In light of the recent Ledger controversy, Charles Hoskinson, co-founder of Cardano, has shared his perspective on the matter, emphasizing the importance of open-source software, simplicity in design, and honouring security promises.
Ledger is a France-based security firm that specializes in manufacturing crypto storage devices. For most of this week, the firm has come under fire from the crypto community after it deleted a May 17 tweet stating that it was “possible” for Ledger to write firmware that could extract users’ private keys.
The controversy surrounding the matter began on May 16 when the company introduced its latest service, “Ledger Recover.” The following day, the firm’s customer support tweeted, acknowledging that it was “possible” for Ledger to develop firmware capable of extracting users’ private keys. However, the tweet was subsequently deleted, amplifying the ongoing debate surrounding the topic, particularly because it directly addressed the introduction of the new feature.
The firm team, however, attempted to clarify the situation with Ledger chief technology officer Charles Guillemet emphasizing in a May 18 tweet that Ledger’s operating system (OS) mandates user consent whenever the OS interacts with a private key. This means that the OS cannot copy the device’s private key without the explicit consent of the user.
That said, despite the assurances, most people still seem unconvinced, with other observers now offering what they perceive will be a lasting solution to Ledger’s woes.
Hoskinson’s Advice to Ledger
Late Friday, May 19, Hoskinson weighed in on the situation, highlighting key considerations for individuals seeking secure cryptocurrency storage solutions.
Firstly, Hoskinson encouraged the adoption of open-source software that has undergone regular audits by multiple sources. According to him, by choosing such software, users can benefit from enhanced transparency and the collective efforts of the developer community to identify and address potential vulnerabilities.
He also emphasized the principle that security often stems from simplicity, asking developers of hardware wallets to “Design the smallest possible footprint” in a bid to minimize attack vectors and potential points of weakness.
Addressing the issue of firmware updates, Hoskinson emphasized the significance of non-updateable firmware in cases where a company explicitly promises a specific security model. While he acknowledges the difficulty of replicating this concept in cryptocurrencies, he suggested that decentralizing the update process could significantly bolster security measures.
Lastly, Hoskinson emphasized the importance of not breaking social contracts within the cryptocurrency ecosystem. This serves as a reminder for developers and service providers to uphold their promises to users, fostering trust and accountability within the community.
That said, as the Ledger controversy unfolds, the ultimate redemption of the firm’s reputation hangs in the balance. Nevertheless, on Friday, Éric Larchevêque, Ledger co-founder and CEO, apologized, terming the events as “a total PR failure.” He further requested users to be patient, stating that the meltdown was “absolutely not a technical one.”
“Some amount of trust must be placed into Ledger to use their product. If you don’t trust Ledger, meaning you treat your HW manufacturer as an adversary, that can’t work at all,” he wrote on Reddit.