Executives at cryptocurrency hardware wallet manufacturer Ledger found themselves in a public relations dilemma as they attempted to clarify the functionality of their new product, Recover. The company faced backlash from loyal users after a now-deleted tweet suggested that Ledger’s firmware “facilitates key extraction,” contrary to users’ expectations of a secure hardware wallet.
Customers had believed that their private keys, a 24-word seed phrase used to unlock a wallet, would never leave Ledger’s hardware device. However, Ledger CTO Charles Guillemet clarified that with the Recover feature, users can choose to allow the software within the Ledger wallet to permit the private keys to be exported as encrypted “shards.” These shards can then be combined to reconstruct the seed phrase. Ledger emphasized that the Recover tool is optional for users.
During an interview on the Bankless podcast, Guillemet acknowledged that some users were surprised by this revelation, as the software within the secure element of the device is subject to change and has access to the secret information.
Guillemet argued that the tradeoff presented by Ledger Recover is acceptable. The product targets individuals seeking enhanced security compared to online exchanges or wallets but who may not be ready for an offline, hardware cold wallet that cannot recover a lost password.
Overall, Ledger faces the challenge of balancing user expectations with the desire to provide additional access options while maintaining security standards.