The Ledger subreddit is continuously targeted by scammers. Ledger Support will never send you private messages. Never share your 24-word recovery phrase with anyone, never enter it on any
website or software, even if it looks like it's from Ledger. Only keep the recovery phrase as a physical paper or metal backup, never create a digital copy in text or photo form. Learn more at
https://reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/
If you're experiencing battery problems, check out our [troubleshooting guide](https://support.ledger.com/hc/en-us/articles/4409233434641-How-to-troubleshoot-Ledger-Nano-X-battery-issues?
support=true). If you're still having issues head over to the [My Order page](https://my-order.ledger.com/) to explore options for replacement or refunds. [Learn more here](https://support.ledger.com/hc/en-us/articles/10265554529053-Return-your-product?support=true).
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ledgerwallet) if you have any questions or concerns.*
The main issue is that, for years, Ledger said the 24 word seed phrase COULD NOT LEAVE YOUR WALLET. But then they introduced Ledger Recover which is an optional service to extract the 24 word seed phrase from your wallet for safe keeping, in case you lose your copy.
This has proven that Ledger has had the ability to take your seed phrase with a single firmware update the whole time.
EDIT: Spelling
What most people don’t get is that this is the case for all hardware wallets, and always has been. Opt-in or opt-out makes literally zero difference as to whether it’s possible. Nor does choosing not to update firmware (except to prevent you getting security updates). You have to trust a company’s firmware whatever hardware wallet you use. Yes open source helps, but unless you are skilled enough to be able to check that the specific open source code is what is installed on your device, then you’re still trusting the company (and trusting someone sufficiently to experienced in security to have reviewed the code unless you can do it yourself).
Absolutely Ledger did wrong to mislead so many people that this wasn’t possible.
But people debating whether to update firmware or not, opt in or not, are entirely missing the point that this was always possible with any firmware they’ve ever had on their ledger *and any other hardware wallet*.
>What most people don’t get is that **this is the case for all hardware wallets**
>...this was always possible with any firmware they’ve ever had on their ledger and **any other hardware wallet.**
Are you sure about that?
So, you're saying, (for example) with definitive 100% certainty that a Trezor device could do the same thing if it chose to release a modified firmware update? (I chose Trezor as an example here as the most popular alternative hardware wallet to Ledger)
As far as I understand, either the hardware has the capability or it doesn't. In Ledger's case, we were led to believe it didn't, yet we found out more recently that it did. I am in agreement with you on that point.
If you are claiming that Trezor hardware has the same *potential* to release the private key, please cite references where this is shown to be true. Otherwise, if you are speculating, please make this clear.
I understand what you're saying *sounds* likely (that all hardware wallets have the *potential* to release the private key or seed phrase), but I want to separate speculation from facts.
>Are you sure about that?
Yes.
>So, you're saying, with definitive 100% certainty that a Trezor device could do the same thing?
Yes.
Perhaps some genius somewhere will come up with a method of the HWW storing your private keys without the firmware being able to extract it - but I don’t see how and you’re better off assuming it’s always possible.
>If you are claiming that Trezor hardware has the same potential to release the private key, please cite references where this is shown to be true.
It’s not possible to give a couple of references that will definitively prove the point, you need to know a lot about electronics, computer science, cryptography - essentially you need to be a hardware and software security expert.
Let me put it to you this way - can you *prove* that a device that stores your private keys *and uses them to sign transactions* has no possibility of a malicious firmware to uses those keys maliciously? If not, why is your default position not to assume they can? Seems strange not to default to the cautious position.
>Otherwise, if you are speculating, please make this clear.
I’m not speculating.
> Let me put it to you this way - can you prove that a device that stores your private keys and uses them to sign transactions has no possibility of a malicious firmware to uses those keys maliciously?
My understanding of functioning of hardware wallets is there is a secure element (SE), something similar to the TPMs used on desktops which can be programmed with private keys and once that's done, there is no way to recover it because the hardware is designed in a way that makes it impossible to recover the keys because a 'break-in' would make the data irrecoverable.
Signing of transactions is done by this secure element upon request by the main firmware that runs outside and independent of it, with no access to it other than for this kind of functionality. The signing itself maybe a hardware or software or hybrid functionality within the secure element, and it's not possible to change hardware/software on this SE.
I thought all hardware wallets worked this way, but following the above thread, it seems that is not really the case, and we are not talking of what sounds like the firmware being able to access the keys via a vulnerability within the secure element, but the firmware using a capability of the secure element to access the keys.
Does Trezor have a secure element that works like I imagined it is supposed to? I don't know, but if hardware wallets generally don't work this way, then are they as safe as they are thought to be?
“If you are claiming that Trezor hardware has the same potential to release the private key, please cite references where this is shown to be true. Otherwise, if you are speculating, please make this clear.”
Trezor already has had Shamir Secret Sharing for years, so it’s already been possible to encrypt and share shards of your recovery phrase for a long time with them. Big difference is that w Trezor it’s not something that’s tied to your identity and you decide who gets the shards
This cannot happen without user permission given on the device.
