Despite the impressive security measures employed by Ledger, the recent announcement of their new product, Ledger Recover, stirred controversy within the community. The backlash prompted Ledger to halt the rollout of Ledger Recovery.
But what exactly is Ledger Recovery, and why should you pay attention to it? Let’s dive into the details to understand this product’s implications and potential impact.
What is Ledger Recover?
Ledger Recover is an innovative ID-based key recovery service introduced by Ledger. Its primary function is to serve as a backup for your Secret Recovery Phrase. In the event that you lose or cannot access your Secret Recovery Phrase, Ledger Recover enables you to securely restore your private keys using a Ledger device.
Ledger highlights that Ledger Recover is particularly beneficial for individuals new to the world of cryptocurrencies and may find it challenging to back up and safeguard their Secret Recovery Phrase appropriately. It also provides an extra backup layer for those wishing to store their Recovery Phrase in another location.
Currently, Ledger Recover is only compatible with the Nano X. However, Ledger plans to expand its compatibility to include the Nano S Plus and Ledger Stax soon. On a side note, the service is incompatible with the Nano S as the device doesn’t have the storage needed for the update.
It’s essential to note that Ledger Recover is an optional feature and is not activated by default. If you opt not to use Ledger Recover, you can continue to secure your 24-word recovery phrase and continue using your Ledger as you have been doing.
To activate the service, you must subscribe through two Ledger partners and create accounts with them. Once you have signed up, Ledger initiates the cryptographic process and prompts you to confirm your agreement on your Ledger device. As a subscription-based service, Ledger Recover costs $10 per month. To utilize the service, you must also undergo a KYC (Know Your Customer) process, providing an ID document and a recorded selfie for verification purposes.
If the user does not pay the subscription within seven days, restoring private keys using Ledger Recover becomes inaccessible. Failure to resolve the payment within three months results in the suspension of the subscription. Following the suspension, there is a 9-month window to reactivate the subscription by contacting Ledger Recover Support and paying a fee and any outstanding balance.
How To Use Ledger Recover?
The utilization of Ledger Recover involves a series of well-defined steps. First, Ledger verifies your identity by evaluating your submitted ID document and a recorded selfie. Once your identity is confirmed, your Ledger device duplicates your Secret Recovery Phrase and encrypts this duplicate. This encrypted duplicate serves as the backup for your Secret Recovery Phrase.
The next stage involves linking the backup to your verified identity and fragmenting it into three fragments. Ledger, Coincover, and Escrowtech independently secure these encrypted fragments, each utilizing robust security measures.
Essentially, accessing your wallet with Ledger Recover is a seamless process. All you need is your ID, your current Ledger Nano X, or a new device. The recovery process can only be initiated by you, ensuring an additional layer of security through double ID verification. Moreover, the service relies on reputable companies equipped with industry-leading encryption and ID verification technology, guaranteeing a secure and reliable user experience.
Is Ledger Recover Safe?
Using Ledger Recover comes with several significant risks that users should be aware of. These risks include:
- Phishing: Phishing attacks pose a persistent risk, and opting for Ledger Recover may increase vulnerability to such attacks. Never entering private keys on third-party websites is crucial to avoid falling victim to scams and potential loss of funds.
- Counterparty risk: Delegating the security of private keys introduces inherent counterparty risks. Previously, users were solely responsible for their key protection, but with Ledger Recover, three entities share the security responsibility. It means that any data leaks, hacks, government interventions, bugs, or other incidents affecting these entities could put users’ assets at risk.
- Government intervention risk: Utilizing Ledger Recover requires complying with a KYC policy, which involves sharing personal identity information. It potentially makes users more susceptible to government scrutiny and targeted interventions. In the event of a government request, Ledger and other platforms with strict KYC policies will provide user information, increasing the potential for government control over assets.
- Backdoor risk: The Ledger firmware’s source code is not open-source, leaving users reliant on trust regarding the integrity of the hardware wallet. While other hardware wallets like Trezor have open-source firmware, Ledger’s closed-source approach raises concerns about the possibility of backdoors. However, Ledger’s CTO has denied such allegations, emphasizing the company’s commitment to security. The Secure Element chip and paper backup provide secure storage for the seed phrase. If users opt for Ledger Recover, an additional backup is created by fragmenting the private key into three encrypted parts stored with different parties. Nonetheless, rumors about the potential recombination of these encrypted parts to restore the private key persist.
It’s worth noting that Ledger offers an additional layer of protection by partnering with Coincover, which may provide compensation of up to US$50,000 in the unlikely event of a mishap, subject to investigation. Users should carefully evaluate these risks and consider their personal security preferences before utilizing Ledger Recover.
The recent situation involving Ledger Recover brings to mind the Google Authenticator controversy that unfolded a few months back. At the end of April 2023, Google announced the synchronization of single-use codes with Google accounts, which drew mixed reactions from the community. Some believed cloud synchronization could compromise security, while others saw it as a convenient feature for mainstream users seeking additional safeguards.
