A couple of weeks ago, Trust Wallet and Ledger shared some public news on an exploit that we spotted and fixed months ago. It’s a vulnerability the Ledger Donjon luckily found only 3 days after the release of a Trust Wallet software solution. The security experts at Ledger's Donjon reported the vulnerability to the Trust Wallet team so that it got fixed, and so that users’ funds remained safe. It ’s also a vulnerability that demonstrates how the Ledger Donjon works: its researchers do not just work on Ledger products, but on other companies' products as well, to make the entire ecosystem stronger and safer.
In this new episode of On the Ledger, Ledger’ CTO Charles Guillemet and CXO Ian Rogers investigate the methods and ethics of the Ledger Donjon, the making and the outcomes of this specific exploit, and how it also helped other security researchers.