a straight sequence from the first word to the last one.

Brute forcing the Trezor PIN[edit]

Trezor is protected by a PIN code, which can be up to nine digits long. If a good PIN is selected, it would take hundreds of thousands of attempts to get it right. Every time a wrong PIN is entered, the waiting time between the attempts increases by a power of two. The device automatically wipes itself after 16 unsuccessful attempts.

For more information about PIN, see also Security best practices and see the Trezor blog articles here and here.

In case you lost your PIN, see You have forgotten or lost your PIN.

Reflashing the Trezor with malicious firmware[edit]

Official Trezor firmware is signed by the SatoshiLabs master key. Installing unofficial firmware on the Trezor is possible, but doing so will wipe the device storage, and Trezor will show a warning every time it starts.

To be extra careful, make sure that the Trezor package is unopened, and the tamper-evident holograms are undamaged and in place. See also Tamper-evident hologram and Trezor packaging timeline.

Evil maid attack - replacing Trezor with a fake[edit]

It might be possible for a malicious third party to steal your Trezor and replace it with a fake one. If embedded with a wireless transmitter, the fake Trezor could transmit any PIN it received. The attacker would then have full access to your funds.

If you are concerned about such an attack, it is a good idea to sign the back of your Trezor with a permanent pen. Do not forget to check the signature before each use. You can also set a custom home screen (see Homescreen) with a unique picture that would be hard to copy or fake.

The Trezor chassis is sealed using ultrasound. Opening Trezor without destroying the case is nearly impossible.

Stealing the user's computer[edit]

If the user's computer gets stolen, it does not affect the safety of his or her funds. The Trezor device can be used with a different computer. It is not possible to access the user's funds from the stolen computer without the Trezor device itself.

Hacking SatoshiLabs servers[edit]

SatoshiLabs takes security very seriously, so this option is extremely improbable. However, you do not need to rely on SatoshiLabs servers at all. For more information see Running a local instance of Trezor Wallet and Running a local instance of Trezor Wallet backend (Blockbook).

SatoshiLabs shutting down[edit]

There are no such plans because we love cryptocurrencies, but even if we had to close down, there is nothing to worry about. Trezor is compatible with other BIP32, BIP39 and BIP44 compatible wallets. Since our code is publicly available, developers from around the world can maintain it and add new functionalities. In extreme cases (although this is not recommended), it is possible to use the recovery seed to recover your funds in a different wallet as well.

Running the recovery process on an infected computer[edit]

During the recovery process of Trezor One, you are asked to enter your recovery seed into the computer with the words in a random order.

Even if your computer has a key-logger installed on it and the randomly ordered words are stolen, it would take many many years to crack the order of the actual seed even with the most powerful computer.

Moreover, on Trezor Model T, the seed words are entered on the Trezor device itself, so there is no danger of key-logging by an infected computer. With Trezor One, you can always use the Advanced recovery to avoid malicious computers.

Side channel attacks[edit]

Side channel attacks described by Jochen Hoenicke were fixed by rewriting all crypto functions to use constant time. Jochen did almost all of the fixing, and we have been collaborating ever since on various security and non-security related improvements. Furthermore, we ask for the user's PIN before every operation involving a private key (e.g., generating the public key), so even if there were some side channel attacks left, the attacker would still need to know the PIN to trigger it.

Like Trezor? Get one here!