Hardware wallet company Ledger has been under fire due to a recent update it released. The claim that the private key is exposed to internet access stirred up social media, and currently, anti-Ledger statements are coming from many users. Ripple’s CTO, David Schwartz, was one of those who commented on the issue.
Schwartz Gets Involved in Ledger Events
Ripple‘s CTO, David Schwartz, shared his thoughts on the matter via tweet. The CTO first tweeted the direct statement made by Ledger regarding the Ledger Recover service. Schwartz, who posted Ledger’s statement, implied that the situation is not as it seems. In an independent post from this tweet series, the CTO interacted with Solana’s co-founder Anatoly Yakovenko. The CTO emphasized that he had previously trusted Ledger to design a device that does not have the capacity to leak the private key. Yakovenko responded by emphasizing that if he had trusted the company on this matter before, he could trust it in the same way again.
Yakovenko emphasized that Ledger will work the way Schwartz trusts it, especially when the backup feature in question is off. Although Schwartz did not make a more detailed statement about this, his Twitter posts about Ledger are quite detailed.
What is Ledger Recovery?
Alp Işık, one of the first users of Ledger, describes this new feature as follows:
Ledger is launching a new service for users who want to get rid of the stress of storing these 24 words, with its Recover service. This service is completely optional and offered for a certain monthly fee. If you use Ledger’s Recovery service, your private key is divided into three parts inside the chip inside the device and is sent to Coincover, Ledger, and an independent backup service provider in an encrypted form.
These companies cannot perform a transaction with this encrypted key separately. At least 2 companies need to verify the data at the same time. During this process, they ask you to scan your identity or passport, and at the same time, a security layer similar to FaceID is added. While using the Ledger Recovery service, the responsibility for the first 24 words you wrote on paper is still with you, if you burn that paper, you only trust the Recovery service… If you lose your 24 words, wrote them down incorrectly, they were damaged, or if you are traveling and they are not with you, you can access your cryptocurrencies in this way.
Although this is fundamentally contrary to the nature and basic function of the private key, Ledger emphasized that this feature will not be available to everyone. The reason for the reaction to this optional feature is the fear that a feature that could be applied on every device will be introduced and that this will lead to a leak.
