Ledger Staking Security Flaw? #1832
aronspringfield
started this conversation in
Features / Enhancements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Preface
When you use a Ledger device, part of the security you benefit from is the device will always show you the true recipient address that you are about to send to. So in the event of using a malicious version of a wallet app, you'll always be able to spot the recipient address is not correct.
Issue
This is where Firefly's current staking implementation is an issue for me. To stake, I have to send my entire wallet funds to another address that I can't verify is my own address. To generate a receiving address, I would normally have to unlock my device to get and confirm that address. But for staking, this address is just 'there'.
If I had accidentally downloaded a malicious version of Firefly, an attacker can ask me to send my funds to any address they want there. I have no way of verifying that my funds are staying with me. I have to have complete trust that the software is correct, and not malicious. It's a huge leap of faith, and one that as a user I don't feel comfortable making.
Does anyone know if there is a way to verify the staking recipient address is 'mine' before approving it?
Beta Was this translation helpful? Give feedback.
All reactions