- The launch of Ledger’s cloud seed phrase recovery service, Ledger Recover, has backfired badly
- The company is allowing users to subscribe to a system where the wallet seed phrase is stored remotely in case of loss
- Ledger’s data breach woes and a fundamental misunderstanding of the crypto community have led to yet another PR disaster however
Hardware wallet maker Ledger yesterday managed to antagonize the entire crypto space yet again by launching a cloud-based seed backup recovery service. The French company has spent years trying to rebuild its reputation following a series of hugely damaging data breaches in 2020, and right when it seemed to have successfully moved on it has put the crypto community’s back up over its virtual Ledger Recover service, which backs up the wallet’s seed and allows it to be stored by secured third parties. For all Ledger’s protestations over the security of the system, the concept of a hardware wallet private key being backed up and looked after by someone else went down about as badly as could be expected.
Ledger’s Woes Not Forgotten
Ledger had managed to make itself the preeminent hardware wallet maker in the crypto boom years thanks to its hugely popular Ledger Nano device, but in 2020 it suffered, denied and eventually admitted to a catalogue of data breaches affecting over a million customers. This resulted in a huge backlash against the company, which forced it to go as far as disabling replies to its tweets due to the persistent accusations of mismanagement from angry customers.
The anger eventually died down enough for Ledger to re-enable replies again, and, with the launch of a new product, the Ledger Stax, the company finally seemed to be on the road to recovery.
Enter Ledger Recover. The “optional subscription” is for users who want a backup of their Secret Recovery Phrase, which is handled thus:
Ledger Recover encrypts a version of your private key and splits it into three fragments (using Shamir Secret Sharing) – all of this happens on the Secure Element chip, so your Secret Recovery Phrase is not at risk. These encrypted fragments are stored by 3 different parties on cryptographically-secure Hardware Security Modules.
The purpose of this upgrade is so that “you’ll never get locked out of your wallet”, with subscribers paying a monthly fee to Ledger to have their keys split up, encrypted and stored with third parties in case they lose their own set. The service is an optional add-on that existing users can subscribe to rather than being imposed on all users, but Ledger’s reputation, plus the concept of a seed phrase being held by a third party, drowned out the finer points of Ledger Recover and led to a blood bath:
Sure, you *could* use Ledger’s new ‘Recover’ service and give them the your private keys controlling your assets as well as a copy of your ID and other personal information…
… but why then bother with a hardware wallet in the first place? pic.twitter.com/ZI39B01gFV
— Alistair Milne (@alistairmilne) May 16, 2023
– market and sell device that keeps people’s private keys secure
– experience multiple data breaches leaking customer information
– offer service to upload private keys from secure device to a cloud based service
— hodlonaut 13%er 🌮⚡🔑 🐝 (@hodlonaut) May 16, 2023
Ledger Recover is the path forward to onboarding millions of users.
They made one fatal error though, not understanding their customers.
As a Product Manager in Web2, here are my thoughts below. pic.twitter.com/aj3PUimVz4
— Nick Ford (@CryptoWithNick) May 16, 2023
The backlash clearly came before anyone had actually sat down to read the finer points regarding Ledger Recover, key among them being that the service is opt-in and regular users can simply continue to use their Ledger devices as they currently are. The issue is that Ledger simply misread the room; it already has a terrible reputation for keeping customer data safe, so why would customers suddenly now trust it (and its contractor for Ledger Recover, Coincover) with their seed phrase of all things?
Read the Room
Ledger may have come up with a secure way of slicing up and farming out your wallet seed phrase, but they fundamentally misunderstood two things: a) this is the opposite of what hardware wallets were created to do, and so it was always going to create a backlash of this magnitude, and b) if any company is going to be the one that breaks this barrier down and gets people to trust them with their data, it isn’t Ledger.
What made things worse for Ledger was that it was, yet again, accused of hiding oppositional tweets, leaving the thread outlining Ledger Recover as a much more harmonious place than it was in reality:
Hiding replies from people again? pic.twitter.com/LVFNAmFyWK
— ZachXBT (@zachxbt) May 16, 2023
Ledger tried to put out the fire by running an AMA with its co-founder and technical staff to answer questions, which went some way to pacifying those who were worried about the security ramifications of Ledger Recover, but this wasn’t enough to sway the overriding opinions of the crypto masses.
Ledger Recover may prove popular in time, but the company once again failed to read the room and has undone much of the work it did to recover from the data breach debacle.
Time to block replies again?
