Ledger’s latest firmware update will allow users to split their seed phrase into shards and backup this sensitive information with three custodians including the company itself.
Users will have to pay a monthly subscription fee and provide a copy of their passport/national identity card to sign up for this service.
The crypto community expressed concerns that this update could jeopardize wallet security by exposing private keys to third parties.
Crypto proponents also cited Ledger’s previous data breach from 2020.
Crypto wallet maker Ledger announced a new recovery service that will allow users to back up their seed phrase with third-party custodians as the company moves to slot in an extra safety net for users.
Crypto holders and proponents reacted to the firmware update with skepticism, mainly arguing that the service could jeopardize wallet security and incentive crypto scammers.
The firmware update called ‘Ledger Recovery’ will give customers the option to split their seed phrase into shards and back up this recovery phrase with three custodians – the wallet marker itself, crypto custody firm Coincover, and code escrow company EscrowTech.
If somebody loses their recovery phrase, two of the three shards can be combined—pending an ID check—to regain access to the locked funds. Essentially, Ledger Recover is an additional safety net; for the price of $9.99 a month, it takes the jeopardy out of crypto’s version of stuffing dollars under the mattress. It’ll be available in the UK, EU, US, and Canada and come to other territories later in the year.
– From Ledger’s firmware update note
Nano X, one of the company’s crypto hardware wallet products, is currently the only wallet compatible with the service. Users will have to pay a monthly subscription fee and provide a copy of their passport/national identity card to sign up for this service – a major point of contention for users.
The wallet maker has not yet published the firmware release notes, leaving the update’s implementation up for speculation till further notice.
Some proponents were left unimpressed by the company’s decision. The main concerns were seemingly around requiring customers to provide an ID/passport, essentially doxxing users to third parties, and encouraging customers to back up their seed phrase online.
One Reddit user pointed out that distributing seed phrases to outside parties creates several points of failure and increases the risks of data leaks. The company previously suffered a massive exploit in July 2020 and the hacker dumped personal information on over 270,000 customers on the internet, including their phone numbers and home addresses.
Self-custody remains a hot-button topic in crypto, even more so after the failure of FTX crypto exchange. While some argue that Ledger‘s latest recovery service puts users at risk, others insist that the option could help mitigate lost seed phrases and other self-custody risks.