The argument that the user has the choice to upgrade or not, while technically true, is ludicrous. The implicit contract for ledger users was: the key can't escape the wallet. Now they have the "choice" between never upgrading the firmware, or accepting the breach of this implicit contract based on which they bought the wallet in the first place.
To add to that, not upgrading the firmware is really not an option either. It could be a few years down the road, but Ledger could upgrade the software to, say, use different Libraries in the code. If you don't have those libraries, your Ledger may not even work. I'll be trashing my Ledgers.
The worst for me is how this move goes against the core values of the company and crypto community. What we stand for matters. It's not only about the money. Although, the money is important 🤣
If you listened carefully, you’ll realize nobody is saying you should not upgrade the firmware. They’re saying you do not have to opt for the service if you don’t want to. That means keep upgrading but don’t sign up for the service. And you’ll be as safe as ever.
This whole situation would not have occurred if Ledger made a specific device for Recover. Users would feel safe knowing there was no way to extract our keys from our wallets because only the Recover device can extract keys. Instead, they put the ability to extract keys into the API on everybody's wallets. And sure, you can opt out, but the API for key extraction is still on your device for hackers to find. 20:43 "You now have an API in your firmware to extract seeds"
I agree. As things went, that is the deal only for the owners of the old Ledger Nano S model. It is a paradox, the cheapest device is the safest (in fact it was already, due to its luck of Bluetooth). So much so that Ledger is selling it again.
Exactly, they say that the default is recover disabled, but they have a flag for that. And that flag can be changed in some way by the governement or some hacker by attacking ledger firmware, or obligating them to update the firmeware
Everyone is missing the point: governments have a right that does not belong to them! Our money is OUR money and business. Governments must stay out of our business!
True, but they never will. So putting as many roadblocks in front of that is what's vital. Most people are transacting on public ledgers so there's firms out there that do the super sleuthing to find you. If you want to be truly anonymous you should only be buying Monero and buying things like gold and silver in cash.
Not necessarily. Ledger could form partnerships in appropriate jurisdictions where data extradition is not easily enforced by the long dirty arm of the USA permanent state.
Store your words locally and if you believe the government is out to get you, they'll get those 24 words from you in a matter of hours as well. So what's the difference?
Novak was amazing here. Very respectul (though duely sarcastic when needed), and way more honest in the possible risks of technology than the Ledger guy. The fact is that any guy who just bought the latest Ledger intending to have a serious self-custody is now regretting his decision, because it is hard not to have doubts. And doubts are the last thing you need when securing your BTC.
Just started the video, but excellent work getting these individuals together to have an open discussion. I like that you brought in people like Odell and NVK because this conversation goes beyond your expertise. Well done.
This is not a problem anyone who does not enroll has to deal with, this service is only for those whom have an IQ of 10 and have no understanding of how any of this works.
@@atakdd Well, then they're going to have a hard time with the service. It's not even a good system of sharding. You have to send them a copy of your ID or passport. You have to make some silly selfie video. Then you have to creep through the ledger menus, export your seed to three third party entities (2 known, 1 not) and then pay Ledger $9.99 a month for the privilege. The people that this is meant for are going to buy their crypto at places like Fidelity and forget about it.
I don’t know if you’ve done round tables like this before but I’d LOVE to hear competitors talking like this more. Technical teams, marketing teams, etc. get them in the room and hold their feet to the fire. While I didn’t love all the answers given as to what’s considered acceptable trade offs, the level of honest pushback and counterpoints was absolutely fantastic.
Rings on all fingers is within the same league as backwards baseball cap, greying stubbly beard and unkept long hair. 💈 And a doodle book permanently etched onto your arms. 😂 Welcome to crypto…
Don’t agree. Because as an existing owner of one of the existing ledger wallet, I want to have the option to also some day, switch my preference to use this service if I feel keeping my own seed has become a burden to me.
@@Tchairdjian As an existing owner of an older device, the context as to what that device should be capable of was different. That's why launching a completely different product line to accommodate this service should've been a no-brainer. I think it would be safe to say that anyone whose owned a ledger the last few years has never once contemplated about opting in for a service that extracts your seeds. That's not why they bought it.
Man this interview should have WAY MORE views than 23k currently. One of the video interviews I point people to if they want a great discussion on Ledger's new service.
What an amazing discussions with people not here to fight each other but only to ask questions and get clarity. Thanks Peter and thanks to the bitcoin community. That's what bitcoiners should be about.
Governments will only subpoena things for serious crimes like terrorism or drugs or giving money to truckers who are blowing their horns in a way the government disapproves of
Ding ding ding! The next “emergency” will be certainly be used by governments to further control people. The ledger ceo seems totally naive of how much the elites hate us
His responses are in substance flawless. Only fools consider slickness. Being contrarian for it’s own sake won’t help you. The other counter arguments were not made in good faith - clearly striving for increased market share … which clearly people like you fell for.
Apple has the ability to detect CSAM on your devices. Louis Rossmann covered it in one of his previous episodes. Mental outlaw's latest vid also covers M$ cloud storage being able to detect malware
That seems to be the majority of people's gripe and rightly so. But this also proves an important lesson. People need to understand how these wallets function and how trust is so willfully given. Not just to Ledger but to companies like Microsoft, Apple, Google, etc. We just assume those companies are acting in our best interest. Most aren't and never were.
I felt so safe with my ledger knowing my assets were safe ,I loved it, now I’m really disappointed I have to look for a alternative , I think ledger should refund anyone who would like to send it back as it’s not doing the job it should . Not your keys not your crypto 😔
I've got a coldcard that's just arrived today. I'll be setting it up with sparrow wallet this week and moving everything across. I don't see the point in taking a chance with ledger, it's a bit of money and a few hours work, that's it. This guy seems to completely downplay the risk of malignant state actors, which is actually a very real threat, something that's already occured in Canada.
