S4 E4: BTChip (Nicolas Bacca) on Ledger and Hardware Wallet Innovation

1 BTC =	67169.2000 USD
1 BTC =	67158.7500 USDT
1 BTC =	61784.5300 EUR
1 BTC =	52863.7100 GBP
1 BTC =	100224.6500 AUD
1 BTC =	91360.0000 CAD
1 BTC =	10472083.2800 JPY
1 BTC =	38800.0000 CNY
1 BTC =	308575.0000 RON

Ledger co-founder and Head of Innovation BTChip (Nicolas Bacca) has been working in the field of security and electronic devices for decades. However, it wasn’t until 2015 that he acquired an interest in using his expertise in order to create a product that balances privacy, sovereignty, and ease of use without compromising on security.

Given the history of events and circumstances, it has been an honor to talk to Mr. Bacca and take useful security advice from somebody who constantly innovates and seeks to improve the security of his products.

The episode is available on iTunes and Spotify.

If you enjoy this episode, please leave feedback, follow @BTCTKVR on Twitter, and join the Telegram channel for discussions. Also, you may donate $1 on Patreon.

Time Stamps

04:40 – Introduction, brief history of experiences in the field

06:20 – Why Ledger was created

8:20 – Pushing your op-sec with Ledger’s apps and operating system

11:00 – Ledger criticism as feedback

13:25 – Why should anyone buy a hardware wallet?

17:10 – Why choose a Ledger hardware wallet?

20:47 – Ledger Nano S vs Nano X

24:00 – The pros and cons of Trezor devices

27:03 – The pros and cons of the KeepKey

29:24 – The pros and cons of the Coldcard wallet

31:00 – The pros and cons of the BitBox02

35:00 – What is open source about the Ledger software and what isn’t?

42:20 – Security element chips in hardware wallets (Ledger, BitBox, Coldcard)

51:20 – Is it safe to buy used Ledger hardware wallets on eBay?

53:00 – Are hardware wallets like toothbrushes?

55:55 – Bitcoin-only Ledger?

57:20 – Multisig in Ledger Live?

1:01:00 – Is it reckless to use your Ledger with third party software (Electrum, Wasabi, Shapeshift)?

1:03:41 – What is next for Ledger? (Liquid, Shamir, CoinJoin, PSBT)

1:09:00 – How does Ledger Manager recognize a fake Ledger hardware wallet?

1:14:00 – The golden age of hardware wallets and wild experiments

Special thanks to LXMI and Phemex for sponsoring this episode!

LXMI Ad:

“LXMI is a European Cryptocurrency exchange whose name is inspired by Lakshmi, the Hindu Goddess of Wealth, Good Fortune and Prosperity. It’s one of the regulated and legal Cryptocurrency exchange.

On LXMI you can buy bitcoins with most fiat currencies and you can also do the trading for top Altcoins.

They follow the “Not your keys not your bitcoins” philosophy with their integrated non-custodial wallet which helps you manage your own private keys. So if you’re into trading, then you don’t have to worry about having your Crypto frozen by whatever political decisions, since you’re empowered to hold and move your coins around whenever you wish.

It’s great to have new players like LXMI that respect your financial sovereignty.

LXMI is launching in 2020 for more information please check out – www.LXMI.IO/

If you’re not trading, it’s recommended to move your coins to a hardware wallet or some other form of cold storage, and in this episode, you’re about to find why.

Please keep in mind that this is just an ad for a sponsor of this show. It’s not meant to serve as financial advice, and you’re responsible to do your own research before buying anything and act according to your own decisions. Embrace your financial sovereignty with agency and precaution.

Phemex Ad:

“Phemex is a Bitcoin exchange with derivative trading options which focuses on speed, robustness, and maximum uptime. Built by former Morgan Stanley executives, it manages o bring simple and accessible Bitcoin trading. In 2020, Phemex will also add S&P 500 stocks, stock indexes, FOREX, commodities, and more.

These are the 10 questions to which Nicolas Bacca replied during the interview:

1. Why should bitcoiners buy a hardware wallet? In which ways is it better than cold storage methods like the paper wallet or the steel plate?

2. Why should that wallet be a Ledger? What is special about the Ledger devices, compared to the competition?

3. Can you say something that you like and something that you don’t like about your competition? (this includes Trezor, KeepKey, Coldcard, and BitBox)

4. How much of the code that goes into a Ledger is open sourced and why do your competitors often call your approach “opaque” and “black box”?

5. What do you think about the fact that Coldcard and BitBox02 also use the secure element chip design?

6. Would you consider releasing a Bitcoin-only version of the Ledger Nano hardware wallet series?

7. In the experience that I’ve had, the Nano X is less friendly with multisig setups than the Trezor Model T and the Coldcard Mk3. Are you planning to make any improvements?

8. Do you have any kind of recommendations for people who choose not to use your Ledger Live software and go for Electrum and Wasabi?

9. How does the Ledger Manager recognize a fake Ledger device? (question received from Alk2019)

10. What are Ledger’s upcoming plans in the hardware wallet market?

Full Transcript:

Vlad Costea (00:04:02):

Hello and welcome to Season 4 Episode 4 of the Bitcoin Takeover Podcast. I am Vlad and I’m honored today to have as a guest one of the makers of the Ledger hardware wallet. On Twitter his name is @btchip, but his real name is Nicolas Bacca and he is one of the innovators in this space and it’s always a privilege to get the insights from a person who actually builds hardware wallets and has innovative ideas. I think your position right now is Head of Innovation at Ledger, is that right?

Nicolas Bacca (BTChip) (00:04:40):

That’s correct. So thanks Vlad for hosting me and thanks for the service that you are providing to the community because the hardware wallet review was quite nice. Having each of the companies able to speak on a podcast—security and more details about the hardware—it’s providing a very useful service to the community. Yes I’m Head of Innovation at Ledger. I can say a little bit more about what I did.

I co-founded Ledger in 2015. I have been playing with smart cards for a very long time, I have been playing with that technology for about 20 years. I was there when we created the first NFC Council a very long time ago. At some point I got bored of playing with passports, credit cards, SIM cards and stuff.

What drove me into creating several companies and into creating Ledger is: I think that the smart card is a great piece of technology—it’s really designed to protect your secrets. But in the end it’s not your secret so that’s part of the problem. Smart cards are very great at holding your bank secrets, your phone provider secrets, but it’s never your secret and that’s something I wanted to change. I wanted to find a way to open the technology and make it available for people who would like to write their own applications to hold their own stuff. That’s really what drove me into creating Ledger.

