In an announcement on Tuesday, crypto hardware wallet manufacturer Ledger unveiled a new product – Ledger Recover – that will allow users to recover their secret phrase to access their crypto assets in the event that it is lost.
Ledger Recover is an optional subscription for users who want a backup of their Secret Recovery Phrase. You don’t have to use it, and can continue managing your recovery phrase yourself if that’s why you bought a Ledger.
— Ledger (@Ledger) May 16, 2023
The ID-based recovery service works by linking the user’s seed phrase to their passport or national identity card to confirm their identity. Then, an encrypted version of the user’s private keys would be split into three fragments and stored by three different parties on cryptographically secure Hardware Security Modules.
Ledger stressed that the service was optional and would not be automatically enabled by firmware updates. Despite the fact that more than $545 million in Bitcoin was estimated to be lost in 2022 due to misplaced passwords and seed phrase mistakes, the soon-to-be-launched feature drew sharp criticism from industry proponents.
“it’s opt-in, you don’t have to use it”
this is misdirection. a hardware wallet should have a secure enclave where the private key never leaves the device, under any circumstances
they’ve opened APIs for the enclave to send encrypted key shards to 3rd parties on the Internet
— foobar (@0xfoobar) May 16, 2023
Critics alleged that the service was a so-called “backdoor” into seed phrases, with some saying it was only a matter of time before it is exploited by a malicious third party.
“This is a disaster waiting to happen…this seems absolutely crazy for a hardware wallet provider to encourage you to backup your seed phrase online AND give them your Passport/ID – especially one that has previously suffered a data breach!” said one user on Reddit.
Still, the Ledger team insists that the feature does not, in fact, compromise security. Ledger co-founder Nicolas Bacca addressed the concerns and backlash in a Twitter Space later that day.
“This is not a backdoor at all, because nothing will happen without your consent on your device,” he said.