The recent launch of Ledger Recover, a service designed to enable users of the Ledger hardware wallet to back up their secret recovery phrases, has been met with significant pushback from the crypto community. Critics have expressed concerns about the seed phrase leaving the hardware wallet, as Ledger was once considered a trustless service for storing cryptocurrencies. However, Ledger co-founder and ex-CEO Éric Larchevêque has responded to these criticisms, stating that Ledger was never meant to be a trustless solution in the first place.
Ledger Recover offers an Over-the-Air (OTA) firmware update, allowing users to back up their seed phrases via third-party entities. If users choose to opt-in to the service, their recovery phrase fragments will be encrypted and stored by three different parties. In the future, these stored fragments can be used to recover the user’s seed phrase. However, this process has raised concerns among the crypto community about the trustworthiness of the Ledger and its essential service.
In an attempt to address these concerns, Larchevêque posted on Reddit, clarifying that trusting Ledger is a necessary part of using the product. He argued that the Ledger Recover update has no effect on the hardware wallet’s security model and added that his mistake as CEO during his tenure was most likely not explaining the security model thoroughly enough.
Larchevêque stands firm in his belief that the only aspect that has changed is users’ general perspective on trustlessness. He insists that the Recover code in the firmware is not malicious, stating that “Ledger is still safe, there is no backdoor, the Ledger Recover is not a conspiracy, no one will ever force anyone to use Recover.” Trusting Ledger with sharding the seed phrase is just like trusting Ledger when signing a transaction, he added.
When addressing a user recommendation about having two different firmware to address ‘backdoor’ concerns, Larchevêque expressed his belief that this would not change anything, and that such a move would be saddening for him personally.
Interestingly, as Ledger faces scrutiny on the rollout of this firmware update, competing hardware wallet provider GridPlus has decided to open-source its firmware for users. This move highlights the importance of trust in the crypto hardware world, as more users strive to find reliable and secure options for storing their cryptocurrencies.
The debate surrounding Ledger Recover raises the question of whether trust should be a necessary part of utilizing crypto hardware wallets. With some users showing a desire for trustlessness while others are willing to place their trust in select entities, the industry will likely witness similar discussions and debates in the future as new products and services are released.
Source: Cointelegraph