{"id":102291,"date":"2023-05-31T21:00:44","date_gmt":"2023-05-31T21:00:44","guid":{"rendered":"https:\/\/dripp.zone\/news\/index.php\/2023\/05\/31\/ledgers-new-wallet-recovery-feature-sparks-community-backlash-crypto-news\/"},"modified":"2023-05-31T21:00:45","modified_gmt":"2023-05-31T21:00:45","slug":"ledgers-new-wallet-recovery-feature-sparks-community-backlash-crypto-news","status":"publish","type":"post","link":"https:\/\/dripp.zone\/news\/ledgers-new-wallet-recovery-feature-sparks-community-backlash-crypto-news\/","title":{"rendered":"Ledger’s New Wallet Recovery Feature Sparks Community Backlash\n – Crypto News"},"content":{"rendered":"

<\/p>\n

\n

Ledger, the leading provider of hardware wallets, is mired in controversy over its recently-launched Ledger Recover feature. <\/p>\n

The optional service allows users to recover their seed phrase \u2013 the string of words that grants access to a crypto wallet \u2013 by verifying their identities with the Ledger. Initially available to residents of the European Union, the United Kingdom, Canada, and the United States, users are required to submit their passport or national identity card for verification.<\/p>\n

The process involves encrypting the seed phrase into three fragments, which are then sent to Coincover, Ledger, and an independent backup service provider. To regain access to their wallets, users must pass ID verification, and two out of the three companies will send the fragments back to the user’s Ledger device. Once combined and decrypted, the seed phrase is revealed.<\/p>\n

However, concerns have been raised regarding potential risks, including collusion between the companies involved, identity theft, and the creation of a system with access to users’ personal identification information akin to a traditional bank.<\/p>\n

Community Reactions<\/h4>\n

Mudit Gupta, Polygon’s chief information security officer, called it a “horrible idea”<\/a>,<\/p>\n

Another user said that Ledger has essentially created a bank account<\/a> With extra steps, as any entity with access to users’ identity documents could potentially access people’s wallets.<\/p>\n

“The firmware always had full access to the secret key — the Secure Element is for passive storage, the firmware retrieves the key and uses it. Glad to see a dangerous firmware update being rejected by the community,” said Emin Gun Sirer<\/a>founder and CEO of Ava Labs.<\/p>\n

Ethereum advocate Eric Conner questioned<\/a> why Ledger did not create two different firmware updates \u2013 one with the backup recovery option, and one without it.<\/p>\n

Privacy Concerns<\/h4>\n

Privacy advocates have also voiced concerns about the exposure of private keys through Ledger’s API.<\/p>\n

Anton Bukov, the co-founder of DEX aggregation protocol 1inch, said<\/a> that Ledger is “breaking the main hardware wallet security assumption” by having an API which exposes users private keys.<\/p>\n

The sentiment was echoed by Binance CEO Changpeng Zhao, who expressed<\/a> his dismay at private keys being sent out of the hardware wallet.<\/p>\n

The service is currently limited to Ledger’s Nano X devices, with future plans to support the Nano S Plus and Stax, while the Nano S will not be supported. Users will be limited to three monthly and ten annual access attempts.<\/p>\n

The company defended the feature on a Twitter Space attended by its top management.<\/p>\n

\u201cThis is the way that the next hundreds of millions of people will actually onboard crypto,\u201d said Ledger CEO Pascal Gauthier. \u201cI’m sorry, but the piece of paper is a thing of the past and Ledger Recover is a thing of the future.\u201d<\/p>\n<\/div>\n