CEO and Chairman Pascal Gauthier says the company is working with law enforcement to "find this bad actor, bring them to justice."
Ledger CEO Pascal Gauthier has addressed the Dec. 14 hack of the wallet provider’s hack in a post on the company’s blog. He said the hack of Ledger’s Javascript connector library was an “isolated incident” and promised stronger security control.
Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story
Crypto firm Ledger is warning users about a crucial exploit, urging them to pause their hardware wallet interactions with decentralized applications (DApps). In a new thread on the social media platform X, Ledger says that it has found, identified, and replaced a malicious version of its connect kit, a piece of code used to connect […]
The post Ledger Hardware Wallet Announces Critical Security Vulnerability, Urges Users To Pause Interacting With DApps appeared first on The Daily Hodl.
The hacker behind the attack on Ledger’s connector library has stolen at least $484,000, according to blockchain analysis platform Lookonchain.
The hacker behind the attack on Ledger’s connector library had stolen at least 4.334 Ether (ETH) worth nearly $484,000, according to blockchain analysis platform Lookonchain. Ledger has not yet confirmed the figures, but the impact of the security breach could be in the hundreds of thousands, according to the company.
Users on X (Twitter) flagged the incident on Dec. 14, claiming that a popular Web3 connector was compromised, allowing malicious code to be injected into multiple decentralized applications (DApps).
Protocols affected by the incident include Zapper, SushiSwap, Phantom, Balancer and Revoke.cash, but the damage could be even greater. According to some users on X, the vulnerability could exist in other, similar programs that are alternatives to LedgerHQ/connect-kit.
Multiple decentralized applications using Ledger’s connector library have been compromised, including SushiSwap and Revoke.cash.
The front end of multiple decentralized applications (DApps) using Ledger’s connector, including Zapper, SushiSwap, Balancer and Revoke.cash, were compromised on Dec. 14.
SushiSwap chief technical officer Mathew Lilley reported that a commonly used Web3 connector has been compromised, allowing malicious code to be injected into numerous DApps. The on-chain analyst said the Ledger library confirmed the compromise where the vulnerable code inserted the drainer account address.
Magazine: HTX hacked again for $30M, 100K Koreans test CBDC, Binance 2.0: Asia Express
The act aims to explicitly forbid U.S. government officials from engaging in transactions with iFinex, the parent company of USDT issuer Tether.
United States Representatives Zach Nunn and Abigail Spanberger have jointly introduced the Creating Legal Accountability for Rogue Innovators and Technology Act of 2023, or the CLARITY Act of 2023. The legislation aims to prohibit federal government officials from conducting business with Chinese blockchain companies.
The act would ban government employees from using the underlying networks of Chinese blockchain or cryptocurrency trading platforms. Furthermore, it would explicitly forbid U.S. government officials from engaging in transactions with iFinex, the parent company of USDT issuer Tether.
In addition to iFinex, the CLARITY Act would prohibit officials from conducting transactions with the Spartan Network, the Conflux Network and Red Date Technology. In a statement on Wednesday, the lawmakers said that the legislation, if passed, would ensure the nation’s “foreign adversaries … do not have a backdoor to access critical national security intelligence and Americans’ private information.”
Tether was reported to have been exposed to Chinese securities and other Chinese firms earlier in 2023. On June 16, several news sources, including Bloomberg, disclosed that the company previously held securities from Chinese state-owned firms. Bloomberg referred to documents released by the New York Attorney General and emphasized that deposits from entities like the Industrial and Commercial Bank of China, China Construction Bank, and Agricultural Bank of China supported Tether (USDT).
This revelation follows years of inquiry and concern about the assets backing Tether’s stablecoin.
Tether’s reserves include substantial short-term loans to Chinese firms and a significant loan to the cryptocurrency platform Celsius Network. Tether had previously denied any involvement with the debt of China’s troubled Evergrande Group but had not revealed its holdings of other Chinese securities.
Related: Tether issues $610M debt financing to Bitcoin miner Northern Data
Further, the U.S. Securities and Exchange Commission is also closely monitoring Tether’s operations. In September, a report suggested that the company secretly began offering USDT stablecoin loans to customers a year after it pledged to cease providing secured loans.
