Ledger's Recovery Update: What Every Wallet Owner Should Know
Whether you own a Ledger or not, you need to know how your wallet treats your keys
Yesterday, Ledger announced that their next firmware update will offer an opt-in feature for seed phrase recovery.
The service, offered as a subscription for $9.99 a month, will split a user’s recovery phrase into 3 encrypted shards, and distribute them between 3 custody providers – Coincover, Ledger, and EscrowTech.
In order to sign up for the service, the user would need to provide a government identification document, which would then be required to initiate phrase recovery.
Why is this a big deal?
Ledger’s announcement launched a heated debate on crypto Twitter, Reddit, and elsewhere, with many long-time Ledger users expressing frustration and anger.
Why this much blowback for a feature that’s opt-in? If someone doesn’t want recovery assistance, they can just keep it turned off and have the same security as they had before – right?
Two main issues caused concern:
If Ledger is truly a cold wallet, it should not be possible AT ALL for the keys to leave the device. The fact that a firmware update can be pushed to the device, making it possible to send the key out (even if in parts and encrypted), suggests to some users that the keys were accessible to Ledger all along.
In 2020, Ledger experienced a data leak that exposed personal information of hundreds of thousands of Ledger owners. With this precedent in mind, some people believe that giving Ledger access to their keys and personal identification is a bad idea.
What should you do if you hold crypto with a Ledger?
That depends on where you fall on the self-custody spectrum.
Option A: Do you believe that absolutely NO ONE except you should have access to your crypto under ANY circumstances, even at the risk of losing your keys with no possibility of recovery? Are you firmly against connecting your official ID document to your wallet?
Option B: Do you feel that having full responsibility for your crypto assets is a considerable burden, and there should be safeguards in place, even at the risk of trusting a third party, or multiple third parties, with your assets? Are you ok with submitting your ID to buy or trade crypto?
If you are Option A – probably skip this Ledger update and the recovery service subscription. While there are analysts who believe that SOME measure of trust in a hardware wallet company is inevitable, if you are having doubts, you can move your crypto from the Ledger to a different hardware wallet, or several different wallets to spread your risk. Importing your Ledger phrase into another wallet device or interface isn’t the same - that way you are keeping the same keys to which Ledger MAY have had access.
If you are option B – this might be just the feature you were waiting for, giving you a bit of reprieve from all that responsibility. Read about the third parties involved in the Ledger recovery scheme, consider whether you trust them sufficiently, and maybe don’t keep all your crypto eggs in one Ledger basket.
Best practices for wallet security
Of course, most of us will fall somewhere in the middle on the self-custody debate.
Is it an amazing and groundbreaking thing to be in full control of your assets, to use them and move them whenever and however you wish?
Yes.
Is it very scary to consider that your entire fortune rests on a set of 24 words or a string of characters that only you know?
Also yes.
Whether or not you own a Ledger, some basic wallet security practices will go a long way in keeping your crypto safe.
Be aware of how the wallet handles your personal information and your keys.
Learn the difference between custodial and non-custodial wallets, and know which one(s) you are using. What happens if your wallet company goes bankrupt or stops updating the product? What happens if you can’t get anyone on the support line? Make sure you know the answer to these questions.
Diversify wallets and how you use them.
Hardware wallets are still the best option for highest security. The recent Ledger experience makes everything seem uncertain, and such is life, but hardware wallets are still more secure than using your keys directly on the web or keeping all your crypto on a browser wallet.
That being said, different wallets are better suited to different purposes. Use a mobile or browser wallet for interacting with web3 dapps and doing quick trades. A hardware wallet is best for storing larger sums of crypto that you won’t move for a while. Even centralized exchanges have their uses, but don’t keep significant amounts of crypto there long term.
Take good care of your keys, even if you opt in to recovery.
You probably know that you should never give your wallet key or phrase to anyone for any reason, and keep it very safe. A flimsy piece of paper in your sock drawer is not your only option for ‘very safe’.
There are special damage-proof tools for storing your phrase, and you may consider breaking the phrase up into pieces and storing at different locations. Explore multi-sig, multi-factor authentication, and social recovery options if that’s something that appeals to you. Perhaps you’d rather trust your family members with pieces of your phrase than third-party companies. (No judgment if not, though.)
Most importantly – keep learning! Don’t be afraid to ask questions! Things change so fast in the crypto space, it’s hard to keep up, but it’s worth it to protect your crypto and to continue being part of this community. Stay safe out there.