so, another hw got hacked

here's what happened and why you should throw away ledger: all users received an update after which their keys were extracted from hw and sent to an unknown server

this is why secure enclave matters

reddit.com/r/ledgerwallet/comments/14239r4/atomic_wallet_hacked_we_should_care/

cto @ bwl.gg, 100M+ users (bdut.ch) 🙏 $eggs is life

Would you be alright with a wallet that *never* updates? Would need to buy a new one for every hard-fork and new chain

21. hacking.
previously @spire, intern Nethermind, epns.io

this is a false dichotomy — it's not "never updates" or "secure enclave can expose the keys"

it is "yes, i'd like to receive updates — but these updates should never be able to extract the keys from the secure enclave"

But updates need access to the keys for say, new key derivations, new signature schemes. How do you do this without access to the keys?

oh, new algos and key derivations *should not* work for the old hardware

this is why it's hardware wallets, made for a specific purpose and not general computation

Btw, Is there any hw that provides what you are describing? If not, prolly unwise to ask everyone to leave ledger

Doubt consumers would like that. Even for chains like eth, this does not work. I agree with the ideology though. If we truly want to build decentralised and resilient systems, they have to be immutable.