Is Ledger Still Safe?

I tossed my Ledger a few years ago when they had a data breach! Trust no Corporations

Switching to a bitcoin only wallet

Glad to help, thanks man 🙏

I think there’s some technical nuance on the “seed never leaves the device piece”. Based on everything I’ve watched (probably 5-6 hours of video on the topic) I think Ledger would continue to claim that the seed never leaves the device.
I understand that the community thinks this is what’s happening and I think that’s a combination of bad communication from Ledger (Ledger admits the communication is bad) and that under certain circumstances with the new firmware your seed could be recreated outside the device with the service if several governments coordinated to subpoena the shard holders.
After this backlash I don’t think it’s fair to say that every ledger device will have the recover logic implemented - the program is on pause and Ledger is working on open sourcing as much as possible.
I think it’s very likely that there are two firmwares in the future (just like Trezor and other wallets already have) - we’ll have to wait and see.

@@RhettReisman "I think Ledger would continue to claim that the seed never leaves the device." - Yeah, and this would continue to be false.
Great video btw.

Thanks 🙏 If you have a ledger today, your seed 100% does not leave the device. Nothing false about it.

@@RhettReisman It is now confirmed there is in fact a pathway for the seed to leave the device, so the statement remains false, even today. For you to substantiate your claim, you would need to have access to Ledger's source code, and in addition prove that no ledger device on the planet has modified firmware installed (|remember MSI signing keys breach recently? - who says the same didn't happen to Ledger and they are just not aware?).The potential for the seed to leave the device is there, even today. So their statement is false.

You can look through the developer documentation yourself and see that there is no code that would allow you to extract a seed from the device.
If/when Ledger Recover is implemented that documentation will be updated.
Firmware updates on any device have the ability to introduce exploits. This one is no different.
developers.ledger.com/

Thanks! Happy to help :)

I’m on the waitlist :) will definitely make that video when I get my hands on it

@@RhettReisman Awesome :D looking forward to it, you always make them informative and fun :)

Thanks 🙏😁 excited to see the look and feel of Stax

Happy to help :) visuals always make more sense to me

Coldcard does update firmware, but all the firmware is openly verifiable through their GitHub. If they did something like this it would be immediately obvious to the very technical users who comb through every firmware update.
I think if you’re that worried about it, you should update firmware a few weeks/months after it is released and use multisig for peace of mind

@@RhettReisman thankyou so much about your answer. The second point of your answer is very good, I will apply this lesson to my investing

Glad to help :)

In my opinion, yes it’s a great entry level hardware wallet. I wouldn’t put my whole life savings on one lns+, and if you’re ever worried about security or wanting to store large amounts of bitcoin you should look into multisig.

Ledger never pushed that firmware
The keys can’t be extracted over the internet, you need a physical signature to send your encrypted shards
Ledger didn’t lie about anything, the APIs are public to developers
Ledger recover will compete with Casa and Unchained, onboard more users to self custody, and push more people into COLDCARD and other more secure products.

@@RhettReisman People watch too many vds , and FUD.

100%

Here are some videos about mining that I’ve done: czcams.com/play/PL-p_L_HbK7jUhxmgAETTMnowG2Bi0GkI1.html

@@RhettReisman much appreciated

It’s more convenient because you’re getting a collaborative custody backup where someone can walk you through recovery if you lose your seed phrase.
IMO it competes more with services like Casa than products like Trezor.

Yeah it’s too small (from memory perspective) for them to put that feature into apparently

I disagree. Multisig is more secure than splitting a single seed phrase into multiple pieces. There’s a clear standardized path to reconstruction that you don’t have in splitting a seed phrase. Splitting a seed phrase also doesn’t remove the single point of failure of someone stealing your 1 unlocked hardware wallet.

My understanding is that the mempool should eventually drop your transaction after 2 weeks. If you’re not seeing the option to resend, you might need to use a different wallet. If anyone else has dealt with this before I’d be interested to hear if they did something else.

@@RhettReisman its 22 days can you help

What wallet did you use to send it?

@@RhettReisman exodus

I would try reinitializing the wallet on Sparrow wallet or Electrum on desktop. They have more features that should allow you to replace by fee.

I’m way funnier than Pomp

@@RhettReisman lol 😆 yea buddy

Hard to place the ETFs. Blackrock is unlikely to lose your money.

SafePal not open source, seems like it has some sus Binance integrations and hasn’t been around as long. Again, depends what you’re using it for, but I would not ever use a safepal

@@RhettReisman thanks for that information. Definitely like your videos . I feel now all cold wallets have something to be worried about .

Yeah none of them are perfect for sure. The process of self custodying lots of different altcoins is what helped show me how useless 99% of them actually are.
For bitcoin, using a multisig is pretty safe.

Fr lol

Yo 🤙

Yep

Someone is losing their crypto lol

Damn, sorry to hear that man. Glad you got the rest out. Thanks for the kind words 🙏🙏