May 19, 2023
Is Ledger’s New Bitcoin Key Recovery Feature Safe? Experts Have Doubts
When Ledger, a Paris-based hardware wallet-maker, announced a new key-recovery feature this week, it thought the move would be popular. Allowing users to recover their private keys – much like you can recover your password if you forget it – would help onboard customers, the company believed. Potential crypto users are known to be turned off by crypto's unforgiving self-custody ethos ("not your keys, not your coins"). But a key recovery service would offer more comfort. Immediately, the launch of "Ledger Recover" provoked criticism . Opponents say that the product isn’t compatible with the concept of a hardware wallet, which promises to ring-fence private keys from prying eyes. "For a hardware wallet to transmit the seed or shares that can reconstruct the seed over the internet fundamentally alters the security threat model of a hardware wallet," said Pavol Rusnak, co-founder of SatoshiLabs, which makes a competing hardware wallet Trezor. “In fact, this change is so significant that I'm not convinced it's a viable solution for a hardware wallet at all." The opt-in update, available for Nano X models, allows Ledger owners to use a service named Ledger Recover and share their seed phrase (a sequence of words used to recover a lost wallet) with a set of trusted custodians, namely Ledger, Coincover and EscrowTech. They will store users’ encrypted backups for a monthly fee. According to the company, this allows users to restore access to their crypto if they forget or lose their seed phrases. By using the service, they would be able to ask Ledger for help, prove their identity and get their private key restored for them. The critics worry that both the firmware update and the whole recovery setup does not look safe. Ledger insists that things are secure as ever. CoinDesk looked into how the new feature is supposed to work (as described by Ledger itself) and asked experts what the potential security concerns here may be. According to Philip Costigan, Ledger communications lead, the new feature does not mean the device itself communicates with custodians over the internet, as the Ledger wallets themselves “have no WiFi or any other internet connection capability.” To transfer encrypted parts of the seed to custodians, users need to connect their Ledger wallet to their phone with a Ledger app via Bluetooth, Costigan said. The same mechanism is used for approving transactions, when Ledger owners want to spend crypto from their wallets. Here is how Costigan explains the process: First, users verify their identity with Onfido and Tessi, the two providers Ledger employed for this task, via Ledger’s mobile app. “Ledger, Coincover and EscrowTech don't review or hold people's IDs, it's done by the technology of the two providers I mentioned above who are experts here,” Costigan said. After that, the Ledger device gets a prompt to create a backup. Then a backup is created, encrypted, divided into shards using the Shamir’s Secret Sharing technique and transferred to Ledger, Coincover and EscrowTech, Costigan said. Each custodian gets to keep one shard, which are useless on their own. “All encryption, fragmentation, and decryption of your secret recovery phrase happens on your Ledger on the secure element. So the only thing that leaves the secure element chip, and only after your consent, are the encrypted shards,” he added. Costigan also underscored that the hardware wallet itself does not store any user’s identity information on it. When a user requires a recovery, any two out of three custodians will “send fragments back to your Ledger device, reassembling them to build your private key,” the FAQ page on Ledger website says. The news of the update provoked a storm of criticism from the crypto community, with accusations that Ledger’s new offering contradicts its past statements about keeping private keys off the internet. In particular, Crypto Twitter piled on the tweet Ledger’s official account posted in November, assuring users of the safety of their devices. “How can you prove to us the customers that the private keys on the device are not leakable via a firmware update in case someone at the company wants this?” a Twitter user known as @S_Radude asked on Nov. 15, 2022. “Hi - your private keys never leave the Secure Element chip, which has never been hacked. The Secure Element is 3rd party certified, and is the same technology as used in passports and credit cards. A firmware update cannot extract the private keys from the Secure Element,” Ledger responded . Users pointed out that the new update does almost exactly what Ledger said they wouldn’t do. There is a caveat: during the recovery process, as Ledger describes it, it’s not the private key itself that is getting extracted but the seed phrase encoding it. This still sent a worrying signal to the users: what they considered safely stored in a little citadel of their hardware wallet now can leave it and travel elsewhere. What if Ledger decided to just extract and collect users’ seed phrases, without any protection? “If you can update the firmware to instruct the ‘Secure Element’ to encrypt, shard, and distribute the seed, what stops you from updating the firmware next week to just extract the unencrypted seed,” user @NewWageCrypto asked. “Technically speaking it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware whether you knew it or not,” Ledger responded on Wednesday in a tweet that has since been deleted. But the archived copy of the thread