Bankless - Is Ledger Safe? with CTO, Charles Guillemet
Episode Date: May 17, 2023Ledger has been the center of attention since the announcement of their new “Recover” feature which has brought into question how secure our Ledger devices actually are. Charles joins us to walk... through how exactly this recover feature functions, breaking down how a Ledger actually functions, and possible paths moving forward. ------ 📣 CONSENSYS | DILIGENCE FUZZING https://bankless.cc/diligence-fuzzing-pod ------ 🚀 Airdrop Alpha is waiting for you on Bankless.com https://bankless.cc/Alpha ------ BANKLESS SPONSOR TOOLS: 🐙KRAKEN | MOST-TRUSTED CRYPTO EXCHANGE https://k.xyz/bankless-pod-q2 🦊METAMASK LEARN | HELPFUL WEB3 RESOURCE https://bankless.cc/MetaMask 👾STADER LABS | ETHX LIQUID STAKING https://bankless.cc/Stader ⚖️ ARBITRUM | SCALING ETHEREUM https://bankless.cc/Arbitrum 🗣️TOKU | CRYPTO EMPLOYMENT SOLUTION https://bankless.cc/Toku 🎮IMMUTABLE | GAMING ECOSYSTEM https://bankless.cc/Immutable 🛞MANTLE | MODULAR LAYER 2 NETWORK https://bankless.cc/Mantle ------ Topics Covered 0:00 Intro 6:21 Ledger's Recover Service Overview 18:40 Is Ledger Recover Forced or Opt-In? 23:07 Dissecting a Ledger Device 29:41 Can Firmware Reveal Private Keys? 36:54 A Social Contract With Ledger 42:31 Assurance Of No Back Door 51:16 2-Part Firmware Solution? 57:42 Will Ledger Forget About Us? 1:02:46 Closing and Disclaimers ——— Resources: Charles https://twitter.com/P3b7_ Ledger https://twitter.com/ledger ---- Not financial or tax advice. This channel is strictly educational and is not investment advice or a solicitation to buy or sell any assets or to make any financial decisions. This video is not tax advice. Talk to your accountant. Do your own research. Disclosure. From time-to-time I may add links in this newsletter to products I use. I may receive commission if you make a purchase through one of these links. Additionally, the Bankless writers hold crypto assets. See our investment disclosures here: https://www.bankless.com/disclosures
Transcript
Discussion (0)
Bankless Nation, a special bonus episode for you today. And I think an important one, we have a
ledger on the episode today. The question in our minds, are the private keys safe? We have the
chief security officer of Ledger, and we ask him that question, along with a number of other
questions related to this new recovery product that they just launched. David, who's on the episode
today? We have Charles Guillaume, who we've actually recently had on the podcast. He taught us
how to properly spin up a private key.
So Charles does know a thing or two about hardware wallets and how to secure a private key.
And so today I think we actually learned quite a lot about what is actually under the hood of a
hardware wallet and what is the fundamental nature of a hardware wallet.
I think this is a conversation that the entire industry is working through right now.
And I think this episode will be very, very useful to understand exactly the topics of
discussion that we are having, both in public and on this episode.
Before we get there, though, we're going to talk about our friends and sponsor at Consensus,
because they have a brand new product. This one's for all the devs out there. A cool new code
auditing tool with a sick new name, diligence fuzzing. Ever thought about that, Ryan?
Diligence fuzzling? No. For smart contracts, dillity devs, auditors, and enterprises who are engaging in Web 3 that need to ensure their smart contracts are secure before proceeding to main net.
Diligence fuzzing is an audit-grade security tool that serves for the most automated way to
test code and find vulnerabilities without having to host their own infrastructure and writing
complex testes. It's just you just try all this. You try to, try to break it basically. That's
what fuzzling. Yes. Yeah. So the idea is what is fuzzling. You set some parameters that are
incorrect and correct as outputs. And then you throw an infinite number of numbers in as inputs. And if
they ever comes out as an invalid, you can kind of test it. That was my non-devi way of explaining
this. You got to fuzzle. People who needed to have fuzzing explained to them did not
need this product.
This one's for the devs.
So diligence fuzzling is just an extra layer of protection for your smart contracts.
In addition to and beyond typical code audits, there is a link in these show notes to get
started if you want to get started doing your diligence fuzzling by robots.
Well, you know what?
We're going to do some ledger fuzzling right now because we are ledger fuzzling.
Yeah.
And so we are recording this intro after we've already done the episode with Charles from Ledger.
And so I think it was a fantastic episode myself.
I'm really interested to hear what the community thinks.
This is an education episode.
We asked, I think, some difficult questions of Charles at Ledger, and he gives
his responses.
I do feel like we did get down to the bottom of it.
Like, we got down to the root of the problem.
I personally feel like I have closure in, I would say, understanding what the security
posture of this hardware device that I own called a ledger, understanding what that actually
is, I feel like after this episode.
I understand it much more. Now, it'll be up to bankless listeners to decide whether that is the
security posture they want to move forward with and continue using. But yeah, this is a successful
episode from that perspective to me. One small disclosure, Ledger is a previous bankless sponsor.
They are not a current bankless sponsor. And with that, let's go ahead and get right into the
episode so we can learn exactly how a hardware wallet works with Charles from Ledger. But first,
I want to talk about these fantastic sponsors that make the show possible, especially Cracken,
our preferred exchange for 2023.
If you do not have any Cracken account, consider signing up.
Cracken Pro has easily become the best crypto trading platform in the industry.
The place I use to check the charts and the crypto prices,
even when I'm not looking to place a trade.
On Cracken Pro, you'll have access to advanced charting tools,
real-time market data and lightning fast trade execution,
all inside their spiffy new modular interface.
Cracken's new customizable modular layout
lets you tailor your trading experience to suit your needs.
Pick and choose your favorite modules
and place them anywhere you want in your screen.
With Cracken Pro, you have that power.
Whether you are a season pro or just starting out,
join thousands of traders who trust Cracken Pro for their crypto trading needs.
