CTO interview: Charles Guillemet, securing your crypto assets at Ledger
This is not your typical CTO: Charles and his team are building state-of-the-art hardware to secure, buy, and exchange your crypto assets. No matter the cryptos you own, you will need a key to get access to them and prove they are yours. Keeping this key secure and secret is the problem they solved at Ledger. Learn how, although having joined years after the company was created, Charles rose to the CTO position at Ledger.
There are so many companies today active in cryptocurrencies or blockchain in general. What is Ledger doing compared to them?
Cryptocurrency and blockchain, in particular, is an amazing technology, a complete paradigm shift. For the first time in history, you can really own your data and the value it has. If you compare it to your money in the bank: when you want to make a transaction, you have to ask your bank for permission to do so.
When it comes to owning crypto, it means being able to spend them whenever you want. The fact that you own crypto, means that you are the only one able to spend your coins. To do so, you need a private key. With this private key, you can prove the ownership of your digital assets. We provide a technical solution to secure your private key. Wherever this crypto revolution goes, the problem of securing it will always be there. It is a major challenge to solve.
It makes me think of the people who have lost the hard drive that they hid in a safe place and the mom has thrown it away. Crypto worth 50 million ended up in the dump.
Indeed, in decentralisation, if you lose your key, there is nothing you can do. If an attacker gets access to it, they can make transactions and there is nothing that you can do, like knocking at your bank’s door, to revert it.
So how do you solve it?
Historically, it has been created by a couple of people. For the tech part, these were people from the smart card field. We didn’t reinvent the wheel: it’s the same kind of technology you use in your passport or banking card. Inside our devices, there is a secure element, smart card technology, coming from France by the way. We have designed small devices with a small circuit, and your secret will be generated inside the circuit. As soon as you want to make a transaction, the device will compute digital signatures. All the cryptography is implemented inside the device.
There are three challenges: how do you generate the key, how it’s stored, and when you want to use it how can you be sure that the transaction you consent to is the one you will be signing. That’s why on our devices there is an independent display which allows you to verify the transaction you’re about to consent to, even if your computer was compromised. From this, we built a complete software offering, with a nice UX and UI to control your cryptos.
What if you lose that device?
If you lose it, and you do not have a backup of it, you lose your cryptos. To solve this, we use the crypto standard (BIP-39) which puts your private keys in a human-readable way. Instead of a string of zeros and ones you have a list of 24 words that is the exact human-readable form of your private keys.
When you initialize your device, you will see the 24 words, write them down on a piece of paper, and put it in a secure area. If you ever lose your device, you only have to buy a new compatible device and then recover your keys with these 24 words.
You joined Ledger 3 years after it was founded, how did you end up as CTO?
It’s a funny story: I joined 3 years after the company was created, and I joined at the end of 2017. My initial mission was to create the security department of Ledger. There was an empty room when I joined: no desks, no nothing — At first, I was a bit surprised but it was incredibly exciting to have a blank page and write your own story. I started to buy desks, and materials to create the department and the R&D team. The security research team is trying to break our own products to test how good they are and improve the security. Today this team is called the Donjon. From time to time, they find small vulnerabilities, which are less and less frequent.
Today, it is a small team of around 10 people with lots of expertise in the security field: hardware and software security, cryptography and blockchain protocols.
After that, I created the certification team because what we sell to our customers is the promise of security. It’s not a regulated market but we think it is still a reassurance stamp. This was about 4 years ago when we were 40 people. We were just raising our Series B of $75 million.
And that’s when you became CTO?
A year and a half later after, Pascal, our CEO asked me to take the lead of the engineering team. At the time, the CTO was the tech co-founder who is a great engineer, but he didn’t enjoy team management. So, when the team grew, he decided to continue focusing only on what he likes.
To be honest, that was not my plan to become a CTO. I definitely had to think about that. The co-founder insisted a lot for me to accept the role. As of today, it is fun to remember this story because I really enjoy it now. I also kept the security part of my responsibilities. Today the team is more than 250 people in tech, and 600 in total. We plan for the tech team to be 500 by the end of the year.
Security is clearly a key element of Ledger. What would you say are the most important technical challenges when maintaining security online? How do you face them with your team?
With our offering, you don’t have space for mistakes. It’s zero or one. Crypto market are open 24/7, as opposed to stock markets which are open only a few hours 5 days a week. That means that if our backend fails or goes down, even from a security point of view, it is dramatic, our users can get scared, and we might lose trust. Even where security is not important, being rigorous and avoiding mistakes are very important, it’s a matter of trust.
What is your tech stack?
It’s something difficult because our stack is very wide. Inside the hardware, we have low-level embedded C, with very hard constraints as we have only a few hundred K of flash memory and a few dozens of K of RAM.
Then we have Ledger live, written in React native and ReactJS as an Electron app so it is compatible with Android, iOS, Mac, Linux and Windows.
Then we have plenty of different backends: some written in Python, a lot of Scala, but when synchronizing the blockchain, an inconvenient structure of data where every block has to be checked, we have a backend that gives you the results in milliseconds and support several hundreds millions requests a day. So scalability is a challenge here.
We also have some legacy in C++, but we’re in the process of getting rid of this technical debt. The e-commerce website is in WordPress in PHP.
When you sign a transaction on your device, there is a lot going on in the background!
If you want to connect with Charles, click here.
To learn more about Ledger, visit their website: ledger.com
If you’re a techie working on something exciting or you simply want to have a chat, get in touch with me. I’m currently CTO at Kolleno.com
FROM THE AUTHOR
>> 3 Reasons to Get Rid of Excel for Invoice Tracking