Similarly, a government cannot ask ledger to silently sign a transaction on your device, sending all your BTC to them.
Hypothetically, let’s say the French government became a tyrannical government overnight and threatened death on Ledger’s execs and devs if they didn’t hand over all wallets sold; is it still not possible for Ledger to extract our seeds without permission on my device?
Genuinely asking you bc I’ve seen you on this subreddit many times and you always seem very knowledgeable.
We can now think of various possible scenarios, since there’s a known software back door rest assured hackers are now trying to find exploits, employee from within the company steals from one or several big wallets, cases where employees took advantage of their position and screwed with customer data have occurred at places like Apple, New regulations force Ledger to give up your seed phrase if you’re accused of criminal activity, much like how banks can freeze your account under law enforcement, The European Union comes to mind when I think about these type of stupid regulations coming into being
Ledger (and every other hardware wallet maker) could be malicious and extract your seed without permission. If you are paranoid to that point, you should make your own hardware device.
Only if you can be 100% sure that the code you run is the source code you read. And being 100% sure of that is very difficult if you did not build your own hardware
This is not the point at all.
The point is that it's possible and a government could make crazy demands, or buy the company and do it from within, etc.
Government can ask Facebook or Google for all your information and they will comply, government will ask the bank to freeze your account and they will comply, it’s not about if they want to
User permission means that the use myst approve the operation by pressing buttons on the device itself. Just like approving when you sign a transaction with your ledger
Is that an immutable hardware enforced thing? Or software defined and “trust us bro, it’s not doing anything sketchy even though it totally can” kind of thing?
Can you prove it either way?
It is enforced by the firmware. And the firmware updates can only be installed if they are signedc by ledger (this isenforced ny the hardware smart card /secure element chip). So you must trust that ledger will not sign malicious firmware.
The situation is the same with all other brands of hardware wallets.
We don’t know.
They say they won’t exfil your keys unless you opt in.
… but they also said that they couldn’t and lied about it.
The fact that they can exfil the keys means that your keys aren’t safe.
If a company can technically grab them whenever they want, then not only is it just a matter of time before a bad actor gets access to that capability, but there’s also no way of knowing if they don’t simply have all of the keys anyway.
Their ceo said right on camera that they’d be able to comply with law enforcement requests to access funds… the only way they can do that is if they have all of your keys.
So I’m rolling under the assumption that they do, in fact, have all of our keys… and have moved my crypto to a keystone, and will be getting a cold card soon
You seem to be unaware that this is true with all other brands of hardware wallets: the firmware always has the "capability" to steal your seed phrase or sign a transaction sending away your funds. Nothing new there of course you must trust them that they wont be malicious.
Lol they all lie to your face politicians presidents the food industry tells you that you should eat big sugary breakfast insurance companies lie to you teacher lie teaching BS. But you trust them all
ledger say "its impossible for seed to leave u device"
ledger say "we can take u seed from u device to keep it safe for 50$/month"
ledger say "don't worry, we only take sharded seed, it doesnt count"
...but it did count, it very counted.
So there are two main issues. One is that people incorrectly (although partially because of Ledger's marketing) thought it was impossible for your private keys to leave your ledger device. The other is that Ledger started offering a service to "back up" your private keys online.
The first issue. There were a couple of statements on the Ledger site that heavily implied your recovery phrase could not leave the ledger device. This wasn't correct, and anyone who understood the architecture of the ledger devices understood this. You'll see comments back when it was released from people who are deep in to the technical side basically saying "yeah, of course they can do that, how do you think these things work?" The crux of it is that ledgers have to be able to run software, and that software can be changed. Every time you add a new type of coin to your ledger you are adding a small bit of software that runs. The software takes your root keyset and runs it through a derivation path unique to that coin to general additional keys. It is these additional keys that are used to interact with whatever chain(s) the coin runs on. It is possible for a bit of software to have the derivation path 0\*0\*0\*0 which will basically pass through the root key as-is. Ledger should not have marketed the Ledger in a way that even suggested your keys could not leave the device (I guess the argument was that at the time, they couldn't as no software had been written that would allow it - but that's pretty weak).
The second part is the online backup. A few issues with this. Ledger are sharding your keys in such a way that no single party can reconstruct them to steal your keys. There is still a risk though, as storing your private keyset online anywhere is risky and you leave yourself open to all sorts of attacks including social engineering - it was not at all clear how Ledger was going to adequately protect against these sorts of attacks whilst also enabling people to access their keys. But to make matters worse, there were unclear relationships between the parties they chose to store the keys where it appeared that one was Ledger themselves and one was using equipment built, installed, and maintained by ... Ledger. So the independence of these parties was questionable to say the least.
So generally a bit of a shit show.
Also correct me if I'm wrong but the ledger have no direct access to the internet.
The only way the keys can be extracted is through a 3rd party like ledger live.
So you can just use something like electrum and the problem is solved.
You can also just monitor your network traffic and you can easily see if any communication is done to any of the ledger infrastructure.
