The firmware authenticity check is designed to be an extra safeguard against counterfeit Trezor devices. Such devices appear sporadically (primarily on unauthorized eshops / marketplaces) and this additional device 'authenticity check' should catch the more advanced fake devices in circulation.
How does the firmware authenticity check work?
Each firmware binary has several properties, including the
firmware version and the
RevisionID attribute. These properties are stored in Trezor Suite, as well as on a remote server (data repository), which means we know about all released firmware versions (plus their revisions).
Your Trezor device communicates these features with the Trezor Suite application, and they are checked against the database of versions stored in the application. If these attributes match then nothing happens and you can continue using your Trezor and Suite the same as usual. However, if they do not match, Trezor Suite will display the following warning modal:
Access to Trezor Suite is effectively 'blocked' at this stage, and you must click the
Contact Trezor Support button to resolve your issue.
As the database is stored in the Trezor Suite app, these checks occur even if Suite is offline, but there are several different scenarios for the firmware check:
Scenario 1: Trezor Suite is online and the device firmware version is present in the local database
- Firmware version and RevisionID on the Trezor device match those stored in the Trezor Suite database: OK
- Firmware version and RevisionID on the device do not match those stored in the Trezor Suite database: Suite is 'blocked' and the warning modal is shown.
Scenario 2: Trezor Suite is online and the device firmware version is not present in the local database
- Trezor Suite looks for the remote database in the Data repository and checks it; firmware version and RevisionID on the device match those stored in the Trezor Suite database: OK
- Trezor Suite looks for the remote database in the Data repository and checks it; firmware version and RevisionID on the device do not match those stored in the Trezor Suite database: Suite is 'blocked' and the warning modal is shown.
Scenario 3: Trezor Suite is offline and the device firmware version is present in the local database
- Trezor Suite checks and the firmware version and RevisionID on the device match those stored in the Trezor Suite database: OK
- Trezor Suite checks and the firmware version and RevisionID on the device do not match those stored in the Trezor Suite database: Suite is 'blocked' and the warning modal is shown.
Scenario 4: Trezor Suite is offline and the device firmware version is not present in the local database
- Trezor Suite checks the local database and the firmware version is not stored there; the remote database cannot be downloaded (Suite is offline) therefore Suite displays this banner at the top of the screen:
- Once online the banner disappears; Suite looks for the remote database in the Data repository, checks it and if the firmware version and RevisionID on the device match those stored in the Trezor Suite database: OK
- Trezor Suite looks for the remote database in the Data repository, checks it and if the firmware version and RevisionID on the device do not match those stored in the Trezor Suite database: Suite is 'blocked' and the warning modal is shown.
Disabling device checks
Device checks can be turned on/off in the
Danger area under
Settings > Device. These security checks should only be disabled for testing and development purposes (with firmware that has not yet been released).