Share this page!

Enter Twitter Thread URL to Unroll

Needs to be the full URL like: https://twitter.com/threadreaderapp/status/1644127596119195649

How to get URL link on Twitter App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Haseeb >|< Profile picture
@hosseeb
May 17 12 tweets 4 min read Twitter logo Read on Twitter
Yesterday I freaked out about the revelation that @Ledger could spit out your private key with a firmware update.

Yet I noticed the smartest people were not freaking out. Was I missing something?

I spent the evening educating myself, and now I'm in the "nvm it's fine" camp.
This was my initial mental model: I thought Ledger's Secure Element was like Apple's Secure Enclave—a box that a private key lives in which can only sign things, but "keys can never leave the device." h/t @roinevirta

But it's not! Firmware can exfiltrate the private key! Oh god! ImageImage
This take is actually nonsensical. This *can't be how it works*.

Because Ledgers *upgrade*.

Many people's instinct is "wait why even? I don't want my hardware wallet to ever upgrade."
But Ledgers upgrade to support evolving blockchains. Ethereum now requires BLS signatures. Then there's Solana, NEAR, Aptos, all the new stuff. They have new signing algorithms, new key derivations, all sorts of fanciness. Aside from Bitcoin, every single blockchain evolves.
If a Ledger were an un-upgradeable box with a private key inside, then it would need every algorithm that every blockchain will ever use already available inside the box. And if they didn't think to include a newer algorithm, you'd have to throw it away and buy a newer model.
Consumers will not sign up for that. So they accept a compromise:

The box can take in new code that touches the private key if the user approves it. *But only code that was signed by Ledger Co.*

Their signoff is how they keep you from getting owned by malicious apps/phishing.
Every Ledger app (for any blockchain you run) can in principle extract the private key on your device.

Of course it can!

Because Ledger Apps often have to derive a key for another blockchain, which originates from the master secret on the device.

There is no way around this.
So yes, you're trusting Ledger. Although you only need to trust them once, since you are never *forced* to upgrade firmware.

__This was always true.__

Either you throw away your device every time a new blockchain ships, or you embrace this trust model. Can't be both.
The important point is: every major hardware wallet works this way.

That said, Ledger did some terrible corporate comms and freaked everyone out.

But the more I reflect on this, the main reason was people don't understand how hardware wallets actually work (myself included).
People want hardware wallets to be ASICs. But they're actually FPGAs, and consumers have chosen that.

That said, maybe there will now be a market for an "ASIC" hardware wallet. It's easier now that the landscape of blockchains has settled down a bit compared to 5 years ago.
TL;DR: Ledger is fine, regardless of model. Choose your hardware wallet provider on the merits.

Also shoutout to @OneKeyHQ which is one of my daily driver HW wallets and is fully open source, invaluable in understanding this (disclosure: Dragonfly is an investor).
@0xfoobar @mdudas @k06a @cz_binance

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Haseeb >|<

Haseeb >|< Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @hosseeb

Haseeb >|< Profile picture
Feb 20
FTX reminded us of the failures of centralization. Yes, we need regulation, but even moreso we need innovation.

Proud to announce we seeded @renegade_fi, an on-chain dark pool that uses ZKPs and MPC to build a truly anonymized decentralized exchange.

The future is trustless. 👇
1/ In the wake of FTX, traders have been wary of counterparty risk from exchanges. CeFi has entered a new low-trust phase.

With Renegade, counterparty risk is obviated via cryptography and zero-knowledge proofs. Custody is guaranteed on-chain. You don't need to trust anyone.
2/ You can also eliminate much of MEV from DeFi, as validators and sequencers only ever see ZKPs of valid transactions. No more transaction reordering or sandwich attack shenanigans.
Read 5 tweets
Haseeb >|< Profile picture
Feb 16
Just read through the SEC case against Do Kwon/Terraform Labs so you don't have to.

docdroid.net/xC1daxt/kwonzi…

A few takeaways:
1/ Fraud case is rock solid. Chai using Terra was a complete fabrication, with fake on-chain transactions and everything.

I was surprised by how egregious this was. People at Terraform Labs knew it was bullshit.
2/ They claim UST is a security because it was so closely tied to Anchor, which was marketed as a profitable investment. I guess I can see it? Might be a version of Gensler's money market argument—he may then go after BUSD under the theory that BUSD + Binance Earn ≈ Anchor.
Read 9 tweets
Haseeb >|< Profile picture
Feb 15
1/ Had a meta-level shower realization for why MEV auctions are necessary in blockchains.

As I say in this TCB episode—I was taught blockchains are big shared computers that we each take turns running code on.

I always cringed at MEV auctions because they destroy that fantasy.
2/ My instinct has always been "well, exchanges like NYSE use time priority, so shouldn't blockchains *eventually* do the same?"

But there's a key difference:

NYSE is running a continuous process. They are matching orders and executing trades in real time.
3/ Blockchains are discrete processes. Orders stream in continuously in the mempool, but they are matched in big chunky batches.

Looking at the mempool may give you the ~illusion~ that a blockchain is like NYSE and should be settled similarly. But the mempool =/= the blockchain.
Read 4 tweets
Haseeb >|< Profile picture
Jan 16
Every year at @dragonfly_xyz we do a retro on the biggest lessons of the year. This year we came up with the top 10 lessons that we wanted to take away as venture investors in 2023.

I thought it might be useful to share them. Here are the 10 lessons in order: 👇
1. Diligence actually matters.

In the year of FTX, LUNA, and 3AC, this is the one lesson everyone in the industry learned.

Doesn't matter how impressive the founders seem. If you don't verify what they are telling you, you *will* eventually get burned.
2. When everything seems crazy, it probably is.

Valuations and narratives got ahead of themselves last year. We felt that something was off and late-stage valuations were not sustainable. It's tempting to brush that off and say "well, the market is smarter than me."

Not always.
Read 12 tweets
Haseeb >|< Profile picture
Jan 9
/1 The AI era is upon us. GPT-3 makes it clear: we will achieve AGI in our lifetimes.

Crypto will have a big role to play in this.

Why? Because crypto changes the API of money, decoupling *money* from *people*.

In the age of AI, this will matter more than ever. 🧵 👇
/2 Money has a simple API. It was designed over a thousand years ago.

The API is:

Person => Money
Company => Money
Government => Money

If you are not a person, a company, or a government, you can't have money.
/3 But there will be agents that use money that are not people, companies, or governments.

AIs will use money. Self-driving cars will use money. IoT devices, long-running software, even physical objects.

Hence crypto's new API for money:

Cryptographic address => Money
Read 7 tweets
Haseeb >|< Profile picture
Nov 11, 2022
1/ Pouring one out for all those who were impacted by the FTX collapse. If you lost more money than you can afford, I'm so sorry.

I promise it will get better.

I'm exhausted.

Have been thinking a lot about what happens from here, and what it means for this industry.
2/ First, there will be a global regulatory backlash.

It's not just in the US—FTX Int'l collapsing is a global catastrophe. This is much bigger than 3AC or Terra.

It's one thing to defraud lenders or retail degens. But Sam was the golden child of this whole industry.
3/ When you pull one over the rich and powerful, a darker depth of wrath awaits you.

Second, more things will break. We don't know yet the full tangle that was wrapped up with FTX/Alameda, and the indirect contagion effects are yet to be felt. More is coming.
Read 18 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(