Ledger will implement a new security model starting February 26th next year. The hardware wallet maker is looking to increase separation of derived roots. This is a change that applies to the way private keys are generated from a single seed for all cryptocurrencies.
Charles Guillemet, the company’s chief technology officer, confirmed that the update arrived on January 27th. Directly impacting Bitcoin and Ethereum applications Inside the device.
Previously, Bitcoin applications could derive keys from almost any technology path. When creating a new wallet for another cryptocurrency, the private key was derived from the exact same seed already used in the Bitcoin wallet.
This design provides much more flexibility for using third-party wallets. However, this opening Created a potential security risk For leisure users. Malicious applications could attempt to access other assets’ private keys because they can reverse engineer them to obtain the original recovery seed.
The company is looking to reduce its attack surface through this technology enhancement. New model prevents applications from requesting keys outside the allowed routes.
This announcement is made under the following circumstances: Security is important to your company. Ledger has previously faced several incidents that affected customer privacy. As reported by CriptoNoticias, data breaches have compromised the physical integrity of users in the past.
Strict segregation and recovery of funds
new system Strict rules apply to cryptographic key generation. Meanwhile, the standard Ledger Live wallet will continue to work without interruption.
In this way, most users will not notice any changes in their daily operations. Only users with very specific configurations using non-standard routes will experience limitations when signing transactions.
For users having such problems, Ledger launches a tool called “Bitcoin Recovery App”. This is a special application that allows access to non-standard bypass routes.
Users will be able to move funds from these routes to more secure addresses. The company recommends using this tool only when performing balance transfers, explains the CTO.
Mr. Guilmet clarified this measure as follows: Does not address currently active vulnerabilities. Under this scheme, the funds stored on your device remain completely safe. This update represents only preliminary improvements to prevent future isolation issues. The manufacturer aims to improve protection standards across its product line.
