Marek "Slush" Palatinus mined Bitcoin, but in 2010 it was so unprofitable that he founded the world's first mining pool (Slush Pool). At the same time, he was helping people store Bitcoin securely and figured out that it would be good to somehow isolate private keys from the Internet. He invented the first prototype of a hardware wallet together with Pavol Rusnák and Alena Vránová in 2012. The company was founded a year later, and Trezor One was born the following year.
SLush's picture
Source: SatoshiLabs
In today's article, we will look at the Czech company SatoshiLabs with about fifty employees, which was the first in the world to come up with mass-produced hardware cryptocurrency wallets, invented new security standards and showed other manufacturers that such a device should be developed "openly".
Vision
SatoshiLabs didn't just develop Trezor. They also had a vision that corresponds perfectly with the principles of open development, emphasis on privacy and cryptography in general. The company is not funded by anyone external to have influence or control over them and this gives it freedom.
"Users are our investors."
They do not have arbitrary economic goals. More than once a quarter, and they don't have to pretend to be something they're not for the sake of investors. All of their devices are completely open-source because close-source cannot be verified, and anything that cannot be verified is anti-crypto.
Why are they open-source?
When you think more deeply about the security of cryptocurrency wallets, you will realize that there is always the possibility of fraud - someone will supply you with infected hardware or hacked software. Even if you get all the parts yourself and don't buy a ready-made solution from SatoshiLabs. And the more complex your device, the more difficult it is to detect such threats. Therefore, if you are making security hardware, it should be as simple as possible, otherwise you will not get rid of the fundamental threat that the company has left some kind of backdoor in the device.
How can an open-source approach work at all? Rival Ledger's suppliers suffer from non-disclosure agreements and would never share the architecture of their ultra-secure micro-components with the public. Why? Because they are afraid of intellectual property theft. They are afraid that someone would do it better and cheaper.
How is it that the open-source approach works for them
It may seem that SatoshiLabs developed Trezor purely altruistically. But how is it possible that they make money when anyone is able to get all the parts and software themselves? The philosophy of patents clashes sharply with the philosophy of Satoshi and creates unwanted secrecy in crypto-wallets. SatoshiLabs cannot afford to be a closed company, so they earn by being the first on the market with the developed solution. They will be the first to have contracts with suppliers, the first to appear on the market, and there is a high probability that they will be the first to innovate their open-source product. That's why they can make money.
"We're not hiding anything."
The open-source philosophy will sooner or later become an industry standard in the world of cryptography. The fact that anyone can build a Trezor at home does not mean that they will do so. But the possibility is important.
This is how the company can function from a business point of view, but is it appropriate to produce crypto-wallets in an open way, when an attacker can easily find out all the security holes?
It's a double-edged sword. Open development means more eyes checking the procedures. The most interesting problem is extracting data directly from the device chip - in this regard, no one has yet figured out the technology to do this. But in theory it can always be done.
"Don't trust, verify!"
SatoshiLabs Trezor has made it so that a more demanding user is able to verify the proper functioning of all its components.
SatoshiLabs Trezor - a direct application of the open philosophy
The physical case of the Trezor is "ultrasonic welded", which is an answer to one of the attack vectors, where a malicious chip or microscopic keylogger is soldered to the motherboard.
The passphrase is never stored on the wallet. This is a very special feature. The public and private keys that make up the wallet are generated from the seed and possibly from the so-called passphrase. If you enter the passphrase incorrectly, the wallet will not recognize anything (it will not give you an error), because SatoshiLabs developed the Trezor in such a way that it does not save the passphrase. If entered incorrectly, therefore, you will generate a completely different wallet, and thus potentially seed can be shared or created hidden wallets. They first invented this feature at SatoshiLabs and had it made into a Bitcoin standard (BIP 39).
Shamir Backup Vault
When they invented the Trezor Model T at SatoshiLabs, they came up with, among other things, a novelty called Shamir Backup. Unfortunately, Shamir Backup Trezor only supports the more expensive T model, but what is the use of this technology anyway?
Shamir Backup Trezor protects against problems of control over private keys. If you don't trust yourself enough or want to ensure that more people have control over the wallet, Shamir will help you. Stealing a single seed that gives access to all Bitcoins is easy, which is why Shamir Backup has endowed the Trezor with the function of "splitting the seed" into several tickets, where only a few of them are needed to restore the wallet. The user thus has the option to choose between recovery even when many tickets are lost or higher security against compromise requiring more tickets. Cryptographer Adi Shamir came up with this way back in 1979, but it wasn't until SatoshiLabs standardized it for cryptocurrency wallets.
Other projects
In addition to Trezors, SatoshiLabs also develops the open-source Tropic Square TASSIC secure chips, the Invity cryptocurrency exchange comparison tool, and the Blockbook index tool to run the Trezor completely without the need to connect to SatoshiLabs servers. SatoshiLabs Trezor placed the device's source code on GitHub, where thousands of developers began working on it and contributed to the open-source Monera and Bitcoin Core codes. The company is also behind the development of Coinmap, which is the most used bitcoin map in the world.
Conclusion
The Czechia is a powerhouse in the use and mining of cryptocurrencies, and Marek Palatinus has his fingers in both areas. In short, SatoshiLabs are the golden Czech hands in the field of disruptive digital blockchain technology. Even if the turnover of Trezor is smaller than the turnover of the competing Ledger, the difference is not in economies of scale, but above all in the production philosophy. How SatoshiLabs' open approach would play out in other branches of cryptography is anyone's guess, but one thing is certain - security hardware must be open-source, and the more we understand, the less we have to trust anyone. Understanding and education is synonymous with security in the world of cryptography.