GridPlus to open source wallet firmware in Q3 amid Ledger debacle

cointelegraph.com:

Amid fallout over Ledger’s controversial decision to allow private keys to be “recovered” from its devices, cold storage competitor GridPlus has announced that it will move to “open source” the firmware of its crypto wallets. 

GridPlus took to Twitter on May 17 to inform its 17,500 followers that it will open source the firmware of all its crypto devices in the third quarter of this year in what it claims is in a bid for greater transparency.

The most trusted name in cryptography, relied upon by the world's governments for their highest security applications for decades, sold products backdoored by the CIA. How can we ensure this won't happen again? Open-source software.GridPlus will open-source its firmware in Q3. pic.twitter.com/889OnqXd20

“This week's hardware wallet discussions laid bare trust assumptions taken for granted,” wrote GridPlus in a follow up comment.

Much of the ire directed at Ledger over the last 48 hours stems from its firmware — a term for software that’s built into a hardware device — being updated that would allow the potential extraction of a user’s private key from their cold storage device, despite reportedly assuring users the opposite in the past. 

Related: Ledger data leak: A ‘simple mistake’ exposed 270K crypto wallet buyers

Notably, Ledger’s firmware is closed source, meaning that only developers from the company itself can view the code and inspect it for flaws. Open source code on the other hand allows for any programmer to access and inspect pre-existing code to improve it and check it for potential errors.

Speaking directly to this point in a May 17 Q&A session on Twitter, Ledger Support clarified that it had “always been possible” for the company to write code that would allow for