Why Are Users Concerned About Ledger Recover? 

Ledgers are secure physical hardware devices that store your private keys. Recently, Ledger released their new feature ‘Ledger Recover’, which allows users to retrieve their lost private keys. However, this feature has many users and critics concerned that it opens up a potential backdoor for exploits.

Key Takeaways

• Ledgers are secure hardware devices that store the keys to your cryptocurrency assets. 

• In May 2023, Ledger announced its new feature – Ledger Recover, a backup recovery service that allows users to recover their crypto account with their ID. 

• While the service is on an opt-in basis, many users have criticized this new update as they are worried that this new update has made their data vulnerable.  

Before we take a more in-depth look at Ledger Recover and the community’s reaction, let’s start with understanding how Ledgers work.

How Ledgers Work

A Ledger is a physical hardware device that stores your private keys which access your cryptocurrency assets, also known as a cold wallet. When you make a transaction, your Ledger device signs with your private key. However, as your private key never leaves the Ledger, your keys remain secure.

Safety Features Of Ledger

Ledgers are equipped with multiple safety features to safeguard your data. When you make a transaction, you will need to input your unique PIN code that you created when you first set your Ledger up. If your PIN code is entered incorrectly 3 times, your Ledger will hard reset, preventing anyone other than you from accessing your wallet. 

Your Ledger also contains a Secure Element (SE) chip, which protects you against physical hacks. Also found in passports and credit cards, this SE chip protects you against common attacks like power glitches, laser attacks, and electromagnetic tampering.  

Your Ledger also utilizes a custom operating system – ensuring that your data does not leave your Ledger. It also isolates each application in your Ledger, so even if one of your applications has been compromised, the rest will remain secure. Ledger also uses a trusted display system that can’t be hacked via the internet. Additionally, Ledger’s team is also constantly working to update their software against any new malicious software.

What is Ledger Recover? 

On 16 May 2023, Ledger announced their new opt-in paid feature ‘Ledger Recover’ for their Nano X model. For $9.99 a month, this new feature will allow users who have lost their private seed phrase to recover their crypto account with their identity card. 

To create a backup of your private seed phrase, Ledger Nano X will duplicate, encrypt and fragment your private key into three different parts within the SE chip. The encrypted fragments will then be sent to three different custodians – Ledger, Coincover, and EscrowTech. In the case where you lose their private key, two of the three fragments will then be sent back to your Ledger to get your private key restored.

While some expressed their support for Ledger’s new feature, many expressed their skepticism and concerns about whether this new feature could compromise their Ledger device’s safety.

Potential Risks And Concerns 

News of Ledger’s new feature triggered both a wave of criticism and praise from critics and users. In this section, we will be discussing the response from both experts and the community.

Community Response

While some expressed their support for Ledger’s new feature, many flooded to Ledger’s Twitter page, expressing their skepticism about whether this feature would be safe. Many users criticized the Ledger’s new update as a negligent move, fearing that this new update could lead to a potential exploit in the future. 

They were also concerned of the possibility that malicious firmware could force the SE chip to generate a backup of the seed. Users also pointed out that Ledger’s previous promise to customers – whereby their private key never leaves the Ledger, would no longer hold true. 

Another area of concern voiced out by the community was whether Ledger Recover would be able to pull the seed phrase directly from the device without requiring users to type in their seed phrase. 

Experts’ Response

In a Youtube video, Andrea Antonopoulos, a Bitcoin advocate, and author, expressed his concerns about Ledger’s “capability to export/ exfiltrate your private key, which is embedded in the firmware of every Ledger device”. This means that even if a user does not opt-in for Ledger Recovery, the private key extraction function would still be embedded within their device, potentially rendering everyone’s Ledger vulnerable. 

Antonopoulos also shares his privacy and security concerns about the KYC procedure and jurisdiction. He points out that someone will have access to your identity card, which can be linked to your wallet. This might defeat the purpose of having a Ledger wallet anonymously. Antonopoulos also claims that as the three custodians of your encrypted fragments operate under legal frameworks, law enforcement agencies might be able to coerce them to gain access to your fragments. This may result in law enforcement being able to access and even freeze your funds should they deem it necessary. 

Solana co-founder, Anatoly Yakovenko also tweeted about Ledger Recover, claiming that this new feature does not have much effect on users as long as they trust Ledger to keep their private keys safe.

if you trusted them before not to exfiltrate your keys, you can trust them now not to do it when that feature is off. I think the attack surface is about the same.

— toly 🇺🇸 (@aeyakovenko) May 16, 2023

Ledgers’ Commitment To Safety 

Ledger prides itself on its transparency and commitment to safety. Apart from Ledger’s marketing data breach in July 2020 due to a phishing scam, Ledger has never been compromised and there have been no recorded successful hacking attacks on their devices as well.

Response From Ledger Leaders

During a Twitter Space session, Ledger’s Chairman and CEO Pascal Gauthier emphasized that their recovery service is completely optional, and other users who do not choose to opt-in will not be affected. Gauthier also defended the service, claiming that days of writing your recovery phrase on paper are over and that “Ledger Recover is a thing of the future”.

Join us today at 6:30pm CEST/12:30pm EST for an AMA about our new opt-in service, Ledger Recover.

Our CXO @iancr, CTO @P3b7_, and co-founder @btchip will be there to answer all your questions.https://t.co/DvQlF5Job5

— Ledger (@Ledger) May 16, 2023

Gauthier also released a blog post on Ledger’s website reassuring customers that “Ledger never compromises on Security” and that their security team “is committed to reviewing… the entire ecosystem” of Ledger. 

In a bid for increased transparency, Charles Guillemet, CTO at Ledger also released an ‘Open Source Roadmap’ on Twitter that will allow other developers and security experts to review the majority of Ledger’s code over time.

Ledger’s mission is, and will always be, to provide our users with the right tools to own their digital value securely.

We have decided to accelerate our open-sourcing roadmap to bring more verifiability to everything we do.

A thread 🧵 pic.twitter.com/Dv0jBCM4Ys

— Charles Guillemet (@P3b7_) May 23, 2023

As of now, Ledger has temporarily postponed the launch of Ledger Recover.

So, Is There A Backdoor In Ledger?

Nicholas Bacca, the co-founder of Ledger, insists that there is no backdoor in Ledger devices and that “nothing will happen without the user’s consent”. As mentioned, the company has also emphasized that its recovery service is completely optional and those who do not opt-in will not be affected. 

That said, for users that are concerned about Ledger Recovery and its potential exploits, there is the option of moving to other hardware wallets, like Trezor. 

Conclusion 

In the cryptocurrency space, ensuring that your keys are safeguarded is paramount. While most in the space generally regard Ledger as safe to use, many experts and users have expressed their concerns regarding its safety. As with any updates or changes to systems, Ledger Recover will need to be further assessed for any potential exploits as there is still limited information available right now.

For now, as the Ledger Recover program seems to be on an opt-in basis and has been put on pause indefinitely, there is generally no cause for alarm for casual crypto investors. For seasoned investors who are dealing with large sums of money, some might choose to turn to other hardware wallets like Trezor or SafePal for an additional layer of security when the Ledger Recover program eventually rolls out.