Ledger has come under stinging criticism from its community over its latest seed phrase recovery idea, with members taking to social media to voice their disapproval.
Ledger has pushed back against the criticism, stating that there are several inaccuracies.
Ledger’s New Seed Phrase Recovery ServiceLedger’s new seed phrase recovery service is called Ledger Recover and offers users added safeguards in case they misplace their seed phrase. The service was released in Ledger’s latest firmware wallet and is a subscription service that gives users an additional layer of protection for their private keys. Ledger Recover uses a technique that divides a user’s seed phrase into three encrypted fragments that are trusted with three custodians, namely Ledger, Coinover, and a third entity. A Ledger spokesperson elaborated on the same, stating,
“Each fragment is stored by the parties on hardware security modules (HSMs) which are essentially super-powered Ledgers. It’s what we use for Ledger Enterprise. Each fragment is useless on its own and can only be decrypted on a Ledger. They are completely safe.”
Users can reconstruct the original see phrase once the separate fragments are combined and decrypted. The company also stated that the service is optional and that Ledger users don’t have to use the service should they not wish to.
“You don’t have to use it and can continue managing your recovery phrase yourself if that’s why you bought a Ledger.”
So Where Is The Problem?While Ledger seems excited about the new update, the community reaction has been quite the opposite. This is because to use the service, users have to provide a national identity card or passport to use the service, and the users’ seed phrase would have to be trusted with “external custodians.” Several prominent crypto community members and Ledger wallet owners have taken to social media to criticize Ledger for what some users called a “disaster waiting to happen.” One Reddit user explained,
“This is a disaster waiting to happen. I can’t actually believe what I’m reading; this seems absolutely crazy for a hardware wallet provider to encourage you to back up your seed phrase online AND give them your Passport/ID—especially one that has previously suffered a data breach!”
Ledger suffered a serious data leak in 2020, which exposed the phone numbers and physical addresses of over 300,000 customers. The breach also included the email addresses of over a million users. Others, such as investor Chris Dunn and crypto investor DCinvestor also referenced the infamous data leak while criticizing Ledger’s new Seed Phrase Recovery Service. Dunn stated,
“First, they exposed mailing addresses, phone numbers, and email addresses of their customers… And now they’ve put a back door into seed phrases. It’s time to say goodbye to @Ledger.”
DCinvestor also did not hold back, stating,
“Reminder that several years ago, Ledger leaked the name and home addresses for all of their customers via a data breach. [T]he absolute last thing you want on their servers is your private key.”
Polygon chief information security officer Mudit Gupta called it a horrendous idea and urged Ledger to refrain from enabling the new feature. In a Twitter thread, Gupta explained that the encrypted keys would be sent to three corporations that could reconstruct the private keys, leading to major security issues. Binance CEO Changpeng Zhao replied to Gupta, adding,
“So the seed can leave the device now? Sounds like a different direction than “your keys never leave the device.”
Tech lead triager at ImmuneFi, Adrian Hetman, called the new feature a bad security posture, stating,
“Exposing your seed phrase and then allowing anyone with your ID or Passport to regain access to the locked funds is a bad security posture. ID theft is common, and that would expose crypto users to a new form of attack.”
Ledger Pushes Back Against CriticismLedger has pushed back against the barrage of criticism against its new service, stating that there were “lots of inaccuracies” in the criticism it was facing and that there was no backdoor or security vulnerability. In response to Hetman, Ledger stated that the government ID is only one part of a complete process and does not pose a security risk.
“We also have full liveness detection, where you use your camera, and it gives you randomized prompts that can’t be faked or pre-recorded. This is reviewed by technology and also by humans to ensure a match before the recovery process is initiated. So, someone stealing your ID will not be able to recover your [Secret Recovery Phrase] SRP.”
Ledger called the new service a highly secure service that its Donjon team had tested. The Donjon team had previously detected breaches in a number of wallets, including TrustWallet.
“If you want more peace of mind or find recovery phrase management a barrier, you now have a highly secure service, tested by our Donjon team, which exposed breaches in TrustWallet and many other wallets, both software and hardware.”
The company also added that the new service is optional and that if a user does not wish to use it, they can choose not to enable it. It added that those wishing to use the service would have to initiate an approval process that uses the secure display of their Ledger wallet.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.