Yesterday, Ledger dropped a bombshell that set the crypto world ablaze: the introduction of Ledger Recover.

The once fortified bastion of privacy and security, Ledger, was suddenly offering an option to share your sacred private keys with specific institutions: Ledger, Coincover and another third party. It felt like a seismic shift from the crypto ideals we’ve cherished.

Did things really derail this quickly? Or is this a nothing burger?

Well, let’s dive in and see for ourselves!

TLDR 📃

• Ledger’s Recover, a new opt-in feature, stirs up Twitter with its ‘private key sharing’ ability.
• The feature’s critics worry it could be a chink in the armour, giving bad actors easy access to private keys.
• Ledger defends its corner in a Twitter Spaces chat, vouching for the feature’s security.
• We’re not sold on Ledger’s method. The potential for attacks and the necessity for KYC set off alarm bells.
• We suggest holding off on the latest Ledger firmware upgrade till the fog clears. And while you’re at it, why not broaden your wallet horizons with options like Argent and Trezor?

What is Ledger Recover?

This new feature is designed to make it easy for anyone to own crypto, getting rid of the confusing stuff related to private keys.

To solve the problem, Ledger announced their opt-in Recover feature ⬇️

Exciting update, Ledger has a new product, Ledger Recover, that’s launching soon: https://t.co/nT1VHnnSYz

🧵Here’s what Ledger Recover is and what it isn’t, explained by @P3b7_ & in the thread below. pic.twitter.com/RW1w07H6pK

— Ledger (@Ledger) May 16, 2023

As soon as this was tweeted, all hell broke loose on Twitter. And, for good reason.

What is the problem?

Here’s the issue: until now, only you, the Ledger owner, could peek at your private keys. But in a flash, Ledger’s planning to roll out a “private key sharing” feature with a fresh firmware upgrade. That’s where the trouble starts.

We took to Twitter, and let’s just say, a certain someone got a bit of a grilling from us for accusing us of spreading FUD – they’ve since deleted their reply (too hot to handle, perhaps? 😂).

Your brain seems unable to think beyond words you are told.

So here are some more to explain the problem:

Up until now, only the Ledger owner could see the seedphrase. Now, it’s being sent in a fragmented way to three different companies.

“How” are they being sent? This was… pic.twitter.com/hN2Jakfmla

— Cryptonary (@cryptonary) May 16, 2023

We spotlighted a key issue – Ledger’s cryptic communication. We flat-out asked,“There’s a new mechanism that enables seedphrase sharing. Do you trust that mechanism? Maybe it’s trustworthy, maybe it isn’t. Either way Ledger need to explain this better to instil relief in their customers or face an exodus.”

Ledger’s response

Ledger came out a few hours after the outbreak and jumped on a Twitter spaces with multiple executives to address all concerns.

The top two most important questions were: Who is this feature for and is it secure? 👇🏼

“Technically, as soon as you opt in for the service, you’ll be asked if you are happy to opt-in for Ledger Recover. If you are – then you sign a transaction on your Ledger to shard your private keys into 3 shards, then it’s encrypted in the device, then a secure channel is…

— Ledger (@Ledger) May 16, 2023

So, allegedly, this route is secure and upgrading to the latest Ledger firmware is also recommended (by them, not us – we have a different view).

Cryptonary’s take 🧠

It’s commendable that Ledger is gunning for global adoption, tackling the tricky private key conundrum head-on. But their approach? Not our cup of tea.

This new feature flings open the door to possible attacks. Yes, you need to sign a transaction to share private keys, but what if someone’s tricked into signing while in the thick of a DeFi contract? They’ve promised a “secure channel”, but should we just take their word for it?

And then there’s the whole KYC requirement to access the feature. To us, that looks more like IRS meddling than a Ledger initiative. There are smarter options out there, like socially recoverable wallets (Argent, we’re looking at you) that sidestep the KYC problem. Because what if there’s another data leak, but this time linking names and addresses to wallet addresses? The potential for crime is staggering.

We urge Ledger to hit pause on this feature, and rethink their strategy – smart contracts could be a smarter route.

Action points 📝

• Do not upgrade your ledger to the latest firmware – for the time being; until they provide more clarity or make changes.
• Opt in to use a Ledger Nano S for now as only Ledger Nano X will have that feature today.
• Diversify your wallets, we recommend checking out Argent and Trezor.