[ad_1]
The launch of Ledger Recover, a service that allows users of the Ledger hardware wallet to back up their secret recovery phrases, met with immense resistance from the crypto community. Ledger co-founder and ex-CEO Ăric LarchevĂȘque took the criticism against Ledger as âa total PR failure, but absolutely not a technical one.â
Ledger Recover is an OTA firmware update, which would allow users to back up their seed phrases by third-party entities. If a user chooses to opt-in to the new service, the recovery phrase fragments get encrypted and are stored by 3 different parties, which can be used to recover the phrase in the future. However, the idea of the seed phrase leaving the hardware wallet did not resonate with users that considered Ledger as a trustless service for storing cryptocurrencies.
Addressing the rising concerns of users worldwide, LarchevĂȘque posted on Reddit clarifying that Ledger was never a trustless solution:
âSome amount of trust must be placed into Ledger to use their product. If you don’t trust Ledger, meaning you treat your HW manufacturer as an adversary, that can’t work at all.â
He argued that the Ledger Recover update has no impact on the hardware walletâs security model. He added:
âMy mistake as a CEO during my tenure was probably not be relentless enough about explaining the security model, but at some point you just give up as people don’t care at all. Until they care again, like now.â
LarchevĂȘque believed that the only thing that changed is the general userâs perspective on trustlessness and that the Recover code in the firmware is not a malicious code:
âLedger is still safe, there is no backdoor, the Ledger Recover is not a conspiracy, no one will ever force anyone to use Recover.â
Trusting Ledger with sharding the seed phrase is just like trusting Ledger with signing a transaction, he added. Addressing a userâs recommendation about having two different firmware to eradicate âbackdoorâ concerns, LarchevĂȘque said that âit wouldn’t change anythingâ and would be saddening for him personally.
The firmware update in question is not available for Nano S â Ledgerâs cheapest hardware wallet offering â as the chipset does not have enough memory to store the new firmware.
Related: Crypto community reacts to Ledger walletâs secret recovery phrase service
Amid the rollout of Ledgerâs controversial firmware update, competing hardware wallet provider GridPlus decided to open-source its firmware for its users.
The most trusted name in cryptography, relied upon by the world’s governments for their highest security applications for decades, sold products backdoored by the CIA. How can we ensure this won’t happen again? Open-source software.
GridPlus will open-source its firmware in Q3. pic.twitter.com/889OnqXd20
â GridPlus (@gridplus) May 18, 2023
Turning the Ledger controversy into a marketing opportunity, GridPlus announced plans to open source its device firmware in the third quarter of 2023 to deliver greater transparency.
[ad_2]
Source link