It is essential to understand the perspective of the wider audience and not dwell excessively on the buzz generated by a vocal minority. The controversy surrounding Google Authenticator’s cloud sync feature was unnecessary since it was optional. Users had the choice to activate or ignore it based on their preferences. There was no need for long arguments. For those unsatisfied with Google Authenticator, alternative 2FA solutions, such as physical security keys, are available.
The introduction of the Ledger Recover sparked a similar reaction within the cryptocurrency community. Crypto Twitter is full of outrage and dissatisfaction towards Ledger Recover.
Sure, you *could* use Ledger's new 'Recover' service and give them the your private keys controlling your assets as well as a copy of your ID and other personal information…— Alistair Milne (@alistairmilne) May 16, 2023
… but why then bother with a hardware wallet in the first place? pic.twitter.com/ZI39B01gFV
Many individuals using cold wallets prefer to keep their private keys confidential, even from the company that sold them the wallet. They are concerned that this service enables Ledger to access their private keys, contradicting the company’s previous assurance that they would not do so.
Oh but it is secured by ID verification!— Mudit Gupta (@Mudit__Gupta) May 16, 2023
You know what else is secured by ID verification? Mobile number porting.
Do you know how many high profile sim jacking cases happen every day? Too many.
Anything secured by "ID verification" is inherently insecure. Too easy to fake.
Ledger refuted these claims, stating that customers can create an encrypted backup of their private keys, which is further fragmented and encrypted. The private key can only be decrypted and reconstructed on Ledger’s secure element chip, just as it was initially encrypted and fragmented. According to Ledger, they cannot and do not access users’ private keys.
We're answering top questions we've received about our new product Ledger Recover.— Ledger Support (@Ledger_Support) May 17, 2023
When I download the latest firmware update for my LNX, am I opening the possibility for Ledger to extract my Secret Recovery Phrase?
However, people are still unhappy about the requirement for users, particularly those who value anonymity, to share their identities through a KYC process.
Ledger co-founder just admitted that a government could subpoena them and get access to your funds..— borovik.eth (@3orovik) May 20, 2023
WTF LEDGER!!! pic.twitter.com/8P4i9Hg45c
Furthermore, some customers are hesitant to trust Ledger or any crypto company with their personal information, especially considering that Ledger had a data breach in 2020, resulting in the leakage of customers’ contact details. This history of security concerns adds to the skepticism surrounding the new feature.
First they exposed mailing address, phone numbers, and email addresses of their customers…— Chris Dunn (@ChrisDunnTV) May 16, 2023
And now they’ve put a back door into seed phrases.
It’s time to say goodbye to @Ledger ✌️ https://t.co/FsZw1jUt6h
So, why is Ledger introducing this feature? The company has raised significant funding from investors, totaling over ~$575 million, and aims to attract more users. Ledger believes that the existing private key management solutions are not accessible to everyone. Well, they are right.
However, the launch of Ledger Recover on previously released devices raises concerns about alienating their existing user base. In response to the intense criticism, Ledger has postponed the launch of Ledger Recover. In a Twitter Spaces session with over 13,000 participants, Ledger’s chairman and CEO, Pascal Gauthier, acknowledged the experience as humbling and a lesson in communication.
Gauthier announced that Ledger would accelerate its plans to open-source more of its codebase, starting with core components of its operating system and Ledger Recover.
Additionally, Charles Guillemet, the chief technology officer of Ledger, stated that they would release a white paper on the Recover Protocol as open source, along with technical blog posts explaining the principles of Recover and providing more detailed explanations of the process.
Ledger’s mission is, and will always be, to provide our users with the right tools to own their digital value securely.— Charles Guillemet (@P3b7_) May 23, 2023
We have decided to accelerate our open-sourcing roadmap to bring more verifiability to everything we do.
A thread 🧵 pic.twitter.com/Dv0jBCM4Ys
This move towards openness would enable developers to create their backup providers for the seed phrase shards instead of relying solely on Ledger’s solution.
Conclusion: What You Should Do!
To summarize, Ledger Recover is an optional subscription-based service that offers an ID-based key recovery solution for your Secret Recovery Phrase. It securely splits and stores your private key with three different entities.
While everyone may not welcome Ledger’s decision to introduce this service, it aligns with the direction the company has chosen since its inception. If you are dissatisfied with these changes, you have the freedom to explore alternative options and discontinue the use of Ledger products. Alternatively, you can opt out of the Ledger Recover feature and continue securing your 24-word phrase independently like before.
Ultimately, the choice is yours, and the key is understanding the options available to you to make informed decisions and retain control. It aligns with the essence of the Bitcoin revolution, which aims to empower individuals by giving them autonomy and control over their financial assets.
Check out more articles by Shuab here!