Ledger Co-Founder Flag Security Risk In Open Source, Refutes Charles Hoskinson
Ledger co-founder Eric Larchevêque clarified that there is no “backdoor” in the latest Recover firmware update. The Ledger controversy attracted comments from notable leaders and blockchain experts from the crypto community including Cardano founder Charles Hoskinson who claimed that open-source software is always better than closed-source.
However, Ledger co-founder refutes Charles Hoskinson’s claims and red flags open source due to elevated security risks.
Ledger CEO Refutes Cardano Founder Charles Hoskinson
On Friday, Cardano founder Charles Hoskison in response to the Ledge controversy said he always choose open-source software whenever possible, saying that “security comes from simplicity.”
“People buy hardware wallets to maximize the personal security of their funds. They don’t buy them for daily use or expect an equivalent user experience to hot wallets.”
Ledger co-founder Eric Larchevêque took to Twitter on May 20 to further clarify security aspects of closed source, open source, and chain of trust in a hardware wallet. Ledger is a hardware wallet with closed-source firmware.
He claims open-source wallets come with regular hardware but less security, while close source with secure elements, allowing higher level of security. A supply chain attack can happen when plugging the hardware to flash the firmware, while “holographic seal” mitigated some risk it’s not efficient to prevent attack at manufacturer level.
Also Read: Ben and Psyop Creator Threatens With Class-Action Lawsuit
A master key from the manufacturer, implanted in the secure element at the factory level, can cryptographically prove interacting with the real chip. This cannot be used with open source as the master key would obviously be revealed during compilation.
“This means that using an open source HW, you must trust that the manufacturer will not put a backdoor in the electronics, and using a closed source HW you must trust that the manufacturer will not put a backdoor in the firmware.”
He believes security is always a matter of trade-offs and hardware wallets require that trust. Users could do critical mistakes or update hardware with rogue firmware.
Amid the Ledger Recover controversial firmware update, hardware wallet provider such as GridPlus decided to open-source its firmware. But Ledger CEO believes bad actors could gain access to these due to being open-sourced.
Also Read: Chainlink VRF Is Live On Arbitrum One, What It Means For Crypto Industry?
- Senators Reaffirm Commitment to Market Structure Bill After Meeting with Coinbase, Ripple
- How the Crypto Market Could React to the Next Fed Meeting on October 29?
- $1.68 Trillion T. Rowe Price Files for First Active Crypto ETF Holding BTC, ETH, SOL, and XRP
- Standard Chartered Predicts Bitcoin Could Drop Below $100K Amid U.S.–China Trade Tensions
- Rising Demand for Verifiable Crypto Ownership Drives Launch of Trezor Safe 7
- XRP Price Classical Pattern Points to a Rebound as XRPR ETF Hits $100M Milestone
- Chainlink Price Eyes $27 Rebound as Whales Accumulate 54M LINK
- Pi Network Price Wedge Signals a Rebound as Key Upgrades Raise Utility Hopes
- Solana Price Eyes $240 Recovery as Gemini Launches SOL-Reward Credit Card
- XRP Price Prediction Amid Evernorth’s $1B XRP Treasury Plan – Can XRP Hit $5?
- Ethereum Price Targets $8K Amid John Bollinger’s ‘W’ Bottom Signal and VanEck Staked ETF Filing