Crypto’s flagship cold storage tool, Ledger, is taking heat from the crypto community this week following a Reddit post from a Ledger co-founder that suggested that external companies could have exposure to user seed phrases on an opt-in basis. The situation is far from ‘cut and dry’ and has led to substantial dialogue throughout crypto communities around the degree of security that Ledger owes it’s users.
Let’s take a look at both angles of the argument.
Ledger Lunacy: Where It All Started
The genesis of this started with a new firmware update over the past day, leading to quick question marks about the implications from the udpate. A Reddit post on subreddit r/ledgerwallet late on Monday / early on Tuesday this week is what set it all off, courtesy of a thread titled “Is there a backdoor? Yes or No.”
The Reddit poster asked in the body of the post:
An official answet from ledger would be very much appreciated. Also because the alternative (typing the three parts of the seed for the three custodians) goes against the number one rule of never typing your seed in a connected device. This silence on how this “recovery” works is the worst response. Customers appreciate transparency.
The post opened the floodgates to speculation, and responses from Ledger co-founder Nicolas Bacca (u/BTChip) didn’t field encouragement for Ledger users. Bacca provided several responses to user concerns throughout the thread, including this reply on the thread itself:
There’s no backdoor and I obviously can’t prove it (because it’s not possible to prove a negative) – let’s just say that you’re already using the device agreeing with the fact that Ledger cannot update the firmware without your consent – it’s the same mechanism for Recover, which is locked behind ownership of your device, knowledge of your pin, and finally your consent on device.
There’ll be more information published shortly describing how the service works – the tldr is that no single company knows your seed if you decide to use it. If you don’t want to use it there’s no consequence whatsoever in your previous experience of the device.
In all, users are seemingly left still trying to answer one dying question: Can a Ledger device expose a seed phrase?
The Big Picture: Back & Forth Dialogue
While the meltdown continued on Reddit, parlayed with new subreddit threads on the ‘hot’ page like “consider moving to a different cold wallet,” “How to kill your business,” and many more, Crypto Twitter also took hold of the situation. Resident Crypto Twitter dev Foobar amplified the situation further:
Stop using Ledger hardware wallets. Migrate away from them immediately. They’ve shown nothing but gross incompetence and wild misunderstanding of their own purpose. And now they’ve publicly admitted to intentionally backdooring their own proprietary hardware. Stop using Ledger pic.twitter.com/LLFFUsOW4y
— foobar (@0xfoobar) May 16, 2023
Not all were in agreement though, as another noteworthy dev, Udi Wertheimer, posted his disagreement. Wertheimer replied that the post was “irresponsible hyperbole” and that “Ledger remains as safe to use today as it was yesterday. For MOST people it is the easiest hardware solution to recommend.”
In all, it is right and to-be-expected in the crypto community that firms like Ledger face immense scrutiny: the integrity of the industry has a meaningful degree at stake over the security and integrity of the largest cold storage provide in the business. While it is likely that some community members are losing their head too quickly, Ledger will likely continue to face pressures to increase transparency around the degrees of access to wallet keys.