The holiday season is here. A time of joy, celebration, and sometimes, a few “Oops” moments. From spilled drinks, forgotten PINs, damage to devices, mishaps can happen.
This year, Trezor is here to help you navigate the chaos and keep your crypto safe with our special holiday campaign. Enjoy discounts on a bunch of our products, from hardware wallets, to backup devices, limited-edition bundles, and more. It’s time to enjoy an Oops-Proof holiday season!
As you gear up for festive gatherings and family reunions, it’s essential to remember that mishaps can occur. Whether it’s that spilled glass of red wine on your wallet backup card — an “Oops” moment easily avoided with the Trezor Keep Metal(currently at a 50% discount) – or forgotting the PIN to your hardware wallet (which you can reset it in minutes), these little blunders can lead to unnecessary stress.
But don’t worry! Our range of products is designed to keep your digital assets secure, no matter what those little holiday mishaps bring your way.
Going through that Oops moment wondering what’s the perfect gift for the holidays? How about a hardware wallet?
The sleek, stylish, and secure Trezor Model T is currently available at a 40% discount.
If you have a relative or friend just starting their Bitcoin journey, the Trezor Model One — now priced at under $35 — makes an ideal gift. This trusted, proven, and affordable hardware wallet has been the go-to choice for offline crypto security for over 10 years.
At Trezor, our hardware wallets are designed with robust security features to protect your loved ones’ assets from any mishaps. Whether they’re seasoned crypto enthusiasts or new to the space, gifting a Trezor wallet is a step to giving them the peace of mind they need on their crypto journey.
Looking to take your gift-giving to the next level? We have exclusive bundles on sale that combine the best of our hardware wallets and backup solutions. These bundles are crafted to provide everything you need for effective crypto management at an unbeatable price.
Here’s a look at one of the deals,
Trezor Safe 3 Backup Bundle
Secure your crypto with the Trezor Safe 3 Backup Bundle. This stylish package includes the sleek Trezor Safe 3 hardware wallet in Cosmic Black, paired with the ultra-durable Trezor Keep Metal 20-word backup for top-notch security.
With our exclusive discounts, it’s easier than ever to prioritize crypto security this season!
Explore all of our bundles here,
This holiday season, embrace the spirit of giving while ensuring your loved ones’ crypto remains secure. With Trezor’s range of hardware wallets, backup solutions, and exclusive holiday bundles, you can make thoughtful gifts that provide peace of mind in the face of life’s little “Oops” moments.
Explore our full selection of products and bundles today, and let’s make this holiday season a truly “Oops-Proof” celebration! Happy holidays from all of us at Trezor!
You’ve heard this before, Not Your Keys, Not Your Coins. When it comes to your digital assets, security takes the front seat. Whether you’re a seasoned investor or just getting started, understanding how to properly store your wallet backup (also known as recovery seed) is essential for safeguarding your digital assets.
A compromised or lost wallet backup can lead to the permanent loss of your funds, so taking the necessary precautions is critical.
This guide will explore the best practices for securing your crypto wallet backup, highlight common mistakes to avoid, and suggest ways you can keep it safe.
A wallet backup (also known as a backup, recovery seed, seed, seed phrase, BIP-39 seed phrase, mnemonic, recovery phrase) is an ordered list of English words that contain all information necessary for recovering your wallet (i.e., accessing bitcoin or other cryptocurrency funds on-chain). A wallet backup provides full access to the associated wallet (the private key is mathematically derived from the wallet backup) — this is why you must keep it safe.
Think of it as the password to your crypto holdings — it enables you to access, transfer, and manage your funds. Without it, your assets are permanently lost.
You’re given a wallet backup when you set up a hardware wallet like Trezor. This unique phrase is generated during the wallet initialization process.
Losing or exposing your wallet backup means:
You lose access to your funds forever.
No third party, not even Trezor, can help you recover it.
Hence, properly storing your wallet backup is one of the most critical aspects of cryptocurrency security.
Important to know: Your wallet backup is a ‘plain English’ representation of a random number, from which all of your keys and addresses are mathematically derived.
It is an ordered sequence of 12 or 24 words for wallets using the BIP39 protocol, chosen from this list of 2048 words. In the case of the newer SLIP39 protocol, it is a sequence of 20 words chosen from this list of 1024 words
When you write down your wallet backup, the words must be copied down in the same order they appear
You must keep your wallet backup private and safe so that your cryptocurrency is never at risk. Having a safe wallet backup means you can recover your Bitcoin or other digital assets in case of hardware failure or the loss of your device
To keep your crypto assets secure, avoid these common mistakes:
1. Relying on Digital Devices
Storing your wallet backup on a computer, phone, or cloud service is highly risky. If your device gets hacked or compromised, attackers can easily steal your wallet backup, and gain access to your cryptocurrencies.
