All articles

Trezor firmware authenticity check on mobile

The firmware authenticity check is designed to be an extra safeguard against counterfeit Trezor devices. Such devices appear sporadically (primarily on unauthorized eshops / marketplaces) and this additional device 'authenticity check' should catch the more advanced fake devices in circulation.


How does the firmware authenticity check work?

Each firmware binary has several properties, including the firmware version and the RevisionID attribute. These properties are stored in Trezor Suite Lite, as well as on a remote server (data repository), which means we know about all released firmware versions (plus their revisions).
 
Your Trezor device communicates these features with the Suite Lite application, and they are checked against the database of versions stored in the application. If these attributes match then nothing happens and you can continue using your Trezor and Suite the same as usual. However, if they do not match, Suite Lite will display the following warning modal:
 
 

Access to Suite Lite is effectively 'blocked' at this stage, and you should select Contact Trezor Support button to resolve your issue. You can also escape this screen by pressing Close or the X button in the top-left corner.


As the database is stored in the app, these checks occur even if Suite Lite is offline, but there are several different scenarios for the firmware check:


Scenario 1: Trezor Suite Lite is online and the device firmware version is present in the local database

  • Firmware version and RevisionID on the Trezor device match those stored in the Trezor Suite Lite database: OK
  • Firmware version and RevisionID on the device do not match those stored in the Trezor Suite Lite database: Suite Lite is 'blocked' and the warning modal is shown.


Scenario 2: Trezor Suite Lite is online and the device firmware version is not present in the local database

  • Trezor Suite Lite looks for the remote database in the Data repository and checks it; firmware version and RevisionID on the device match those stored in the Suite Lite database: OK
  • Trezor Suite Lite looks for the remote database in the Data repository and checks it; firmware version and RevisionID on the device do not match those stored in the Suite Lite database: Suite Lite is 'blocked' and the warning modal is shown.


Scenario 3: Trezor Suite Lite is offline and the device firmware version is present in the local database

  • Trezor Suite Lite checks and the firmware version and RevisionID on the device match those stored in the Suite Lite database: OK
  • Trezor Suite Lite checks and the firmware version and RevisionID on the device do not match those stored in the Suite Lite database: Suite Lite is 'blocked' and the warning modal is shown.


Scenario 4: Trezor Suite is offline and the device firmware version is not present in the local database

  • Trezor Suite Lite checks the local database and the firmware version is not stored there; the remote database cannot be downloaded (Suite Lite is offline) therefore the app displays this banner at the top of the screen:
 
 
  • Once online the banner disappears; Suite Lite looks for the remote database in the Data repository, checks it and if the firmware version and RevisionID on the device match those stored in the Suite Lite database: OK
  • Trezor Suite Lite looks for the remote database in the Data repository, checks it and if the firmware version and RevisionID on the device do not match those stored in the Suite Lite database: Suite Lite is 'blocked' and the warning modal is shown.


Disabling the firmware authenticity check

The firmware authenticity check can be turned on/off by going to Settings > Features > Device Checks and selecting Turn off:
 


 
These security checks should only be disabled for testing and development purposes (with firmware that has not yet been released).
Trezor firmware authenticity check on mobile