Visit pro.crakken.com to get started today.
Mantle is a brand new high-performance Ethereum Layer 2 network,
built differently from the other Layer 2 you may be familiar with.
Mantle is a modular Layer 2 built on the OP stack,
but uses eigenlayer's data availability solution
instead of the expensive Ethereum Layer 1.
Not only does this reduce Mantle's gas fees by 80,
percent compared to other layer 2s, but it also reduces gas fee volatility. Mantle has a decentralized
sequencer set, eliminating the risk of downtime and censorship on the network. And because Mantle
implements multi-party computation nodes, layer 1 settlement execution is shortened from seven days to as low as just
one or two. Mantle is the first layer two built by a Dow and is backed by one of the biggest
Dow treasuries in the world. Bit Dow. Mantle already has subcommunities from around Web3
onboarded to help the growth of Mantle, like Game 7 for Web3 gaming, or
or Edu Dow for the World of D-Sai, and ByBit for TVL, liquidity, and on-ramps.
Check out Mantle at mantle.xyZ and follow them on Twitter at ZeroX Mantle.
Immutable is at the forefront of Web3 gaming, on a mission to bring digital ownership to every player,
offering the world's best games and game development platform.
Immutable lets game builders and players focus on great gaming experiences.
So, build your next Web3 game on Easy Mode with Immutable's leading full-stack Web3 gaming platform.
It's built in UX features like the Immutable Passport are designed for games to scale to the next billion players coming to Web3.
With Immutable, players can sign up with an email, pay with a credit card, and experience a frictionless purchase flow inside of games.
So, discover your next favorite game and explore a network of 150 games building on Immutable, including such titles as GauzenChains, Guilds of Guardians, Illuvium, Embersword, and Metalcore.
So join Web3's largest ecosystem of games and players.
Build, play, and connect at immutable.com.
nation, I'd love to introduce you to Charles Guillaume, who joined Ledger in 2017 as chief security
officer after working for 10 years in the world of cryptography and hardware security sector.
Charles, welcome back to Bankless.
Hi, David. Thanks for having me.
So just want to dive right into the subject at hand here. The context, as I understand it,
and we're coming into this episode very, very quickly. So I'm going to give you an opportunity
to correct this context if I get this wrong. Yesterday, Ledger launched its recover service
that lets users back up their private keys so that it could be recovered if lost.
This recover service splits up private keys into three different encrypted shards
sent out from the device to be held separately by three different custodians,
also perhaps including Ledger.
The strategy here is that we know in Crypto that private keys are a huge hurdle for adoption,
and many people just don't want to manage their own private keys,
and Ledger Recovery is meant to be a solution.
Let the professionals do the professional thing and manage your...
private keys on your behalf is an opt-in service. But this opt-in service is not exactly the
source of the outrage coming from the crypto world. Ledger users previously thought that it was
impossible for private keys to ever leave their existing Ledger devices, as is this is the point
of a hardware wallet after all. So now Ledger has released this firmware update that seems to make this
possible, albeit in a highly secure, encrypted, and sharded fashion, the point remains that something
that was once thought impossible is now actually learned to be possible and has possibly been
possible this entire time. So Charles, is this an accurate somebody from your perspective?
And what would you add? Yeah, I think part of the feedback we got from the community were about
this part. But there was also some misunderstanding around the feature, what it does, why we
want to release this and so on. And maybe I can start with that. The intent of this feature is
to bring more people to secure self-custody.
Because when you zoom out, we are in the little bubble,
like tech-savvy people.
But when you zoom out, today most crypto owners
are using exchanges to custody their assets
or are using software wallets.
The reality is that self-custody seems a little bit complex,
maybe is a little bit complex for newcomers
and people can be afraid of it.
And for me, there are two major friction points
in the self-custody journey.
And I often think about my mother.
It's too complex.
Self-custly is too complex for her
because I see two major friction points.
And the first one is the understanding
and management of secret keys.
Like these things are quite complex.
If you are not used to know what is a secret key
and so on, it's complex.
I mean, you mean I have to write down these 24 words?
What do I do with these words and so?
When you are not tech-savis,
this thing can be frightening.
And the second thing is like understanding what you sign and consent.
There are these exas decimal addresses, all this stuff when you do smart contract interaction.
It can be a little bit complex.
So for me, there's two major friction points needs to be addressed by ledger.
And we need to find a way for newcomers in order to enable mass adoption.
And in self-custody, I think there are.
different shades of gray, different level of trust. At the extreme left, you have a full
trustless model where you don't trust anyone. You build your own computer, your own operating
system, your own wallet, and so on, you generate your own secrets, you manage your backup,
you build the tools to synchronize the blockchain and sign. This would be the extreme
trustless model, very difficult to achieve. And it's quite, it's, it's a very, it's,
It needs a lot of skills, time, and so on.
And at the extreme rights, you have the custodian model
where people are completely trusting a third party to manage their assets.
And in between, you have different shade of grey,
and you have software wallet, which are not secured,
but a little bit more in safe custody.
You are in safe custody with software wallet.
And you have hardware wallet, which are, for me, the best option so far.
But when you use software, there is some level of trust you have to put into the wallet manufacturer,
whether it is called car, treasor or ledger, you have to trust a little bit else.
You have to trust a little bit our vendor because we also depend on different vendors,
mostly for the hardware itself.
We are buying the circuit.
So, yes, the intent of this feature is to remove these friction hurdles for those people,
leaving the assets on exchanges and get one step closer to self-custody and self-sovereignty.
So when you use this feature, I agree.
You are doing a small trade-off where you are saying, I'm not completely self-sovereign.
I'm not the only one able to manage my backup.
But the trade-off, I think, is acceptable because the seed is splited with,
into different shards.
So there is no one custodian
that there's are like part
of the backup providers.
They don't custody your seed
because cryptographically speaking,
they don't have access to your seed.
This is a shard and with a shard
which is encrypted for security reason,
but with a shard, you don't have
any information about the secret.
You have to have at least
two out of the three shards
in order to be able to be combined a secret
and know the wallet content and use it.