True. Governments call people enemies of the state all the time. In Canada's case, that was just a bunch of guys who drive trucks who wanted an audience with their government. Governments answer- bank accounts frozen
Excellent discussion that brings more clarity on the current ‘crisis’ than any other on UA-cam so far. I think we’ll see hardware wallets develop over time with varying compromises based on security on one side vs. ease of use on the other. I suspect the Ledger will move quickly to make installing this update an option, and will continue developing firmware without the seed phrase recovery option. In the end, nobody using Ledger will be any less secure than they were before the ‘bombshell’ dropped this weekend - albeit this discussion proves that theoretically Ledger users have always had some risk in using their products. There will be ‘harder’ options available for those that want them, but Ledger (if they survive this PR nightmare) will remain an easy to use and hugely more secure method to storing assets on an exchange.
That was excellent!! I was gonna swap over to another wallet....now? I feel more comfortable about hodling my ledger!! He was pretty cool! Thanks again for everything you're doing for us Mark and team! It's appreciated!!
Not a great trade-off. Storing digital assets requires competence. If someone doesn't have that, than they should just buy crypto at places like Fidelity and not even research wallets.
I'm SO grateful you made this episode! I use a Ledger, then last week, I started seeing all these memes running Ledger through the mud and got worried sick. Looking forward to it. Thanks again for the great content!
I think Pascal made some solid points here. You have the option to opt-in or not. KYC is normal today. What is true today, does not have to be true tomorrow - especially in security. So it is always a trade-off. Not saying all was handled well on their side, but he admit communication errors were made. And he has a point - just because it is open source does not mean it is more secure.
Great discussion, I am staying away from Ledger though...and Thanks to Matt, NVK for all his POW, and thanks to Harry, Peter, and Pascal for being part of the discussion.
People lack responsibility. If someone is truly incapable of securely storing 12 god damn words, in the correct order, they have no business calling themselves an adult. That said, for those with a developmental or intellectual disability, or other cognitive limitations, I understand that they will likely need extra support, and that’s okay. For the majority of people, however, they have no fucking excuse.
I think Pascal knows his market and knows that most folks are happy to accept his trade-off. The true ride-or-die freaks were never his customer anyway.
true...and i confirmed i am a NON customer of ledger when he went on about how the GOV only goes after "terrorists".. BS...and one mans terrorist is another maNS freedom fighter...
Seems like mostly just people w: something negative to say commented here.. Cuz I love when he says, “th goal is to get as manny people into self custody for th sustainability of crypto safety. Cuz ther’s people w/ crypto on super unsafe wallets / exchanges.” This makes total sense.
“This is a real scenario. If suddenly France goes into a tyranny, which is not today..." Ledger CEO. That's all I needed to know about the seriousness of this company...
doesn't need any tirany, the spansh goverment already mandates that you must declare all your crypto assets after certain amount. it's getting ready for a welath tax. All it takes is the France gob to take the same approach and bam, you are in a world of pain. because let's not kid ourselves majority of users got into crypto as they see their potential to evade taxes.
@@sidekickmusic5936 the recent Canadian trucker Dutch Farmer protests are good examples. The Canadian and Dutch governments will absolutely subpoena ledger during the next “emergency”
Great interview. I for one would like the option of seed recovery. When you lose a substantial amount you will too. Not everyone is a doomsday merchant.
Spin it as much as you want.. People bought a Ledger with the full understanding that it is a COLD wallet, ie the seed should NEVER leave the device. Ledger goes, breaks that fundamental rule and writes the firmware themselves to enable the seed to be sent over the Internet. Encrypted, sharded irrelevant. Nothing now prevents another firmware to just send your seed unencrypted to some bad player. Ledger sold us all out for a lousy $9.99 month..
In case you don't know, Ledger, self proclaiming how they care about security had a data breach that leaked 250,000 customers real names and full addresses on a public Internet forum. This is the company who wants your KYC information and keys.
Unacceptable. People who bought your wallet wanted a device which is INCAPABLE of leaking the seed, even with the user's consent. You have broken the trust of your clients. You had to make a different wallet for this service.
I don't really like this recover feature. But he did explain well the security issues or lack of.... I did not think he was on the defensive. This KYC/recover function can also be an answer to question like inheritance, when your 12 month old baby will not be able to find and use the 24 words. Michael Saylor used this same argument yesterday to explain why BTC spot ETF is inevitable (with KYC of course like all stocks). Future for me is split the crypto into several cold wallets from several brands. That's a lot of work I know, but worth it if we really believe the BTC will go to 300.000 USD
They really are not. Choice is not a bad thing. Everyone has a choice. Ledger will be fine. As will be the people who choose not to use their products.
Thank you for this Peter. Very timely and needed debate & content. I will be switching to Blockstream Jade or Coldcard now solely because Ledger is not open source and this is a continuing risk into the future. I would love you do this same forum to discuss another of your sponsors with new privacy concerns around Wasabi with Trezor Coinjoin. It was recently discovered that your privacy is compromised. Wasabi touts their privacy...
Guy from Coldcard trying to piss off the guy from Ledger multiple times with tons of indirect attacks like "you're my funnel", and "you gave me 30x sales"...and gets no reaction whatsoever. That's when you know you're kicking your competition in the nuts.
This was an awesome video/podcast, 100% Bitcoin, and a respectful debate with a few intense moments! I started off listening to it on Fountain and then really needed to see these guys expressions as they made their individual points. 👏🏾👏🏾👏🏾 No need to blow up my ledger or set it on fire for that matter?😂
@peterpan8374 it seems highly unlikely that the Ledger company would ONLY have the capability to extract the seed from those customers who pay $10/month....but would be completely incapable of extracting the seed from those who refuse to pay $10/month.
@@peterpan8374 You sure trust a lot of people you've never met to safeguard your assets, which is like the opposite of what you're suppose to do when you self-custody.