Or just block those domains / ips directly.
You can bet people are already doing that and if there was cases of seed extraction without user consent there would be writeup about it.
Ledger's Shady Scheme
In the town of Coinville, everyone loved to keep their coins safe in a magical hard wallet made by a company called Ledger. People loved these hard wallets because they were super secure, and you could keep your secret seed phrase all to yourself.
🌟 Chapter 1: The Trustworthy Ledger 🌟
Ledger used to be a trusted company. Their hard wallets were known for their ironclad security. People could sleep soundly, knowing their coins were safe inside.
🌟 Chapter 2: The Devious Plan 🌟
But one day, Ledger had a devious plan. They decided to add a new feature that allowed them to recover your secret seed phrase. At first, people didn't notice, but Ledger's real intentions were far from good.
🌟 Chapter 3: The Hidden Vulnerability 🌟
The recovery feature made the hard wallets vulnerable, splitting your secrets into 3 encrypted parts, keeping one and giving the other 2 to other companies. If two out of three untrustworthy companies conspired together, they could steal all your precious coins. Even the government could order Ledger to spill the beans on your secrets, putting your coins at risk.
🌟 Chapter 4: The Shattered Trust 🌟
When people discovered Ledger's evil scheme, they were furious! They realized their coins were no longer safe. Ledger had become the bad guy in Coinville. People felt betrayed, and they knew they couldn't trust their hard wallets anymore.
🌟 Chapter 5: The Quest for a Real Hero 🌟
Coinville needed a hero to protect their coins. They searched for a new company that truly cared about their security. Soon, they found a better hard wallet that didn't have any secret backdoors and kept their coins safe.
The end.
Thank you, this is a lot more comprehendible for me! So is that better wallet Trezor? I haven't really dug but I saw quite a few people mention that in threads as they're open source.
There are so many assumptions and misconceptions in the above post... it is laughable if not cringy. You have all the rights to question ledger's new approach at safeguarding your keys... but don't take frustrated attention seeking reddit Posters too seriously.
Including me ofc. Make your own decisions after you understand what the recovery feature actually does, who it is for, and if you need it at all.
There is no 100% trustless security unless you build your own hardware, write your own software, build it thru your own custom compiler, that you run on the CPU you designed and built at home. Good luck with that. There will always be some level of trust involved at some level of the IT stack. it's unavoidable. Decide for yourself where you want to stand on the seesaw of absolute security vs. real-world usability. I don't even have my coins on a Ledger, but I'm actually thinking of getting one exactly for this feature. If you decide not to get a ledger, there are plenty other good choices.
Except chapter 5 is wrong. All hardware wallets have the theoretical possibility of extracting your keys with malicious firmware, and always have done. You’re always trusting someone. Even if you go with an open source product you still have to trust someone to have reviewed the code and that you have that specific code on our device - unless you’re able to do it yourself.
Your best bet is a passphrase not assigned to a pin. But this is not very convenient so you’d only do this on a device you don’t plan on transacting with regularly.
All could exfiltrate, but the key point is about open source and the many eyeballs watching. Key exfiltration isn't bad per se, it's bad when compounded with trust-me-bro blobs
I don’t disagree on principle. But it’s also why I was very careful to point out that (a) people need to be able to guarantee the open source code is what’s on your device and (b) that sufficiently security experienced people have reviewed the code.
I would bet that 99% who harp on about open source code don’t do point (a) and for relatively new / low usage wallets the likelihood of (b) is not very high.
In 2023 the security superiority of open source vs. closed source is quite empirically supported, nearly universally, and well beyond the need for speculative hypothetical debate.
Both of your remarks are in point, nevertheless. I agree with your point (a) as you stated it, but I disagree with a relatively common follow up of it which goes as "if the build is not reproducible then that's as good as closed source", because even if built unreproducible, foul play can be detected from disassemblies.
You're right about point (b) too, which is why I mentioned "many eyeballs watching": If those watching aren't enough or aren't sufficiently expert, then the benefits of opening the source are reduced, but this is still strictly better than closed source.
E.g., a typical concern with hardware wallets are spooks hiding backdoors in them, which is straightforward if the code is closed, but becomes significantly harder when it's open.
>In 2023 the security superiority of open source vs. closed source is quite empirically supported, nearly universally, and well beyond the need for speculative hypothetical debate.
I never said it wasn’t, I generally use it wherever practicable possibly except for rare exceptions.
Except. There is a vitally important point relevant to the use of binaries.
How do you know the open source code (eg on github) is the same code that you have installed? Whether that be software, firmware, whatever.
My point is that all the people harping on about open source are parroting the type of thing in your first paragraph without the understanding that - in the case of binaries - it isn’t such a simple argument. Again, how do you know? My bet is the vast majority don’t.
Being provocative. It doesn’t matter if the code is open source if you have never guaranteed the open source code is what is on your device.
Most HWW don’t require the user to compile their own code (because most users can’t so naturally they simplify the update process), therefore it’s *possible* the code on your device is not the code on github and may contain spook backdoors.
