Cardano founder lists 6 key insights on the Ledger wallet controversy
In the world of cryptocurrencies, security, and trust are paramount.
This week’s Ledger ‘backdoor‘ controversy has raised concerns among crypto traders and investors regarding the safety of their digital assets. Charles Hoskinson, the founder of Cardano (ADA), one of the leading blockchain platforms, took to Twitter on May 19 to weigh in on this issue and share his valuable insights.
Hoskinson’s first piece of advice is to prioritize open-source software that undergoes regular audits by multiple sources. Open-source software allows for transparency and scrutiny by the community, minimizing the chances of hidden vulnerabilities or malicious code. Regular audits provide additional assurance of the software’s security, making it a crucial consideration for crypto users.
The second principle emphasized by Hoskinson is that security stems from simplicity. He suggests designing hardware wallets with the smallest possible footprint, reducing the attack surface and making it more challenging for malicious actors to exploit vulnerabilities.
Additionally, non-updateable firmware is crucial for hardware wallets. The billionaire cited Yubikey, a popular security device, as an example. Yubikey’s firmware is not upgradeable, ensuring that the device adheres to specific security promises made by the company.
He noted:
“While it would be difficult to replicate this idea for cryptocurrencies. Decentralizing the process of updates would greatly enhance security.”
With respect to the Ledger controversy, I say the following:
1) always choose open source software whenever possible that has been audited by numerous sources on a regular basis
2) security comes from simplicity- Design the smallest possible footprint
3) non-updateable…
— Charles Hoskinson (@IOHK_Charles) May 19, 2023
Security of hardware wallets
The Cardano founder reminds us that hardware wallets are primarily intended for maximizing personal security, “they don’t buy them for daily use or expect an equivalent user experience to hot wallets.” Users opt for hardware wallets because they guarantee that private keys remain isolated and protected on tamper-resistant hardware.
He added:
“The hardware wallet space is the most extreme example of self custody. We could just as easily PGP encrypt some seeds and leave them in Gmail. We choose to use hardware wallets because they guarantee that the private keys stay in one place on hardware that’s hard to tamper with.”
Lastly, Hoskinson emphasized the importance of not breaking social contracts. Trust is the backbone of any secure system, and the crypto community relies on the integrity and commitments of companies that provide hardware wallets. Upholding promises, security guarantees, and ethical practices is vital for maintaining trust and ensuring a secure environment for users.
Ledger Recovery
Notably, the feature Ledger Recovery, an ID-based private key recovery solution, would enable users to immediately backup their private seed phrase to their personal identification through three distinct custodians.
Ledger Recover is an optional subscription for users who want a backup of their Secret Recovery Phrase. You don’t have to use it, and can continue managing your recovery phrase yourself if that’s why you bought a Ledger.
— Ledger (@Ledger) May 16, 2023
In spite of the fact that the firm has repeatedly said that this is an optional service and that customers may continue to back up their seed phrases on their own, owners of Ledger hardware wallets are nevertheless concerned about the implications of this development for the security of the wallet.