Ledger's 'Recover' Product Draws Major Criticism From Web3
Ledger's announcement of Ledger Recover, an optional subscription service for users desiring a backup of their Secret Recovery Phrase (SRP), has drawn major criticism from web3 users since its unveiling early this morning.
🧐 Wait, What?
Ledger's Recover product is designed to create another option for users who wish to maintain a backup of their secret recovery phase in another fashion.
From the announcement:
- Ledger Recover encrypts and splits your private key into three fragments, securely stored by different parties.
- This process does not compromise your SRP as it is generated and managed on the device's Secure Element chip.
- The fragments are useless individually but can restore your SRP when combined, providing an additional layer of security for users.
- The service is optional and not automatically enabled, underscoring Ledger's commitment to user choice and self-custody.
🎤 Community Quotes
Community experts quickly spoke up, pointing to the potential issue that this feature is enabled for existing devices.
Stop using Ledger hardware wallets. Migrate away from them immediately. They've shown nothing but gross incompetence and wild misunderstanding of their own purpose. And now they've publicly & admitted to intentionally backdooring their own proprietary hardware. Stop using Ledger0xFoobar
And the hits kept coming....
- "This is secure just like how our private information was secure (until it was hacked), right?"
- "The problem is the device can send the shards over the internet, introducing potential back doors and other exploits."
Meanwhile, other community members were speaking up in defense of ledger.
This is irresponsible hyperbole. Can't help but feel bad for concerned users reading this and panicking, thanks for ruining their day. Ledger remains as safe to use today as it was yesterday. For MOST people it is the easiest hardware solution to recommendUdi Wertheimer
❗Why It Matters
A working social recovery product would offer a major benefit to novice cryptocurrency users or those who don't want the burden of "owning" their own secret recovery phrase all by themselves. However, if (a big if, but I am not equipped to speak on the technical aspects of the release) the technical concerns raised by the community are accurately depicted, Ledger is introducing a major risk to its existing hardware wallet owners, representing an even larger negative event to the space. Ledger has been championing itself as the safest way to self-custody crypto and NFTs, but for now the validity of that statement is up for debate.
🧠 Learn More