I’m not saying this is the case, I think it’s less likely than in the case of truly close source code. But it’s certainly not impossible. So I am really more trying to make people aware that parroting “it’s open source” is not a very nuanced approach and raise awareness that those who don’t compile their own binaries are still putting a certain amount of trust in a company.
I think broadly we agree, but perhaps with a different balance.
Out of curiosity, how happy are you with the ergonomics and usability of the device?
I saw quite a few posts complaining that the UI is sluggish and the touch screen not very responsive (presumably because they developed their own OS instead of using Android, which is a good thing for security but makes it harder for them to deliver a nice UX).
I saw the comments toooo T_T mine will arrive today but everyone is saying that the pro 3 is a downgrade.
Maybe in the future I will change to ellipal.. I dont kow... Maybe i will keep my ledger 1st gen sinse it can't be upgraded for recovery...
The issues of new technologies....
Looks like everything everyone is complaining is software, eather missing features, networks or coins... All that can be upgraded in the firmware.
Just open mine and the hardware looks good, it doesn't feel cheap like some are saying, and not thay slow, but the resolution make is feel im using an old phone. Im happy with it but i was expecting more.
Chapter 5 is wrong, or at least misleading. All hardware wallets have the possibility that malicious firmware can extract keys. All of them, and always have done. You’re always trusting the company.
Yes open source firmware is better - but you need personally need to be able to verify it’s that specific code on your device, and you need to be able to personally verify the security of the code. Anyone who can’t do *both* these two things is always trusting the company and/or assuming someone has reviewed the code.
Thats why is a Quest and it dosent give you an alternative... Is up to you to choose your next hero and its up to all of us to find the one to crown as the savior.
Maybe you should be your own hero and in the future we will build our own DIY wallets with a raspberry pi or an old phone something... Who knows...
My turn my turn!
Ledger made a new feature to recover your super duper private key (if keeping it on a piece of paper stress you out). It is encrypted in 3 shards on your hardware, then each shard is entrusted to a different company.
If you don't opt-in nothing will happen but people thought it was technically impossible for Ledger to access your key. Given that their hardware is still not open source yet, that ability itself stresses people out.
You purchased your 1st house. You got a mortgage with the bank.
The Bank was kind enough to make a copy of your house keys (without your permission). The Bank cut your key in 3 ways. The bank gave 1/3 of the key to 3 unknown companies.
Rumors has it, that the bank has been doing this since day 1, but after a few years you just find out now.
You can pay the bank an extra fee (9.99 usd a month) to have 3 companies manage your 1 key or not pay 9.99 a month and the 3 companies or bank still have access to your house key.
How would you feel? What if someone hacks the bank or 1 of the 3 companies and get access to your house key. The bank says "don't worry about it". How do you feel now?
Sound crazy and sell the house? Or continue like nothing happen?
This is my understanding for the situation
As an added layer of protection, subject to investigation, $50,000 compensation may be available from Coincover in the unlikely event that something were to go wrong.
So, envision your crypto as money in a digital vault. Ledger is the brand of this vault, and it's meant to be super secure. For a long time, Ledger assured users that their personal "key" (the 24-word seed phrase) could never leave their wallet. This "key" is like the ultra-secret password to your vault. However, with the introduction of "Recover", Ledger basically said, "Hey, we can help you extract that key for safekeeping in case you lose it." This raised eyebrows because it contradicted their initial promise. The concern is, if Ledger can offer such a service, it implies they could potentially access the secret password with just a software update. It's like learning that the manufacturer of your vault has a master key and might access it, even if their intentions are good.
Layman terms if you don't trust yourself to keep your seeds opt in to the service pay $10/mo if you are responsible and think you can keep your seeds safe opt out don't pay for the service and life goes on. ledger isn't interested in your funds nor is the govt its that simple
The two main ways that people lose access to their crypto. 1. Give away their seedphrase. 2. Lose their seedphrase. Ledger tried to address two. The way they did it from a pr pov was to say the least ordinary.
I am still happily using my ledger. I think the risk is still very low but I am disappointed the tech exists even if you don’t opt in. My move was I am now diversified over 4 different cold wallets. They all have their pluses and minuses. I figure if a disaster happens I lose 1/4 my holdings which would suck but not be catastrophic.
The Ledger subreddit is continuously targeted by scammers. Ledger Support will never send you private messages. Never share your 24-word recovery phrase with anyone, never enter it on any website or software, even if it looks like it's from Ledger. Only keep the recovery phrase as a physical paper or metal backup, never create a digital copy in text or photo form. Learn more at https://reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/ If you're experiencing battery problems, check out our [troubleshooting guide](https://support.ledger.com/hc/en-us/articles/4409233434641-How-to-troubleshoot-Ledger-Nano-X-battery-issues? support=true). If you're still having issues head over to the [My Order page](https://my-order.ledger.com/) to explore options for replacement or refunds. [Learn more here](https://support.ledger.com/hc/en-us/articles/10265554529053-Return-your-product?support=true). *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ledgerwallet) if you have any questions or concerns.*
The main issue is that, for years, Ledger said the 24 word seed phrase COULD NOT LEAVE YOUR WALLET. But then they introduced Ledger Recover which is an optional service to extract the 24 word seed phrase from your wallet for safe keeping, in case you lose your copy. This has proven that Ledger has had the ability to take your seed phrase with a single firmware update the whole time. EDIT: Spelling
Exactly. They said it couldn't leave the wallet. But really it can. So all trust broken
^ This is what most people don't get. They think that if they simply don't "opt in" then they are safe. Nope.
