TREZOR Firmware 1.5.2

When we released firmware 1.5.2 and made it available in TREZOR Wallet, its immediate purpose was to fix a physical vulnerability. We intentionally overlooked all the other features, in order not to distract from the urgency of the firmware update. Today, we would like to come back to them, to explore all the changes.

Keen users will notice that the features listed were not released in 1.5.2, but they were already included in the update to 1.5.1. However, most of the users did not have the chance to install 1.5.1, as it was not released in TREZOR Wallet. This firmware version was only released in TREZOR Beta Wallet, as TREZOR Wallet users were asked to update to 1.5.2 directly.

Firmware update to 1.5.2 is a required update. Please contact our Support Team if you need to access your coins before running the update.

What is new?

SegWit support enabled for Bitcoin

If you updated your device to the newest firmware version, your TREZOR supports SegWit accounts now. They became the default accounts, but your older, Legacy accounts are still available and will always be supported. Follow the link for more details:

Bitcoin Cash (Bcash) support

Similarly to SegWit for Bitcoin, your device also supports Bitcoin Cash with the newest firmware version. Follow the link for more details:

Storage wipe after 16 unsuccessful PIN attempts

The PIN entry in TREZOR is protected by an exponentially increasing delay after each unsuccessful attempt. With the new firmware, we have added another security measure. After 16 wrong attempts, the device will completely wipe its memory. While 16 might seem like a large number, with the exponentially increasing delay, it will take an attacker about 18 hours until he manages to try the PIN fifteen times.

Recovery dry-run

When you first set up your TREZOR, you receive a 24-word long Recovery seed, which you are told to keep safely protected. On the other hand, we understand that for new users the importance of the seed might not be immediately apparent. The most common problems that we have noticed are misplaced seeds or uncertainty about a seed word or words.

That is why we came up with the recovery dry-run. This new feature will allow you to check your recovery seed at any time, without revealing your seed to a third party.

We are working on a user interface for this feature; until then it is available via python-trezor. If you have python-trezor installed and updated, you can run the test recovery by using this parameter trezorctl recovery_device --dry-run .

Tweaked address dialogue in TREZOR

The “Show on TREZOR” function, which displays your address on the TREZOR, making sure it has not been modified by malware on the computer, has been tweaked a bit. Now, when you request an address on the device, it will first show you the address without the QR code. Only if you need the QR code, you can click on the left button and request it. We changed this to make more space for the address.

Checksum for Ethereum addresses

Ethereum addresses in TREZOR are now case-sensitive, to reflect the checksum of the address.

Support for unrecognized ERC-20 tokens

TREZOR supports all ERC-20 tokens, even those which are not released yet. You can store and send tokens from TREZOR with MyEtherWallet as the user interface. However, when you try to send an unrecognized token from TREZOR, the device used to display the contract address of the token instead of the destination address.

From firmware 1.5.2 onwards, when TREZOR deals with an unknown ERC-20 token, it will show its name as “unrecognized token.” However, it will now correctly display the destination address, as well as the value of the transaction. Note though that the decimal point might not be correct, as we have no way of knowing how many parts can the token be divided into.