The DeFi Experience in Ledger Live
|— Decentralized finance solves the centralization, freedom, and ownership challenges faced by traditional finance users.|
— DeFi solutions themselves, however, remain riddled with security challenges and poor user experiences.
— Ledger Live aims to solve these challenges through its integration of DeFi solutions and by offering the most secure gateway to access DeFi services.
— In this article, we primarily focus on the security issues of blind signing and private keys – and explore how Ledger helps you circumvent these challenges to have a smoother and more secure DeFi experience.
If you’re busy exploring the world of DeFi, and want to make sure you stay safe, look no further than Ledger’s DeFi integrations. Here, we give you a guided tour.
You can’t love something without noticing its flaws. That’s the kind of relationship we at Ledger have with decentralized finance. It’s the reason we never shy away from talking about and addressing the flaws that DeFi faces. On that note, this article is an effort to articulate some of those flaws, how they affect DeFi users, and what we’ve done at Ledger to resolve them.
The Case for DeFi
TradFi faces a range of challenges that make it obsolete for today’s expectations. Lack of accessibility, time consuming and cost-heavy services, the absolute absence of control over one’s own money, you name it…
The question is, do you even own the money you see in your bank account? Not really. They are all just numbers recorded on the ledger of a central entity that actually retains the ultimate control over the assets — your assets.
Freedom and ownership are almost non-existent parts of TradFi. Its failure to reach billions of adults worldwide and its favor-the-rich mechanisms make matters worse.
The foundations of decentralized finance or DeFi were laid with the launch of Bitcoin in 2009. It did a remarkable job by offering people a way, for the first time, to store and transact money without any central entity.
That, however, was only the disruption of one part of the existing financial system – the transfer of value. The launch of Etheruem is what set things in motion for the wider aspect of DeFi. It enabled developers to build all kinds of financial services you can think of and more; on a decentralized network.
Today, we have a range of blockchains that support a massive proportion of the financial services on blockchains that we usually only saw in TradFi. You want a loan without a bank or lend your money? Go to Aave or Compound. You want to trade your assets without giving up control of your funds? Use a decentralized exchange like Uniswap. Margin trading, insurance, stable asset storage? Everything’s there. And unsurprisingly, everything works without a central entity.
That being said, DeFi comes with its own concerns – let’s have a look at those right now.
Security: The Biggest Challange for DeFi
DeFi is an inspiring, fast moving ecosystem that is constantly being driven forward by developers who see scope to improve the status quo, and use their technical know-how to make it happen. But regular end users like you and I probably aren’t coding experts, and we can’t read complicated smart contract details when it’s given to us in raw form.
That lack of understanding and transparency into transaction details is precisely what has opened new doors for hackers to exploit users. And of course, the ever-present question of private key storage looms large when we transact with DeFi platforms.
So let’s take a deeper look at the key vulnerabilities you face as you explore the industry, before giving you a guided tour of Ledger’s solutions.
Your Private Keys Aren’t Always Safe
This is something we’ve discussed often but it’s worth highlighting again. Hot wallets that are designed to interact with DeFi protocols offer a convenient way to transact – but the downside is that they basically store your private keys within a system that’s connected to the internet, leaving you vulnerable to hacks and malware that target your private keys.
Hardware wallets effectively address this issue by storing them offline at all times. But there’s a trade-off too: while bespoke hot wallets are designed to interact seamlessly with dApps and DeFi, their hardware counterparts are not always able to work with your favourite platforms so seamlessly – DeFi protocols are developing at a pace, and security infrastructure hasn’t always kept up.
So, to use your hardware wallet funds on a DeFi protocol, you need to connect it with a middleware that is compatible with the protocol, which again brings its set of hot wallet vulnerabilities into the equation.
You Can’t Read What You Sign
When you conduct transactions on a DeFi platform, its smart contract sends a request to your wallet. You must verify this request and confirm it from within your wallet interface to complete the transaction.
The problem is, the request you receive in your wallet is coded as a string of numbers that are hard to decipher. This is because the wallet you’re using cannot read or decode the smart contract details, making it impossible to know for sure what you’re agreeing to. Is it permission for the transaction we requested, or is it to drain the funds from the wallet? We can’t know, so we simply trust the platform we’re using and sign the transaction blindly; a practice called bling signing.