Rule of thumb: Do not keep digital copies of your wallet backup (this includes screenshots, photographs, emails, Dropbox wallet backup, etc).
2. Sharing Your Wallet Backup
Be careful who you share your wallet backup with. Sharing your wallet backup is equivalent to handing over your crypto assets to someone else.
3. Using Unsecure Physical Locations
While writing your wallet backup down on paper is a common practice, understand the risks that come with it. It is paper, after all! Storing it carelessly exposes it to risks like theft, fire, or water damage.
Here are some of the most effective solutions for securely storing your wallet backup:
1. Pen and Paper Method
Write your wallet backup down on paper in clear, legible handwriting. We recommend using capital letters. Your Trezor hardware wallet ships with a pair of wallet backup cards that you should use for writing down the words when you backup your device — this is a strongly recommended step when setting up your Trezor.
Keep your wallet backup cards safe from theft and damage
Consider making multiple copies and storing them in separate secure locations.
Drawback: Paper is vulnerable to fire, water, and physical damage over time.
2. Metal Backup Tools
We recommend this strongly. Metal backup tools, such as Trezor Keep Metal, are designed to protect your wallet backup from:
Storing your wallet backup in a hidden safe at your house is a great way to control access to it. However, the knowledge of a safe alone is enough to raise the interest of a potential thief, so if you choose to use this storage method, you should keep it in a discreet location, away from the eyes of guests, housemates, or anyone that might spend time inside your home.
Some may consider a safety deposit box at a bank. However, be mindful of bank policies that may allow access to your box under certain conditions.
Here’s a video to learn more,
4. Multi-share Backup
Trezor offers a unique feature called Multi-share Backup. This, essentially, allows you to split your wallet backup into multiple parts and store them separately.
For example, in a 3-of-5 Multi-share Backup scheme, the total number of shares is equal to 5, and the threshold is 3. This means any three of these shares can be used to recover your wallet. This is beneficial as even if one or two of your shares are somehow compromised, the entire wallet backup (recovery seed) is not exposed. This redundancy means you no longer have a single point of failure, as with the regular BIP39 backup standard (i.e., the 12-word recovery seeds used by default on most hardware wallets).
Even if one part is lost or compromised, you can still recover your wallet using the remaining parts. This greatly reduces the risk of losing all backup copies at once.
Learn more here,
5. Multisignature (Multisig) Wallets
For advanced users, multisignature wallets add an extra layer of security. A multisig wallet requires multiple keys to authorize transactions, reducing reliance on a single wallet backup.
Multisig is a method of securing a wallet by requiring approval from multiple private keys stored on separate devices when sending transactions. While Trezor recommends SLIP39 wallets as a simpler yet equally robust alternative in terms of backups, Trezor devices are fully compatible with multisig setups, allowing you to choose the option that best fits your needs.
Here’s more on this,
We founded the hardware wallet industry. Our founders, Marek Palatinus and Pavol Rusnak, were part of a team that introduced Bitcoin Improvement Proposal 39, or BIP39. This is a protocol that was introduced as a means to generate deterministic wallets. It’s a method for creating a human-readable mnemonic sentence — easy to read and write — from random data that serves as a backup to recover your wallet. In summary, the wallet backup (aka recovery seed).
This is now widely adopted in the cryptocurrency industry. Learn more here.
Trezor wallets began with employing BIP39 for the wallet backup (recovery seed phrases). When you initialize your Trezor device, it generates a unique 12, 18, or 24-word wallet backup (recovery seed). This seed is a representation of your private keys and is essential for restoring your wallet’s information in case your device is lost, stolen, or damaged. BIP39 has become a crucial part of Trezor’s security protocol, and it is used alongside other BIPs like BIP32 (Hierarchical Deterministic Wallets) and BIP44 (Multi-Account Hierarchy for Deterministic Wallets) to provide an optimal security model for cryptocurrency users.
Our recently introduced enhanced 20-word backup standard (SLIP39) ensures a more robust process for backing up and recovering your wallet compared to the legacy standard. With an upgraded, user-friendly wordlist and seamless transition to Multi-share Backup, SLIP39 offers superior security with no single point of failure.
