{"id":"charles-guillemet","title":"Charles Guillemet","content":"**Charles Guillemet** is a French cybersecurity expert and product executive who serves as the Chief Technology Officer (CTO) at Ledger, a company specializing in security solutions for digital assets. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw) [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y) He is known for his expertise in hardware wallet architecture and for founding the Ledger Donjon, the company's internal security research team. Guillemet is a prominent public commentator on the evolving threat landscape in cryptocurrency, particularly regarding the security challenges introduced by artificial intelligence. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw) [\\[3\\]](#cite-id-hBA9cc3gXLeimoNI)\n\n## Early Life and Education\n\nGuillemet’s interest in computer security began at age 12 after he received his first computer. In his youth, he actively pursued hacking as both a hobby and a for-profit activity. [\\[4\\]](#cite-id-pZljeLjyWmWpt8TO)\n\nHis formal academic background is rooted in mathematics and cryptography. He attended Université Montpellier 2 from 2003 to 2007, where he earned a Maitrise (Master 1) in Mathematics. He continued his studies at the National School of Computer Science and Applied Mathematics of Grenoble (Ensimag) from 2007 to 2009, focusing on Mathematics and Computer Science. He graduated as Valedictorian of his class from ENSIMAG with a Master of Science in Cryptography & Security. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw) [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y) He finalized his education at Université Joseph Fourier (Grenoble I) from 2009 to 2010, obtaining a Master 2 degree in Security, Cryptology and Coding of Information Systems. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw)\n\n## Career\n\n### Pre-Ledger Career\n\nBefore joining Ledger, Guillemet built a career in cryptography and embedded systems security in both the private and public sectors in France. From October 2009 to February 2014, he worked at Tiempo S.A.S. as a Cryptosystems Design Expert, where he specialized in designing cryptosystems. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw)​\n\nIn February 2014, he transitioned to the French Alternative Energies and Atomic Energy Commission (CEA), specifically working at CEA-LETI ITSEF, a security evaluation laboratory accredited under the Common Criteria framework. [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y) At CEA, he first served as a Cryptography & Security Evaluator until April 2015, after which he became a Technical Manager, a role he held until December 2017. During this period, he also returned to his alma mater, serving as a teacher for a Master's level course on smart card security at Grenoble INP - Ensimag from October 2015 to October 2017. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw)​\n\n### Ledger\n\nGuillemet joined Ledger in December 2017, initially as Chief Security Officer (CSO), and was tasked with establishing the company's security organization from the ground up. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw) [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y)​\n\nOn December 5, 2019, he was appointed Chief Technology Officer (CTO) of Ledger. [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y) In this capacity, he leads a division of over 100 security and engineering experts. His responsibilities cover the entirety of Ledger's technology stack, including product engineering, hardware architecture, firmware development for the hardware wallets, and the Ledger Live software application. He directs the security model for Ledger's devices, focusing on the integration of secure element chips, firmware integrity, and defense against both physical and remote attacks. His role also involves guiding product decisions on user authentication, transaction signing workflows, and key recovery processes. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw)​\n\nAs CTO, Guillemet was a key figure in the technological development and 2024 launches of two new hardware devices, the Ledger Stax and Ledger Flex. These products were notable for introducing secure touchscreen technology to the company's product line, an architectural feature designed to enhance the security of user interactions. [\\[4\\]](#cite-id-pZljeLjyWmWpt8TO) [\\[5\\]](#cite-id-xaVZKnct3zsdavWF)​\n\n## The Ledger Donjon\n\nGuillemet is the founder of The Ledger Donjon, Ledger's internal security research and evaluation team. [\\[4\\]](#cite-id-pZljeLjyWmWpt8TO) The Donjon is central to the company's security strategy and has also contributed to the broader digital asset ecosystem through its research and responsible disclosure practices. Guillemet established the team based on the core principle: \"to build secure products, you need to try to break them.