Have you heard about the wBTC drama?

(If you don’t like drama, just hodl your Bitcoin in your ledger, and you’ll be fine)
Everything unfolded in less than a month. Below are the key milestones of the story 👇 08-10: Makerdao kind of delisted WBTC - (closed all new WBTC debts) [1/n]forum.makerdao.com/t/wbtc-changes…

Ledger’s mission is, and will always be, to provide our users with the right tools to own their digital value securely.

We have decided to accelerate our open-sourcing roadmap to bring more verifiability to everything we do.

A thread 🧵 As you might know, your Ledger devices use a smartcard chip (a Secure Element), implementing tons of hardware countermeasures enabling resistance against high potential attackers even with physical access.

1/
I’ve read several misconceptions about how a wallet works. It seems some people thought there is some magic, let me explain how it works.

A thread 👇 2/ A hardware wallet is mostly used as a signing device.

Your private keys are central to everything, and hardware + firmware work hand in hand to protect it.

Let’s review some fundamental cryptography about all hardware wallets, not just Ledgers.

Ledger Recover is our upcoming and optional service for users who want a secure backup of their Secret Recovery Phrase. Do you want to learn more about the onboarding process and specificities?

A thread 🧵 Let’s first clarify something key: Ledger Recover is a service that you can choose if you want to use it. There is no auto opt-in with firmware updates.

Fun fact about Taproot:

Taproot is a #bitcoin upgrade which will occur at block #709632, ie. in Nov 2021

It brings several new innovations and features but one of them is especially interesting: Schnorr Signatures.

Let me tell you the brief history of asymetric cryptography 🧵 Asymmetric cryptography is a process that uses a pair of keys: public / private key.

Its most interesting application is *Digital signature*. It's a process where you can prove you know your private key without revealing it while anyone with your public key can verify your proof

On the threat model of @Ledger Nano and its ETH app when using DeFi.

Thread
[1/n] Ledger Nano devices threat model is quite simple and could be summarized as follows:

1. Confidentiality of keys
2. Secure use with user consent
3. Genuineness check
4. Users' privacy

[2/n]
donjon.ledger.com/threat-model/

Thread #PLATYPUS

PLATYPUS is a novel side-channel attack targeting Intel x86 CPU (including AES-NI, SGX).
> platypusattack.com

I'm not surprised that we discover new attacks on Intel CPU, while I'm very surprised this attack has just been discovered now.

(1/n) PLATYPUS is a Side Channel Attack allowing to _remotely_ extract secrets from Intel CPU incl. SGX enclave and AES-NI.
It uses the unprivileged access to RAPL (Running Average Power Limit) interface to get an internal measurement of the power consumption of the chip.

(2/n)

I've read several misconceptions about Common Criteria certifications. Typically:
- "Components producers pay for certification"
- "Certifications test only against a known set of predefined scenarios"
- "Certifications are not a replacement for independant review"

Thread👇 (2/n)
In a Common Criteria Certification process (for a circuit). There are 4 actors:
1. The sponsor (SP)
2. The chip manufacturer (CM)
3. The 3rd party evaluation lab (lab)
4. The Certification body (CB)