On May 16, Ledger announced the release of its new service: Ledger Recover — a controversial service that is intended to back up users’ recovery phrases.
The Bitcoin community has been vocal on both sides of the discussion, as financial privacy is not something Bitcoiners take lightly.
Read more on the subject : Ledger Hardware Wallet ‘hacks’ Itself With Latest Update Growing ‘Backdoor’ Concerns
The service works by allowing users to share three fragments of their seed phrases from the Ledger device to three separate entities who are then responsible for their storage.
If you lose your seeds, you are able to recover access to your funds by providing proof of identification to Ledger.
The obvious benefit of the service is the convenience it provides for users, who will no longer have sole responsibility for the storage and security of their recovery phrases.
This is huge for users, as the most common way of losing access to funds is simply through losing the seed phrases. While the service does provide a large benefit to its users, critics argue that it presents vulnerabilities that could allow seed phrases to be extracted by unauthorized outside parties.
Ledger Recover “is Being Pushed Out to All New Ledger Devices”
In a livestream with Jameson Lopp, Bitcoin expert Andreas Antonopoulos told viewers that “this is being pushed out to all new Ledger devices [via] a firmware update, whether or not you sign up.” Casa co-founder Jameson Lopp reiterated that this only applies to the Nano X as the Nano S is not capable of running this firmware.
Antonopoulos also explained that “because of KYC requirements… an identifier that connects this shard to your identity must be available to someone.” The problem with this is that users no longer have complete financial privacy, which is one of the most beneficial aspects of Bitcoin.
In an interview on Peter McCormack’s podcast, Ledger CEO Pascal Gauthier confirmed that if subpoenaed, Ledger could provide seed phrases to government entities, adding another level of concern to the security of users’ financial privacy.
It has long been argued that backdoors and KYC requirements take the decentralization out of Bitcoin and violate users’ rights to financial privacy. This might explain why Éric Larchevêque, Ledger co-founder and ex-CEO, took to Reddit to say that the release of Ledger Recover was a “total PR failure, but not a technical one.”
He placed part of the blame on himself, writing that as a founder, he did a poor job explaining the security model of the company, resulting in the misconception that Ledger has always been a trustless solution. “The hard truth… is that nothing changed,” wrote Larchevêque. “The security model is the same than before you knew Ledger Recover existed.”
Alternative Cold Storage Solutions to Ledger Recover
Even though it’s true that Ledger has never been a completely trustless solution, many users have started searching for alternatives since the announcement of Ledger Recover.
One of the most commonly recommended solutions has been the Trezor Model T. Unlike the Ledger Nano X, which runs on Ledger Live, the Model T, running on Trezor Suite, is open source and trustless, providing increased security for users. Trezor also utilizes multi-signature transactions, a feature Ledger does not support.
Devices such as Coinkites Coldcard and Foundation’s Passport have also snapped market share from Ledger as their products enjoy high levels of trust among Bitcoiners.
If you don’t want to participate in Ledger Recover, but also don’t want to, or aren’t able to, buy a different cold storage solution, you still have options.
For now, you do not have to update your Nano X to the newest firmware. Eventually, however, it is likely that Ledger will stop supporting the older versions of their firmware and you will be required to update.
It is also possible to continue using your Ledger device with Electrum instead of Ledger Live. Unlike Ledger Live, Electrum is capable of multi-sig transactions and also supports using your own node, providing increased security for users. On top of all that, Electrum is open source, giving users a better sense of security. For iOS users, the only downside is that Electrum is not yet available for your devices.
You Still Need A Cold Storage Solution
Regardless of whether you decide to switch to other cold storage hardware wallets like the Trezor Model T or their original Model One, or continue using your Ledger Nano X, it is still clear that cold storage is the superior method for storing your bitcoin.
By taking self-custody of your bitcoin through the use of cold wallets, you are ensuring that you have sole control of your private keys and thus, control of your bitcoin.
Read more on the subject : What is a public key?
If you were to instead keep your bitcoin on an exchange like Binance via a custodial wallet, you would not have access to your private keys, meaning that you do not actually possess the bitcoin you have purchased or earned.
As we have seen with events like the FTX fallout, this could be detrimental: As the old saying goes, not your keys, not your bitcoin.