Trezor Bridge operates as a local HTTP server that facilitates secure communication between web applications and Trezor hardware wallets. Understanding this architecture helps appreciate the security model.
The bridge runs on localhost (127.0.0.1) on specific ports, creating an isolated environment that's only accessible from your local machine. This design prevents remote attackers from accessing your hardware wallet.
When you visit a web application that needs to interact with your Trezor, the website makes requests to your local Trezor Bridge instance. The bridge then translates these requests into commands that your hardware wallet understands.
All communication is encrypted and signed, ensuring that commands haven't been tampered with in transit. Your Trezor device verifies each command and displays transaction details on its screen for your manual confirmation.
This layered security approach means that even if your computer is compromised, an attacker cannot execute transactions without physical access to your hardware wallet and knowledge of your PIN.