 The Ledger cold storage device had a little bit of a stumble about two or three weeks ago where it came out and they talked about how they were going to have a recovery service for $9.99 per month and it was going to be available to everybody. Well, the way they executed it may not have been fantastic, but the devil really isn't the detail. So what I tried to do was reach out and Ledger got back to me and they brought on Charles Guillemagne and he is the Chief Technical Officer, been there since 2017 and we had a discussion about why they did this, what is happening right now and where they are moving forward. So I'm going to link this in and you can watch that video in a little bit. There is one thing though between the three questions. The first question we talked about what would happen if everything was, if there was a hack. In the second question we talked about where is L1 and L2s and blockchain going. The third question was questions from Twitter and I really asked those questions out of order. Really what the question should be is the first one is what would happen if Ledger broke down and got hacked. The second question should have been questions from Twitter and the third question would be the overall what is going on with blockchain and looking at L1s or L0s, L1s and L2s. So I'm going to rearrange the interview to where it makes more sense. So without further ado here is an interview with Ledger's Charles Guillemagne, CTO. Yeah, thank you very much for having me around. It's a pleasure. Right, oh yeah. So you guys are taking some meat lately let's be honest. That hasn't been hopefully too difficult but there's been some basic questions that have come about and before we really break into it I have to just start with I think the basic question which would be this what would happen if a hacker or a group of hackers was able to actually get in on your cold storage device Ledger and be able to transfer funds essentially stealing them. What would happen in that case if that actually happened to Ledger? I think it's a good idea to start at a high level and work our way backwards. Yes, sure. To answer this question let me take a step back first. What is really important in crypto is self custody. It gives you the opportunity to really own your value and to be the only one owner of your value. You don't have to ask the permission to anyone to own the value and to transfer it. So this is something quite new and very important. So self custody is important but it comes with a lot of responsibility because of different properties of the blockchain. One of them is immutability. So that means if you do a transaction to a wrong address there was nothing you can do to reverse this transaction. If an attacker gets an access to your key he will drain your wallet and again there was nothing you can do to retrieve your funds. So it's a big responsibility to manage your crypto and you need to have the proper tools to do that. And this is what we are trying to provide to our users, the right tools for them to be in self custody. And security is the big thing that we are doing at Ledger. This is Ledger's mission, security and ease of use because if you have a very, very secure solution but no one can use it then you don't solve any problems. So this is the tradeoff we always have to keep in mind. We started with a very, very secure product. We want to continue having the same level of security but we want to improve the UX. Back to your question, as of today we have sold more than 6 million devices. This is a lot. Especially people who are using our devices are not really newcomers. They have more assets than the general Joe that comes into crypto let's say. So this represents a lot of assets if you take this into perspective. So if we had a very big security issue on our product that would be a disaster for Ledger, for the users but for the ecosystem as a whole we have a big responsibility. Right. I have to agree because I was thinking about this as everybody was piling on when Ledger came out and said we're going to do a new system. And I for one was one of those that piled on at first and I took a look at it and said well technically can this actually happen and do I have to opt in and we'll get into that in a second. But really what it comes down to is if Ledger if something happens and someone's able to break into your cold storage device and they're able to steal funds and they can do that across the continuum those 6 million wallets essentially the crypto market will be crippled and Ledger will not exist. So I need everybody to understand that you're going to have to start with this as like the business level. If this happened at a business level the whole business would collapse. So I'm pretty sure I'm just going to take a wild swing at it and think to myself maybe security is paramount and we're trying to do that. Okay so that would answer the first question. Charles what do you want to add there? No I just want to add something that what you said is really really right and every time I take a decision every time Ledger takes a decision we have this in mind. We can't fuck up like this is not something possible. We always need to be as secure as possible and this is our most star. All right so Charles thanks for that. Now let's get into questions from Twitter which is if you don't follow along on Twitter it's a very nice happy place. Nobody says anything negative. If you're not on Twitter check it out. So there was this post that I put out and I said hey good news I'm going to have Ledger on the show next week. What are your questions for them besides the obvious one as to why they're allowing seed phrase to be extracted and stored for $10 a month? Now look I'm just going to go on a limb here and I'm going to think I'm going to say to myself Charles I think that this was and we just talked about this we were talking about mass adoption right for people like me and you watching the video