Then of course, getting interested in Bitcoin: one, I had Bitcoin—I have this technology in hand—and I thought that it was a perfect mix if we wanted Bitcoin to “take over”—the topic of the podcast. We did need to have a way to host keys properly and safely—that’s really the reason why we started everything. The company grew a lot, even faster than I believed. We took a very wild ride in 2017—I call the other companies. It was a little bit more quiet after that, but still the space is quite exciting and it’s always great to see—every day there is something new and it’s a great space to be in.

Vlad Costea (00:06:59):

Oh yes. I must confess that the first hardware wallet that I owned was the Ledger Nano S. And one of the reasons why I still like it is that it looks exactly—and I mean identical—to one of my USB flash drives. If you would see them one next to the other and I scratched the logo of Ledger, you would only be able to tell them apart if you open it and see that it has buttons and it doesn’t have a male connector and that screen.

But otherwise you can just bypass airport security or some kind of search just by carrying that as opposed to the Trezor—sometimes it looks like the remote which opens your car and unless you own a car and people know that you own a car it doesn’t really make sense to carry that around. With the KeepKey that’s even more complicated because it’s bulky, and with the Coldcard it sort of looks like a calculator but it has a very small screen and that’s the first detail that gives away that it’s a strange kind of calculator—it also doesn’t have buttons for operations. So from this perspective of OPSEC I think you nailed the design.

Nicolas Bacca (BTChip) (00:08:19):

Thank you. Regarding OPSEC, you can even push it further if you want because—well I will be talking about our operating system or our approach to security and the way we split the operating system and applications in the hardware because we are the only vendor to have a multi application operating system. On which you can decide which application you load and which application you remove.

But let’s say if you want to to push your OPSEC a bit further: for example, when you are walking through customs you can just have your FIDO application loaded in your Ledger, and then you can perfectly discuss that and say, Okay, yeah, well look at that. It’s a completely legitimate use case. And people would have to take the hardware wallet and to install additional applications to know that you are actually holding Bitcoins.

So that’s a way to make your OPSEC even a little bit better if you want. Of course for the other hardware wallets you can also play with your passphrase and you can always keep a small amount in a different passphrase. I think it’s a good practice to have if you want to make your OPSEC a little bit better. So of course that will give away that you are interested in crypto.

You can’t hide the fact that you have a Bitcoin application on the device because on other devices the firmware and the applications are mixed in some way, but still you have additional options. It’s interesting to see in this space that pretty much everybody thought about OPSEC because it’s important if you want to conceal your privacy and if you want to conceal your assets.

Vlad Costea (00:09:58):

Before I move on to the first question, I’ve got to say that the previous podcast I recorded and chronologically is going to be the one after this one—Episode 5 with Brian Aulds of Billfodl—he had lots of kind words to say about Ledger and even said that he uses one on a daily basis. So there’s the praise.

Nicolas Bacca (BTChip) (00:10:25):

Thank you and thanks to everybody who likes the device and thanks to everybody who criticize the device. User feedback really drives us and drives me to innovate. One of the big complaints I had about my previous job designing SIM card passports—from the start—was that in the end you never talk to your end users.

So you don’t really know what to improve. I would say that we made much more improvements in the field of smart cards in general—in the five years since Ledger has been created (thanks to all the user feedback and critics that we got)—than what I did in the past 15 years. So the field is also grateful for that. Secure consumer electronics is a new field of business—that’s how I would generalize hardware wallets. It’s a great place to be.

Vlad Costea (00:11:17):

Oh yeah. Speaking of that, I wrote that 3-part series in Bitcoin Magazine about hardware wallets and I really appreciated the way you reacted as a company to what I wrote there.

I mean, you could slam me on social media and say that I’m wrong and point out alternatives to the solutions that I found, but you just improved, then sent me an e-mail and were like, Okay, so we have added to this Donjon.

You added all the hacks that have been fixed and you have updated your bounty program and these two points have been raised during the article and in less than one month you have fixed it. And you didn’t even tell me in advance—you just told me, Okay, we have fixed these. That’s something I appreciate.

Nicolas Bacca (BTChip) (00:12:13):

Yeah, we were in the process of doing it, but speaking about it just pushed us a little bit to move further into that. But that’s the way you improve. You don’t improve by slamming people on social media, you improve by listening to feedback. Well, sometimes the feedback is really bad. You can just stop listening. Insulting people never really served any purpose, even sometimes on Twitter you wonder what people are doing. I mean that sounds off-topic.

Vlad Costea (00:12:49):

Before anyone suspects that this is some sort of paid interview in which I just randomly praise Ledger all the time, let me get to the first question, which is about hardware wallets in general, and why should anyone use them as opposed to something else like a paper wallet, a brain wallet. I talked to Trace Mayer and he said that he never uses hardware wallets and just stores his keys with Armory on a computer which never gets connected to the Internet and he spreads it geographically across multiple regions. But why should anyone buy a hardware wallet and use it?

Nicolas Bacca (BTChip) (00:13:27):

Thanks for this question. It’s something that a lot of people wonder when they decide to spend a little bit more money to hold your money. I mean that’s something that you want to do usually. I think it’s for people who perfectly know what they’re doing, who have a very strong OPSEC and who are absolutely confident in the process.

They can of course have something that they keep offline and manage that way. The idea is that if you have hardware wallet, it’s the best way to create a secret setup. To both HODL your cryptos and use it. I would say that using it is really the complex part. If you want to use a paper wallet correctly or if you want to use crypto that you hold on an offline computer, you have to think about all the steps where things can go wrong and you have a lot of them.

Especially if you are using a paper wallet, any kind of malware can of course steal your crypto when you are using it because you are putting your keys into memory and you’ll have plenty of ways to extract things from the memory of the computer—if you have been following the recent hacks on Intel architecture for example. You know that there are multiple ways of spying on what the CPU is doing.

The most recent one is bloat but apart from that you have Spectre before and you had a series of very interesting hacks when people manage to extract data from memory. Well that’s maybe the most complex one, but then if you have an offline computer you have to think about who is going to update it. It doesn’t mean that it’s secure because it’s offline.

If you have an outdated software on your computer, you might still need to update it in order to avoid leaking data or in order to avoid feeding it something that would cause a different outcome when you decide to sign. So you have a lot of things to check and you have a lot of boxes to verify if you want to do your own self-custody.

And I would say that hardware wallets make that much easier. And that’s really the point in having one. If you decide to HODL your crypto, it provides you with good entropy so you know that you are going to choose your keys properly and that you don’t wake up one morning with all your phones disappearing because the first entropy that you picked was bad.

