Ledger Unveils Controversial Seed Phrase Recovery Program
Ledger, the Unicorn cold wallet developer that raised $100M back in March and has sold ~6 million wallets over the years, has come out with an update that has many security experts up in arms
When it comes to how to store your crypto, there are three main options:
An exchange, like Coinbase, Binance, Kraken, etc.
A “hot” (connected to the internet) wallet like Metamask.
A “cold” (disconnected from the internet) wallet, like Ledger.
Each of these options provides a balance between ease of use and safety with exchanges being the easiest to use, but also the least “safe”.
Cold wallets, on the other hand are widely regarded as the most cumbersome, but safest option as they:
Are not at risk of getting hacked, due to them being disconnected from the internet.
Are not at risk of vanishing due to a collapse, a la FTX.
In other words, with a cold wallet, there is no way outside of losing your seed phrase (the set of random words that act as your wallet password) for you to lose your beloved digital coins.
But that may no longer be the case for the dominant cold wallet company.
Ledger, the Unicorn cold wallet developer that raised $100M back in March and has sold ~6 million wallets over the years, has come out with an update that has many security experts up in arms.
That update is Ledger Recover, which seeks to address one of the largest hurdles toward the mass adoption of cold wallets: the difficulty of storing your seed phrase.
It’s hard to sell people on keeping the keys to their wealth on an easily forgettable/losable set of words; therefore, Ledger is rolling out the Recover program, an optional $9.99 per month seed phrase recovery service.
What Recover does is:
Verify your identity using your ID document and a selfie recording.
Duplicate and encrypt your seed phrase, in effect creating a secure backup for your seed phrase.
Link that backup to your verified identity.
Split that backup into three pieces, with the pieces secured by Ledger, Coincover, and a third provider.
This way, if you lose your seed phrase, all you need to do to recover it is verify your ID.
It sounds like the perfect solution to one of crypto’s key UX hurdles, but not everybody is happy. Notably, there is concern that:
Splitting the backup among three parts could leave it vulnerable, defeating the entire purpose of having a cold wallet.
Using your personal ID as a backup is a privacy breach and exposes users to identity theft, especially if Ledger has another data breach.
Ledger, however (and predictably), doesn’t see any issues with the Recover program. They assert that the program is optional, completely safe, and ultimately needed to onboard the next wave of crypto users.
For the sake of the industry, we sure hope they are right.