On Sun, Nov 17, 2013 at 12:49:04AM +0100, Pavol Rusnak wrote: > On 03/11/13 08:40, Timo Hanke wrote: > > Trezor picks random s and sends S=s*G to computer, keeping s secret. > > That's a really neat trick! > > > One question remains: if you only write down the mnemonic how can you be > > sure that it is correct and corresponds to the secret in Trezor? > > Right. That's a problem. I'm not sure if this whole cryptomagic is > benefitial at all. > > I'd suggest to go the easy way for now, i.e. prove that external entropy > was used while generating the master seed. If the user does not trust > our firmware, he can use his own built one.
No, this question of mine was regardless of any cryptomagic or neat tricks like Thomas' suggestion. It has nothing do with auditing the entropy. It was just a backup question. I recently had an experience where I thought coins were lost because the secrets I had didn't match the public keys that I thought they'd match. >From now on I will always recover my wallet first, from the backed up secrets, before sending any coins to the pubkeys in the wallet. I will never again generate a wallet, backup the secrets, and hope the secrets indeed match the pubkeys.. without testing that. My question was how Trezor allows me to verify my backup. All this makes me think if having one device generating and displaying the secret, and making a backing from the display, is the right way to go. Since you would need a second device to verify your backup is sane, you could have two devices to start with. One is your hardware wallet and it only imports secrets (restores backups). The other is an entropy generator and it only generates secrets. Best regards, Timo p.s. The question about auditing entropy would only apply to the generator, not the wallet. Is it yet documented how Trezor proves that external entropy was used? -- Timo Hanke PGP 1EFF 69BC 6FB7 8744 14DB 631D 1BB5 D6E3 AB96 7DA8 ------------------------------------------------------------------------------ DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access Free app hosting. Or install the open source package on any LAMP server. Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native! http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development