That’s something that can happen if you are using a software wallet or if you are using something in an environment that you didn’t really control. And then when you use your crypto you can verify what you’re signing. Verifying what you’re signing is really the key point of hardware wallets, so you can make sure that what you are doing is really what you wanted to do. And this is getting a bit more complex.

So we have an opportunity to discuss that in Multisignature settings. But the important part of hardware wallets is to put you a little bit more in control, with an interface which is quite easy to use. So if you want to pick something, if you want to get into crypto, hardware wallets are the best way to make sure that, first, your crypto won’t disappear, and that it will be ready to make full use of the most creative use cases of crypto coming because hardware wallets are ready for HODLing and they are ready for using in new ways that do not exist yet.

Vlad Costea (00:17:02):

Why should a newbie who just got into Bitcoin and decided to spend $100 on a hardware wallet choose a Ledger? And when going for a Ledger, which model is best suited for the needs of a beginner?

Nicolas Bacca (BTChip) (00:17:21):

Well all hardware wallets are interesting. We offer the best mix of openness, flexibility and security. Especially if you consider a threat model which involves physical attacks. We are the ones dealing the most with physical attacks by choosing a smart card chip to implement the logic. I can speak a little bit more about the different things I mentioned.

Openness: we have probably the largest numbers of third party developers today. We have people designing support for different coins. I’m not going to mention different coins in this podcast, but let’s say that if you want to design Bitcoin extensions for example, if you want to design your own Bitcoin application to exactly cater to your use case, that’s something you can do. So we can have some people playing with that in the future. Regarding the flexibility.

So we have an operating system today which allows you to isolate applications so you can basically load any kind of application on your device and you know that the applications are not going to interact with each other. So each application is really independent. Regarding security. So the threat model that we have in mind is that we are building everything on the shoulders of technology. That has been the gold standard for 40 years in banking, Pay-TV identity and also industries which are absolutely critical.

So by doing that, we know that we offer the best possible physical security. Not because we designed it from scratch, but because we rely on something that a lot of other people have been using in the past. So how are you going to use your crypto? Are you going to HODL your crypto, are you going to use them, are you’re going to walk all the time with your hardware wallet in your pocket, which can be a very viable use case.

You know that by choosing Ledger you have the solution that protects you against those kinds of possible physical threats, that is still easy to use and that is still very flexible regarding future use cases that you might have. Regarding the model that you want to pick, it’s really a personal test, so Nano S is our oldest hardware wallet with a screen. Before that we had a model without a screen. The Nano S is the cheapest.

Security-wise, it’s pretty much equivalent to the Nano X. You might want to get a Nano S if you don’t mind connecting it through a USB cable with your phone, for example. If you don’t mind having a weird setup where you connect a USB OTG cable when using it on the phone. The Nano X offers a bigger screen so it can be quite useful for users who have trouble reading on the smaller screen of the Nano S. It offers a Bluetooth connection which is great to connect it to your phone, either Android or iOS, in a more natural way than when dealing with a USB OTG cable. It’s slightly more expensive. It has more memory as well. So I would say depending on your use case, the S and the X are good options. If you are going to trade often on your phones, the X is probably the preferred option. Otherwise the S is great as well.

Vlad Costea (00:21:02):

I think the discussion in regards to the difference sometimes ends up being the difference in the secure element because the X has an updated chip.

Nicolas Bacca (BTChip) (00:21:12):

Yes. So the X uses an ST33 while the S is using an ST31. Both are quite equivalent, security wise. The ST33 is a little bit more recent so it’s even more hardened than the ST31 against physical attacks. But the ST31 has been undefeated so far.

So security wise, one thing that changes between the S and the X is that on the X the screen and buttons are directly connected to secure elements. So that’s one attack surface that has been removed. You don’t have an MCU connecting—in the middle—the screen and buttons. Even in the S—I can talk quickly about the architectural security that we have with the S. On the S the secure element is put in the applications and when the secure element wants to display something to get input from the user, it’s talking to an MCU which is a separate chip which is connected to the screen and button and reporting the events to the S.

You would think that it’s an easy way to attack because if you can run code on the S—which some people did in the past—you have a way to fake what’s displayed on the screen and you have a way to fake user inputs. But when the device boots the secure element authenticates the MCU. The MCU is going to send its firmware to the secure element and the secure element is going to hash the firmware to verify that it’s talking to the right chip. There are ways to try to hack that, but it’s not really easy to do with the new security that we put in place.

Basically the secure element is verifying that the timing is correct, that the MCU is answering at the right time. The firmware is asked to the MCU in a random way, so it’s hard to reproduce. With the new strategies that we put in place after the recent firmware—I think it was right after 1.3.1—I haven’t seen hacks that would exploit that successfully. I have seen people running code on the MCU, but I haven’t seen people running code on the MCU while still talking to the secure element. So security-wise I would say it’s pretty good today.

Vlad Costea (00:23:49):

Right. So I think that the next question I have for you is the most difficult of this entire interview because I will make you discuss the competition and I’ll make you say something nice and something bad about them. Let’s begin with the Trezor because this seems to be the never-ending battle between hardware wallets.

Nicolas Bacca (BTChip) (00:24:11):

It’s not really a battle. I really like what Trezor is building. Doing everything open source, making sure that you can build your own—pushing people even to build your own—providing clear instructions on how you can do that is quite nice for hobbyists. I also like the contributions that they make to different standards. I think they move the space a lot regarding that. With BIP39 for example, or Shamir secret sharing of seeds.

It’s a great way to provide an additional backup strategy. We plan to use it as well in the future, because interoperability is important as well. The code quality of Trezor is quite impressive as well. We have been doing several physical attacks on Trezor because while the code is great, it’s easier to attack the hardware, especially that case. What they did build —from scratch—is pretty impressive.

Vlad Costea (00:25:21):

So your criticism regarding the Trezor is that it’s easy to physically attack?

Nicolas Bacca (BTChip) (00:25:29):

So what I do not like is that the security architecture makes it really easy to physically attack. There are not really ways you can prevent that. You can of course prevent that by having a passphrase. That’s the typical answer. The problem is if you have a passphrase you are completely changing the ease of use of the device.

If you have to type something before you start using it, you are building something completely different. It’s like if you are telling people that you are going to get rid of passwords by using a device that needs a stronger password. If credit cards have been successful in the past, it’s because you can just pay by tapping the credit card if it’s contactless on the payment terminal and you would pay in under 200 milliseconds. That’s what we are competing against.

As an industry we are competing against the best possible use cases of the other industry—we are not competing with each other. We are competing with what happens in the existing banking system, with the existing scenarios. We have to be better than that. If you have to enter a passphrase before you can even think about using your device, you destroy a lot of ease of use and a lot of user experience.

