Ledger, the leading provider of hardware wallets, is mired in controversy over its recently-launched Ledger Recover feature.
The optional service allows users to recover their seed phrase – the string of words that grants access to a crypto wallet – by verifying their identities with Ledger. Initially available to residents of the European Union, the United Kingdom, Canada, and the United States, users are required to submit their passport or national identity card for verification.
The process involves encrypting the seed phrase into three fragments, which are then sent to Coincover, Ledger, and an independent backup service provider. To regain access to their wallets, users must pass ID verification, and two out of the three companies will send the fragments back to the user’s Ledger device. Once combined and decrypted, the seed phrase is revealed.
However, concerns have been raised regarding potential risks, including collusion between the companies involved, identity theft, and the creation of a system with access to users’ personal identification information akin to a traditional bank.
Community Reactions
Mudit Gupta, Polygon’s chief information security officer, called it a “horrendous idea.”
Another user said that Ledger has essentially created a bank account with extra steps, as any entity with access to users’ identity documents could potentially access people’s wallets.
“The firmware always had full access to the secret key — the Secure Element is for passive storage, the firmware retrieves the key and uses it. Glad to see a dangerous firmware update being rejected by the community,” said Emin Gün Sirer, founder and CEO of Ava Labs.
Ethereum advocate Eric Conner questioned why Ledger did not create two different firmware updates – one with the backup recovery option, and one without it.
Privacy Concerns
Privacy advocates have also voiced concerns about the exposure of private keys through Ledger’s API.
Anton Bukov, the co-founder of DEX aggregation protocol 1inch, said that Ledger is “breaking the main hardware wallet security assumption” by having an API which exposes users private keys.
The sentiment was echoed by Binance CEO Changpeng Zhao, who expressed his dismay at private keys being sent out of the hardware wallet.
The service is currently limited to Ledger’s Nano X devices, with future plans to support the Nano S Plus and Stax, while the Nano S will not be supported. Users will be limited to three monthly and ten annual access attempts.
The company defended the feature on a Twitter Space attended by its top management.
“This is the way that the next hundreds of millions of people will actually onboard to crypto,” said Ledger CEO Pascal Gauthier. “I’m sorry, but the piece of paper is a thing of the past and Ledger Recover is a thing of the future.”
Read More: thedefiant.io