As users become more educated and smart contracts become harder to hack, hackers are relying on blind signing to trick users to open doors for them. They hide malicious code behind a regular-looking request, which, if you sign, may offer unlimited access of your funds to them. Big mistake!
So as you can see, crypto wallets being used with DeFi platforms must strike a fine balance for users – offering not only security, but also ease of use and compatibility with the platform itself, in order to give the ens user transparency over what they are signing.
So how do you achieve all these things at once?
What hardware Wallets brought to the table
Ledger’s MO is to act as a simple and safe gateway to DeFi services, by enabling you to secure the keys for your DeFi hot wallets within our secure device. However, that too had some shortcomings, stemming from blind signing and general drawbacks of hot wallets.
To solve that, we integrated some key DeFi platforms into Ledger Live that now help you dive into DeFi from within the safety of the Ledger ecosystem. It’s like a walled garden for DeFi, where you’re free to explore in the full and certain knowledge that you’re within safe territory.
Why is it safe?
Ledger has successfully replaced the common trend of blind signing by introducing clear signing in its hardware wallets. So, now when you conduct a transaction on any DeFi platform integrated into Ledger Live, your hardware wallet screen shows you the exact details of the transactions and what you’re about to agree to.
Say you’re making a swap on an integrated exchange platform: when the request arrives on your wallet screen, instead of showing a string of characters, it will show you in human-readable text the exact amount of ETH you’re swapping and the amount of USDT that you will receive. And you don’t have to eat codes for breakfast to understand that.
And, as ever, all transactions using a Ledger Nano wallet are completed within the device, meaning your keys are never exposed to the internet. Ever.
Talk about flow, security, ease of use, smooth user interface. It’s all there when you use DeFi through Ledger Live.
Ledger Live Integrations
Over time, we have integrated a range of DeFi services to Ledger Live, allowing our users full exposure to the exciting opportunities in DeFi. We can broadly categorize these services into four sections: swapping, staking, lending and borrowing, and DeFi dashboard.
If you’re more into DEXs than CEXs for the increased control they offer you over your funds, let’s take it to the extreme. Ledger Live has integrated 1inch and Paraswap — two of the most widely used DEX aggregators. You can go to either of these platforms within Ledger Live and compare the swap rates of assets across hundreds of DEXs and then choose the best rate to make the swap. All while your Ledger Nano wallet keeps your sensitive wallet information offline.
The beauty of crypto is there are numerous opportunities to put your crypto assets to work and earn extra returns as you hold them. In that list of opportunities, staking is one of the easiest and effective ways to grow your wealth. To make sure you don’t miss out on this opportunity, Ledger Live is now integrated with Lido, the top staking platform for Ether (ETH). Lido now also allows you to stake Solana (SOL) from Ledger Live to earn an interest of over 8% per year.
Why leave your valuable crypto inactive, when you could make it work for you? Well, that’s the whole point of Compound — one of the most popular and trustworthy lending and borrowing protocols in DeFi. If you want to lend your assets to generate interest, you can do that seamlessly and safely on Compound, inside of Ledger Live.
Tracking your DeFi investments can be a challenge when you’re using multiple platforms and own a number of assets. Simplifying that is the DeFi dashboard platform, Zerion, which is now integrated with Ledger Live. Apart from showing you a breakdown of your entire portfolio, it also allows you to perform a range of DeFi activities from within its ecosystem. So, while using Zerion on Ledger Live, you can borrow, swap, add liquidity, or even save your assets to earn interest.
Simplicity and Security Packed Into One
Security and simplicity lie at the core of what we do at Ledger. The integration of DeFi protocols into Ledger Live is a part of bringing those two features to Ledger users. And we have kept our ecosystem open source so any protocol can integrate Ledger and offer their users the most secure crypto experience.
Decentralization is all about giving power and control back to individuals like you and me, and Ledger is here to provide a platform to keep you secure as you enjoy this incredible new dynamic.
Knowledge is Power.
If you’re just getting into DeFi and you’re wondering how to makethe most out of your HODLed coins and tokens, look no further – School of Block has the answers.