Saturday, 15 September 2018

A few concerns with the security of using a Ledger hardware wallet: Proprietary secret closed-sourced firmware requires too much trust in multiple third parties.

I have a few concerns about the Ledger hardware wallets and am hoping to generate some discussion about these, being that a huge percentage of the Bitcoin community relies on these devices to store their coins. I think this is extremely important and should be addressed and fleshed out thoroughly, once and for all.

1) The Ledger company admits that part of their device is not open source (proprietary firmware) and that the code of the closed-sourced tech cannot be published due to non-disclosure agreements with the manufacturing company protecting the proprietary and secret technology. Huge security flaw. Seems like they could publish the code if they wanted and simply scramble the proprietary info. But even if they did, the hardware itself would still need to be audited.

2) To my knowledge, there has never been an independent audit performed on the Ledger's code or hardware by a third party. Is anyone aware of such an audit?

3) The Ledger CTO has said that using their device inherently requires the user to place some degree of trust in the Ledger team. So, not only does a user need to trust the Ledger team, but a user must trust the unnamed manufacturer of Ledger's closed-sourced chip, and trust that it is not compromised during the manufacturing stage, via a backdoor or covert transmitting mechanism, etc. Being that it is closed-sourced, it's also impossible for security professionals to verify with certainty whether there is an unintentional security flaw in the code.

4) It is impossible to be sure that the private keys and seed words generated by the Ledger are actually 100% randomized. Meaning, the Ledger team could have a database of pre-generated keys and seeds that the wallet pulls from. Ledger does allow you to generate your own seeds or important your own, which is great, but it's impossible to verify that your seeds or private keys are not being transmitted to a third party via the proprietary hardware.

As I said, being that so many people use Ledger's products, I think this is an extremely important issue that should be discussed thoroughly, from a technical aspect.

Should we really be placing trust in Ledger and its unnamed manufacturer (which is likely a Chinese company), being that they are using propriety closed-soured hardware and code to allegedly protect our coins? If so, why? Explain the pros/cons of trusting the Ledger team and another anonymous company.

To me, it seems that using a completely open-sourced wallet such as Electrum or Mycelium, which have been thoroughly vetted and independently tested and are completely trustless (aside from trusting the general consensus of the community that has vetted the code), would be more secure than using a Ledger.

What are your thoughts?

submitted by /u/Untranslatable_Nergy
[link] [comments]

source https://www.reddit.com/r/btc/comments/9fysdk/a_few_concerns_with_the_security_of_using_a/

No comments:

Post a Comment