So this is the tradeoff you have.
And also, yes, in this, yesterday in this episode, like, I noticed that some people, not everyone,
but some people were a little bit starting to understand like how hardware wallet works.
and they were a little bit surprised to understand
that the firmware or the software running inside the secure element
is something that can be changed,
is something that have an access to the secret.
But from a secret standpoint, like nothing really changes, really.
Like the seed is still generated within the secure element.
The cryptographic operation are implemented within the secure element
so that the seed doesn't have to leave the security element,
leave the device when you use your crypto and there is this trusted display allowing you to
consent for any operation and this part is really really important and it never changed and as soon as
the operating system will touch a secret on your device it will ask you for consent whether it is
like for signing bitcoin transaction doing a smart contract interaction staking on like Cosmos chain or
any other chain, doing firmware update, downloading an app, or use a ledger recover service.
For all these operations, and there are many other operations, for all these operations,
the operating system needs to have access to the secret, to the seed, in order to do some
cryptographic operation on it. And as soon as this happens, like the user is prompted and
the user has to consent for this operation. If the user isn't happy with the
doing a thermal upgrade, he simply declined, and that's it.
There was nothing happened.
The user is not happy with the current Bitcoin transaction.
He declines, and that's it.
There was nothing happens.
So we really must have this part in mind.
Of course, the operating system has an access to the cryptographic materials to the secret.
But as soon as an operation involved the secret, the user is prompted,
and his consent is requested.
So this is really the security model.
And also there was something which was a little bit weird for some people.
Like this is the ability for the firmware to be updated.
And this part is really important.
This is paramount.
Security is not something static.
Security is a journey.
It's impossible to say, okay, I build a harder wallet.
I put some like firmware and so on.
And that's it.
I won't ever be able to change anything.
Like, everything is engraved in the marble and I can't change anything.
If you do that, your product won't be secure for a long time.
Because, like, as I said, like, security is a journey.
You always have to improve security to raise the bar for security.
So we are doing quite often upgrades in order to add new features.
Because as you probably know, there are plenty of new features.
features in the blockchain ecosystem. New blockchain to support means new cryptography to implement.
New features on Ethereum blockchain means like a specific support in the Ethereum app or in the operating
system. Like for instance, we have to support BLS just for the deposit contract for
Ethereum in order to interact with the blockchain. And for that, that means we need to do
a firmware upgrade and upgrade the operating system.
in order to provide this feature.
Also, we are integrating these days like the ENS integration within the device.
That means you will be able to send directly Ethereum to Vitalik.eith,
if you want to send them to send them to send them from some Ethereum.
And on the device, you will have this resolution.
And this requires some like operating system upgrade
and the operating system needs to access to the secret key.
So, yeah, this was a little bit long, but I want to give more color to all of this.
And frankly, I learned two things yesterday.
The first thing is, like, the community cares a lot about ledger.
Like, when you have this kind of reaction, that means, like, things are important.
Leisure is important for the ecosystem.
And frankly, this is touching for me, for us at Leisure.
The second thing is, like, we could have done a better job at explaining all of this work,
because that was not completely clear for everyone.
Yeah, I would definitely echo both of those points, that people care so much about ledger
because this is sort of a, we all have one.
We've been ledger users forever on the bankless journey.
I mean, this is the non-custodial hardware wallet that we recommend that,
the community has largely adopted.
So we all very much care.
And yeah, I would echo that, man, the comms around this was real rough.
And of course, like, Twitter can get into all sorts of, they can mob attack, they can
pitchfork.
And I do think this will be a learning lesson for Ledger moving forward in how to explain
this.
But you've uncovered so many, you've talked about so many things, Charles.
I feel like we need to kind of double back and get to.
to get to sort of the first section of this. And I do want in a little bit for David and myself
to pull up a visual of kind of like the hardware itself so that people don't leave this
podcast episode without understanding the inside of how their ledger device might be working.
But before we get there, the main concern on people's minds, you talked about two different
kind of user personas, I think ledger is maybe appealing to. One is sort of the, you know, the
crypto OG, the non-custodial maximalist side. And, you know, there are very few that, you know,
buy a brand new hardware laptop from Best Buy or something, and like set it up from scratch, right?
But there are a lot of people who depend on Ledger to be sort of their non-custodial crypto
wallet where the private keys don't leave that particular device. And that's a lot of people
in the bankless journey right now. And then there is a large,
set of users that finds it very difficult. My parents would be one of these, for instance. They would
find it very difficult to actually set up a hardware wallet in ledger and store that seed phrase
in a safe location. And what ledger is saying, hey, we want to appeal to that audience too,
and we want to have a product for them. So there's this bifurcation, right? And what I think
some of the OG users are worried about is that ledger has forgotten.
about them somehow. And so one core question I have for you, and I want to make sure that people
are clear on this, this recover service that we talked about, that is more for people who
want to veer on the spectrum more towards a little bit more custody rather than self-custody.
Is this opt-in or is this forced? Is this forced on everyone with a ledger device, with a firmware
update or can they say no?
Can they, do they have to, and if they can say no, how do they say no?
Do they just not download the firmware?
Is there a box you can check?
Is there a forked version of the software?
Let's make sure we understand this first.
Yeah.
If you don't like the service, you don't even have to say no.
It's the opposite.
If you want the service, you have to subscribe.
You have to create an account.
You have to go through the identity.
identity verification process because this service works with identity verification.
And if you don't do that, like nothing happens.
Like you don't subscribe to the service and nothing happened to your seat.
Like it stays on your device completely secure and that's it.
So of course, it's optional, completely optional.
If you don't like this ID, like don't do anything.
You can upgrade your firmware.
You can upgrade your ledger live.
Nothing will happen.
So if I upgrade my firmware, this doesn't introduce some sort of difference.
this doesn't introduce some sort of backdoor.
This doesn't introduce some sort of way for ledger through a software update to extract out my private keys.
What is different about this firmware upgrade versus previous firmware upgrade?
So anyone who's had a ledger for any number of years has obviously upgraded their firmware.
