Ledger Continues to Defend Recovery System, Says It’s Always ‘Technically’ Possible to Extract Users’ Keys
Crypto wallet maker Ledger dug itself into a deeper public relations hole on Wednesday when its support team said on Twitter that “it is and always has been possible” for the firm to extract its users’ keys.
While answering queries about the firm’s new wallet recovery service, Ledger Support sent a couple of bizarre tweets which would have done little to assuage its users’ concerns, suggesting that it could make its customers’ assets vulnerable in any way it wanted to, but has (thus far) not done so.
“Technically speaking it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware whether you knew it or not,” it said.
“It’s important to understand that at the end of the day, any hardware wallet solution a user chooses to go with will always require that person to trust this developer to build and maintain a secure device to store your assets.”
Ledger’s “Recover” service was met with consternation from the crypto community earlier this week on grounds that it undermines the firm’s brief of privacy and security. The optional recovery service would allow users to backup their seed recovery phrase (a random string of words) through encrypting it in fragments with third parties.
Users fear that splitting the key between third parties could leave it vulnerable, effectively negating the main purpose of a hardware wallet against other storage options.
Ledger has argued that this sort of backup option is in fact popular as the possibility of assets becoming irrecoverable simply by mislaying a random set of words could prove a deterrent to investing in crypto.
“This is what future customers want,” CEO Pascal Gauthier said during a Twitter Space. “This is the way that the next hundreds of millions of people will actually onboard to crypto.”
Edited by Parikshit Mishra.
DISCLOSURE
Please note that our
privacy policy,
terms of use,
cookies,
and
do not sell my personal information
has been updated
.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a
strict set of editorial policies.
CoinDesk is an independent operating subsidiary of
Digital Currency Group,
which invests in
cryptocurrencies
and blockchain
startups.
As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of
stock appreciation rights,
which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG
.
Jamie Crawley is a CoinDesk news reporter based in London.
Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.
Jamie Crawley is a CoinDesk news reporter based in London.