Ledger takes another swipe at Trezor, claiming its chips are only suitable for household appliances.
The cryptocurrency hardware wallet manufacturer Ledger pointed out in an article released this week that its competitor Trezor's chips have vulnerabilities. The founder of Trezor later retaliated on Twitter, reigniting the battle between the two leading hardware wallet providers.
Table of Contents
Trigger Point
In an article released by hardware wallet manufacturer Ledger this week, the common types of chips used in hardware wallets are introduced. Apart from emphasizing the advantages of the Secure Elements chip used internally by Ledger, the article also criticizes its competitor Trezor for using MCU chips that have not undergone third-party testing and have security concerns. The MCU chips are less resistant to physical attacks, making them vulnerable to low-cost attack methods such as power analysis and clock attacks. Additionally, the chip makes private keys susceptible to side-channel attacks when transferred to the MCU.
"MCU chips are not designed for security and do not have countermeasures against embedded physical attacks. They are used for general household purposes, such as microwave ovens and TV remote controls."
One-Sided Words
Marek Palatinus, co-founder of Trezor and SatoshiLabs, publicly criticized Ledger's claims as "dishonest" and "self-serving" on Twitter afterwards. Palatinus pointed out that suppliers of Secure Elements chips require hardware wallet manufacturers to sign Non-Disclosure Agreements (NDAs), prohibiting discussions on chip-related security issues with customers. Trezor uses chips without NDAs, allowing for complete transparency and prioritizing user interests. This implies that Ledger's chip information is not openly transparent.
Furthermore, Palatinus promised to discuss the impact of NDAs on end-user security at the Bitcoin 2020 conference in March.
Ledger is being dishonest as it points out only part of the whole story.
Did you know NDA of SE chip vendors prevent wallet manufacturers to talk about security issues to their customers?
Trezor is using nonNDA chips so we can be fully transparent and act in your best interest. https://t.co/tHBvZVUulL
— slush (@slush) February 13, 2020
Deep-rooted Resentment
As early as March last year, Ledger and Trezor had a conflict when Ledger released a report revealing five vulnerabilities in the Trezor hardware wallet. Trezor quickly responded, stating that these vulnerabilities did not pose immediate threats to the security of the hardware wallet and that all vulnerabilities required physical access to the device, making remote exploitation impossible.
However, mutual vulnerability detection between the two industry leaders can undoubtedly lead to safer products for users, ultimately benefiting the end-user.
Related Reading
- "Accidentally Entered the Mnemonic Phrase..." Malicious Google Apps Cause Losses
- [Lesson Seven] Let's Learn Together about "Blockchain Wallets (2)"
Join Telegram now to receive the most comprehensive information on fintech, blockchain insights, and industry examples!
Related
- Binance Research: Overview of RWA Development Landscape, Understanding the Technological Risks and Limitations of Asset Tokenization
- Morocco launches "Digital Morocco 2030": Investing heavily in cultivating talent, vigorously promoting digital transformation.
- Former U.S. presidential candidate John F. Kennedy refutes the fallacy of Bitcoin mining energy consumption in the British magazine "The Economist".