Why?
For security updates, because they want additional support, more features, more competency, right?
It's like no one has the original version of the, well, very few have the original version of the ledger software.
But what people are worried about is this new firmware update might degrade the security posture that Ledger has had on the firmware device so far.
Can you talk about that?
No.
So in short, no, it doesn't degrade the security posture of ledger, of anything in this area.
As I mentioned, it adds a new functionality that you can choose to use or not use.
But the operating system, like before this upgrade, the operating system has a full access to your secret.
And as soon as you want to use the secret, you have to consent.
After this upgrade, this is the same thing.
The operating system has still full access to your seed.
And as soon as something touches your secret,
you have to consent.
There was just a new feature, a new possibility for, like, recover to be activated and to be used.
And if you want to use it, like, you will have to consent on the device.
Like, do you want to initialize a ledger recover backup phase?
And then you will have to follow the plan on the device and the full process will happen.
So this is, there is this piece of code inside the operating system on top of what existing before, what was existing before.
But the same way we are adding new application and new feature, you don't have to use them.
Like it's there.
If you don't like Bitcoin, you just don't install the Bitcoin application.
You don't site transaction and that's it.
In this case, if you don't like this service, you simply don't have.
have to use it. It's the same. And so I think at this point in this conversation, we need to
unpack the guts of what makes a ledger, a ledger. And so I think this visual that I believe
Hasib made from scratch is pretty useful here. And so I think listeners should just view a ledger
as two boxes, one box inside of a bigger box. The bigger box is your ledger, the actual device.
And inside of that ledger is this secure element. And that is the thing that has. And that is the thing
that houses the private key.
And so the outside box is like the computer, the device, the chip that manages the secure
element, and then the secure element has the private key.
And that is like the fort Knox of your ledger.
And I think why the answer to the question, why is everyone so upset right now, is that
people previously thought that the secure element, it's impossible for private keys to leave
the secure element.
That is the purpose of the secure element.
and that is the design that people talk about the hardware walls.
I say, like, yeah, you get a hardware wallet because humans are messy, and hardware
wallets have one job, which is to not allow your private keys to leave the hardware
wallet.
And Charles, what you're saying is that that is still true because you can sign a signature,
you can approve a message on your ledger that requires human input to ever allow for
private keys to leave the, for a signature to be signed.
But what's different here in this new firmware update is that people are now understanding that that secure element also has software in it and firmware can update the software of the secure element.
And with this new firmware update, the software inside of the secure element is able to be updated in a way that can allow for the seed, the private keys, to be escaped from the hardware wallet if you physically approve the hardware.
where wall if it's in your hands and you hit the little checkbox that says approve but it can now do that
and this product that ledger is making is the uh as soon as you approve that it charges it into three different
charge it encrypts each one twice sends it to different consortians of the world probably the most secure
way to secure a seed phrase but people are now understanding that the secure element is actually software
not hardware and this has caused people's concern is it is this a good summary
I think it's a good summary of the misunderstanding.
What you need to understand, like, the secure element is a circuit, is the circuit with low capacity processing, but this part is true, with some crypto accelerator.
That means that there are a piece of hardware that can accelerate the cryptographic operation.
But when I say, when I refer to ledger operating system, like this part is software, it's firmware, and this part is implemented inside the secure element.
It's possible for the keys to not leave the secure element even when you are doing a signature
because the operating system inside the secure element has access to the keys and can be upgraded.
Like I mean, when we add the support for BLS on for example, that means that we have to add a new feature in the operating system.
So we are writing the code for BLS support.
and then we are upgrading our operating system so that now it supports BLS.
And this operating system runs inside the secure element.
When you think secure element, like secure elements is a small computer,
like there is a small MCU, there was a dedicated RAM,
there is a dedicated flash, there is a crypto accelerator,
there are different peripherals in order to communicate with the rest of the world.
This is what a secure element is.
and this equipment needs to run some code.
This is not like something magic.
And this code is the one we wrote.
And for years now, this is an operating system.
So we load our own operating system.
There is an attestation mechanism.
There are some integrity checks in order to make sure that this is our code that runs inside and not another.
The attestation allows to do this firmware upgrade over the year.
securely because when you do a firmware upgrade, we want to make sure that the firmware comes from
us and then there was all the secure channel, attestation, at Leger, we have different checks and
control so that when we do operating system upgrade, this upgrade needs to be signed.
So we have a multi-signature process within Leisure so that to make sure that this new operating
system version does not introduce backdoors or bugs and so.
but this operating system runs inside the secure element.
And this is the same with your Bitcoin application or Ethereum application.
When you load your Ethereum application, it's loaded inside the secure element and it runs on top of the operating system.
If you think like a computer, like the network is, like the secure element is your computer.
And inside the secure element there is a flash which would be your computer.
which would be your hard drive.
There is RAM exactly as in your computer.
There is an operating system like Linux.
It's really smaller and very few features.
It's mostly cryptographic and security oriented.
And you can run apps like any app on Linux.
And there the apps are Bitcoin, Ethereum and others.
This is the app that are running inside.
So it's like it's a metaphor.
It's a comparison.
but I think it's quite a fair one.
Because what I realized
that some people was thinking
that there was some magic.
The seed is inside the secure element
and we can add new features
without this feature touching the secret.
No, it can't work like that.
The cryptography, signature, encryption,
everything related to the use of your assets
needs to access to your seed.
And as soon as we have new features,
we upgrade this code so that it can do new things,
but again, with your consent, always.
This thing never changed.
Sir, and so I would imagine them from the ledger perspective,
understanding how a ledger works,
this update is released.
And then from the ledger perspective,
everyone is up in arms,
just like, oh, you can update the secure enclave,
and you guys are like, yeah,
we've been doing that this entire time.
That's what firmware updates are.
What did you guys think was going on?
But then from our perspective is like it's specifically the nature of this update
that has opened up some doors as to like what could happen in the future.
And so like there's two doors that have opened, which is, okay, now Ledger has made a product
that opens up access to private keys on an opt-in basis.
