Reading 3 min Views 6 Published Updated
Ledger, a hardware wallet provider, recently updated the firmware to version 2.2.1. They have introduced an additional security system called “Ledger Restoration”, which the cryptocurrency community vehemently rejects.
While updates are critical given the rapidly changing nature of cryptocurrencies, Ledger is now under fire for offering users the ability to store their seed phrases online. The hardware wallet manufacturer stated that this feature allows users to quickly restore their seed phrases in case they are lost.
Ledger Recovery feature declined
The subscription-based service called “Ledger Recover” effectively gives the manufacturer access to customers’ original phrases; defeating the purpose of using a cold wallet in the first place.
Related Reading: DOJ Cryptocurrency Task Force Hacks DeFi Hackers as Illegal Activity Grows
The platform claims that Recover is an “identity-based key recovery service that provides a backup” of seed phrases for coins like Bitcoin.
Bitcoin Price May 16 | Source: BTCUSDT on Binance, TradingView
Earlier, the co-founder of Ledger said that Recover will split the seed phrase into three fragments. The section applies to Ledger, Coincover, a cryptocurrency custody firm, and EscrowTech, a company that deposits codes. Thus, if a user loses access to their cold wallet by losing their private key, two out of three custodians can merge their code to restore the contents of the wallet.
While it might help, since it’s designed, a cold or hardware wallet doesn’t come with jail time. Technically, it should be disconnected from the Internet. By default, Ledger wallet holders must always be responsible for their seed phrases.
Seed phrases allow users to sign transactions, confirming that they are the true owners. Whenever they are lost, the owner of the token loses access to all their coins.
While the “Ledger Recover” feature is a precautionary measure, some even claim that this move makes the Ledger a “hot” wallet. A hot wallet is an Internet-connected cryptocurrency wallet that is often the target of fraudulent agents. Whenever hackers strike, they seek to clear assets held in hot wallets such as MetaMask or Coinbase Wallet.
KYC requirements and lessons from the past
In addition to the Ledger requiring access to private keys, the Recovery feature requires users to verify their identity as part of Know Your Customer (KYC) rules.
As part of this verification and KYC compliance, users must provide their government-issued cards. Critics say that this is contrary to the principles of cryptocurrency, aimed at maintaining privacy and the distribution of power from one person.
Trusting personal identity documents to a centralized entity can be disastrous. In 2020, the Ledger database was compromised and hackers dumped the sensitive information of hundreds of thousands of wallet buyers, including physical addresses.
The hackers later used the same data to target customers in an extortion campaign that even affected some of Ledger’s top executives.