Ledger, a leading hardware cryptocurrency wallet provider, has announced its commitment to reimburse users following the recent Ledger Connect Kit exploit. The company acknowledged that approximately $600,000 in assets were stolen due to blind signing on Ethereum Virtual Machine (EVM) decentralized applications (DApps). The breach, which occurred on December 14, 2023, notably affected DApps such as SushiSwap and Revoke.cash.
Understanding the urgency of the situation, Ledger has vowed to ensure that all affected individuals are compensated. They plan to complete this restitution process by the end of February 2024. Ledger’s official statement on the matter emphasized their dedication to user security and compensation.
Furthermore, Ledger has decided to take proactive steps to enhance security in its ecosystem. The company will collaborate with the DApp community to promote clear signing, a more transparent transaction verification process. To this end, they will phase out the allowance of blind signing on Ledger devices by June 2024, a move aimed at setting new security standards in the industry.
This initiative is part of Ledger’s broader strategy to foster a safer environment for digital asset transactions and to encourage the adoption of clear signing practices across various decentralized applications.