Developers say third-party apps can’t access Ledger users’ keys without the device owner’s consent.
On May 18, crypto hardware wallet provider Ledger clarified how its firmware works after a controversial May 17 tweet was deleted by the company. The deleted tweet, which Ledger said was written by a customer support agent, had stated that it was “possible” for Ledger to write firmware that could extract users’ private keys.
[1/3] You may have seen a tweet from our Ledger Support account being shared regarding Ledger firmware updates.
Unfortunately, in our attempt to clarify how Ledger and all wallets work with the firmware, a customer support agent posted a tweet with confusing wording. https://t.co/cL6UrBzxWr
— Ledger Support (@Ledger_Support) May 18, 2023
Ledger chief technology officer Charles Guillemet clarified in a new Twitter thread that the wallet’s operating system (OS) requires the consent of the user anytime “a private key is touched by the OS.” In other words, the OS shouldn’t be able to copy the device’s private key without the user’s consent — though Guillemet also said that using a Ledger does require “a minimal amount of trust.”
The original tweet from Ledger customer service stated, “Technically speaking, it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware whether you knew it or not.”
The tweet ignited a firestorm of controversy on Twitter, as many users accused the company of misrepresenting the security of its wallet. Critics shared an alleged Ledger post from November that stated, “A firmware update cannot extract the private keys from the Secure Element,” implying that the company contradicted itself.
Though the deleted tweet fueled the controversy, the matter first sparked on May 16, when the company unveiled a new “Ledger Recover” service that allows users to back up their secret recovery phrase by splitting it into three shards and sending it to different data custody services. The deleted tweet was in response to the release of the new feature.
Nov 2022: A firmware update cannot extract the private keys from the Secure Element — Ledger
May 2023: Technically speaking it is and always has been possible to write firmware that facilitates key extraction — Ledger@Ledger, do you now understand the problem? pic.twitter.com/czG53SuCOu
— olimpio (@OlimpioCrypto) May 17, 2023
The new Twitter thread from Guillemet states that the wallet’s firmware, or OS, is “an open platform” in the sense that “anyone can write their own app and load it on the device.” Before being allowed on the Ledger Manager software, apps are first evaluated by the team to make sure that they aren’t malicious and don’t have security flaws.
According to Ledger, even after an app is approved, the OS does not allow it to use the private key for a network it isn’t made for. The company raised the example of Bitcoin apps not being allowed to use the device’s Ethereum private keys and vice versa for Ethereum apps and Bitcoin keys. In addition, every time a private key is used by an app, Ledger says the OS requires users to confirm their consent to use the key. This seems to imply that third-party apps installed on Ledger shouldn’t be able to use a person’s private key without the user first consenting to its use.
Guillemet also confirmed that this system is part of the current OS, which could theoretically be changed if Ledger were to become dishonest or if an attacker were to somehow gain control of the company’s computers:
“If the wallet wants to implement a backdoor, there are many ways to do it, in the random number generation, in the cryptographic library, in the hardware itself. It’s even possible to create signatures so that the private key can be retrieved only by monitoring the blockchain.”
Related: “Trusted” marketplace sold fake Trezor hardware wallets stealing crypto
Yet, the Ledger chief technology officer dismissed this concern, stating, “Using a wallet requires a minimal amount of trust. If your hypothesis is that your wallet provider is the attacker, you’re doomed.” He went on to say that the only way users can protect themselves against a dishonest wallet developer is to build their own computer, compiler, wallet stack, node and synchronizer, which the executive said is “a lifetime journey.”
Rival hardware wallet provider GridPlus has offered to open-source its firmware in an attempt to attract Ledger users. On the other hand, Guillemet stated that open-sourcing firmware would not protect against a dishonest wallet provider since the user would have no way of knowing whether the published code was actually running on the device.
Magazine: Joe Lubin: The truth about ETH founders split and ‘Crypto Google’