Ledger Continues to Defend Recovery System, Says It's Always 'Technically' Possible to Extract Users' Keys
"Technically speaking it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware whether you knew it or not," Ledger said earlier on a now-deleted tweet.
Crypto wallet maker Ledger dug itself into a deeper public relations hole on Wednesday when its support team said in a now-deleted tweet that "technically speaking it is and always has been possible to write firmware that facilitates key extraction," thus allowing the company to extract its users' keys.
While answering queries about the firm's new wallet recovery service, Ledger Support sent a couple of tweets that likely did little to assuage its users' concerns, suggesting that it could make its customers' assets vulnerable in any way it wanted to, but has – thus far – not done so.
"You have always trusted Ledger not to deploy such firmware whether you knew it or not," the company said in the tweet. "It's important to understand that at the end of the day, any hardware wallet solution a user chooses to go with will always require that person to trust this developer to build and maintain a secure device to store your assets."
After erasing the tweets, Chief Technology Officer Charles Guillemet tweeted in an attempt to clarify the situation and downplay the initial tweets. A Ledger spokesperson also reached out to CoinDesk to say that the company can't extract users' keys and any action related to keys needs to be approved by the customers first.
"Any action that interacts with a user's keys needs to be approved by the user through their Ledger. We cannot extract their keys, and will not extract keys," the spokesperson said.
Ledger's "Recover" service was met with consternation from the crypto community earlier this week on grounds that it undermines the firm's brief of privacy and security. The optional recovery service would allow users to backup their seed recovery phrase (a random string of words) through encrypting it in fragments with third parties.
Users fear that splitting the key between third parties could leave it vulnerable, effectively negating the main purpose of a hardware wallet against other storage options.
Ledger has argued that this sort of backup option is in fact popular as the possibility of assets becoming irrecoverable simply by mislaying a random set of words could prove a deterrent to investing in crypto.
"This is what future customers want,” CEO Pascal Gauthier said during a Twitter Space. “This is the way that the next hundreds of millions of people will actually onboard to crypto.”
Justin Sun, founder of Tron and stakeholder in crypto exchange Huobi, also defended Ledger, describing the company as a "reliable partner time and time again," in a Twitter post.
"I am confident that Ledger will persist in their dedication to serving their customers with the highest quality hardware wallets," he added. "Their commitment to security and customer service is unparalleled."
UPDATE (May 18, 15:30 UTC): Adds Justin Sun comments.
UPDATE (May 18, 17:46 UTC): Updates to include comments from spokesperson and follow up tweet by the CTO.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.