Hardware wallet developer Ledger has posted a warning on reddit advising those who own a Nano S wallet to avoid using the latest version of the Monero client with the latest version of the hardware wallet's Monero app. The warning comes in response to one reddit user who claims a bug in the app resulted in the loss of around 1,680 Monero (XMR) (about $80,000 at time of press).
According to the redditor's account of the events, after transferring .000001, 10, and 200 XMR from their Ledger hardware wallet to a view-only wallet, the user still had 1,690 XMR overall, and 141.9 XMR in their unlocked balance (XMR that can be spent after the 10-block waiting limit is up). The user then decided to transfer the 141.9 XMR into the view-only wallet and found that, after the transfer, their hardware wallet balance showed zero XMR.
The user states that after further research, they realized the transactions recorded on the blockchain didn't add up. At block 1783734, the user's view-only wallet shows that 200 XMR was transferred, while the Ledger wallet shows that 1,691 XMR was moved. The user stated a bug in Ledger's Monero software is the reason their funds have been "lost," a word they clarify to mean that they believe the XMR is still on their Ledger device, it's just not showing up.
After reporting the bug, Nicolas Bacca, Ledger's chief technical officer (CTO), responded on reddit. Believing the missing XMR was a result of a synchronization issue, he stated that the Monero app had been "quite extensively tested internally and by the community." However, after updating their original post, the redditor claims they have restored their Ledger wallet, updated the firmware, and resynced with the blockchain, but their wallet still shows they have zero XMR.
More Communication Breakdown?
The possible Ledger hardware wallet bug comes after a rough January and February for the company and users of its Nano S device. On January 16, the company announced that a new firmware update for the Nano S would allow for more third-party developer support for cryptoassets. However, on February 14, just a month after the firmware update, Ledger issued an apology when it came to light that the update negatively impacted the storage capacity of the Nano S. Users on reddit claimed the update made it impossible to hold bitcoin, Ether, and Ripple apps at the same time; they viewed the update as a ploy to drive up pre-orders for the larger Nano X wallet.
The reported bug and how Ledger has responded to it so far also echoes the Coinomi and avoid-coinomi.com drama from last week. After Warith Al Maawali's Coinomi wallet seed phrases were allegedly sent to Google's remote spell checker services in unencrypted text, Maawali claimed $60,000 to $70,000 worth of cryptocurrency was stolen from his wallet. In response, Coinomi issued a "well, actually" statement, prompting MyCrypto founder and CEO Taylor Monahan to discuss the kind of language and tone used by Coinomi.
Although Ledger's initial response to the bug reporter was similar in its "well, actually" quality, it's a bit too early to really unpack how this situation has been handled. Whereas Coinomi was, let's say, fastidious enough to provide the public with a document of its conversation with Maawali, there's no telling what's been said between Ledger and the bug reporter since the CTO reached out. Nevertheless, as language and attitude continue to be discussed in the space, how Ledger communicates about the situation and how it is handled will surely come under examination.