Skip to main content

Featured Story

Cathie Wood's Bold Prediction: Bitcoin Could Reach $1 Million

As an avid follower of financial developments, I found Cathie Wood's recent remarks on Bitcoin quite intriguing. In a recent interview with the Brazilian financial news portal Infomoney, Wood shared her bullish perspective on Bitcoin's potential future value and role in the financial landscape. Here are some key takeaways from her insightful commentary: Bitcoin's Potential Value: Wood believes that Bitcoin could potentially reach $1 million per coin in the future. She compared Bitcoin to gold as a trillion-dollar asset and expressed confidence in Bitcoin capturing a significant portion of this market. Bitcoin's Role as a Decentralized Alternative: Wood highlighted Bitcoin's fundamental role as a decentralized and private alternative to traditional currencies. She emphasized Bitcoin's potential to serve as a hedge against unstable monetary and fiscal policies in emerging markets. Bitcoin's Impact on Finance: Wood sees Bitcoin as representing a ne

Protecting User Security: Ledger Disables Blind Signing for DApps to Safeguard Crypto Assets

to address the issue and that all affected victims would be compensated for their losses.

Ledger, the hardware wallet manufacturer, has announced that it will disable blind signing for EVM decentralized applications (dapps) by June 2024, following a recent exploit that resulted in the theft of approximately $600,000 in crypto assets. Blind signing involves the display of raw smart contract signing data that can be parsed by computers but is incomprehensible to a human reader. In contrast, Ledger has advocated for a "what you see is what you sign" approach known as clear signing, which parses smart contract signing in a human-readable manner.

The recent exploit involved a malicious version of the Ledger Connect Kit, a library that enables Ledger devices to connect with dapps. The attacker injected a wallet draining payload into the ledgerconnect kit's NPM package, allowing them to drain the funds of users who signed on dapps such as Sushi.com and Hey.xyz. This incident prompted software wallet developer MetaMask to warn users to stop using dapps.

Ledger has confirmed that the attack occurred due to a former employee falling victim to a phishing attack, which allowed the attacker to gain access to the former employee's NPMJS account. With this access, the attacker was able to push a malicious version of the Ledger Connect Kit that rerouted user funds from any wallet connecting to a dapp using it to the hacker's own wallet. However, Ledger has since deployed a fix to address the issue.

In response to the exploit, Ledger has announced that it will no longer allow Blind Signing with Ledger devices by June 2024. The company believes that this move will lead to a new standard that better protects users and encourages the adoption of Clear Signing across DApps. Ledger has also encouraged dapp developers to support clear signing in order to enhance security for their users.

Furthermore, Ledger has taken responsibility for the incident and has committed to compensating all affected victims for their losses. The company's commitment to making the victims whole is commendable and demonstrates its dedication to the security and well-being of its users.

In conclusion, the recent exploit that led to the theft of crypto assets has prompted Ledger to disable blind signing for EVM decentralized applications by June 2024. Ledger's move to sunset blind signing is aimed at enhancing security and promoting the adoption of clear signing across DApps. The company has taken swift action to address the issue and has committed to compensating affected victims. This incident serves as a reminder of the importance of continually strengthening security measures in the cryptocurrency industry.

Comments

Trending Stories