Coingradient

Cryptocurrencies, blockchain, NFT and new trends

Ledger Co-Founder Flag Security Risk In Open Source, Refutes Charles Hoskinson

Ledger co-founder Eric Larchevêque clarified that there is no “backdoor” in the latest Recover firmware update. The Ledger controversy attracted comments from notable leaders and blockchain experts from the crypto community including Cardano founder Charles Hoskinson who claimed that open-source software is always better than closed-source.

However, Ledger co-founder refutes Charles Hoskinson’s claims and red flags open source due to elevated security risks.

Ledger CEO Refutes Cardano Founder Charles Hoskinson

On Friday, Cardano founder Charles Hoskison in response to the Ledge controversy said he always choose open-source software whenever possible, saying that “security comes from simplicity.”

Ledger co-founder Eric Larchevêque took to Twitter on May 20 to further clarify security aspects of closed source, open source, and chain of trust in a hardware wallet. Ledger is a hardware wallet with closed-source firmware.

Recommended Articles

Crypto Telegram Channels List 2023 [Updated] Must Read Crypto Presale Projects For 2023 To Invest; Updated List Must Read Explained: What is Layer 0 in Blockchain? Layer Zero Crypto Examples Must Read Top Crypto Marketing Firms / Agencies 2023; Here’s Best Picks [Updated] Must Read Top 10 Web3 Games To Explore In 2023; Here List Must Read

He claims open-source wallets come with regular hardware but less security, while close source with secure elements, allowing higher level of security. A supply chain attack can happen when plugging the hardware to flash the firmware, while “holographic seal” mitigated some risk it’s not efficient to prevent attack at manufacturer level.

A master key from the manufacturer, implanted in the secure element at the factory level, can cryptographically prove interacting with the real chip. This cannot be used with open source as the master key would obviously be revealed during compilation.

He believes security is always a matter of trade-offs and hardware wallets require that trust. Users could do critical mistakes or update hardware with rogue firmware.

Amid the Ledger Recover controversial firmware update, hardware wallet provider such as GridPlus decided to open-source its firmware. But Ledger CEO believes bad actors could gain access to these due to being open-sourced.

Источник