If ppl knew Ledger was a closed source device and trusted it enough to have used it for 10 years... Then why all of as sudden they are acting like this is all of as sudden a surprise. The argument that Ledger is less secured now because it's a closed source device is ridiculous. It had always been a closed source so why is it any less safe now? People are acting like it is a complete surprise to them that the firmware has access to the seeds and the private key. How else were transactions get signed if it didn't ? If ppl don't trust the firmware now and claim because they can't verify. then why did they trust the firmware before? Did they know what the firmware did before ? No. So why the paranoid now all of a sudden ? This is nothing more than a marketing fuckup. Yes Ledger could've done a better job rolling this out.. May be even make this a separate product.. who knows. But people who trusted a closed source Ledger before really has no real reason to now demand a way to vertify the code.
They did this to attract new users (people who don't consider themselves responsible enough), as I suspected. Should have just been a separate device entirely. The closed-source characteristic of this is what makes it all worrisome - we have no way of proving that's it can't extract our keys. As mentioned in the convo - we just upgraded from personal, exchange and government risk to just personal and government risk. Which is technically good - however, because of what we witnessed with government actions since 2020, we are now aware of how fast an innocent person standing up for themselves can quickly be deemed a threat/terrorist (I'm using the parents at school boards being label by the EffBeeEye as an example). I'm not well versed in this yet, but it was touched on very briefly in the convo - isn't the answer to multi-sig on your own or through a service provider?
@@whatilearnttoday5295 new users/new money. from a biz perspective, it's brilliant. the average npc has no interest in taking responsibility and this service solves that for them.
Positives: “The 3 shards go to 3 diff companies in 3 different jurisdictions. 👍🏻. & yes he’s open source the device contracts Ledger has w/ ea of those providers.”👍🏻
That's not really how it works. The reason people like things like Bitcoin and other crypto is because of the opposite of what you just said. Bitcoin is a globally distributed network. Governments can't freeze accounts unless that account is within reach. So if you use a legacy platform like Fidelity to buy and store crypto, yes its super easy but it can also be frozen for like any reason the government gives. Further, if you extract your seed using Ledger's service, the same is possible because now third parties are the custodians. So if you do use self-custody you don't have to worry about governments getting a hold of your crypto assets. You'd have to worry more about a bunch of jack booted thugs kicking in your front door, holding you at gun point, and demanding you give them access to said hardware wallet. It's a tactic governments enjoy doing on occasion.
@@mastersequence5838 Lol. I sure hope you are right. I would just like to know if there are any cold storage wallets that absolutely do not allow the potential for funds held on it to the frozen or seized. Before this Ledger issue was discussed I was under the impression that any cold storage wallet would prevent either of those things and now I'm not so sure.
Do you know why I spent the money to get a ledger instead of keeping my crypto on the exchange? Well... that's now irelevant because both are just as "safe" now 🤦♂
I agree with NVK that what’s surprising here is that it took people this long to realize this issue was present, yet it’s always been a security threat, and it was obvious with just basic research into the wallet. Many of us have been criticizing Ledger for many years and generally received with animosity and bitterness. It’s sad that people get tribal over a fuckin hardware wallet brand when others are only trying to help. The security of these wallets is relevant to Bitcoin’s overall brand.
Yes; I don't think that it's an IMMEDIATE problem; but certainly, within the next few years, politicians (in several countries) are going to be tempted to conduct surveillance on users of Ledger wallets.... and to freeze crypto assets in some cases.
First and foremost, it is important to acknowledge that there is no flawless solution. Secondly, in the event of a security breach occurring in the Ledger update, whether intentional or accidental, the responsible party would be identified and held accountable under laws pertaining to negligence, theft, and Ledger's comprehensive insurance policies. The individuals involved can be easily traced and located. On the other hand, if a breach occurs through the utilization of open-source code, negligence and insurance would still provide some recourse, but enforcing laws related to theft would be significantly challenging due to the difficulty in locating the perpetrator. Sticking with Ledger!
Pascal comes across as a steady handed chief in this interview. I'm not a Ledger user myself but in a room of unsympathetic contention he answered their concerns and objections in a reasonable manner with nuanced distinction. The absolutist insistence in open source self-custody solutions is off-putting and intimidating to the median band of the Average Bitcoin User. It's inconceivable at scale and is the #1 reason why there are several million less bitcoin in active possession and circulation than have been mined. Trust is a foundational bedrock of human civilization; that it can be violated is not sufficient reason to do away with its utility and function in part and parcel. This was an extremely important conversation to have in the open. Peter and Danny are proving responsible stewards of Bitcoin's running social narrative. Kudos to WBD.
Literally all this boils down to is you need to trust this guy and his company to some extent. Fundamentally it's no better than having your btc on coinbase because to some degree you're still having to trust someone you don't know with your money. You can argue the nuance until you're blue in the face but bottom line is this is not trustless. This is a serious problem.
The "unsympathetic contention" is warranted if you understand, from a technical standpoint, what the company has done. By stating that you're not affected if you don't opt into the service is ludicrous and adds insult to injury. The use case on which they've built their brand, and my trust, has been rendered worthless. I know I'm coming off condescending, but if you understand the technology, you'll understand the outrage.
I don’t understand th negative comments.. rather than attacking ea other’s wallet as junk, this guy seems to want to keep the competition high so the whole industry raises even higher. 👍🏻
Do you not understand what 'don't trust, verify' means? The govts will take all your money out of your accounts and clean you out and how is that raising you higher? When they take your house and close your bank and you live on a bus bench.. Canada just proved this isn't conspiracy theory anymore and it's just getting warmed up. The brown shirts are rising again and no one will stop them this time.
I was listening... did they ever get him to answer why they didn’t offer to fork firmware update into one that included this "optional" feature and one that omitted it entirely?
To me, the only fact that a state actor could potentially ask ledgers 3rd parties for the shards, and possibly act on my funds ? it is the opposite reason why people self-custody... However, I understand that most people do not self custody, and the goal is to increase the number who do so. But I think Ledger should work on better solutions than Leger Recover. Building smart solutions takes time.
Yes but the process for doing that on Ledger is pretty irritating. The people that don't trust themselves to self-custody assets will simply go to places like Fidelity and buy the crypto they want no different than they would a stock or bond. Very few people who would come into the crypto space would even use this in my opinion.
