I still want to run a bootloader that I compile that will check for my signatures on firmwares that I compile.

The only way to do this is to start with a blank MCU and write down my bootloader.

As I talked about in the last post, SatoshiLabs does not make it easy to build your own Trezor from base components.

There are clone devices on the market, so I took a decently detailed look at how they compare to the Trezor and what differentiates them.  Watch the video for some of the details.

But I wanted a trezor clone with a blank chip.  I emailed Black Arrow to see if they could help me, and they sent me a handful of Black Arrow eWallets with blank chips and a little wire loop that extends outside the enclosure.

The wire connects the BOOT0 pin to high (1), which allows the MCU to boot into the STM bootloader (DFU mode) that allows me to write down my own bootloader and firmwares.  Cutting the wire reverts the pin to low (0) and will allow the device to start up into the application code.

Some source modifications to the bootloader code to remove the write protection enabling parts, and soldering the wire loop to header pins allow me to use this device as a bootloader development platform, alternating between writing down my own bootloader and running it and making changes and writing down a new bootloader again.

I could also design my own Evil bootloader and load it onto these devices, remove the wire loop, and they would physically look just like a standard BlackArrow eWallet.  I could then sell them on eBay or Amazon as if they were legitimate.