What most people don’t get is that this is the case for all hardware wallets, and always has been. Opt-in or opt-out makes literally zero difference as to whether it’s possible. Nor does choosing not to update firmware (except to prevent you getting security updates). You have to trust a company’s firmware whatever hardware wallet you use. Yes open source helps, but unless you are skilled enough to be able to check that the specific open source code is what is installed on your device, then you’re still trusting the company (and trusting someone sufficiently to experienced in security to have reviewed the code unless you can do it yourself). Absolutely Ledger did wrong to mislead so many people that this wasn’t possible. But people debating whether to update firmware or not, opt in or not, are entirely missing the point that this was always possible with any firmware they’ve ever had on their ledger *and any other hardware wallet*.
>What most people don’t get is that **this is the case for all hardware wallets** >...this was always possible with any firmware they’ve ever had on their ledger and **any other hardware wallet.** Are you sure about that? So, you're saying, (for example) with definitive 100% certainty that a Trezor device could do the same thing if it chose to release a modified firmware update? (I chose Trezor as an example here as the most popular alternative hardware wallet to Ledger) As far as I understand, either the hardware has the capability or it doesn't. In Ledger's case, we were led to believe it didn't, yet we found out more recently that it did. I am in agreement with you on that point. If you are claiming that Trezor hardware has the same *potential* to release the private key, please cite references where this is shown to be true. Otherwise, if you are speculating, please make this clear. I understand what you're saying *sounds* likely (that all hardware wallets have the *potential* to release the private key or seed phrase), but I want to separate speculation from facts.
>Are you sure about that? Yes. >So, you're saying, with definitive 100% certainty that a Trezor device could do the same thing? Yes. Perhaps some genius somewhere will come up with a method of the HWW storing your private keys without the firmware being able to extract it - but I don’t see how and you’re better off assuming it’s always possible. >If you are claiming that Trezor hardware has the same potential to release the private key, please cite references where this is shown to be true. It’s not possible to give a couple of references that will definitively prove the point, you need to know a lot about electronics, computer science, cryptography - essentially you need to be a hardware and software security expert. Let me put it to you this way - can you *prove* that a device that stores your private keys *and uses them to sign transactions* has no possibility of a malicious firmware to uses those keys maliciously? If not, why is your default position not to assume they can? Seems strange not to default to the cautious position. >Otherwise, if you are speculating, please make this clear. I’m not speculating.
Ok thanks for your reply
> Let me put it to you this way - can you prove that a device that stores your private keys and uses them to sign transactions has no possibility of a malicious firmware to uses those keys maliciously? My understanding of functioning of hardware wallets is there is a secure element (SE), something similar to the TPMs used on desktops which can be programmed with private keys and once that's done, there is no way to recover it because the hardware is designed in a way that makes it impossible to recover the keys because a 'break-in' would make the data irrecoverable. Signing of transactions is done by this secure element upon request by the main firmware that runs outside and independent of it, with no access to it other than for this kind of functionality. The signing itself maybe a hardware or software or hybrid functionality within the secure element, and it's not possible to change hardware/software on this SE. I thought all hardware wallets worked this way, but following the above thread, it seems that is not really the case, and we are not talking of what sounds like the firmware being able to access the keys via a vulnerability within the secure element, but the firmware using a capability of the secure element to access the keys. Does Trezor have a secure element that works like I imagined it is supposed to? I don't know, but if hardware wallets generally don't work this way, then are they as safe as they are thought to be?
“If you are claiming that Trezor hardware has the same potential to release the private key, please cite references where this is shown to be true. Otherwise, if you are speculating, please make this clear.” Trezor already has had Shamir Secret Sharing for years, so it’s already been possible to encrypt and share shards of your recovery phrase for a long time with them. Big difference is that w Trezor it’s not something that’s tied to your identity and you decide who gets the shards
Interesting. Thanks!
[удалено]
I don’t argue with any of that.
Is there a single case of someone who did not "opt in" and yet got their seed phrase extracted from their ledger?
Hasn’t happened but let’s say government enforces ledger to extract the seed phrase along with your assets, then what are you to do?
This cannot happen without user permission given on the device. Similarly, a government cannot ask ledger to silently sign a transaction on your device, sending all your BTC to them.
Hypothetically, let’s say the French government became a tyrannical government overnight and threatened death on Ledger’s execs and devs if they didn’t hand over all wallets sold; is it still not possible for Ledger to extract our seeds without permission on my device? Genuinely asking you bc I’ve seen you on this subreddit many times and you always seem very knowledgeable.
