Ripple’s David Schwartz wants crypto wallet developers to stop pushing mandatory updates that could put users at risk.
Quick Summary – TLDR:
- Ripple CTO David Schwartz warns that forced wallet updates increase the risk of phishing and device damage.
- He urges wallet makers to give users full control over when to install updates.
- Only urgent security patches should be mandatory, not routine improvements.
- The warning follows recent scam alerts in the crypto space, including one from Trezor.
What Happened?
Ripple CTO David Schwartz has issued a public warning to crypto wallet developers, urging them to reconsider how they release software and firmware updates. He called out the dangers of forced updates and stressed the need to let users install updates at their own pace to avoid security risks.
Crypto wallet manufacturers:
— David ‘JoelKatz’ Schwartz (@JoelKatz) December 26, 2025
Please do not make software/firmware updates mandatory unless *absolutely* necessary. Sometimes we need to do things in a hurry and forcing us to make updates in a hurry to get to do the thing we really need to do creates grave risk needlessly.
Mandatory Updates Are a Growing Concern
Schwartz took to X (formerly Twitter) to highlight a growing problem in crypto security: wallet manufacturers forcing users to update software or firmware before they can use their wallets. According to him, this approach creates unnecessary urgency that can leave users vulnerable to phishing attacks or installing fake updates.
Schwartz posted:
He argued that updates should be mandatory only in the case of critical threats. Routine feature additions or minor improvements should not prevent a wallet from functioning.
Why Rushed Updates Are Risky?
Schwartz explained that when users are forced to update in a hurry, they often skip crucial authentication steps, such as verifying the update source. This opens the door to phishing scams and malware. Additionally, fast-tracked updates increase the chance of technical errors that could damage a hardware wallet permanently.
Potential risks include:
- Users falling for phishing emails disguised as update prompts.
- Installation of fake or malicious software.
- Hardware becoming unusable due to update-related bugs.
Schwartz warned that this type of update pressure could ultimately lead to irreversible losses for users, especially those new to crypto.
Call for User-Controlled Update Systems
The core of Schwartz’s message is a push for user autonomy. He wants wallet developers to notify users about updates, but give them the freedom to install them at a time that feels safe and convenient.
This approach aligns with broader crypto best practices that emphasize security through education and user empowerment.
Trezor’s Warning Adds Context
Schwartz’s warning comes on the heels of a scam alert issued by hardware wallet maker Trezor. The company warned users about phishing campaigns that mimic software update notifications. Trezor’s message supported Schwartz’s concerns, showing that the issue of update-driven scams is not hypothetical.
Their combined voices reflect an ongoing debate in the crypto community: how to balance security with user experience.
Ripple’s Broader Security Stance
Schwartz is known for regularly commenting on crypto security issues. He’s been vocal about the need for responsible wallet management and recently commented on prediction markets and XRP token mechanics. His latest remarks reinforce Ripple’s image as a company that values user protection and ecosystem integrity.
SQ Magazine Takeaway
Honestly, I could not agree more with Schwartz here. Giving users time to breathe and verify updates is such a simple change that could prevent massive problems. Mandatory updates make sense only when a real threat is at the door. For everything else, I want the choice to protect myself. Wallet makers should not trade user safety for the convenience of a uniform rollout. It’s time to design update systems that respect the people using them.
