Keeping Your Earnings Safe: Is Ledger Still #1?

Keeping Your Earnings Safe: Is Ledger Still #1?

​The recent introduction of a new feature from Ledger has turned the spotlight back onto wallet security.

For those who don’t follow the crypto news 24/7/365, Ledger is a popular brand of hardware wallet: a device that is designed to manage users’ private keys securely, and allow them to make transactions while ensuring that sensitive information is never exposed to the web – which might present vulnerabilities that a hacker could exploit to steal their crypto.

Ledgers support many different currencies and tokens, and generate private keys and addresses for each from a single master “seed” phrase: a unique list of words. Users must keep a copy of that list safe somewhere, since if they lose it, they lose access to their crypto. For some users, that’s simply too much of a responsibility.

Ledger’s Recovery tool enables users to split their seed into three encrypted fragments, and hold them with trusted providers. If they ever lose their Ledger, they can recover their seed phrase by going through a process of identity verification with two of these parties.

The crypto community has reacted to the release of this new feature with dismay and anger for several reasons:

  1. Firstly, many users have complained that the whole point of owning a Ledger is that it enables complete and secure self-sovereignty. Relying on three external parties undermines the trustlessness that attracted them to Ledger in the first place.
  2. Secondly, Ledger’s messaging has always been that users’ private keys never leave the ‘secure enclave’ of the dedicated chip within the device. By enabling a process by which keys can be split and shared, that no longer appears to be true – or perhaps it never was, in which case users feel they have been misled. It’s even possible that a future update of the device’s firmware might extract the unencrypted seed.
  3. Thirdly, the way the new feature was introduced and the lack of detail around how it works and what vulnerabilities it might introduce have prompted accusations of a lack of transparency from Ledger – something users take almost as seriously as security in the crypto space.
  4. While the apps that run on Ledger devices are open source, the firmware (the basic instructions that allow these apps to work) is closed source. All of this has raised new questions about the degree to which Ledger as a company can be trusted.

Ledger has responded to these accusations with a number of tweets and explanations (at least one of which has since been deleted). They make the point that the Recovery tool is an optional update; that there are many ways to attack a wallet and that using any wallet requires a ‘minimal amount of trust’ that open-sourcing the firmware would not address; and that the user’s explicit consent is required (with a physical action, i.e. a button press on the device) whenever the keys are used. The reality is that users have always trusted Ledger not to deploy malicious firmware. None of this has entirely satisfied users.

There are lots of nuances and misunderstandings here, and the mistakes made by Ledger appear to have been as much about messaging and a lack of clarity as they have been about security. Yet still, the whole episode can be condensed into a simple question: are Ledgers safe to use?

Or, taking a step back, what is the safest way to store your hard-earned crypto?

Securing Your Earnings

Anyone who works in the blockchain space and gets paid in crypto will have grappled with issues around safeguarding and maximising the value they earn. Most users will need to cash out at least a portion of the tokens they receive as pay, but in many cases they will want to hold value on-chain – either because they consider the blockchain more trustworthy or convenient than banks or other financial platforms, or because they hope to benefit from future rises in value of the tokens they receive.

If you’re cashing tokens out to fiat then you probably won’t be holding them on-chain for very long. All you need is a suitable exchange that supports your local currency. A simple hot wallet (that is, a wallet that is always connected to the web) is probably all you need.

But if you plan to keep funds on the blockchain for one reason or another, especially if it’s a significant amount of money, then you’ll want to look into more secure solutions.

Crypto ‘Current Account’

If you’re getting paid in crypto and want to make sure your cash is always accessible and there’s no risk of sudden loss of value, then you’ll probably want to receive stablecoins (e.g. USDT, USDC or Dai). If you’re paid in other crypto (like ETH or BTC), you’ll need to convert to fiat quickly – or, if you plan to hold those funds on-chain, swap them into stablecoins as quickly as possible, to avoid the fluctuating prices for which crypto is so well known.

There might be a few reasons to hold a balance of stablecoins on-chain:

  • You don’t trust the banking system, or aren’t well-served by banks
  • You move around a lot and it’s convenient to keep cash somewhere you can convert it to a range of local currencies
  • You want to yield farm to earn passive income
  • You want to have funds in reserve to take advantage of buying opportunities.

Stablecoins make sense when you:

  1. Want to hold funds on-chain (i.e. not in a bank account), and
  2. Might need to access them at any time

But what about saving for the future?

Investing For The Future

It’s not just your current earnings you’ll want to keep safe. There may be times when you hold a small or large amount of crypto for months or years, hoping to take advantage of any long-term appreciation in price.