Vlad Costea (00:27:03):

What about the KeepKey? It has been around for a few years. Nowadays, I think it is the most affordable hardware wallet out there and might be a good solution if you just want to connect to Electrum and not use the Shapeshift software. What do you think about it? Can you say something nice and something bad about it?

Nicolas Bacca (BTChip) (00:27:23):

So something nice. I like the large screen. The large screen changes the user experience and you can have a lot more information. That’s what they did in the beginning. Something else I liked is that they showed to other people that you could make a tighter integration with an exchange. What they did with Shapeshift is that you could verify your shift on the device.

So that was getting one step further from just displaying simple information. You could display information that related to the service that you are interacting with. It shows how hardware wallets could in the end provide a better integration into third party services.

For example, when interacting with an exchange, you could verify what you are currently doing on the exchange, you could verify the different trades that you are doing directly on device and that would be great. They showed that hardware wallets could be used to do that as well. On the parts I don’t like, I will probably say the same thing as for Trezor because they are using the same architecture. So security wise, there are problems that you can’t really overcome with software. That’s my bigger concern.

Vlad Costea (00:28:49):

Right. What about the newest big player in the market, the Coldcard? It brings a lot of interesting features. It even uses partially-signed Bitcoin transactions, which is interesting—that you’d never connect the device to the Internet. But to somebody who is new in this space, it can be very intimidating and difficult to use and unfriendly. I criticized—I feel like I did your job, but can you say something nice about it and something you don’t like?

Nicolas Bacca (BTChip) (00:29:21):

Coldcard is catering to the cypherpunks. You can see that with the communication and social media to use them. If you are thinking about using your device for anything other than Bitcoin they don’t want to be talking to you. It’s a marketing position. That’s fine. If they make money that way I’m very happy for them.

What I like with Coldcard is that it has support of PSBT because it was definitely built for PSBT and having a hardware wallet pushing PSBT is great so it can be integrated. All of us will be integrating PSBT at some level. Today you can already use PSBT with an excellent integration. So using the actual UI interface so everybody can interact with PSBT but Coldcard shows how you can deeply design your hardware into exactly supporting PSBT and displaying different PSBT elements.

I like the looks of Coldcard as well because if you are targeting cypherpunks it’s good to have a device that looks very intimidating. It definitely looks intimidating. It’s a nice feature.

Vlad Costea (00:30:42):

What about the BitBox02 which was launched a few months ago? I think it uses the same secure element as the Coldcard but is a lot friendlier and the user interface offered the option to connect to a full node and also manage UTXOs, which is impressive. And it has Bech32 addresses by default. I felt they got a lot of stuff right and they improved on the previous design, but we have yet to see how secure it really is longterm.

Nicolas Bacca (BTChip) (00:31:18):

Yes. I definitely liked the form factor of the new BitBox. What they did with the touch sliders is interesting because you have some sliders up, you have some sliders down so you can think about doing some different interactions.

For example, when you try to enter your memory inside the device it really makes it easier, by the way they decided to design it. The set of features of this report is quite great. What I didn’t like about BitBox is the security. I will speak a little bit more later about the security architecture, but sorry about always saying that what I don’t like in the competition is the security architecture.

That’s the thing that we are pushing for. Regarding Coldcard, I didn’t say what I didn’t like about Coldcard before: I like the looks and I dislike the looks as well because if you are a new user, I don’t think it looks very friendly to use. I understand it’s not the main part. And technically speaking, one thing I don’t like about Coldcard is the usage of MicroPython as well.

I noted that it’s a new trend in this industry where a lot of people started using MicroPython. It adds a lot of complexity if we use the code. You don’t exactly know what the VM is doing in the background and as a VM is it doesn’t really serve the right purpose of a VM in my opinion—a virtual machine—which is to isolate two applications. You can’t really isolate applications in Python. MicroPython makes applications easier to write but in the end it makes them also quite harder to understand exactly how the application is running inside. And that’s not a good thing for security.

Vlad Costea (00:33:28):

Interesting. I think this is the first time hearing anything related to the operating system of the device?

Nicolas Bacca (BTChip) (00:33:37):

Yeah, even if you don’t really have an operating system because—what I would call an operating system is something where you have a clean split between the main device functionalities and the application. In all of those devices it’s mixed together.

The firmware is doing everything and you can’t put a clear split where the device functionality starts and where the application starts. So it’s all mixed together.

And MicroPython, I mean using a virtual machine can be a way to do that, but typically MicroPython doesn’t let you do that just because of the way Python is defined. You can’t have separated scopes in Python. So if you have a malicious application that tries to modify the way your device is going to handle the PIN, it will be able to do that.

Just because MicroPython will not offer any kind of software protection against that.

Vlad Costea (00:34:39):

This is definitely interesting and this is why I’m happy that I get to talk to an engineer as opposed to a marketing person.

Nicolas Bacca (BTChip) (00:34:49):

Well, yeah, you can find a marketing person interested in MicroPython as well. But yeah.

Vlad Costea (00:34:57):

You spoke about the firmware, and this is the point where I have to ask that question which gets asked all the time: which part of the Ledger software gets open-sourced and which part doesn’t, and why do people usually criticize it for making you trust the company and the device a lot more than the Trezor, for example?

Nicolas Bacca (BTChip) (00:35:21):

Today the approach that we have chosen when deciding to work on a smart card chip is that we took the good parts of it—the security—and we took the bad parts of it—you have to sign a vendor NDA, where basically the chip that is shipped is under the NDA.

So in what you are writing, in the code you are sharing, you can’t share anything that would either reveal how the chip is working or share code that will help people get this information. So it’s a bit tricky because you don’t want to show this information yourself and you don’t want to provide third parties with a way to extract this information.

So you have to think about that when you are designing an application for a secure element. That’s one of the reasons why we have this operating system architecture where we split the OS on the applications—the OS today is closed source and the applications are open source because the applications are using the operating system as a service.

They are basically running—at some point they need to run a specific operation, so they are making the system call. The system call will go back to the operating system, the operating system will do its stuff and will returned the results with the applications. Unfortunately today the cryptographic library is part of the operating system for performance results. In the end, the secure element is working at a pretty low speed—compared to general microcontrollers—something like 20 to 40 megahertz. And why the Trezor is also—in general microcontrollers are more operating in the 100 megahertz range.

In order to perform fast computations when doing for example ?????????????, they will use a core processor. And here you see the problem is that since this chip that I shipped is under NDA, the design of the cryptographic accelerator or the secure elements is still also under NDA. So that’s a big part of what you can’t reveal. And the way we plan to work around that is that we are rewriting constantly the operating system in order to better split the parts. So it’s very hard to do it in one go.

