Edit: Look at this, if you're out of the loop with Ledger
When I was doing due diligence before using software/hardware/Smart-contract multi-signature wallets, I looked at at least a few basic criteria: * Open source * Battle tested * Self-custody * Audited (ideally even formally verified)
And all wallets I use adhere to these criteria. If one takes self-custody seriously, IMO having these criteria is essential and it becomes basic hygiene. The main idea behind these criteria is to minimise trust assumptions and to replace what's left over with verifiable trust.
Almost everyone using these Wallets isn't going to read the full source code and build everything themselves from scratch and audit it themselves. If they did, they wouldn't have to trust anybody, but that's just impractical. But given that it's possible for many people to look at the source code etc., the possibility of malicious or unintentional problems is minimised.
Now to Ledger. Ledger isn't open source. That mean, when you use it, you prevent verifiable trust and buy in back into normal trust. This can be fine depending on what your circumstances are. But you should then know, that you're trusting Ledger there. But people already trusting ledger to do the right thing in the firmware shouldn't strictly speaking complain about the seed shard sharing issue, right? If you trust ledger to do stuff correctly in the closed source software, then you also trust them for the shards to be only extracted when you actually use the service. And you also trust them, that the keys can't be extracted with physical access to the Ledger or via USB attack vectors.
If people complain about this, then it maybe shows that they actually didn't want to trust ledger that much. Maybe they didn't know, that ledger wasn't open source? Who knows. I was always suspicious when ledger was so highly recommended besides trezor - given it's closed source nature. Being open source also invites community discussions - which is when it would have been thoroughly discussed, if trezor wanted to add such a feature.
Edit: After some comments, I realise that the marketing over the years of Ledger was really about how the seed phrase is not extractable after creation. This is false now and makes ppl angry. I was missing this in the above analysis. But even then, my point with closed source + trust stands. Only when there is trust, can it be violated.
There have been many discussions towards alternatives. Aside from using open source HW wallets such as Trezor and OneKey, one can also the following two wallets: * https://airgap.it, just use an old phone. Make it offline only. QR codes to communicate txs. Cheap and easy DIY. Haven't tried myself though. * Multi-signature smart contract wallets. Gold standard in ethereum is https://safe.global. They have great stuff like multi-sig (DIY 2FA), key-rolling, shared ownership, no single-point-of-failure, open-source, audited, battle-tested AND formally -verified. IMO this is underrated, but so good.
What do you think? Do you agree or disagree with my analysis? And why?
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments