Crypto hardware wallet provider Ledger will delay plans to launch its private key recovery service after receiving major backlash following its announcement last week.
The controversy — which raised questions about the security and reliability of Ledger devices more broadly — inspired the company to accelerate its open source roadmap.
Ledger Apologies
Ledger CEO Pascal Gauthier began by issuing a letter of public apology on Tuesday for the way Ledger’s “Recover” service was initially released to the public.
“Our unintentional miscommunication took everyone by surprise and affected our customers’ ability to accurately understand Ledger Recover,” Gauthier said. “We never meant to surprise you.”
Ledger Recover, announced last week, is an upcoming paid subscription service for Ledger Nano X users that gives them a way to recover their crypto in case they lose both their device and their paper backup seed phrase. . On a technical level, this involves splitting a user’s private key into three encrypted “shards” and storing each shard with Ledger, Coincover, and another third party.
The service was largely critical for revealing that Ledger could potentially take users’ private keys from their devices with a malicious firmware update. Concerns increased later that week when Ledger Support claims (in a now-deleted tweet) that customers have always “trusted” Ledger not to release such malicious code “whether you know it or not.”
In a podcast episode of What Bitcoin has done released on Monday, Gauthier also said Ledger custodians could be compelled to confiscate a customer’s private key shards if subpoenaed by a government.
Ledger CEO Pascal Gauthier explains that Ledger Recover would give the state the ability to recover your #Bitcoins private keys if assigned. pic.twitter.com/KWaXcgtMqr
— The ₿itcoin Therapist (@TheBTCTherapist) May 22, 2023
Ledger still plans to move forward with a “clarified version” of Ledger Recover in the future, which will address most of the “sticking points” expressed by the community.
“The main concerns you have expressed relate to transparency, resistance to censorship and security,” Gauthier said. “I think we’ve done a good job of addressing all of your concerns.”
The open source roadmap
General Ledger Technical Director Charles Guillemet detailed how the company would open up more of its software in the future as part of a commitment to maximum transparency. “Open-source” code refers to code that is publicly viewable and verifiable.
The company recently made its cryptography library open source and will soon release its Ledger Recover whitepaper, allowing anyone to “verify cryptographic protocols and create their own shard backup provider.”
Ledger plans to “gradually” open most of its operating system, but still cannot fully open its firmware due to IP agreements with the makers of its smart card chips, which fend off hostile attackers with a physical access to the device.
“Open sourcing has always been at the core of our roadmap, and recent events underscore the importance of accelerating our initiative to bring greater verifiability to everything we do at Ledger,” the CTO concluded.
Binance Free $100 (Exclusive): Use this link to sign up and receive $100 free and 10% off Binance Futures fees for the first month (terms).
PrimeXBT Special Offer: Use this link to sign up and enter code CRYPTOPOTATO50 to receive up to $7,000 on your deposits.