That’s why it’s taking us a lot of times to do that. But we want to end in an architecture where we can share most of the code of the operating system and we’ll just have a black box which would be a binary block that you load, which will basically match the chip that I ship But everything else will be open sourced in the—I don’t like to say in the long run because that’s something that we are really trying to improve, but it’s very hard to know exactly when we will be able to release that. So I am pretty confident we will be able to release more things related to the crypto libraries this year, because we have found some ways to split it already. So today the operating system is closed. That’s the way things are and the applications are open.

So you can say that’s a design that makes it hard to test things. But in the end, testing the applications—even testing the operating system—is pretty possible. We have researchers reporting bugs on the operating system already because if you want to test, you can still test it as a black box so you can run some code. You can see, you can try to interact with the operating system as an application would do.

You can try to override the security of the operating system and basically you can verify that—well, either you can’t override them and that’s good from a security point of view—or you can override, then you can make a nice bug report to us and then we are going to fix it. But we are in a state, with the last certification that we passed, where the code has been reviewed by three different third parties. So the code, which is not open, I mean of the operating system, I haven’t found any escalation process where applications could compromise the operating system, in the recent version of the [INAUDIBLE].

Considering what people are doing in other industries, a lot of people are testing things like that, using black box testing. If you consider hardware in general, hardware can always be seen as a black box at some point. Even if your code is fully open source, your code will rely on the chip and sometimes on part of the chip which is not documented. All the other hardware wallets having an open source code but working on general purpose chips, they are using security features of those chips for their own protection, because one of the key features of a hardware wallet is that you can’t flash your own code. So you can maybe do it after getting the authorization of the bootloader or getting the authorization of some of the parts.

But in the end you don’t have access to the GTAG and you can’t flash your code into the microcontroller. So you are still relying on the microcontroller for security and unfortunately those parts are usually not documented because even on general purpose microcontrollers some parts are still kept secret by the manufacturer so they give you the ???????, but they’re not going to tell you exactly how the ?????? is implemented and that’s when things start to get tricky because if you think that you are protected by just writing open source code—first, you don’t exactly know how that code is going to run on your specific device.

So if we want to think about for example, timing attacks: today, if you want to have a cryptographic algorithm running on a specific chip, it’s much easier to actually run it to take some measurements to see how the code is behaving on the chip rather than by reading the source code. If you just read the source code instead of running the code and observing how it’s running on the hardware, you are going to miss a lot of good things and you’re going to miss a lot of hints regarding the security of the code. So that’s the reason why I think that even if you are fully open source, you’ll still need to have the black box approach to testing.

Vlad Costea (00:41:59):

Okay. I feel like this explanation was a lot more than I expected and I’m happy that I got it.

Nicolas Bacca (BTChip) (00:42:05):

Yeah, no problem.

Vlad Costea (00:42:07):

Okay. So to my knowledge, I think the Ledger was the first hardware wallet to implement the secure element chip in this design. And since then, companies like Coldcard and BitBox have also added secure elements in their hardware wallets.

So what do you think about this trend to add secure elements? Is it the best approach and what do you think about the specific choice of secure elements in the Coldcard and in the Bitbox?

Nicolas Bacca (BTChip) (00:42:42):

It’s a good idea to have chips which are more dedicated to physical protection of assets in all cases because as we’ve seen, if you try to put secrets on an STM32 on the general purpose microcontroller it’s quite easy to extract.

The problem is that in the industry we don’t really have a standard to say what exactly is a secure element. So in the end, secure elements gets more into marketing terms so that you are speaking more about marketing people than anything else. So I would like speak a little bit more about the definition that we are using when we say secure element and that’s why I will stop saying secure element as of today. I will say that we are using a smart card chip because the definition of the smart card in the smart card industry, what we call a secure element is a smart chip that could come in different form factors.

The most common form factor of the smart card chip is what you have in your credit card. So you can look at it and see the different contacts—it looks like a smart card, but you can put it into a different package. You can put it as something that you solder into something else. You can visualize it to a CPU for example if you want. But in the end, it’s a smart card chip. And what exactly is a smart card ship? So I’m going to dive a little bit more into what it brings and what is interesting for us.

So (1) first it’s something that is going to be quite hardened against physical attacks. So that’s one characteristic that will be shared by many chips. It will give you a root of trust, down to the manufacturer—as well, extremely important and it will give you the possibility to run code in your chip. So why do we think that all those parts are important? So first handling against physical attacks is quite easy to understand. It makes it hard to extract secrets.

It makes it hard to spy on the chip. And as well, it makes it hard to tamper because let’s say you want to tamper a chip—you had some very interesting talks about that as the latest ???????????. Regarding how you could compromise a chip. One of the talks was from Bernie…? I don’t think I can remember the name of the talk, but it was like, Open source is not enough if you want to properly protect your hardware. I would say that everybody should watch this talk if you’re interested in that topic. And Bernie has done a lot of good stuff for open hardware.

Well, I was digressing a bit. So the (2) second part of what the smart card chip is going to bring is a root of trust. The root of trust will be a manufacturer secret that is built in and that clearly identifies the origin of that chip. So since the chip is good at keeping secrets, you know that this root of trust will prove that your chip is coming from a legitimate vendor. That’s something that has been used in critical industries that I mentioned before.

So the lifecycle of the chip is clearly controlled and audited and that’s a very big difference compared to a general purpose chip, because here you know that you have a secret that you can trace back to the origin and you know that the OPSEC of the manufacturer is quite strong as well because if this secret is leaking, basically their entire reputation goes down the drain. Not only for crypto but for passports, for states, for other things. The good thing in using what’s used by governments is that in the end you know what kind of security they want to do because they want to protect themselves.

They’re not going to get hacked themselves—you see the point. And then it’s possible to run code in the chip. And that’s also critically important because if you combine that with the root of trust, it means that you can give strong guarantees to an observers exactly what is running in the chip. If you don’t have that, it’s pretty hard to say, Okay, this is a code that I built. This is the code that I put in the chip.

And this thing could tamper the code the middle. I was talking about the bootloader architecture for example on a generic microcontroller. When you load your code on a generic microcontroller you are going through a b⁠ootloader—regarding hardware wallets⁠—you are going through a bootloader which is designed by the manufacturer of the hardware wallet. So if this bootloader is lying to you, in the end, even if you built the code yourself, you don’t really know what’s going to be loaded on the hardware wallet and unfortunately the chip is not made to protect you against that.

