The hardware wallet company Ledger, after a rather disastrous week marked by a barrage of community criticism, postpones the launch of Ledger Recover.
Below are all the details.
What happened to the wallet company Ledger?
In a Twitter Space on 23 May, attended by more than 13,000 users, Ledger President and CEO Pascal Gauthier said it had been a “humbling experience” and a tough lesson in communication:
“This experience was very humbling. We miscommunicated at the launch of this product; it was not our intention to take people by surprise. So for that reason, we understand the direction of the community and apologize for the miscommunication.”
Ledger found itself in a public relations nightmare after revealing plans on 16 May to introduce a key recovery tool called Ledger Recover:
The firmware update would allow users who have lost their private seed phrase to retrieve it through an optional feature.
The company faced backlash from some members of the cryptographic community who believed this would add a “backdoor” for removing a user’s private keys from the device.
Ledger’s future intentions
Gauthier revealed that in response to concerns about the launch of Ledger Recover, the company would accelerate its plans to make more of its code base open source.
It will start with the core components of its operating system and Ledger Recover:
Charles Guillemet, chief technology officer of Ledger, said that in the coming days a white paper on the Recover protocol will become open source along with technical blog posts to “explain the principles of Recover” and to provide more detailed explanations of how the process works.
“It’s going to be very easy and clear for every single cryptography and security expert to have a look at the protocol to get more guarantees and understand how it works.”
Guillemet noted that this would also allow developers to create their own backup provider for seed phrase fragments rather than using the one offered by Ledger:
Ledger community discontent following the release of the latest feature
As anticipated, several members of the cryptocurrency community, including Ledger wallet owners, took to social media to express their discontent following the release of Ledger’s latest feature.
The wallet provider shared that Ledger Recover is an optional subscription for users who wish to back up their secret recovery phrase. In fact, the company had explained:
“You don’t have to use it, and you can continue to manage your recovery phrase yourself if that’s why you bought a ledger.”
However, the concept infuriated many in the cryptocurrency community, including security specialists.
In particular, Mudit Gupta, chief information security officer at Polygon Labs, shared:
Investor and podcaster Chris Dunn, referring to the Ledger data leak that exposed users’ information in 2020, also wrote:
“First, they exposed their customers’ mailing addresses, phone numbers, and email addresses. And now they’ve put a back door into the seed sentences. It’s time to say goodbye to Ledger.”