Crypto wallet producer Ledger has recently introduced a new wallet recovery service which has met with mixed reactions from the crypto community. While the company aims to offer a convenient backup solution to its users, it has raised concerns regarding privacy and security.
Unexpected statements from Ledger Support on Twitter raised eyebrows and created further concerns among users. Responding to queries about the firm’s new recovery service, the support team mentioned that it had always been possible to extract users’ keys. “Technically speaking, it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware, whether you knew it or not,” they said.
This statement, while brutally honest, sparked alarm among users, suggesting that the company could compromise asset security at any point. However, the team emphasized the role of trust in hardware wallet solutions, highlighting that users need to trust the developers to build and maintain secure devices.
The debate over Ledger’s “Recover” service revolves around the possibility of users’ assets being compromised while trying to offer additional security. The optional recovery service enables users to back up their seed recovery phrase by encrypting it in fragments with third parties. While this backup option aims to prevent irreversible loss of assets, users fear that splitting the key between third parties could instead make it more vulnerable — negating the primary purpose of a hardware wallet compared to other storage options.
Despite the concerns, Ledger argues that this service is well received by its users. The firm’s CEO, Pascal Gauthier, mentioned that the next generation of hundreds of millions of people looking to invest in cryptocurrencies prefer such backup options. Gauthier pointed out that the fear of losing assets just by misplacing a random set of words could dissuade potential investors, emphasizing the importance of alternative solutions.
In conclusion, while Ledger’s recovery service attempts to provide users with a convenient backup for their seed recovery phrases, it has sparked concerns over the potential infringement of
Source: Coindesk