right now because right now where it's July 4th it is 2023 the new people that are going to come in and pile in in the next bull run aren't here yet but they are coming and you know where they're going to come because you haven't heard from your friends in a long time and all of a sudden they're going to talk about Bitcoin. When those people come they're the ones that lose their passphrases and everything else. I'm not saying that everybody should be should should do self-storage but we can do it as time goes on to unload them maybe that's not a bad situation for them to come in and they can have someone else offload we do what we do. So Charles I'm just going to guess that this was the plan which was to try to unload as many new people to come in so they don't lose their private keys. Later on they can learn how to self-custody and you've got a solution for that which we're at right now but was that the plan with ledger? Yeah again what I said as an introduction the mission of ledger is security and ease of use. As of today I think we have the most secure solution out there but in terms of ease of use I think we can improve the experience and this is what we are trying to do because as of today if you are comfortable with managing your backup your 24 words if you know what is transaction what is cryptography what is a private key you might be comfortable with that and that's fine that was that was it's okay for you it's okay for me that's fine but for new commerce when they on board and they see this 24 words and we ask them to backup to backup them it can be a little bit disturbing so what do you do with those 24 words do I share them with my wife do I do I put them in my house what happens if my house burns like there are plenty of questions to to ask yourself and and the thing is humans are not very good at managing secrets in general so true and for security that that's true and so it's this is not something easy if if you are comfortable with that if you have thought about all this question and you have answered them with your because often I'm asked what do you do with your 24 words frankly my threat model is not yours like my requirement with my backup is not yours so you have to think about it according to your requirement according to what you expect according to the value you have in digital assets so this is not a simple question overall so and for new commerce we will start in self custody it's it can be a really disturbing so what we want to offer is an option for them to not have to worry about this 24 words they on board on the device they are in control they can they can do the transaction they want they they are completely in control and if ever they lose their pin and their 24 words because they didn't want to back to backup them and on so on they have a way to recover their funds and right this is this is something important because the reality is today we have we and many we know plenty of stories where people have lost their kids and they have lost the access to their wallets forever there was nothing we can do to help them so what we just want to do is to offer them an option and you don't have to if you don't like this if you are comfortable with your setup you you don't have to to use this this this service and this product and by the way it's not free so think think about it twice if you want to subscribe so this would lead me to the next questions and we i'm going to pull these from twitter and this is where the crux the matter is people were ticked off because they're like hey you said you couldn't do that now you're going to do that and now all of a sudden people like wait now that means that my mnemonic phrases and private keys they're going to be out there for everybody because you know this is not what you said so let's just jump into it here's the questions from twitter and this i'm going to roll this in into one question cryptoprogma says ask me to explain the technicalities people can understand why this does not actually affect them and then my fts herbert's i'm pretty sure i nailed that why don't they solve the issue the easy way by allowing allowing users to disable three things from their firmware via settings seed extraction side loading without locked path and silent it's easy the only thing that's seen to prevent them from doing so our ego or external pressure i've had the same problem so charles what about these i can start with with this one to witness it's already the case like every time you will interact with your device every time the device will touch your key you will be prompted to to accept to consent or not for any action so if ever the recover is initialized recover backup is initialized you would be prompted do you want to do this or not if you don't want you just say no and that's it it's deactivated by default like it's on you to consent to activate features and it's the case right by the way you start you start by paying and after you activate the feature on your device and it's the case for every single feature every time you are using your device and the device will touch one key because you have plenty of keys that are derived from the mnemonic every time you do that you are asked like do you want to do this and this and we are trying to make sure like this is as easy to understand for human as possible so that when you consent for something you understand the consequences i think the only exception to that would be blind signing on ethium because you have plenty of different smart contracts and interacting with them sometimes most of them we are able to decode what the the smart contract interaction will do but sometimes there are a few smart contracts that we don't support and the device is not able to to understand what you are about to consent and in this time you have to to change one option in the ethium application to enable this blind signing and then you will consent for a hash that's it i have done that once