For example, if you had earned bitcoin in 2015 (when BTC was trading at $200-300) and been in a position to hold onto it until now, it would be worth around 100x today. Looking at it another way, three days of work in 2015 would be roughly equivalent to a whole year of work in 2023. Given that having a pot of 25x your annual expenses is often considered enough to retire early, that could have given you some attractive options.

If you plan to save crypto this way, then you should only do so with funds you don’t need, because there’s no guarantee the crypto you hold will rise in value, or even hold its current value.

It also relies on you holding those coins safely for all those years. Unfortunately, there are plenty of examples of crypto investors losing their private keys. In fact, an estimated 4 million BTC have been lost for good that way. To hold crypto securely, you’ll need a suitable wallet.

Crypto Storage Solutions

For holding and managing crypto, you have several different options. All of these have advantages and disadvantages, and you’ll need to weigh up the pros and cons carefully before making a decision.

  • Exchanges: Exchanges offer the ultimate in convenience. You won’t have to worry about setting up your own wallet, managing your private keys and keeping them safely backed up. However, this convenience comes at a price. You are trusting the safety of your hard-earned funds to a third party. The history of crypto is littered with exchange hacks, thefts and insider scams, from MtGox to FTX. If you must keep funds on an exchange, use a regulated and audited one, but as a rule, it’s best not to give control of your crypto away. One of the major benefits of crypto is that it enables you to avoid single points of failure, and so relying on exchanges undermines this. As the popular saying goes, ‘Not your keys, not your coins’!
  • Hot Wallet: A hot wallet is a crypto wallet that is connected to the web all the time. It might be a desktop wallet, a browser-based app, or a smartphone app, which offers a high degree of convenience and makes transacting on the go easy. Hot wallets are handy for managing your crypto, but because they are connected to the internet, there is some risk of being hacked or compromised, and losing funds. Make sure you stay up-to-date with malware scans, and only install wallets and other software from official and trustworthy sources. Overall, you should be fine if you follow some basic principles of security, but it’s still better not to use a hot wallet for large amounts of crypto.
  • Browser Wallet: A browser wallet is a kind of hot wallet that takes the form of an extension or plug-in for Firefox, Chrome, Brave, and other web browsers – the most popular example being MetaMask. They not only function as a wallet, allowing you to store, send, and receive crypto, but enable users to interact with Web3 dApps – DeFi applications, P2E games, and more. Web3-enabled websites will prompt you to connect, and to approve transactions as you use them. Browser wallets share the same benefits and drawbacks as other hot wallets. You also need to be a little careful about approving transactions from websites you don’t trust, since malicious applications can empty your wallet.
  • Cold Wallet: For the ultimate in security and long-term crypto storage, a cold wallet is ideal. These are created by generating new private keys and addresses offline, and printing them out or otherwise recording them in physical form. You can then send crypto to that address, without the keys ever having been exposed to the web. Paper wallets and other cold wallets offer a very high degree of safety. However, they’re not designed for making regular transactions, and you have to ensure they’re stored safely to avoid loss or damage.
  • Hard Wallet: A hard wallet (like a Ledger) is a physical device that manages your private keys and makes transactions securely, signing transactions within the secure enclave of the chip and broadcasting them to the crypto network without the key itself ever leaving the device. They’re not as convenient as hot wallets, but are very secure. However, the recent controversy from Ledger highlights how there is always some trust involved in dealing with wallets, and it’s not always clear what’s going on behind the scenes. You must also ensure that you obtain your hardware wallet from a reputable source, ideally the company itself: there have been reports of fake wallets being sold, which steal users’ crypto.
  • Smart Wallet: A smart wallet is a smart contract that manages your funds. Because it’s based on a smart contract, it can be far more flexible than a regular wallet. You can include additional conditions and functionality, such as nominating trusted devices or addresses to recover your private key in the case of loss, or implementing daily maximum transaction limits.

So, Is Ledger Safe To Use?

Which wallet you choose will depend on your circumstances, what you need it for, and the amount of crypto you need to store.

If you are holding large amounts of crypto, then a cold wallet or hardware wallet is likely a good idea. If you already use a Ledger, you may have questions about its security since the latest announcement.

Ledger is probably no less secure than it ever has been. You will need to decide whether or not you want to use the new Recovery feature; if not, then don’t install the opt-in update.

Unfortunately, Recovery has called into question the way Ledger has previously communicated its functionality and benefits, and the fact that its firmware is closed source (unlike some other hardware wallets) means it’s impossible to be sure how safe it is.

This is a live issue that is still evolving as Ledger responds and clarifies its position. To read answers to some key questions, check Ledger’s Twitter feed. If you’re really concerned, you can check out other hardware wallets and reviews online.

Let us know your thoughts on Twitter: @LaborXNews