The Ledger Nano S’ firmware has been recently updated to 1.5.5, while this update brings several features like the support of Groestl and Blake2b as new hashes, Schnorr with Zilliqa as a new signature scheme, Bip32-ed25519 as a new derivation scheme and several other major security updates.
It also caused troubles for its owners wanting to update. As this firmware is slightly larger in size than old ones, HSM servers hosting this update became unresponsive as many users were simultaneously trying to update their device, causing access to the Manager and installing apps to be slower than usual, a significant amount of users reported their device getting stuck during the update which would be later addressed with another update and an apology from Ledger.
Ledger published an article exploring the importance of hardware wallets and a look inside the technologies used inside their own wallets. They cover everything from hardware and chip design to the firmware running on the devices.
Ledger posted an update for their ongoing HW bounty totalling 2.337 BTC.
Ledger’s first CTF (Capture The Flag) event has officially ended! We’d like to take this opportunity to thank all the individuals and teams that participated to the contest. We received more than 500 answers, and while most participants wished to remain anonymous, we believe that the techniques employed indicate many were security professionals.
All the finishers qualified (and a few others) to try & extract the private key from a dedicated Hardware Bounty, which they received mid april. More than 100 devices with the same key has been sent. The dedicated bounty is a simple USB device which computes a public key from a private key (a simple scalar multiplication).This public key is sent back using the USB connection. There are a few countermeasures in place to protect the private key.
The hardware wallet maker Ledger published news regarding the next firmware update for the ledger blue, their premium hardware wallet released after the Nano S, which recieved only one firmware update since it’s launch :
Despite being a premium hardware wallet – the Blue received just one firmware update, as the Nano S received three. Rightly, many members of our community have been wondering about the future of the Ledger Blue, and asking us when we will build out new features through firmware updates. We’re sorry we kept you waiting so long