before the blind signing blind signing and if you ever run into that situation ledger has an FAQ section on their website you can go through it but this was for a very specific case and even me i've been in this in this industry since 2017 and when i went through blind signing i was like is this gonna wreck my entire ledger and i wasn't for sure i did go through with it because it was a pretty i thought i thought it was a pretty safe site but again if you go down that route there is a there is a levels of risk that you have to take on so just be careful with what charles tamar as far as blind signing and that happens very rarely if you want to interact with some kind of risky stuff all right so charlie anything else to add on there before we get to our last question no i i think i explained it quite well so if you don't like such feature you you you don't activate it you don't consent for initializing backup and and everything everything is fine nothing changed for you it's the exact same situation as before let's say like this let me ask you another question let's say that you do sign up for it you pay 10 bucks 999 per month what happens in that situation where does the where does the private keys go does it stick with you guys or is it three places or how does that work okay let me explain this one so in order to to to use the ledger recover functionality you will have to to to to create an account to with ledger recover with this account you will initialize initialize some identification you will show your your id you will go through some identification process with on phylo it's a little bit like like the car wc process you have on exchanges but there was no car wc because this is not a legally this is not car wc this is an identity identity verification so you go through this process and then when everything is set up on on your account then you will initialize the process on your device so ledger live will prompt your device and your device will say hey do you want to initialize the backup process then you will consent and what will happen inside the device is the following your mnemonic seed not exactly the mnemonic the the thing just before the mnemonic but to simplify let's say it's the mnemonic the mnemonic will be encrypted then sharded into three different shards with the specific algorithm that is called a shamir secret sharing this algorithm are two interesting properties the way we use it at least the first one is if you have one shard one decrypted shard you have absolutely zero information about the complete seed there is one shard equals zero if you have two shards out of the three you are able to recombine the full seed so this is the way we are using this algorithm so we take the mnemonic cut it in three we encrypted it we cut it in three with a shamir secret sharing algorithm and then we will store there's shards within three different locations three different company in hsm hsm is the hardware security module this is a piece of hardware that you that we put in dedicated servers and basically this is a big nano like this is a this is a security enclave with that and we store secret inside the this enclave and there are three hsm with the three partners and then the encrypted shards will be sent directly to those three partners using again a end-to-end encryption algorithm so that even if someone is able to aspire the communication everything is authenticated and encrypted authenticated means that the device can only send to the three partners there was there was no one can create a such communication channel no one else than the device and the three partners and everything is end-to-end encrypted from the device directly to the hsm so there was nothing in plain text anywhere we have chosen to have three different partners so that if one fails with the two out of three so if one fails that means like he loses the backup the two others are able to recombine seed we also wanted to have some censorship resistance so often we were asked what happens if a government with one government ask you to to to access the seed that you would need at least two different government that are located in two different states so there was this as a mitigation another mitigation is if you want if you really want to be a censorship president against two governments you can add you can add a 25th word to your phrase and in all case if you're not a terrorist frankly there is a very few chance that two governments ask two different entities to to to take your to take over your your assets man so this is the this is the process and in order so there then the backup is done and if you want to recover then you do the same in the or even as order you log into your account you go through two different identity verification process with two different partners one is on file the other is a desi and they will send if they recognize you as you are the one you put them to be you showed your identity your identity document and everything is fine then they will send the authorization to the HSN to send back the encrypted chart to your device that will recombine them inside the device you have the full picture like this that's big Charles how many times how many times have you answered that question in the last two weeks yeah when the way we communicated the the feature was not ideal because people discovered it through a release note and not through like a proactive communication sure and it created a lot of drama as you mentioned on twitter the safe place in the in the internet and so I had to go through like 20 I think more than 20 different podcasts in order to explain this again and again and I think that now people must be more aware of of the different mechanism and in order to give more details about that what we decided to do is two things the first one is to publish the white paper of the protocol like it's it has been published I think two weeks ago and it gives all the details because what