Thread

Zero-JS Hypermedia Browser

Relays: 5
Replies: 6
Generated: 04:18:08
avatar
lontivero _@lontivero.github.io npub1nccw...z7mj
Trezor Safe 7 is the first "quantum-ready" hardware wallet. But what does that mean? According to Trezor official documentation: > A 'quantum ready' device is a device which will be able to run post-quantum cryptographic updates. In other words, in case quantum computing becomes a real threat able to break elliptic curve cryptography, which would allow bad actors to sign fake firmware, users will still be able to update the real firmware and verify its integrity and authenticity because Trezor firmware is signed with a post-quantum signing algorithm. That's pretty much all. Does it mean that your money will be safe? No. In case elliptic curve cryptography is broken, the Bitcoin (or your shitcoin) protocol must be updated to support some post-quantum cryptography signing scheme first, but even in that scenario I'm pretty sure your Trezor Safe 7 will not help you much. Basically, because nobody can predict the future and design a solution for a scenario that is completely hypothetical. But there are also some more concrete technical reasons. For example, the new TropicSquare's secure element TROPIC01 (core element in Trezor Safe 7 architecture) is not a post-quantum cryptographic coprocessor, but it is highly specialized in elliptic curve cryptography and 256-bit hash algorithms. It could sound like something that is easy to implement and looks awesome in the product's brochure—a pure marketing move to catch the attention of uneducated buyers. I think there is something of that for sure, but it is also true that it comes with some benefits: * In case Ed25519 is one day broken, even when quantum computing is not a reality, Trezor would have a safe way to update its firmware * In case quantum computers break elliptic curve cryptography and a Bitcoin update is deployed, Trezor could come with firmware that helps us move funds or gain time * It starts implementing post-quantum technology in the Bitcoin ecosystem and pushes competing products to implement new cryptographic technologies The question then is: are users better with or without that feature? Well, they are not worse off than before and they have some very small benefits in a highly hypothetical scenario, but if we take into account that a hardware wallet is something that should be designed to last for many years, then I think it is a net positive. Tiny, but positive.
2025-11-18 20:33:33 from 1 relay(s) 2 replies ↓
Login to reply

Replies (6)

avatar
waxwing npub1vadc...nuu7
It could also theoretically open up new attack vectors. People talk a lot about the performance problems with PQC algos, but the recent history of proposed algos is littered with cases of people finding breaks/insecurities.
2025-11-18 20:39:02 from 1 relay(s) ↑ Parent 1 replies ↓ Reply
avatar
lontivero _@lontivero.github.io npub1nccw...z7mj
Oh yes, absolutely. In fact Trezor uses two signature algorithms for their firmwares, pre and post quamtum precisely for the case that the post quatum algo ends being unsafe. Unfortunately I don't remember the details. I hope some of them come and comment. ping nostr:npub1lz8xv2dnyryrk4vswkcgf52vqqzruqwuyp53s7pvusx4fef9fh2s7hh86s
2025-11-18 20:43:45 from 1 relay(s) ↑ Parent 2 replies ↓ Reply
avatar
waxwing npub1vadc...nuu7
Yes that's a very good point. I remember now that DJB is a strong advocate for exactly this. Notice though how in performance critical applications, using even more space and time to do this is going to be ... ouch.
2025-11-18 21:10:43 from 1 relay(s) ↑ Parent Reply
avatar
deadmanoz deadmanoz@primal.net npub12msu...pvdp
In relation to Bitcoin, well we haven’t determined which route we’re heading for quantum resistance yet. So this Trezor couldn’t be more quantum ready than other hardware wallets unless it’s more “general purpose” in its sign and verify capabilities. So yeah it’s disappointing that this has been used in marketing copy because of how misleading the claim is
2025-11-18 21:35:44 from 1 relay(s) ↑ Parent Reply