[ad_1]
- Discontent mounts as Ledger’s feature sparks anger among wallet owners.
- Ledger Recover promises extra security but raises industry eyebrows.
- Security professionals and influencers have expressed concerns about the risks involved.
The past week has seen a turbulent period for crypto security, with the hardware wallet provider Arbitrage The release of an update introduced a new service known as Ledger Recover. The service is designed to provide an extra layer of security for users of hardware wallet.
However, the company’s hopes for the service appear to have been met with less enthusiasm than they expected. If you want to know more, you can read on This article Written by my colleague David Okoya.
The update sparked a huge debate in the community over concerns about a possible backdoor. I decided to dig deeper into the issue and explain exactly what the service does and where the community complaints are coming from.
Ledger offers a subscription-based cryptographic security service
Ledger Recover provides users with an extra layer of protection for their private keys. This approach includes hashing and user encryption Seed phrase into three distinct parts, which are then sent to separate external entities. The fragments are then combined and decoded to reconstruct the original metaphrase.
According to the wallet provider, Ledger Recover is an optional subscription that’s especially useful for users who want to back up their recovery secret phrase. However, users who prefer to manage their recovery phrases can still do so, as a subscription is not mandatory.
Despite the benefits of the Ledger Recover service, it has faced criticism from members of the crypto community, including security professionals. Critics of the service argue that outsourcing the storage and protection of one’s private keys to outside entities is risky.
Mudit Gupta, Chief Information Security Officer Polygon Labs, was highly critical of the idea, and strongly advised against enabling this feature. Gupta Twitter took To be clear, with the caveat that the encrypted key fragments are sent to three companies that have the ability to reconstruct users’ keys.
Oh but it is secured by ID verification!
You know what else is secured by identity verification? Mobile number transfer.
Do you know how many high profile sim break-ins happen every day? too much.
Anything secured by Identity Check is inherently insecure. It’s very easy to fake.
– Mudit__Gupta (@Mudit__Gupta) May 16, 2023
Changpeng ZhaoFounder and CEO of Binance, Join the Gupta threadexpressing his concerns by saying, “So the seed can leave the device now? Seems like a different direction from ‘Your keys never leave the device’.”
So the seed can leave the machine now?
Seems like a different trend than “your keys never leave the device”. 🤷♂️
– Czechoslovakia 🔶 Binance (cz_binance) May 16, 2023
Ledger Clarifies Concerns About Ledger Recovery
Ledger tried to provide some clarification amid the growing concerns. The team confirmed that Ledger Recovery is primarily aimed at newcomers to the world of self-booking. They intended to cater to individuals who might find managing their recovery phrase difficult independently.
“If you understand self-custodial well and can fully self-master, you don’t need Ledger Recover; if you’re someone like my mother, this product is for you. In the end, it’s your choice.” –@P3b7_
– Ledger (@ledger) May 16, 2023
Moreover, Ledger confirmed that there is no backdoor in the system. They sought to assure users that they would remain in control of their assets and information.
“Here, the important point to remember is that you remain in control… There is no backdoor, and nothing will happen without your consent to the device… In the future, the entire protocol will be open, so you will be able to check how the whole protocol works.” –@tweet
– Ledger (@ledger) May 16, 2023
on the flip side
- While concerns have been raised about the involvement of outside entities in the reconstruction process, the encryption and hashing of raw phrase fragments aims to maintain a high level of security.
- ledger Previous data leak The incident, while unfortunate, does not necessarily indicate a direct link to the security of the Ledger Recovery feature.
- The introduction of Ledger Recover provides an alternative solution for users who may prefer the convenience of a recovery service rather than relying solely on managing their recovery phrase independently.
Why should you bother
Ledger’s reputation has been called into question due to previous data leaks, and now, with the introduction of this service, concerns have been raised about the security and control users have over their private keys.
Comments from industry experts and influencers like Mudit Gupta and Changpeng Zhao further highlight the apprehension and skepticism surrounding Ledger’s latest offering.
To learn more about Ledger’s response to the uproar over its wallet redemption service, click here:
‘No Backdoor’: Ledger Responds to Wallet Recovery Service Concern
For the latest on Ripple claiming victory over the SEC in Hinman document claim, read here:
[ad_2]
Source link