Once your wallet backup is securely stored, it’s essential to protect it over time. What we do recommend is taking a moment to assess the most probable threats you face. It is important to understand that everyone has a different threat model, and this can change over time. Consider environmental risks, physical attacks, and remote attacks, while doing more. Read more on this here: https://trezor.io/learn/a/keeping-your-wallet-backup-safe
As such,
1. Regularly check for wear and tear or damage. For an example, if the wallet backup is is stored on paper, periodically check for fading or physical damage.
2. Protect against natural disasters. A case in point is ensuring your wallet backup is safeguarded from house fires, floods, or leaks.
3. Plan for inheritance. If you intend to pass down your crypto holdings, ensure you have a secure and private inheritance plan in place. Use a trusted legal advisor or ensure your heirs understand how to access your wallet backup securely.
Avoid these risky practices to protect your wallet backup:
Do not share your wallet backup with anyone else.
Do not keep digital copies of your wallet backup (this includes screenshots, photographs, emails, Dropbox wallet backup, etc).
Never enter your wallet backup anywhere unless prompted by your Trezor device.
Also, remember, no Trezor employee will ever ask you to tell them your wallet backup, even if you’re speaking with one of our customer support agents.
Pros: Simple, inexpensive
Cons: Vulnerable to fire, water, and damage
Pros: Durable, disaster-resistant
Cons: Comes at a cost (even if it’s only $79)
Pros: High physical security, limits access
Cons: Needs proper storage
Pros: High physical security
Cons: Relies on bank access
Pros: Reduces single-point failure risk
Cons: More complex to set up
Pros: Advanced security
Cons: Requires technical expertise
Trezor combines ease of use with robust security features, making it a top choice for protecting your wallet backup:
Here’s what sets Trezor apart from other wallets,
Trezor has been audited by independent security researchers and verified by its track record throughout its years on the market.
Our software and hardware are open-source and public. By doing so, everyone benefits from the community-tested design of their wallet, providing robust protection against real-world threats.
Trezor devices and the tailor-made software interface Trezor Suite are easy to use, making them suitable both for beginners and advanced users of cryptocurrencies.
Securing your wallet backup (recovery seed) is crucial for protecting your digital assets. By following the best practices outlined in this guide, you can safeguard your digital assets from loss, theft, or damage.
Trezor’s hardware wallets, and metal backup solutions, combined with advanced practices like multi-share backup, come together to offer a reliable and user-friendly way to secure your wallet backup. Don’t leave your crypto to chance — take control of your security today.
We recommend the use of a metal backup like Trezor Keep Metal. We definitely recommend avoiding storing the wallet backup digitally.
This depends on several factors. It is important to define your threat model. Choose a secure, hidden location that accounts for these risks. This video can help.
You lose access to your funds permanently. There is no recovery mechanism for lost wallet backups.
No, storing wallet backups online exposes them to hacking risks. Always store them offline.
Yes. Anyone with your wallet backup can access and steal your funds. Keep it private and secure.
No. Trezor does not store your wallet backup. You are fully responsible for its storage and security.
At Trezor, we pioneered the first-ever hardware wallet in 2013 with a clear goal: to provide a secure and easy-to-use tool for managing Bitcoin and crypto. Hardware wallets are designed to keep private keys offline, protecting them from remote attacks — a task our earlier models have always excelled at.
While hardware wallets offer strong security, no system is entirely immune to physical attacks. Given enough time, expertise, and resources, a determined attacker could theoretically attempt to extract private keys from a stolen device. To mitigate this risk, we introduced the passphrase — a user-defined, extra layer of security for your wallet backup. Unlike the wallet backup, the passphrase is never stored on the device, making it impossible to extract even in the event of a physical attack.
One of the biggest differences between Trezor Safe Family (introduced with the launch of the Trezor Safe 3 in 2023) was the introduction of a dedicated Secure Element. It was introduced as a response to user feedback for enhanced protection in case of device theft or loss. The Secure Element used in the Trezor Safe 5 and Trezor Safe 3 is the OPTIGA™ Trust M (V3). In effect, it is a chip designed to protect highly sensitive information from software and hardware attacks.
While all Trezor models remain secure against remote attacks, the Secure Element in the Trezor Safe 3 & Trezor Safe 5 adds an extra layer of physical security — for example, in case a Trezor device is lost or stolen.
The Secure Element in Trezor Safe 3 & Trezor Safe 5 provides safeguards in:
Prevents seed extraction by fault injection attacks (voltage glitching): A previously known issue with Trezor Model One and Trezor Model T.
