Ledger’s mission is, and will always be, to provide our users with the right tools to own their digital value securely.
We have decided to accelerate our open-sourcing roadmap to bring more verifiability to everything we do.
A thread 🧵
🚨 The Ledger Donjon (
@DonjonLedger
), our team of security experts, likely avoided one of the biggest hack in the history of crypto by finding a critical vulnerability in
@TrustWallet
’s browser extension last November
What happened? Unfurl for a thread 🧵
1/
I’ve read several misconceptions about how a wallet works. It seems some people thought there is some magic, let me explain how it works.
A thread 👇
Fun fact about Taproot:
Taproot is a
#bitcoin
upgrade which will occur at block
#709632
, ie. in Nov 2021
It brings several new innovations and features but one of them is especially interesting: Schnorr Signatures.
Let me tell you the brief history of asymetric cryptography 🧵
I’m pleased to tell you that Ledger’s next-generation device, Ledger Stax, is starting to ship to pre-order customers now!
It took longer than anticipated but we’re sure you’ll agree it’s worth the wait. Here’s why🧵
🚨Bitcoin full node is now available on
@Ledger
Live 🚨
It's now possible to have
- the security of Ledger Nano devices
- the great UX of Ledger Live
- and the privacy of your own full node
Thread.
[1/n]
Managing long crypto addresses complicates your experience and increases transaction error risks.
🚨That’s why I’m glad to announce that
@Ledger
Live & hardware wallets are now compatible with
@ensdomains
.
PS: charles.eth is not mine, don't send me money :)
Ledger Recover is our upcoming and optional service for users who want a secure backup of their Secret Recovery Phrase. Do you want to learn more about the onboarding process and specificities?
A thread 🧵
Heard today during an internal presentation about
#Bitcoin
multisig:
"Bitcoin guys are so obsessed with destroying the environment that they had to remove the 'nature' in 'multisignature' " 🤣🤣🤣
📰Today, we are publishing the Ledger Recover White Paper, a key step in allowing anyone to audit the cryptographic protocols.
This builds on the over 150 apps and other open-source enablement Ledger has already implemented.
Don’t trust, verify.🧵
🚨 0-day, 0-click vulnerability exploited in the wild on last version of iOS. You receive an image on IMessage, you don't do anything, the attacker has full access over your iPhone.
He can spy everything you do, extract all your data, including your crypto keys if you use a
As promised, the
#Bitcoin
app supporting miniscript is released before the end of 2022 😉
Go to
#ledger
live and upgrade your
#btc
app.
More info on miniscript here
Would be great to have minscript supported on other wallets!
Kudos to
@salvatoshi
.
📣 Ledger is the only Hardware wallets vendor supporting Taproot as of today🎉
@salvatoshi
wrote a great blogpost introducing
#Bitcoin
app 2.0.0 launched right before the
#Taproot
update. But the new app is not only about taproot – there's much more
1/n👇
Passwords are:
1) Secrets
2) Which can be rotated
Biometrics are public (like usernames), not passwords
Have fun rotating your fingerprints
Biometrics do not protect critical data
Dans le taxi pour l'aéroport : "ah je sais, vous étiez au truc Bitcoin, j'ai croisé un collègue à vous avant, il m'a fait installer Brave et il m'a dit que Bitcoin allait tout changer"
😁
Don't try to be creative when it comes to securing your crypto.
- Get a hardware wallet.
- Generate your seed on it.
- Write down your backup and store it in a safe place and never share it.
- Always verify what you sign on the trusted display.
Basic, simple.
Unfixable vulnerability found on Intel chips. The ROM of CSME is vulnerable which breaks the root of Trust.
"The vulnerability allows extracting the Chipset Key and manipulating part of the hardware key and the process of its generation."
30 years after this patent, Schnorr Signatures will be used in one of the largest scale application:
#Bitcoin
It's a great news, but we lost 30 years because of a silly patent.
/fin
The
@Ledger
team is in Prague for BTC Prague with
@adam3us
!
I love the meme recalling Ledger devices have the best Bitcoin support on Hardware wallets!
#miniscript
The
@Ledger
Donjon proudly presents Scaffold: an open source electronic motherboard
It’s made to evaluate the security of integrated circuits and embedded platforms.
Clone it, Fork it, Star it!
Scaffold Github:
Learn more:
Open-sourcing has always been at the core of our roadmap, and recent events emphasize the importance of accelerating our initiative to bring greater verifiability to everything we do at Ledger.
Securely yours.
22/
If you want to be completely trustless, you'll have to learn electronics to build your computer, learn ASM to build your compiler, then build a wallet stack, your own node and synchronizer, you'll have to learn cryptography to build your own signature stack.
That's a big deal! From now optmistic rollups don't present real upsides and should move to a validity model to get faster finality and better security guarantees.