You have an issue. So coming back to smart card chips, if you have all those properties: if you are hardened against physical attacks, if you have a root of trust and if you can run code in the chip, you can provide very high guarantees regarding what you are doing and you can use these features to save time when implementing some some security measures. When you load a new firmware into your Ledger device, you are connecting back to Ledger servers, the Ledger servers will verify that the secret that’s inside your chip⁠—well, that your chip is legitimate⁠—so that’s how we verify that you are talking to a legitimate Ledger device.

You have a health check that you can perform at different stages of the life of the device. And it’s a good way to increase your security. And I will say that a little bit down the road, we want to explore new ways to work with Multisignatures and especially ???????? and MPC. And different ways to split keys that we can imagine. And being able to verify the code that you’re running into the chip and running in a trusted environment is a way to save time because those operations are usually very costly, performance-wise.

And if you can make some assumptions about trusting the code that is run by different parties, you end up having code which can actually run in a time which is interesting for the user. So going back now to what Coldcard and BitBox are using. So they are using an ATECC608A, which is sold by the manufacturer as a secure element. I think that’s the part which is a bit confusing, that the ATECC608A will just provide the hardening against physical attacks. You don’t really have a root of trust you can at least use for your own code because you can’t run code into the chip. So in the end you have all your business logic running in a non-secure element that you can’t really tie to the chip because if your code is not running in the chip, you can’t really demonstrate anything about your code—the relationship between both is quite weak.

Another thing that is quite weird about the ATECC608A is that it’s protecting keys but you don’t really know how because it has never been certified. So I’m not saying that certification is a silver bullet providing you confidence about what happens. But certification is giving a list for the manufacturer to try to do when protecting the device. So for example, you know that the manufacturer tries to protect against a different kinds of glitching because when you can read the certification, I mean all certifications are public.

So certification would refer to a list of things that are actually certified. If we’re talking about common criteria certifications, you have a protection profile, which is linked to the certification. So this is the information that the certification is giving you, so the certification is that telling you that the chip is good?

A certification is telling you, Okay, the manufacturer tested against all the attacks. And for the ATECC608A, since it didn’t really go through a certification, well you know that the chip is hardened, but you don’t really know how. That’s the reason why I don’t think those chips are ??????????? in other industries before and well their exact security has yet to be demonstrated.

Vlad Costea (00:50:58):

I think I lost you for 30 seconds there, but I hope that the recording is fine in the end. Anyway this thought just came to me because I know that Ledger take security very seriously and at some point I suppose there will be inevitably some sort of second-hand market for hardware wallets and users resetting their devices and selling them on eBay or something. But at this point, do you think it’s safe to buy a Ledger on eBay and securely use if it has been reset?

Nicolas Bacca (BTChip) (00:51:37):

If it’s an S, you might want to verify that people didn’t put some mixed hardware inside. So I don’t think that’s going to be the most common attack. I think if you verify exactly how the device is wired—so if you do that on eBay, I would probably say that, well, you should do that: if you order it and you think the device looks to have been tampered with, you might want to verify that everything is correct before storing money on it.

Vlad Costea (00:52:24):

Okay. Because I spoke to the ShiftCrypto BitBox people and they were like, No, that’s a terrible idea. And we don’t think that’s the way to go.

Nicolas Bacca (BTChip) (00:52:36):

I don’t think that’s the way to go either, but you can’t really prevent people from doing it. So in the end you want to provide some advice because you will still have people wanting to do that.

Vlad Costea (00:52:52):

I suppose there are also people who get a Trezor or a Ledger at first and they learn how to use a hardware wallet and then maybe then they have higher privacy expectations and switch to the Coldcard and they’re going to have a Ledger lying around.

And the question is can they still sell it and make some money on it and possibly give it to somebody securely who can trust that it’s not going to be a malevolent piece of hardware or should they just keep it because hardware wallets are single use items just like toothbrushes.

Nicolas Bacca (BTChip) (00:53:32):

Yeah that’s a good comparison. I don’t think they are single use, I think that you can always find new use cases for a hardware wallet. Typically if you are moving to a Coldcard because at some point you decided you are a hardcore Bitcoiner and you don’t want anything other than Bitcoin to touch your device, that’s a decision you have the right to take.

I would say regarding privacy, it’s more related to the software, the hardware wallet doesn’t do a lot of things regarding privacy so it’s more the software that you connect to it. But you have a lot of uses for a hardware wallet if you decide to keep it.

Typically, using Fido you can use your hardware wallet as a password manager. You can use your hardware wallet to connect to your SSH server. So you have plenty of reasons to keep your hardware wallet. If you decide to sell it, we are probably the manufacturer that took the most care by having the architecture that we have, of making sure that it’s hard to tamper with the device.

So I’m not saying that it’s impossible to tamper with the device because if you want to solder new stuff into it we have no protection against that, but it’s significantly harder to tamper with than any other device. Just taking an example, if I want to tamper with another device based on the generic microcontroller, even if you are using another secret chip in the middle, I just need to tamper with the bootloader.

If I can somehow rewrite a bootloader and we ship the device with a different bootloader, I can make you believe that the device is completely genuine. You wouldn’t be able to trust it—you can make fake devices that look exactly like the original one without even opening the device. So for other manufacturers, the second-hand issue is harder to tackle than with us because to mess with the device, you really need to open it and you really need to solder new things inside the device.

Vlad Costea (00:55:41):

Another question that I have for you, and I’m not sure if it’s fitting, given how the operating system and the applications are handled on the Ledger, which is very different from other hardware wallets. I have seen that with the Trezor and the Coldard and the Bitbox there is a Bitcoin-only model that they released and they say that through this minimalistic software approach, they reduce the attack surface.

But in the case of the Ledger you can choose which application you want to install. So if you want to have a Bitcoin-only device, you only install the Bitcoin application.

Nicolas Bacca (BTChip) (00:56:24):

Yeah that’s pretty much the case. The other thing is that, if you look at the source code of the Bitcoin application, you’ll see that in order to save space, you have some branches in the applications that relate to other Bitcoin forks. Some coins that are maybe not well known by Bitcoiners only. But you have plenty of Bitcoin forks.

Zcash was initially a Bitcoin fork—you might not be aware of it if you had never dug into the question. So if you look at the Bitcoin code, you would say that it is “contaminated” by some other coins. If that’s your case, you might want something better than that for your Bitcoin. So you might change the Bitcoin application to only contain code that’s related to Bitcoin, then load it, with better guarantees I would say than those of the manufacturers.

Vlad Costea (00:57:18):

Right. One of the downsides that I found in the Ledger devices during my testing was that it’s a lot more difficult to set up a Multisig with Electrum.

