[September 1, 2024] I am currently migrating my blog away from WordPress. I am trying to keep all url's and content the same. This is a work in progress. The old WordPress website is archived and available at https://archive.bartslinger.com. This is all in markdown now, which is awesome. Maybe I blog about that later.
IOTA transactions with TREZOR hardware
About three months ago I first heard about IOTA and I really liked it. However, it is still in a very early beta stage, and lots of improvements still need to be built. One of the missing features at the moment is an offline wallet.
Another project I started with my brother a little over four months ago was to built our very own trezors. We discovered that trezor makes all their software and hardware open source. It seemed like a cool idea to order some PCB's and components and construct our very own trezors for lower cost. Also, the device is built around an STM32, which I've covered many times before on my website. It did not seem to difficult to make modifications to the firmware.
The hardware
The schematics and board layout for a trezor are available on Github. However, R6 on this schematic should not be placed! Initially we had this resistor on the board, but that gives a lot of trouble with the USB discovery, especially on Windows. The standard board layout provides a breakout for the ST-Link programmer:
Bootloader
For this development board, I did want to have some flexibility with the bootloader. By default, the trezor bootloader makes sure that the bootloader cannot be erased by enabling write protection. I disabled this for my development board. Also, it checks the signature of the firmware which I am skipping at the moment.
IOTA Seed generation from 24 words mnemonic
By default, the trezor uses a 24 words mnemonic which deterministically generates addresses for various crypto's. The trezor internally generates a 64-byte long 'seed' according to the BIP-0039 standard. IOTA seeds consist of 81 trytes. Deterministic conversions can done between 81 trytes and 48 bytes. Kerl actually does this exactly. But 48 bytes is not 64 bytes, but 3/4 of 64 bytes. I implemented a simple algorithm that chops the 64 bytes from the mnemonic into 4 48-byte arrays. These are then absorbed by kerl and in the end the deterministic seed is squeezed out.
(edit) I got some useful feedback on this. I will change the method to implement BIP-0032 and BIP-0044.
Interaction with IOTA functions on the trezor
At the moment, I only implemented function calls using trezorctl, which is a python script. The basic functions at the moment are:
trezorctl iota_get_address [-i <seed_index>]
trezorctl iota_show_seed
trezorctl iota_sign_transaction -a <receiving_address> -b <balance> -v <transfer_value>
Address generation and transaction signing
The generation of public addresses is probably the slowest. Each address takes about 12 seconds to generate. Therefore, once the public address is generated, it is stored in the trezors flash memory.
Transaction signing is very basic at the moment. It makes the following assumptions:
- The current address is the address holding the value.
- The next address is the remainder address.
- The security level is always 2.
- The bundle always consist of 4 transactions, of which the first one sends value to a receiving address.
The trezor will respond to iota_sign_transaction with the bundle hash (which can be used for verification) and two signatures.
Attaching the transaction to the tangle
This part still needs to be built properly. For proof of concept, I basically forged the transaction manually using the javascript library. I manually constructed a bundle like this:
bundle.addEntry(1, to_addr, 10, tag, timestamp)
bundle.addEntry(1, from_addr, -16000000, tag, timestamp)
bundle.addEntry(1, from_addr, 0, tag, timestamp)
bundle.addEntry(1, remainder_addr, 15999990, tag, timestamp)
bundle.finalize()
bundle.addTrytes([])
After that, I overwrote the signature/message field with the signatures received from the trezor. Attaching to tangle was done with api.sendTrytes(). Proof of work is not done on the trezor. The seed never left the trezor! The very first trezor-signed transaction ever in the tangle can be found here on thetangle.org. Thanks to the organizers of the first dutch IOTA meetup for providing me with initial funds on my trezor.
What's next?
I have no contact with the trezor development team (yet). It would be cool to have a more mature version of this being merged into the official trezor firmware. Before that I'll probably already publish some binary which can be flashed onto an official trezor. However you'll have to deal with the "unofficial firmware detected" warning.
I have not even started yet with a computer-side program, aside from the python command line interface. It would be cool to implement this functionality in future IOTA wallets. However I'm not that much of a javascript programmer, so help would be appreciated.
It would also be good to have the source code tripple-checked for possible implementation errors. I tried to prevent bugs in the core protocol by applying the test-driven-development method, but I cannot (yet) guarantee that your IOTAs are 100% safe on the trezor.
Please note that I do all of this development as a hobby project in my spare time. Don't ask me when something is ready or when it will be released. If you're a programmer and you really want to have this, feel free to browse to the source code on github and compile the stuff for yourself. Otherwise, remain patient and be excited ;-)
If you really love this, feel free to donate IOTA to the following address: JBKIFPLXDQGPAOA9IHSHHYPQGNHANBOHOEZDHSEXRSJAOHCJ9YTUDVNMFZMGCOXOVJIJRXSFKYOXILCZYFK9KITSUZ This is the same address as the one I transferred some IOTA to with my trezor.
Comments
Pingback: IOTA transactions with TREZOR hardware | Untangled World
Pingback: Bart Slinger: IOTA transactions with TREZOR hardware | Iota Feed
Pingback: Bart Slinger: Transações da IOTA em hardware TREZOR | Iota Feed
wonky - November 5, 2017 at 7:51 am
great work
Alexa - November 5, 2017 at 9:29 am
Congrats, Bart! This is really cool! Having a hardware-wallet for IOTA would be such a big step for the community, reduce wallet user errors and put many minds at ease! I’d definitely buy a Trezor for IOTA. TREZOR has already liked my Tweet about your work, so maybe they really are interested in working with you if you reach out to them. https://twitter.com/CryptoooHamster/status/926865846693220352 Anyway, keep up the great work!
CryptoCunnie - November 5, 2017 at 11:42 pm
Great job, hope they pick up on it!
krutor - November 26, 2017 at 11:13 am
great, hope it will be available in stores soon!
Tech Nick - December 10, 2017 at 3:14 am
Dayum! Nice work! Can you mail me when its save to use a hardware wallet? Do i have to reclaim with a hardware wallet?
greetings from germany. Keep it up! 🙂
Pingback: IOTA on the Ledger Nano S: Development Report 1 – CodeBuffet
Claudio - December 11, 2017 at 3:18 am
Hey Bart,
I remember seeing you from researching making a similar wallet! I’d love to talk to you to know more about this process. Maybe we could work together on a project. Hope to hear from you, I wanna know your thoughts on something I’m working on related to this.
Pingback: IOTA Hardware Developments and Possible Offline Tangle Integrations – Iota Feed
Pingback: IOTA硬件开发和离线缠结整合 | IOTA中国社区
Pingback: Entrevista Exclusiva: Peter Willemsen el cerebro detrás de IOTA Ledger Nano – IOTA HISPANO
Haim Bender - October 9, 2018 at 6:12 pm
Hey man,
I’m trying to implement Zen Protocol integration with Trezor, I’d love to ask you a few questions, how can I get in contact with you?
Thanks, Haim
Eve -January 14, 2019 at 10:45 am
The initial one is always to set a bankroll and not exceed it, no matter what the conditions are.
kalle - June 3, 2019 at 4:44 pm
Is there still no IOTA support on Trezor ? I checked the list https://trezor.io/coins/ Will IOTA be supported on Trezor or is this a dead project?
Bart Slinger - June 4, 2019 at 7:48 pm
@kalle I tried https://github.com/trezor/trezor-mcu/pull/255