What scares me with the #ledger thing is that they are able to read out the private key and send it to the cloud. This could also be done by an attacker I suppose.
Until now i thought the reason the #ledger existed is that nobody can get access to your private keys.
I've got one and barely use it, but it's my understanding that is something you have actuvely install and optional right?
Yes, but the technical possibility exist to extract your key which could be exposed by hackers.
And I have read additional info on blocktrainer.de:
Your secret data will be split into three parts and distributed to three different companies. Two parts of this split are necessary to get access to your private data. So you have to trust three companies that they take care of your secret data.
Worth nothing that the seed phrase is encrypted before leaving the secure element. Same thing the Coldcard does.
Yes thatβs true. But what has destroyed my trust is that the secure data can leave the key and that in order to decrypt two from three companies have to give access to the data. Can i trust those companies I donβt know? What happens when those companies are hacked? They seem a valuable target for hackers.
You bring up an interesting point. Can the third parties decrypt the shards? What key is used to encrypt and where is it derived from? Ledger should publish a whitepaper on this asap.