Are there any efforts that you are doing in this direction and will there be a Multisig option that you will be implementing in Ledger Live, which is your desktop application?

Nicolas Bacca (BTChip) (00:57:44):

We are definitely starting efforts to re-write the ways the Bitcoin application is working regarding Multisig. The current application—well, a little bit of history: it was written for first-generation hardware, which are 2 kilobytes of RAM.

So in 2 kilobytes of RAM you can’t do much. The way I decided to implement Multisig on that is that I would just display the information. I will not try to be smart and understand what the transaction is doing and I will just sign. In the end I thought that signing was the right thing to do for hardware wallet. So I understand that this is definitely not satisfactory enough, if you want to build a complex Multisig setup and the vision that I have for the next re-write of the Bitcoin application that I am currently working on is that we will have a more complex Bitcoin application in the future.

Multisig is one thing, then we will Taproot and we will have MAST, those are features which make me consider maybe a little bit—Bitcoin with a Unix model in mind. If you look at the Unix model, you have lots of small processes that do one thing but do it well and that can be tied to another process. And I would like to have the same design for the next Bitcoin application.

So the Bitcoin app, you will have one Bitcoin application which is responsible for just doing the Bitcoin transaction signing. You would have a sub-application which is responsible for displaying the address and the Multisig. You would have an application which is responsible for deciding what the Multisig template is. For example, using mini script for these cryptos, you could say, Okay, I’m going to sign using this model then I’m going to bind this model inside the device, either by generating a specific application specifically for that, or by committing the profile to flash, for example. And then you would say, Okay, I’m going to sign using something that always looks like this. I mean, at least for this instance, and then the device can display additional information.

The problem is that today it’s difficult to display additional information regarding the Multisig setup without assuming a lot of things. So you can assume that your keys are ?????????? and you can assume that your change is always going to look like a given format, which happens to be followed by Electrum, but other people might not follow this format. And I think that by lacking that flexibility of exactly describing what you are going to sign, you can break some use cases.

Let’s say that I have the choice between signing and displaying a little bit more information—but taking assumptions. I chose not to make assumptions in the first version of the application before I had enough power in the device, while the new application model can describe what you’re signing without making those assumptions.

Vlad Costea (01:00:48):

Now, speaking of Electrum, because we have mentioned that, what do you think about people who buy a Ledger device and choose not to use the Ledger Live software and go for Electrum personal server or for Wasabi or for Shapeshift or other platforms that have native support for the Ledger devices? Do you have any kind of advice for them? Is it reckless to pursue this path?

Nicolas Bacca (BTChip) (01:01:17):

Oh, it’s absolutely not right to us. We are creating security devices and we definitely support people using them in any possible setup. The devices itself is made to be safe. I would say to those people using third party wallets to connect their Ledger device, well, please do. Ledger Live is designed to provide the most user friendly experience, but of course we can’t cater to all users.

You mentioned Multisig previously—the way I want to handle Multisig in Ledger Live in the future will very likely be done in an MPC kind of way. So in order to support Multisignature between different coins, so typically, if you want a Multisignature, which is on-chain Bitcoin and so on, don’t use Ledger Live because that’s not something that we will plan to offer. If you go back in history, the way we designed the hardware wallet, initially we had absolutely no support for—we didn’t have our own wallet, so I started integration by pushing implementations.

Well, the first wallet was Green Address, technically the first one was crypto kid. It was a Chrome extension, so now it disappeared. The second one was Green Address, the third one was Electrum. So I definitely support third party wallets using Ledger features. I think if we want to speak about specifically some wallets, Electrum will provide you more fine-grained control. Also Multisig as you said. Lightning, because Electrum is going to support Lighting in the next version and today if you want to open a Lighting channel with your hardware wallet, you can definitely do it from Electrum. It’s a great way to use a wallet.

Wasabi is going to provide more privacy. We don’t support CoinJoin today, but that’s something we are definitely interested to support. And as an extension to the Bitcoin application I mentioned before, I want to consider Bitcoin as a set of processes that they connect together—CoinJoin could be one of these processes. And we are definitely quite interested to provide features even in those features ???????? we support the software wallet ecosystem and we definitively support the wallets connecting to us.

Vlad Costea (01:03:39):

So let’s do a short recap because during the interview you have mentioned lots of features that may get added to Ledger devices in the future. And I think you mentioned PSBT you mentioned Shamir secret backup and also you just mentioned CoinJoins as something in which you’re looking at. And also better Multisigs. What else is next for Ledger?

Nicolas Bacca (BTChip) (01:04:07):

We have different ways of looking at that. Depending if you are a user or develope, I might have different answers for that. For users our goal is to make using crypto easier and more widespread. The goal is to compete with the standards that we have in other industries.

So we want to make crypto super easy to use. Paying with crypto should be as easy as doing a contactless payment. And that’s the reason why we’re using secure elements. Regarding Bitcoin specifically, we want to make Bitcoin more customizable: I mean the Multisig profiles, slightly related—we will be announcing Liquid integration as well. Liquid integration is already working, so that’s a good thing for traders.

We want to think about how Lightning can be more protected by hardware wallets. I mean mostly on the server side, so if you’re holding a node. I know that’s a lot of features. I think that given the architecture that we have some of those features can be developed by third party application developers. I’m thinking specifically about CoinJoins.

I think CoinJoin is something that can be easily done by a third party. I mean, once the Bitcoin application is written. So once we have the new Bitcoin application, that’s something that would be pretty easy to use for someone else. We want to have a much more open platform in the future. We already started doing that with the operating system and with the crypto library.

We want to push that further, so we want to have most parts of the operating system open. A hard thing for us developers in 2020 will be Rust as well. We want people to be able to write Rust applications into the hardware wallets and we want to drive this ecosystem forward. I that’s a great way to write applications which are a little bit more controlled than just writing C applications.

If we take a look at the future imaginarily speaking, we keep iterating on different form factors. So right now we are not really relatively decided but we are looking at things that could be bigger. We are looking at things that could be smaller. We are also looking at things that could be more integrated. Especially my team, I’m always looking at phones and wondering how we could make phones more secure. And typically if we manage to run our own operating system into a secure element inside a phone—integrated secure elements or non-physical secure elements in the CPU—that would be the best possible integration if we manage to have a proper UI with that, in order to have a right display to the user.

We are really thinking of Ledger as a platform. So Ledger as a platform providing a secure operating system on which you can build different kinds of applications. Now we have three business units for Ledgers, so we are not only considering hardware wallets, we are also running a vote for a solution that enables people to build their own custodian chip solutions, which is basically bigger hardware wallets. A completely different form factor.

