The criticism about Ledger is not the service itself, but the fact that Ledger always said in the past that the seed will *never* and *under no circumstances* leave the device. NEVER. The criticism about Ledger is the fact that Ledger changes the rules for existing devices afterwards. Every Ledger device will have the Recover logic implemented once the firmware is updated, no matter if you use it or not. Only because you don't use it does not mean an attacker cannot use it too.
I think there’s some technical nuance on the “seed never leaves the device piece”. Based on everything I’ve watched (probably 5-6 hours of video on the topic) I think Ledger would continue to claim that the seed never leaves the device. I understand that the community thinks this is what’s happening and I think that’s a combination of bad communication from Ledger (Ledger admits the communication is bad) and that under certain circumstances with the new firmware your seed could be recreated outside the device with the service if several governments coordinated to subpoena the shard holders. After this backlash I don’t think it’s fair to say that every ledger device will have the recover logic implemented - the program is on pause and Ledger is working on open sourcing as much as possible. I think it’s very likely that there are two firmwares in the future (just like Trezor and other wallets already have) - we’ll have to wait and see.
@@RhettReisman "I think Ledger would continue to claim that the seed never leaves the device." - Yeah, and this would continue to be false. Great video btw.
@@RhettReisman It is now confirmed there is in fact a pathway for the seed to leave the device, so the statement remains false, even today. For you to substantiate your claim, you would need to have access to Ledger's source code, and in addition prove that no ledger device on the planet has modified firmware installed (|remember MSI signing keys breach recently? - who says the same didn't happen to Ledger and they are just not aware?).The potential for the seed to leave the device is there, even today. So their statement is false.
You can look through the developer documentation yourself and see that there is no code that would allow you to extract a seed from the device. If/when Ledger Recover is implemented that documentation will be updated. Firmware updates on any device have the ability to introduce exploits. This one is no different. developers.ledger.com/
The issue isn't "Recover." The issue is, Ledger added key extraction APIs into the firmware for our cold wallets, which means our cold wallets aren't cold anymore. By definition, cold wallet means the keys can't touch the internet. Key extraction over the internet obviously means the keys can be accessed over the internet. And the fact that Ledger is lying about it means their word can't be trusted. So, key extraction firmware plus no trust equals Eff Ledger. I wish I could get a refund.
Ledger never pushed that firmware The keys can’t be extracted over the internet, you need a physical signature to send your encrypted shards Ledger didn’t lie about anything, the APIs are public to developers Ledger recover will compete with Casa and Unchained, onboard more users to self custody, and push more people into COLDCARD and other more secure products.
I am someone who really thinks multi-sig is a risk. I consider it the same as splitting a 24 word seed in different locations.... but just doing it with the device itself, which seems even more likely to have issues. Most people can buy a steel seed phrase backup and bury it in their yard and remember where to find it. But most people lose their car keys all the time. Burying your wallet is not really an option, so it is more likely the wallets get lost. And I bet most people who have 2/3 or 3/5 just keep all their wallets at their own home in a safe or drawer, which is itself a massive security risk. I think its a case of the theory being good, but the application being less secure in reality.
I disagree. Multisig is more secure than splitting a single seed phrase into multiple pieces. There’s a clear standardized path to reconstruction that you don’t have in splitting a seed phrase. Splitting a seed phrase also doesn’t remove the single point of failure of someone stealing your 1 unlocked hardware wallet.
In my opinion, yes it’s a great entry level hardware wallet. I wouldn’t put my whole life savings on one lns+, and if you’re ever worried about security or wanting to store large amounts of bitcoin you should look into multisig.
Thank you very much for your useful information, this knowledge is very valuable. Thanks to your video, I know a safer option for my bitcoins that is a coldcard, this product is really new to me, I want to ask if I use a coldcard, does it need to update the firmware? as often as Ledger's? (this has been bugging me for a week since the announcement of Ledger's private key recovery service) And theoretically the coldcard manufacturer could use a any software to get the key my own (like Ledger uses the 2.2.1 firmware update to get the private key from my Ledger device without me having to enter it manually)?
Coldcard does update firmware, but all the firmware is openly verifiable through their GitHub. If they did something like this it would be immediately obvious to the very technical users who comb through every firmware update. I think if you’re that worried about it, you should update firmware a few weeks/months after it is released and use multisig for peace of mind
Hello, I love your response and energy. You are very knowledgeable and all of your videos are very informative and educational. What are the total cost and what equipment or device is required for mining Bitcoin and SHIB Inu? Much appreciated ❤🎉😊
Ledger recover more convenient ? Why ? You still have a seed phrase to write and secure. Then there is the additional work of backing the sharded seed through their new option. This recovery option will most or the time never be used as most of the time you will not loose your seed (even if you have selected the recovery option). So it is more work.
