The recent controversy surrounding the Ledger hardware wallet has generated discussions on the efficacy of open-source versus closed-source software. Charles Hoskinson, Cardano founder, entered the fray by stating his preference for open-source software whenever possible, citing simplicity as the key component of security. However, Ledger co-founder Eric Larchevêque refutes this assertion and argues that open-source software can actually pose elevated security risks.
Larchevêque took to Twitter to provide further insights into the security aspects of closed-source, open-source, and chain of trust in hardware wallets. While open-source wallets may be compatible with standard hardware, Larchevêque maintains that closed-source wallets with secure elements offer a higher level of security. He notes that a supply chain attack can occur when flashing firmware onto hardware and although a “holographic seal” can mitigate some risks, it is not entirely effective in preventing attacks at the manufacturer level.
Using a master key implanted in the secure element at the factory level, Larchevêque explains that manufacturers can cryptographically prove interaction with the authentic chip. This method, he argues, is not compatible with open-source software as the master key would be exposed during compilation. Consequently, users of open-source hardware must trust that the manufacturer will not include a backdoor in the electronics, while users of closed-source hardware must trust that the manufacturer will not insert a backdoor in the firmware.
The crux of the issue in Larchevêque’s view is that security always involves trade-offs and requires a degree of trust in hardware wallets. Users may inadvertently commit critical errors or update their hardware with rogue firmware. In the wake of the Ledger Recover firmware update controversy, hardware wallet provider GridPlus opted to open-source its firmware. However, Larchevêque posits that bad actors could still access these due to their open-sourced nature.
Ultimately, the choice between open-source and closed-source wallets boils down to personal preference and the level of trust one puts in the manufacturer. Sound market research and understanding of potential risks are crucial before investing in cryptocurrencies.