- The new ledger update is under fire as users surfaced to express their displeasure with the new functionality of the wallet.
- Éric Larchevêque the co-founder and former CEO of Ledger has admitted that Ledger’s public relations might not have been handled well but emphasized that technological inadequacies did not cause the problems
After the introduction of Ledger Recover, a novel ledger update that provides retrieval solutions for its hardware cryptocurrency wallets, the recently added feature seeks to protect customers if they lose their seed phrase. After the release, a few ledger wallet users surfaced to express their displeasure with the new functionality of the wallet.
In a tweet responding to the critics, Ledger said that it’s latest offering, “Ledger Recover,” is a voluntary subscription service that provides users with a backup of their secret recovery phrase. The product encrypts a customer’s private key and divides it into three encrypted fragments stored on hardware security modules by three parties.
They added that the hardware security modules are devices resistant to tampering and are used to secure cryptographic processes by generating and managing encryption keys. Users must undergo a thorough identity verification process to recover the seed phrase. The third-party providers will then send the encrypted fragments directly to the customer’s Ledger Nano device, as per the explanation provided by Ledger.
Additionally, Éric Larchevêque, the co-founder and former CEO of Ledger, has also responded to the criticism faced by the release of Ledger Recover from the cryptocurrency community. Larchevêque admitted that Ledger’s public relations might not have been handled well but emphasized that technological inadequacies did not cause the problems.
Larchevêque responded to increasing concerns on Reddit and clarified that Ledger was not designed to be a trustless solution. To avoid unintended consequences, he continued, users should have confidence in the hardware provider. He added that the security framework of Ledger confirmed that the recent upgrade did not change it.
The co-founder of Ledger acknowledged that, when he was in the capacity of CEO, he might not have clearly explained the company’s security procedures to clients. He highlighted that there is no backdoor and that Ledger’s security has been maintained. He recognized that although people’s worries can evolve, Ledger’s security remains constant. He further emphasized that using the Ledger Recover function is not required and is only an option.
Larchevêque compares signing a transaction with Ledger and relying on the company to provide the seed phrase. In response to a user’s suggestion that there should be two distinct firmware versions to handle backdoor issues, he rejected the idea, saying it would be ineffective.
Back door would mean that we control all ledger devices and could run automated updates for example… That's not the case. Will never be the case. Only you can use functions on your ledger. No one else can enter your pin code and press those buttons…
— Pascal Gauthier @Ledger (@_pgauthier) May 16, 2023
Pascal Gauthier, the CEO and chairman of Ledger responded to criticisms on Twitter by refuting the notion of a backdoor. He explained that a backdoor would indicate complete authority over all Ledger devices, including the capacity to execute automated updates.
He insisted that this was not and would never be the case. He continued by saying that nobody other can enter their pin code or click any buttons on their Ledger device, making it such that only they can access the functionality.