The crypto community is currently divided over Ledger’s latest seed phrase recovery feature. Several members, including Ledger wallet owners and specialists, have taken to social media to criticize the recently introduced Ledger Recover service, claiming it undermines the fundamental security principles that hardware wallets ought to maintain.
Ledger Recover is a subscription service that provides an additional layer of protection for users’ private keys. It employs a technique that divides the user’s seed phrase into three encrypted fragments, which are then sent to different external entities. When combined and decrypted, these fragments can be used to reconstruct the original seed phrase.
While this new service is intended as an optional backup for users who want to secure their secret recovery phrase, it has sparked backlash from various security specialists. Mudit Gupta, the chief information security officer at Polygon Labs, called it a “horrendous idea,” citing the fact that encrypted key parts are sent to three corporations capable of reconstructing the users’ keys.
Similarly, Changpeng Zhao, Founder and CEO of Binance, expressed concerns about the shift in philosophy, from ensuring that “your keys never leave the device” to allowing the seed phrase to travel outside the hardware wallet.
Critics are also quick to remind people of Ledger’s past security breach, where mailing addresses, phone numbers, and email addresses of their customers were exposed. Bitcoin investor and podcaster Chris Dunn even argues that this new service may be a back door into seed phrases and recommends saying goodbye to Ledger.
Despite these concerns, the Ledger Recover service does have its supporters who appreciate the added security layer. In addition, the company has recently launched the Ledger Nano S Plus, a specialized wallet tailored for nonfungible tokens (NFTs), and integrated “clear signing” technology through Ledger Live to further bolster user security measures.
In the end, the disagreement boils down to trust in external entities and whether self-custody through hardware wallets should anchor on the principles of complete privacy and ownership. While Ledger may argue that their service is optional, the very existence of this feature raises questions about the future of hardware wallets and their role in securing crypto-assets.
Source: Cointelegraph