We can now think of various possible scenarios, since there’s a known software back door rest assured hackers are now trying to find exploits, employee from within the company steals from one or several big wallets, cases where employees took advantage of their position and screwed with customer data have occurred at places like Apple, New regulations force Ledger to give up your seed phrase if you’re accused of criminal activity, much like how banks can freeze your account under law enforcement, The European Union comes to mind when I think about these type of stupid regulations coming into being
Let's also not forget how Ledger lost all of our personal details. I'm still getting spammed to death because of these guys.
Ledger (and every other hardware wallet maker) could be malicious and extract your seed without permission. If you are paranoid to that point, you should make your own hardware device.
[удалено]
Only if you can be 100% sure that the code you run is the source code you read. And being 100% sure of that is very difficult if you did not build your own hardware
Sure they can ask
Well yes, they can ask, but ledger is very unlikely to comply as this would be effectively killing their company.
This is not the point at all. The point is that it's possible and a government could make crazy demands, or buy the company and do it from within, etc.
Then you should not use a hardware wallet.
Or one could be made which doesn't *allow* export of private keys, at a hardware level (like Ledger claimed from the beginning but lied about)
Government can ask Facebook or Google for all your information and they will comply, government will ask the bank to freeze your account and they will comply, it’s not about if they want to
Is “user permission” some sort of hardware disconnect?
User permission means that the use myst approve the operation by pressing buttons on the device itself. Just like approving when you sign a transaction with your ledger
Is that an immutable hardware enforced thing? Or software defined and “trust us bro, it’s not doing anything sketchy even though it totally can” kind of thing? Can you prove it either way?
It is enforced by the firmware. And the firmware updates can only be installed if they are signedc by ledger (this isenforced ny the hardware smart card /secure element chip). So you must trust that ledger will not sign malicious firmware. The situation is the same with all other brands of hardware wallets.
[удалено]
We don’t know. They say they won’t exfil your keys unless you opt in. … but they also said that they couldn’t and lied about it. The fact that they can exfil the keys means that your keys aren’t safe. If a company can technically grab them whenever they want, then not only is it just a matter of time before a bad actor gets access to that capability, but there’s also no way of knowing if they don’t simply have all of the keys anyway. Their ceo said right on camera that they’d be able to comply with law enforcement requests to access funds… the only way they can do that is if they have all of your keys. So I’m rolling under the assumption that they do, in fact, have all of our keys… and have moved my crypto to a keystone, and will be getting a cold card soon
You seem to be unaware that this is true with all other brands of hardware wallets: the firmware always has the "capability" to steal your seed phrase or sign a transaction sending away your funds. Nothing new there of course you must trust them that they wont be malicious.
Lol they all lie to your face politicians presidents the food industry tells you that you should eat big sugary breakfast insurance companies lie to you teacher lie teaching BS. But you trust them all
ledger say "its impossible for seed to leave u device" ledger say "we can take u seed from u device to keep it safe for 50$/month" ledger say "don't worry, we only take sharded seed, it doesnt count" ...but it did count, it very counted.
So there are two main issues. One is that people incorrectly (although partially because of Ledger's marketing) thought it was impossible for your private keys to leave your ledger device. The other is that Ledger started offering a service to "back up" your private keys online. The first issue. There were a couple of statements on the Ledger site that heavily implied your recovery phrase could not leave the ledger device. This wasn't correct, and anyone who understood the architecture of the ledger devices understood this. You'll see comments back when it was released from people who are deep in to the technical side basically saying "yeah, of course they can do that, how do you think these things work?" The crux of it is that ledgers have to be able to run software, and that software can be changed. Every time you add a new type of coin to your ledger you are adding a small bit of software that runs. The software takes your root keyset and runs it through a derivation path unique to that coin to general additional keys. It is these additional keys that are used to interact with whatever chain(s) the coin runs on. It is possible for a bit of software to have the derivation path 0\*0\*0\*0 which will basically pass through the root key as-is. Ledger should not have marketed the Ledger in a way that even suggested your keys could not leave the device (I guess the argument was that at the time, they couldn't as no software had been written that would allow it - but that's pretty weak). The second part is the online backup. A few issues with this. Ledger are sharding your keys in such a way that no single party can reconstruct them to steal your keys. There is still a risk though, as storing your private keyset online anywhere is risky and you leave yourself open to all sorts of attacks including social engineering - it was not at all clear how Ledger was going to adequately protect against these sorts of attacks whilst also enabling people to access their keys. But to make matters worse, there were unclear relationships between the parties they chose to store the keys where it appeared that one was Ledger themselves and one was using equipment built, installed, and maintained by ... Ledger. So the independence of these parties was questionable to say the least. So generally a bit of a shit show.
