so, another hw got hacked

here's what happened and why you should throw away ledger: all users received an update after which their keys were extracted from hw and sent to an unknown server

this is why secure enclave matters

reddit.com/r/ledgerwallet/comments/14239r4/atomic_wallet_hacked_we_should_care/

cto @ bwl.gg, 100M+ users (bdut.ch) 🙏 $eggs is life

whether it's a hardware wallet or a hot wallet, there's the same single point of failure.

imho, multiparty key management should be top priority. SSO/email/SMS/biometrics form a better ID in aggregate for a single person (as Apple is showing), and tightknit social networks are more secure than solitary accounts.

𝖒𝖆𝖓𝖉𝖆𝖙𝖚𝖒 𝖆𝖉 𝖆𝖘𝖙𝖗𝖆

I'm all for secure enclaves, keeping an eye on Keystone for RISC-V as that is the primary opensource approach.

but why deprioritize the natural advantage of coordination in numbers? most people have families, most OSS development is notoriously insecure when maintained solitarily (incl secure enclaves).

nope, not at all

the true solution is secure hardware enclaves (the true ones that ledger claimed to be) that never expose the keys to software

and then we can layer social recovery on top of this with account abstraction if we want to