Ledger, a leading provider of hardware wallets, has recently unveiled an intriguing feature called Ledger Recover, aiming to revolutionize the safeguarding and recovery process for cryptocurrency assets.
With Ledger Recover, the private key within the hardware wallet undergoes fragmentation and encryption, securing the device against potential threats. The encrypted fragments are then distributed across hardware security modules (HSMs) managed by Ledger, Coincover, and EscrowTech. While this innovation promises enhanced security and recovery options, opinions regarding Ledger Recover remain divided, with some users welcoming the initiative while others express concerns over potential risks and privacy implications.
The main point of contention lies in the departure from the traditional model on which hardware wallets are built.
What are cryptocurrency hardware wallets?
A hardware wallet is a thumb drive-looking device, just for cryptocurrency. This device is designed to store your cryptocurrency, non-fungible tokens (NFTs) and other digital assets while keeping it safe from bad guys who might try to steal them.
When you have a hardware wallet, it generates a special code called a “private key.” Think of the private key as the key to unlock your wallet. It’s a secret code that only you know.
The private key is important because it’s used to access and manage your cryptocurrency. Without the private key, nobody can get to your digital assets.
The whole purpose of a hardware wallet is to keep the private keys offline and isolated from potential online threats, such as malware or hacking attempts. The private key is stored securely inside the hardware wallet. It never leaves the device. This approach ensures that even if a computer or wallet is compromised, the private key remains inaccessible.
When you want to use your digital money, you connect your hardware wallet to a computer or a phone. The hardware wallet talks to the computer or phone and uses your private key to do things like send or receive digital money.
Learn more about the most common cryptocurrency storage options and the difference between them
While the security measures implemented in hardware wallets enhance protection, they also introduce challenges for key recovery. If you lose or forget the private key for your hardware wallet, there is typically no central authority or mechanism to retrieve it.
However, that was the case before the introduction of Ledger Recover. Users now face a new paradigm that introduces distributed storage and additional layers of encryption.
How Does Ledger Recover Work?
Ledger provides an overview of their novel approach to recovering cryptocurrency assets on the website. Here is how it works:
- Identity Verification: When setting up Ledger Recover, users are required to verify their identity using an ID card. Onfido and Electronic IDentification provide this service to Ledger users ensure that only the rightful owner can access and recover their wallet.
- Fragmentation and Encryption: The private key within the Ledger Nano X hardware wallet undergoes fragmentation, encryption, and duplication within the Secure Element chip. This process creates three encrypted fragments of the private key.
- Distributed Storage: The encrypted fragments are securely sent to three independent providers: Ledger, Coincover, and EscrowTech. These providers store the fragments in their respective HSMs.
- Fragment Retrieval: When a user needs to recover their wallet, they initiate the recovery process through their Ledger device. Two out of the three encrypted fragments are retrieved from the distributed storage providers and sent back to the device.
- Reassembly and Private Key Reconstruction: Within the Ledger Nano X hardware wallet, the two retrieved encrypted fragments are reassembled to reconstruct the original private key. This process allows the user to regain access to their cryptocurrency assets without remembering the secret phrasing.
While this can potentially enhance security and offer recovery options for lost or forgotten private keys, it also raises questions about the trustworthiness of third-party entities involved in the process and the potential vulnerabilities introduced by the distributed nature of the fragments.
Moreover, privacy concerns come to the forefront as users question the access and control third-party providers may have over the encrypted fragments of the private key, such as potential for collusion, unauthorized access, or breaches that could compromise the security of the private key.
One of those concerns was if the government was able to use the same feature to seize or freeze the funds inside the wallet upon a subpoena to 2 of 3 trust companies. “If you are a Recover user and have your shard into safeguarded by third parties, then yes, a government could subpoena them and get access to your funds,” commented Éric Larchevêque, Ledger co-founder and former CEO and chairman.
One of the additional concerns raised pertains to conflicting statements made by Ledger regarding the security of private keys stored within the Secure Element chip.
Previously, Ledger assured users that the private keys never leave the Secure Element chip and that a firmware update cannot extract them. However, a recent statement from Ledger contradicts this assurance, stating that it is technically possible to develop firmware that enables key extraction, a tweet that later got deleted by the Ledger team.
In the end, the introduction of features like Ledger Recover in the realm of cryptocurrency wallets presents a new opportunity for law enforcement investigators to enhance their efforts in prosecuting criminals involved in illicit activities.
With the ability to fragment and encrypt private keys within hardware wallets, Ledger Recover introduces an additional layer of security for users who choose to store funds in hardware wallets. However, this also means that law enforcement agencies can leverage legal means to access these funds and seize them as part of their investigations.
By collaborating with the appropriate parties and obtaining subpoenas for the trust companies involved in the recovery process, law enforcement can potentially gain access to the encrypted fragments and reconstruct the private keys necessary to seize the funds held by criminals.
This ability to disrupt illicit financial activities can significantly strengthen the prosecution of individuals involved in various criminal activities, including money laundering, fraud and illicit transactions.
Written By: Omar Marzouk
Writer, Content marketing at Blockchain Intelligence Group
