Ledger Recovery is a new feature available for Ledger Nano X hardware wallets, which enables users to create a backup of their recovery phrase. This backup can be used to restore the wallet in case the original recovery phrase is lost. The backup is stored with an external service. The Ledger Recovery service is available through a paid subscription, which is now available in Ledger 2.2.1 2.2.1. in the USA, Canada, Britain, and the EU countries.
The user decides to use Ledger Recovery independently. The tool breaks the Secret Recovery Phrase into three fragments, which are encrypted and stored on three different sites.
If necessary, the owner of the wallet can access a backup of the passphrase to restore the private key by confirming their data.
Naturally, among experienced crypto users, the innovation was immediately criticized. After all, early users were confident that their private keys could never leave their Ledger hardware wallets. But now they understand that they have no guarantees in this regard.
The reality is that Ledger software is developed based on closed-source code principles, making it difficult to determine its exact features. Many people even believe that this is a consequence of government intervention.
In this article, let's briefly examine the main concerns related to Ledger's recovery and Ledger's official counter position.
Community Criticism and Postponement of Release Date
To use this service for the first time, the user needs to complete a full KYC process. This involves linking their data to their Ledger account, providing an identity document, taking a selfie, and signing an agreement that they trust the three custodians who will store fragments of their seed phrase. The ledger indicates that this step is necessary to ensure that the decryption request is coming from a valid owner. And that sounds reasonable.
Many users wrote angry messages on social networks. They stated that they felt deceived by a company that had previously claimed that Ledger's wallet private keys would never be removed from the device.
Co-founder of 1inch, Anton Bukov, expressed a similar sentiment. In his opinion, Ledger violates the fundamental crypto security principle for cold wallets, which states that "they should not have an API that reveals the seed phrase."
In his letter, Gauthier wrote that Ledger had learned a difficult lesson. Parts of the code were already open for public access, and others would soon follow.
After that, the company's former CEO, Eric Larchevek, added fuel to the fire. Instead of alleviating the situation, he suggested that governments have the power to compel providers who store keys to transfer these keys and seed phrases through the court system.
On May 24, Ledger announced that it was postponing the release of a highly anticipated feature called Recovery. This decision was made due to the scandal Ledger Recovery started in the cryptocurrency community. Ledger CEO Pascal Gauthier reached out to customers and wrote that the company would not introduce a new feature until the release of the code for it.
First, it is important to understand that users must have complete trust in Ledger since the source code for the entire process is closed and cannot be verified.
If everything works exactly as explained, theoretically, the seed phrase never leaves your device in an unencrypted state. Let's assume that all of this valuable information is encrypted using reliable methods and that service providers only have access to fragments of it. However, if it is possible to send a seed phrase from your device using USB or Bluetooth upon a software request, then it may be vulnerable to unauthorized access and exploitation. This opens up new opportunities for phishing and malware attacks, which could potentially trick the user into unknowingly revealing their original phrase. A hardware wallet like this can no longer be considered a "cold" storage solution for crypto assets. Previously, this status was implied because it was understood that the original phrase could not be transmitted or shared in any way from the device.
There is also some misunderstanding regarding the encryption process. The CTO of Ledger explains that user information is encrypted with a unique key that is generated on their device for security and to prevent hacking attempts.
All of this suggests that the encryption key for fragments of the seed phrase is not unique, and it should be centrally stored by someone. This can be a significant security problem with storing many initial phrases in cloud storage. The device can remain in a safe for years, and in the event of a hack on the cloud storage mechanism, the user may not immediately realize that all of their cryptocurrencies have been stolen from their addresses.
These individuals may be hackers, or they may be federal authorities who have been authorized to take the necessary actions. All organizations are located in the UK, USA, and France, and each country has its own set of rules regarding the disclosure of financial information and personal data of individuals. Seizing or confiscating a user's assets at the request of authorized bodies with a storage system is a matter of technology.
Now, users must have complete confidence in Ledger and trust that the company has reliable software and good intentions. It is important to reject any unfounded conspiracy theories.
Why Did Ledger Launch the Recovery Service?
Based on the responses from the team representatives, it can be concluded that Ledger aims to expand its target audience by simplifying some of the mechanisms typically associated with using cryptocurrencies. In 2021, Ledger raised an additional $380 million from investors. They have invested this money in the development and launch of the new Ledger Stax wallet. However, they require more users as the existing closed key management appears too complicated for many new users.
However, satisfying critics who demand assurance that their funds cannot be compromised is no easy feat. This is precisely why a hardware wallet is necessary.
The world of cryptocurrencies can and will transform quickly. This will inevitably happen until cryptocurrency becomes a widely available technology accessible to billions of users. To this end, interfaces and tools will be simplified. Many of the usual signs of cryptocurrencies, which are understood only by a narrow layer of advanced users, will go deep underground.
Therefore, launching Ledger Recover is a risky step that can push the previous target audience of Ledger hardware wallets but can potentially expand the number of new users and popularize cryptocurrencies in the world.