Device authenticity verification: Strengthening resistance against supply chain attacks.
A supply chain attack happens when a device is tampered with before it reaches the customer. This could involve an attacker modifying a legitimate device and reselling it.
To combat supply chain risks, Trezor has implemented multiple defense layers:
Firmware security checks a. Firmware revision ID check b. Firmware hash check
Onboarding protection a. Preinstalled firmware detection b. Entropy check workflow c. Firmware upgrade d. Device authentication check
Firmware security checks a. Firmware revision ID check
Trezor Suite includes multiple layers of verification to detect potential tampering. These include:
a. Firmware revision ID check
Firmware revision is a unique identifier assigned to each firmware release. Every time a Trezor device is connected, Trezor Suite verifies the firmware revision against a database of official releases. Here’s how it works:
If the firmware revision does not match, Trezor Suite flags the device as counterfeit.
This check is particularly effective against supply chain attacks requiring a long preparation time. This is on account of the time taken to modify and distribute tampered devices.
Since Trezor regularly releases new firmware updates and Trezor Suite prompts users to update their firmware before setup, a device running unauthorized firmware is likely to fail this check.
Important: As a practice, we always recommend updating your device’s firmware regularly. This is necessary to expand the functionality of your Trezor, apply new security measures, and enable newly developed features.
Here’s more on this:
b. Firmware hash check
The firmware hash check is a cryptographic verification process that ensures the integrity of the firmware running on your Trezor device. This is how it works:
Upon every device connection, Trezor Suite issues a random cryptographic challenge to the device.
The device then calculates a firmware hash, which is compared against the expected hash from the official firmware binary file stored in Trezor Suite.
If the results do not match, Trezor Suite flags the device as counterfeit.
Please note, that this check is only effective if the device is running the latest firmware version. This is why Trezor Suite strongly encourages users to update the firmware regularly.
Here’s more on this:
All Trezor devices undergo additional security checks during initial setup:
a. Preinstalled firmware detection
If a device is detected with preinstalled firmware, the user is prompted to confirm whether they’ve used the device before.
If it’s a case that they have not used the device previously, the device may be compromised, and users are warned accordingly.
b. Entropy check workflow
During wallet creation, Trezor generates a wallet using random data (entropy) from two sources,
Trezor device: The internal source.
A companion app: Typically Trezor Suite, but it can also be another compatible app like trezorctl or Electrum.
Fake or compromised devices typically ignore the input from the external entropy source (Trezor Suite), generating wallets in a predictable, deterministic way, allowing attackers to recreate and access them.
The entropy check protects the user from this behavior and marks the device as counterfeit if it does not pass the check.
Here’s more on this:
c. Firmware upgrade
During onboarding, users are encouraged to upgrade to the latest firmware version, triggering both revision ID and hash checks, as explained earlier in the article.
While users have the option to opt out, we recommend not doing so in light of the security risks around using outdated firmware.
d. Device authentication check
In the case of the Trezor Safe 3 and Trezor Safe 5, the Secure Element plays an important role in verifying the authenticity of your device.
When setting up the device:
Trezor Suite sends a challenge to the device.
The Secure Element signs the challenge and returns it with a unique device certificate.
Trezor Suite verifies both signatures to confirm authenticity.
The certificate is only checked locally and immediately discarded, ensuring privacy. Users may opt out of the device authentication process, but we strongly advise against it.
Learn more here:
a. Tamper-evident packaging
Every Trezor Safe 3 comes with a holographic seal over the connector, ensuring the device hasn’t been interfered with before reaching the customer. Please note, the Trezor Safe 3 packaging does not have a seal.
Here’s what this should look like, depending on when your device was manufactured and packaged.
Any sign of a broken or missing seal is a strong indicator that the device has been compromised. In this case, we encourage you to please contact Trezor Support via our chatbot, Hal.
The Ledger Donjon team demonstrated a way to bypass the authenticity check, and the firmware hash check specifically in Trezor Safe 3, using an advanced voltage glitching technique. The other countermeasures against supply chain attacks remain unchallenged. However, it is important to note:
No private keys can be hacked or PIN extracted using this attack.
The attack requires full physical access to the device. (This includes disassembling the casing, desoldering the microchip, modifying or extracting data using specialized tools, and then reassembling and repackaging the device without leaving any visible signs of tampering.)
If the device is purchased from an official source, it is highly unlikely that it has been tampered with.
This highlights why we always recommend purchasing directly fromTrezor.io or authorized resellers.
