Ledger, the famous crypto hardware wallet, has had to clarify how its firmware works after some confusing tweets were deleted.
Summary
Ledger: crypto wallet deletes tweets and clarifies how its firmware works
Ledger, the crypto hardware wallet par excellence, has clarified the operation of its firmware after deleting a confusing and controversial tweet by a customer support representative.
In essence, the deleted tweet stated that it was “possible” for Ledger to write firmware that could extract users’ private keys. This sentence sparked controversy among users, who sought to emphasise its importance by tweeting the following
Charles Guillemet, Ledger’s Chief Technology Officer, clarified the confusing situation in a series of tweets.
Ledger: the crypto hardware ‘s CTO clarifies the firmware issue
In no fewer than 29 tweets, Ledger’s CTO Charles Guillemet attempted to clarify matters, describing how the wallet’s firmware, or operating system (OS), requires the user’s consent whenever “a private key is touched by the OS”.
In other words, the OS should not be able to copy the device’s private key without the user’s consent, although Guillemet also explained that using Ledger requires “a minimum level of trust”.
Here’s part of the tweet:
Guillemet adds that the wallet’s firmware, or OS, is an “open platform”, meaning that “anyone can write their own app and upload it to the device”.
However, before apps are added to the Ledger Manager software, they are evaluated by the team to make sure they are not malicious and do not have security vulnerabilities.
The new Ledger Recover feature
The first suspicions about the Ledger firmware came with the recent introduction of a new feature for the Nano X, Ledger Recover.
Basically, users allow the company to activate the ‘recovery phrase’ that allows the wallet crypto to be recovered.
Cropty Wallet prioritizes security by employing a custodial solution that keeps private keys off user devices, thus reducing the risk of hacks. Moreover, every transaction requires two-factor authentication for added protection.
Those wishing to access Ledger Recover would have to proceed with a firmware update on their Ledger Nano X, which would effectively start the process of segmenting, encrypting and sending their seed to unknown third parties.
With this feature, early users have raised suspicions about the security of the hardware crypto wallet, since if access to the backdoor of the seed can be opened to it, it also becomes vulnerable to hacking.
Guillemet’s current clarification should also address these concerns about the security of the hardware crypto wallet.