That’s something I have been developing a lot in the past year. And we have an IoT division in which we use the secure elements that we designed and we try to connect it to other things. So the general idea is that, for example, if you wants to build a device that’s collecting data from a water supply out of the earth and you want to provide this data securely, you can use the secure element and you can use our operating system to do that.

So you might wonder why I am talking about that in a Bitcoin-related podcast, but the idea of looking at the company as a platform is that every time we do something that looks interesting in one of those business units, we can bring it back. And we learned about how to do better backups for users as we were designing the phone. And that’s something we can push back to the consumer devices at some point.

When working on the IoT devices, we made a lot of performance improvements on the device. We need to do that because we are operating in an environment where we don’t have a lot of power. And so in that case you need to run your code much more efficiently. We are bringing that back on the consumer devices—they will sign faster.

So that’s really the way we are looking at the company. Even if we are not only doing hardware wallets, every part that we do contributes to the same operating system and we push this operating system forward.

Vlad Costea (01:09:27):

I feel like I have exhausted my questions at this point, but I will just take one from @Alk20191 on Twitter who wants to know something more specific that maybe we haven’t touched very clearly. How does Ledger Manager recognize a fake Ledger?

Nicolas Bacca (BTChip) (01:09:46):

Ledger Manager will ask the secret chip—identifies that root of trust. Ledger Manager will ask the secret chip to sign a ???????.

We’ll ask the secret chip to perform a signature given code, which is given the secret that is put by the manufacturer and we’ll verify that the secure element is answering properly. So basically Ledger Manager is verifying that the secure element is the right secure element. That’s the validation which is performed by Ledger Manager.

Vlad Costea (01:10:21):

Okay. So @btchip on Twitter. By the way, everyone should follow you just for these insights and to better understand Bitcoin security. I feel like during the last hour, and maybe it was 70 minutes or something, but I’ve learned a lot and this is definitely useful and this series that I’m doing is meant to provide more information for users who get into this whole hardware wallet business and they want to understand what they should buy and what is right for them.

And I’m very grateful that you provided all of this information and I’m pretty sure that at some point somebody will find it and will say, Oh, this is exactly what I needed. And it offers all the explanations that I was expecting. And during this interview, I took notes regarding timestamps. So if somebody wants to just skip to that part about Multisig and Ledger, they can just do it and listen to the part where you talk about it or about microcontrollers and secure elements. So thank you very much.

Nicolas Bacca (BTChip) (01:11:36):

Thanks a lot and thanks for hosting me. And as you said, I think you are providing a very useful service to the community, so please keep doing that. Keep digging into other parts of Bitcoin. If you want to host a new podcast on, I don’t know, like different Multisignature solutions that can be provided. That’s great. So please keep doing what you’re doing.

Vlad Costea (01:12:00):

Oh yeah. Well actually I was thinking that each season from now on is going to have a team, like an album, like the Dark Side of the Moon, you’ll listen to it from start to finish. It may have different songs, but they just tie together in a greater team and that’s something that I want to pursue.

And this season I’ve had KeepKey, I’ve had BitBox, I’ve had LazyNinja (@FreedomIsntSafe) who was able to find vulnerabilities in the Coldcard and in the BitBox02. I’ve had you from Ledger and next month I will be having Slush from Slushpool and also Trezor. So, so far it’s very accomplished in this regard because I was able to get the best people to talk about the product and possibly NVK will give in the end because he was kind of skeptical.

He was like, Oh, why should I join this podcast, you have already written? And he was kind of unhappy about the coverage that he got in Bitcoin Magazine specifically when I wrote that it’s easier to break the Coldcard than to break the Ledger. And he was like, No, but it’s made from, I don’t know which components he tried to describe.

And I said, Yeah, but the screen is easier to smash with a hammer because it’s larger. It has a greater attack surface. If you want to destroy it, it’s easier to destroy the Coldcard. And he was unhappy. He was like, Oh, but I tested it with guns and stuff like that.

Nicolas Bacca (BTChip) (01:13:35):

Okay. But well I would say if he needs to be encouraged, I would say it’s always great to have a way to give your message and to give especially more explanations to the users because in the end users need to invest in what they are buying, so providing a platform where you can discuss about that a bit, which is not doing some blind promotion of the product is great. So yeah, please come and everybody should join.

Vlad Costea (01:14:05):

Yeah. And also I like to think that this is the golden age of hardware wallets because you have all of these new products which take open source code and then they experiment with some kind of design and you have hackers.

Nicolas Bacca (BTChip) (01:14:22):

Oh yeah. And we didn’t talk too much about that. But there are some people doing some pretty wild experiments on that. I mean, especially if the Trezor code is being run on platforms that I don’t think people would feel putting that on secure enclaves or TEEs.

So secure enclaves are another set of security devices that we didn’t talk about, but they are basically some semi-software, semi-hardware security solution that you can use on more complex CPUs. So typically SGX is the security on ????, on Intel. Trezor is a security enclave. So that’s a way to protect all your secrets from malware. So not from physical attacks.

Vlad Costea (01:15:07):

Oh yeah, I agree. And all of these efforts that companies make help the end user get better security. So it might be kind of a harsh competition, especially in the marketing departments where they try to emphasize on the qualities and they possibly maximize the impact of hacks that happen.

And they say, Oh, that device you shouldn’t buy it because it was hacked. But at the end of the day, all of this feedback that we get helps design better products and it’s the Bitcoiners who get better security.

Nicolas Bacca (BTChip) (01:15:45):

Oh yeah, for sure. I mean that’s the way open source is working and as the people from crypto say “The rising tide is lifts all boats.” This is definitely the case in a new industry. We get more reviews, we get more comments. The code is reused by other people. We can comment, I can comment on different stuff. That’s the way we improve as an industry.

Vlad Costea (01:16:10):

Yeah, I very much agree with that. I’m very grateful that you gave me this time to talk.

Nicolas Bacca (BTChip) (01:16:16):

Yeah, no problem. Pleasure is mine.

Vlad Costea (01:16:20):

@btchip on Twitter. Follow him. You absolutely have no reason to ignore his insights. And if you want to look at more of his work, you can just look up Nicolas Bacca on whichever search engine you prefer.

It’s better to not use Google anymore for reasons that might regard the establishment of SkyNet. But yeah, thank you very much. I’m not sure if I have anything else to add.

Nicolas Bacca (BTChip) (01:16:55):

Thanks for hosting me again and yeah, I’m not tweeting much so I won’t spam you if you follow me and I’m not even tweeting in French. So no problem. And again, thank you and well, that’s it.