Author

Topic: No hardware wallet should be closed source in the first place (Read 143 times)

hero member
Activity: 1008
Merit: 960
Just because a software is open source doesn't mean it can't do unwanted things.

Also, I'm not sure how you're able to confirm the firmware running in your hardware wallet is actually the source that has been published openly. Maybe you can flash it yourself? Not sure most people would do that. Most people would start using the hardware wallet. Maybe they would generate their own keys outside of the wallet, but not sure if they would re-flash the wallet with their custom firmware as well.

At some point you do need to trust, otherwise you won't have enough time or expertise in all the necessary areas to verify everything you use.
jr. member
Activity: 45
Merit: 1
If I'm given the option to choose between a trust wallet and a ledger wallet I will choose ledger or any hardware wallet because they are still better than mobile wallets even if they are closed source.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
Then it means all wallets are equal here, if I use this Ledger wallet and something funny happens one day from the dev side what's going to happen? Isn't this one of the reasons why people avoid mobile wallets like trust wallet and coinomi?.

Actually, the ledger live is open source for both desktop and mobile[1]. It's the firmware that isn't, see this discussion[2]

[1] https://github.com/LedgerHQ
[2] https://www.reddit.com/r/ledgerwallet/comments/e1wh5q/is_ledger_going_to_make_the_firmware_open_source/
@Widdop37. Ledger Nano can not be compared to wallets like Coinomi or Trustwallet, everything about Coinomi and Trust wallet is close source, but Ledger Live (software used to operate Ledger Nano) is completely open source. You can even connect Ledger Nano to open source wallet like Electrum. Although, not that I am recommending Ledger Nano as the secure element used to generate the seed phrase and where it is store is close source, I will prefer to go for hardware wallet that is completely open source. But the worst of all are those hardware wallets like Safepal that is completely close source and cannot be used with other open close wallets as it has its own software which is also close source.
staff
Activity: 3500
Merit: 6152
Then it means all wallets are equal here, if I use this Ledger wallet and something funny happens one day from the dev side what's going to happen? Isn't this one of the reasons why people avoid mobile wallets like trust wallet and coinomi?.

Actually, the ledger live is open source for both desktop and mobile[1]. It's the firmware that isn't, see this discussion[2]

[1] https://github.com/LedgerHQ
[2] https://www.reddit.com/r/ledgerwallet/comments/e1wh5q/is_ledger_going_to_make_the_firmware_open_source/
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Then it means all wallets are equal here, if I use this Ledger wallet and something funny happens one day from the dev side what's going to happen? Isn't this one of the reasons why people avoid mobile wallets like trust wallet and coinomi?.

Actually it's not the same.

Trust wallet/coinomi create and send the transactions. Most people use those wallets without HW, so no safety net at all.

On the other hand, hardware wallet "only" signs the transactions. If one uses Ledger (one of the bad examples), he can use it with Electrum, for example. With the correct settings Electrum will show every step done.
Can Ledger do bad things after a certain update? Probably (but after that bye-bye business). Will Electrum "play along"? I hope not. Of course, if one also uses Ledger Live, he's more exposed.

Also while Trust wallet or coinomi basically doesn't risk anything if they do something fishy (no liability), a business that makes hardware wallets is basically gone after that and also faces lawsuits to recover those funds.


All in all, you do have a point, I don't deny that, just it's not entirely correct.
jr. member
Activity: 45
Merit: 1
It's good you know the difference, I won't dare store thousands of dollars worth of crypto asset on a wallet that's closed source wether hardware wallet or not.
member
Activity: 130
Merit: 11
Why called trezor wallet a hardware wallet when it's not even open source?

1. A device can be hardware wallet even if it's a closed source. It's not a nice/desired situation, but it happens. The name hardware wallet comes from the way it works...
2. You've made a confusion. Trezor is open source, Ledger is the closed source one.
Then it means all wallets are equal here, if I use this Ledger wallet and something funny happens one day from the dev side what's going to happen? Isn't this one of the reasons why people avoid mobile wallets like trust wallet and coinomi?.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Why called trezor wallet a hardware wallet when it's not even open source?

1. A device can be hardware wallet even if it's a closed source. It's not a nice/desired situation, but it happens. The name hardware wallet comes from the way it works...
2. You've made a confusion. Trezor is open source, Ledger is the closed source one.
member
Activity: 130
Merit: 11
Why called trezor wallet a hardware wallet when it's not even open source? I don't know what sucks more than this since I've been learning things about crypto and wallets, imagine a noob came to you for wallet advice and you just reply ' go get a hardware wallet ' and the dude go ahead and purchases a Trezor hardware wallet and later finds out its not open source.

Update

I meant Ledger, sorry.
Jump to: