On May 18, crypto hardware wallet provider Ledger clarified how its firmware works after a controversial May 17 tweet was deleted by the company. The deleted tweet, which Ledger said was written by a customer support agent, had stated that it was “possible” for Ledger to write firmware that could extract users’ private keys.
[1/3] You may have seen a tweet from our Ledger Support account being shared regarding Ledger firmware updates.Unfortunately, in our attempt to clarify how Ledger and all wallets work with the firmware, a customer support agent posted a tweet with confusing wording. https://t.co/cL6UrBzxWr
Ledger chief technology officer Charles Guillemet clarified in a new Twitter thread that the wallet’s operating system (OS) requires the consent of the user anytime “a private key is touched by the OS.” In other words, the OS shouldn’t be able to copy the device’s private key without the user’s consent — though Guillemet also said that using a Ledger does require “a minimal amount of trust.”
The original tweet from Ledger customer service stated, “Technically speaking, it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware whether you knew it or not.”
The tweet ignited a firestorm of controversy on Twitter, as many users accused the company of misrepresenting the security of its wallet. Critics shared an alleged Ledger post from November that stated, “A firmware update cannot extract the private keys from the Secure Element,” implying that the company contradicted itself.
Though the deleted tweet fueled the controversy, the matter first sparked on May 16, when the company unveiled a new “Ledger Recover” service that allows users to
Read more on cointelegraph.com