What if a govt pressures/demands fr ledger at some pt that they have to include in the next upgrade that all users have to agree to kyc or no upgrade.???
Mad respect for Pascal - still a huge ledger fan, the new service isn't for everyone, but as long as we all know the trade-offs (which Ledger does) - then let ppl choose which wallet/service they want. Handling private keys is not for everyone...
I started with a Ledger and then moved to ColdCard. The “funnel” comment rings very true to me. The point that even this Ledger option is *much* better than Coinbase is a pretty good one, imo.
Well, coinbase is not only a rip-off but just a shitty company. Luckily I didn't have anything in it, but they locked up my first account with them for 3 years. Their support is non-existent for an institution of that size and with that much capital.
EVEN ASSUMING that there are hordes of people just "chomping at the bit" to pay an extra $10/month to use their hardware device, how many of them really want to voluntarily hand over KYC information? Seems to me that it would be a small number.
If you upgraged the new firmware including the new recovery feature, then it is technically possible. However, since it's not open-sourced, no one can tell that if they included that already or not.
WE NEED technical explanation. It's a payed optional service... but when the user chose to opt in, it works. Does this mean that if Ledger chooses to make the service free, they can just recover the seeds of anyone? Once people opt in the recover feature, can Ledger just have the seed or does the user needs to do a certain input to allow Ledger to recover the seed?
The real question is how long has this been running on the firmware. Technically with closed source code, its 100% trust in the company you bought it from. Open source has issues too though.
I am pissed 🤬 had to buy a new cryptotag, multiple new hardware wallets (air gapped) from wallets from competitors of Ledger to keep my coins save. Don't trust the sharted solution by Ledger and prefer a multikey solution.
To make users take a product that is 20x better, don't make a previous product seems like it is 20x worse, just make a new product for new people. There are tech for hardcore people and tech for newbies.
Okay. I'm a reasonable guy. I have a ledger. I'm a sort that doesn't go to Bitcoin Conference and such. That said, I'm 16 mins in and it doooosen't feel like I'm secured enough. Am I missing something?
he says that "only the user can callback the 3 shards unless the government subpoena them thats the way its built" ignoring the fact that the ones that built the system can always collude and restore keys. Like he keeps saying stuff that are only true when Ledger does what they say and the system works perfect how intended and noone from within is malicious.Yes you are the only one that can callback the shards, but we are the ones that only need to look at 2 keys to restore a key and its encryption, also we have them. its crazy.
One of the most engaging discussion yet, please do invite the Technical teams from these hardware wallet manufacturers, also from Trezor please.
Imagine an episode of Ledger Techies vs Trezor Techies 😍
The argument that the user has the choice to upgrade or not, while technically true, is ludicrous. The implicit contract for ledger users was: the key can't escape the wallet. Now they have the "choice" between never upgrading the firmware, or accepting the breach of this implicit contract based on which they bought the wallet in the first place.
and no one knows if there is already a backdoor in a previous firmware
To add to that, not upgrading the firmware is really not an option either. It could be a few years down the road, but Ledger could upgrade the software to, say, use different Libraries in the code. If you don't have those libraries, your Ledger may not even work. I'll be trashing my Ledgers.
The worst for me is how this move goes against the core values of the company and crypto community. What we stand for matters. It's not only about the money. Although, the money is important 🤣
False. As a user you decide whether you subscribe to the service or not
If you listened carefully, you’ll realize nobody is saying you should not upgrade the firmware. They’re saying you do not have to opt for the service if you don’t want to. That means keep upgrading but don’t sign up for the service. And you’ll be as safe as ever.
This whole situation would not have occurred if Ledger made a specific device for Recover. Users would feel safe knowing there was no way to extract our keys from our wallets because only the Recover device can extract keys. Instead, they put the ability to extract keys into the API on everybody's wallets. And sure, you can opt out, but the API for key extraction is still on your device for hackers to find. 20:43 "You now have an API in your firmware to extract seeds"
I agree. As things went, that is the deal only for the owners of the old Ledger Nano S model. It is a paradox, the cheapest device is the safest (in fact it was already, due to its luck of Bluetooth). So much so that Ledger is selling it again.
Exactly, they say that the default is recover disabled, but they have a flag for that. And that flag can be changed in some way by the governement or some hacker by attacking ledger firmware, or obligating them to update the firmeware
@@zeycus so Nano S, even with the upgrade , won't leak the seed to a hacker?
@@DougWCosta I think that was the whole point of this "upgrade". Why killing the whole company and trust while there were other obvious solutions
All I heard from the ledger guy was “trust me bro”. Great job getting this together, Peter.
Everyone is missing the point: governments have a right that does not belong to them! Our money is OUR money and business. Governments must stay out of our business!
True, but they never will. So putting as many roadblocks in front of that is what's vital. Most people are transacting on public ledgers so there's firms out there that do the super sleuthing to find you. If you want to be truly anonymous you should only be buying Monero and buying things like gold and silver in cash.
This was very timely Peter, and an excellent discussion and puts my mind at ease about my Ledger. Thank you. You’re awesome.
In practice, US, UK and France are not different jurisdictions. If US wants the shards, they can get all 3 in matter of hours.
Terrorists, pedophiles, tax evadors, human trafficers, scary words, and your money is gone.
Not necessarily. Ledger could form partnerships in appropriate jurisdictions where data extradition is not easily enforced by the long dirty arm of the USA permanent state.
Store your words locally and if you believe the government is out to get you, they'll get those 24 words from you in a matter of hours as well. So what's the difference?
@@whatwhat678yeah let's take the risk
Novak was amazing here. Very respectul (though duely sarcastic when needed), and way more honest in the possible risks of technology than the Ledger guy. The fact is that any guy who just bought the latest Ledger intending to have a serious self-custody is now regretting his decision, because it is hard not to have doubts. And doubts are the last thing you need when securing your BTC.
Just started the video, but excellent work getting these individuals together to have an open discussion.
I like that you brought in people like Odell and NVK because this conversation goes beyond your expertise. Well done.
