Ledger co-founder clarifies ‘there is no backdoor’ in ‘Recover’ firmware update

CoinTelegraph reported:

The launch of Ledger Recover — a  new service allowing users of the Ledger hardware wallet to back up their secret recovery phrases — was met with immense resistance from the crypto community. Ledger co-founder and ex-CEO Éric Larchevêque took the criticism against Ledger as “a total PR failure, but absolutely not a technical one.”

Ledger Recover is an over-the-air firmware update allowing users to back up their seed phrases with third-party entities. If a user opts into the new service, the recovery phrase fragments are encrypted and stored by three parties, allowing the user to recover the phrase in the future. However, the seed phrase leaving the hardware wallet did not resonate with users who considered Ledger a trustless service for storing cryptocurrencies.

Addressing the rising concerns of users worldwide, Larchevêque posted on Reddit clarifying that Ledger was never a trustless solution:

“Some amount of trust must be placed into Ledger to use their product. If you don’t trust Ledger, meaning you treat your HW manufacturer as an adversary, that can’t work at all.”

He argued that the Ledger Recover update does not impact the hardware wallet’s security model, adding:

“My mistake as a CEO during my tenure was probably not be relentless enough about explaining the security model, but at some point you just give up as people don’t care at all. Until they care again, like now.”

Larchevêque believes the only thing that changed was the general user’s perspective on trustlessness, and that the Recover code in the firmware was not malicious:

“Ledger is still safe, there is no backdoor, the Ledger Recover is not a conspiracy, no one will ever force anyone to use Recover.”

Trusting Ledger with sharding the seed phrase is just like trusting Ledger with signing a transaction, he added. Addressing a user’s recommendation about having two different firmware to eradicate “backdoor” concerns, Larchevêque said that “it wouldn’t change anything” and would be saddening for him personally.

The firmware update in question is not available for the Nano S — Ledger’s cheapest hardware wallet offering — as the chipset does not have enough memory to store the new firmware.

Related: Crypto community reacts to Ledger wallet’s secret recovery phrase service

Amid the rollout of Ledger’s controversial firmware update, competing hardware wallet provider GridPlus decided to open-source its firmware for its users.

Turning the Ledger controversy into a marketing opportunity, GridPlus announced plans to open source its device firmware in the third quarter of 2023 to deliver greater transparency.

Read more