But what is down that road?
Like how easy does that get?
Like, there's now an API that goes to my private keys.
That is an opt-in basis, but it raises concerns about, like, okay, well, what if a nation state comes and starts to twist Ledger's arm?
And what happens if in one or two or five years, the doors to accessing my private keys are much larger than they are now?
And then also, now there's an additional attack vector, which technically has always existed, but now we are more aware of it, is there's just one rogue firmware.
update away from a rogue firmware update that would make accessing private keys trivial.
And so now we are all understanding that if ledger is compromised or some firmware update is
compromised, that that could be a Black Swan event, if you will, because everyone's
ledger is compromised if we all download this new rogue firmware.
So that's a new security vector, which I'm guessing, again, it has always been there,
but now we're aware of it.
Do you have any thoughts or reflections on these concerns?
Yeah, you're completely true, and it's true for every wallet, whether they are software or harder.
When they are harder, it's a little bit more complex because you have to upgrade the firmware,
and then you need some collaboration between, like, Ledger Live or the software interfacing with the harder.
But yeah, you're totally true.
And this is the level of trust that I was mentioning before.
When you use Ledger, there was some level of trust that you need to put into Ledger.
so that we don't do a very nasty thing.
And if you don't want to have any trust, as I said, it's really, really complex.
It's always a trade-off between trust, security and self-sovereignty.
And it's impossible to be completely trustless.
You would need to build your own computer because if you want to be trustless, you can trust
your own computer.
And then you would need to build the software running on top of it.
But when we're building software, you need a compiler.
So how do you trust the compiler?
You're going to, you would need to build the entire stack that the overall electronic and software industry have been built during 50 years.
So what I want to say is impossible for one human to be completely trustless in this process.
And then it's a matter of tradeoff.
Like, where do you put the cursor or of I trust this guy for managing and providing me the right tools?
And I'm completely self-sovereign.
And this cursor are plenty of different shades of gray.
And as you mentioned, I think some people realize that they were trusting leisure a little bit more than they thought.
And I think this is what happens yesterday.
Learning about crypto is hard.
Until now, introducing Metamask Learn.
an open educational platform about crypto, Web3, self-custity, wallet management,
and all the other topics needed to onboard people into this crazy world of crypto.
Metamask Learn is an interactive platform with each lesson offering a simulation for the task at hand,
giving you actual practical experience for navigating Web3.
The purpose of Metamask Learn is to teach people the basics of self-custity and wallet security
in a safe environment.
And while Metamask Learn always takes the time to define Web3-specific vocabulary,
it is still a jargon-free experience for the crypto-curious user.
Friendly, not scary.
Metamask Learn is available in 10 languages with more to be added soon,
and it's meant to cater to a global Web3 audience.
So, are you tired of having to explain crypto concepts to your friends?
Go to learn.menomask.io and add Metamask Learn to your guides to get onboarded into
the world of Web3.
Hiring people worldwide, paying them in crypto, providing them access to benefits,
it's all so complex.
But it doesn't have to be.
Complying with labor laws, payroll rules, tax obligations, and crypto regulations in every country that you employ someone is difficult, time-consuming, manual, and costly.
And it's drawing more and more attention from regulators and governments.
But there is good news.
Toku is here.
Toku is the first employment and compensation platform for the crypto industry that makes this easy.
Toku helps you hire employees or contractors and pay them in fiat or crypto legally, compliantly, and with all the taxes handled in over 100 different jurisdictions.
So whether you're an early stage company with just a team of two or you're an enterprise with 200,
Toku has a solution that meets your needs.
Toku is already working with the leading companies in the space, Protocol Labs, Hedera,
Gitcoin, and many more.
So transform your employment and token payroll operations with Toku.
You can reach out to Toku at Toku.com slash bankless or click the link in the show notes.
Introducing ETHX from Stater.
Ethx is a liquid staking token designed to maximize rewards, all while securing Ethereum.
With Stater, you can run an Ethereum note.
with just four eth, an 85% lower capital requirement versus the 32Eath required for solo stake.
With Stater's four ETH nodes, you can get a 35% average higher yield, since you charge fees
to those who use your node to stake their ETH. By running a node with Stater, the ETHX staking
derivative token can get minted on your validators and can flow into the world of D5, which
Stater is actively building integrations and partnerships into to increase the utility of
ETHX. Stater allows for both permissioned and permissionless nodes to join the network,
maximizing its potential scalability for ETHX, while preserving the values of decentralization
and openness behind its liquid staking token. Go to Staterlabs.com and sign up to get access
to the Stater staking protocol. Arbitrum 1 is pioneering the world of secure Ethereum scalability
and is continuing to accelerate the Web 3 landscape. Hundreds of projects have already deployed on
Arbitrum 1 producing flourishing defy and NFT ecosystems. With a
Recent addition of Arbitrum Nova, gaming and social daps like Reddit are also now calling
Arbitrum home. Both Arbitrum 1 and Nova leverage the security and decentralization of
Ethereum and provide a builder experience that's intuitive, familiar, and fully EVM-compatible.
On Arbitrum, both builders and users will experience faster transaction speeds with significantly
lower gas fees. With Arbitrum's recent migration to Arbitram Nitro, it's also now 10 times faster
than before. Visit arbitram.io, where you can join the community, dive into the developer docs,
bridge your assets, and start building your first app. With Arbitrum, experience Web3 development
the way it was meant to be. Secure, fast, cheap, and friction-free. I'm reminded of a metaphor that
was used when I actually remember this pretty clearly. Vitalik was on the Eric Weinstein's podcast,
and they were talking about the 2016 Ethereum Dow hack, and the social contract of Ethereum at the time
was completely autonomous, robots only, don't trust the human.
And then the Dow hack happened.
And then it was like this, it was a robot and you ripped a mask off the robot and there's a human there.
And I think this is the same thing that's currently happening with Ledger is everyone thought it's like, oh, it's
completely hardware.
You don't have to trust humans.
The hardware has got you.
That's the whole point of the hardware wallet.
