trezor-firmware icon indicating copy to clipboard operation
trezor-firmware copied to clipboard

Published 20 hours ago verified publisher icon trezor

Dry-run recovery should display words on screen

Open slush0 opened this issue 7 years ago • 3 comments

Dry-run recovery should display words on screen to prevent malware lying to device about used words.

slush0 avatar Mar 20 '18 12:03 slush0

It's probably easier if we always display words on screen for recovery.

Unrelated: dry-run recovery should skip the question "Do you really want to recover the device?" - it is confusing and not necessary.

jhoenicke avatar Mar 23 '18 16:03 jhoenicke

Suggestion: dry run recovery should force the advanced/matrix recovery method.

Reasoning:

  1. Dry run method is easy and non-destructive to use, making it easy for a user to accidentally compromise their seed. In other words, they might be less careful during dry run than during actual recovery process.

  2. Point one is especially exacerbated by the fact that many users accidentally enter their recovery seed in its order, instead of out-of-order as suggested by the screen.

  3. This is a wonderful opportunity to show users how advanced recovery works. The dry run process is not as stressful as recovery, therefore users will be less averse to new input methods.

xbach avatar Mar 24 '18 11:03 xbach

We have on device dry runs for both T1 and TT. Can be closed?

sime avatar Feb 15 '22 12:02 sime

This issue is about dry-run recovery on T1. I assume that @slush0 meant that the Trezor should display the word that the user entered, which it does not do. It just shows: image

I agree with @jhoenicke that this should not be limited to dry-run, but should apply to recovery always.

andrewkozlik avatar Jan 24 '23 11:01 andrewkozlik

Ahh, ok, misunderstood that, sorry.

Hannsek avatar Jan 24 '23 11:01 Hannsek