As the bill’s sponsors state, the latest move underscores Washington’s growing concerns about Chinese connections within the cryptocurrency sector.
Magazine: How to protect your crypto in a volatile market — Bitcoin OGs and experts weigh in
Abu Dhabi aims to become a crypto hub alongside Dubai in a move that’s part of a larger goal to foster initiatives in the blockchain and digital asset realm.
Abu Dhabi, the second-most populous emirate in the United Arab Emirates, has introduced a formal regulatory framework for decentralized autonomous organizations (DAOs) and other digital ledger entities as it doubles down on its ambition to be a leader in digital asset innovation within the Middle East.
The new framework allows DAOs to operate legally and issue tokens to members, providing regulatory clarity for digital asset firms. Abu Dhabi is aiming to become a crypto hub alongside Dubai, and this move is part of a larger initiative to foster initiatives in the broader blockchain and digital asset realm.
Distributed ledger technology (DLT), which provides the basis for blockchain networks, is a system of recording and storing information on different ledgers within a network to ensure data accuracy and security.
The Abu Dhabi Global Market (ADGM) has adopted a forward-looking approach by introducing the DLT Foundations Regime, following extensive consultations with industry stakeholders. Beyond establishing global standards, this framework is poised to revolutionize the blockchain sector by enhancing efficiency and transparency, as per the statement.
Chairman of ADGM, Ahmed Jasim Al Zaabi, emphasized Abu Dhabi’s rapid transformation into a hub for digital asset innovators, underlining a dedication to nurturing an ecosystem that fosters technological progress.
The ADGM’s endeavor elevates Abu Dhabi’s reputation as a forward-looking legal jurisdiction and offers substantial advantages to the broader Web3 community. By promoting improved governance and acknowledging the decentralized principles of this sector, Abu Dhabi sets a precedent for international financial hubs.
Related: Dubai VARA grants ‘initial approval’ to crypto firm WadzPay
Abu Dhabi is actively competing to establish itself as a cryptocurrency hub, aligning with Dubai’s endeavors to embrace the digital assets sector. The regulatory framework in Abu Dhabi offers a valuable option for companies seeking clear and reliable regulations that can be distinct from regulations found in other parts of the world.
As previously reported by Cointelegraph, an economic free zone dedicated to digital and virtual asset service providers in emerging technologies such as the metaverse, blockchain, utility tokens, virtual asset wallets, nonfungible tokens, DAOs, decentralized applications and other Web3-related businesses was recently inaugurated in Dubai.
Magazine: Crypto City: Guide to Dubai
This week’s Crypto Biz looks at BlockFi’s emergence from bankruptcy, BlackRock’s spot Bitcoin ETF developments, Worldcoin’s operator payment scheme upgrades and more.
Crypto lender BlockFi announced its emergence from insolvency this week, just a few days after FTX announced that it successfully reclaimed approximately $7 billion in assets. FTX debtors, comprising FTX and affiliates, estimate that $8.7 billion has been misappropriated from customers. BlockFi has lent FTX more than $650 million, making it one of the exchange’s largest creditors, which means its customers’ repayment success is tied to FTX’s ability to recover its assets.
FTX’s new management is also carefully considering its future options, including selling the entire exchange — which includes its extensive customer base of over nine million — or partnering with another entity to revive the exchange. The possibility of an independent comeback is also on the table.
BlockFi, on the other hand, has no option but to wind down operations, according to its court filings.
This week’s Crypto Biz looks at BlockFi’s emergence from bankruptcy, BlackRock’s spot Bitcoin exchange-traded fund (ETF) developments, and changes in Worldcoin’s payment scheme.
There’s finally a light at the end of the tunnel for creditors of some of the bankrupted companies from 2022’s crypto bear market. Roughly a year after filing for bankruptcy, companies such as FTX and BlockFi have started to return their customers’ funds.