\" [\\[5\\]](#cite-id-xaVZKnct3zsdavWF)​\n\nThe Donjon's activities include:\n\n* **Internal Product Testing:** The team employs a \"white box\" approach, giving them full access to a device's architecture and source code to conduct continuous, intensive security assessments on all Ledger products. [\\[5\\]](#cite-id-xaVZKnct3zsdavWF)\n* **Attack Vector Research:** They actively research and attempt to execute a wide variety of attack vectors, including software hacks, side-channel attacks, and physical hardware attacks like fault injection. [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y)\n* **Ecosystem Security:** The Donjon analyzes the security of competitor hardware wallets. When vulnerabilities are discovered, the team follows a responsible disclosure process, informing the vendors to help them patch the issues and improve the overall security of the industry. [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y)\n* **Open-Source Tooling:** The team has developed and released a number of open-source tools for hardware and software security analysis. [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y)\n\nUnder Guillemet's leadership, the work of the Donjon was instrumental in securing independent, third-party security certifications for the Ledger Nano S and Ledger Nano X hardware wallets. [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y)​\n\n## Views and Public Commentary\n\nGuillemet is an active commentator on digital security, frequently speaking on Ledger's security philosophy, emerging threats, and technical standards.\n\n### Security Philosophy\n\nGuillemet advocates for a security-first approach centered on hardware-based solutions. He consistently promotes the use of hardware wallets equipped with secure element chips as the foundational layer of user security, as they isolate private keys from internet-connected devices that are more vulnerable to compromise. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw) [\\[3\\]](#cite-id-hBA9cc3gXLeimoNI)\n\nHe often describes the field of crypto security as a \"cat-and-mouse game\" that requires constant adaptation to new attack vectors. He also acknowledges the inherent tension between implementing robust security measures and creating a user-friendly experience, a central challenge that his teams at Ledger work to address. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw) He encourages users to adopt a zero-trust mentality, advising them to operate under the assumption that most software and systems can fail. [\\[3\\]](#cite-id-hBA9cc3gXLeimoNI) He has stated, \"You can’t trust most of the systems that you use.\" [\\[3\\]](#cite-id-hBA9cc3gXLeimoNI)\n\n### On AI and Crypto Security\n\nIn an interview with [CoinDesk](https://iq.wiki/wiki/coindesk) on April 5, 2026, Guillemet warned that advancements in artificial intelligence are significantly exacerbating security challenges within the cryptocurrency space. He argued that AI is fundamentally altering the economics of cyberattacks by making them cheaper and easier to execute on a massive scale, stating, \"Finding vulnerabilities and exploiting them becomes really, really easy... The cost is going down to zero.\" [\\[3\\]](#cite-id-hBA9cc3gXLeimoNI)\n\nHis key concerns regarding AI include:\n\n* **Lowered Barrier to Entry:** AI enables malicious actors to create sophisticated, highly personalized phishing and social engineering scams with minimal effort. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw)\n* **Automated Vulnerability Discovery:** Attackers can leverage techniques like \"AI-powered fuzzing\" to automatically discover software vulnerabilities in crypto applications and protocols more efficiently than through manual methods. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw)\n* **Insecure Code Generation:** Guillemet expressed significant concern that the growing reliance on AI tools for code generation will lead to the proliferation of software that is \"insecure by design.\" He noted, \"We are going to produce a lot of code that will be insecure by design... There is no 'make it secure' button.\" [\\[3\\]](#cite-id-hBA9cc3gXLeimoNI)\n* **Advanced Malware:** He described the emergence of sophisticated AI-powered malware capable of independently scanning compromised devices, such as mobile phones, to find wallet seed phrases and drain funds without user interaction. [\\[3\\]](#cite-id-hBA9cc3gXLeimoNI)\n\nIn response to these AI-driven threats, Guillemet champions the use of formal verification—a method using mathematical proofs to validate code correctness—as a more reliable security measure than traditional audits. He also reiterates the importance of hardware-based security, noting, \"When you have a dedicated device not exposed to the internet, it is more secure by design.\" [\\[3\\]](#cite-id-hBA9cc3gXLeimoNI)\n\n### On Technical Standards and User Sovereignty\n\nGuillemet is a vocal proponent of \"Clear Signing,\" an open standard developed by Ledger to enhance transaction security. The standard is designed to combat \"blind signing,\" a common vulnerability where users approve transactions without fully understanding the underlying smart contract interactions, which can lead to asset theft by \"crypto drainers.\" Clear Signing decodes complex transaction data and presents it in a human-readable format on the hardware wallet's secure display, ensuring a user's intent matches the on-chain action they are approving. The use of a secure touchscreen directly connected to the device's Secure Element is a key part of this architecture, as it ensures the information displayed cannot be tampered with by malware on a connected computer or phone. [\\[5\\]](#cite-id-xaVZKnct3zsdavWF)\n\nHe has also spoken about data sovereignty and privacy, which he considers a \"fundamental right.