shows that the tweet, which immediately triggered a new wave of outrage, was followed by a clarification: for any update to happen, users must manually approve it. “Every firmware update requires a PIN unlock device approval, this is the final line that makes it impossible for us to extract your keys even if we had your device,” another now deleted tweet from the company said. However, the questions still linger: what does Ledger’s firmware actually can do and can users still trust their devices? Crypto developer and researcher Laurence E. Day told CoinDesk that the core of a problem here is that Ledger’s code is closed source, so nobody can review what the update is actually doing. Blockchain security expert Christopher Allen shared similar considerations on Twitter. “One of my concerns with the new Ledger Recover service is that they appear to be sharding via Shamir’s Secret Sharing, but doing so in a proprietary way and possibly in a naive fashion. We don’t know, as it is not open source,” Allen tweeted . For Day, the most worrying part of the situation is an apparent breach of trust between Ledger and its users, triggered by the contradictions in the firm’s statements. “​​I guess the thing that bugs me here is that there’s this breach of a covenant that seeds would never leave the secure element chip, even though it’s always been possible to do that through firmware (and this remains an option for other hardware wallet suppliers too),” Day told CoinDesk via direct messages in Twitter. Another issue has to do with privacy. Hardware wallets are typically viewed as a way to store your crypto anonymously, without attaching your name to it. However, users who opt in for the Recover update will have their identities linked to their crypto wallets, making the experience closer to using a centralized exchange with know-your-customer (KYC) checks. Head of content for another competitor hardware wallet maker Foundation, going by the nickname Seth For Privacy, tweeted that a setup Ledger is offering means a whole set of concerns for users, including “data leaks, hacks, and government censorship or surveillance.” “Not only can leaks or hacks occur, the sales of data on users of Ledger would be extremely valuable now and in the future, and any of the ‘authorized third parties’ could decide to leverage your data as an income stream at any moment,” he wrote. If, in the future, hackers breach Onfido or Tessi, they might get a list of Ledger users, who are likely to own large amounts of crypto (the wallet itself costs about $150 to buy), along with a wealth of their personal data, Seth added. Ledger has been breached in the past: in July 2020 , information of 272,000 users was stolen from the firm, with a series of phishing attacks on users following that breach. Law enforcement agencies, too, might use the setup to get access to Ledger users’ crypto, Day said: “The three organizations that will hold the shards are known, so they’re liable to get a visit from the feds – so you could argue that by enabling Recover you’re turning your wallet hot even if there are legal steps in between,” he said. (In crypto terms, “hot” wallets are connected to the internet, “cold” are not.) There is also a danger that, however secure the offered setup is, any system can be gamed, SatoshiLabs’ Rusnak said: “There's always the risk that someone could use generative AI technologies to impersonate me, obtain my seed shares, and ultimately reconstruct my seed.” Some commentators on Twitter also voiced concerns that while the feature is optional now, in the future, Ledger might make it obligatory for all devices, for regulatory reasons or else. Using trusted custodians is nothing new for crypto – in fact, everyone who keeps their coins on an exchange is trusting the exchange like it’s a bank. But hardware wallets embody the “be your own bank” ethos of Bitcoin: that you don’t have to trust an intermediary to keep your money safe. Read also: Air Gap? Hardware Wallet? Multisig? Bitcoin Self-Storage Means Hard Choices This means keeping the keys to your crypto on a device that only you control, preferably disconnected from the internet, to avoid the risk of hacking. But this approach requires self-discipline that might feel excessively burdensome to many people. Ledger’s new service attempts to give users some peace of mind, allowing them to recover lost crypto wallets like they would recover stolen credit cards or forgotten passwords (although in a much more sophisticated fashion). In this sense, Ledger Recover is a kind of compromise between the autonomy of cold storage and the comfort of custodial one: your crypto is on your device, but if you lose it, there is someone to restore it for you. The question is, do Ledger users want that compromise? “I get the point of why you'd want to offer Recover as a U.X. improvement to mom and pop, but it just feels like a comms screw-up: mom and pop aren't using these devices anyway,” Day said, adding that hardware wallets users are by default a more sophisticated public. Read also: Ledger Bats Back Criticism of New Wallet Recovery Service Ledger, however, believes that moms and pops might just not know they want it yet. “You’re saying this is not what customers want. Actually, this is what future customers want,” Ledger CEO Pascal Gauthier said during a Twitter Spaces session on Tuesday. “This is the way that the next hundreds of millions of people will actually onboard to crypto.” Edited by Ben Schiller.
Related Stories
Latest News
Top news around the world
Academy Awards

