Hardware wallet provider Ledger has announced that it is pushing back the launch of its key- recovery feature after mounting criticism from the larger cryptocurrency community.
The hardware wallet provider likewise indicated that it would open the source code before it releases the update.
Key- Recovery Service Delayed
The decision was conveyed to wallet users in a letter by Ledger CEO Pascal Gauthier. In the letter, Gauthier indicated that the company would only launch the new feature after releasing its code to the community. Furthermore, Ledger likewise scheduled a Twitter Spaces session to discuss the challenge with the community and reach a consensus on the way forward. The Twitter Spaces session was joined by over 13,000 users, with the CEO calling it a humbling experience and a lesson in communication. Gauthier stated,
“This experience has been very humbling. We miscommunicated on the launch of this product; it was not our intention to take people by surprise. So as a result of that, we understand the community’s direction and apologize for the miscommunication.”
Codebase To Be Open-Source
Gauthier likewise indicated that as a response to concerns raised by the community, Ledger would be accelerating intends to open-source its codebase, beginning with the core components of its operating system and Ledger Recover. In addition, Ledger Recover won’t be be released until this is completed.
“We have made the decision to accelerate the open-sourcing roadmap! We will include as much of the Ledger operating system as possible, beginning with core components of the OS, and Ledger Recover, which will not released until this work is complete. Furthermore, we will open-source the Ledger Recover protocol, enabling the community to have as much choice as possible over your self-custody, in addition to the service being fully optional. This roadmap will be shared and updated by our CTO and engineering team.”
The Chief Technology Officer at Ledger, Charles Guillemet, revealed that over the following few days, the company would cause a white paper on the Recover Protocol public, along with technical blog posts. These would explain the principles governing Recover and give a detailed justification of how the procedure works. Guillemet stated,
“It’s going to be very easy and clear for every single cryptography and security expert to have a look at the protocol to get more guarantees and understand how it works.”
He likewise also mentioned that developers could build their own backup provider for the seed phrase shards rather than using the ones provided by Ledger.
“This has always been something important for Ledger, but this recent event showed how important it is for the community, and this is why we decided to prioritize this open-sourcing process.”
Gauthier likewise stressed that offering key recovery services is important to onboarding new users for whom self-custody could be difficult.
“The bulk of users in cryptocurrency today either do not own their private keys and/or are putting their private keys at danger using less secure forms of self-custody and hard-to-use forms of storing and securing their seed phrase.”
Ledger’s PR Nightmare
Ledger announced its Ledger Recover service past week, allowing users to store encrypted backups of their seed phrases with third party custodians. This would enable Ledger users to restore their private keys even if they lost their seed phrases. The feature was announced as an opt-in feature and would must have a KYC (Know Your Customer) verification. Nonetheless, if Ledger was expecting a supportive reaction, it got quite the opposite.
Other community members likewise noted that the code for Ledger’s Recover feature is not open-source, meaning there is no way to audit and test the feature’s safety. In contrast to its competitors, Ledger does not publish all its code. Instead, its products are tested by a team of select security researchers.