‘There Is No Backdoor,’ Ledger Says in Response to Recover Reactions

Ledger released a new update, Ledger Recover, which includes ID verification

article-image

Andriy R/Shutterstock modified by Blockworks

share

Ledger’s newest Nano X update allows users to subscribe to a recovery tool that encrypts the users’ seed phrase and sends it to different custodians to reconstruct the seed after going through ID verification. 

However, Ledger customers are less than pleased by the news. 

Mudit Gupta, Polygon Labs’ chief information security officer, warned users not to enable the feature, calling it a “horrendous idea.”

Though Gupta did not take issue with the breakup of the key — he praised it, stating that “I may or may not be doing that personally as well.”

Gupta’s concern stems from the ID verification and the key access given to the contacts who are chosen by a user to store key parts, as it could open a door for identity theft.

Loading Tweet..

Gupta wasn’t the only person concerned about the update. 

Loading Tweet..
Loading Tweet..

In a video on Twitter, Ledger Chief Technology Officer Charles Guillemet said that “there is no backdoor for anyone, neither us, a provider or even a very gifted hacker to access it.”

“Back door would mean that we control all ledger devices and could run automated updates for example…That’s not the case. Will never be the case. Only you can use functions on your Ledger. No one else can enter your pin code and press those buttons,” CEO Pascal Gauthier also said.

The Recover feature is an opt-in subscription and is not enabled by default.

“Ledger Recover is an optional subscription for users who want a backup of their Secret Recovery Phrase. You don’t have to use it, and can continue managing your recovery phrase yourself if that’s why you bought a Ledger,” Ledger tweeted. 

Loading Tweet..

“The device sends encrypted shards of your seed to different companies if you decide to use the service. You can of course still choose to [back it up] yourself,” Ledger’s co-founder said on Reddit.

Ledger claims that “self-custody remains and will always be at the core principle of Ledger.” 

Loading Tweet..

Wired, in February, clarified that the three recovery custodians would be Ledger, Coincover – a crypto custody firm – and EscrowTech – a code escrow company.

The concern around Ledger’s update comes a few years after the company was targeted by a cyberattack in the summer of 2020 which led to personal information of 270,000 customers being leaked. 

In response to the announcement, some Twitter users suggested that Ledger make Ledger Recover a totally separate product. 

Loading Tweet..

Ledger did not immediately respond to a request for comment.


Get the day’s top crypto news and insights delivered to your email every evening. Subscribe to Blockworks’ free newsletter now.


Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from Blockworks Research’s Daily Debrief.


Can’t wait? Get our news the fastest way possible. Join us on Telegram and follow us on Google News.


Tags

upcoming event

MON - WED, MARCH 18 - 20, 2024

Digital Asset Summit (DAS) is returning March 2024. This year’s event will be held in our nation’s capital, where industry leaders, policymakers, and institutional experts will come together to discuss the latest developments and challenges in the ever-evolving world of cryptocurrency. […]

upcoming event

MON - WED, SEPT. 11 - 13, 2023

2022 was a meme.Skeptics danced, believers believed.Eventually, newcomers turned away, drained of liquidity and hope.Now, the tide is shifting and it’s time to rebuild. Permissionless II is the brainchild of Blockworks and Bankless. It’s not just a conference, but a call […]

recent research

Sequencers: The Key to The Rollup Investment Thesis

Research

Sequencers are one of the most explicit mechanisms in crypto for creating sustainable DAO-controlled revenue.

/

article-image

The SEC takes on the two biggest players in crypto within 24 hours

article-image

The SEC just sued Binance over alleged securities violations — now, the agency is coming for top US crypto exchange Coinbase

article-image

Binance’s ability to handle large outflows is once again tested as the market reckons with a fresh set of SEC allegations

article-image

Cboe Digital has CFTC permission to provide clearing services for margin trade on crypto futures at a time when regulators are closing in

article-image

The former part owner of the Minnesota Vikings misled a number of banks to process hundreds of millions of dollars of illicit crypto transactions

article-image

“We do not want to be regulated ever,” the SEC quotes an unnamed Binance CCO in lawsuit