The Ledger Donjon is our team of white-hat hackers who make sure that all the products from Ledger are as secure as possible. They don't just stop there. The Donjon works across the ecosystem to spot vulnerabilities and strengthen what the community builds together. Hear our

📰Today, we are publishing the Ledger Recover White Paper, a key step in allowing anyone to audit the cryptographic protocols. This builds on the over 150 apps and other open-source enablement Ledger has already implemented. Don’t trust, verify.🧵

"Security is not static, it is a journey - you always try to break your own product, and that forms the foundation of what you are going to work on next." -@p3b7_ Check out Dan Held's security journey to the @donjonledger with our CTO @p3b7_.

The video of the presentation on the hardware vulnerability identification (T-test) and exploitation (double laser fault injection) is finally out! You can view it there: youtube.com/watch?v=b1haeC…

Olivier will be present in Hardwear.io next week to present his huge work on the ATECC608B: a Triple Exploit Chain done with our laser benches in the Ledger Donjon! #hw_ioNL2023 #hardwaresecurity #Conference

Ever wondered about the basics of side-channel attacks? In the late MISCmag edition (in French), you can learn the underlying principles of such threats, and discover how to use our 🌈 Rainbow tool to assess the security of your code! github.com/Ledger-Donjon/…

📢Introducing our next Web3 Carnival speaker🎤 📷Join us as, Charles Guillemet , CTO: Ledger , takes the stage to share their visionary perspectives and actionable tips!✨ Book your tickets Now: web3carnival.world/buy-ticket #web3carnival #Ledger #Crypto #NFT #web3 #w3c 🚀

Olivier’s talk on Triple Exploit Chain With Laser Fault Injection on the ATECC608B is available! Check it out: youtube.com/watch?v=Hd_K2y… #hw_ioNL2023 hardwear.io

We are 100% focused on following up to last week’s security incident, making sure incidents like this are prevented in the future, and that the ecosystem remains safe. We are aware of approximately $600k in assets impacted, stolen from users blind signing on EVM DApps. Ledger

Smart contracts are an integral part of the crypto ecosystem - but interacting with them does involve some risk, as you could accidentally sign a malicious contract. 🚨 Not sure what red flags you should be looking out for? Ledger Academy has you covered: ledger.com/academy/smart-…

"There is no security on this earth; there is only opportunity." But, opportunity to improve security exists, and I'm excited to share one with you. 🔥🔥 🛡️ Ledger Donjon 🛡️ is opening one (and only one) position for an 🔰 internship 🔰 in our security software team. If you

Fault Injection (FI) and Side-Channel (SC) attacks targeting ESP32 SoC eFUSE encryption keys extraction Great research work by Ledger Donjon eprint.iacr.org/2023/090.pdf #espressif #cybersecurity

We are thrilled to have open-sourced cargo-checkct, to help bridge the gap between academic research and industry practices for the early detection of timing vulnerabilities in cryptography libraries. Read more about it in our blog post. ledger.com/blog-cargo-che…

🚀 Exciting news! The Ledger Donjon team proudly presents cargo-checkct, our new open-source tool designed to defend against timing attacks. 🛡️ 📖 In our latest blog post, we explore: The concept of timing attacks and their impact Why timing vulnerabilities in cryptography