I'm genuinely impressed by the polygon team. The project was among the first to offer a successful scalability
Releasing the Type-1 upgrade to the zkEVM prover, the next generation of Polygon’s proving tech. It can generate proofs for any EVM chain—sidechain, optimistic rollup, even Ethereum itself.
When proving Ethereum mainnet blocks, avg per-transaction costs are $0.002 - $0.003.
That sounds a real breakthrough for building L3 (and more) at a cheaper cost. "The cost of proving a step of a program is proportional only to the size of the
circuit representing the instruction invoked"
The future is promising for ZK-Rollups!
We're officially working on the support of
#Bitcoin
Miniscript on
@ledger
devices 🙌
@salvatoshi
wrote a comprehensive post explaining what is Miniscript and how we plan to support it. 👇
Is Quantum Computing a threat to Bitcoin, Ethereum, and crypto?
Hint: it doesn’t keep me up at night. 😉
Check out my latest article, where I delve into the potential dangers and explore possible solutions.
🚨 We just released our Ethereum plugins framework on
@Ledger
Nano devices
It allows to have a smooth and secure UX when you interact with smartcontracts.
Thread
[1/5]
FINAL TIMELINE AND UPDATE TO CUSTOMERS:
4:49pm CET:
Ledger Connect Kit genuine version 1.1.8 is being propagated now automatically. We recommend waiting 24 hours until using the Ledger Connect Kit again.
The investigation continues, here is the timeline of what we know about
We recently open-sourced our cryptography library (which is part of our OS), and we will publish the whitepaper of Ledger Recover very soon, allowing everyone to audit the cryptographic protocols and enable people to build their own shards backup provider.
As you might know, your Ledger devices use a smartcard chip (a Secure Element), implementing tons of hardware countermeasures enabling resistance against high potential attackers even with physical access.
We’ll gradually open source most of our Operating System, starting with Ledger Recover, to make it fully auditable.We’ll release Ledger Recover Product as soon as this firmware part of the code will be published.
Yesterday I freaked out about the revelation that
@Ledger
could spit out your private key with a firmware update.
Yet I noticed the smartest people were not freaking out. Was I missing something?
I spent the evening educating myself, and now I'm in the "nvm it's fine" camp.
That's a BOLD move ($100s of millions)! 🧵
Designing an IC, even a relatively simple one, in the latest technology nodes is capital intensive. For Bitcoin mining, IC designs are relatively simple because they consist in implementing high throughput SHA256 functions. You have to
5/
This number can be put into human readable form (24 words) using BIP-39 standard.
That is your Secret Recovery Phrase.
This is what you write down and should NEVER share with ANYONE, including Ledger.
Ledger does not have access to it, including if you use Ledger Recover.
If you're using a software wallet, this new 0-day actively exploited on Chrome could allow an attacker to drain your wallet.
Hardware wallets protect against such exploits.
We strongly believe in open source. It’s one of our core values, a great philosophy that advocates openness, and verifiability. Open source allows developers and security experts to review the code and ensure it is secure and not malicious.
We already conduct internal and external security audits. But, open source means you minimize the level of trust. That’s why we have decided to accelerate our open-sourcing roadmap.
It's great to read a positive, well researched article on Bitcoin make the front page of Le Monde (
@lemondefr
) a reference media. A change in the perception of Bitcoin is ongoing. It was a pleasure to contribute to this piece! Thanks
@marcangrand
The Trust Wallet extension’s vulnerability allowed an attacker to drain all the wallet funds… without the owner even touching theur device.
By knowing an account address, a hacker could compute its private key, and then access all its funds.
Today, as part of our commitment to accelerate our open source roadmap for verification, we are publishing the first two of our six-blog series titled "The Genesis of Ledger Recover",
Part 1:
Part 2:
20/
If the wallet wants to implement a backdoor, there are many ways to do it, in the random number generation, in the cryptographic library, in the hardware itself. It’s even possible to create signatures so that the private key can be retrieved only by monitoring the blockchain
27/
TL;DR:
A hardware wallet is mostly used as a signing device
It generates and safeguards your private keys.
Your private keys never leave the hardware wallet. Whenever they are used, your consent is requested.
📣We basically implemented a DApps browser within Ledger Live bridging the security🔒of Ledger ecosystem to the unicorns🦄 of DeFi!
Our pilot project is the integration of paraswap in
@Ledger
Live.
Here's how we did it.
Thread 🧵[1/5]
After the FTX earthquake, there's a massive outflow from exchanges to
@ledger
security and self sovereignty solutions ✊
We see a massive usage of our platforms and had a few scalability challenges this night. It should be resolved now.
Attention 📢
Our server outage has been resolved and all systems are operational.
Should you have any issues persist, please let us know and we'd be happy to help.