29:10 security of the ledger literally doesn't matter if the gov can subpoena your shards.
This is not a problem anyone who does not enroll has to deal with, this service is only for those whom have an IQ of 10 and have no understanding of how any of this works.
@@atakdd Well, then they're going to have a hard time with the service. It's not even a good system of sharding. You have to send them a copy of your ID or passport. You have to make some silly selfie video. Then you have to creep through the ledger menus, export your seed to three third party entities (2 known, 1 not) and then pay Ledger $9.99 a month for the privilege.
The people that this is meant for are going to buy their crypto at places like Fidelity and forget about it.
I don’t know if you’ve done round tables like this before but I’d LOVE to hear competitors talking like this more. Technical teams, marketing teams, etc. get them in the room and hold their feet to the fire. While I didn’t love all the answers given as to what’s considered acceptable trade offs, the level of honest pushback and counterpoints was absolutely fantastic.
I’ve always been wary of guys that wear a ring on every finger.
lmao, ordering coldcard because of this comment 😂
😂😂
Rings on all fingers is within the same league as backwards baseball cap, greying stubbly beard and unkept long hair. 💈 And a doodle book permanently etched onto your arms. 😂 Welcome to crypto…
Agreed, but everyone to their own I guess. Ironically it looks lacking in taste.
I’m more worried about guys that drink White Claw… and then Pascal was handed one… sheesh!
This will be interesting. I'm not happy about this should have brought out a new hardware wallet with this service. Thanks for the video guys 🧡💯⚡️
Exactly. They sold these devices by saying there was zero way to get seeds. Clearly, there has always been one. Update or not.
Don’t agree. Because as an existing owner of one of the existing ledger wallet, I want to have the option to also some day, switch my preference to use this service if I feel keeping my own seed has become a burden to me.
@@Tchairdjian As an existing owner of an older device, the context as to what that device should be capable of was different. That's why launching a completely different product line to accommodate this service should've been a no-brainer. I think it would be safe to say that anyone whose owned a ledger the last few years has never once contemplated about opting in for a service that extracts your seeds. That's not why they bought it.
Man this interview should have WAY MORE views than 23k currently. One of the video interviews I point people to if they want a great discussion on Ledger's new service.
You know, I think Pascal explained himself really well. This service isn’t for me, but so think he made the case well and took the heat well.
No it was a lot of bullshit
This NVK guy is sooooo good. He seems so honest and his comments are NEVER attacks! I'm gonna look at how to get moreof him. WBD is the best!
What an amazing discussions with people not here to fight each other but only to ask questions and get clarity. Thanks Peter and thanks to the bitcoin community. That's what bitcoiners should be about.
Governments will only subpoena things for serious crimes like terrorism or drugs or giving money to truckers who are blowing their horns in a way the government disapproves of
Ding ding ding! The next “emergency” will be certainly be used by governments to further control people. The ledger ceo seems totally naive of how much the elites hate us
Or if someone was to expose something like Epstein's client list and the masses found it.
Imagine if Apple wrote a firmware to pull secure element data from their SoC. This CEO is slick in responses. You are done Ledger
I'd be getting rid of my Ledger with an argumentative CEO like this.
And Peter now becomes “What KYC Did” since he doesn’t care about KYC.
isnt keychain data saved on the cloud? 🤔
His responses are in substance flawless. Only fools consider slickness. Being contrarian for it’s own sake won’t help you. The other counter arguments were not made in good faith - clearly striving for increased market share … which clearly people like you fell for.
Apple has the ability to detect CSAM on your devices. Louis Rossmann covered it in one of his previous episodes. Mental outlaw's latest vid also covers M$ cloud storage being able to detect malware
My problem is that they lied. They said first that it is not possible to extract keys thru software update.
That seems to be the majority of people's gripe and rightly so. But this also proves an important lesson. People need to understand how these wallets function and how trust is so willfully given. Not just to Ledger but to companies like Microsoft, Apple, Google, etc. We just assume those companies are acting in our best interest. Most aren't and never were.
I felt so safe with my ledger knowing my assets were safe ,I loved it, now I’m really disappointed I have to look for a alternative , I think ledger should refund anyone who would like to send it back as it’s not doing the job it should . Not your keys not your crypto 😔
Sorry, how were your keys compromised?
I've got a coldcard that's just arrived today. I'll be setting it up with sparrow wallet this week and moving everything across. I don't see the point in taking a chance with ledger, it's a bit of money and a few hours work, that's it. This guy seems to completely downplay the risk of malignant state actors, which is actually a very real threat, something that's already occured in Canada.
True. Governments call people enemies of the state all the time. In Canada's case, that was just a bunch of guys who drive trucks who wanted an audience with their government.
Governments answer- bank accounts frozen
What a brilliant set of guests and discussions. Thank you
Excellent discussion that brings more clarity on the current ‘crisis’ than any other on UA-cam so far. I think we’ll see hardware wallets develop over time with varying compromises based on security on one side vs. ease of use on the other. I suspect the Ledger will move quickly to make installing this update an option, and will continue developing firmware without the seed phrase recovery option. In the end, nobody using Ledger will be any less secure than they were before the ‘bombshell’ dropped this weekend - albeit this discussion proves that theoretically Ledger users have always had some risk in using their products. There will be ‘harder’ options available for those that want them, but Ledger (if they survive this PR nightmare) will remain an easy to use and hugely more secure method to storing assets on an exchange.
Excellent discussion. Decentralize your storage
Very informative and civilzed discussion. Lots of FUD you could get clarity about with thos discussion. 👍
That was excellent!! I was gonna swap over to another wallet....now? I feel more comfortable about hodling my ledger!! He was pretty cool! Thanks again for everything you're doing for us Mark and team! It's appreciated!!
They’r basically “Off-boarding loss of Key risk, for onboarding state actors risk (as in govt confiscation or freezing of acct)
Not a great trade-off. Storing digital assets requires competence. If someone doesn't have that, than they should just buy crypto at places like Fidelity and not even research wallets.
