Twitter community doesn’t trust Ledger

Ledger, a company that produces hardware devices for the self-custody of cryptocurrencies, announced a few days ago the introduction of a new service that has sent the Twitter community into an uproar.

Through the new “Recover” feature, users can back up their seed-phrase and retrieve it if they lose it, helping the operations of newer users but simultaneously threatening the security of the devices and the privacy of users.

Let’s try to delve deeper into this issue and understand whether “Recover” is good or bad for the community

Ledger’s new “Recover” service

Self-custody techniques for cryptocurrencies have always raised some fear among those who have recently entered this fascinating and at the same time dangerous world.

Self-storing the private keys of the wallet in which one holds one’s cryptocurrencies has become a must, especially after the succession of scandals of centralized exchanges and third-party services that over the years have declared bankruptcy (or worse, scammed investors), leaving clients holding the bag.

However, independently safekeeping a 24-word phrase that allows those in possession of it to access and spend their virtual money is not something everyone can do, especially the forgetful or those unfamiliar with new technologies.

That’s why Ledger, a French crypto hardware wallet manufacturing company, has decided to launch a new service called “Recover” dedicated to anyone who needs to recover their private keys after losing or destroying their physical device.

In detail, Ledger Recover allows users to restore the seed phrase via a cloud backup that fragments the secret phrase into several parts and sends the encrypted components to 3 separate servers via the Shamir Shared Secret, which is a secret sharing algorithm for private information.

The 3 servers in question belong to Ledger, Coincover, and EscrowTech, companies that store users’ encrypted backups when requested and later return the seed phrase in a “fragmented” manner to the original owner.

In this way, none of the 3 intermediaries are by themselves potentially able to reconstruct the keys to access the wallet thus decreasing counterparty risk.

In order to access the service, the end user must first verify his or her identity through a procedure similar to KYC and send his or her data to Onfido and Tessi, two Ledger providers employed for this delicate activity.

The Recover function is available only for the Nano X version of Ledger, not the Nano S version, and is viable upon performing an opt-in upgrade.

Owners of Nano X devices are not required to upgrade and can continue to store their seed themselves without the help of any intermediary.

Community doubts about the security of Ledger hardware devices

Although the Recover function is undoubtedly a help for all those individuals who have failed to guard their seed-phrase and lost it, on the other hand it is very dangerous in terms of security, according to what the Twitter community has said.

Indeed, on the social media, many users have expressed their disapproval of a service that goes against the ideals of self-custody and could undermine the privacy and security of Ledger devices.

In particular, many individuals fear that there is a backdoor in the firmware (a software installed in the chips of Ledger devices) that allows the parent company, and hence potentially third parties, to access customers’ wallets at any time

In this regard Pavol Rusnak, co-founder of SatoshiLabs, which produces a competing hardware wallet (Trezor) said:

“For a hardware wallet to transmit the seed or shares that can reconstruct the seed over the internet fundamentally alters the security threat model of a hardware wallet.”

The issue became more sensitive when the official Twitter profile of Ledger support admitted that the installation of firmware could facilitate the extraction of users’ private keys, contradicting a tweet published in November last year where it was said that from the Secure Element (chip embedded in hardware wallets) it was not possible in any way to extract seed data.

The recent tweet was deleted by Ledger because according to the CTO, Charles Guillement, the communication risked being misunderstood and producing confusion among the community, but it was promptly screenshotted by a few users, such as by Olimpio Crypto.

Summarizing the debate that subsequently ensued between Ledger’s CTO and the community, it emerged that the underlying problem is that Ledger POTENTIALLY could handle malicious firmware, but all users who have trusted it up to now should not be afraid for an already existing “issue” only now.

The French wallet device company has emphasized its deep professionalism in its intentions, reminding that it is in its interest to protect its customers.

However, the trust issue remains, this flaw in firmware management having been highlighted and amplified by the company’s disastrous communication management.

It is worth recalling that in order to have a totally trustless self-custody crypto solution, that is, without trust components of any kind, it would be necessary to create one’s own device and software so that only the owner can get his hand on the code.

A certainly more pronounced problem is the fact that anyone using Ledger Recover gives the providers Onfido and Tessi their identity and that the latter, in the event of a hack or data leak, could end up in the wrong hands.

Even law enforcement agencies could in this sense get hold of the identity of those who use the Recover service and access their funds through subpoena against Ledger.

Violation of the principles of self-custody or support toward novice users?

The introduction of Ledger’s Recover function has triggered a very interesting debate about what is necessary and what is dangerous for users.

According to the French company, allowing users to retrieve their private key, something like what happens in credential retrieval on major Web 2.0 platforms, would help many individuals jump on the cryptocurrency bandwagon by embracing innovation.

On the other hand, this all poses a risk for those who decide to take advantage of this solution, with the understanding that there remains the possibility of “doing it yourself” by avoiding the collaboration of external intermediaries. 

In fact, activating the firmware that would create this “point of failure” still requires the approval of the user at the final stage, who can still refuse it and continue using the old software.

In this regard, a tweet from Ledger’s support, now deleted due to the shitstorm that was caused, said:

“Every firmware update requires a PIN unlock device approval, this is the final line that makes it impossible for us to extract your keys even if we had your device.”

While it remains the case that Ledger has come off badly in its handling of the reputational crisis, it is quite clear as of now that firmware updates are not a serious problem for users, provided they have trusted the company to date.

The real problem lies in the fact that those who choose to use Recover, in addition to choosing to place additional trust in Ledger to install an update, must compulsorily disclose their identity to two separate providers who could, in good or bad faith, lose or give away this data to other companies or government agencies.

The privacy component, which is central to the narratives of self-custodial advocates, is effectively zeroed out by this type of functionality.

At this point, the real question to ask is not whether or not to use Ledger Recover (obviously NO) since it is unquestionably better to be more diligent in the safekeeping of the seed phrase and avoid a counterparty risk, but rather whether or not it is better to use centralized wallets with decidedly more user friendly user interfaces given that the service is dedicated to those who have recently entered the cryptocurrency industry.

Why store funds on a hardware device that allows mere safekeeping when there are providers such as Binance and Coinbase that add advantages such as having several in-house marketplaces where to trade cryptocurrencies?

Then again, if one is unable to perform a simple but delicate task of safely safekeeping a 24-word phrase that gives access to one’s funds (which in itself is legitimate for newbies) why not choose to take advantage of more conveniences?

The best thing to do would be to gain experience on centralized platforms that do all the “dirty work” for you, and as you gain knowledge and expertise move to non-custodial wallets, (trusted by the manufacturers) and handle the securing of the keys to the assets within on your own.

Always remember: not your keys, not your coins

Source: https://en.cryptonomist.ch/2023/05/22/twitter-community-doesnt-trust-ledger/