TREZOR: Bitcoin Gold’s codebase is incomplete

Trezor wallet makes a statement concerning Bitcoin Gold, claiming it will not support it yet
23 October 2017   1013

Days (or rather hours?) away from the Bitcoin hardfork, the crypto community is getting more and more concerned about Bitcoin Gold.

Now, Satoshi Labs, the makers of the hardware wallet TREZOR, make a statement about the upcoming Bitcoin Gold fork. The company claims that it will not support Bitcoin Gold yet.

Still, Trezor team highlights that if there are any Bitcoins held on TREZOR before the block, the customers will have the same Bitcoin Gold balance as their Bitcoin balance. 

In other words, Bitcoin Gold is an altcoin, using Bitcoin’s history similarly to the case of Bitcoin Cash. However, Bitcoin Gold does not launch immediately at the point when the chains diverge.
 

TREZOR team

As for TREZOR (the device), it, in fact, supports Bitcoin Gold. According to the company, with TREZOR, you own your private keys (in form of the seed), therefore you have control over all of your coins, including forked coins. Yet, there are some obstacles.

Bitcoin Gold’s codebase is, at the moment of the writing, incomplete. Most importantly, it lacks replay protection. For this reason, TREZOR Wallet will not support Bitcoin Gold yet, as it would endanger your Bitcoins.
 

TREZOR team

The TREZOR team, as well as Hong Kong Gatecoin team earlir today, stresses out that replay protection, that prevents you from “double spending” your coins after the hardfork, is crucial. 

Talking about supporting Bitcoin Gold if it implements replay protection, the company detailes that they "will make all efforts to develop support for Bitcoin Gold, but will not do so if it will risk your coins". 

What the future has in stock for Bitcoin and Bitcoin Gold, remains to be seen. Just wait for a little while. 

Trezor to Undergo Fishing Attack

Trezor wallet team asks users to be exteme caution
02 July 2018   144

According to the blog of developers of the hardware wllet Trezor, their service has recently undergone a phishing attack. The project team stated that it received many complaints about the incorrect Secure Sockets Layer (SSL) certificate.

The number of warnings about the incorrect certificate has increased due to the increasing number of phishing attacks on the site. The vectors of the attack are reportedly the so-called "poisoning of the DNS server" and "BGP-interception".

Poisoning a DNS server is an attack that uses some DNS vulnerabilities. It allows the attacker to redirect traffic from legitimate servers to fake ones. This exploit was used, for example, to attack the "Great Chinese Firewall" in 2010.

BGP interception (also known as "prefix intercept") is an attack that consumes IP address groups and is performed by corrupting the routing Internet tables that the BGP protocol operates on.

As a result of the attack, the fake Trezor wallet site showed a warning message asking the user to restore the seed-phrase (an access key consisting of 12-24 "simple and memorable" words). According to Trezor, this was already the "second alarm bell", because the warning message was written with errors.

The third red flag was the method of recovery (seed check) — the fake site forced users to enter both the order number as well as the seed word into the computer.
 

Trezor's Blog

Next, the team warned users about the security measures that must be taken to protect themselves from this attack. It stressed that users should never enter their seed-phrases into the computer - this should be done only in the Trezor device. In addition, according to Trezor, the user should make sure that there is a "Protected" in the address bar of his browser.

They also noted that the fake wallet had already been blocked by the hosting provider, but they asked users to remain vigilant and inform the Trezor team about suspicious sites.