Our wallet review process
We examine wallets starting at the code level and continue all the way up to the finished app that lives on your device. Provided below is an outline of each of these steps along with security tips for you and general test results.
Application build test result
With our test script this is the result:
$ ./scripts/test/hardware/trezorOne.sh 1.12.1 ... Fingerprints: 3c694191f5b66a65cb5bb209adbf113cb40209e644b77162ba996bb7ee8f382b build/legacy/firmware/firmware.bin 985fb6a8c87f7547fb810f6c4a8331ebf19c677445810358778eb21eca78a181 build/legacy-bitcoinonly/firmware/firmware.bin 195+0 records in 195+0 records out 195 bytes copied, 0.00046023 s, 424 kB/s 195+0 records in 195+0 records out 195 bytes copied, 0.000506005 s, 385 kB/s Hash of non-signature parts downloaded/compiled standard: 859dff49705fb81e83fe6d2efcf8f739f847081037aacf4f176624009a738ed8 trezor-1.12.1-nosig.bin 859dff49705fb81e83fe6d2efcf8f739f847081037aacf4f176624009a738ed8 build/legacy/firmware/firmware.bin Hash of non-signature parts downloaded/compiled bitcoinonly: 683b51fb68d0b0377f5596d6e75cc5ba2b64b88563dae2ede431031565b977fa trezor-1.12.1-bitcoinonly-nosig.bin 683b51fb68d0b0377f5596d6e75cc5ba2b64b88563dae2ede431031565b977fa build/legacy-bitcoinonly/firmware/firmware.bin Hash of the signed firmware: eab18bf870d6096a2dee477a2f032dc3084a1864b6767a8f2f313a12dff2d180 trezor-1.12.1.bin ce576268ce81d4fa7aa6a80d1c8ee01c49fdab4efaf9e0c703d899a24e168eb4 trezor-1.12.1-bitcoinonly.bin
That is a match. This firmware is reproducible for both the standard and the bitcoinonly version.
Tests performed by Leo Wandersleb, Mohammad
Previous application build tests
|5th December 2022||1.11.2|
|7th August 2022||1.10.5|
|10th January 2022||1.10.4|
|5th October 2021||1.10.3|
|23rd August 2021||1.10.2|
|17th July 2021||1.9.4|
Our Analysis is not a full code review! We plan to make code reviews available in the future but even then it will never be a stamp of approval but rather a list of incidents and questionable coding practice. Nasa sends probes to space that crash due to software bugs despite a huge budget and stringent scrutiny.
Do your own research
In addition to reading our analysis, it is important to do your own checks. Before transferring any bitcoin to your wallet, look up reviews for the wallet you want to use. They should be easy to find. If they aren't, that itself is a reason to be extra careful.