And now with this understanding about like what a firmware update means and how DB firmware update goes,
people are now realizing that, oh, it's a human there.
It's Ledger, which is a company of people that is incorporated in France that.
has founders and leadership.
And so now I think the crypto world is now coming to terms with that
and is now going to ask Ledger the company
to make a very strong social contract
to the crypto industry, to the crypto believers,
the crypto hardliners, if you will,
which are causing this uproar,
about how are you,
with now that this new attack vector is opened up,
this can of the genies out of the bottle,
how are you guys going to sign a social contract on our behalf?
And is that even possible?
I think that is kind of the question that everyone's learning how to ask right now, including myself.
Yes, it's a good one.
I think like the social contract is what I said before.
As soon as like the software, the firmware is touching your secret, like it's up to your consent.
There is always you need to authenticate yourself.
Always everything starts with the pin.
And after the pin, like as soon as something touch your secret to do like sensitive operation,
I'm not saying generating a public key.
You have to launch the Ethereum app first, but yeah.
But for everything related to using private keys and so on,
you are always prompted and you need to consent for that.
And this contract never changed.
And at some point, you need to trust us for not putting back doors.
For this, there is no real choice.
and it's always the case for every single wallet vendors, whether it is hardware or even software.
What's interesting.
So I, okay, so I'm hearing this loud and clear.
There's really like two levels of consent on the device before, you know, allowing this,
and that's just on the device, allowing this kind of a recover service.
One is you update the firmware, right?
So there could be a swath of people listening to this saying, I, you know,
I am not going to update the firmware.
And that, if so, that's your choice.
you bought the hardware device.
You don't have to update the firmer if you don't want to.
It's a bad idea.
It's a bad idea.
Let me get back to that.
So that is a first thing you have to do.
A second thing is there's actual physical approval from a ledger if you want to, if any
time it's going to touch your secret.
And so opt you, like get you into the recovery service.
There's something you have to actually click approve on your ledger device.
So there's kind of two layers here.
Now, getting back to it's a bad idea, right, to not update your former.
This is kind of the trade-off spectrum I think people had.
Like how, to bankless sister that I guess, and to myself, I'm asking me this question,
how certain am I that the existing firmware version on my ledger device doesn't have a security flaw in it?
Like, I don't know.
I mean, this is part of what a company like Ledger, I imagine, provides, is when you identify
any sort of security flaw or some sort of issue, you kind of patch that. You fix the bug and
you require or you ask for a firmware update from all of your users, right? So that's kind of an
unknown for me. In addition to like the whole world of all of the features that I might want
in the future for my ledger device. So that's kind of a choice you have to make. It's like how
secures your existing, the existing version of your firmware. You really don't know. And what if a flaw is
uncovered, who do you kind of trust to patch that up? So that is kind of the trade-up.
But you wanted to say something here, Charles.
Yeah. What I wanted to say is it's a bad idea to not update your firmware because in
firmware update, there are always security improvement. Sometimes it's even a vulnerability fixed.
And we are completely transparent about that. You can go on dungeon.orgia.com slash LSD
for leisure security bultan.
And every time we uncover a new vulnerability,
whether it's our teams or external teams,
we are first fixing them
and then we are publishing the ledger security builtin.
And to be completely transparent,
like a few days, weeks ago,
we have found something quite interesting
on the implementation of Mnisccript.
We are among the only one supporting well Mnisccript.
And there was a team
integrating like this
manuscript implementation
and they found something
something quite interesting
of vulnerability.
So we worked with them
we fixed the vulnerability
and if your Bitcoin app
is up to date
this vulnerability is fixed.
If you're not,
now the attacker
knows the vulnerability
because now it's public
and you are vulnerable.
So that's why
it's really important
to always
update your firmware
and the application.
This is such a hard
situation
for I think users who want to be completely bankless and self-sovereign to be in,
because we have to sort of make a choice.
We have to, and I guess maybe the question goes to, like,
David is pointing to sort of the social contract that Ledger can make,
to say, we believe in self-custody, you know, we can,
we believe in, you know, kind of transparency.
We are going to do our best to kind of protect your device at all times
and keep your private keys in the secure enclave
and only ask your permission if something changes.
But I'm wondering if we can even get stronger
because crypto is very much an industry of like,
don't trust but verify, right?
And so like, is there a way that crypto, a listener,
can have assurances that Ledger hasn't introduced
some sort of backdoor?
Like, can we open source this?
Is that not a avenue?
Is there some way to guarantee this?
I mean, I don't even want to rely on like a third party auditors here, but you see what I'm saying.
It's just like, how can we be sure that a future ledger firmware update does not introduce some sort of backdoor, right?
Because, you know, ledger's now a large company.
I'm sure there are authorities.
I'm sure there are nation states who somewhere on the planet would like to introduce some sort of backdoor.
door into a future firmware update. And how can we verify that this indeed hasn't happened? Do we
just have to basically trust at the social contract layer that you haven't done that?
So first, I'm going to start with the social contract. And again, we are pro self-custody.
Like, this is the purpose of ledger. We would like that everyone to be completely self-sovereign and
completely in self-custody.
And as I mentioned, like, in this self-custody journey, there are different shades of gray.
And the reality is that today we are very few in self-custody.
Okay, it's important for me.
It's important for you.
But at the end, what is this part of the crypto ecosystem?
Most of people are using Robin Hood to buy Bitcoin or are leaving their Bitcoin on an exchange.
This is the situation right now.
So how can we make sure that these people come a little bit of Bitcoin?
closer to self-custody. And I think this kind of feature goes in that direction. I would love
that everyone understands very well that self-custody is the purpose of blockchain revolution.
This is something I say, like, every time I can speak. But the reality is, that's not the case right now.
Most people are using Bitcoin as they were speculating on stocks. This is not the purpose
of crypto, Ethereum or Bitcoin. The purpose is self-custody. You have to always.
your own value to be permissionless, to be as trustless as possible.
I am completely aware of this.
Ledger is aware of this.
This is the ethos of the company.
Now, how can we bring these people into self-custody?