\" Criticizing the prevalent internet model of exchanging personal data for free services, Guillemet was involved in developing the Ledger Keyring Protocol. The first implementation of this protocol, Ledger Sync, allows users to synchronize their Ledger Live accounts across multiple devices using end-to-end encryption. A core design principle is that Ledger never has access to this user data, giving users sovereign control. [\\[5\\]](#cite-id-xaVZKnct3zsdavWF)\n\n## Public Profile\n\nGuillemet is a regular speaker at major international technology and security conferences, including Black Hat MEA and BTC Prague, where he presents on topics such as hardware security, side-channel attacks, and the crypto threat landscape. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw) [\\[2\\]](#cite-id-Ouz0kJqxOmqrZR2y)\n\nHe frequently represents Ledger in technical interviews and on podcasts. In November 2024, he was the featured guest on Episode 84 of \"The Ledger Podcast,\" titled \"The Crypto Security Journey - Assessing Evolving Digital Threats,\" where he discussed the company's security philosophy, the Donjon, Clear Signing, and the Ledger Keyring Protocol. [\\[5\\]](#cite-id-xaVZKnct3zsdavWF) He maintains an active presence on X (formerly Twitter) under the handle @P3b7\\_, sharing insights on security research and cryptography. [\\[1\\]](#cite-id-jZ7tRN1czCWGexdw)","summary":"Charles Guillemet is a French cybersecurity expert and the Chief Technology Officer (CTO) at Ledger. He is known for founding Ledger's internal security research team, the Donjon, and for his expertise in hardware security and securing digital assets.","images":[{"id":"QmZ88kd6E1VPiDtpyBKoX2nV6b6Z4QL89LsHjudTAPi3dE","type":"image/jpeg, image/png"}],"categories":[{"id":"people","title":"people"}],"tags":[{"id":"PeopleInDeFi"},{"id":"Speakers"},{"id":"Founders"}],"media":[],"metadata":[{"id":"references","value":"[\n  {\n    \"id\": \"jZ7tRN1czCWGexdw\",\n    \"url\": \"https://cryptoslate.com/people/charles-guillemet/\",\n    \"description\": \"CryptoSlate profile of Charles Guillemet\",\n    \"timestamp\": 1775405437074\n  },\n  {\n    \"id\": \"Ouz0kJqxOmqrZR2y\",\n    \"url\": \"https://www.ledger.com/ledger-appoints-charles-guillemet-as-chief-technology-officer\",\n    \"description\": \"Ledger announcement of Charles Guillemet as CTO\",\n    \"timestamp\": 1775405437074\n  },\n  {\n    \"id\": \"hBA9cc3gXLeimoNI\",\n    \"url\": \"https://www.coindesk.com/tech/2026/04/05/ai-is-making-crypto-s-security-problem-even-worse-ledger-cto-warns\",\n    \"description\": \"CoinDesk article on AI and crypto security\",\n    \"timestamp\": 1775405437074\n  },\n  {\n    \"id\": \"pZljeLjyWmWpt8TO\",\n    \"url\": \"https://btcprague.com/speakers/charles-guillemet-2-2/\",\n    \"description\": \"BTC Prague speaker bio for Charles Guillemet\",\n    \"timestamp\": 1775405437074\n  },\n  {\n    \"id\": \"xaVZKnct3zsdavWF\",\n    \"url\": \"https://www.ledger.com/the-ledger-podcast/the-crypto-security-journey-assessing-evolving-digital-threats\",\n    \"description\": \"Ledger Podcast with Charles Guillemet\",\n    \"timestamp\": 1775405437075\n  }\n]"},{"id":"twitter_profile","value":"https://x.com/P3b7_"},{"id":"references","value":"https://cryptoslate.com/people/charles-guillemet/"},{"id":"commit-message","value":"\"Added profile for Charles Guillemet\""}],"events":[{"id":"b9d2e42e-38b0-41f0-a23d-2b6190e8e723","date":"2010-09","title":"Graduated with MSc in Cryptography & Security","type":"DEFAULT","description":"Graduated as Valedictorian with a Master of Science in Cryptography & Security from Grenoble INP - Ensimag.","link":null,"multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null},{"id":"77004844-f86e-46ef-8794-56ecdf224f86","date":"2017-12","title":"Joined Ledger as Chief Security Officer","type":"DEFAULT","description":"Joined Ledger to establish the company's security department as the Chief Security Officer (CSO) and founded the Ledger Donjon security team.","link":null,"multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null},{"id":"c33dc8e1-6764-47c4-b164-31c3242d2210","date":"2019-12","title":"Appointed CTO of Ledger","type":"DEFAULT","description":"Was appointed Chief Technology Officer (CTO) of Ledger, responsible for overseeing all of the company's security and technology operations.","link":"https://www.ledger.com/ledger-appoints-charles-guillemet-as-chief-technology-officer","multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null},{"id":"e26c7921-e46f-46dd-afa6-932abc83a5c5","date":"2026-04","title":"Warned of AI's Threat to Crypto Security","type":"DEFAULT","description":"In an interview with CoinDesk, warned that artificial intelligence is making the existing security problems in the cryptocurrency space 'even worse'.","link":"https://www.coindesk.com/tech/2026/04/05/ai-is-making-crypto-s-security-problem-even-worse-ledger-cto-warns","multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null}],"user":{"id":"0x8af7a19a26d8fbc48defb35aefb15ec8c407f889"},"author":{"id":"0x8af7a19a26d8fbc48defb35aefb15ec8c407f889"},"operator":{"id":"0x1E23b34d3106F0C1c74D17f2Cd0F65cdb039b138"},"language":"en","version":1,"linkedWikis":{"blockchains":[],"founders":[],"speakers":[]}}