Surely the most interesting and constructive discussion that I have seen on the topic. Thanks.
Thank you for this interview. Learned lots and love constructive discussions.
I no longer want to store my funds on Ledger longterm-it’s a matter of time until governments want to grab those Sats
What are your choices? Coldcard?
Duh. Nobody is forcing you to use the service. Don’t participate. Just manage your own seed.
I'm SO grateful you made this episode! I use a Ledger, then last week, I started seeing all these memes running Ledger through the mud and got worried sick. Looking forward to it. Thanks again for the great content!
I think Pascal made some solid points here. You have the option to opt-in or not. KYC is normal today. What is true today, does not have to be true tomorrow - especially in security.
So it is always a trade-off.
Not saying all was handled well on their side, but he admit communication errors were made.
And he has a point - just because it is open source does not mean it is more secure.
This is why WBD is easily the best bitcoin podcast
Great discussion, I am staying away from Ledger though...and Thanks to Matt, NVK for all his POW, and thanks to Harry, Peter, and Pascal for being part of the discussion.
He is so right that most people won’t trust themselves w/ storing their own seed phrases.
People lack responsibility. If someone is truly incapable of securely storing 12 god damn words, in the correct order, they have no business calling themselves an adult.
That said, for those with a developmental or intellectual disability, or other cognitive limitations, I understand that they will likely need extra support, and that’s okay. For the majority of people, however, they have no fucking excuse.
Yes but those people don’t be buying Ledger hardware devices
@@derek.seaborn lol
Then why x100 more people leave their coins on an exchange? That’s probably even dumber trusting the exchange.
@@derek.seaborn 24words.
I think Pascal knows his market and knows that most folks are happy to accept his trade-off. The true ride-or-die freaks were never his customer anyway.
He knows his jewellery
true...and i confirmed i am a NON customer of ledger when he went on about how the GOV only goes after "terrorists".. BS...and one mans terrorist is another maNS freedom fighter...
Seems like mostly just people w: something negative to say commented here.. Cuz I love when he says, “th goal is to get as manny people into self custody for th sustainability of crypto safety. Cuz ther’s people w/ crypto on super unsafe wallets / exchanges.” This makes total sense.
I’ll continue to use my Ledger.
“This is a real scenario. If suddenly France goes into a tyranny, which is not today..." Ledger CEO. That's all I needed to know about the seriousness of this company...
Yep, Canada.
So I guess th point is to hav a back up option of cold storage wallet?
@@TheBitcoinRevolution wtf are you talking about? Canada?
doesn't need any tirany, the spansh goverment already mandates that you must declare all your crypto assets after certain amount. it's getting ready for a welath tax.
All it takes is the France gob to take the same approach and bam, you are in a world of pain. because let's not kid ourselves majority of users got into crypto as they see their potential to evade taxes.
@@sidekickmusic5936 the recent Canadian trucker Dutch Farmer protests are good examples. The Canadian and Dutch governments will absolutely subpoena ledger during the next “emergency”
Great interview. I for one would like the option of seed recovery. When you lose a substantial amount you will too. Not everyone is a doomsday merchant.
Spin it as much as you want.. People bought a Ledger with the full understanding that it is a COLD wallet, ie the seed should NEVER leave the device. Ledger goes, breaks that fundamental rule and writes the firmware themselves to enable the seed to be sent over the Internet. Encrypted, sharded irrelevant. Nothing now prevents another firmware to just send your seed unencrypted to some bad player. Ledger sold us all out for a lousy $9.99 month..
In case you don't know, Ledger, self proclaiming how they care about security had a data breach that leaked 250,000 customers real names and full addresses on a public Internet forum. This is the company who wants your KYC information and keys.
Unacceptable. People who bought your wallet wanted a device which is INCAPABLE of leaking the seed, even with the user's consent.
You have broken the trust of your clients. You had to make a different wallet for this service.
I don't really like this recover feature. But he did explain well the security issues or lack of.... I did not think he was on the defensive. This KYC/recover function can also be an answer to question like inheritance, when your 12 month old baby will not be able to find and use the 24 words. Michael Saylor used this same argument yesterday to explain why BTC spot ETF is inevitable (with KYC of course like all stocks). Future for me is split the crypto into several cold wallets from several brands. That's a lot of work I know, but worth it if we really believe the BTC will go to 300.000 USD
Ledger is done for. Period. They should refund customers.
They really are not. Choice is not a bad thing. Everyone has a choice. Ledger will be fine. As will be the people who choose not to use their products.
@@Hixyboybluetotally agree with you
Thank you for this Peter. Very timely and needed debate & content. I will be switching to Blockstream Jade or Coldcard now solely because Ledger is not open source and this is a continuing risk into the future. I would love you do this same forum to discuss another of your sponsors with new privacy concerns around Wasabi with Trezor Coinjoin. It was recently discovered that your privacy is compromised. Wasabi touts their privacy...
I'm halfway this video and I've already trashed my Ledger and bought a Coldcard. It's funny how uncertainty and doubt end when you have certainty.
Guy from Coldcard trying to piss off the guy from Ledger multiple times with tons of indirect attacks like "you're my funnel", and "you gave me 30x sales"...and gets no reaction whatsoever. That's when you know you're kicking your competition in the nuts.
This was an awesome video/podcast, 100% Bitcoin, and a respectful debate with a few intense moments! I started off listening to it on Fountain and then really needed to see these guys expressions as they made their individual points. 👏🏾👏🏾👏🏾 No need to blow up my ledger or set it on fire for that matter?😂
Love this interrogation with judge McCormack. Thanks Peter and the crew.
It is scary when the ledger guy says the government can get the seeds when they want.
only if you opt in to an optional service and the risk you describe is the trade off for reduced risk of losing your seed
But dont worry, if youre not in Canada, youre fine 🤣
@@peterpan8374 backdoor for seed extraction is in the firmware, opt in or not doesn't matter, gov would def use it.
