RT @NicolasDorier: Some would say "don't buy ledger".
I prefer the other solution: Stop using shitcoins.
Shitcoins make such kind of vulnerability possible. This is the Shitcoin Tax, the invisible tax you have to pay for using it.
RT @ShiftCryptoHQ: The #BitBox02 is safe against this isolation bypass attack.
The BitBox02 has always enforced strict separation of keys for each coin, so it is not possible to sign a valid #Bitcoin transaction masquerading as a Litecoin or testnet transaction.
Hmm. I hadn't really considered that people would think this was an exploit. HWI basically abuses this "exploit" in the test suite (both automated and manual) because I can't be arsed to install the Bitcoin Testnet app. I just use the Bitcoin app and ask it to sign regtest transactions because they're identical to mainnet transactions.
Honestly, as someone who writes software that interacts with hardware wallets, having the device restrict the derivation paths it uses based on the coin makes everything so much harder and doesn't really improve security IMO. There are times when you want to use non-standard derivation paths and not being about to use them could break things.
Just as an example, when Trezor began enforcing standard derivation paths, they briefly broke HWI because it used a non-standard derivation path of m/0' to get a master fingerprint. This is used as a generic way to identify devices and there is no other way to get this fingerprint from a Trezor. When they automated tests began failing because of this, I had to inform them and they video to add m/0' to the whitelist. But my point is that there are uses for non-standard derivation paths and enforcing them can break things.
Hi u/Fiach_Dubh, thanks for tipping u/gr0kch8n **100** satoshis!
*[^(More info)](https://www.reddit.com/r/lntipbot/wiki/index) ^| [^(Balance)](https://www.reddit.com/message/compose/?to=lntipbot&subject=balance&message=!balance) ^| [^(Deposit)](https://www.reddit.com/message/compose/?to=lntipbot&subject=deposit&message=!deposit 10000) ^| [^(Withdraw)](https://www.reddit.com/message/compose/?to=lntipbot&subject=withdraw&message=!withdraw put_invoice_here) ^| ^(Something wrong? Have a question?) [^(Send me a message)](https://www.reddit.com/message/compose/?to=drmoore718)*
The most secure crypto wallet is a sheet of paper with the keys written on it. People don't want to hear that because they like the feeling of security that only a mysterious gizmo can provide.
Ninjanoelwarning, I'm a naive moron and I have the brain wo5 months ago
what do you do with those keys once you have them? maybe phone Indian tech support to move your crypto for you....?
hardware wallets allow you to enter your seed into a dedicated device... that device can then be washed and the next customer may use it.
The seed is just an invention of the hardware wallet though, right? I DCA my creepto on Binance or wherever is cool this month, send it to the paper wallet address and Hodl until further instruction. If I did want to sell it for some reason I'd set up a bitcoin node on a spare server and transfer it from there.
Am I understanding this? I just got my ledger last week, and I did put litecoin on it. However, I put my ltc onto it before any btc, because I wanted to test it out. No ltc transactions were made while any btc was on the ledger. Does this mean I was not at risk?
Altough this MIGHT technically not yet be a disaster, it definitely raises a lot of concerns for the long term. I will buy myself a Trezor instead based on this info alone. I am a security freak and know my way around and have been handling wallets by myself, but I do need to rely on a third party at some point, and it will be Trezor.
It’s simple. Remove all apps from your ledger apart from the official bitcoin app. And don’t install random apps from the internet **on your hardware wallet**. Also check addresses when you send crypto.
Trezor has other issues. Like needing a 3rd party app to check or receive native segwit transactions or balances. Also this bug only affects you if you install 3rd party shit apps on your **hardware wallet**. Which you can’t do on the trezor. If you need these shit apps for your shit coin transactions trezor won’t do what you need. If you don’t need those wtf are you doing installing them on your ledger? Unless you are **accidentially** installing them on your ledger, in which case your crypto is probably far more secure on some exchange ...
I only have LTC & ETH apps on there & supposedly ltc is vulnerable.. I wouldn't call ltc & eth shit coins necessarily imho.. If i check addresses (which I always do) before confirming tx's I should be ok?
Yes, checking addresses helps provided you would recognise your btc address that’s holding your btc.
The thing is that it’s not **the** LTC or ETH apps that are vulnerable(eth shouldn’t be at all anyway ...). You would have to install a new app. It’s a bit like installing a fake smartphone app. And that fake app would then claim it’s signing a ltc transaction while in reality it’s signing a btc one. It can however not fake the addresses, those would be the real ones.
It basically relies on social engineering, get someone to install a new unofficial app on their ledger, preferably in conjunction with a 3rd party software apart from ledger live on pc side as well. For full effect you’d basically have to install 2 compromised unofficial softwares on two distinct devices and not check your addresses when sending.
You will not be ok with that scenario. Due to the exploit, you cannot trust what you see on your display if you are using an altcoin app (such as LTC). If it is exploited in your scenario, you will see a Litecoin transaction with a Litecoin amount and address that will actually send bitcoin once confirmed.
So if I had a malicious LTC app, the address will falsely display the LTC address I'm trying to send to but will actually be signing to a completely different BTC address?
What is the difference between this and a malicious LTC app that is secretly sending your LTC to a different LTC address than what you are trying to send to?
This is ledger's technical description after the public disclosure: [https://donjon.ledger.com/lsb/014/](https://donjon.ledger.com/lsb/014/)
Bitcoin and Ethereum should be safe. Avoid using the altcoin apps unless you know and trust 100% what the code communicating with the device is doing.
Trezor is a great HW wallet but lacks a secure element so you need to make sure you use the passphrase feature for most of your savings
That is how I understood it. I get a test net tx to confirm, might not give a rat's ass about the destination. And my btc are gone. I don't have alts or test net on my Ledger, so I'm safe from this one. But the sheer existence of this bug scares me.
Even bitcoin has security flaws: [https://en.bitcoin.it/wiki/Common\_Vulnerabilities\_and\_Exposures](https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures)
Why don't get a coldcard if you don't need "shitcoins"?