I explained you is a high-level explanation of how it works there was a much more details much more cryptography and so on in the white paper so that any cryptographer in the world any cryptography expert security expert can can have a look into it and give some some feedback about that as of now we add pretty good feedback about that and and finally we will open source a big part of our firmware the one that contain the recovery functionality so that people can verify that what we implemented is the same thing as the is presented in the white paper and and finally with the white paper which gives all the technicalities of the of the protocol so that if you want to implement your own backup provider you can do it it's possible because now the protocol is free it's it's open so you can implement your own short backup provider if you want without paying the 10 bucks per month it won't be as convenient but this is something you can do excellent all right it was a very comprehensive answer thank you Charles and no and of course we'll get to the last question that I got from Twitter and then we'll get you out of here because now you're busy busy guy where the hell is my stacks you lied is it really ever coming and before anybody asked what's the stacks this is the stacks right here all your stacks is a little bit different from the nano it's going to be actual touch screen and people are pretty excited about this so what's going on so my stacks is right here well that's good for you Charles great so yes this is this is ongoing we are we are manufacturing them we what what happened is that we had a lot of orders and scaling production is not something that easy and this is this is what we are doing at the moment and we I'd like to be able to give you like a date but it's coming really really soon and frankly this is completely transformative like what I was saying before like security and ease of use like the security I think we did a pretty good job on that ease of use we have a way to improve and this device really improve the experience like you have a greater screen that allows us to provide more information and so on you have the touch screen which allows you to to interact with the with the device more easily and so on so this is ongoing we we really would like to be able to ship now the thing is we we still have to scale the production but this is this is ongoing and and and by the way during this we cover drama thing like I remember that Twizor and a few others did some advertising around that this is this is the this is normal I'm fine I'm fine with that but in a matter of few days they were completely out of stock like what I want to say is like we have like different scale of production and we have different challenges than and there's there's competitors let's say I don't feel that they are competitors but yeah you get what they mean so yes scaling production scaling manufacturing is not something that easy and and we are about to to nail it for stacks sounds like a plan I got to tell you I know people are waiting for this but if if you guys get this out before the cyber truck that I ordered two and a half years ago if you beat that fantastic because only that's ever coming so this will lead me to to my next question because we talked about this offline first which is and we're getting some other technical parts of the ledger but where's blockchain going in general and we're talking about I mean you can talk about L0s L1s and L2s but where is it going where do we see things moving because right now I don't think the adoption is quite there like we'd like to see it where are we moving to as you see it as a CTO yes so what we what we saw in the different bull market and bear market because there are some some cycles into that in the in the previous bull market like with plenty of money flowed in the ecosystem a lot of new projects appeared and so on and quite quickly we noticed that the current blockchain design we have do not scale especially if if you take into account ethion ethion where you can like execute some code on on bitcoin it's a little bit different because you don't expect too many things from the blockchain you only expect like store value and this is essentially it but even for bitcoin when you have a lot of transactions per second like fees skyrocket because the blockchain can't handle too many transactions but on ethion what we expect from the blockchain is to compute programs like you want to have trustless programs that are executed by the blockchain in a trustless manner in a very favorable manner and so on so you you need to have something quite scalable and during the last bull market we saw very quickly that the ethion blockchain does not scale because even with some small NFT projects as soon as there was a new NFT project like the fees just was we're just skyrocketing just because there was an auction mechanism to make your transaction inserted in the blockchain and the blockchain capacity is limited so yeah this is this is a very good graph to explain this so in order to solve this problem we need to solve the scalability challenge you have on the blockchain but you can't solve this problem alone because there is what we call the blockchain dilemma like there is a security security is important for a blockchain also if you if you can't trust the blockchain itself you you won't solve anything then you have decentralization you want the blockchain to be quite decentralized otherwise you won't be censorship resistant and this is something important and you want it to be scalable and as of today blockchains are quite secure let's say quite decentralized but not that much scalable so the question is how can we exactly the scalability dilemma the question is how can we keep the security and decentralization property but also solve the scalability challenge like if you want if you want to have an ad on ethion you can process around like 15 transactions per