okay, I'll be the first to post
okay, I'll be the first to post
So I'm curious with the whole Ledger seed backup controversy, are Ledger devices actually safe? Should I continue to use my Ledger? I don't have much so I'm not too concerned, but I'd like to still sleep peacefully at night regardless.
They're probably not any less safe today than they were before – the new key exfiltration feature has not been rolled out yet. Even after it's rolled out, you can choose to trust Ledger's claim that it will only be used as advertised, and also to assume that they will never be forced by law enforcement to covertly target you with custom firmware that takes your seed.
There's a level of this requirement for trust with all hardware wallets. I find it's a bit worse with Ledger because they are closed source and the firmware has to be flashed with their special software. For wallets where the source is available for public audit, it's harder to get away with shenanigans.
As a bitcoiner, I've also found I prefer bitcoin-only wallets. Not even wallets where I can choose a bitcoin-only firmware – I mean wallets from bitcoin-only companies. It just simplifies things and I feel like the company is not distracted by a thousand altcoins. So my conclusion is easy, I don't use Ledger.
Thank you for the response! That makes sense, I'm definitely looking into Cold Card or Blockstream Jade as they are both open source Bitcoin only
A little late to the thread, but i'm pretty sure that private key recovery service is opt-in, which doesn't affect the overall security of their devices. i still use my ledger and have had no issues with it, but if you'd rather find a company that you trust company maybe consider a trezor instead.