Crypto Wallet Provider Ledger Delays Key-Recovery Service After Uproar

After criticism from the crypto community, the firm pledged to open-source the Ledger Recover code before releasing the controversial update.

AccessTimeIconMay 23, 2023 at 2:00 p.m. UTC
Updated May 24, 2023 at 2:43 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Following harsh criticism from the crypto community, hardware wallet provider Ledger will delay releasing a key recovery feature.

In a letter to users, Ledger CEO Pascal Gauthier wrote that the firm won’t introduce the new feature before releasing the code for it. The company also scheduled a Twitter Spaces session for 12:30 p.m. EST on Tuesday to discuss the issue.

Last week, Ledger announced the service, called Ledger Recover, which will allow users to store encrypted backups of their seed phrases with a set of three custodians. Ledger owners will then be able to restore their private keys even if they lose or forget their seed phrases. The opt-in feature will require a know-your-customer (KYC) verification.

Ledger came under fire almost immediately from members of the cryptocurrency community, which criticized the idea of sharing seed phrases with anyone other than wallet owners. Multiple commentators wrote angry posts on Twitter, Reddit and other platforms, saying they felt betrayed by Ledger, which has previously said that Ledger wallet private keys would never leave a device.

Some critics also highlighted potential threats such as hacks of the custodians, data leaks from KYC providers and law enforcement taking control of Ledger users’ data. Others noted that the code for the Recover feature is not open-source, so there is no way to audit the safety of the proposed custody mechanism.

Unlike some competitors, Ledger does not publish all its code, but instead has its product tested by a team of selected security researchers.

The company learned a hard lesson, Gauthier said in his letter to users. Parts of the Ledger code have been open-sourced before, and more will follow soon, Gauthier said.

“We have made the decision to accelerate the open sourcing roadmap! We will include as much of the Ledger operating system as possible, starting with core components of the OS, and Ledger Recover, which won’t be released until this work is complete,” he wrote.

Gauthier also reiterated the idea that offering key recovery services is essential to onboard a new wave of crypto users, for which self-custody might feel too difficult.

“The majority of users in crypto today either don’t own their private keys and/or are putting their private keys at risk using less secure forms of self-custody, and hard-to-use forms of storing and securing their seed phrase,” the letter reads.

Edited by James Rubin.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is an award-winning media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. In November 2023, CoinDesk was acquired by Bullish group, owner of Bullish, a regulated, institutional digital assets exchange. Bullish group is majority owned by Block.one; both groups have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary, and an editorial committee, chaired by a former editor-in-chief of The Wall Street Journal, is being formed to support journalistic integrity.

Anna Baydakova

Anna Baydakova was CoinDesk's investigative reporter with a special focus on Eastern Europe and Russia. Anna owns BTC and an NFT.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.