The French wallet-maker Ledger has recently been under fire for its new seed-recovery service. Amidst the criticisms, the company’s CEO, Pascal Gauthier, acknowledged the concerns and revealed that they are willing to make changes to their approach. Ledger’s key recovery service allows users to keep an encrypted backup of their wallets with a set of three custodians, including Ledger itself. This announcement raised concerns about the security of the proposed service, particularly regarding potential hacks, user data leaks, and abuse of trust by Ledger.
In response to the backlash, Gauthier announced that Ledger would open-source the Ledger Recover code before launching the service. Additionally, the wallet-maker will provide an extra security feature to its Recover setup: users will be able to create a passphrase so that even if the custodians collude to recover the private key, they will still be unable to move the funds without the passphrase.
However, Gauthier admitted in an interview with CoinDesk TV that nothing is 100% trust-less for an average user. “There is always a minimum of trust that you need to have in any hardware wallet that you’re going to use. And we are trying to make the part of the operating system as the one that you have to trust as small as possible and open everything else,” he said.
The company’s decision to open-source the code comes after critics argued that it was impossible to audit Ledger’s new feature because the code is not public. However, not all of the firmware will be open-sourced; for security reasons, certain parts, including the smartcard chip in the Ledger wallet, cannot be made public, according to Ledger’s CTO, Charles Guillemet.
While Ledger does not believe that open-source is a “silver bullet for security,” the company is gradually working on open-sourcing most of its operating system. Guillemet also emphasized that regardless of whether the code is open-sourced, users still have to trust the wallet manufacturer with the safety of their crypto. Otherwise, users would have to build their devices from scratch, which is not a feasible option for the millions of users the company hopes to attract.
Another aspect of Ledger Recover that sparked controversy is its requirement for users to undergo know-your-customer (KYC) checks. This raises concerns of possible government subpoenas requesting data of Ledger Recover users, echoing the incident in 2018 in which Coinbase complied with the IRS’ request to provide data on 13,000 users. Gauthier’s response to this concern was: if you fear this scenario, don’t use Ledger Recover.
With Ledger’s willingness to adapt its approach and address user concerns, it remains to be seen how their Recover service will evolve and how successful it will be in gaining the trust of the crypto community.
Source: Coindesk