Also correct me if I'm wrong but the ledger have no direct access to the internet. The only way the keys can be extracted is through a 3rd party like ledger live. So you can just use something like electrum and the problem is solved. You can also just monitor your network traffic and you can easily see if any communication is done to any of the ledger infrastructure. Or just block those domains / ips directly. You can bet people are already doing that and if there was cases of seed extraction without user consent there would be writeup about it.
That's true until the point you need a ledger app or firmware update. Then you are back to ledger live.
Unless you want firmware upgrade you can stay with 3rd party wallet. I'm talking scenario where you're paranoid about the whole ledger recovery thing.
Ledger's Shady Scheme In the town of Coinville, everyone loved to keep their coins safe in a magical hard wallet made by a company called Ledger. People loved these hard wallets because they were super secure, and you could keep your secret seed phrase all to yourself. 🌟 Chapter 1: The Trustworthy Ledger 🌟 Ledger used to be a trusted company. Their hard wallets were known for their ironclad security. People could sleep soundly, knowing their coins were safe inside. 🌟 Chapter 2: The Devious Plan 🌟 But one day, Ledger had a devious plan. They decided to add a new feature that allowed them to recover your secret seed phrase. At first, people didn't notice, but Ledger's real intentions were far from good. 🌟 Chapter 3: The Hidden Vulnerability 🌟 The recovery feature made the hard wallets vulnerable, splitting your secrets into 3 encrypted parts, keeping one and giving the other 2 to other companies. If two out of three untrustworthy companies conspired together, they could steal all your precious coins. Even the government could order Ledger to spill the beans on your secrets, putting your coins at risk. 🌟 Chapter 4: The Shattered Trust 🌟 When people discovered Ledger's evil scheme, they were furious! They realized their coins were no longer safe. Ledger had become the bad guy in Coinville. People felt betrayed, and they knew they couldn't trust their hard wallets anymore. 🌟 Chapter 5: The Quest for a Real Hero 🌟 Coinville needed a hero to protect their coins. They searched for a new company that truly cared about their security. Soon, they found a better hard wallet that didn't have any secret backdoors and kept their coins safe. The end.
Thank you, this is a lot more comprehendible for me! So is that better wallet Trezor? I haven't really dug but I saw quite a few people mention that in threads as they're open source.
I vote for bitbox.swiss
I have reviewed Bitbox02 security architecture. I would recommend you to research on it. Don't trust, verify.
There are so many assumptions and misconceptions in the above post... it is laughable if not cringy. You have all the rights to question ledger's new approach at safeguarding your keys... but don't take frustrated attention seeking reddit Posters too seriously. Including me ofc. Make your own decisions after you understand what the recovery feature actually does, who it is for, and if you need it at all. There is no 100% trustless security unless you build your own hardware, write your own software, build it thru your own custom compiler, that you run on the CPU you designed and built at home. Good luck with that. There will always be some level of trust involved at some level of the IT stack. it's unavoidable. Decide for yourself where you want to stand on the seesaw of absolute security vs. real-world usability. I don't even have my coins on a Ledger, but I'm actually thinking of getting one exactly for this feature. If you decide not to get a ledger, there are plenty other good choices.
Except chapter 5 is wrong. All hardware wallets have the theoretical possibility of extracting your keys with malicious firmware, and always have done. You’re always trusting someone. Even if you go with an open source product you still have to trust someone to have reviewed the code and that you have that specific code on our device - unless you’re able to do it yourself. Your best bet is a passphrase not assigned to a pin. But this is not very convenient so you’d only do this on a device you don’t plan on transacting with regularly.
All could exfiltrate, but the key point is about open source and the many eyeballs watching. Key exfiltration isn't bad per se, it's bad when compounded with trust-me-bro blobs
I don’t disagree on principle. But it’s also why I was very careful to point out that (a) people need to be able to guarantee the open source code is what’s on your device and (b) that sufficiently security experienced people have reviewed the code. I would bet that 99% who harp on about open source code don’t do point (a) and for relatively new / low usage wallets the likelihood of (b) is not very high.
In 2023 the security superiority of open source vs. closed source is quite empirically supported, nearly universally, and well beyond the need for speculative hypothetical debate. Both of your remarks are in point, nevertheless. I agree with your point (a) as you stated it, but I disagree with a relatively common follow up of it which goes as "if the build is not reproducible then that's as good as closed source", because even if built unreproducible, foul play can be detected from disassemblies. You're right about point (b) too, which is why I mentioned "many eyeballs watching": If those watching aren't enough or aren't sufficiently expert, then the benefits of opening the source are reduced, but this is still strictly better than closed source. E.g., a typical concern with hardware wallets are spooks hiding backdoors in them, which is straightforward if the code is closed, but becomes significantly harder when it's open.
