Online discussions continue to swirl around Ledger’s new firmware update for its crypto hardware wallet, which experts have claimed could put users’ private keys at risk.
Ledger published a Twitter thread on Wednesday attempting to alleviate concerns around the safety of users’ assets, but published a self-contradictory and confusing tweet that stoked the flames of controversy even further.
Ledger’s Worrying Tweet
In a now-deleted tweet, Ledger support verified criticisms from Wednesday exposing a troublesome reality of using their product: the manufacturer could, technically, release firmware that extracts users’ private keys from their wallets.
“You have always trusted Ledger not to deploy such firmware whether you knew it or not,” wrote the company.
Ledger’s Deleted Tweet. 05/17/23
This contradicts a claim from the company’s main account last November, in which Ledger claimed that user private keys cannot be extracted from a wallet’s secure element chip through a firmware update.
At the time, Ledger and other wallet manufacturers were recording record sales in the aftermath of FTX’s collapse, as crypto investors sought the security of self-custody and cold storage for their crypto assets.
On Thursday, Ledger said that it decided to delete its Wednesday tweet due to its “confusing wording.” However, Ledger’s CTO Charles Guillemet published a follow-up thread explaining that wallets, in general, have “many ways” to implement a backdoor, and that some level of trust is required with any third-party wallet purchase.
22/ If you want to be completely trustless, you’ll have to learn electronics to build your computer, learn ASM to build your compiler, then build a wallet stack, your own node and synchronizer, you’ll have to learn cryptography to build your own signature stack.
— Charles Guillemet (@P3b7_) May 18, 2023
“Open source doesn’t really solve this,” he added. “It’s impossible to have guarantees that the electronic itself is not backdoored, nor that the firmware that runs inside the wallet is the one you audited.”
Ledger Recover
Criticism around Ledger swelled on Wednesday after the company announced its new hardware wallet service “Ledger Recover.” With user permission, the service breaks a wallet’s private keys into three shards, encrypts them, and stores them with three separate centralized providers – one of which is Ledger.
The subscription service requires users to provide personal identifying information before using it. In return, users are granted a method of recovering their private keys in case they lose both their hardware device and seed phrase paper backup.
The crypto community blasted the service and its associated firmware update for adding a code path that can send private keys to third parties. Many experts including developer and auditor “foobar” recommended that followers stop using the company’s devices.
If you have a ledger, your keys are not compromised (yet). But if you upgrade to the latest firmware, it’ll stick in a code path that can send your private key to third parties. Given ledger doxxed their own customers in the past, it’s unlikely that they’ll keep this info safe
— foobar (@0xfoobar) May 16, 2023
The post Ledger Responds to Customer Fears On Wallet Safety, But Deletes “Confusing” Tweet appeared first on CryptoPotato.
Bitwise’s Chief Investment Officer, Matt Hougan, has pointed to excessive expectations surrounding the approval of Exchange-Traded Funds (ETFs) as the primary cause of the recent price falls in cryptocurrencies. Contrary to popular belief, Hougan argued that the sell-off was not directly tied to ETFs but rather to the market’s anticipation of their approval and subsequent
Reflecting on the past year, 2021 has been great for Bitcoin and the cryptocurrency market. It even saw the birth of two BTC futures ETFs in the States, but with just a week remaining until the end of it, American investors might not see spot one. SEC in no Mood for Spot Bitcoin ETFs According…
Ethereum saw a small price drop today as the coin falls to $316. This comes after ETH managed to increase by a total of around 30% this week. Against Bitcoin, Ethereum reached as high as 0.0317 BTC but has since dropped to 0.0288 BTC. ETH/USD: Bullish Push Stalls At $323 Key Support Levels: $306, $300,…
Nearly $2 trillion in crypto market value has evaporated in months since the sky-rocketing prices in November last year. But, according to JPMorgan Chase & Co.’s Nikolaos Panigirtzoglou, the deleveraging that prompted the rout is at an advanced stage and may not have much further to run. A Bottom May Be Near With markets sliding…
Over the past two days since our last price analysis, Bitcoin had been consolidating between a tight range of the support and resistance levels of $3850 and $3950. This was anticipated following the latest decent bullish move. So far, it seems that the correction to is considered healthy. Besides the Bitcoin chart, the BitFinex open…
Following another drop to $52,500, bitcoin reacted positively and regained $2,000 of value in the following hours. However, the asset continues to be outperformed by most alternative coins, and its dominance is down to 48%. Ethereum reached yet another ATH yesterday, while BNB spiked well above $600. ETH’s Latest ATH; XRP Surged 15% Most alternative…
US Representative Warren Davidson continues to push for Gary Gensler’s removal as the chairman of the Securities and Exchange Commission (SEC) following Grayscale’s recent win in court against the agency. Industry stakeholders and the broader crypto community believe Gensler and the SEC’s regulation by enforcement approach towards the crypto industry caused more harm than good
Despite the ultimate crash of FTX, the Japanese subsidiary of the company reportedly plans to allow client withdrawals by the year’s end. The fiasco of Sam Bankman-Fried’s exchange became one of the major events in crypto’s history. Once valued at approximately $32 billion, it recently failed to honor users’ withdrawal requests and reported severe liquidity…
Lawful crypto mines will not face restrictions or be disconnected from the national grid, as long as they don’t compromise the country’s energy security, Kazakhstan Minister of Energy Magzum Mirzagaliyev said at a meeting with the mining industry, according to a ministry press release on Wednesday.Electricity has been in short supply in the fossil fuel-dependent…