@peterpan8374 it seems highly unlikely that the Ledger company would ONLY have the capability to extract the seed from those customers who pay $10/month....but would be completely incapable of extracting the seed from those who refuse to pay $10/month.
@@peterpan8374 You sure trust a lot of people you've never met to safeguard your assets, which is like the opposite of what you're suppose to do when you self-custody.
If ppl knew Ledger was a closed source device and trusted it enough to have used it for 10 years... Then why all of as sudden they are acting like this is all of as sudden a surprise. The argument that Ledger is less secured now because it's a closed source device is ridiculous. It had always been a closed source so why is it any less safe now?
People are acting like it is a complete surprise to them that the firmware has access to the seeds and the private key. How else were transactions get signed if it didn't ?
If ppl don't trust the firmware now and claim because they can't verify.
then why did they trust the firmware before? Did they know what the firmware did before ? No. So why the paranoid now all of a sudden ?
This is nothing more than a marketing fuckup. Yes Ledger could've done a better job rolling this out.. May be even make this a separate product.. who knows. But people who trusted a closed source Ledger before really has no real reason to now demand a way to vertify the code.
They did this to attract new users (people who don't consider themselves responsible enough), as I suspected. Should have just been a separate device entirely. The closed-source characteristic of this is what makes it all worrisome - we have no way of proving that's it can't extract our keys. As mentioned in the convo - we just upgraded from personal, exchange and government risk to just personal and government risk. Which is technically good - however, because of what we witnessed with government actions since 2020, we are now aware of how fast an innocent person standing up for themselves can quickly be deemed a threat/terrorist (I'm using the parents at school boards being label by the EffBeeEye as an example). I'm not well versed in this yet, but it was touched on very briefly in the convo - isn't the answer to multi-sig on your own or through a service provider?
Should say 2019 because come to think of it, China was going nut back then - crazy how fast we forget.
They did this because a bean-counter showed them a spreadsheet full of $10/mo.
@@whatilearnttoday5295 new users/new money. from a biz perspective, it's brilliant. the average npc has no interest in taking responsibility and this service solves that for them.
Good interview. convinced me to ditch Ledger. once the firmware is installed the gate is open. and the search for a good alternative is on!
This guy has been compromised… this is just the first step down a dark, dark road.
R.I.P. Ledger for Crypto users.
Positives: “The 3 shards go to 3 diff companies in 3 different jurisdictions. 👍🏻. & yes he’s open source the device contracts Ledger has w/ ea of those providers.”👍🏻
So if you do live in Canada and decide not to use ledger in order to avoid government freezing accounts is there an alternative that does work?
That's not really how it works. The reason people like things like Bitcoin and other crypto is because of the opposite of what you just said. Bitcoin is a globally distributed network. Governments can't freeze accounts unless that account is within reach. So if you use a legacy platform like Fidelity to buy and store crypto, yes its super easy but it can also be frozen for like any reason the government gives. Further, if you extract your seed using Ledger's service, the same is possible because now third parties are the custodians. So if you do use self-custody you don't have to worry about governments getting a hold of your crypto assets. You'd have to worry more about a bunch of jack booted thugs kicking in your front door, holding you at gun point, and demanding you give them access to said hardware wallet. It's a tactic governments enjoy doing on occasion.
@@mastersequence5838 Lol. I sure hope you are right. I would just like to know if there are any cold storage wallets that absolutely do not allow the potential for funds held on it to the frozen or seized. Before this Ledger issue was discussed I was under the impression that any cold storage wallet would prevent either of those things and now I'm not so sure.
Do you know why I spent the money to get a ledger instead of keeping my crypto on the exchange? Well... that's now irelevant because both are just as "safe" now 🤦♂
I agree with NVK that what’s surprising here is that it took people this long to realize this issue was present, yet it’s always been a security threat, and it was obvious with just basic research into the wallet.
Many of us have been criticizing Ledger for many years and generally received with animosity and bitterness. It’s sad that people get tribal over a fuckin hardware wallet brand when others are only trying to help. The security of these wallets is relevant to Bitcoin’s overall brand.
Ledger has been captured. Government being able to seize our crypto....???
Yes; I don't think that it's an IMMEDIATE problem; but certainly, within the next few years, politicians (in several countries) are going to be tempted to conduct surveillance on users of Ledger wallets.... and to freeze crypto assets in some cases.
Just drop Ledger before the CEO spends your stack on more tacky jewellery.
First and foremost, it is important to acknowledge that there is no flawless solution.
Secondly, in the event of a security breach occurring in the Ledger update, whether intentional or accidental, the responsible party would be identified and held accountable under laws pertaining to negligence, theft, and Ledger's comprehensive insurance policies. The individuals involved can be easily traced and located.
On the other hand, if a breach occurs through the utilization of open-source code, negligence and insurance would still provide some recourse, but enforcing laws related to theft would be significantly challenging due to the difficulty in locating the perpetrator.
Sticking with Ledger!
If i was in the market for a HWW... this interview just told me to avoid Ledger like the plague.
So what's better?
@@curiouscore18 any open source hardware wallet
Cold Card. Easy
One thing these 2 guys back/forth agree on is that “Trust Wallet is garbage “. That’s what I got.
Pascal comes across as a steady handed chief in this interview. I'm not a Ledger user myself but in a room of unsympathetic contention he answered their concerns and objections in a reasonable manner with nuanced distinction. The absolutist insistence in open source self-custody solutions is off-putting and intimidating to the median band of the Average Bitcoin User. It's inconceivable at scale and is the #1 reason why there are several million less bitcoin in active possession and circulation than have been mined. Trust is a foundational bedrock of human civilization; that it can be violated is not sufficient reason to do away with its utility and function in part and parcel. This was an extremely important conversation to have in the open. Peter and Danny are proving responsible stewards of Bitcoin's running social narrative. Kudos to WBD.
100%. Really love your nuance response.
Literally all this boils down to is you need to trust this guy and his company to some extent. Fundamentally it's no better than having your btc on coinbase because to some degree you're still having to trust someone you don't know with your money. You can argue the nuance until you're blue in the face but bottom line is this is not trustless. This is a serious problem.
