- Ledger, a crypto hardware wallet company, is defending its new product, “Ledger Recover,” which offers an optional seed phrase recovery service, amid criticism suggesting it has a “backdoor” for user data.
- Critics argue that the ID verification process used in key recovery is inherently insecure and that the new service contradicts the principle of private keys never leaving the user’s device.
New Seed Phrase Recovery Solution: Ledger’s Response to Criticism
Crypto hardware wallet manufacturer, Ledger, is standing firm against detractors who suggest their new seed phrase recovery solution hints at a potential loophole for accessing user data. The firm clarifies that their latest product, “Ledger Recover,” serves as an optional subscription for users desiring a backup for their secret recovery phrase.
Ledger Recover: The Secure Backup System
Ledger Recover encrypts a user’s private key, divides it into three encrypted segments, and stores them with three distinct parties
“on hardware security modules,”
according to the company. These hardware security modules are tamper-resistant devices that safeguard cryptographic procedures by generating and managing encryption and decryption keys.
For seed phrase recovery, Ledger requires a thorough ID verification process, after which the third-party providers transmit the encrypted shards straight to the user’s Ledger Nano device. This process is at the heart of the criticism, as critics deem anything secured by ID verification as
“inherently insecure.”
Mudit Gupta, Chief Information Security Officer at Polygon (MATIC) Labs, argues that storing the split key parts with corporations and using ID verification to confirm key construction requests introduces significant security risks. These concerns were echoed by Binance’s CEO, Changpeng Zhao, who questioned the wisdom of allowing seeds to leave the user’s device.
Ledger’s Stand Against Critics
In response, Pascal Gauthier, Ledger’s CEO and Chairman, refuted the criticism on Twitter. He emphasized that a backdoor would imply Ledger’s complete control over all devices, including the ability to run automated updates – a situation that, he assured, is not the case and will never be.
Gauthier underscored the user-centric nature of Ledger devices. He clarified that only the user can activate functions on their Ledger, and no one else has the ability to enter their PIN code or press their device buttons. This response suggests Ledger’s commitment to maintaining the security of their devices while providing options for those users who desire an additional level of backup for their keys.