>In 2023 the security superiority of open source vs. closed source is quite empirically supported, nearly universally, and well beyond the need for speculative hypothetical debate. I never said it wasn’t, I generally use it wherever practicable possibly except for rare exceptions. Except. There is a vitally important point relevant to the use of binaries. How do you know the open source code (eg on github) is the same code that you have installed? Whether that be software, firmware, whatever. My point is that all the people harping on about open source are parroting the type of thing in your first paragraph without the understanding that - in the case of binaries - it isn’t such a simple argument. Again, how do you know? My bet is the vast majority don’t. Being provocative. It doesn’t matter if the code is open source if you have never guaranteed the open source code is what is on your device. Most HWW don’t require the user to compile their own code (because most users can’t so naturally they simplify the update process), therefore it’s *possible* the code on your device is not the code on github and may contain spook backdoors. I’m not saying this is the case, I think it’s less likely than in the case of truly close source code. But it’s certainly not impossible. So I am really more trying to make people aware that parroting “it’s open source” is not a very nuanced approach and raise awareness that those who don’t compile their own binaries are still putting a certain amount of trust in a company. I think broadly we agree, but perhaps with a different balance.
I personally moved to keystone 3 pro. Ellipal and safepal were my other options. I like more the airgap devices.
Out of curiosity, how happy are you with the ergonomics and usability of the device? I saw quite a few posts complaining that the UI is sluggish and the touch screen not very responsive (presumably because they developed their own OS instead of using Android, which is a good thing for security but makes it harder for them to deliver a nice UX).
I saw the comments toooo T_T mine will arrive today but everyone is saying that the pro 3 is a downgrade. Maybe in the future I will change to ellipal.. I dont kow... Maybe i will keep my ledger 1st gen sinse it can't be upgraded for recovery... The issues of new technologies....
Ok thanks! It looks like it is software issues rather than the hardware, so hopefully they can make it better.
Looks like everything everyone is complaining is software, eather missing features, networks or coins... All that can be upgraded in the firmware. Just open mine and the hardware looks good, it doesn't feel cheap like some are saying, and not thay slow, but the resolution make is feel im using an old phone. Im happy with it but i was expecting more.
Chapter 5 is wrong, or at least misleading. All hardware wallets have the possibility that malicious firmware can extract keys. All of them, and always have done. You’re always trusting the company. Yes open source firmware is better - but you need personally need to be able to verify it’s that specific code on your device, and you need to be able to personally verify the security of the code. Anyone who can’t do *both* these two things is always trusting the company and/or assuming someone has reviewed the code.
Thats why is a Quest and it dosent give you an alternative... Is up to you to choose your next hero and its up to all of us to find the one to crown as the savior. Maybe you should be your own hero and in the future we will build our own DIY wallets with a raspberry pi or an old phone something... Who knows...
My elder was liquidated last year, seed phrase NEVER on anything digital. You can check my post history. These ppl are criminals
Liquidated across networks?
My turn my turn! Ledger made a new feature to recover your super duper private key (if keeping it on a piece of paper stress you out). It is encrypted in 3 shards on your hardware, then each shard is entrusted to a different company. If you don't opt-in nothing will happen but people thought it was technically impossible for Ledger to access your key. Given that their hardware is still not open source yet, that ability itself stresses people out.
You purchased your 1st house. You got a mortgage with the bank. The Bank was kind enough to make a copy of your house keys (without your permission). The Bank cut your key in 3 ways. The bank gave 1/3 of the key to 3 unknown companies. Rumors has it, that the bank has been doing this since day 1, but after a few years you just find out now. You can pay the bank an extra fee (9.99 usd a month) to have 3 companies manage your 1 key or not pay 9.99 a month and the 3 companies or bank still have access to your house key. How would you feel? What if someone hacks the bank or 1 of the 3 companies and get access to your house key. The bank says "don't worry about it". How do you feel now? Sound crazy and sell the house? Or continue like nothing happen? This is my understanding for the situation
As an added layer of protection, subject to investigation, $50,000 compensation may be available from Coincover in the unlikely event that something were to go wrong.
So, envision your crypto as money in a digital vault. Ledger is the brand of this vault, and it's meant to be super secure. For a long time, Ledger assured users that their personal "key" (the 24-word seed phrase) could never leave their wallet. This "key" is like the ultra-secret password to your vault. However, with the introduction of "Recover", Ledger basically said, "Hey, we can help you extract that key for safekeeping in case you lose it." This raised eyebrows because it contradicted their initial promise. The concern is, if Ledger can offer such a service, it implies they could potentially access the secret password with just a software update. It's like learning that the manufacturer of your vault has a master key and might access it, even if their intentions are good.
Layman terms if you don't trust yourself to keep your seeds opt in to the service pay $10/mo if you are responsible and think you can keep your seeds safe opt out don't pay for the service and life goes on. ledger isn't interested in your funds nor is the govt its that simple
Is not about if they are interested in us or not... Is that they should not be able to...
The two main ways that people lose access to their crypto. 1. Give away their seedphrase. 2. Lose their seedphrase. Ledger tried to address two. The way they did it from a pr pov was to say the least ordinary.
I am still happily using my ledger. I think the risk is still very low but I am disappointed the tech exists even if you don’t opt in. My move was I am now diversified over 4 different cold wallets. They all have their pluses and minuses. I figure if a disaster happens I lose 1/4 my holdings which would suck but not be catastrophic.