And I think this feature is part of this.
So the social contract is we are continuing our road to empower people,
to give them the right tools to be in self-custody,
to really own their value.
This is what we do.
This does not change.
and about your comment about a state forcing us to put back doors and so on.
Yeah, what can I answer to that?
This is always true for everyone.
Yeah, okay, that was true yesterday.
This will be true tomorrow.
And it's difficult to prove the absence of any backdoor.
About open sourcing our operating system, this is like a very long story.
like we are talking about that at leisure, we are talking about that everywhere we can.
A lot of people are asking us to open source our operating system. I would love to.
The problem is we are using Secure Elements. Secure Element is like the best device you can imagine
to implement cryptography, to store secrets and so on. This is why we are using Secure Element.
But when you are using Secure Element, you sign an NGA with the Secure Element
providers and the security provider simply like prevent you to to give any information about how their security security element is working.
Because there is their IP because there are plenty of proprietary security countermeasure and they don't want these things to be to be public.
So we simply can't publish our operating system source code.
source code because of this.
And I think
something which is really interesting
in open source is the capacity
for everyone to audit the code
but it does
not guarantee that people will
audit the code. And this is a big
blind spot in
the ecosystem.
A lot of code are open source,
but no one edit them and no one pays
for audit and it does not happen.
Okay, our source code
is not open source, at least the operating.
operating system. The applications are. You can you can audit them if you want, but the operating
system is not because of what I just said. Nonetheless, like we are internally auditing and we have
one of the best team in the world in terms of security, the dungeon. They are uncovering
security flows like in many different implementation in hours also sometimes and then we are
improving things. We are also using third party to audit our code. We are also getting through
security certification, so that you are the third party that go through a complete audit of your
product, code and so on to make sure it's not possible to go through the, to, to, yeah, to do
to bypass the security feature. And this is, this is what we do. But for
for hardware, especially for hardware, because open source is especially interesting when it comes to software.
Like you use a specific version of a software, and then this software is open source.
What you will do is clone the GitHub repository, you will compile it,
and then you can compare this to the binary that is distributed.
You can even run the version that you compile yourself.
Not a lot of people are doing this, but this is something you can.
But with hardware and with firmware, it's very difficult to have guarantees that the software which is running inside the hardware with it is the same that is being distributed by the vendor.
So even if we were open source, completely open source, you would have very large difficulty to make sure that the operating system running in the device is the same that you downloaded.
And it's the same problem with cold cards, the same problem with.
with treasor. You don't have guaranteed. By the way, Treasor recently they got some people
distributing fake treasor device like with backdoor inside. And as there is no integrated
integrity mechanism, there is no way for people to distinguish a real treasur from a fake one.
Because everything is the same and you have no way to make to be sure that the version which is inside the treasur
is a white one or a fake one.
This is a problem you have with hardware wallet,
with hardware in general.
Charles, you said we need innovations like Ledger recover
to be able to onboard like the Robin Hoods of the word.
The very, very banked people of the world,
stuff like this can make them more bankless.
And that's one half of me is like, absolutely,
let's get the rest of the world into the world of sovereign private keys.
And then the other half of me is like, don't compromise on my Fort Knox in my hardware wallet just because some Robin Hood bros want to come into crypto.
And so like there's there's like two sides that I can see here.
There's like, yeah, we need more people to come into crypto.
Let's make it easier for them.
But also don't compromise on like how strong I can be self-sovereign.
And so the one topic of conversation that's been floating around in my circles about this has been like, well, can't there just be too firm?
one is like the Robin Hood, uh, Robin Hood bro people that want to come in and, uh, and want to
be a, get their first hardware wallet in a way that feels good. And then can there be a second
firmware, which is like the Fort Knox for the crypto extremists who want the maximum
level of security. So I, I'll raise that. But also, I think, I think the point that we're
learning here is that even if you do make the Fort Knox version, if you do like split the, uh,
split the formwheres into two paths, like, like,
the hardcore and the easy modes.
It's actually kind of superfluous as in like it's the same risk vectors either way.
And that's perhaps like kind of the frustration of ledger is like, sure, you can have your
Fort Knox version of the firmware, but like you actually aren't reducing any of the risk.
It's because anytime you do a firmware update, it just kind of you reset the clock.
It's the same thing.
Yeah.
And so like this is that kind of like I see the rock and the hard place that that ledger is in.
but I'll float the idea of like a second firmware or Fort Knox firmware that will just make
people feel good and maybe that's a maybe that's something it's it's an idea but again I don't
I don't think it resolves your concern in all the case you would have to trust ledger a little bit
being completely trustless as I mentioned is something really difficult you would have to
to build the entire stack from scratch and and this is this has got to be true for for our all hard
wallets, right?
Just our hardware,
hardware wallets as a vertical,
if this is going to be true for that.
Or even software,
wallet.
Right.
Yeah.
It's the same.
There was a,
there was a part of trust inside,
of course.
So I think this is kind of just a learning moment
for the entire industry as to how a hardware wallet works.
Yeah.
And frankly,
I'm a bit disappointed because I thought I did a hard work explaining how all of this works
and so on.
But if it was not clear for everyone,
now it's a little bit better.
Sometimes it takes these events, Charles, so that the information, education can really
propagate.
So I'm curious, as you zoom out on this whole thing, what is kind of the learning lesson
for Ledger about this event or this discussion of the last couple of days?
And then what do you think is the learning, the takeaway for the rest of crypto?
So one of the first takeaway is, like, in terms of communication, things could have been really better.
The thing is we planned to announce it like officially, we're explaining everything and so on.
We had a solid communication plan for a little bit earlier, for a little bit later.
The thing is, when we wanted to be ready, when we launch.
to be able for users to upgrade their firmware.
So we needed to distribute the firmware beforehand.
And as we are transparent, in the release note,
we explain that this new firmware
contain the capability to activate the gel recover.
And the thing is, instead of bringing to the crypto ecosystem,
this new idea, how it works,
and if you don't like it, you don't have to use it.
this is the community that discovered the functionality and started to speculate.