Self-custody with a hardware wallet like Trezor remains the safest way to store crypto.
With Trezor, you hold your own keys.
No exchange can freeze your funds.
No third party can access your wallet.
The real risk is trusting third parties; in this case, purchasing a Trezor hardware wallet from sources beyond our officially listed ones.
Even in a worst-case supply chain attack scenario, the attacker would still need to modify and distribute devices at scale, which remains highly impractical.
No. If you bought a device from an official source it is highly unlikely that there is anything wrong with your device. If there are signs of tampering when your order arrives, or you bought it from an unauthorized reseller, just reach out to Trezor Support or start a discussion on Trezor Forum and we’ll walk you through how to check for compromise.
Your funds remain safe, and there is no need for any action on your part.
Secure Elements provide an added level of protection against physical attacks.
Our in-built supply chain defenses include multiple security layers.
Trezor Suite makes tampered devices nearly impossible to distribute at scale.
Security is never static, and at Trezor we are continuously taking steps to improve our hardware and software. Ledger Donjon’s research highlighted one possible attack vector. It, however, does not undermine the core security of the Trezor Safe Family.
At Trezor, we fully embrace such security research because it helps strengthen the ecosystem. We will continue to refine our security measures and remain fully transparent about potential risks.
Finally, we recommend purchasing your Trezor hardware wallet or accessories directly fromTrezor.io or authorized listed resellers, as a best practice for your security.
Solana staking is now available in Trezor Suite, providing a secure and self-custodial way to grow your SOL holdings.
Unlike other staking solutions, staking using your Trezor hardware wallet ensures you remain in full control of your funds at all times, with no intermediaries or custodians involved.
By staking SOL, you contribute to network security and earn up to 7% APY in rewards — all while benefiting from the proven security of Trezor Suite.
Solana staking allows you to delegate your SOL tokens to a validator, who helps validate transactions and maintain the blockchain. In return, you receive SOL rewards, similar to how savings accounts generate interest.
When staking SOL in Trezor Suite, users delegate their SOL to our staking partner, Everstake. Established in 2018, Everstake is a validator trusted by 735K+ users across 70+ blockchain networks.
Fun fact: Approximately $1B of SOL (~1.5% of all staked SOL) staked with Everstake.
When you stake your SOL in Trezor Suite:
Your funds remain in your control
Only you can withdraw them
Rewards are automatically compounded, maximizing your staking potential
You can unstake anytime, with a short cool-down period of 1 epoch (approximately 2–3 days) before your SOL is fully available.
Instead of leaving your Solana tokens unused, staking allows you to grow your holdings while strengthening the Solana network.
Here’s why it’s worth considering:
Grow your SOL holdings: Receive up to 7% APY while holding your SOL.
Support the network: Your stake contributes towards helping secure the Solana blockchain and process transactions.
While many platforms offer staking, Trezor Suite provides the key advantage of complete security while staking your tokens.
Unlike custodial services that hold your funds, staking using your Trezor hardware wallet keeps your SOL tokens in your control at all times.
Trezor Suite makes staking SOL tokens simple & secure. Users benefit from:
100% security Your keys. Your Coins. Your Rewards. You own your keys, and only you can access your funds.
Seamless staking Delegate SOL in just a few clicks through Trezor Suite’s intuitive interface.
Competitive APY Maximize your staking returns with up to 7% APY, among the most competitive rates in the Solana ecosystem.
Automatic reward compounding Enjoy rewards that automatically compound, maximizing your returns over time.
Low minimum requirement Stake as little as 0.01 SOL, making it accessible for all users.
Learn more here:
Getting started with staking SOL in Trezor Suite is quick and easy. Check out our step-by-step guide here:
Is my SOL locked when I stake? Yes, but you can unstake at any time. A short cooling-off period of 1 epoch (approximately 2–3 days) applies before your SOL becomes fully available again.
How often do I receive staking rewards? Rewards are updated and distributed at the end of each epoch (2–3 days), with no manual intervention needed.
Can I stake less than 1 SOL? Yes! With Trezor Suite, you can stake as little as 0.01 SOL, making it easy for anyone to participate.
What happens if I want to stop staking? You can unstake anytime. After the cooling-off period (1 epoch which is approximately 2–3 days), your SOL will be available in your wallet.
Trezor Suite’s Solana Staking offers a secure, user-friendly way to earn up to 7% APY, empowering users to grow their SOL holdings effortlessly.
Keep full control of your tokens while contributing to the Solana network’s security and scalability.
