Ledger Recover White Paper jetzt verfügbar

Why didn’t you make a new device for this. I am currently migrating off my nano x because I have lost trust in you. Bravo.

„your feedback is always welcome.“

The majority of ledger users have provided feedback to pull the recovery update and you haven’t listened.

Just allow us to select the firmware we want. I would like to use a firmware without the backdoor. Unfortunately, as long as the Recover option is on the device, a smarter hacker will come along and exploit the backdoor – whether it be the US government giving Ledger instructions or some random hacker.

You should make 2 firmwares available. One with, one without Recover. People should be able to choose, not have the backdoor forced on them. It was never part of the deal when we gave you our money.

I still haven’t moved out of Ledger, but I definitely will if this is going to be forced on me. If you want to force a backdoor onto me, I’m out. If I want to “recover”, I’ll use Binance. That’s way more safer than Ledger, and my funds are insured with them. I’m sure Ledger doesn’t have the capability to cover people’s losses.

Listen to your customers. The feedback was clear from the first day you decided to release the backdoor.

Ledger needs to respect the millions of rugpulled customers who bought their device with no NSA/CIA/FBI/IRS confiscation backdoor.

Console makers for decades have blown efuses to close firmware exploits and hardware wallets all have high watermark firmware versions.

Keystone ships with multicoin firmware, with a separate Bitcoin only firmware that once flashed prevents reflashing back to multicoin firmware.

Bitbox02 sell a Bitcoin only model that cannot be converted to multicoin/UTF TOTP edition.

Ledger should release a separate high watermark efuse blowing no-recover-firmware fork that can Never be flashed back to a recover-service-firmware fork.

Just make a whole separate product for this ffs

Imagine destroying your company’s reputation for a feature no one asked for and no one will use.

We said no, you went ahead

I moved to Trezor guys this was too much for me :/

Go really full open source, and don’t push this dumb shit

**Remove this so called FEATURE from the update on my Ledger. I do not want this back door on my Ledger at all. The back door stays on my Ledger regardless if I opt out of this or not. I don’t want it anywhere near my device!**

This is still really bad, the reality is that every time from now on that someone posts a standard „My Ledger got Hacked and I lost everything“ thread, if they are a ‚Ledger Recover‘ user, there will be no way to know for sure that the the leak didn’t happen on Ledger’s side… (And no real way that Ledger could identify if there was some internal issue and leaks were happening on their end either)

There really needs to be a different firmware that has a totally different onboarding workflow and a totally different backup model in terms of who holds what… (Or at the very least, a model that doesn’t have this feature at all)

You should make Ledger Recovery a premium service that requires a premium device.

Should be on X and Stax only, leave it off the S Plus permanently.

People who don’t trust it can just buy the S Plus, if they need more features or want it, they can buy a better model.

French guys are stubborn

I still want my money back

So you’re going for the recovery thing is confirmed, from who will you ask for these fees when there is nobody left? It isn’t rocket science to understand how much damage this whole thing has done to ledger, seriously there’s something going on; else why would a company dig it’s own grave, you guy have some very deep reason to let go of entire community but still roll out recovery. It’s interesting and scary at the same time.

Really doubling down on this dumb shit.

Hahaha FU

„The seed is encrypted (using AES 256 CBC with a key common to all devices)“ yeah this seems real safe.

I will not update my ledger for as long as you keep this recovery feature in the update. That you can count on

So Ledger Recover will use Pedersen Verifiable Secret Sharing.

Will apps have access to the APIs that create the shards? Also, will it be possible to create shards independent of the Recover service?

Looks to be a 34-page technical white paper. The entire security of all assets is relying on Identity Verification not being vulnerable. There’s 2 pages on it, with the helpful and informative title „A Note on Identity Verification“. Even if the other 32 pages can be proven to be cryptographically secure – and let’s assume they are – this entire effort still misses the point. Explain the expected failure rates of the Identity Verification, and how those failures will be dealt with by Ledger and/or the providers. $50K insurance isn’t nearly enough – unless the market for this is expected to be people who simultaneously will throw hundreds of dollars a year away on nothing, while also having less than $50K in crypto to protect. That seems like a Venn diagram with two circles on the opposite side of the room.

No one is asking for this.

Serious thoughts and questions…

If there’s successful attack on this new feature, it probably won’t be a flaw in the crypto systems and protocols, which the document focuses very heavily on.

More likely, it will be a flaw in the implementation, a weak link between the various components, or an attack at the fringes, or subversion of the user’s host, Ledger Live and/or the orchestration component. Or an attack on one of cloud hosted components.

Where does the „Orchestrator“ live, is this part of Ledger Live, running on a customers PC or iOS device, or a cloud hosted service?

Where does „Stargate“ live? It is a service in AWS, correct? How is that hosted and secured?

How do backups traverse from the orchestrator to the backup providers and then to the HSM?

What if a recipient is being impersonated by an attacker that has stolen the static private key?

What happens if the static private keys are extracted? We know it is very hard to extract a users seed phrase from the hardware device, and an attacker’s reward for doing so is the crypto secured by a single device. But in the case of a static private key common to all devices and/or HSM’s, it seems like the potential impact is huge. Would that be ‚game over‘ for Ledger/Recover?

How do we reconcile Ledger’s apparent stance that this system is virtually impervious to attack with the fact that insurance is limited to loses of only $50K. Why not $500K or $5M?

Who has less than $50K at stake, isn’t able to self-custody and yet is willing to pay $10/mo? It seems like such a small target audience.

Are there any other larger motivations for providing this service beyond users who struggle to self-custody?

Thank you in advance for any responses.

This confirms what was thought to be the case: The seed is encrypted with a fixed key on the ledger device, which exists on every ledger. That’s also how restoration to any ledger device works.

Which means this encryption is meaningless. It adds zero to security. If someone gets 2 of 3 shards, then that someone can recover the seed, as long as they have a ledger device. Whether those shards are part of an encrypted seed or not just adds a little bit of inconvenience to the attacker: They need a ledger to recombine, can’t do it outside a ledger.

You’re relying 100% on the secure storage of the shards by the providers. “The seed gets encrypted before sharding it” is so much marketing speak that adds nothing to that secure storage.

Terrible, truly terrible idea. And the reason that the community dubbed “Ledger Recover” as “Ledger Trust Me Bro” instead.

These fvcking ldlots gave our fvcking seed phrase to the danm government so they can take our coins when we don’t comply. i hate this damn company, i hate the motherfuckers that work there