The "unsympathetic contention" is warranted if you understand, from a technical standpoint, what the company has done. By stating that you're not affected if you don't opt into the service is ludicrous and adds insult to injury. The use case on which they've built their brand, and my trust, has been rendered worthless. I know I'm coming off condescending, but if you understand the technology, you'll understand the outrage.
Good Timing. Great Discussion!
I don’t understand th negative comments.. rather than attacking ea other’s wallet as junk, this guy seems to want to keep the competition high so the whole industry raises even higher. 👍🏻
Do you not understand what 'don't trust, verify' means? The govts will take all your money out of your accounts and clean you out and how is that raising you higher? When they take your house and close your bank and you live on a bus bench.. Canada just proved this isn't conspiracy theory anymore and it's just getting warmed up. The brown shirts are rising again and no one will stop them this time.
44:50 in Harry Sudock BOOM 💥 💯 ……….. sums it up perfectly…….
Question: how do I find the best hard wallet? Are there 3rd party reviewed wallets?
Very good discussion, lots to digest
Wearing 8 signet rings makes this guy look like an untrustworthy Vegas used car salesman.
He’s French
But marginally better than the dude with the mullet and tash looking very edgy in the corner.
@@Hixyboyblue that tash is absolutely awful
Every time Pascal Gauthier talks about his company I come away trusting them less.
Why?
Pascal wins the most handsome of them all contest. 🎉
I was listening... did they ever get him to answer why they didn’t offer to fork firmware update into one that included this "optional" feature and one that omitted it entirely?
Why the hell do you need to combine the recover feature plus KYC?
What is so difficult about simply using a steel seed card what am I missing?
To me, the only fact that a state actor could potentially ask ledgers 3rd parties for the shards, and possibly act on my funds ? it is the opposite reason why people self-custody...
However, I understand that most people do not self custody, and the goal is to increase the number who do so. But I think Ledger should work on better solutions than Leger Recover. Building smart solutions takes time.
Yes but the process for doing that on Ledger is pretty irritating. The people that don't trust themselves to self-custody assets will simply go to places like Fidelity and buy the crypto they want no different than they would a stock or bond. Very few people who would come into the crypto space would even use this in my opinion.
What if a govt pressures/demands fr ledger at some pt that they have to include in the next upgrade that all users have to agree to kyc or no upgrade.???
Thank you for this!!!!
Mad respect for Pascal - still a huge ledger fan, the new service isn't for everyone, but as long as we all know the trade-offs (which Ledger does) - then let ppl choose which wallet/service they want. Handling private keys is not for everyone...
I started with a Ledger and then moved to ColdCard. The “funnel” comment rings very true to me.
The point that even this Ledger option is *much* better than Coinbase is a pretty good one, imo.
Well, coinbase is not only a rip-off but just a shitty company. Luckily I didn't have anything in it, but they locked up my first account with them for 3 years. Their support is non-existent for an institution of that size and with that much capital.
"creating a backdorr in our users devices" - a funny body language behavior in that momnet - am I right?
EVEN ASSUMING that there are hordes of people just "chomping at the bit" to pay an extra $10/month to use their hardware device, how many of them really want to voluntarily hand over KYC information? Seems to me that it would be a small number.
What i did not understand from this conversation is can Ledger in any moment access my seed phrase as things stand right now ?
If you upgraged the new firmware including the new recovery feature, then it is technically possible. However, since it's not open-sourced, no one can tell that if they included that already or not.
@@BitcoinAndChess Incorrect. The answer is that "you don't know"
No.
They say no. But you would have to trust them since the software is closed source.
My grandpap always told me, "the more rings a fella wears, the less you trust 'em."
WE NEED technical explanation.
It's a payed optional service... but when the user chose to opt in, it works. Does this mean that if Ledger chooses to make the service free, they can just recover the seeds of anyone?
Once people opt in the recover feature, can Ledger just have the seed or does the user needs to do a certain input to allow Ledger to recover the seed?
The real question is how long has this been running on the firmware. Technically with closed source code, its 100% trust in the company you bought it from. Open source has issues too though.
Matt didn’t say much but he hit the crux of the issue at 50:42
If you use a ledger you are trusting them not to be malicious.
If you do anything besides a paper wallet, you’re trusting the company to not make mistakes or be malicious.
Every hardware that is not cold can leak private key in an update. Period.
Any wallet can do this because you have to have something that has code on it .
Interesting seating arrangement.
He stores your seed-phrases on his rings.
😆 absolutely
pascal came ready to fight, literally - look at those rings like brass knuckles!
excellent video
Extremely weak ‘arguments’ coming from ledger guy. Blockstream are gonna be out of stock of Jades soon.
I am pissed 🤬 had to buy a new cryptotag, multiple new hardware wallets (air gapped) from wallets from competitors of Ledger to keep my coins save. Don't trust the sharted solution by Ledger and prefer a multikey solution.
To make users take a product that is 20x better, don't make a previous product seems like it is 20x worse, just make a new product for new people. There are tech for hardcore people and tech for newbies.
Okay. I'm a reasonable guy. I have a ledger. I'm a sort that doesn't go to Bitcoin Conference and such. That said, I'm 16 mins in and it doooosen't feel like I'm secured enough. Am I missing something?
he says that "only the user can callback the 3 shards unless the government subpoena them thats the way its built" ignoring the fact that the ones that built the system can always collude and restore keys. Like he keeps saying stuff that are only true when Ledger does what they say and the system works perfect how intended and noone from within is malicious.Yes you are the only one that can callback the shards, but we are the ones that only need to look at 2 keys to restore a key and its encryption, also we have them. its crazy.
So a 6102 attack seems like a real possibility. So is he saying basically that if Govt asks they had it over? That's my biggest concern
can some1 explain me main differences between ledger and coldcard ?
So what is the best cold storage option. Blockstream jade ?
I personally use Blockstream jade and am happy. Coldcard also seems to be another excellent option.