The iShares spot Bitcoin ETF proposed by investment firm BlackRock has been listed on the Depository Trust & Clearing Corporation (DTCC), suggesting potential approval by the United States Securities and Exchange Commission. In an Oct. 23 X (formerly Twitter) thread, Bloomberg ETF analyst Eric Balchunas said the DTCC listing was “all part of the process” of bringing a crypto ETF to market. “This is [the] first spot ETF listed on DTCC, none of the others on there (yet),” said Balchunas. Balchunas speculated that BlackRock may have already received the green light for listing the ETF from the SEC or was “prepping everything assuming so.” Based on the date of BlackRock’s application, the SEC has until Jan. 10, 2024, to reach a final decision on approval or denial of the ETF.
The iShares Bitcoin Trust has been listed on the DTCC (Depository Trust & Clearing Corporation, which clears NASDAQ trades). And the ticker will be $IBTC. Again all part of the process of bringing ETF to market.. h/t @martypartymusic pic.twitter.com/8PQP3h2yW0
— Eric Balchunas (@EricBalchunas) October 23, 2023
Crypto lending platform BlockFi has emerged from bankruptcy and is ready to pay back some of its creditors, according to a blog post on Oct. 24. Withdrawals “are currently available to nearly all Wallet customers,” the post stated, adding that BlockFi Interest Account and Loan customers will be able to withdraw some assets in early 2024. BlockFi’s emergence from bankruptcy means it can now attempt to recover assets from other firms it believes owe it money. This includes bankrupt crypto platforms such as Three Arrows Capital and FTX. The total amount of distributed funds will depend on BlockFi’s success in FTX bankruptcy litigation, among other factors.
Hardware wallet firm Ledger is rolling out its cloud-based private key recovery solution despite facing significant criticism from the crypto community. Provided by blockchain protection platform Coincover, the solution is a paid subscription service allowing users to back up their secret recovery phrase. The rollout comes months after Ledger paused the recovery service in May 2023 in response to community backlash. Ledger CEO Pascal Gauthier subsequently said that the firm would launch the product only after its open-source code was released. The code for the Ledger Recover is now available on GitHub.
Worldcoin is set to begin paying its Orb Operators — those rewarded for scanning people’s eyes — with its native Worldcoin (WLD) token, phasing out USD Coin (USDC) as early as next month. The change will affect most jurisdictions. Worldcoin said the move to pay orb operators entirely in WLD was part of a “transitional phase” following the official launch of the project on July 24. Data from Worldcoin’s official Dune Analytics dashboard shows that the supply of the WLD token has grown from approximately 100 million at the time of launch to around 134 million as of this week.
Crypto Biz is your weekly pulse on the business behind blockchain and crypto, delivered directly to your inbox every Thursday.
One of the biggest crypto hardware wallet providers is rolling out a new service for users who want to have a backup of their secret recovery phrase. The secret recovery phrase is used to restore access to crypto wallets in case the hardware device gets lost or destroyed. Without the recovery phrase, users lose access […]
The post Ledger Crypto Hardware Wallet Launches Subscription-Based Backup Service for Secret Recovery Phrases appeared first on The Daily Hodl.
Ledger emphasized that the ID checks required for its private key recovery tool are not like KYC checks as they require “much less” information.
Hardware wallet firm Ledger is rolling out its cloud-based private key recovery solution despite facing significant criticism from the crypto community.
Ledger Recover, an ID-based private key recovery service for the Ledger hardware wallet, is launching on Oct. 24, the firm officially announced on X (formerly Twitter). The release comes in conjunction with Ledger finalizing the open-source code for the Ledger Recover on GitHub.
Provided by blockchain protection platform Coincover, Ledger’s seed phrase recovery solution is a paid subscription service allowing users to backup their Secret Recovery Phrase (SRP). SRP is a unique list of 24 words that backs up the private keys and gives users access to their crypto assets.
Ledger Recover was designed for users who “want to add an enhanced layer of resilience” in case their SRP is ever lost or destroyed, Ledger’s chief technology officer Charles Guillemet said. He also emphasized that Ledger Recover is an optional recovery service, adding:
“If you don’t wish to use the service, no worries — it’ll always be 100% optional. You can simply continue using your Ledger as you did previously — nothing will change.”
