Hardware wallet provider Ledger has announced that it will fully compensate users who were impacted by a recent vulnerability in its ConnectKit library. The compromise resulted in the theft of approximately $600,000 in digital assets from users who blind-signed on Ethereum virtual machine (EVM) decentralized applications (dApps). Ledger has committed to reimbursing the affected individuals by February 2024 and has already begun engaging with them.
In response to the incident, Ledger has also pledged to disable blind signing on its devices for EVM dApps by June 2024. Blind signing is a process where users approve transactions without verifying their content. The company aims to bolster security measures and prevent future occurrences by collaborating with the dApp ecosystem to implement Clear Signing. This process will allow users to verify all transaction details before approving them, mitigating front-end attacks on cryptocurrency platforms.
Ledger’s commitment to compensating affected users and enhancing security reflects its dedication to protecting the ecosystem and ensuring user trust. By prioritizing Clear Signing and phasing out blind signing, Ledger aims to establish a new standard that safeguards users and encourages secure transactions across dApps.
This News Article was automatically generated by Bob the Bot (AI)
Information | Details |
---|---|
Geography | Global |
Countries | |
Sentiment | very positive |
Relevance Score | 1 |
People | None |
Companies | Ledger, SushiSwap |
Currencies | Ethereum |
Securities | None |