Ledger Recover is an over-the-air (OTA) firmware update that enables users to have their seed phrases backed up by third-party entities. However, this can be done only if they choose to opt-in to the new service. The cryptocurrency community significantly opposed the introduction of the Ledger Recovery Firmware Update. It enables users of Ledger hardware wallets to safeguard their secret recovery phrases.
Éric Larchevêque, co-founder and former CEO of Ledger, acknowledged the criticism of Ledger. However, he emphasised that it was primarily a failure in public relations rather than a technical failure.
Ledger Recover, as an OTA firmware update, permits users to entrust their seed phrases to third-party entities. This process involves encrypting and storing fragments of the recovery phrase with three different parties. Additionally, they can be used to recover the phrase in the future.
Concerns over Ledger’s trustless seed phrase service
However, users regarded Ledger as a distrustful service for storing cryptocurrencies because the concept of the seed phrase leaving the hardware wallet did not resonate with them. Further, responding to the concerns raised by users worldwide, Larchevêque addressed the issue on Reddit.
He clarified that Ledger was never intended to be a completely trustless solution.
He stated, “Some level of trust must be placed in Ledger to use their product. If you don’t trust Ledger, meaning you treat your hardware manufacturer as an adversary, that approach won’t work at all.”
Moreover, he argued that the Ledger Recover update does not compromise the hardware wallet’s security model. He admitted, “My mistake as a CEO during my tenure was probably not being persistent enough in explaining the security model. But at some point, you just give up because people don’t care at all. Until they care again, like now.”
Ledger Recovery Firmware not malicious – no backdoor concerns for users
According to Larchevêque, the only notable change that took place was a shift in how users perceive trustlessness. In addition, he strongly emphasised that the Recover code embedded in the firmware is not malicious.
The co-founder reassured users by stating, “Ledger remains secure, there is no backdoor, Ledger Recover is not part of a conspiracy, and no one will ever be compelled to utilise Recover.”
Moreover, he likened trusting Ledger with the seed phrase to trusting Ledger with signing a transaction. Larchevêque responded to the user’s suggestion of having two different firmware versions to address “backdoor” concerns, expressing personal disappointment and stating that it would not make a difference.
However, the firmware update in question is not compatible with Nano S, Ledger’s most affordable hardware wallet. This is due to limited memory on the chipset. In response to the controversy surrounding Ledger’s Recovery Firmware Update, rival hardware wallet provider GridPlus made the decision to open-source its firmware for its users.
GridPlus announced plans to make its device firmware open source in the third quarter of 2023, aiming to provide greater transparency.
Read More:
Tether’s Bitcoin (BTC) purchase strategy aims to diversify reserves
Bitcoin’s Value Slides Below $27K amid Debt Ceiling Negotiations and Regulatory Measures