At launch, Ledger Recover is compatible with Ledger Nano X, with Ledger Stax and Ledger Nano S Plus integration coming in the near future. The solution is not compatible with Ledger Nano S, according to the Ledger Recover FAQ.
Ledger Recover is initially available to passport or identity card holders in the United States, Canada, the United Kingdom and the European Union. “We will be covering more countries and adding support for more documents,” Ledger said.
The firm emphasized that Ledger Recover’s identity verification “is not the same” as Know Your Customer (KYC) checks carried out by centralized crypto exchanges. Ledger noted that its recovery system only requires a “valid, government-issued document,” stating:
“Identity verification inherently collects much less information compared to KYC [...] KYC involves ID verification but it can also include revenue information, record of criminal activity, citizenship check, etc.”
According to social media posts, Ledger Recovery service will be available at $9.99 per month, or about $120 per year. If a user fails to pay the subscription, the subscription will be suspended, allowing the user to reactivate subscription in the next nine months.
Related: ETF filings changed the Bitcoin narrative overnight — Ledger CEO
“You will need to pay an administration fee of 50 EUR along with any outstanding balance,” Ledger Recover FAQ reads.
The rollout comes months after Ledger paused the recovery service in May 2023 in response to community backlash. Ledger CEO Pascal Gauthier subsequently said that the firm will launch the product once its open source code is released.
Ledger’s largest competitor, Trezor, has stayed away from introducing a cloud-based private key recovery solution, opting for a physical backup solution. Trezor launched its own physical seed phrase recovery tool, Trezor Keep Metal, in mid-October 2023.
Magazine: How to protect your crypto in a volatile market — Bitcoin OGs and experts weigh in
Schwartz stated that if the majority supports the amendment, the changes could be implemented in as little as two weeks.
Ripple chief technical officer (CTO), David Schwartz has advocated for XRP Ledger (XRPL) validators to support the automated market maker (AMM) feature, but only if there is consensus within the community.
On X (formerly known as Twitter), Ripple's CTO initiated a discussion on the XRPL's AMM feature. In his initial post, Schwartz referred to AMMs as the intriguing decentralized finance (DeFi) innovation gaining attention, sparking queries for more details.
The XRP Ledger is a decentralized blockchain-based ledger that powers the XRP cryptocurrency. known for its speed and scalability, making it suitable for various financial applications, including cross-border payments and remittances.
In response to a community member's question about the timeline for AMMs going live on the XRPL after governance voting, Schwartz stated that if the majority supports the amendment, the changes could be implemented in as little as two weeks.
In general though, validators shouldn't vote YES individually. The community should make a decision and then validators should nearly all vote YES when they believe the community is on board and enough nodes support the change.
— David "JoelKatz" Schwartz (@JoelKatz) October 6, 2023
The amendment voting process is intended to…
Expanding on the significance of a majority vote, Schwartz emphasized that to the best of his knowledge, no validators are currently endorsing the vote. The introduction of the AMM feature occurred with the release of rippled version 1.12.0, which also brought the potential Clawback feature. This addition of AMM is not limited to the introduction of a new trading engine; it will also enable integration with the XRPL DEX.
Despite the significance attributed to this feature, Schwartz advised validators against voting independently to promote these modifications. Instead, he emphasized that "the community should reach a consensus first, and then validators should overwhelmingly vote YES when they perceive that the community is in agreement and sufficient nodes endorse the adjustment."
In addition to his prominent role within the Ripple ecosystem, David Schwartz is renowned for his informative articles and his commitment to championing decentralization.
Related: Lawyers debate over Ripple case after rejection of SEC’s motion for appeal
Lately, he dispelled misunderstandings concerning the Clawback feature, often seen as an intrusion on XRPL users. He clarified that the Clawback feature's purpose is to safeguard developers from potential legal liabilities within the ecosystem. Schwartz consistently advocates for the advancement of the XRPL and is outspoken about his position.
Magazine: Pro-XRP lawyer John Deaton ‘10x more into BTC, 4x more into ETH’: Hall of Flame
