Ledger Continues to Defend Recovery System, Says It’s Always ‘Technically’ Possible to Extract Users’ Keys
Crypto wallet maker Ledger dug itself into a deeper public relations hole on Wednesday when its support team said on Twitter that «it is and always has been possible» for the firm to extract its users’ keys.
While answering queries about the firm’s new wallet recovery service, Ledger Support sent a couple of bizarre tweets which would have done little to assuage its users’ concerns, suggesting that it could make its customers’ assets vulnerable in any way it wanted to, but has (thus far) not done so.
«Technically speaking it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware whether you knew it or not,» it said.
«It’s important to understand that at the end of the day, any hardware wallet solution a user chooses to go with will always require that person to trust this developer to build and maintain a secure device to store your assets.»
Ledger’s «Recover» service was met with consternation from the crypto community earlier this week on grounds that it undermines the firm’s brief of privacy and security. The optional recovery service would allow users to backup their seed recovery phrase (a random string of words) through encrypting it in fragments with third parties.
Users fear that splitting the key between third parties could leave it vulnerable, effectively negating the main purpose of a hardware wallet against other storage options.
Ledger has argued that this sort of backup option is in fact popular as the possibility of assets becoming irrecoverable simply by mislaying a random set of words could prove a deterrent to investing in crypto.
«This is what future customers want,” CEO Pascal Gauthier said during a Twitter Space. “This is the way that the next hundreds of millions of people will actually onboard to crypto.”
Read More: Crypto Hardware Wallet Maker Ledger Raises Most of $109M Round: Bloomberg