Pascal Gauthier, the CEO of Ledger, has confirmed that the private seed phrases of users who opt into Ledger’s controversial new Recover upgrade could, in theory, be handed over to governments if they were to be subpoenaed.
Ledger’s latest firmware update and hardware wallets, in general, have been a touchy subject over the past week.
The firm has described the new Recover upgrade as an optional firmware update that allows users to back up their seed phrases with third-party entities with the aim of helping a user recover their seed phrase should they lose it.
If a user opts into the service, the seed phrase is broken into three encrypted fragments called “shards,” which are then stored with three separate parties — Coincover, Ledger and an independent backup service provider.
Speaking on Peter McCormack’s What Bitcoin Did podcast, Gauthier admitted that while the new Recover update could technically see users’ seed phrases provided to government entities, it would only be reserved for “serious acts” such as crimes involving drugs and terrorism.
“It’s not true that the average person gets subpoenaed everyday.”
The podcast’s host McCormack pushed back on this claim, pointing to when Coinbase was subpoenaed by the United States Internal Revenue Service in 2018 and was forced to hand over the personal information of 13,000 users.
Gauthier refuted this example as an inaccurate comparison. Unlike Coinbase, Ledger is not a banking institution and is not subject to the same legal constraints as the crypto-exchange, he said.
It’s worth noting that while some users, such as pseudonymous crypto commentator 0xFoobar on Twitter, see the update as an unforgivable breach of privacy, Ledger representatives maintain that these concerns are largely overblown.
Exciting update, Ledger has a new product, Ledger Recover, that’s launching soon: https://t.co/nT1VHnnSYz— Ledger (@Ledger) May 16, 2023
Here’s what Ledger Recover is and what it isn’t, explained by @P3b7_ & in the thread below. pic.twitter.com/RW1w07H6pK
Speaking to Cointelegraph, Ledger provided further clarity on what the new Recover update really means for its users.
“The core value proposition remains the same as it always has - the ethos of self custody and self sovereignty means you get to choose,” said a Ledger spokesperson. “The introduction of Ledger Recover doesn't change that, it's entirely up to you if you feel it's a service you would like to subscribe to.”
Ledger shared that despite the many accusations being hurled at the company across social media, the original seed phrase itself still does not leave the device.
“What you're creating, if you choose to, is an SSS encrypted and sharded backup. These shards are completely useless unless the user restores the backup on a Ledger device, and only on a Ledger device, where multiple parts are needed in order to decrypt.”
“If you don't want to use Ledger Recover, nothing changes for you.”
When asked if there were any plans to open source their firmware code — something that competitor cold wallet provider Grid Plus is currently making steps towards — Ledger claimed that it’s not possible to make the inner workings of its “secure element” chip open source due to legal constraints from the chip manufacturer.
“What we will do is continue to open source more and more of our code, until we reach a similar level as the Raspberry Pi, where only a tiny part of the code related to the Secure Element is closed — which again, we are legally bound to.”