Oh, they are extracting my seed and so on.
Like a lot of food started.
And we, instead of for us to explain the feature, the idea, the intent,
the fact that it does not change anything in terms of security model and the user contract with Ledger,
instead of being in that situation, we spent like 24 hours explaining that, no,
We are not installing any kind of backdoor.
And by the way, you didn't completely understand how hardware wallet works.
So, yeah, this is.
So in terms of communication, like the point taken, of course, things could have been better.
The second takeaway for me is, as I mentioned, like the crypto community, the ecosystem,
cares a lot about leisure.
Frankly, when you see this kind of passion, even if it's not positive passion,
this means a lot for me.
touching and yeah the message has been received. The third takeaway is as I mentioned,
like we could have explained better what the security model, what's the hardware what it works
and so on. I feel we spend a lot of time explaining these things again and again. Probably that
was not enough, of course. And sometimes I'm in the company for more than five years.
And sometimes I feel I explained this like 10 times, but what I explained in 2017,
I explained it to like 1% of the people who are in the community right now.
So this is a, this is something.
And people forget, Charles, you know.
Yeah, and people forget.
People forget.
I'm not always thinking about how the inside of my ledger works, right?
Yeah, that's true.
That's true.
So yeah, so this is a never-ending story.
We need to continue doing the effort, explaining well,
what's the trade-off when you use ledger?
Because it's always a matter of trade-off.
There was no perfectly trustless, secure, and self-sovereign solution.
This thing does not happen.
It does not exist.
It's always a matter of trade-off.
I think the trade-off that ledger is providing has a lot of value.
As a customer, as a user, I love the value provided by ledger.
And then I would like that there's homieferial.
people to get a little bit of this value.
And this is the intent of the ledger we cover.
And yeah, again, also we are in the Twitter echo chamber and Twitter is not really the
real world.
Let's keep this in mind.
This is not the real world.
Yeah, I certainly have that the top of mind.
Well, I think we've all learned a lot of the last couple of days.
And certainly I hope bankless listeners have in this episode.
But I want to ask this kind of final question.
And we've been talking about a new cohort of users that Ledger wants to get, kind of the Robin Hood crowd, the people who are not comfortable with the hardware wallet and their seed phrase as is.
And I think some of the OGs, part of this, you know, this passion you've seen comes from an emotional place.
What they're saying, Charles, is you guys aren't going to forget about us, are you?
No, no, no, we won't.
I'm part of this guys.
I'm our voices at Ledger.
So tell me about that.
because I think that's where this is coming from.
There are a lot of people who started their bankless journey with the hardware wallet
and used Ledger, and the reason they did that is for maximum self-sovereignty.
And they want to feel like the company whose product they own supports them on that journey
and hasn't changed.
And Ledger has grown a lot over the last few years.
certainly a new round of funding as well.
The team size has grown.
And I think some of the OGs are basically saying,
hey, Ledger, you're not going to forget why you're here.
You're not going to forget about this mission.
And the reason I know that is because they ask bankless the exact same questions, right?
Bankless has also grown.
And they are continually asking us, hey, do you guys still remember why you're here?
Like the mission?
like the reason we're doing this thing.
And I think they are now, through this episode,
in an impassioned way,
in a pitchfork way,
in a Twitter mob attack type way,
but also in a good way.
They're asking Ledger,
why are you still here?
Do you know?
Do you know the mission?
You haven't forgotten about us, have you?
So what would you say to that?
Yeah, I think I mentioned this point already,
but I'm very happy to say it again.
The mission of Ledger is to provide,
the users with tools to be empowered, to be in self-custody, in self-sovereignty.
Because this is the purpose of like the blockchain revolution.
The purpose is not about like speculating with Bitcoin as you would speculate with stocks.
Frankly, this thing is not interesting from my standpoint.
And by the way, this is definitely not the mission of ledger.
The mission is to provide our users with tools.
to own their value, to use it securely, and to be completely self-servraine.
And the thing is that in this mission, if you only talk to like core, hardcore user
that understands this very, very well, you are completely blind to a big world who would
like to enter this world. And this is also what we are doing. We are not forgetting
the ethos, like this doesn't change.
We are just trying to make sure that everyone, the mass adoption, will understand this ethos.
We want to make sure they understand and removing a little bit the friction point for them
to enter into self-custody and self-servency because, again, this is really the purpose
of Bitcoin, of Ethereum, of blockchain in general.
And personally speaking, this is also what motivates me to be at leisure.
I truly believe in this mission.
And I don't feel there was another player in the crypto ecosystem,
which is such committed to self-custody and self-sovency.
So this does not change.
But we also have to keep in mind that the OG of 2014 or 2017
are only a small portion of the ocean of crypto users
today and we have to talk to everyone.
We don't forget the OG, but we
have to talk to everyone.
And by the way, frankly, sometimes I'm a little bit
disappointed by the OG community.
We are investing a lot on supporting
plenty of Bitcoin features
and same with Ethereum.
And at the end, when we have a look to the start,
not much people are using them.
So there was this thing which is a little bit
disappointing for me.
And we are investing a lot
to make sure that
this OG population has the right tools
and so on. And at the end, they
don't use them so much.
But we won't stop.
I'm just saying this. That's a good point to end it with.
And the reason I asked again is because I just
wanted to hear it one more time
from your mouth, Charles. Thank you so much for
engaging in the community in this way in podcast
forum. I think discussions
are much easier than
Twitter battles back and forth. And we
appreciate you taking the time to come on and explain this today. Yeah. Thank you for giving me the
opportunity. It was a really good discussion, open discussion, and yeah, happy to have participated.
Awesome. Bankless Nation, risks and disclaimers, of course, none of this has been financial advice.
You know it wasn't because you're listening to Bankless. I got to let you know, again, a reminder,
in case you needed reminding Bitcoin, Eith, these assets are risky. So is Defi. You could lose what you put in.
but we are headed west. This is the frontier. It's not for everyone, but we're glad you're with us on the bankless journey. Thanks a lot.