second 15 it's not that much if you imagine billions of users using this blockchain it does not scale even like visa is several orders of magnitude more scalable than this and we want like to be able to implement use cases as visa the visa is a simple use case we should be we should be able to implement this use case on blockchains so the question is how can we do that while keeping again very good very good example like visa is 24 000 transaction per second ethion is 15 or 20 so we are far from visa and visa is very simple we are not talking about computing some automated market maker as uniswap on visa visa is really more simple than this but ethion count on the visa right at the moment so the question is how can we do that and there is a lot of research ongoing for a few years now especially on the ethion community and as of today I think the most promising solution to that is layer 2 and there are different different implementation for layer 2 you have optimistic roll up but also validity roll up that use zero knowledge proof technology I won't enter too much in the details but the idea is to have another layer another blockchain where you will create a new set of rules to transaction and then you will be able to do as many transactions per second as you want like this is a there was no real issue in terms of scalability and then you have some computer big computer that will create a proof that the new state of this blockchain is valid it it won't give all the states to the layer one but just a proof that this state is valid and on the ethion blockchain the layer one you implement some smart contract and this smart contract is only able to verify that the proof is correct and the state is valid this is the only thing that the smart contract is able to do and this this smart contract costs some gas more gas than the simple transaction but you factor all transaction of the layer 2 into one transaction on the layer one so this is quite magical and I think this is how we will solve the scalability challenge on on the ethion for instance I have to agree hopefully layer 2 solutions will be the next thing that the next big thing arbitrum and of course my favorite polygon because it's my favorite because I invested into it and look that's a that is a me being as transparent as I possibly can I am a bag holder so I am super excited about that all right let me give a few others which are quite interesting as well the case sink is another and the star square with stark net is also an interesting one with different technology all of this project are very interesting excellent anyhow Charles I want to say thanks for coming on the show I know people are a little bit disgruntled about what's going on I think it's going to take time and I got to tell you to get the mass adoption effects let's be honest I mean the OGs like us and the people you watch in this video you're a different breed the people that are coming in they're going to need a little bit different and then maybe we can kind of onboard them like baby steps before they actually do the full self-custody and that's what we're what it's all about so Charles any last words of wisdom um maybe a last word about like what what you just said it really reminds me the beginning of the internet uh and I guess you you remember this times everything was really complex uh you had to understand network to connect your modem you everything was really complex and from this moment to now like the technology did a great progress like the user experience is better and also people get better also they they started to understand our internet works and so on they also understood that it's not only for a pedophile and the and terrorists and terrorists that's true and we we did we did this journey with with the web in the matter of like 20 25 years maybe if you remember the end of the 90s that was really the beginning of the mass adoption but when you think about that when you think about this time we the journey was really long and everything changed completely from the experience you had on the internet in 1998 let's say and the one we have today like nothing is is the same like everything changed and we are we are early adopters in crypto but let's remind that we are at the very beginning and the the crypto that we know today is really really different from the crypto that will be in 10 15 20 years and and yeah it's difficult to imagine this new world but it will be really different the UX will be really better and and the thing that we think won't ever change might change a little bit and this is a this is a normal this is how things like innovation and progress is is important and it happens again exactly and if you and for you watching the video if you can remember something like this you already have that sound off in your head look how far we've come in that amount of time so Charles again thank you so much for stopping by we appreciate it everybody if you're looking for the links of all the things we just talked about they'll be in the description and of course you can find a ledger links also in the description Charles once again thank you so much I think that answers it so appreciate it thank you all all right everybody that's it we'll jump back all right so that's it so just like we talked about I think that people like you and me we are okay with custody self-custody I think the people that are coming in may not be as comfortable doing that and of course we've seen people lose their keys before I think moving forward it is on us to educate everyone why self-custody is so important and not have a recovery type of service but that's on us to educate everyone so that is it for today like today's video give it a thumbs up consider subscribing this is not a set it and forget a type of market you really should be up today about what's going on but that's it for today so thanks so much for stopping by I do appreciate you and I'll see you on the next one