Highlights from my points of view: USB Type C and Shamir Secret Sharing.
reply
And SE and passphrase on device and low price tag. And bitcoin edition 🔥
reply
Shamir’s Secret Sharing (SSS) is often not the silver bullet many think it is. It still has a few weaknesses people should be aware of:

Device Single Point Of Failure

As SSS relies on splitting a private key up into multiple shards, that key must exist on a single device at the time of splitting and then also later on whenever you need to spend funds or even generate a new receiving address. If the device is compromised at either of these points in time (or in between), your funds can be stolen. For example, through a rouge employee, government coercion or other means Trezor could push a malicious software update. There could also just be a flaw in the hardware or software of the device that’s exploited. The next time you bring your shards together to spend or receive funds, the device would reconstruct the single signature key and poof, no more funds. Multisig on the other hand protects against this as there are multiple, separate private keys and potentially even multiple separate devices from different manufacturers

Increased Complexity

A number of other “custom SSS implementations” have suffered from major security vulnerabilities in the past due to the added complexity of implementing SSS, putting all users funds from that company at risk. For example, Armory’s Fragmented Backups feature which used SSS had a vulnerability found in it while the 3 of 5 HTC Exodus setup also ended up allowing for full key reconstruction if an attacker had just 1 of the keys. These both serve as valuable historic lessons showing that the added complexity of SSS compared to the straightforward creation of a Multisig wallet is not a preferred security practice
Is a Multisig setup perfect? No. Multisig is more complicated for users to manage. You have to backup not just more keys, but more configuration data in the form of a wallet descriptor file as well. If an attacker finds that wallet descriptor information they can see all the information about your wallet which can be a big breach of security and privacy. The transactions that are made using Multisig are bigger (in kilobytes) and so cost more in fees than Single Signature ones.
As is very common in matters of security, it depends on your own specific goals and technical capabilities, but in general you should try to KISS (Keep It Simple Stupid) 🙂
reply
Why is the shamir thing a good thing? Haha, please bare with me 😅
reply
  1. You can geographically split your seed into shards
  2. Set a threshold how many shards are need to recover your coins. i.e. one shard doesn't compromise the whole stack
reply
I can see where this could be interesting.
Maybe not for me, seems to easily become too complicated.
reply
Yeah, it is not for everyone.
reply
Is Trezor the one that didn't have a secure elements for a long time? I can never keep Trezor and Ledger separate in my head.
reply
Yes. First time Trezor has a secure element.
reply
Trezor site uses cloudflare, cloudflare blocks tor..
reply
The original Trezor onion site was trezoriovpjcahpzkrewelclulmszwbqpzmzgub37gbcjlvluxtruqad.onion, but that redirects to clearnet domain.
reply
deleted by author
reply
this is a good note. advice to Trezor folks reading this:
  1. you can self-host Sentry instead of sharing data with them
  2. you can and should replace Google fonts with local fonts
reply
deleted by author
reply
Wow its way cheaper than the model T. Very cool
reply
This is an extremely good improvement. A Trezor with a secure element means it should no longer be vulnerable to the hardware-based attacks that previous models had been a victim of. It also fills in the gap as being an equivalent to Ledger without the atrocious record of controversies and a commitment to open-sourcing their firmware unlike what Ledger does.
reply
comes in fiat colors
reply
The secure element is open source hw, right? Not like Ledger.
reply
It's not open source, but the Trezor firmware remains open source, unlike Ledger. Trezor picked this one because no NDA is required, so bugs can be reported transparently.
Chips are hard, technically the other chips that Trezor has had since day 1 are not open source either. But the code that runs on them is.
reply
I thought they were working on open hw too, called Tropical — isn’t that this?
reply
Tropic Square, still in development. It's mentioned the chip will maybe be ready in 2025.
reply
Amazing!
reply
I thought it will have a bigger display
reply
Is it able to be used air gapped?
reply
Just use SeedSigner.
reply
So it is not able to be used air gapped?
reply
deleted by author
reply
lol the video is great
reply
deleted by author
reply
SeedSigner is definitely an excellent open source project and one we recommend. SeedQR and stateless is a super awesome way to role as well. Buying and building it can be a bit too technical for some though and annoyingly (at least for us) doesn't use USB-C.
We're very fond of the Blockstream Jade too as their recent update now allows it to be used in a very similar way (which we cover in our review). The camera on the Jade is a little... finicky? and obviously the hardware is not general purpose, but it's super cheap (cheaper with our code) and has a battery in it which makes the air gapped, SeedQR experience really nice.
The Foundation Passport is also another super premium HWW that will soon support SeedQR style workflows too.
We'd recommend all 3 over any Trezor.
reply
What's your opinion on Block stream's Jade?
reply
We have about 3,000+ words on it as per our Blockstream Jade review, but basically it's a fantastic device, clearly best value for the money
reply