It’s more convenient because you’re getting a collaborative custody backup where someone can walk you through recovery if you lose your seed phrase. IMO it competes more with services like Casa than products like Trezor.
My understanding is that the mempool should eventually drop your transaction after 2 weeks. If you’re not seeing the option to resend, you might need to use a different wallet. If anyone else has dealt with this before I’d be interested to hear if they did something else.
SafePal not open source, seems like it has some sus Binance integrations and hasn’t been around as long. Again, depends what you’re using it for, but I would not ever use a safepal
Yeah none of them are perfect for sure. The process of self custodying lots of different altcoins is what helped show me how useless 99% of them actually are. For bitcoin, using a multisig is pretty safe.
If a man makes it. A man will break it. Binance will steal from you. They owe me 1200 Tron. 10k vthor. I got the rest outvof there. Another informative video Rhett
Was anyone using a single ledger to store all their crypto before this announcement? What is your plan going forward?
I tossed my Ledger a few years ago when they had a data breach! Trust no Corporations
Switching to a bitcoin only wallet
The criticism about Ledger is not the service itself, but the fact that Ledger always said in the past that the seed will *never* and *under no circumstances* leave the device. NEVER. The criticism about Ledger is the fact that Ledger changes the rules for existing devices afterwards. Every Ledger device will have the Recover logic implemented once the firmware is updated, no matter if you use it or not. Only because you don't use it does not mean an attacker cannot use it too.
I think there’s some technical nuance on the “seed never leaves the device piece”. Based on everything I’ve watched (probably 5-6 hours of video on the topic) I think Ledger would continue to claim that the seed never leaves the device.
I understand that the community thinks this is what’s happening and I think that’s a combination of bad communication from Ledger (Ledger admits the communication is bad) and that under certain circumstances with the new firmware your seed could be recreated outside the device with the service if several governments coordinated to subpoena the shard holders.
After this backlash I don’t think it’s fair to say that every ledger device will have the recover logic implemented - the program is on pause and Ledger is working on open sourcing as much as possible.
I think it’s very likely that there are two firmwares in the future (just like Trezor and other wallets already have) - we’ll have to wait and see.
@@RhettReisman "I think Ledger would continue to claim that the seed never leaves the device." - Yeah, and this would continue to be false.
Great video btw.
Thanks 🙏 If you have a ledger today, your seed 100% does not leave the device. Nothing false about it.
@@RhettReisman It is now confirmed there is in fact a pathway for the seed to leave the device, so the statement remains false, even today. For you to substantiate your claim, you would need to have access to Ledger's source code, and in addition prove that no ledger device on the planet has modified firmware installed (|remember MSI signing keys breach recently? - who says the same didn't happen to Ledger and they are just not aware?).The potential for the seed to leave the device is there, even today. So their statement is false.
You can look through the developer documentation yourself and see that there is no code that would allow you to extract a seed from the device.
If/when Ledger Recover is implemented that documentation will be updated.
Firmware updates on any device have the ability to introduce exploits. This one is no different.
developers.ledger.com/
Nice video. Great discussion. Keep up the good work
Glad to help, thanks man 🙏
The visual representation of security vs convenience is very useful indeed.
Happy to help :) visuals always make more sense to me
The issue isn't "Recover." The issue is, Ledger added key extraction APIs into the firmware for our cold wallets, which means our cold wallets aren't cold anymore. By definition, cold wallet means the keys can't touch the internet. Key extraction over the internet obviously means the keys can be accessed over the internet. And the fact that Ledger is lying about it means their word can't be trusted. So, key extraction firmware plus no trust equals Eff Ledger. I wish I could get a refund.
Ledger never pushed that firmware
The keys can’t be extracted over the internet, you need a physical signature to send your encrypted shards
Ledger didn’t lie about anything, the APIs are public to developers
Ledger recover will compete with Casa and Unchained, onboard more users to self custody, and push more people into COLDCARD and other more secure products.
@@RhettReisman People watch too many vds , and FUD.
100%
Another stunning video. This is a great channel.
