Vincent Van Code, an active software engineer and cryptocurrency security advocate, recently posted a somber security alert on XRP’s discord channel. Perhaps most controversially, he challenged users to rethink their blanket trust of hardware-based wallets such as Ledger and Trezor. Van Code’s warning comes at a very critical time for the crypto community. It’s an important reminder—for the industry and the feds alike—that dollar value is no substitute for prioritizing crypto security.

Personally, we still think that Ledger and Trezor usually represent the gold standard when it comes to crypto storage. Ironically, Van Code advocates for air-gapped devices, which are completely disconnected from all internet or network access. These devices, second to none security-wise, demand greater technical savvy and are less convenient for everyday, on-the-go use.

Van Code's core message emphasizes that if a private key is exposed to the internet, even momentarily, it is at risk. Crypto users have lost hundreds of millions as a result of such critical leaks, clipboard hijackers, browser exploits, and malware. As the adoption of mobile wallets, browser extensions, and web-based exchanges continues to grow, so too do these risks.

Van Code argues that some of these crypto storage solutions may leave assets more exposed than users believe. He explains that the omission of open-source firmware and third-party auditing makes the security of their devices questionable at best. He acknowledges that there is no way to ensure private keys are not being sent when utilizing these tools.

By nature, Van Code asserts, security isn’t a crypto setting—it’s a culture. His remarks serve as a helpful warning to both the XRP community and the whole crypto sector to avoid becoming complacent. They highlight the importance of preventive security by design.