We appreciate your patience and understanding!🤝
@AuroreLalucq
Utiliser l'argument de la lutte anti-blanchiment, le financement du terrorisme et de la lutte contre la pedocriminalité est de nature à pouvoir justifier toute atteinte à la liberté. C'est un peu le point Godwin du débat.
En la matière, ce type de réglementation est dangereux...
2/ A hardware wallet is mostly used as a signing device.
Your private keys are central to everything, and hardware + firmware work hand in hand to protect it.
Let’s review some fundamental cryptography about all hardware wallets, not just Ledgers.
21/
And open source doesn’t really solve this. It’s impossible to have guarantees that the electronic itself is not backdoored, nor that the firmware that runs inside the wallet is the one you audited.
Ghost In the Wireless, iwlwifi Edition.
Nicolas Iooss (
@IooNag
) is presenting the research he did with Gabriel Campana from
@DonjonLedger
team on Intel Wi-Fi chips at
#blackhat22
. They did a complete reverse of the firmware and found several critical vulnerabilities
Live 🧵👇
The Ethereum mainnet has been successfully merged. The merge is now *finalized* and the chain is now Proof of Stake chain.
Historical moment for the whole ecosystem. The transition was smooth without pausing the network, without losing any transaction.
Well done Ethereum!
A new version of the
@Ledger
#Bitcoin
app is out.
Ledger continues to have the top-notch support of Bitcoin enabling new usecases.
This version implements the full support of miniscript on taproot!
It's a perfect opportunity for devs to build on top of Ledger.
Congrats to
Want to build a cheap and DIY EM Fault Injector? Have a look at the latest article from the
@DonjonLedger
.
With this setup, it's possible to extract secrets from general purpose MCUs
I've been often asked what I think about MPC.
In short, my take is the following:
1) First, we're talking about Threshold Signature Scheme. For some reasons, the different players markets "MPC" rather than "TSS"
2) Some of the players used marketing fallacies that discredited
Smartcard technologies also allow a root of trust, enabling the secure element to prove they are genuine and not tampered, thus can be trusted even in complex supply chain scenarios.
Ok, we start to see Malware targeting software wallets. We might see the first waves of attacks draining software wallets at scale.
You're one (bad) click away from losing your crypto. (or maybe zero-click btw).
Most of our products are already open source. Many developers contribute to Ledger Live, Ledger devices, and more. Together, we built over 150 open-source apps that run on our different devices.
Canada's government is using Pegasus-like software to spy on people.
Btw, if you're targeted and are using a software wallets or centralized custodian (exchange), they can also drain your wallet.
Self custody. Get a hardware wallet.
If ever you own crypto in your browser, in Metamask for instance, you might want to switch off your computer.
This 0-day is currently exploited in the wild.
3/ Asymmetric cryptography.
Protocols such as
#bitcoin
and
#ethereum
use an algorithm called Elliptic Curve Digital Signature to essentially prove ownership over a public address.
It’s practically impossible to retrieve the private key knowing the public key (thus asymmetic)
Insecure implementation of Bitcoin (Blockchain) transaction signatures can potentially enable attackers to extract your private keys simply by observing the chain.
This paper describes another variation of ECDSA nonce attacks.
1/ My take on Shamir Secret Sharing
SSS is an elegant method to split a secret into n shares such that:
- Any quorum of k (<= n) shares are enough to reconstruct the secret
- Any quorum of m (< k) shares gives NO information on the secret
[ex of quorums k=2, n=3 or k=3,n=5]
Important take: current blockchains are not scalable. This needs to be solved or this isn't going anywhere.
The last cycle was mostly around Ethereum killers. None of them really succeeded in offering scalability and decentralization.
In the next cycle L2s will play a central
Let’s first clarify something key: Ledger Recover is a service that you can choose if you want to use it. There is no auto opt-in with firmware updates.
Ouch! 🚨
UK is being isolated from the rest of the world. Facetime, iMessage, WhatsApp and Signal are pulling their product out of the UK following the UK government bill.
📝 My yearly retro for 2023 and predictions for 2024 -
We find ourselves in the blockchain revolution’s “broadband moment” characterized by a scalability race, a critical step before mainstream use cases emerge.
My latest article is divided into two sections, each exploring
The next halving is in 168 days. The
#bitcoin
reward will be divided by 2.
That means at a given hashrate, it will cost 2x more to mine 1 BTC.
However, miners continue to invest.
Either they bet the energy will cost 2x less or that Bitcoin price will be more than 2x...
For the future, we're working on a plugin mechanism for ETH app allowing easier smartcontract interaction implementation. We're also thinking about a better UX for blind-signing. It will be announced soon. Stay tuned.
[8/n]
Yet another variation of Spectre and Meltdown that bypasses current mitigations. And guess what? SGX is also affected.
The vulnerability basically allows an attacker to spy on other processes and steal (secret) data.