It Is Technically Possible to Extract Users Keys, Says Ledger

Twitter icon  •  Published 10ヶ月前  •  Hassan Maishera

Ledger’s support team said it is technically possible to extract users’ keys after the company’s Recovery service faced a backlash from the crypto community.

TL;DR

  • Hardware wallet manufacturer has defended its recent update, stating that it is always technically possible to extract users' keys.

  • Ledger rolled out its Recover service last week, and it was met with consternation from the crypto community.

Ledger Defends Its Recover Service

Crypto hardware wallet maker Ledger fueled the fire to the ongoing controversy after tweeting on Wednesday that it has always been technically possible to write firmware that facilitates key extraction.

The now-deleted tweet indicates that it is possible for the company to extra its users’ keys. 

The tweet came after the company rolled out its Recover service last week. The service was met with a huge backlash from the broader cryptocurrency community, as many believe that Ledger would have access to their private keys. 

While answering questions about Ledger’s new wallet recovery service, the company’s Support team sent a couple of tweets that did little to address the concerns of its users. According to the support team, they have the resources to make users’ assets vulnerable in any way they wished but have so far not done so. 

In its tweet, Ledger said;

"You have always trusted Ledger not to deploy such firmware whether you knew it or not. t's important to understand that at the end of the day, any hardware wallet solution a user chooses to go with will always require that person to trust this developer to build and maintain a secure device to store your assets."

Ledger Downplays The Initial Tweets

The now-deleted tweet received a lot of backlash from the cryptocurrency community. Chief Technology Officer Charles Guillemet had to come out to downplay the company’s initial tweets.

A spokesperson for Legder clarified that the company can’t extract users’ keys, and any action related to keys needs to be approved by the consumers first. 

"Any action that interacts with a user's keys needs to be approved by the user through their Ledger. We cannot extract their keys, and will not extract keys," the spokesperson added. 

The company’s Recover service hasn’t had the intended positive effect as users believe that it undermines Ledger’s brief of privacy and security. The service, which is optional, allows users to back up their seed recovery phrase by encrypting it in fragments with third parties. 

However, users fear that allowing third-party entities to have access to their recovery phrases could leave them vulnerable. This effectively eliminates the main purpose of hardware wallets. 

However, Ledger has maintained that the backup option is popular as it provides another layer of security. CEO Pascal Gauthier stated that; 

"This is what future customers want. This is the way that the next hundreds of millions of people will actually onboard to crypto.”

 

Author

Hassan Maishera

Hassan is a Nigeria-based financial content creator that has invested in many different blockchain projects, including Bitcoin, Ether, Stellar Lumens, Cardano, VeChain and Solana. He currently works as a financial markets and cryptocurrency writer and has contributed to a large number of the leading FX, stock and cryptocurrency blogs in the world.