Yeah, that’s the actual point. At first I thought optionality is good and that it makes holding bitcoin more approachable for normies. But you are right. The ability to extract the private key seems wrong. Need to read more about how they do it.
On the other hand you are also able to extract your own private key. So will be interesting if they found a secure way to do it. But most likely it’s an additional attack vector.
A big vector 🫣
Yeah
At least we know that #Ledger is good at keeping customer data safe, so what can go wrong 😅
This can happen to every company. That’s why we have hardware wallets. No online system is secure.
The problem with this special case was how ledger reached to the data breach 🙃
Would it compromise my multisig setup if one of the devices were a Ledger?
It would compromise this specific key and maybe the xpub as well (privacy related issue). Generally Ledgers are not considered secure for multisig setups. As they create a lot of security issues in such a setup. They are not designed for this. You can find a lot of resources about it.
Here is a detailed report about #Ledger issues for multisig https://medium.com/shiftcrypto/the-pitfalls-of-multisig-when-using-hardware-wallets-9b0e98e4c19c