Thanks! Happy to help :)
Waiting on your Ledger Stax review video! or Ledger Stax vs Nano X, the last video like that was pretty fun :)
I’m on the waitlist :) will definitely make that video when I get my hands on it
@@RhettReisman Awesome :D looking forward to it, you always make them informative and fun :)
Thanks 🙏😁 excited to see the look and feel of Stax
I am someone who really thinks multi-sig is a risk. I consider it the same as splitting a 24 word seed in different locations.... but just doing it with the device itself, which seems even more likely to have issues. Most people can buy a steel seed phrase backup and bury it in their yard and remember where to find it. But most people lose their car keys all the time. Burying your wallet is not really an option, so it is more likely the wallets get lost. And I bet most people who have 2/3 or 3/5 just keep all their wallets at their own home in a safe or drawer, which is itself a massive security risk. I think its a case of the theory being good, but the application being less secure in reality.
I disagree. Multisig is more secure than splitting a single seed phrase into multiple pieces. There’s a clear standardized path to reconstruction that you don’t have in splitting a seed phrase. Splitting a seed phrase also doesn’t remove the single point of failure of someone stealing your 1 unlocked hardware wallet.
You tryina be Pomp? 😂 that cadence tho. 😅
I’m way funnier than Pomp
@@RhettReisman lol 😆 yea buddy
Hey Rhett I am new to this... So is a ledger nano s plus safe?
In my opinion, yes it’s a great entry level hardware wallet. I wouldn’t put my whole life savings on one lns+, and if you’re ever worried about security or wanting to store large amounts of bitcoin you should look into multisig.
Is the old nano s not the plus safe from ledger recover
Yeah it’s too small (from memory perspective) for them to put that feature into apparently
Thank you very much for your useful information, this knowledge is very valuable. Thanks to your video, I know a safer option for my bitcoins that is a coldcard, this product is really new to me, I want to ask if I use a coldcard, does it need to update the firmware? as often as Ledger's? (this has been bugging me for a week since the announcement of Ledger's private key recovery service) And theoretically the coldcard manufacturer could use a any software to get the key my own (like Ledger uses the 2.2.1 firmware update to get the private key from my Ledger device without me having to enter it manually)?
Coldcard does update firmware, but all the firmware is openly verifiable through their GitHub. If they did something like this it would be immediately obvious to the very technical users who comb through every firmware update.
I think if you’re that worried about it, you should update firmware a few weeks/months after it is released and use multisig for peace of mind
@@RhettReisman thankyou so much about your answer. The second point of your answer is very good, I will apply this lesson to my investing
Glad to help :)
Hello,
I love your response and energy. You are very knowledgeable and all of your videos are very informative and educational.
What are the total cost and what equipment or device is required for mining Bitcoin and SHIB Inu?
Much appreciated ❤🎉😊
Here are some videos about mining that I’ve done: ruclips.net/p/PL-p_L_HbK7jUhxmgAETTMnowG2Bi0GkI1
@@RhettReisman much appreciated
Lemme add one ... ETFs... higher up than Finance and Coinbase and just to their right on the security side, but still "Less Secure."
Hard to place the ETFs. Blackrock is unlikely to lose your money.
Ledger recover more convenient ? Why ? You still have a seed phrase to write and secure. Then there is the additional work of backing the sharded seed through their new option. This recovery option will most or the time never be used as most of the time you will not loose your seed (even if you have selected the recovery option). So it is more work.
It’s more convenient because you’re getting a collaborative custody backup where someone can walk you through recovery if you lose your seed phrase.
IMO it competes more with services like Casa than products like Trezor.
can you tell me what will hapened with uncnfirmed transacion, 3 weeks
My understanding is that the mempool should eventually drop your transaction after 2 weeks. If you’re not seeing the option to resend, you might need to use a different wallet. If anyone else has dealt with this before I’d be interested to hear if they did something else.
@@RhettReisman its 22 days can you help
What wallet did you use to send it?
@@RhettReisman exodus
I would try reinitializing the wallet on Sparrow wallet or Electrum on desktop. They have more features that should allow you to replace by fee.
Someone said safePal is safer then Ledger now is that true
SafePal not open source, seems like it has some sus Binance integrations and hasn’t been around as long. Again, depends what you’re using it for, but I would not ever use a safepal
@@RhettReisman thanks for that information. Definitely like your videos . I feel now all cold wallets have something to be worried about .
Yeah none of them are perfect for sure. The process of self custodying lots of different altcoins is what helped show me how useless 99% of them actually are.
For bitcoin, using a multisig is pretty safe.
It amazes me how many people still leave their coins on the exchanges lol of all the places
Fr lol
If a man makes it. A man will break it. Binance will steal from you. They owe me 1200 Tron. 10k vthor. I got the rest outvof there. Another informative video Rhett
Damn, sorry to hear that man. Glad you got the rest out. Thanks for the kind words 🙏🙏
3 hours ago. Huh. Hello!
Yo 🤙
Sooooo What ? 🤷
Yep
Someone is losing their crypto lol