Ledger’s mission is, and will always be, to provide our users with the right tools to own their digital value securely.
We have decided to accelerate our open-sourcing roadmap to bring more verifiability to everything we do.
A thread 🧵
We have decided to accelerate our open-sourcing roadmap to bring more verifiability to everything we do.
A thread 🧵
As you might know, your Ledger devices use a smartcard chip (a Secure Element), implementing tons of hardware countermeasures enabling resistance against high potential attackers even with physical access.
Smartcard technologies also allow a root of trust, enabling the secure element to prove they are genuine and not tampered, thus can be trusted even in complex supply chain scenarios.
Because this know-how is the IP of manufacturers, they don’t want it leaked, preventing Ledger’s firmware from being fully open source.
We strongly believe in open source. It’s one of our core values, a great philosophy that advocates openness, and verifiability. Open source allows developers and security experts to review the code and ensure it is secure and not malicious.
We already conduct internal and external security audits. But, open source means you minimize the level of trust. That’s why we have decided to accelerate our open-sourcing roadmap.
Most of our products are already open source. Many developers contribute to Ledger Live, Ledger devices, and more. Together, we built over 150 open-source apps that run on our different devices.
github.com
github.com
We recently open-sourced our cryptography library (which is part of our OS), and we will publish the whitepaper of Ledger Recover very soon, allowing everyone to audit the cryptographic protocols and enable people to build their own shards backup provider.
We’ll gradually open source most of our Operating System, starting with Ledger Recover, to make it fully auditable.We’ll release Ledger Recover Product as soon as this firmware part of the code will be published.
The other parts will take a little more time since it needs to be refactored to abstract the chip-specific characteristics under NDA from our OS.
Open-sourcing has always been at the core of our roadmap, and recent events emphasize the importance of accelerating our initiative to bring greater verifiability to everything we do at Ledger.
Securely yours.
Securely yours.
Loading suggestions...