Firmware Updates for Trezor Model T (version 2.3.2) and Trezor Model One (version 1.9.2)

by Anthony Allen

Today, we released the latest firmware update for the Trezor Model T and Model One. This is not a mandatory update for Model T users — you can continue safely using your wallet even if you don’t update your firmware. Model One users will benefit from the path isolation check fix noted below; this update is highly encouraged if you use your Model One for altcoins, but not urgent if you are only transacting Bitcoin.

Auto Lock

Auto lock functionality has been added to the Trezor Model T. This feature adds another layer of protection whenever your Trezor is left connected for long periods. Previously only available on the Trezor Model One, it makes your device lock itself after a certain time limit. The default lock time setting of ten minutes will be applied when you update your firmware.

When auto lock is active, your Trezor screen will display the message, “Locked”. You can unlock it by touching the screen and entering your PIN when prompted. Feedback from our users has shown that many of you tend to have your devices connected for long periods, which could leave you exposed to someone using your device while you are not present. You can follow this guide to trezorctl to configure auto lock.

The auto lock feature can be thought of as a soft lockdown; when auto lock triggers, your device is locked but stays connected to and recognized by the computer. You can still access your Trezor Wallet but can not use it, in contrast to the default state of your Trezor upon plugging it in, where no connection takes place until it is unlocked.

Missing path isolation check

We have amended our Trezor One code to include a missing path isolation check, which is already in place for the Trezor Model T. This check prevents a user from spending coins from known paths (BIP44, BIP49, BIP84), if the coin type does not match the path. Without this check, an attacker could trick the user into signing a Bitcoin transaction while thinking they are signing a testnet or altcoin transaction.

We’d like to thank Yura Pakhuchiy, who initially reported the issue.

Other Changes

A full list of all changes made in this and previous firmware versions can be viewed on our GitHub pages for the Trezor Model T and Trezor Model One. Some of the more notable changes include:

Trezor Model T

• Implemented necessary changes to accommodate the Cardano Shelley hard fork.
• A couple of graphical UI fixes have been made.
• Zcash bug where old inputs were unspendable has been fixed.
• Compatibility issues for GreenAddress and Casa users have been resolved.
• Enabled support for multiple change outputs, laying the groundwork for potential enhanced privacy applications.

Trezor Model One

• General tightening of nuts and bolts, support for multiple change outputs and the Zcash bugfix.

As always, do let us know if you come across any bugs or graphical irregularities and please feel free to leave feedback on this latest firmware.