A thread to discuss the pros and cons of the most popular Zcash hardware wallets:
Trezor
Ledger
Keystone
I completely agree regarding Trezor having the most proven record, the best interface, and interoperability with accounting/tax tools. But if I recall correctly, the Trezor team simply walked away from the ZEC integration and said that they were not interested at all in adding shielded ZEC then or in the indefinite future. My impression was that they slammed the door shut behind them pretty hard, though to be honest I have no idea why.
Maybe if we all yell at them on social media they’ll change their mind?
2 Likes
We have two options when it comes to recognized hardware wallets.
- Trezor
- Ledger
The good thing is those two are quite opposite. One has been smooth talking us and has been catastrophic from a technical point of view. The other has been rude but overall nothing bad to say from the technical perspective.
So what do we do, we just accept our fate? I think for Ledger we should indeed just forget about them. But Trezor? I’d give that another chance given how good they otherwise are, and how critical hardware wallets are.
keystone hardware wallet
1 Like
Keystone has not yet passed the test of time and either way, having at least two choices is important should one get a major issue like what has happened with Ledger.
I like Keystone, I really do. I have one and store shielded ZEC on it. I know it’s passed audits. But it doesn’t have the years of track record/broader recognition that Trezor has. I dislike that it requires another device/app to do anything meaningful with. And it’s a big headache from a tax/accounting standpoint.
None of those are intractable issues in the long run. I encourage people to get and use Keystone. But they’re issues now, and compelling reasons for me not want to commit a substantial pile of coins yet.
3 Likes
Maybe. I’d be curious what’s blocking from a technical standpoint. Maybe it’s not much. Either way once we know that, we know whether there’s a possible way forward.
I agree, we need more people using and testing Keystone! I am currently in my testing phase of the Zashi + Keystone combo. So far, so good. It feels a bit clunky/laggy with the QR code scanning, but it works. Receiving and shielding was fast. As others said it needs to withstand the test of time.
As of now, it is our only option for shielded hardware wallet support or did I miss another wallet? I would also like to see more options besides Keystone just to have the option of choice and further diversification.
3 Likes
yup…I say we drop ledger and move on with keystone. They’ve been putting in much more effort towards our community so its only right to keep the relationship going.
1 Like
I’m connected with Trezor. They told me a week ago that they don’t have plans to add shielded support. “Firmware is still the major blocker…”
Took this two years ago thinking support would come.
Worst part, they responded. Perhaps this is above even them.
Mod Note: created a separate thread where we could discuss the hardware wallets themselves without going too far off topic from the OP of the thread.
Trezor did apply for a Grant and did work at one time to support shielded addresses:
That thread has much of the technical details including pull requests on the Trezor side. I believe it came down to a lack of resources and technical limitations of the hardware.
1 Like
Thanks @Shawn for making a separate thread. This title gives the impression that it’s about comparing devices, but I don’t think this is what this thread is about. We know Ledger can’t be trusted and we know Keystone is awesome as far as we can tell for the little time we have used it. To me, this is really about figuring out what is the way forward with Trezor.
Thanks also for finding the very relevant post regarding the implementation of shielded transactions on that device, I’ve learned a few things and was reminded of others.
On first point, does anyone knows the exact meaning? What is “anything else”? Trezor is offering two firmwares, a “Bitcoin-only firmware (a lightweight version supporting only BTC accounts)” and a “full-featured Universal firmware (supporting all coins and tokens)”. Is “anything else” maybe implying “all coins and tokens”, and if so would it be technically possible to have a Zcash only Trezor, in a way that would solve the current blocking issue?
Should it be possible, it would probably be interesting to clarify the second point: “Prioritized activities” may be over now, also maybe some of this development could be outsourced. Finally, the third point the does seems to apply anymore.
Is there anything else that is relevant to know about the current situation?
Finally,
It would certainly be interesting to have a working proof of concept of this.
raspberry pi can be used to run wallets, but those have no security chips to secure the wallet keys in a secure chip like way the hardware wallets do
AI explanation:
Trezor has for the longest time not supported TEEs and most people were happy with having a fully open-source platform to secure their funds. TEEs certainly have advantages, but they also introduce security risks.
A Raspberry Pi could therefore be somewhat equivalent to what Trezor used to make.
It’s all about your threat model. Trezor without TEEs were not that easy to hack and my treat model and method of usage made this acceptable for mine. Raspberry Pi would be easier to hack and would probably not be acceptable for me personally, but it may both still useful as a stepping stone to get official support, and even some users may be happy having full control over their hardware wallet.
1 Like
ok youre right theres no TEE in trezor yea.
and the older Trezor One model has no security chip in it also but the newer ones do.
1 Like