Charles Hoskinson weighs in on Ledger’s recent controversy.
Cardano founder Charles Hoskinson has joined crypto community members to react to Ledger’s recent controversial tweet about how its firmware works.
Ledger Controversy
For context, Ledger stressed in a May 16 tweet that it could write firmware that could extract users’ private keys.
“Technically speaking, it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware whether you knew it or not,” Ledger noted in a now-deleted tweet.
Following the controversy that trailed the tweet, the prominent cryptocurrency hardware wallet deleted it and issued a statement addressing the issue. According to Ledger, the deleted tweet was written by one of its customer support agents.
Ledger’s Chief Technology Officer Charles Guillemet asserted that the wallet’s operating system (OS) requires “users’ consent anytime a private key is touched.”
The statement suggests that the Ledger wallet’s OS cannot copy users’ private keys without their consent. Furthermore, Ledger noted that it cannot access users’ secret recovery phrases.
Self-custody is at the core of our offering, and your Secret Recovery Phrase is securely generated on your device. We have no access to it. This will NEVER change. We are uncompromising about security.
— Ledger (@Ledger) May 16, 2023
Cardano Founder Comments on the Incident
Despite Ledger’s clarification, crypto community members have been reacting to the development. Earlier today, Hoskinson highlighted six key insights regarding the controversy that trailed the prominent cryptocurrency hardware wallet.
With respect to the Ledger controversy, I say the following:
1) always choose open source software whenever possible that has been audited by numerous sources on a regular basis
2) security comes from simplicity- Design the smallest possible footprint
3) non-updateable…
— Charles Hoskinson (@IOHK_Charles) May 19, 2023
Firstly, Hoskinson warned crypto investors to prioritize open-source software that has undergone a series of audits. It is worth noting that open-source software creates room for transparency and also makes public scrutiny easier.
Secondly, the Cardano founder asserts that security mainly comes from simplicity rather than complex infrastructure. On this note, Hoskinson suggests that it is better to design hardware wallets with “the smallest possible footprint” as this would make it difficult for attackers to exploit vulnerabilities.
Thirdly, Hoskinson stressed that it is essential for crypto hardware companies to adopt a non-updatable firmware model, especially when they make strong promises about their security model.
For the fourth point, Hoskinson stated that crypto investors acquire hardware wallets in order to provide personal security for their funds.
Additionally, the Cardano boss said the hardware wallet space is an extreme example of self-custody.
“We could just as easily PGP encrypt some seeds and leave them in Gmail. We choose to use hardware wallets because they guarantee that the private keys stay in one place on hardware that’s hard to tamper with,” he said.
Lastly, Hoskinson stressed the importance of not breaking social contracts.
Disclaimer: This content is informational and should not be considered financial advice. The views expressed in this article may include the author's personal opinions and do not reflect The Crypto Basic’s opinion. Readers are encouraged to do thorough research before making any investment decisions. The Crypto Basic is not responsible for any financial losses.
-Advertisement-