‘Oppenheimer’ Reigns at Oscars With Seven Wins, Including Best Picture and Director

Get the latest news about the 2024 Oscars, including nominations, winners, predictions and red carpet fashion at 96th Academy Awards

Around the World

Celebrity News

> Latest News in Media

Watch It
Millie Bobby Brown & Jake Bongiovi Celebrate “Three Years of Bliss” Ahead of Wedding
March 24, 2024
C4Ehegcq1-A
Kate Middleton & Prince William "Enormously Touched" by Public Support
March 24, 2024
s8fig-RCjFc
Gisele Bündchen Denies Cheating on Ex-Husband Tom Brady
March 23, 2024
_SpRMagA8BM
Eminem, 50 Cent & Snoop Dogg Present Dr. Dre with a Star on the Walk of Fame
March 19, 2024
4bNLs1hxVp8
Opening Remarks for the Variety Summit October 20th, 2023 Jay Penske
March 18, 2024
c6Z707iLq8E
'Everybody Was S----ing Their Pants': Nick Thune Jokes About Being Born in the '70s and Fatherhood
March 16, 2024
mm7Baf6o2d8
Gunna Says Tour Will Up Creativity in Rap, Endorses Flo Milli | TMZ
March 22, 2024
QfMU24fw-Qo
Reporter Taylor Lorenz Says Palace Botched Kate Cancer News Rollout | TMZ Live
March 22, 2024
o43ZucdiyEo
Riley Strain's Body Found After Going Missing in Nashville 2 Weeks Ago | TMZ NOW
March 22, 2024
1m1zM-4_Cs8
Kyle Richards hasn’t spoken to co-star Dorit Kemsley, denies sending her a ‘manipulative’ text
March 24, 2024
LqLZzDP1hm4
Jordan Emanuel on her connection to 'RHOSLC' star Meredith Marks, advice from Amanda Batula
March 24, 2024
5NPAwlOov1Y
Kate Middleton’s uncle Gary apologizes after slamming ‘fickle’ Meghan Markle in scathing interview
March 24, 2024
JWG9kitALZk
TV Schedule
Late Night Show
Watch the latest shows of U.S. top comedians

Sports

Latest sport results, news, videos, interviews and comments
Latest Events
20
Mar
CHAMPIONS LEAGUE: Playoffs - Women
SK Brann W - Barcelona W
20
Mar
CHAMPIONS LEAGUE: Playoffs - Women
Hacken W - PSG W
19
Mar
CHAMPIONS LEAGUE: Playoffs - Women
SL Benfica W - Lyon W
19
Mar
CHAMPIONS LEAGUE: Playoffs - Women
Ajax W - Chelsea W
17
Mar
SPAIN: La Liga
Atletico Madrid - Barcelona
17
Mar
ENGLAND: FA Cup
Manchester United - Liverpool
17
Mar
ITALY: Serie A
Inter Milan - Napoli
17
Mar
ENGLAND: Premier League
Brighton - Manchester City
17
Mar
GERMANY: Bundesliga
Borussia Dortmund - Eintracht Frankfurt
17
Mar
ENGLAND: FA Cup
Chelsea - Leicester City
17
Mar
ITALY: Serie A
Roma - Sassuolo
17
Mar
ITALY: Serie A
Verona - AC Milan
17
Mar
ITALY: Serie A
Juventus - Genoa
16
Mar
GERMANY: Bundesliga
Darmstadt - Bayern Munich
16
Mar
ENGLAND: FA Cup
Manchester City - Newcastle United
16
Mar
ENGLAND: Premier League
Fulham - Tottenham Hotspur
16
Mar
SPAIN: La Liga
Osasuna - Real Madrid
13
Mar
CHAMPIONS LEAGUE: 1/8 Final
Atletico Madrid - Inter Milan
12
Mar
CHAMPIONS LEAGUE: 1/8 Final
Barcelona - Napoli
12
Mar
CHAMPIONS LEAGUE: 1/8 Final
Arsenal - Porto
11
Mar
ENGLAND: Premier League
Chelsea - Newcastle United
10
Mar
ENGLAND: Premier League
Liverpool - Manchester City
10
Mar
SPAIN: La Liga
Real Madrid - Celta Vigo
10
Mar
ENGLAND: Premier League
Aston Villa - Tottenham Hotspur
10
Mar
ITALY: Serie A
Juventus - Atalanta
10
Mar
ITALY: Serie A
Fiorentina - Roma
10
Mar
ITALY: Serie A
AC Milan - Empoli
Find us on Instagram
at @feedimo to stay up to date with the latest.
Featured Video You Might Like
zWJ3MxW_HWA L1eLanNeZKg i1XRgbyUtOo -g9Qziqbif8 0vmRhiLHE2U JFCZUoa6MYE UfN5PCF5EUo 2PV55f3-UAg W3y9zuI_F64 -7qCxIccihU pQ9gcOoH9R8 g5MRDEXRk4k
Copyright © 2020 Feedimo. All Rights Reserved.